Identity and Access Management

Identity and Access Management (IAM) facilitates timely, accurate, and secure access to electronic services for all members of the university community. IAM improves the information technology environment in a variety of ways, including:

  • Reduced number of login procedures (single sign-on system);
  • More customized and personalized services;
  • Easier remote access to electronic services;
  • Faster enabling and disabling of online services as user privileges change; and
  • Enhanced collaboration with other universities, government agencies and other organizations.

IAM at USC is a collaborative effort involving business and technology leaders from throughout the institution. A broadly-composed steering committee provides overall direction to the program, with particular emphasis on making IAM services available to end-user applications. Other committees focus on data quality and integrity, integration among key administrative systems, and the service needs of various populations, such as guest and affiliate users. See USC’s IAM Governance page for more information on the IAM committee structure.

Supporting Departmental Applications – The AAR Process

One of the most useful services enabled by IAM is a single sign-on system for web authentication and authorization that can be used by departmental web-based applications. This service allows departments to limit access to web-based applications to specified groups of people (e.g., all undergraduate students, or faculty in a particular school) without setting up and managing a separate username and password management system for each application at USC.

USC uses the Shibboleth system for web single sign-on. Departments wishing to use Shibboleth (or LDAP) for their applications must complete the Attribute Access Request(AAR) process. See the Attribute Access Request Process page for details.

Services for Guests and Affiliates – iVIP

Access to USC online services and privileges for those who are not active USC students, faculty or staff members is managed through the iVIP program. See the iVIP section for more information.