Identity Management Services provide these capabilities:

• Authentication - Quickly verify user identities (Who you are).
• Authorization - Control users access (What you can access).
• Administration - Manage users and the policies for controlling user's access privileges.

Identity Management Services include:

• Person Registry - New University identity system being implemented for creation and maintenance of users' electronic identities at the university and the resources they are permitted to access.
• Single Sign-On (CAS) - A centeral authentication service (CAS) that enables a user to be prompted to log-in only once to access multiple web applications that are integrated with CAS.
• Enterprise Directory Service (LDAP) - University repository of users and attributes for use in authentication and providing directory information. Lightweight Directory Access Protocol (LDAP) is the application protocol for querying and modifying the directory services.
• Password Repository (Kerberos) - University's main password store. When a user attempts to log into a system, their password is validated against what is stored in the Kerberos password repository.
• Authentication Token (SafeWord) - A physical device (i.e. hardware token) provided to users for use is authenticating to some University systems. This SafeWord devise (key fob) provides one-time dynamic passwords for system log in's.

Related OIT Services:

• User Identifier (NetID) - A single University wide identifier that most online services ask a user to entered along with password during log in.
• Cross Institution Single Sign-on (Shibboleth) - A solution that enables University users to sign-in to non-Rutgers applications using their NetID.