Charge (PDF)

• Design, implement, and deploy a campus person registry. This includes:
  • Working with campus constituencies to define the community to be included in the campus person registry.
  • Identifying the registry elements and an architectural schema.
  • Identifying the sources of registry information and working with system owners to integrate existing identity management with person registry information.
  • Working with system owners to develop plans to adopt and integrate the person registry as the unique person identification for each system.
  • Designing, implementing, and developing processes to ensure that registry entries are unique and unambiguous, and can be managed to ensure their integrity over time.
  
  
• Design, implement, and deploy a campus enterprise directory. This effort must consider the broad needs of the campus business and academic systems and the support of other directories used by campus systems. This includes:
  • Working with campus constituencies to define the attributes and schema of the directory services necessary to support campus computing systems.
  • Implementing the protocols that permit the use of the directory by campus systems. Campus directory services must utilize standard protocols that ensure the broadest possible integration of campus business and academic applications.
  • Working with campus system functional owners to adapt their systems to use the protocols to read and write directory attributes to the extent permitted by the campus security architecture.

• Randy Moory, Office of Information & Educational Technology
• Sandra Stewart, IET-Information Resources

• Administrative Computing Systsems Policy (P&P 200-45)
• UC Davis New Business Architecture

• Working with campus units through the Technology Infrastructure Forum, identify the requirements for a campuswide directory. This identification should address the level of content detail required for the directory and estimate the number of directory entries.
• Evaluate the processes established for loading entries into the Ebira database to determine the effort necessary to transfer these processes to an enterprise directory.
• Examine the opportunities for integrating the Kerberos authentication processes with the enterprise directory.
• Investigate and evaluate the integration of authorization processes into the enterprise directory sufficient to support campus business and academic initiatives.
• Examine the opportunities to use commercial and non-commercial, directory server software to establish the enterprise directory for the campus.
• Establish and test the directory architecture to determine its capability to support campus IT functions.

• Deborah Lorraine, Data Center, IET
• Randy Moory, Office of Information & Educational Technology
• Dan Watson, Data Center, IET

• Enterprise Directory Resources
• White Page Attributes for UC Davis (draft)

Charge

• Investigate and report on the performance and scalability of the physical architecture to ensure high performance. Consider various implementation options of hardware redundancy, switched load balancing, and load generation testing. Review all components of the logical layer of the portal to determine if there are any performance issues stemming from file system or database access, data volume, ColdFusion, or JavaScript interpretation, etc.
• Investigate and report on server reliability. Consider options for database redundancy and distributed physical location of web and database servers.
• Investigate and report on server scalability. Today we average between 4 and 5 thousand accesses to MyUCDavis per day. As the campus community adopts this important tool, we can expect access to increase dramatically. What will it take to be prepared for a 5-fold increase in usage? Where are the bottlenecks likely to be and how would we deal with them?
• Investigate and report on the option to relocate the course management application, including MySpace, to a separate centrally supported server. Consider how off-loading this module will impact the performance and service reliability of the portal architecture.
• Investigate and report on the performance of the portal when accessed via various network configurations, including low-speed modems and wireless access. Determine design issues that must be taken into account to meet the performance needs for remote access.
• Investigate and report on design and interface alternatives for supporting portal application interactions. As applications are developed for the portal, the need for applications to interact with each other will increase.

• Brian Alexander (chair), Information and Educational Technology
• Joyce Johnstone, Information and Educational Technology
• Ken Jones, Department of Computer Science
• Jeremy Smith, Language Learning Center
• Elizabeth St. Goar, Information and Educational Technology

• Portal Performance and Reliability Final Report (PDF)

• Establish a realistic service implementation project plan, including proof of concept, development, testing requirements, through implementation and rollout for the provision of service, building on the work of the Windows 2000 Advanced Technology Project and the Windows 2000 Project Team Recommendations;
• Provide implementation, installation, configuration, and fully functional thin root Active Directory service;
• Establish users group, with representation from administrative and academic departments, to facilitate interactions with and support for campus clients and to provide IET with recommendation on the enterprise's best interests regarding policies, guidelines, security issues, on going hardware and software support.

