Service Alerts (1 New)

uTexas Access Manager (TAM)

Overview

The uTexas Access Manager (TAM) project's goal is to implement a next-generation, enterprise-wide Web authentication service for UT EIDs. TAM will offer centralized access management to extend the range of Web applications and systems that are currently using the UT Direct and Fat Cookie authentication methods.

Features

TAM will improve UT EID authentication on campus by providing:

  • Reliable and consistent UT EID authentication session management services for both centralized and departmental Web applications
  • UT EID authentication for non-utexas.edu domain sites that meet the following requirements: the university must operate the sites, and the sites must have on-campus access to the university network
  • High uptime authentication with minimal dependencies on external systems
  • Improved logging of UT EID authentication activity to bolster the security of UT EID credentials
  • Flexible and powerful integration tools
  • Multi-platform support
  • Centralized resource access control

Benefits for Web Users

One goal of the TAM project is to maintain the existing user login experience. TAM will not change the current user login process. In addition, TAM will provide access to Web applications from within the UT EID single-sign-on (SSO) environment.

Benefits for Web Application Developers

Another goal of the TAM project is to reduce the technical complexity of integration for application developers. TAM will provide the following benefits for Web-based application developers:

  • Relieving developers of managing authentication sessions. After a system is protected with TAM, the authentication and re-authentication of users is completely transparent to the Web application.
  • Insulating developers from having to incorporate policy or operational changes related to UT EID authentication. Because authentication for TAM-protected services happens on the central UT EID login site, Web applications are isolated from any changes to the UT EID authentication process.
  • Protecting developers from the increased security and auditing requirements associated with maintaining and handling authentication credentials. When a system uses TAM for authentication, the server and application never see or handle UT EID passwords.
  • Positioning applications to take advantage of strong second-factor authentication options in the future without having to make major changes to the system. When one or more strong second-factor authentication options, such as one-time password tokens or certificates, become available in the TAM network, a simple configuration file change will allow applications to make use of them.

Availability

TAM is estimated to be available in early 2010. If you would like additional information about the project, contact TAM Project Manager Kara Nicholas at Kara.Nicholas@austin.utexas.edu.

Fat Cookie and TAM

ITS has set the goal of retiring Fat Cookie use within 12 to 18 months after the TAM release. During that time, ITS will continue to support Fat Cookie applications to give application owners time for conversion. To assist with the transition, the TAM project will provide simple instructions and information about application conversion and new implementation. Join the Fat Cookie user group to learn more about the transition.