Presentation is loading. Please wait.

Presentation is loading. Please wait.

Inter-Institutional Registration UNC Cause December 4, 2007.

Similar presentations


Presentation on theme: "Inter-Institutional Registration UNC Cause December 4, 2007."— Presentation transcript:

1 Inter-Institutional Registration UNC Cause December 4, 2007

2 Background 500-600 students each year Various campus agreements –No consistency Paper-based process –Difficult for students –Difficult for administrators Registrars Financial aid University of North Carolina Online –Doesn’t scale

3 Goal Policy –System-wide consortia agreement –Registrars & Financial Aid Clearinghouse –Management –Tracking –Convenience Students Administrators

4 Inter-Institutional Registration Home InstitutionInter-institutional SystemVisited Institution 1. Search for Courses 2. Add to Bookbag Select Home Campus 3. Request Registration Sign In 4. Redirect Confirm & Process 5. Redirect if Successful Acknowledge NOTIFY 6. Authenticate Evaluate Request 7. Download Request Process 8. Approve & Enter Data NOTIFY Acknowledge 9. Authenticate Evaluate Request 10. Download Request Process 11. Approve & Enter Data NOTIFY View Status 12. Authenticate Fully Process credit hours financial aid cashier 13. Get Tuition Costs Done 14. Mark as Completed Student Registrar

5 Phased Approach Phase I - Manual Students –Find courses –Request registration Registrar –Approve/Deny via dashboard –Manually enter information Distributed Authentication Phase II - Web Services Eliminate Data Entry –Campus to Clearinghouse –Clearinghouse to Campus –ERP Streamline campus operation using Banner APIs

6 What is Shibboleth? Higher education standard –From Internet2 –Open standard –Open source implementation Federated approach –Single sign on –Signed attribute assertions Distributed authentication –Clearinghouse never sees credentials!

7 Shibboleth Architecture Service Provider (Inter-Institutional Clearinghouse) Campus A Identity Provider (tomcat) Enterprise Directory (LDAP, etc) Apache Service Provider - The entity willing to accept identity credentials and attributes in order to provide a service to the user. Identity Provider - The entity that knows information about the user and is willing to share that information with another party. Enterprise Directory - The local campus directory that contains the information to be shared.

8 Shibboleth Architecture Service Provider (Inter-Institutional Clearinghouse) Campus A User (via web browser) Identity Provider (tomcat) Enterprise Directory (LDAP, etc) Apache 1. Request Secured Content

9 Shibboleth Architecture Service Provider (Inter-Institutional Clearinghouse) Campus A User (via web browser) Identity Provider (tomcat) Enterprise Directory (LDAP, etc) Apache 1. Request Secured Content 2. Send Redirection Redirect 3. Request Auth. Form

10 Shibboleth Architecture Service Provider (Inter-Institutional Clearinghouse) Campus A User (via web browser) Identity Provider (tomcat) Enterprise Directory (LDAP, etc) Apache 1. Request Secured Content 2. Send Redirection Redirect 3. Request Auth. Form 4. Send HTML Form

11 Shibboleth Architecture Service Provider (Inter-Institutional Clearinghouse) Campus A User (via web browser) Identity Provider (tomcat) Enterprise Directory (LDAP, etc) Apache 1. Request Secured Content 2. Send Redirection Redirect 3. Request Auth. Form 4. Send HTML Form 5. Provide Credentials

12 Shibboleth Architecture Service Provider (Inter-Institutional Clearinghouse) Campus A User (via web browser) Identity Provider (tomcat) Enterprise Directory (LDAP, etc) Apache 1. Request Secured Content 2. Send Redirection Redirect 3. Request Auth. Form 4. Send HTML Form 5. Provide Credentials 5a. Authenticate

13 Shibboleth Architecture Service Provider (Inter-Institutional Clearinghouse) Campus A User (via web browser) Identity Provider (tomcat) Enterprise Directory (LDAP, etc) Apache 1. Request Secured Content 2. Send Redirection Redirect 3. Request Auth. Form 4. Send HTML Form 5. Provide Credentials 5a. Authenticate 6. Embed Assertion 7. Send Assertion

14 Shibboleth Architecture Service Provider (Inter-Institutional Clearinghouse) Campus A User (via web browser) Identity Provider (tomcat) Enterprise Directory (LDAP, etc) Apache 1. Request Secured Content 2. Send Redirection Redirect 3. Request Auth. Form 4. Send HTML Form 5. Provide Credentials 5a. Authenticate 6. Embed Assertion 7. Send Assertion 7a. Exchange Attributes

15 Shibboleth Architecture Service Provider (Inter-Institutional Clearinghouse) Campus A User (via web browser) Identity Provider (tomcat) Enterprise Directory (LDAP, etc) Apache 1. Request Secured Content 2. Send Redirection Redirect 3. Request Auth. Form 4. Send HTML Form 5. Provide Credentials 5a. Authenticate 6. Embed Assertion 7. Send Assertion 7a. Exchange Attributes 8. Send Secured Content

16 UNC Federation General Admin ASUECUECSUFSU NCA&T NCCUNCSANCSUUNCAUNCCHUNCCUNCG UNCP UNCWWCUWSSU Service Provider Demo

17 Security - Ideal Internet Firewall Private Network ASUUNC-GAWSSU … …

18 Security - Actual Internet Firewall ASU Firewall UNC-GA Firewall WSSU ……

19 Shibboleth Security Solution = Public Key Cryptography –x509 open standard Service ProviderCampus A User (via web browser) Identity Provider Enterprise Directory Apache SSL Encryption Server Certificate signed by well known Certificate Authority (CA) SSL Signed & Encrypted