• Patrick Kelly, Information Resources, IET
• Martha Cornejo, Information Resources, IET
• Eric Myrehn, Information Resources, IET
• Grace Xu, Information Resources, IET
• Josh Van Horn, Information Resources, IET
• Doreen Meyer, Information Resources, IET

• Beau Patrette, Information Resources
• Desktop Enterprise Solutions (DES), Information Resources
• Tom Arons, Information Resources
• External Microsoft support if required
• UC Davis Windows 2000 Web site
• Campus Technical Leads Web page

Team members

• Dave Klem, Communications Resources, IET
• Bradford Luten, Graduate School of Management
• Robert Ono, Chair, Campus IT Security Coordinator
• Randy Moory, IET-Vice Provost's Office
• Zack O'Donnell, Communications Resources

• Wireless Policy Report (PDF)

Charge

• Investigate and report on workflow infrastructure efforts, underway or planned at the Office of the President, through higher education initiatives, and at other campuses (e.g., Indiana University and UC Irvine).
• Investigate and report on workflow infrastructure products.
• Identify and report on university and industry best practices that can inform the possible deployment of a workflow infrastructure for campus enterprise portal applications.
• Assess and report on the technical requirements for the successful integration of a workflow infrastructure into the UC Davis enterprise portal environment.
• Provide an inventory of UC Davis business processes that could benefit from the existence of a workflow infrastructure.

• Patrick Kelly (chair), Information and Educational Technology
• Karen Rendig, Student Affairs
• Patty Strauss, Office of Administration
• Richard Warg, Information and Educational Technology
• Gary Yamamoto, University Relations

• Workflow Infrastructure Final Report (PDF)

Status: Completed (12/10/02). The project team has published its Common Authentication Report (PDF). The report is now final.

Charge

• Identify a long-term campus authentication requirements.
• Review existing authentication services in respect to strategic requirements.
• Identify alternative methods to address strategic authentication requirements.
• Review the advantages and disadvantages of alternative authentication systems, in respect to factors including, but not limited to, functionality, scalability, resiliency, security, and manageability.
• Provide long-range authentication service recommendations.
• Assess current and future technology trends in video services.

• Tom Arons, Information and Educational Technology
• Matt Bishop, Computer Science Department
• Bill Grabert, Accounting and Financial Services
• David Johnston, Office of the Registrar
• Bob Ono, Information and Educational Technology
• Don Stitt, UC Davis Medical Center

• Identify UC credit/debit card vendor program security requirements for card-not-present transactions
• Identify industry reasonable practices for secure processing of card-not-present transactions
• Recommend UC Davis network/application architecture and standards for secure processing of card-not-present transactions, including, but not limited to:
  • Logical, or system related, security controls
  • Physical data security controls
  • Merchant and accounting office procedures
• Prepare a report of the team's findings including revisions to Credit and Debit Card Program, PPM 330-41

• Tom Arons, Information and Educational Technology
• Jeff Barrett, Office of Administration
• Eileen Gaffney, Accounting and Financial Services
• Peggy Hoos, Cashier's Office
• Bob Ono, Electronic Information Resource Security Coordinator (Team Leader)
• Sandra Stewart, Information and Educational Technology
• Tony Firpo, Internal Audit Services

• Draft PPM 330-41, Credit and Debit Card Program
• Business and Finance Bulletin BUS-49
• PPM 340-20, Billing Procedures of Service Activities
• VISA Cardholder Information Security Program
• Horiuchi report

• Larry Johnson, DaFIS
• Loren Bennett, TAPS
• Rick Hill, Bookstore

• Identify the role and functions of the components of enterprise network security architecture, including network firewalls.
• Review the application of network firewalls within departmental networks and within the broader campus VLAN architecture.
• Identify the factors that impact the deployment of firewalls, such as bandwidth performance, security, reliability, management, availability, administration and cost.
• Recommend policies for use, acquisition, support and maintenance of network firewalls within department networks and within the broader campus VLAN architecture.

