Going Forward: Year 2 NMI and Higher Ed Middleware.

Slides:



Advertisements
Similar presentations
Internet2 Middleware and the NSF Middleware Initiative: Meeting Milestones Ken Klingenstein Director, Internet2 Middleware Initiative, Co-PI, NSF Middleware.
Advertisements

PERSEUS : Portal-enabled Resources via Shibbolized End-user Security 16 May 2005JISC Core Middleware Programme Meeting, Loughborough 1 PERSEUS Project.
PKI Solutions: Buy vs. Build David Wasley, U. California (ret.) Jim Jokl, U. Virginia Nick Davis, U. Wisconsin.
May 06, 2002 Getting Started with Digital Certificates: Is PKI-Lite Real PKI? Internet2 Spring Meeting 2002 Wash, DC.
Internet2 Middleware BASE CAMP slides Michael R. Gettes Principal Technologist Georgetown University
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
Copyright Ann West This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
Implementing Shibboleth-based Virtual Organisations and VO Federations using IAMSuite (including AAF update) James Dalziel & Alan Lin Professor of Learning.
Welcome to CAMP Shibboleth Ken Klingenstein, Director, Internet2 Middleware Initiative.
Welcome to CAMP! Ken Klingenstein, Director, Internet2 Middleware Initiative.
David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.
Attributes, Anonymity, and Access: Shibboleth and Globus Integration to Facilitate Grid Collaboration 4th Annual PKI R&D Workshop Tom Barton, Kate Keahey,
Welcome Acknowledgments and thanks Security Acronymny: then and now What’s working What’s proving hard.
Presenter’s Name InCommon Approximately 80 members and growing steadily More than two million “users” Most of the major research institutions (MIT joining.
1 11 th Fed/Ed PKI Meeting Some quick updates from recent HEPKI-TAG and SURA work Jim Jokl
Welcome to CAMP Identity Management Integration Workshop Ann West NMI-EDIT EDUCAUSE/Internet2.
NMI-EDIT Outreach: The first five years. Topics for Today  NMI-EDIT background  Activities  Outcomes  Resources.
F. Guilleux, O. Salaün - CRU Middleware activities in French Higher Education.
GridShib: Grid-Shibboleth Integration (Identity Federation and Grids) April 11, 2005 Von Welch
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.
Mairéad Martin The University of Tennessee September 13, 2015 Federated Digital Rights Management.
EDUCAUSE Midwest Regional March 24, 2003 Copyright Ann West This work is the intellectual property of the author. Permission is granted for this.
Digital Object Architecture
Australian Access Federation and other Middleware Initiatives Presented at TF-EMC2, Prague 4 Sep 2007 Patty McMillan, The University of Queensland.
1 PKI & USHER/HEBCA Fall 2005 Internet2 Member Meeting Jim Jokl September 21, 2005.
Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003.
Shibboleth Update Michael Gettes Principal Technologist Georgetown University Ken Klingenstein Director Interne2 Middleware Initiative.
David L. Wasley Office of the President University of California Shibboleth Safe delivery of reliable authorization data David L. Wasley University of.
GridShib: Grid/Shibboleth Interoperability September 14, 2006 Washington, DC Tom Barton, Tim Freeman, Kate Keahey, Raj Kettimuthu, Tom Scavo, Frank Siebenlist,
NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.
Rethinking Privacy As Bob Blakley says, “It’s not about privacy, it’s about discretion.” Passive privacy - The current approach. A user passes identity.
Shibboleth A word which was made the criterion by which to distinguish the Ephraimites from the Gileadites. The Ephraimites, not being able to pronounce.
JISC Middleware Security Workshop 20/10/05© 2005 University of Kent.1 The PERMIS Authorisation Infrastructure David Chadwick
US of A and A Activities Ken Klingenstein, Director Internet2 Middleware Initiative.
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 NMI R3 Enterprise Directory Components.
