Google summer of code 2017

Nowadays companies are moving their infrastructure to the clouds. Instead of using public cloud, why not to create your own exactly according to your needs. OpenStack is one of the options there for you.

By deploying identity management system (midPoint) in different companies we learnt the needs are not limited just to account, groups provisioning, but are including provisioning of projects, services, infrastructure and so on.

In this topic we will focus to explore identity management for virtualized infrastructures and to create a integration component between these two worlds.

Knowledge: Optional basic Experience with Java development. Basic understanding of virtualization is beneficial.

Skill level: Novice to medium.

Mentor: Katarina Valalikova

Utilize data managed by Identity management system and keep all company contacts in mobile devices in sync seamlessly.

Provide white pages functionality like exploring and searching organizational structures or project teams looking for a person to contact by name, position or by responsibility.

Is there anyone out-of-office, on holiday or simply not reachable? …​ then offer a deputy. Call the right person by one tap.

Knowledge: Optional basic Experience with Android or iOS development. A good imagination and a keen interest in innovative responsive design.

Skill level: Novice to medium.

Mentor: Radovan Semancik

The OAuth-based protocols (OpenID Connect, UMA) are a good choice for cloud access management. But they almost completely lack the identity management features. There is no way how to synchronize identities, how to deprovision or pre-provisioning accounts, no mechanisms that would support reasonable local cache coherency, etc. The goal is to extend the OAuth2 protocol with an identity management functionality and implement a prototype. The ideal environment for the prototype would be a ConnId connector in midPoint.

Knowledge: Basic Knowledge about authentication. Optional OAuth2 experience. Willing to study and design. Basic knowledge of Java.

Skill level: Medium.

Mentor: Radovan Semancik

With the rise of Cloud applications and services the organizational security perimeter has gone. Companies are in need to manage accounts in external systems to increase security, manage privacy and keep expenses under control.

To enable connecting cloud services we have to develop various identity connectors. Choose most usable cloud applications out there and develop these connectors against their public APIs, mostly REST interfaces.

Knowledge: Basic knowledge of Java and REST.

Skill level: Novice to medium.

Mentor: Pavol Mederly

Design and create an interactive system that can be used for efficient customization and development of Identity Management solution. The system should be based on Integrated Development Environment (IDE) principles and in fact could be implemented as a set of plug-ins for existing IDEs (such as Eclipse). The system should efficiently support the tasks frequently done during IdM solution design, customization, testing and deployment.

Knowledge: Experience with Java development, IDE (Eclipse, …​) and IDE plugin development.Eager to design and implement new IDE perspectives.

Skill level: Hard.

Mentor: Pavol Mederly

Design and create a subsystem that will visualize configuration of Identity Management (IdM) system. The IdM systems deal with synchronization of data among many sources and targets. Create a subsystem that can visualize the data path and transformations along the paths. Such subsystem should be aimed at system administrators that review and update the configuration therefore it should be able to (at least partially) modify the configuration or at least point to the IdM native configuration tools. The secondary goal is to support diagnostics therefore it should also contain some debugging and data visualization tools. The suggested form of solution is interactive Web application or an IDE plugin.

Knowledge: Experience with (Web) User interface development. Preferably JavaScript and optionally Wicket. Alternative is experience with Java and IDE plugin development. A good imagination and a keen interest in innovative responsive design.

Skill level: Medium to hard.

Mentor: Pavol Mederly

The mission would be to mine and extract user profiles, propose new roles or redefine existing ones based on the users similarities.

Knowledge: Preferably basic experience with Java development, algorithmic and theoretical thinking.

Skill level: Medium to hard.

Mentor: Pavol Mederly

There are basic identity management connectors for Linux. However there is huge space for improvements. Improve scalability, support for paging, implement identity agent, interconnect with an admin console.

Knowledge: Basic experience with Linux, shell scripting and Java development.

Skill level: Medium to hard.

Mentor: Radovan Semancik

Develop generic UI forms generator for configuration objects (system configuration, password policy, …​), introduce new wizards for managed objects (role, organizational structure). Experiment with user experience and usability. Tune the look and feel.

Knowledge: Experience with web user interface development, preferably Wicket. A keen interest in innovative responsive design.

Skill level: Medium to hard.

Mentor: Radovan Semancik

Self-service mobile or web application to change or reset passwords. Optionally leverage two factor authentication mechanism. Implement features to ask for new accesses, roles. Experiment to flavor a shopping cart pattern.

Knowledge: Either basic Experience with Android or iOS development or experience with web development, preferably Wicket. A good imagination and a keen interest in innovative responsive design.

Skill level: Novice to medium.

Mentor: Radovan Semancik

Enable the new potential for Internet scalability in identity management space. Experiment with NoSQL and implement identity management NoSQL repository.

Knowledge: At least theoretical knowledge about NoSQL databases.

Skill level: Medium.

Mentor: Radovan Semancik

Command line tool to import/export configuration, transformation between configuration formats (YAML, JSON, XML), keystore management, password management, CRUD operations for managed objects and other various midPoint administration functionality.

Knowledge: Optional Python and/or Cliff.

Skill level: Novice.

Mentor: Pavol Mederly

Improve ACE editor with auto-completion. Develop generic extension applicable in different context - midPoint Groovy scripting auto-completion, XML auto-complete.

Knowledge: Knowledge of JavaScript, optional experience with ACE editor. A keen interest in innovative responsive design.

Skill level: Novice to medium.

Mentor: Pavol Mederly

Identity management provides managing users information in various systems, their access rights and accounts. These information are usually stored in various heterogeneous databases or identity stores. Analyzing and maintaining these data is complicated because of data incompleteness and inconsistency.

The goal would be to choose and implement a method for data correlation in heterogeneous systems. As a guidance one can embrace findings from our master thesis Intelligent identity information processing.

Knowledge: Experience with Java development and algorithmic and theoretical thinking.

Skill level: Medium to hard.

Mentor: Radovan Semancik