Presentation is loading. Please wait.

Presentation is loading. Please wait.

Virtual organization support services:

Published byRoy Reeves Modified over 5 years ago

Similar presentations

Presentation on theme: "Virtual organization support services:"— Presentation transcript:

1 Virtual organization support services:
Virtual organization support services: leveraging the common aspects of collaboration (the rise of indoor plumbing)

2 Topics What are VO’s and what do they need? Why do they need our help?
What is happening in the enterprise IT infrastructure business How can we help? How might we hurt? 11/16/2018

3 Virtual Organizations (VO’s)
Examples, differentiators, current challenges The common requirements Background on recent middleware work The virtual organization support space Role of enterprise and of federation Role of virtual organization support center Role of virtual organization The business case for/against the model How do we know if it is viable… 11/16/2018

4 11/16/2018

5 Virtual Organizations
Geographically distributed, enterprise distributed community that shares real resources as an organization. Examples include team science (NEESGrid, HEP, BIRN, NEON), digital content managers (library cataloguers, curators, etc), a state-based life-long learning consortia, a group of researchers coordinating a launch vehicle payload, etc. On a continuum from interrealm groups (no real resource management, few defined roles) to real organizations (primary identity/authentication providers) Want to leverage enterprise middleware and external trust fabrics, as well as support centers 11/16/2018

6 Virtual Organizations have…
Real resources that they share and manage May be computational resources May be scientific instruments May be bandwidth May be shared data and content Economic data Museum materials Cultural and artistic works A relatively small set of users who tend to travel in common circles Often the need to have some accounting and regulatory compliance 11/16/2018

7 Looking at V.O.s from a plumber’s view
11/16/2018

8 Virtual organizations vary…
By lifetime of VO Some are relatively short-term, perhaps 1-2 years Some may persist for extended periods By size By cluster – at any one time, experiments (virtual orgs) are active at Fermi Lab, CERN. A shuttle launch may need coordination among several vo’s that have equipment aboard. By type of domain-specific tools A number are using Grids A number subscribe to major scientific data streams Some have no domain-specific tools 11/16/2018

9 Being a VO is hard… There are new requirements for security
There is the need for development of operational models that integrate requirements from sites with requirements from science Simplified end-user tools that are consistent with the rest of a user’s experience would be very helpful. Diagnostics across so many systems is difficult and getting significantly worse 11/16/2018

10 Being a VO is hard… Many resources use geographically-oriented access controls Regulatory requirements might span countries The local IT infrastructure of members of a VO may vary widely Tools are not designed to work together, present a common management infrastructure, etc. 11/16/2018

11 The Common Requirements
Communications support Multiple options for real-time and asynchronous intraVO work Integrated into the rest of one’s “presence” Collaboration support Transparent web content access control Workflow Diagnostics Plumbing the control plane into the domain science systems and virtual organization software Plumbing the vo technologies into the local enviroment 11/16/2018

12 Support services VO Service Center Collaboration services
Plumbing Into domain applications Collaboration services Communication services Enterprise based virtual organization shims Core middleware federation 11/16/2018

13 Communication support
Add this address book to my desktop video client as a vo setup Shared calendar access: Grant the following roles in my vo permission to read my calendar at a campus-equivalent level A “transparently manageable” mail list for the vo. Provide and maintain an IM buddy list for the vo Diagnostics 11/16/2018

14 Collaboration support
A transparent and managed wiki A transparent and managed set of web access controls Role based authorization Workflow A p2p trust fabric for vo use Data models Of the data Of the meta-data – what are the privileges, rights. Etc Management of international issues in privacy, copyright, etc. 11/16/2018

15 Plumbing the control plane
Management of the management aspects of the domain tools Domain tools include Globus for Grids, Chemistry workbench, a historical data archive manager, etc. Management aspects deal largely with managing users and uses, but can have initial configuration components “2% of the science, 50% of the pain …” Providing a common user experience for both enterprise and vo systems Today, each app believes it is the only one in your life… Common models, terminology, controls, etc. Distinct privileges being managed Integration of vo and enterprise Students in class X can run vo experiment Y VO and enterprise requirements can be joined 11/16/2018

16 Example University financials 1
11/16/2018

17 Example University financials 2
11/16/2018

18 VO authorization 1 11/16/2018

19 VO authorization 2 11/16/2018

20 VO authorization 3 11/16/2018

21 The Model: Enterprises, Federations, VO’s
Given the strong collaborations within the academic community, there is an urgent need to create inter-realm tools, so Build consistent campus and enterprise middleware infrastructure deployments, with outward facing objectclasses, service points, etc. and then Federate those enterprise deployments, using the outward facing campus infrastructure, with interrealm attribute transports, trust services, etc. and then Leverage that federation to enable a variety of applications from network authentication to instant messaging, from video to web services, and then, going forward Create tools and templates that support the management and collaboration of virtual organizations by building on the federated campus infrastructures. 11/16/2018

