Monarch-Key: ODU's Homegrown System is the Key to the ODU Network
May 23, 2013
It's Monday morning - Old Dominion faculty, staff and students snuggle up to their computers to get some work done. They may log in to LeoOnline to submit their timesheet or Blackboard to complete homework or grade student papers. In any case, from that point forward, there is magic happening in the background as they traverse ODU's networked services without being required to enter login credentials again.
OK, maybe it's not magic per se - but it's not far from it. Information Technology Services (ITS), formerly the Office of Computing and Communications Services (OCCS), recently completed a project that was years in the making. The "Single Sign-On Project" integrated ODU's academic and administrative systems into a single authentication mechanism that was developed in-house and crowned the Monarch-Key Web Login.
So what does that mean for users? Imagine if your house keys, car keys and office key morphed into one master key overnight. It would make life a tad bit easier, wouldn't it? This is the same principle behind Monarch-Key. With Monarch-Key, users only need to maintain a single user ID and password to access the most widely used Web-based IT services across campus.
The first phase of the project was implemented in August 2012; it introduced single sign-on, and thus Monarch-Key was born, ridding the requirement for users to log in to each ODU Web resource individually.
Some of the magic in Monarch-Key is provided by MIDAS, ODU's Identity Management (IDM) system that was developed by ITS. You can think of MIDAS as the gasoline that fuels the Monarch-Key engine. MIDAS was developed in 2003 as a simple account management tool, under the code name "Purple Blob."
MIDAS is certainly all grown up now. "It is amazing to see how far we have come since we designed the 'Purple Blob' - from synchronizing passwords for a few systems, to a full-featured IDM platform that is now in the driving seat for the new Monarch-Key system," said David Kozoyed, ITS director of business intelligence and data services and one of the original designers of the "Purple Blob."
ODU is reaping many benefits from this sophisticated in-house development, particularly from a cost savings perspective. Industry reports estimate that an IDM system comparable to ODU's MIDAS and Monarch-Key single sign-on solution would have cost around $4 million over the course of five years had it been purchased.
"The cost of ODU's core identity services, outside of developer time, has been minimal - a handful of servers that are highly virtualized to compound savings and about $30,000 in support costs," said Doug Streit, director of information security for ITS. "This was done by using open source software at no cost to the university."
Developing these systems in-house also means that they are flexible and customizable, and ODU is able to closely align the new IDM system with future goals, new technologies and the needs of the university community. More than 50 of ODU's IT Web services are now supported by Monarch-Key and an additional 35 systems use the same login information through MIDAS.
The implementation of Monarch-Key has put ODU on the forefront of technology for identity management at academic institutions - in line with institutions such as Virginia Tech and the University of Virginia. Mary Dunker, director of secure enterprise technology initiatives at Virginia Tech, echoes the belief that in-house developers bring a lot to the table and summarized the key benefits of Tech's in-house IDM solution as being threefold: flexibility, low cost and support.
The implementation of Monarch-Key also positions ODU to embrace future technologies that would otherwise take years to implement. Plans for ODU's IT network include gaining an InCommon Identity Assurance Certificate, which will open the door to a wealth of opportunities for the university, improvements to the MIDAS user interface and development of certificate management for digitally signing documents, to name a few.
As ODU continues to distinguish itself as a world-class research institution, the benefits of investing in its in-house IT development team and homegrown identity management portfolio will undoubtedly be realized for years to come.
While the Single Sign-On project involved the efforts of dozens of dedicated people, there is a talented team of developers who built ODU's IDM system. They are: project lead, Todd Dergenski; software engineer, Natalie Metzger; and middleware application developer, Gabor Eszes.