Computing at UW-MadisonDivision of Information Technology
Students Faculty/Staff Services Services A through D Services E through L Services M through R Services S through Z Help Desk Tech Store About DoIT   

Middleware

DoIT Middleware Glossary of Terms

APBS (Appointment, Payroll, and Benefit System)
A project being run by UW System to replace the current HR and Payroll systems with a more integrated system. DoIT Middleware is involved with this project through IAA, and helping to define credentialing, authentication, and authorization issues.

Auth Hub (or UW System Auth Hub)
A conceptual model by which the UW System provides an authentication mechanism that can resolve local campus credentials into system identities, such that a user can use a local campus username (like a UW Madison NetID or a UW Milwaukee PantherID) to access a systemwide application like Kronos or APBS.

CDR (Central Data Request)
The UW System’s statistical information reporting system comprised of student, curricular, and financial aid data.

Digital Certificates
Sometimes referred to as X.509 certificates (for the ITU-T standard relating to them), digital certificates are small files that can be stored in web browsers or other applications that facilitate user authentication. Digital certificates are roughly analogous to electronic ID cards.

DREXPORT
A somewhat simplified version of the UW Madison Registry that is intended to be used by applications. DREXPORT abstracts many of the complexities of the Registry proper.

FERPA (Family Educational Rights and Privacy Act)
Privacy protection for students. See the Registrar's Office web site (http://registrar.wisc.edu/ferpa/) for details.

HAN (Health Alert Network) - The precursor to PHIN
A system of communication that DoIT is developing under contract with the state Department of Health and Family Services (DHFS). Middleware is helping to define user repository, authentication, and authorization issues with the HAN.

IAA
Identification (a claim to an identity), Authentication (providing proof of the claim), and Authorization (the resultant privileges bestowed). Also a working group within UW System tasked with addressing issues related to the above points. More information can be found at the UW System IAA Site.

IAA (LDAP) Directory
A directory service that provides access to IAA Registry data via the LDAP protocol. The LDAP directory also includes a security architecture to limit data access to authorized users and applications.

IAA Registry (a.k.a. IAA “Repository”)
An Oracle database that collects data from source systems and provides a more unified view of persons of interest. The registry also applies a set of linking criteria to identify unique individuals across multiple source systems.

ISIS (Integrated Student Information System)
UW Madison student administration system, based on Peoplesoft SA and run on Oracle. More information at http://www.isis.wisc.edu. ISIS supplies student information for the Madison University Directory Service (UDS).

IADS (Integrated Appointment Data System)
Mainframe-based payroll and appointment system run by DoIT for UW System. APBS is the intended replacement for IADS. IADS currently supplies employee information for the Madison University Directory Service (UDS).

ISO Numbers
International Organization for Standardization identification numbers. Most (but not all) UW System campuses assign ISO numbers to their students, faculty, and staff following guidelines set by the initial UW System IAA Report.

LDAP
Lightweight Directory Access Protocol. A protocol for issuing queries against electronic directories and interpreting results. Roughly analogous to Structured Query Language (SQL).

LDAP White Pages
A service for looking up person, role and contact information. The Middleware group provides whitepages directories for UW Madison and UW System (the latter via the IAA Whitepages pilot).

MUM (or My UW Madison)
The web portal in use by UW Madison. DoIT Middleware manages account and person information for MUM through an LDAP directory installation. More information on MUM.

NEDSS (National Electronic Disease Surveillance System)
A Center for Disease Control sponsored disease tracking system used by PHIN.

NetID
The login name used by UW Madison students, faculty, and staff for many campus-wide applications. The NetID has also been referred to as the WiscWorld ID, after a suite of services collectively referred to as WiscWorld. More information about the netid can be found at http://www.mynetid.wisc.edu.

OpenSSH
A version of the SSH suite of network connectivity tools. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, “connection hijacking” and other network-level attacks.

