Middleware: Addressing the Top IT Issues on Campus

Slides:



Advertisements
Similar presentations
How Identity and Access Management Can Help Your Institution Touch Its Toes Renee Woodten Frost Internet2 and University of Michigan Kevin Morooney The.
Advertisements

Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
CAMP Med Welcome to CAMP Med: Identity and Access Management for Medical Applications Workshop Morgan Passiment AAMC Ann West NMI-EDIT EDUCAUSE/Internet2.
Copyright Ann West This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
Welcome to CAMP! Ken Klingenstein, Director, Internet2 Middleware Initiative.
Identity Management: Some Basics Mark Crase, California State University Office of the Chancellor CENIC - March 9, 2011.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
June 1, 2001 Enterprise Directory Service at College Park David Henry Office of Information Technology University of Maryland College Park
Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.
Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –
CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,
Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.
Welcome to CAMP Identity Management Integration Workshop Ann West NMI-EDIT EDUCAUSE/Internet2.
1 EDUCAUSE Midwest Regional Conference Top Strategies for Working with Stakeholders: Synopses of Recommendations from the Identity Management Summit Mark.
Digital Identity Management Strategy, Policies and Architecture Kent Percival A presentation to the Information Services Committee.
Management Primer on Middleware Louise Miller-Finn, Johns Hopkins University Renee Woodten Frost, Internet2 & University of Michigan.
Middleware Planning and Deployment 201: Implementation Roadmap Keith Hazelton, University of Wisconsin/Internet2 Renee Woodten Frost, Internet2/University.
EDUCAUSE Midwest Regional March 24, 2003 Copyright Ann West This work is the intellectual property of the author. Permission is granted for this.
Review of NWS IT Consolidation Efforts For HIC Meeting July 2006 Tom Schwein Team Leader of Desktop Management Tiger Team SOD CRH.
Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003.
What is Cyberinfrastructure? Russ Hobby, Internet2 Clemson University CI Days 20 May 2008.
UCLA Enterprise Directory Identity Management Infrastructure UC Enrollment Service Technical Conference October 16, 2007 Ying Ma
NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.
Internet2 Middleware Initiative. Discussion Outline  What is Middleware why is it important why is it hard  What are the major components of middleware.
Policy and Technology in Enterprise Directory and Authentication Services No Room to Swing a Cat Michael Gettes, MACE, Duke University Keith Hazelton,
U.S. Department of Agriculture eGovernment Program eGovernment Working Group Meeting February 11, 2004.
26 November 2015 Middleware Planning and Deployment 101: Setting the Stage Ann West EDUCAUSE/Internet2 27 October 2002 Ann West EDUCAUSE/Internet2 27 October.
Digital Diversity: Multi- institutional Access to Distributed Course Resources Barry Ribbeck UT HSC - Houston.
Cyberinfrastructure Overview Russ Hobby, Internet2 ECSU CI Days 4 January 2008.
What’s Happening at Internet2 Renee Woodten Frost Associate Director Middleware and Security 8 March 2005.
NMI-EDIT AND Small College Security & ID Management Issues Discussion John Bruggeman, Director of Information Systems, Hebrew Union College-Jewish Institute.
Welcome to Base CAMP: Enterprise Directory Deployment Ken Klingenstein, Director, Internet2 Middleware Initiative Copyright Ken Klingenstein This.
University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.
Portal Services & Credentials at UT Austin CAMP Identity and Access Management Integration Workshop June 27, 2005.
NSF Middleware Initiative Purpose To design, develop, deploy and support a set of reusable, expandable set of middleware functions and services that benefit.
Information Resource Stewardship A suggested approach for managing the critical information assets of the organization.
NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Renee Woodten Frost Internet2/University of Michigan.
NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.
Welcome to CAMP Directory Workshop Ken Klingenstein, Internet2 and University of Colorado-Boulder.
David Saslav Principal Product Manager Database and Application Server Technologies Oracle Corporation.
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Mark Luker, EDUCAUSE Copyright Mark Luker, This work is the intellectual.
Windows Active Directory – What is it? Definition - Active Directory is a centralized and standardized system that automates network management of user.
1 EDUCAUSE Mid-Atlantic Regional Conference Top Strategies for Working with Stakeholders: Synopses of Recommendations from the Identity Management Summit.
EECS David C. Chan1 Computer Security Management Session 1 How IT Affects Risks and Assurance.
OpenRegistry MACE-Dir 5/18/09 1 OpenRegistry Initiative Revisiting the Management of Electronic Identity Benjamin Oshrin Rutgers University May 2009.
L’Oreal USA RSA Access Manager and Federated Identity Manager Kick-Off Meeting March 21 st, 2011.
Identity and Access Management
Joint CIO Council and HR Deans & Directors Meeting
Making Cross-campus, Inter-institutional Collaborations Work
Stop Those Prying Eyes Getting to Your Data
NSF Middleware Initiative: What’s It All About?
Middleware: Addressing the Top IT Issues on Campus
University of Texas System
InCommon Steward Program: Community Review
Current Campus Issues – From My Horizon
THE STEPS TO MANAGE THE GRID
Brian Voss, Chief Information Officer April 5, 2006
Privilege Management: the Big Picture
PASSHE InCommon & Federated Identity Workshop
Federated Digital Rights Management
BlackBoard 5 A Definitive e-Learning Software Platform Ozgur Balsoy,
Middleware Planning and Deployment 101: Setting the Stage
HIMSS National Conference New Orleans Convention Center
Assistant Vice President and Chief Technology Officer
Identity Management at the University of Florida
Renee Woodten Frost Assistant Director Internet2 Middleware Initiative
Agenda Purpose for Project Goals & Objectives Project Process & Status Common Themes Outcomes & Deliverables Next steps.
UF Directory Coordinator Training
Data, Policy, Stakeholders, and Governance
Presentation transcript:

Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan Midwest Regional EDUCAUSE March 26, 2003

Outline Set the context Define middleware Outline the top 10 issues Discuss the relevancy of middleware Introduce NMI-EDIT Highlight available resources and educational opportunities EDUCAUSE Midwest Regional March 24, 2003

What is IT being asked to do? One stop for university services (portal) integrated with course management systems Email-for-life Automatic creation and deletion of computer accounts Submit and/or update information online Browser or desktop preferences follow you EDUCAUSE Midwest Regional March 24, 2003

More on the “to do” list Multi-campus scanning electron microscopes Integrated voicemail, email, and faxmail for Advancement staff Secure PDA and wireless support All-campus email announcements (spam) Expensive library databases shared with other schools in the system … EDUCAUSE Midwest Regional March 24, 2003

What do all of these have in common? Are the people using these services who they claim to be? Are they a member of our campus community? Have they been given permission? Is their privacy being protected? EDUCAUSE Midwest Regional March 24, 2003

What is middleware? Suite of campus-wide security, access, and information services Integrates data sources and manages information about people and their contact locations Establishes electronic identity of users Uses administrative data to assign affiliation and gives permission to use services based on that role EDUCAUSE Midwest Regional March 24, 2003

Definitions: Identifiers Identifiers– your electronic names Multiple names and corresponding information in multiple places Single unique identifier for each authorized user Names and information in other systems can be cross-linked to it Admin systems, library systems, building systems HR, SS, department alumni, stud org., athletic, housing, Legal name – sign your name Bio Betty letting certain information about her sent to U of Beta EDUCAUSE Midwest Regional March 24, 2003

Definitions: Authentication Authentication – links the physical you to an electronic identifier Password authentication most common Security need should drive authentication method Distance learning and inter-campus applications Dean of Students – how did we map him to his electronic name in the first place? How did he prove it? 2 methods of id or did he call up on the phone Bio Betty – Alph U vouched for her; Univ of Bta is taking this for granted; what if they find out that Bio Betty didn’t prove her identity to the school and was given an id and was really Tara the terrorist…? EDUCAUSE Midwest Regional March 24, 2003

Definitions: Authorization Authorization services – allowing you to use services Affiliated with the school (role) Permitted to use the services based on that role Dean – turn access on and off for offenders Mary – suite of service that were turned off (student) Troubled todd – delegated his authorization to access his information to his assistant. Did want to do it all the time, just in an emergency. EDUCAUSE Midwest Regional March 24, 2003

Definitions: Enterprise Directory Services Enterprise Directory services - where your electronic identifiers are reconciled and basic characteristics are kept Very quick lookup function Phone number, address, campus identifiers Machine address, voice mail box, email box location Basically a storage spot that can thumb through and look up info for you really quickly Biler bill – keeps location of preference information EDUCAUSE Midwest Regional March 24, 2003

What is Middleware? specialized networked services that are shared by applications and users a set of core software components that permit scaling of applications and networks tools that take complexity out of application integration a second layer of the IT infrastructure, sitting above the network a land where technology meets policy the intersection of what networks designers and applications developers each do not want to do EDUCAUSE Midwest Regional March 24, 2003

Map of Middleware Land EDUCAUSE Midwest Regional March 24, 2003

Core Middleware Middleware makes “transparent use” happen, providing consistency, security, privacy and capability Identity - unique markers of who you (person, machine, service, group) are Authentication - how you prove or establish that you are that identity Directories - where an identity’s basic characteristics are kept Authorization - what an identity is permitted to do Public Key Infrastructure (PKI) - emerging tools for security services EDUCAUSE Midwest Regional March 24, 2003