1 Protection and Security: Shibboleth. 2 Outline What is the problem Shibboleth is trying to solve? What are the key concepts? How does the Shibboleth.
NSF Middleware Initiative: Enterprise and Desktop Integration Technologies Consortium Renee Woodten Frost Assistant Director Internet2 Middleware Initiative.
Shibboleth A word which was made the criterion by which to distinguish the Ephraimites from the Gileadites. The Ephraimites, not being able to pronounce.
GRID Overview Internet2 Member Meeting Spring 2003 Sandra Redman Information Technology and Systems Center and Information Technology Research Center National.
Middleware CAMP Day 2. Current Research Research that develops th e…
Leveraging Campus Authentication for Grid Scalability Jim Jokl Marty Humphrey University of Virginia Internet2 Meeting April 2004.
Digital Diversity: Multi- institutional Access to Distributed Course Resources Barry Ribbeck UT HSC - Houston.
NSF Middleware Initiative: What’s It All About? Renee Woodten Frost Assistant Director Internet2 Middleware Initiative.
Shibboleth at USMAI David Kennedy Spring 2006 Internet2 Member Meeting, April 24-26, 2006 – Arlington, VA.
Mairéad Martin The University of Tennessee December 16, 2015 Federated Digital Rights Management.
Internet2 AdvCollab Apps 1 Access Grid Vision To create virtual spaces where distributed people can work together. Challenges:
Bridge Certification Architecture A Brief Overview by Tim Sigmon May, 2000.
Shibboleth Trust Model Shibboleth/SAML Communities (aka Federated Administrations) Club Shib Club Shib Application process Policy decision points at the.
05 October 2001 Directories: The Next Stage Keith Hazelton, Senior IT Architect University of Wisconsin-Madison Keith Hazelton, Senior IT Architect University.
Shibboleth & Federated Identity A Change of Mindset University of Texas Health Science Center at Houston Barry Ribbeck
A Word from the Sponsors NMI-EDIT comprises Internet2 and EDUCAUSE –NSF Middleware Initiative (NMI)-Enterprise and Desktop Integration Technologies Consortium.
Day 3 Roadmap and PKI Update. When do we get to go home? Report from the BoFs CAMP assessment, next steps PKI technical update Break Research Issues in.
Welcome to Base CAMP: Enterprise Directory Deployment Ken Klingenstein, Director, Internet2 Middleware Initiative Copyright Ken Klingenstein This.
Current Middleware Picture Tom Barton University of Chicago Tom Barton University of Chicago.
NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Renee Woodten Frost Internet2/University of Michigan.
2-Oct-0101 October 2001 Directories as Middleware Keith Hazelton, Senior IT Architect University of Wisconsin-Madison Keith Hazelton, Senior IT Architect.
Internet2 Spring Meeting NSF Middleware Initiative Purpose To design, develop, deploy and support a set of reusable, expandable set of middleware functions.
Shibboleth at USMAI David Kennedy Spring 2006 Internet2 Member Meeting, April 24-26, 2006 – Arlington, VA.
NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.
Welcome to CAMP Directory Workshop Ken Klingenstein, Internet2 and University of Colorado-Boulder.
Further Resources and Getting Involved Steven Carmody Ann West.
CAMP Shibboleth: Next Steps Steve Carmody, Brown University Ann West, Educause/Internet2/Michigan Tech.
CAMP Wrap-up: Identity Management Resources from NMI-EDIT.
01 October 2001 “...By Any Other Name…”. Consequences and Truths (Ken) The Pieces and the Processes (Bob) Directories (Keith) Shibboleth and SAML (Scott)
NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Mark Luker, EDUCAUSE Copyright Mark Luker, This work is the intellectual.
1 US Higher Education Root CA (USHER) Update Fed/Ed Meeting December 14, 2005 Jim Jokl University of Virginia.
Shibboleth Project at GSU
Supporting Institutions Towards a Shibbolized Infrastructure
Renee Woodten Frost Assistant Director Internet2 Middleware Initiative
Presentation transcript:

