Dr John Kan Chief Information Officer of A*STAR (Agency for Science Technology and Research)

Federated Identity Management (FIM) System (More Services, Less Passwords).

CXO THOUGHTS
CIO1-e1556279917593 Federated Identity Management (FIM) System (More Services, Less Passwords).
Dr. John Kan, Chief Information Officer, A*STAR (Agency for Science Technology and Research)

FIM is an ITSS shared services developed software tool that allows automated web-based authentication and authorisation of Institute of Higher Learning (IHL) end-users in Singapore (e.g. Staff, researchers, students) and access e-Resources offered by the National Super Computing Centre (NSCC), without the need to change existing usernames or passwords of their home IHLs.

Traditionally, user registration and account creation required the users to key in their information, then let an administrator verify the validity of the information and create the user accounts manually before passing the sensitive password information, etc. to the user himself/herself. This process usually takes more than 3 working days. The new user portal simplifies the manual user account creation process and transforms it into a fully self-service process. This significantly reduces the duration needed for account creation and leads to an error-free account creation process instead. Users are also less likely to experience potential bottleneck situations from manually-performed administrative processes and procedures, which require considerably more time to complete. This user portal allows the users from member organisations to self-service their needs with the access to NSCC Supercomputers.

From this new User Portal, researchers, faculty staff and students from stakeholder organisations of NSCC can self-register their accounts anytime and anywhere [Web Single Sign-On (WebSSO)], immediately, using their existing Usernames and Passwords of their host organisations (instead of waiting for the normal turnaround time of 2 to 3 days). The new User Portal also helps to periodically verify the user’s access rights of staff (e.g.password changes in every 3 months), due to in-built FIM security features.

Some applications have been developed with this system, such as NSCC User Portal, Virtual Cloud Computing Platform (VCCP), etc.  With VCCP and mirroring scientific database of public domains, researchers can request for instant Virtual machines to experiment their ideas with the datasets, without waiting for huge amount of data to transfer to their desktop.

Eventually, the proposed solution has been adopted by NSCC as it has proved to be a working system due to its ability to connect well and integrate seamlessly to the existing systems, as compared to the other commercial products available in the market. The developed identity management system removes the risk of user keying in errors, as the user is automatically authenticated against his/her home organisation. The system not only allows a single organisations’ members to sign onto the NSCC facilities but also supports the users to access various services across various organisations in Singapore.

Without the FIM system, it would be extremely tedious to register thousands of user accounts from various organisations. Thus, FIM improves staff productivity and also saves time and money. On top of that, this provides an option to add more organisations into the system in future.  The FIM system also provides faster access to global scientific databases and libraries. This also provides a facility called ‘File Sender’, a secure collaboration ‘Dropbox’ for sending/ receiving big files to /from scientists all over Singapore and the World.

This FIM access system and the related applications accessibility with NSCC and IHLs increases the staff productivity by shortening the lead time for users to access various services. It also reduces IT administrators’ efforts in managing and maintaining additional sets of account information.