CA SiteMinder

SiteMinder is the new Web Access Management system used by the University of Illinois System, which will replace both Enterprise Authentication System (EAS) and Bluestem authentication. This system provides the following Identity and Access Management functions:

  • Authentication (AuthN): Authentication or logon is the process by which users are challenged to prove their credentials to the system or application they are trying to access.This process can be as simple as providing a user ID and password, or by using multi-factor authentication such as using certificates as well as user ID and password
  • Authorization (AuthZ): Authorization is the process of ensuring that authenticated users have the right privileges (the minimum amount of access required to carry out their assigned duties) to access University resources. SiteMinder may leverage the following methods for authorization: LDAP/AD groups, different user stores and user attributes (data about users).
  • Single Sign-On (SSO): SSO is the process by which users are challenged to authenticate once and access multiple applications and systems without being challenged again during the same session.
  • Multi-factor Authentication: This process is the combination of more than one type of authentication. This type of authentication may include some thing you know combined with something you have. For instance, the something you know is your user id/password and the something you have is a certificate or a code stored on your device. Although this feature is available in SiteMinder, it will not be used until later stages of the IAM project.
  • Federation: In the simplest terms, federation is the ability to leverage users credentials from other institutions to access resources protected by SiteMinder and/or leverage University of Illinois credentials to access external resources. Currently the University of Illinois uses Shibboleth for federation, which will be integrated with SiteMinder authentication.

See the CA SiteMinder Overview document for more detailed information about SiteMinder features and capabilities.

SiteMinder Requests