Web 2.0 101: Understanding Web 2.0 and its Impact on Technical Communication
Understanding ADAM Version 2.0 ADAM Training Session.
-
Upload
warren-dawson -
Category
Documents
-
view
240 -
download
4
Transcript of Understanding ADAM Version 2.0 ADAM Training Session.
Understanding ADAMUnderstanding ADAM Version 2.0Version 2.0
ADAM Training SessionADAM Training Session
2.2
What is ADAM?What is ADAM?
Authority Delegation and Management (ADAM)
• MoFR web-based application• Enables granting & managing of
application access Delegation of user access
administration to select individuals Efficient authorization of End Users for
any MoFR web-based (Web-ADE) application
2.3
Authorization vs. AuthenticationAuthorization vs. Authentication
Adam does NOT manage authentication• Authentication is the process of
determining you are who you say you are Performed by authenticating source
(IDIR or BCeID)
ADAM does manage authorizations• Authorizations are the functions a user can
perform in an application For example run reports, enter data, etc.
2.4
Why Implement ADAM?Why Implement ADAM?
Before ADAM With ADAMCustodian must submit one or more web forms which generate emails to central agency.
Delegated personnel (gov or no-gov) can grant application access to users (whom have a BCeID or IDIR ID). End user access available instantly.
Users may require separate BCeIDs for each client on whose behalf they conduct business.
Multiple BCeID User IDs not required.
Difficult to determine who has access to a specific application.
Application Admin. and Authorization Grantors can easily determine who can access applications.
Technical staff responsible for granting access to applications. MoFR burdened with assoc. liabilities.
Application Admin. can delegate granting capability. Electronic Agreements can be put in place.
2.5
Linking WebADE & ADAMLinking WebADE & ADAM
WebADE is a framework Allows the implementation of authorizations for
enterprise level applications
ADAM is the interface User friendly interface to grant & manage
application authorization Distribution of authorization management to
appropriate representatives
The Web Application is responsible for implementing the Authorization (i.e. asking the right questions). ADAM is the management tool of the authorization.
2.6
Who Uses ADAM?Who Uses ADAM?
ADAM is role specific• You must have one of five “roles” to use
ADAM: ADAM Administrator Application Administrator Authorization Grantor End User Help Desk
2.9
Finding Your Role in ADAMFinding Your Role in ADAM
Key Personnel ADAM Roles
Ministry Security Architect ADAM Administrator
Data Custodians Application Administrator
Authorization Grantor
Ministry/Org Unit Application Representatives
Authorization Grantor
Client Application Representatives Authorization Grantor
Application Users End User
Ministry BCeID Consultant
Business Application Support Staff
Help Desk
2.10
TerminologyTerminology
Delegation The act of giving an appropriate representative
the ability to manage user access to applications
Authorization The ability to perform specific actions within an
application
Organization An organizational unit/company/community
group/public institution/discrete entity/etc.
2.11
Terminology (cont.)Terminology (cont.)
Profile:• Refers to one or more “Application Roles”• Typically reflects a business function, rather than
a specific application function• Profiles can be associated with an organization• Profiles can span applications
Note: This capability is available but implementation is still under consideration
2.12
Understanding the Profile/Org LinkUnderstanding the Profile/Org Link
If a profile is not secured by organization then: Application Administrators & Authorization
Grantors can NOT select an organization during delegations/authorizations
End Users have access to the application based on the profile
2.13
Understanding the Profile/Org Link (cont.)Understanding the Profile/Org Link (cont.)
If a profile is secured by organization then:• Application Administrators may:
Select a specific organization for a delegation• Auth Grantor can then authorize the profile for the
specified organization• End Users have access to the application based on
the profile and on behalf of the organization