PASE (Populations, Affiliations and Service Entitlements)
A secure, delegated service to maintain and provie information about populations of interest to the university, affiliations/roles that a person has, and services that members of a role are entitled to.

PHIN (Public Health Information Network)
A statewide network to alert physicians and local governments about health emergencies.

PVI (Publicly Visible Identifier)
An identifier (in the form of UW000A000) issued by the Madison Registry to identify a person and tie together the multiple roles that person may have in various source systems. The PVI is intended to be human-readable, but we do not presently see any reason that a user must know his or her PVI. This is the Madison equivalent to the SPVI.

Pubcookie
Internet2 sponsored project from the University of Washington to provide WebISO.

Registry
An Oracle database that collects data from source systems and provides a more unified view of persons of interest. The registry also applies a set of linking criteria to identify unique individuals across multiple source systems. There are two main Registry installations that Middleware operates - the UDS Registry for the Madison campus, and the IAA Registry for UW System.

SCP (Secure Copy)
A remote file copy utility. SCP only works when connecting to a machine that is running an OpenSSH-derived secure shell (SSH) service.

SFS (Shared Financials System)
An integrated financial system shared by all financial users in the UW System.

SFTP
An interactive file transfer program which performs all operations over an encrypted SSH transport. It may also use many features of OpenSSH.

Shibboleth
An Internet2 project to provide inter-domain Authorization information.

Special Authorization (SpecAuth)
An Oracle-based system to record information about UW-Madison affiliates that are not students (and thus in ISIS) or employees (and thus in IADS). Examples include hospital employees, retirees, guest lecturers, etc. SpecAuth was originally used to get photo ID's for non-student/non-employee, but is now used for a wider variety of things.

SPVI (System Publicly Visible Identifier)
An identifier (in the form of SA000A000) issued by the IAA Registry to identify a person and tie together the multiple roles that person may have in various source systems. The SPVI is intended to be human-readable, but we do not presently see any reason that a user must know his or her SPVI.

SSH (Secure Shell)
A client program executed on one machine and used to log into, or execute commands on, another (a.k.a., “slogin’).

SUUID (System Universally Unique Identifier)
A second identifier issued by the IAA Registry that is less human-readable than the SPVI, the UUID (which has also been referred to as the WWID or “worldwide ID”) for UW System has a one-to-one relationship with the SPVI, and the two numbers are cryptographically related. More information about this relationship can be found at http://middleware.doit.wisc.edu/wwid.html.

UUID (Universally Unique Identifier)
A second identifier issued by the Madison Registry that is less human-readable than the PVI, the UUID (which has also been referred to as the WWID or “worldwide ID”) for UW System has a one-to-one relationship with the PVI, and the two numbers are cryptographically related. More information about this relationship can be found at http://middleware.doit.wisc.edu/wwid.html. The UUID is the Madison equivalent of the SUUID.

WAMS (Web Access Management System)
The authentication directory hosted by the State of Wisconsin. Middleware is working to integrate HAN (the Health Alert Network) with WAMS.

WebCT (http://uwmad.courses.wisc.edu)
A learning management system run by DoIT that uses LDAP as an authentication and user repository. People authenticate to WebCT using their netid.

WebISO (Web Initial Sign-on)
System designed to allow users, with standard web browsers, to authenticate to web-based services across many web servers, using a username/password-based central authentication service.  Usually, not requiring re-authenticating for each web-based service.

WiscCal (http://euc.doit.wisc.edu/wisccal)
The central calendar service run by DoIT and offered to UW Madison students, faculty and staff. Middleware hosts the LDAP directory for WiscCal, which controls user account, grouping, and other user-management functions.

WiscMail (http://www.doit.wisc.edu/wiscmail)
The central mail system run by DoIT and offered to UW Madison students, faculty and staff. Middleware hosts the LDAP directory for WiscMail, which controls user account, mail host, address book, and other user-related functions and data.