Identity Management Policies

Purpose

The university requires a secure and reliable method of identifying members of its community for access to electronic data resources. This requires collecting and maintaining identifying attributes, ensuring that electronic identities match the appropriate persons, and mechanisms to authenticate and authorize use of those identities.

Applicability

This policy applies to everyone with an identity included in the university’s central identity registry, as well as individuals authorized to perform identity management (IdM) functions on behalf of the university.

Definitions

• IdM Coordinator: A UF workforce member who maintains data related to a person’s identification contained in the UF Directory for a specific unit of the UF enterprise. Individuals are delegated authority from the dean, director (or DDD) of the unit.
• Primary IdM Coordinator: A UF workforce member who serves as the primary contact for questions related to a person’s identification data for a unit. They are appointed by the dean or director of the unit.
• Registration Authority (RA): An IdM Coordinator or Primary IdM Coordinator who has had additional special training to perform the credential verification functions to certify a user to meets Identity Assurance Profiles the require in person review.

Policy Specifics

1. The university will maintain a central identity registry that will serve as a central store for identity and account information.
2. All identities within the central identity registry will be assigned a unique UFID number. UFID numbers will never be re-issued to a different identity.
3. All identities within the central user account directory will be assigned an Identity Assurance Profile as defined in the related Identity Assurance Profile Standard document.
4. Required attributes for each identity, depending on the Identity Assurance Profile, must be complete, accurate and current.
5. The university may participate in identity federation, whereby holders of UF identities can be granted access to resources hosted outside the university, and holders of Identities from federated entities can be granted access to resources hosted by the university.

Review and Adjudication

1. University of Florida students, employees and other enterprise workforce members must maintain accurate contact and demographic data in the UF central identity registry.
2. IdM Coordinators must actively maintain complete and accurate data in the central identity registry in collaboration with, and on behalf of people within their scope of authority.
3. Primary IdM Coordinators are responsible for assuring complete and accurate identity information is in place for identity credentialed personnel within their scope of authority, and according to Identity Assurance Profile standards.
4. UF IdM Coordinators serving as a Registration Authority (RA) must adhere to Identity Assurance Profile standards for the applicable level of access when provisioning credentials for UF workers.

Policy Violations

Failure to comply with this policy could result in disciplinary action for employees, up to and including termination. Volunteers may have their volunteer status terminated.

History