Management Primer on Middleware Louise Miller-Finn, Johns Hopkins University Renee Woodten Frost, Internet2 & University of Michigan.

Slides:



Advertisements
Similar presentations
Defining the Security Domain Marilu Goodyear John H. Louis University of Kansas.
Advertisements

Joint CASC/CCI Workshop Report Strategic and Tactical Recommendations EDUCAUSE Campus Cyberinfrastructure Working Group Coalition for Academic Scientific.
The Internet2 NET+ Services Program Jerry Grochow Interim Vice President CSG January, 2012.
Middleware Implementation Case Studies Tom Barton, The University of Memphis Renee Woodten Frost, Internet2 & UMich Louise Miller-Finn, Johns Hopkins University.
High Performance Computing Course Notes Grid Computing.
Copyright Ann West This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
EInfrastructures (Internet and Grids) US Resource Centers Perspective: implementation and execution challenges Alan Blatecky Executive Director SDSC.
David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.
Active Directory: Final Solution to Enterprise System Integration
Public Key Infrastructure at the University of Pittsburgh Robert F. Pack, Vice Provost Academic Planning and Resources Management March 27, 2000 CNI Spring.
Information Technology Current Work in System Architecture November 2003 Tom Board Director, NUIT Information Systems Architecture.
Introduction and Overview “the grid” – a proposed distributed computing infrastructure for advanced science and engineering. Purpose: grid concept is motivated.
Thee-Framework for Education & Research The e-Framework for Education & Research an Overview TEN Competence, Jan 2007 Bill Olivier,
Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.
Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –
Imperial College Web Review Imperial College.... An audience-focused realignment of our web strategy with our College strategy, our market, technology.
Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.
Welcome to CAMP Identity Management Integration Workshop Ann West NMI-EDIT EDUCAUSE/Internet2.
Use case: Federated Identity for Education (Feide) Identity collaboration and federation in Norwegian education Internet2 International Workshop, Chicago,
Australian Access Federation Robert Hazeltine Identity and Access Management Enterprise Systems Office.
Middleware challenges to service providers, the Nordic view TERENA, Ingrid Melve, UNINETT.
March 19, Open Knowledge Initiative: The Saga Unfolds Mike Barker Lois Brooks Jeff Merriman.
Middleware Planning and Deployment 201: Implementation Roadmap Keith Hazelton, University of Wisconsin/Internet2 Renee Woodten Frost, Internet2/University.
EDUCAUSE Midwest Regional March 24, 2003 Copyright Ann West This work is the intellectual property of the author. Permission is granted for this.
Enterprise Directories: Design, Implementation, and Operational Strategies Dr. Tom Barton.
Middleware Planning and Deployment 101: Setting the Stage Keith Hazelton, University of Wisconsin-Madison/Internet2 Renee Woodten Frost, Internet2/University.
Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003.
What is Cyberinfrastructure? Russ Hobby, Internet2 Clemson University CI Days 20 May 2008.
Top Issues Facing Information Technology at UAB Sheila M. Sanders UAB Vice President Information Technology February 8, 2007.
UCLA Enterprise Directory Identity Management Infrastructure UC Enrollment Service Technical Conference October 16, 2007 Ying Ma
NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.
Internet2 Middleware Initiative. Discussion Outline  What is Middleware why is it important why is it hard  What are the major components of middleware.
ERP Implementation Fundamentals Richard Byrom Oracle Consultant, Speaker and Author
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 NMI R3 Enterprise Directory Components.
NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.
NSF Middleware Initiative: Enterprise and Desktop Integration Technologies Consortium Renee Woodten Frost Assistant Director Internet2 Middleware Initiative.
Information Technology Current Work in System Architecture January 2004 Tom Board Director, NUIT Information Systems Architecture.
GRID Overview Internet2 Member Meeting Spring 2003 Sandra Redman Information Technology and Systems Center and Information Technology Research Center National.
Middleware Camp NMI (NSF Middleware Initiative) Program Director Alan Blatecky Advanced Networking Infrastructure and Research.
Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.
Digital Diversity: Multi- institutional Access to Distributed Course Resources Barry Ribbeck UT HSC - Houston.
Leveraging the InCommon Federation to access the NSF TeraGrid Jim Basney Senior Research Scientist National Center for Supercomputing Applications University.
NSF Middleware Initiative: What’s It All About? Renee Woodten Frost Assistant Director Internet2 Middleware Initiative.
Introduction to Grids By: Fetahi Z. Wuhib [CSD2004-Team19]
New Developments in Access Management: Setting the Scene Alan Robiette JISC Development Group JISC-CNI Conference, June 2002.
Connect. Communicate. Collaborate Deploying Authorization Mechanisms for Federated Services in the eduroam architecture (DAMe)* Antonio F. Gómez-Skarmeta.
What’s Happening at Internet2 Renee Woodten Frost Associate Director Middleware and Security 8 March 2005.
Topics in Directories: Groups Dr. Tom Barton The University of Memphis.
Welcome to Base CAMP: Enterprise Directory Deployment Ken Klingenstein, Director, Internet2 Middleware Initiative Copyright Ken Klingenstein This.
GRID ANATOMY Advanced Computing Concepts – Dr. Emmanuel Pilli.
University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.
NSF Middleware Initiative Purpose To design, develop, deploy and support a set of reusable, expandable set of middleware functions and services that benefit.
October 2, 2001 Middleware: Pieces and Processes RL "Bob" Morgan, University of Washington.
NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Renee Woodten Frost Internet2/University of Michigan.
Internet2 Spring Meeting NSF Middleware Initiative Purpose To design, develop, deploy and support a set of reusable, expandable set of middleware functions.
Internet2 Spring Meeting, Washington DC April NMI R2 Directory Services Components Overview Art Vandenberg Director, Advanced Campus Services Information.
NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.
01 October 2001 “...By Any Other Name…”. Consequences and Truths (Ken) The Pieces and the Processes (Bob) Directories (Keith) Shibboleth and SAML (Scott)
Building Preservation Environments with Data Grid Technology Reagan W. Moore Presenter: Praveen Namburi.
INTRODUCTION TO IDENTITY FEDERATIONS Heather Flanagan, NSRC.
NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Mark Luker, EDUCAUSE Copyright Mark Luker, This work is the intellectual.
Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.
NSF Middleware Initiative: What’s It All About?
Middleware: Addressing the Top IT Issues on Campus
John O’Keefe Director of Academic Technology & Network Services
Middleware: Addressing the Top IT Issues on Campus
ESA Single Sign On (SSO) and Federated Identity Management
Middleware Planning and Deployment 101: Setting the Stage
Presentation transcript:

