IAM in Service Catalog
This document describes support of student major groups in the UW groups service, including naming, data integration, data quality, lifecycle, and access control. Student major groups are intended to support effective and efficient day-to-day operations of current UW programs designed for students by providing timely, accurate groups representing their student majors. Student major groups are based on data integration between the student data base (SDB) and the groups service, such that a hierarchy of groups exists for each major area of study in SDB, identified by major abbreviation, pathway, year, and quarter, for the current quarter, next quarter (as data is available), and three previous quarters. The groups are updated nightly, Sunday through Friday.
The following table illustrates several student major groups from the hierarchy representing Art majors:
Students enrolled in the current quarter, whose major is Art during the current quarter
ART Majors, previous quarter
Students enrolled in the previous quarter, whose major is Art during the previous quarter
ART Majors, next quarter
Students enrolled in the next quarter, whose major is Art during the next quarter
ART Majors Winter 2010
Students enrolled winter quarter 2010, whose major is Art during winter quarter
ART Majors Autumn 2010
Students enrolled autumn quarter 2010, whose major is Art during autumn quarter
ART (CERAMICS) Majors
Students enrolled in the current quarter, whose major is Ceramics during the current quarter
ART (CERAMICS) Majors Winter 2010
Students enrolled winter quarter 2010, whose major is Ceramics during winter quarter
Student major groups are identified by UW Group IDs that conform to the UW Group Naming Plan. The following stem is reserved for them:
For each student major abbreviation (major_abbr), groups are identified for the current, previous, and next quarter and by specific quarters, i.e.:
For each pathway within a student major, groups are also identified for the current quarter and by specific quarters, i.e.:
Here 'nn' is the two-digit major pathway code, 'yyyy' is the 4-digit year, and 'qqq' is one of [groups:'win', 'spr', 'sum', 'aut'].
Note: Student major source data is arranged in SDB to have meaning by year and quarter, so many data users are accustomed to having and meeting business needs based on year and quarter. The groups service follows suit with the groups identified by year and quarter, with current, previous, and next quarters identified in such a way that the memberships change between each quarter.
Note: In the future, there may be a need to identify student majors by other attributes such as branch, degree level, degree type, or class standing. The naming plan above allows for this possibility, and presumably these attributes would be inserted into the group identifiers between the pathway and year components.
The following table summarizes the most relevant aspects of data integration between the SDB and the groups service, related to identifiers, display names, descriptions, memberships, contacts, and access controls.
Data Integration Notes
Group IDs for student major groups include major_abbr and major_pathway from SDB.
Group Display Name
Student major groups include major abbreviation, year, and quarter in the group display name, e.g.:
Student major group descriptions not only describe the groups but also communicate appropriate use guidelines:
Group Membership List
Student major group memberships are reconciled nightly, Sunday through Friday, to accurately represent current operational data rather than historical data. Members are identified by UW NetID in the groups identified by pathway, year, and quarter. These groups are nested within the other groups to avoid duplicating the same source memberships in multiple locations.
Note: Students without a UW NetID are not included in the membership lists.
Group Access Controls
Student major groups have a membership viewer control that enforces the defined access control policy (see below). Only members of the uw_employee group and u_groups_major_read-access group are authorized to view these memberships.
Group Contact Person
Student major groups have no owner specified.
Student major groups cannot be enabled for use in UW Exchange. This business rule is in place to ensure the privacy restriction on the group memberships, which the current design of the UW Exchange service cannot enforce by itself.
This section summarizes the data quality standards for student major groups represented in the groups service.
Data Validation Rules: Validation rules are applied only to ensure that student major data conforms to the constraints of the groups data model. Therefore, the accuracy of student major groups, including names and memberships, is primarily determined by the quality and validity of the source data provisioned from SDB.
Timeliness of Updates: Under normal operating conditions, once student major data is updated in SDB, updates will propagate to the groups service every Sunday night through Friday night.
Defined Error Rates: Overall, the groups service relies on SDB, as the system of record, to define the frequency of errors in student major data. However, some discrepancies are expected between SDB and student major groups for previous quarters, since not all updates to previous quarter data are propagated to the groups service. The groups service maintains previous quarter data based on the last time it was included in the source data feed.
Integrity Monitoring: The integrity of student major data is ensured during secure transport between SDB and the groups service. Physical, system, and administrative controls are used on the groups service to maintain integrity.
Reliability: Student major groups are provisioned from SDB using a process monitored to ensure reliability and availability of the groups. When abnormalities such as potentially corrupt or incomplete data feeds are detected during the provisioning process, updates are not applied until the abnormalities are reviewed. The reliability of student major groups, once provisioned, is that of the groups service itself: 24 hours a day, 7 days a week, with rare exceptions.
The following lifecycle policy provides advanced notification of student major group availability to help customers make informed information technology decisions, anticipate deprovisioning, identify other business needs, and provide feedback.
Lifecycle Policy: The lifecycle policy for student major groups retains group data for three quarters. That is, at any given point in time, the groups service will include student major groups for the current quarter and three previous quarters, plus any future quarters (when available). Student major groups that are four or more quarters old will be deleted.
The method for determining the current quarter is to transition from one quarter to the next on the Thursday before the first day of each new quarter, with no transition between summer A and B terms. This schedule also determines when the older groups will be deleted.
The Registrar classifies student major group data as FERPA protected. This restricted classification forms the basis of the following access control policy and appropriate use guidelines. It is also the basis of the required membership viewer control and group description text (both above).
Access Control Policy: Having considered the privacy, security, and compliance concerns and acknowledging the business needs and widespread operational efficiencies enabled via student major groups, the Registrar has established an access control policy that grants permission to view student major group memberships to all UW employees (i.e. current faculty, staff, and student employees) as well as processes acting on behalf of UW employees. Non-employee access (including students, affiliates, and other third parties) may be authorized by the Office of the Registrar on a case-by-case basis, based on establishing a business need and/or an appropriate data sharing agreement.
Appropriate Use Guidelines: Use of student major groups is subject to the following appropriate use guidelines. Permission to view student major group memberships is granted on the condition that authorized clients use the memberships for appropriate business purposes in support of programs designed for students. Authorized clients are responsible for enforcing the defined access control policy (above) and may not share student major group memberships with non-employees without first obtaining authorization to do so. Copying and posting the membership of a student major group in a public location, or sending the membership via email, is unadvised and may violate the access control policy. Student major groups may be used in limited ways to contact students in support of programs designed for students. All users are expected to know and follow the rules related to ethical and appropriate use of UW computing and networking resources. These rules include guidelines on email use that apply to the use of student major groups with email.