We are creative, ambitious and ready for challenges!
DMV Case Study Overview
The DMV is part of the California State Transportation Agency. It is headquartered in Sacramento and operates local offices in nearly every part of the state. As of December 2017 the DMV maintained records for 30,112,927 persons, 33,993,857 driver licenses and/or identification cards (there is overlap as some persons can and do hold both documents), and 35,391,347 vehicles. California has 26,957,875 licensed drivers.
The California DMV awarded a contract to Technology Crest Corporation to provide IT technical and professional services in the form of designing, developing and modifying Java applications for various projects, including but not limited to the New VR Web Functionality, the DUI Application Rewrite, and Conversion of DMV Online Services to Spring MVC and compliance with Section 508 and Web Content Accessibility Guidelines 2.0, published by the Web Accessibility Initiative of the World Wide Web Consortium (W3C) at a minimum Level AA success criterion.
- TCrest was also responsible for overseeing the completion of services, approval of Deliverable Expectation Documents (DED), Deliverable Acceptance Documents (DAD), approval of Personnel Change Order Authorizations.
- The TCrest team has extensive experience in the tasks required by DMV. TCrest team will participate in system-related activities. We reviewed and commented on essential DMV current environment to ensure a thorough understanding of DMV infrastructure, business activities and the functions of the various systems. Tcrest provided expert advice on the best implementation method specific to DMV needs.
- TCrest was responsible for the following areas pertaining to application integration and enhancements of existing IAM functionalities: business requirement gathering and analysis, technical and functional design, development and unit testing, assistance with system/Integration testing, assistance with production rollout. And production readiness activities such as establishing and/or updating processes/procedures for monitoring, backup and alert processes, reporting needs, incident response/resolution, and related system documentation.
- The proposed identity and access management solution for the DMV is a hub that connects all the other directories and solutions. This would provide a central location for provisioning, running reports and compliance checking.
- Technology Crest Corporation has chosen this deliverable as the size and scope of the application it assessed. The deliverable document is modified to remove TCrests’ proprietary information. Hence the readers of this document should note that the content of this document represents only a portion of the whole deliverable and not the deliverable itself.
Current State Analysis
DMV is a large, complex organization with numerous applications, which are dependent on several Windows Active Directory domains in separate Forests with thousands of users both internally and externally. Active Directory alone is insufficient to support authentication and authorization of a large-scale user base for the Oracle Identity and Access Management Identify Management Enterprise Management project. Additionally, as identified in a security assessment in 2013, an enterprise IdAM system is necessary to ensure privacy and security of the Protected Health Information (PHI) by providing tools for electronic account provisioning and de-provisioning, self-service password reset, detailed audit trails, single sign-on, an enterprise catalog of applications and resources, role-based access management, strong authentication, and federated authentication with external business partners.
The solution used to meet DMV’s needs had to be highly scalable to a diverse set of needs and future capacity demands and have high availability.The following are the standard phases that are identified to complete the deliverables on time and on budget:
- Project work break down structure
- Dependent and independent tasks
- Parallel activities
- Working model
- User acceptance
- Testing and Roll out
- Requirement Analysis, Planning and Assessment
- Design, Solution Architecture, and Roadmap
- Implementation, Testing and Knowledge Transfer
Methods, tools and standards to be used in order to complete the tasks
The following diagram depicts the Oracle Identity and Access Management version of provisioning within the DMV network
A notification is sent to the provisioning platform when a new DMV user is created. Then the common provisioning platform provisions the user in the role manager (Microsoft or others). The role manager then assigns the user a hierarchy based on the user’s attributes. The roles, memberships, approvers, and provisioning attributes are calculated and passed back to the provisioning platform (such as Oracle Identity or IBM or others). The provisioning platform creates, revokes, and modifies accounts on target enterprise applications. One of the accounts provisioned is a DAP directory that stores user identities in groups based on their roles. DMV applications that use this platform. The Administrator uses the Enterprise Portal as a conduit to the Access Management layer to manage the LDAP directory to authenticate and authorize users requesting access to the portal layer
In working with Technology Crest Corporation, the DMV was able to make more efficient use of technology in a way that better aligned with their goals. Utilizing Technology Crest Corporation’s proven strategic solution model, we created the online services for California Department of Vehicles so that people can register their vehicle from the comfort of their own homes, which proves even more beneficial during a pandemic. And with Technology Crest Corporation’s assist with the idAM system users can also take comfort in knowing that their privacy is valued.