Management Primer on Middleware Louise Miller-Finn, Johns Hopkins University Renee Woodten Frost, Internet2 & University of Michigan

Base CAMP 24 June 2002Primer on Middleware2 Agenda What is Middleware? Why is it Important? How is it Used? What are the Underlying Concepts and Architecture? What Resources are There to Help?

Base CAMP 24 June 2002Primer on Middleware3 Middleware in Action Mary is a grad student at Alpha U, taking courses both in a traditional classroom and online and interns at a biotech company nearby. Using her laptop, Mary needs to access her , courseware, calendar and library resources from all three locations; home, campus and work. She also uses a wireless PDA when on-campus to stay in touch with her lab mates.

Base CAMP 24 June 2002Primer on Middleware4 Middleware in Action The new Chair of the Dept. of Physiology has arrived on campus over the weekend. Dr. Agnew is very anxious to get access to campus IT resources such as , calendar, web services and the mainframe. He does not want to wait for the requisite 3-5 business days it takes to get the accounts setup. Since IT already knows of him, he can use a self-service interface to accomplish his goal.

Base CAMP 24 June 2002Primer on Middleware5 What is Middleware? specialized networked services that are shared by applications and users a set of core software components that permit scaling of applications and networks tools that take complexity out of application integration a second layer of the IT infrastructure, sitting above the network a land where technology meets policy the intersection of what networks designers and applications developers each do not want to do

Base CAMP 24 June 2002Primer on Middleware6 NMI Definition of Middleware Middleware is software that connects two or more otherwise separate applications across the Internet or local area networks. More specifically, the term refers to an evolving layer of services that resides between the network and more traditional applications for managing security, access and information exchange to:

Base CAMP 24 June 2002Primer on Middleware7 NMI Definition of Middleware Let scientists, engineers and educators transparently use and share distributed resources, such as computers, data, networks and instruments. Develop effective collaboration and communications tools such as Grid technologies, desktop video and other advanced services to expedite research and education and Develop a working architecture and an approach that can be extended to the larger set of Internet and network users.