2002 EDUCAUSE Current Issues Survey Criteria Important for strategic success Potential significance in next year Most time consuming for leaders Most resource intensive 10 issues most significant Issues were significant to at least 3 of the questions…portals were added because of their high potential to being significant in the next year. EDUCAUSE Midwest Regional March 24, 2003

The Top Ten Issues Administrative Systems/ERP IT Funding Faculty Development, Support, and Training IT Strategic Planning Security Management Online Student Services Teaching and Learning Strategies Distance Education Maintaining Network Infrastructure Emerging Network Technologies (Portals) EDUCAUSE Midwest Regional March 24, 2003

Threads Woven Throughout Money and Time Integration Policy Enforcement Enhanced Security Ease of Use Capability to Iterate and Deploy Faster Privacy management EDUCAUSE Midwest Regional March 24, 2003

Money and Time Consolidated access management Fewer staff for more applications Fewer information repositories to manage Fewer accounts to manage Automated creation and deletion of accounts EDUCAUSE Midwest Regional March 24, 2003

Integration Leverage existing infrastructures Data Network Services Unique identifier is mapped to application-dependent identifiers Network Integrated sign-on Services Administrative and Course Management Systems EDUCAUSE Midwest Regional March 24, 2003

Policy Enforcement Access follows institutional policy and legal requirements Business changes reflected in access Dismissed students/staff have access to all services and buildings immediately revoked EDUCAUSE Midwest Regional March 24, 2003

Enhanced Security More security minded Consolidation of Access Status/role change alters service mix Use of same identifier enhances auditing Access to critical applications is concentrated More security minded EDUCAUSE Midwest Regional March 24, 2003

Ease of Use Directory-enabled applications Consolidated authentication Reduce faculty need to update class rosters Consolidated authentication Reduces the number of userids/passwords Move updating of information to ultimate data owner Students update address information or destination of their forwarded email EDUCAUSE Midwest Regional March 24, 2003

Capability to Iterate and Deploy Faster Use same authentication and identity infrastructure for new services Extend services to new groups by adding to the directory One group of staff responsible for implementing business rules EDUCAUSE Midwest Regional March 24, 2003

Privacy management Increasing need both to pass information about people for access and to protect privacy Must have a central policy structure and related technical infrastructure for privacy management Library applications where both authorized access and anonymity is critical EDUCAUSE Midwest Regional March 24, 2003

Next Steps Develop project plan Decide on unique namespace Review application and directory requirements Pick initial target applications Design and populate the directory with big picture in mind Deploy directory and enable applications EDUCAUSE Midwest Regional March 24, 2003

NMI-EDIT Consortium Funded by the NSF Middleware Initiative (NMI) Enterprise and Desktop Integration Technologies Consortium Internet2 – primary on grant and research EDUCAUSE – primary on outreach Southeastern Universities Research Association (SURA) – primary on NMI Integration Testbed Higher-ed, government, corporate, research, and international participation EDUCAUSE Midwest Regional March 24, 2003

NMI-EDIT: Goals Much as at the network layer, create a ubiquitous common, persistent and robust core middleware infrastructure for the Research &Education community In support of inter-institutional and inter-realm collaborations, provide tools and services (e.g. registries, bridge PKI components, root directories) as required EDUCAUSE Midwest Regional March 24, 2003

NMI-EDIT: Core Middleware Scope Identity and Identifiers – namespaces, identifier crosswalks, real world levels of assurance Authentication – campus technologies and policies, inter-realm interoperability via PKI, Kerberos Directories – enterprise directory services architectures and tools, standard object classes, inter-realm and registry services Authorization – permissions and access controls, delegation, privacy management Integration Activities – common management tools, use of virtual, federated and hierarchical organizations EDUCAUSE Midwest Regional March 24, 2003

Enterprise Middleware Educational Opportunities Pre-conference Seminars and track sessions at EDUCAUSE Annual and Regional Meetings Campus Architectural Middleware Planning Workshops CAMP, Boulder CO – June 4-6, 2003 CIO and Technical staff Best practices in middleware deployment Check the www.nmi-edit.org site for announcement or past conference proceedings Advanced CAMP, Boulder CO – July 9-11, 2003 Highly technical Research topics EDUCAUSE Midwest Regional March 24, 2003

On-line Resources Available Introductory Technical and Management Documents Sample Middleware Business Case and Writer’s Guide Identifiers, Authentication, and Directories: Best Practices for Higher Education Identifier Mapping Templates and Campus Examples And more…. See Enterprise Directory Implementation Process Site coming in April on www.nmi-edit.org For more information, contact Ann West awest@educause.edu or send mail to request@nmi-edit.org EDUCAUSE Midwest Regional March 24, 2003

Questions? Renee Woodten Frost Internet2/University of Michigan rwfrost@internet2.edu EDUCAUSE Midwest Regional March 24, 2003

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.