What is IDAC?
IDAC is the system for managing identities, access and credentials at KI.
What do you mean by "identity" and "credentials"?
Identity: The identity is an electronical counterpart for you as a person. It is connected to a physical verification that you are you, e.g. your Social Security Number or the number of your passport. This electronic identity goes by the name of KI ID.
Credentials: Your credentials work as a key in order to access information in KI's different software. Which information you're able to access with your "key" is based on your role or which organisation you belong to.
How IDAC works
Information is not stored in IDAC, but collected from source systems. Crendentials, position, grounds for affiliation and adress are not edited in IDAC, but in the source systems (Primula for employees, Ladok for students, UBW Anknutna for affiliates).
IDAC will be able to manage five different types of users.
- Employee: The person must have a current employment contract with KI.
- Affiliate: The person must have a current affiliation agreement. An affiliate can be an individual or a person who is part of an organisation (company).
- Doctoral student: The person must have been admitted to, and be active in, third-cycle study courses and programmes with KI as a higher education institution. The doctoral student must have a special connection with KI. This entails: an individual study plan for third-cycle studies; research work within KI; and, the doctoral student being either an employee or an affiliate. There is thus a distinction between a doctoral student and other people, employees or affiliates who also study.
- Student: The person must have been admitted to, and be active in, first or second-cycle study courses and programmes with KI as a higher education institution.
- External/support: To fall within the external/support user type, the person must be part of an organisation (company) that has a current agreement/contract recognised by KI.
How were the definitions and terms developed?
Our development of new terms and definitions is based on five guiding principles.
- Security: Security consciousness (as regards both information security and connecting the right person to a KI ID) is our basic premise and has to permeate all our work. Supplementing as an afterthought must not occur.
- Traceability: Decisions and changes must be documented in IDAC.
- Easy to get it right: The standard process follows the current regulations. Deviating from these would require conscious decisions that would also have to be documented.
- Information quality: Information in the system must be correct. This is ensured by the information being saved in only one place (in a so-called “source system”).
- Operational benefit: Further development of, and changes in, the system must always be based on an operational need.