Base CAMP 24 June 2002Primer on Middleware8 Map of Middleware Land

Base CAMP 24 June 2002Primer on Middleware9 Core Middleware Middleware makes “transparent use” happen, providing consistency, security, privacy and capability Identity - unique markers of who you (person, machine, service, group) are Authentication - how you prove or establish that you are that identity Directories - where an identity’s basic characteristics are kept Authorization - what an identity is permitted to do Public Key Infrastructure (PKI) - emerging tools for security services

Base CAMP 24 June 2002Primer on Middleware10 How is it used? –Common authentication and directories Account management –Common authentication and provisioning mechanism Next-generation portals –Common authentication and storage for profiles and preferences. Web access controls –Common authentication and directories Calendaring –Common authentication and directories

Base CAMP 24 June 2002Primer on Middleware11 How is it used? Digital Libraries –Scalable, interoperable authentication and authorization. Grids (Research for now) –Model for a distributed computing environment, addressing diverse computational resources, distributed databases, network bandwidth,etc.; –Globus provides security, location and allocation of resources, and scheduling. Instructional Management Systems –Common authentication and directories. Academic Collaboration –Restricted sharing of materials among institutions.

Base CAMP 24 June 2002Primer on Middleware12 Organizational Drivers Federal government E-enterprise functions Service expectations Resource allocation pressures Collaboration

Base CAMP 24 June 2002Primer on Middleware13 Benefits to the Institution Economies for central IT - reduced account management, better web site access controls, tighter network security... Economies for distributed IT - reduced administration, access to better information feeds, easier integration of departmental applications into campus-wide use... Improved services for students and faculty - access to scholarly information, control of personal data, reduced legal exposures... Participation in future research environments - Grids, videoconferencing, etc. Participation in new collaborative initiatives – Directory of Directories, Shibboleth, etc.

Base CAMP 24 June 2002Primer on Middleware14 Costs to the Institution Modest increases in capital equipment and staffing requirements for central IT Considerable time and effort to conduct campus wide planning and vetting processes One-time costs to retrofit some applications to new central infrastructure One-time costs to build feeds from legacy source systems to central directory services The political wounds from the reduction of duchies in data and policies

Base CAMP 24 June 2002Primer on Middleware15 Nature of the Work Technology –Establish campus-wide services: name space, authentication –Build an enterprise directory service –Populate the directory from source systems –Enable applications to use the directory

Base CAMP 24 June 2002Primer on Middleware16 Nature of the Work Policies and Politics –Clarify relationships between individuals and institution –Determine who manages, who can update and who can see common data –Structure information access and use rules between departments and central administrative units –Reconcile business rules and practices

Underlying Concepts & Architecture

Base CAMP 24 June 2002Primer on Middleware18 Pause for some terminology Identity: set of attributes about you. Authentication: process used to prove your identity. Often a login process. Authorization: process of determining if policy permits an intended action to proceed. Customization: presentation of user interface (UI) tailored to user’s identity.

Base CAMP 24 June 2002Primer on Middleware19 What IT needs to know Identity – “you”. Characteristics that pertain to the service at hand. Examples: –Library resource: current member of the set of licensees –Video for course: enrolled in the course – or calendar: University username –Videoconference: current network address

Base CAMP 24 June 2002Primer on Middleware20 What IT needs to do Each service must determine what it should present to you & what you are entitled to do. Possible ways it might undertake that: –Ask you to login and look up info in its own database. (authentication & authorization) –Ask you to login and look up info in a common or central database. –Trust some other source to assert needed info (the other source might make you login).

Base CAMP 24 June 2002Primer on Middleware21 Service architectures Stovepipesilo Stovepipe (or silo): Service performs its own authentication and consults its own database for authorization and customization attributes. service authNattrs service authNattrs

Base CAMP 24 June 2002Primer on Middleware22 Comparative service architectures Stovepipes are run by separate departments/divisions. –Environment is more challenging to users, who may need to contact each office to arrange for service. –No automated life cycle management of accounts. –Per-service identifiers and security practices make it more difficult to achieve a given level of security across the enterprise.

