Sunday, December 09, 2007

Go Ask EDNA...

flannery-oconner.jpgI often talk about how companies like Apple and Google are redefining the scale of technology over the Internet, but that doesn’t mean there isn’t a lot of technology innovation going on in universities. Over the last 13 years, ASU has been developing a system called EDNA. EDNA (Enterprise Dynamic Network Authorization) is basically an authorization service. She’s kind of like your mom - you ask her if you’re allowed to do something, and she’ll say yes or no. You might ask EDNA to let you use a specific application or log onto a computer system, for example.

Remember when you asked your mom for dessert, and she asked you if you’d eaten your dinner first? Well before EDNA decides if you can or cannot access something, she will ask herself a series of questions about who you are to determine what level of access she thinks you should have. The great thing about EDNA is that she asks these questions dynamically against enterprise databases, so she’s always current and knows exactly what’s going on. For instance, if an employee leaves the University and is no longer affiliated with ASU, EDNA will clean up after him or her and will automatically revoke his or her access to ASU systems or applications.

Other cool things about EDNA are that she’s secure; she’s mostly automated; she centralizes authorization policies but decentralizes administration; she’s business-rule driven so you can capture the reasons authorizations are granted; and she centralizes audit so you always know who’s asking for authorization, why authorization was or was not granted, and when the request was made.

Crafted by ASU's own Derwin Skipp, Joe McDonald and Jack Hsu, EDNA is a real example of innovative software development. We're in the process of working with ASU to move EDNA into the OpenSource domain. Interested? Just let Derwin know.