• John Brittnacher, Epidemiology & Preventive Medicine
• Michael Timineri, Information Resources
• Kevin Mayeshiro, Communications Resources, Co-Chair
• Bob Ono, Information and Educational Technology, Co-Chair
• Adam Getchell, Human Resources
• Minh Nguyen, College of Letters and Science

• Guidelines for Use of Firewalls in the University of California, May, 1999
• Tom Arons, Information Resources
• Dave Zavatson, Information Resources

Status:
The Intrusion Detection Advanced Technology Project Team is circulating its draft report for review and input. Contact IT Security Coordinator Bob Ono if you have any questions or comments.

• Identify the role and functions of the computing and network intrusion detection and prevention within an enterprise security architecture.
• Review alternatives for developing and implementing computing and network intrusion detection and prevention capability.
• Identify the factors that impact the development, implementation, and support of computing and network intrusion detection and prevention measures.
• Recommend campus policies for use, acquisition, support and maintenance of intrusion detection and prevention measures.

• Robert Ono, Office of the Vice Provost, Information and Educational Technology, Chairperson
• Tom Arons, Information and Educational Technology
• Gary Jellis, Network Services, UCDMC
• Dax Prather, Division of Biological Sciences and Technology Infrastructure Forum Member
• Travis Schick, Information and Educational Technology

• Intrusion Detection Final Report (9/27/02) (PDF)

• Develop a plan for Kerberos-based authentication for public access ports including wireless access to the campus network.
• Draw on the expertise of the campus technical community (including the Technology Infrastructure Forum members and the Campus Technical Lead Committee) and consult widely with other institutions, IET staff, and UC Davis campus constituents.
• Work very closely with the Advanced Technology Project Coordinator, reporting regularly on your progress and activities.

• Tom Arons, Information Resources, IET
• Rodger Hess, Communications Resources, IET

Communications Resources, Information Resources and the campus IT Security Coordinator are presently developing operational procedures in support of the incident response framework.

Charge

• Produce a campuswide program structure for computer security incident response.
• Develop the process and security standards for the investigation, control and prevention of unauthorized disruption of the availability, integrity, or confidentiality of campus computer systems, networks, and/or data. The resulting standards will also address security events where external computer system owners allege harm from campus computing systems and networks. The proposed incident response approach will reflect consideration for issues relating to federal and state laws, UC and UC Davis policy, employee and labor relations, risk management, internal audit, public communication, law enforcement, and student affairs.
• Scope: This project will address campus computer systems and networks physically located within the central campus, laboratories, extension centers, research, and field stations. The project will not develop operational procedures.

• Tom Arons, Information Resources, IET
• Doreen Meyer, Information Resources, IET
• Robert Ono, Information Technology Security Coordinator

• UC Davis Security Web site
• UC Davis Emergency Network Security Policy
• Business Finance Bulleting IS-3

Charge

• Investigate efforts, underway or planned, at other UC campuses, at the Office of the President, and through the Internet2 Initiative (e.g., VidMid, the video working group exploring how to further the development of middleware for digital video and related areas).
• Identify university and industry best practices that can inform the possible deployment of videoconferencing over IP on our campus.
• Assess the software and hardware (centralized and desktop) requirements for provisioning this service.
• Assess any network infrastructure issues and requirements that would need to be addressed (e.g., scalability, reliability, quality of service, etc.).
• Identify the costs involved.
• Develop recommendations to guide the implementation of this technology at UC Davis.

• Janette Dickens, IET-Information Resources
• Wayne Haley (Chair), IET-Communications Resources
• Jana Katz-Bell, UC Davis Medical Center
• Ravi Nemana, UC Davis Medical Center
• Raymond Tai, School of Veterinary Medicine
• Paul VerWey, IET-Mediaworks

Focus
Video services in instruction and research.

Charge

• Develop an inventory of the current state of the UC Davis video distribution infrastructure via IET and other organizations, such as DANR, etc.
• Develop an inventory of the current video services available at UC Davis.
• Assess the future need for video services and the corresponding infrastructure requirements.
• Assess current and future technology trends in video services.

• Tom Aiello, IET-Information Resources
• Alex Antipa, IET-Information Resources
• Todd Chapman, IET-Communications Resources
• Janette Dickens, IET-Information Resources
• Dave Klem, IET-Communications Resources
• Paul VerWey (Chair), IET-Mediaworks

• Video Services Distribution Final Report (8/30/02) (PDF)