Base CAMP 24 June 2002Primer on Middleware23 Service architectures Integrated Integrated: Service refers authentication to and obtains attributes for authorization and customization from enterprise infrastructure services. service1 authentication service attribute service Service N An Organization

Base CAMP 24 June 2002Primer on Middleware24 Comparative service architectures Enterprise authentication & attribute services are run by a central office. –All attributes known by the organization about a member can be integrated and made available to services. –Automated life cycle account management is possible across the enterprise. –Common identifiers across integrated services makes an easier and more secure user environment.

Base CAMP 24 June 2002Primer on Middleware25 Four service architectures Federated Federated: Service refers authentication to and obtains attributes for authorization and customization from possibly external infrastructure services. service authentication service attribute service Organization 1Organization 2

Base CAMP 24 June 2002Primer on Middleware26 Four service architectures Grid Grid: Service refers authentication to and obtains attributes for authorization and customization from common grid services. service1 authentication service attribute service Service N A Virtual Organization

Base CAMP 24 June 2002Primer on Middleware27 Comparative service architectures Federated authentication & attribute services rely on each participating organization’s enterprise authentication & attribute services. Integration of Grid services with enterprise services is a medium term goal of the NSF Middleware Initiative.

Base CAMP 24 June 2002Primer on Middleware28 The Objective Prepare campuses to implement core middleware for an integrated architecture. service1 authentication service attribute service Service N An Organization

Base CAMP 24 June 2002Primer on Middleware29 Core middleware for an integrated architecture

Vignettes Revisited

Base CAMP 24 June 2002Primer on Middleware31 Provisioning vignette Provisioning vignette: The new Chair of the Dept. of Physiology has arrived on campus over the weekend. Dr. Agnew is very anxious to get access to campus IT resources such as , calendar, web services and the mainframe. He does not want to wait for the requisite 3-5 business days it takes to get the accounts setup. Since IT already knows of him, he can use a self-service interface to accomplish his goal. to model HRS Metadirectory Acct Init Service authN attrs

Base CAMP 24 June 2002Primer on Middleware32 Student vignette Student vignette: Mary is a grad student at Alpha U, taking courses both in a traditional classroom and online and interns at a biotech company nearby. Using her laptop, Mary needs to access her , courseware, calendar and library resources from all three locations; home, campus and work. She also uses a wireless PDA when on-campus to stay in touch with her lab mates. to model Mailbox Calendar Wireless Gateway NAS Server Lib Proxy CMS authN attrs

Base CAMP 24 June 2002Primer on Middleware33 Vignette analysis Set of vignettes portray: –Seamlessness of transitions between services. –Independence of location of service or user. –Suites of services designed to support activities of different constituencies. –Absence of need to make prior arrangement for resources required to enable services.

Base CAMP 24 June 2002Primer on Middleware34 Middleware Resources

Base CAMP 24 June 2002Primer on Middleware35 What resources are there to help? Expert, diverse leadership and collaborators –MACE and the working groups –NSF catalytic grants –Early Adopters –Higher Education Partners – campuses, EDUCAUSE, CREN, CNI, SURA, GRIDS, NACUBO,AACRAO, NACUA, etc –Government Partners - NSF, NIH, NIST, fPKI TWG, etc –Corporate Partners – IBM, SUN, Metamerge, Radvision, etc –International communities

Base CAMP 24 June 2002Primer on Middleware36 What resources are there to help? Websites Middleware information and discussion lists NMI lists (see websites)

Base CAMP 24 June 2002Primer on Middleware37 What resources are there to help? Workshops –Pre-conference Seminars –Summer CAMPs (Campus Architectural Middleware Planning) Base – June 24-26, 2002 Advanced – July 31 – August 2, 2002

Base CAMP 24 June 2002Primer on Middleware38 What resources are there to help? Introductory Documents –Sample Middleware Business Case and corresponding Writer’s Guide –Identifiers, Authentication, and Directories: Best Practices for Higher Education –Identifier Mapping Template and Campus Examples

Base CAMP 24 June 2002Primer on Middleware39 What resources are there to help? NSF Middleware Initiative Release 1 Components Software Directory Object Classes Conventions and Practices Recommended Practices White Papers Policies Services Works in progress: White Papers Working Groups and Projects

Base CAMP 24 June 2002Primer on Middleware40 Contacts Renee Woodten Frost Internet2 & University of Michigan Louise Miller-Finn Johns Hopkins University

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.