Search | Directories | Reference Tools
UW Home > UWIN > Computing and Networking 

Identity and Access Management Services

UW Technology provides IT infrastructure and services that systems and applications can use to perform key tasks such as authentication, authorization, and information retrieval. By integrating and relying on these identity and access management services, systems and applications can be made more secure, robust, manageable, and policy-compliant. The information here may interest application developers, system integrators, and system administrators. Note that not all services are appropriate for, or available to, all systems.

Current Identity and Accces Management Services

Service Description
ASTRA ASTRA provides Web-based management of authority for UW administrative applications. ASTRA removes systems administrators and operations teams from the business of implementing authorization requests. Instead, using ASTRA, the appropriate decision makers within the University community can easily distribute authority to the appropriate people.
Certificate Authority A digital certificate is a digital document, "signed" by a trusted third party, that establishes a connection between an entity and its public key. Certificates allow central Web servers to establish secure communications with other servers and services.
Enterprise Directory Services The UW Enterprise Directory Services (EDS) provide read-only access to key university data about a variety of objects. The primary data set is about people, provided by the Person Registry. Using the EDS provides high-availability access to a consistent source of well-managed data.
Groups The UW Groups service provides infrastructure for defining, maintaining, and using group data.
Kerberos UW's central UW NetID authentication service uses Kerberos technology. Kerberos authentication can be used by campus applications and clients.
Person Registry The Person Registry is a service for UW application developers to retrieve information about a person's UW affiliations, gathered and reconciled from multiple sources.
Pubcookie and Weblogin The UW NetID "weblogin" service uses the Pubcookie software to provide single sign-on authentication, based on UW NetID user names, to Web servers across the UW network.
SecurID SecurID is a high-assurance authentication system based on physical devices (tokens) carried by users, and a verification service for user-entered data from the devices. Because SecurID one-time passwords are never reused, it can provide additional security (vs regular UW NetID) for applications that need it.
Shibboleth The Shibboleth® system provides web authentication services based on industry standards for federated single sign-on. The UW Shibboleth Identity Provider (IdP) is complementary to the UW NetID "weblogin" service based on Pubcookie.
UW NetID The UW NetID is the standard identifier used to identify users to centrally-supported UW applications and to systems all across campus. Over 200,000 people, with a wide range of UW affiliations, have and use UW NetIDs.
UW Windows Infrastructure UW Technology provides a central Windows domain containing all UW NetIDs.
UW Forest UW Technology provides a shared Windows forest which is being phased out. Additional information about Windows services is provided here.

For general information about identity and access management services contact help@u.washington.edu.