22 MACE (Middleware Architecture Committee for Education)
Purpose - to provide advice, create experiments, foster standards, etc. on key technical issues for core middleware within higher education Membership - Bob Morgan (UW) Chair, Tom Barton (Chicago), Scott Cantor (Ohio State), Steven Carmody (Brown), Michael Gettes (Duke), Keith Hazelton (Wisconsin), Paul Hill (MIT), Jim Jokl (Virginia), Mark Poepping (CMU), Lynn McRae (Stanford), David Wasley (California), Von Welch (Grid) International members - Brian Gilmore (Edinburgh), Ton Verschuren (Netherlands), Diego Lopez (Spain), Rodney McDuff (Australia) Creates working groups in major areas, including directories, interrealm access control, PKI, video, P2P, etc. Works via conference calls, s, occasional serendipitous in-person meetings... I suspect that some audiences aill need varying amounts of mitoivaition with respect to the “why should I care about middleware” question. - why should I care about middleware? - why does it need a HE/I2 initiative? - Related initiatives… globus/grid, … - Relation to the NMI... 11/16/2018

23 RL “Bob” and Keith 11/16/2018

24 Indoor Plumbing for Application Communities
VO 4 VO 2 VO 3 Virtual Organization 1 VO Service Center Enterprise 2 Enterprise 1 Enterprise 2 Enterprise 3 Enterprise 3 Enterprise 1 Enterprise 2 Enterprise 1 Enterprise 4 Enterprise 5 Enterprise 6 Enterprise 4 Enterprise 3 Enterprise 5 Enterprise 5 Enterprise 6 Enterprise 4 11/16/2018

25 Fitting the plumbing together
VO 4 VO 2 VO 3 Virtual Organization 1 VO Service Center Enterprise 2 Enterprise 1 Enterprise 2 Enterprise 3 Enterprise 3 Enterprise 1 Enterprise 2 Enterprise 1 Enterprise 4 Enterprise 5 Enterprise 6 Enterprise 4 Enterprise 3 Enterprise 5 Enterprise 5 Enterprise 6 Enterprise 4 11/16/2018

26 Fitting the plumbing together
VO 4 VO 2 VO 3 Virtual Organization 1 VO Service Center Enterprise 2 Enterprise 1 Enterprise 2 Enterprise 3 Enterprise 3 Enterprise 1 Enterprise 2 Enterprise 1 Enterprise 4 Enterprise 5 Enterprise 6 Enterprise 4 Enterprise 3 Enterprise 5 Enterprise 5 Enterprise 6 Enterprise 4 11/16/2018

27 This is harder than it appears…
A place where technology meets policy Constantly… Many apps need to be reengineered to use the plumbing Owning data is having power Scaling is a constant concern What policies there are are often ill-informed This all has to be real and rock solid 11/16/2018

28 Enterprise plumbing Identity Management Services
Authentication Directories Authorization Connecting Legacy Data Running the water in Managing the complex policy issues Enabling applications Reengineering legacy apps Infrastructure apps – , web, calendaring, netauth, etc “Specialty apps” – streaming video servers, repositories, grids, etc 11/16/2018

29 Early federations without plumbing
11/16/2018

30 What’s happening - federations
Shibboleth, SAML, Liberty and WS-Fed InCommon, InQueue, etc. Linkage with US Government e-Authentication Federations in varying stages of development in UK, Australia, Finland, Switzerland, Netherlands, France, Spain, etc. International peering meeting 11/16/2018

31 The Virtual Organization Support Space
Role of enterprise and of federation Role of virtual organization support center Role of virtual organization The business case for/against the model 11/16/2018

32 Enterprise and federation
Collaboration and communications infrastructure Common plumbing interface Storage of VO attributes in enterprise object classes Hosting VO services for some VO Federation Trust fabric for enterprise assertions Dissemination of VO objectclasses International trust fabric 11/16/2018

33 VO Service Centers To provide infrastructure services for users whose enterprises can’t play To coordinate the dissemination of enterprise shims relative to the vo’s supported in the area To coordinate international efforts for multi-national vo’s To help train vo’s in the use of the tools and the organizational issues 11/16/2018

34 Virtual organization Data and metadata models
Attribute and role definition Domain specific infrastructure 11/16/2018

35 Business model For Against Integrated environment for the users
Costs are relatively modest Large economies of scale Against A tricky bootstrap process Requires modest campus participation Greatest leverage is from widely based adoption 11/16/2018

Download ppt "Virtual organization support services:"

Similar presentations

Dr Ken Klingenstein Director, Internet2 Middleware and Security Emerging Infrastructure for Collaboration: Next Generation Plumbing.