Going Forward: Year 2 NMI and Higher Ed Middleware

Agenda Assessment of CAMP Assessment of processes web site, lists, virtual briefings, meetings (session and preconference options) Going Forward NMI – Year 2 Higher Ed Middleware Take-aways

NMI-EDIT Participation and Resources Websites NMI: nsf-middleware.org NMI-EDIT: Internet2:middleware.internet2.edu EDUCAUSE: Refer to the websites for more information on lists Education and Workshops CAMPs Presentations and tutorials Working groups Renee Frost Questions, requests, comments… Ann West

CAMP Assessment Content too lofty/pretty fine/too detailed too intense/fine/more too immediate/fine/too long range political/technical balance Format panels? Presentations? Hand waving? Others? break into workgroups? bofs? Facilities location (global, local) wireless

Process Assessment web site (public and private/shared) lists virtual briefings meetings (session and preconference options) Other ideas? Volunteer mechanisms

Going Forward NMI Higher Ed Middleware Virtual Organizations – identifier crosswalks, etc PKI - HEBCA, CREN CA, S/MIME, SEVIS GGF – what role for the enterprise? (security, accounting) Shibboleth 1.0+ and FOO Upperware – video, DRM, common calendars Affiliated directories AuthZ Centralized Services

NMI – The Process Releases approximately every six months – next one (Release 2) Oct 27, 2002 Will continue to be a mix of software (programs and objectclasses), good practices and recommendations, and architectural whitepapers May be an opportunity to announce services (bridge CA’s, registries, etc.) as well GridsCenter anticipates some (relatively modest) enhancements to Globus Toolkit 2.0, no OGSA EDIT Team anticipates Shibboleth 1.0 (RM 0.5,ARPManager 0.5), eduOrg, Pubcookie 3.0, LDAP Analyzer, Architectural Papers in Video, Digital Rights Management, etc. Integration? Leveraging Campus Infrastructure in Grids?

Objectclasses in R2 eduPerson 1.5 final eduOrg 1.0 final, eduOrg 1.5 experimental VoDendPoint 1.0 experimental Status of docs draft – in the works, grist for the mill experimental – consensus by work group (e.g. Mace-dir) rpr – released for public review; vetted fully within I2 community final – as good as it gets (international, corporate, broader higher ed commentary)

Virtual Organizations Grid experiments, digital library consortiums, Internet2 VideoCommons, etc. Share real (realm-based) resources among a sparse set of (interrealm) users Requirements for authentication and authorization, resource discovery, etc need to leverage federated and hierarchical infrastructures.

Support services for VO’s Centralized unique vo names and associated namespaces, objectclasses required trust model items (cert profiles, roots, etc.) … At origin enterprises enterprise-wide app directories local security to vo security local directory mods At the target enterprises agency requirements

PKI SEVIS HEBCA next steps CREN CA next steps S/MIME Server side issues Open-Source CA’s

Global Grid Forum Is GGF a standards organization for us? a way to internationalize academic objclasses, PKI enablement, etc. Is GGF a standards organization against us? security? accounting? web services? Is GGF a standards organization? can it be effective? can it define appropriate scope? What will we do if a Grid lands on campus?

Shibboleth 1.0 and FOO Pilots start almost immediately Next three months Completion of coding, security testing, performance enhancements, monitoring tools Serious work on resource managers and attribute release managers Architecting a fuller vision of resource managers and attribute management Shib FOO (federating organizations organization) to discuss the hard issues of multiple federations, subclubs, implementation, etc.

Upperware Video slowness in H.323 land a coming to grips in SIP space open clients and proxies DRM the workshop an architectural white paper in the fall Common calendars? Portals? OKI?

Got AuthZ? Role-based group-implemented access controls promote the Stanford work An enhanced model of the target side PDP PEP policy languages rights languages etc

What Centralized Services are Needed? A Sector CA? Higher Ed Bridge CA? Cert stores? UDDI host? Name Spaces? For what names (docs, attributes, Registries for Clubs for Virtual Organizations for Objectclasses

Take-aways Wireless authn/z done via forcing a web browser to a DMZ net Server-side PKI to solve immediate needs and get our feet wet El Dupe not yet dead Flashing twelves can drive a training curve Shib is gaining traction in the library community State diagrams and transition rules for account management are excellent tools IPSEC and VPN’s in the wireless space End-entity PKI still not nigh Identity Management falls to those that need IT File sharing needs are still strong Pay for printing is a rat hole

Takeaways Librarians like us and we like them cause they understand and promote privacy sampleUperson installed in many places RBAC is viable and a win Registries and underlying databases help the management of directories The community remains interested and committed. We’re not telling the story well

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.