20 Web Services Machine-to-machine communication over a network: –Standard protocols/formats –Simplifies exchange of data –Using standard web technologies HTTP XML Platform agnostic Vendor agnostic

21 Why Web Services? Cost effective –Open standards architecture –Acts as middleware between heterogeneous systems Automate –Entry of bio-demo information –Enrollment & registration in campus student system –Fee assessment –Fee posting

22 Standard Architecture Service Provider –Owner of the process –Platform that hosts access to the service Service Requestor –Client to request and consume a service –Manual or automated initiation Service Registry –Searchable directory of published service descriptions Service Provider Service Requestor Service Registry

23 Standard Architecture Service –Software module deployed on a network accessible platform Service Description –Details of the implementation –Data types –Operations –Binding information –Network location Service Provider Service Requestor Service Registry Service Description

24 Standard Architecture WSDL (Web Services Definition Language) defines –message formats –data types –transport protocols –transport serialization formats Service Provider Service Requestor Service Registry Service Description Publish WSDL Service Description Find

25 Standard Architecture SOAP - Service Oriented Architecture Protocol –Framework for packaging and exchanging XML messages –Typically sent using HTTP –Language and platform independent –Lightweight protocol Service Provider Service Requestor Service Registry Service Description Publish WSDL Service Description Find Bind SOAP, WSDL

26 Inter-Institutional Web Services (Phase II) 3 distinct web services –Each university implements –Implementation can differ depending on internal processes –Implementation should make use of APIs provided by Banner & PeopleSoft Clearinghouse consumes these services Services are invoked via human intervention within the clearinghouse Service Provider Service Description Bind SOAP, WSDL Service Requestor

27 Web Service #1 (GET_BIODEMO_INFO) Home InstitutionInter-institutional SystemVisited Institution 1. Search for Courses 2. Add to Bookbag Select Home Campus 3. Request Registration Sign In 4. Redirect Confirm & Process 5. Redirect if Successful Acknowledge NOTIFY 6. Authenticate Evaluate Request 7. Download Request Process 8. Approve & Enter Data NOTIFY Acknowledge 9. Authenticate Evaluate Request 10. Download Request Process 11. Approve & Enter Data NOTIFY View Status 12. Authenticate Fully Process credit hours financial aid cashier 13. Get Tuition Costs Done 14. Mark as Completed Student Registrar #1

28 Web Service #1 (GET_BIODEMO_INFO) Home Campus Registrar initiates –From within clearinghouse Clearinghouse consumes service –Passes unique student identifier –Service uses identifier to obtain bio/demo data –Returns data to clearinghouse Home Campus Registrar proceeds with work flow

29 Web Service #2 (REGISTER_STUDENT) Home InstitutionInter-institutional SystemVisited Institution 1. Search for Courses 2. Add to Bookbag Select Home Campus 3. Request Registration Sign In 4. Redirect Confirm & Process 5. Redirect if Successful Acknowledge NOTIFY 6. Authenticate Evaluate Request 7. Download Request Process 8. Approve & Enter Data NOTIFY Acknowledge 9. Authenticate Evaluate Request 10. Download Request Process 11. Approve & Enter Data NOTIFY View Status 12. Authenticate Fully Process credit hours financial aid cashier 13. Get Tuition Costs Done 14. Mark as Completed Student Registrar #1 #2

30 Web Service #2 (REGISTER_STUDENT) Visited Campus Registrar initiates –From within the clearinghouse –Provides student ID number if this student has attended before Clearinghouse consumes service –Passes all Bio/Demo and course information –Register the student 1.Create/update the student in Banner/PeopleSoft 2.Admit the student 3.Register student into approved course –Return information –Student’s unique identifier –Course fees (if automatically assessed at time of registration)

31 Web Service #3 (FINALIZE_REGISTRATION) Home InstitutionInter-institutional SystemVisited Institution 1. Search for Courses 2. Add to Bookbag Select Home Campus 3. Request Registration Sign In 4. Redirect Confirm & Process 5. Redirect if Successful Acknowledge NOTIFY 6. Authenticate Evaluate Request 7. Download Request Process 8. Approve & Enter Data NOTIFY Acknowledge 9. Authenticate Evaluate Request 10. Download Request Process 11. Approve & Enter Data NOTIFY View Status 12. Authenticate Fully Process credit hours financial aid cashier 13. Get Tuition Costs Done 14. Mark as Completed Student Registrar #1 #2#3

32 Web Service #3 (FINALIZE_REGISTRATION) Home Campus Registrar initiates –From within clearinghouse Clearinghouse consumes service –Passes tuition/fee and course data –Cache data in new tables (specifically for this purpose) Processed in batch mode Applied to student’s account –No automated processing of student data

33 Conclusion Lookup & tracking service –Students –Registrars Phase I = Fall 2008 –Shibboleth (required for participation) Phase II = At campus’ discretion –Web Services –UNCG pilot for Banner schools –Suggest PeopleSoft campuses collaborate as well

34 Questions & Discussion


Download ppt "Inter-Institutional Registration UNC Cause December 4, 2007."

Similar presentations


Ads by Google