Dr Ken Klingenstein Director, Internet2 Middleware and Security Emerging Infrastructure for Collaboration: Next Generation Plumbing.
The Basics of Federated Identity. Overview of Federated Identity and Grids Workshop Session 1 - for all Basics and GridShib Session 2 – more for developers.

The Basics of Federated Identity. Overview of Federated Identity and Grids Workshop Session 1 - for all Basics and GridShib Session 2 – more for developers.
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.

Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
Welcome to CAMP Shibboleth Ken Klingenstein, Director, Internet2 Middleware Initiative.

Welcome to CAMP Shibboleth Ken Klingenstein, Director, Internet2 Middleware Initiative.
Drive-By Dialogues. Presenter’s Name Topics The Long Strange Trip of I2 – NLR Merger A Brief Comment on Optical Networking Middleware Developments Security.

Drive-By Dialogues. Presenter’s Name Topics The Long Strange Trip of I2 – NLR Merger A Brief Comment on Optical Networking Middleware Developments Security.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST 24-27 May 2005, Edinburgh.

1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
Welcome Acknowledgments and thanks Security Acronymny: then and now What’s working What’s proving hard.

Welcome Acknowledgments and thanks Security Acronymny: then and now What’s working What’s proving hard.
Presenter’s Name InCommon Approximately 80 members and growing steadily More than two million “users” Most of the major research institutions (MIT joining.

Presenter’s Name InCommon Approximately 80 members and growing steadily More than two million “users” Most of the major research institutions (MIT joining.
InCommon Policy Conference April 2005. 2 Uses  In order to encourage and facilitate legal music programs, a number of universities have contracted with.

InCommon Policy Conference April Uses  In order to encourage and facilitate legal music programs, a number of universities have contracted with.
New CyberInfrastructure for Collaboration between Higher Ed and NIH.

New CyberInfrastructure for Collaboration between Higher Ed and NIH.
The Rise of Collaborative Tools Ken Klingenstein Project Director, Internet2 Middleware Initiative Chief Technologist, University of Colorado at Boulder.

The Rise of Collaborative Tools Ken Klingenstein Project Director, Internet2 Middleware Initiative Chief Technologist, University of Colorado at Boulder.
Welcome to CAMP Identity Management Integration Workshop Ann West NMI-EDIT EDUCAUSE/Internet2.

Welcome to CAMP Identity Management Integration Workshop Ann West NMI-EDIT EDUCAUSE/Internet2.
3 September 2015 Federated R US. Agenda  Background on Internet2 Middleware and NSF Middleware Initiative  The body of work  Directories  Shibboleth.

3 September 2015 Federated R US. Agenda  Background on Internet2 Middleware and NSF Middleware Initiative  The body of work  Directories  Shibboleth.
Authority, Virtual Organizations and Diagnostics: Building and Managing Complexity Ken Klingenstein Director, Internet2 Middleware and Security.

Authority, Virtual Organizations and Diagnostics: Building and Managing Complexity Ken Klingenstein Director, Internet2 Middleware and Security.
GridShib: Grid-Shibboleth Integration (Identity Federation and Grids) April 11, 2005 Von Welch

GridShib: Grid-Shibboleth Integration (Identity Federation and Grids) April 11, 2005 Von Welch
Shib in the present and the future Ken Klingenstein Director, Internet2 Middleware and Security.

Shib in the present and the future Ken Klingenstein Director, Internet2 Middleware and Security.
GridShib Grid-Shibboleth Integration Von Welch, Tom Barton, Kate Keahey, Frank Siebenlist GlobusWORLD 2005.

GridShib Grid-Shibboleth Integration Von Welch, Tom Barton, Kate Keahey, Frank Siebenlist GlobusWORLD 2005.
What is Cyberinfrastructure? Russ Hobby, Internet2 Clemson University CI Days 20 May 2008.

What is Cyberinfrastructure? Russ Hobby, Internet2 Clemson University CI Days 20 May 2008.
Middleware Support for Virtual Organizations Internet 2 Fall 2006 Member Meeting Chicago, Illinois Stephen Langella Department of.

Middleware Support for Virtual Organizations Internet 2 Fall 2006 Member Meeting Chicago, Illinois Stephen Langella Department of.
NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.

NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.

Similar presentations

Ads by Google