Presentation is loading. Please wait.

Presentation is loading. Please wait.

Recent Developments in Directories Tom Barton, University of Chicago Keith Hazelton, University of Wisconsin.

Published byAlaina Coral Wells Modified over 9 years ago

Similar presentations

Presentation on theme: "Recent Developments in Directories Tom Barton, University of Chicago Keith Hazelton, University of Wisconsin."— Presentation transcript:

1 Recent Developments in Directories Tom Barton, University of Chicago Keith Hazelton, University of Wisconsin

2 14 October 2003Internet2 Fall Member Meeting2 Outline Major themes Naming & structure for courses Group management toolset Non-eduPerson persons! Roundup of other active threads Prospective: Authorization Pipe up with questions or comments at any time!!

3 14 October 2003Internet2 Fall Member Meeting3 MACE-CourseID Working Group Launched July, 2003 http://middleware.internet2.edu/courseID/ Major project goals 1.Propose a standard data element syntax to describe courses and hierarchical components of courses. 2.Propose a schema describing courses and course components…

4 14 October 2003Internet2 Fall Member Meeting4 MACE-CourseID Working Group 2. Propose a schema describing courses and course components that: conforms to IMS standards or requirements for course description maps readily from existing applications that utilize course descriptions such as administrative data systems, instructional management systems,etc. Is Shibboleth compliant, to further leverage Shibboleth developments to enable authorization based on course enrollment Is valid for inter-institutional as well as international collaborations

5 14 October 2003Internet2 Fall Member Meeting5 Course Object Structure D R A F T Tom Barton et al. A Course is Offered in a given Session by means of one or more Sections that have specified Meetings. Four ways to represent Cross Listings. Sections have Roles (ala IMS). Metadata about courses, sessions, meetings is unspecified … and therefore general enough!

6 14 October 2003Internet2 Fall Member Meeting6 Single, globally unique identifier for Course offering at section level D R A F T, G. Agnew, K. Hazelton The CourseID WG would name some agent to register as a namspace authority under the MACE urn, requesting that they be assigned the urn namespace urn:mace:courseid Institutions would be encouraged to identify courses under their dns name, e.g. urn:mace:courseid:uchicago.edu…

7 14 October 2003Internet2 Fall Member Meeting7 Single, globally unique identifier for Course offering at section level D R A F T, G. Agnew, K. Hazelton Local course offering identifiers could be formed by combining whatever the institution uses as the short name in the timetable of course offerings with some indicator of the particular session in question as well as the primary section, e.g. urn:mace:courseid:uchicago.edu:Ph ysics-101:fall-2004:section-01

8 14 October 2003Internet2 Fall Member Meeting8 Single, globally unique identifier for Course offering at section level D R A F T, G. Agnew, K. Hazelton Choices ahead on formation of course-offering- section identfiers More prescriptive, standardized vs. more local autonomy, local preferences –Stipulate ISO start-end dates rather than idiomatic “fall-04” More opaque vs. more suggestive components –:uchicago.edu:35433:A2334:3002-1 vs. earlier example More self-contained vs. more reliant on associated metadata –:uchicago.edu:IPEDS-Physics-sequence-for-majors:first-semester- ….section-lead:j-spencer01

9 14 October 2003Internet2 Fall Member Meeting9 Discussion items Scope of CourseID work What to work on What to work on first, second,… What NOT to tackle (leave for others) Scenarios offer guidance on scope question Tug between mind sets of WG participants – requirements to support individual Shib pilots – requirements to support general IMS models Related initiatives Inter-group coordination

10 14 October 2003Internet2 Fall Member Meeting10 Group toolset: a brief history February 2002: “Practices in Directory Groups” completed Operational issues attending deployments of groups: –Automated update from source systems –Ad hoc maintenance delegated to individuals or processes –Maintaining referential integrity –Provisioning of group information in multiple locations –Orderly removal of stale groups (aging) –Partial orderings of groups (e.g., subgroups) –Direct vs. indirect membership –Group math: referring to set theoretic combinations of groups –Meeting security, privacy, & visibility requirements

11 14 October 2003Internet2 Fall Member Meeting11 Group toolset: a brief history June 2002: Initial discussion of RIbot, Grouper, GASP July 2002: “SAGE” replaces “GASP”, then discussion thread GASPs… November 2002: initial “SAGE Scenarios” draft February 2003: restart MACE-Dir-Groups conference calls to develop SAGE Scenarios doc

12 14 October 2003Internet2 Fall Member Meeting12 Group toolset: a brief history “SAGE Scenarios” released with NMI R3 in April 2003. High level requirements Don’t build a metadirectory Automatic processing for enterprise groups Manual processing for ad hoc groups Multiple representations (in ldap) Multiple group types (security, courses, roles, …) Group math Web service

13 14 October 2003Internet2 Fall Member Meeting13 Group toolset: a brief history May 2003: design oriented discussions begin June 2003: We discover that “SAGE” name is taken July 2003: Inception of “export Stanford’s Authority Manager” idea August-September 2003: “Grouper” replaces “SAGE” Begin consideration of relationship between Stanford’s work and MACE-Dir-Groups (ergo, “Group Toolset”) October 2003: Straw Man architecture

14 14 October 2003Internet2 Fall Member Meeting14

15 14 October 2003Internet2 Fall Member Meeting15 Group Toolset architecture elements http://middleware.internet2.edu/dir/groups/docs/draft- barton-grouptools-arch-01.html Stream Loader – automated Processes streams of records according to a set of rules to add/remove members from groups Must already have an identity management system – distinct member identifiers in source streams must refer to distinct real world objects Groups Manager Applications – ad hoc Delegate aspects of group management to humans One per “type” of group being managed

16 14 October 2003Internet2 Fall Member Meeting16 Group Toolset architecture elements Groups Registry Relational database containing membership & other group metadata Supports multiple (locally defined) group types –Basic –Course (ala courseID work, perhaps) –Department –Role –Your type here Supports multiple “membership attributes” –Members, owners, enrollees, instructors, TAs, permissions, obligations, … Supports subgroups

17 14 October 2003Internet2 Fall Member Meeting17 Group Toolset architecture elements API Integrates all access to the Groups Registry by elements of this architecture Serializes updates Determines & enumerates atomic changes Provisioning Connectors Pulls all changes since last change number Responsible for all aspects of group presentation in connected consumer LDAP, AD, flat files, xml docs, …

18 14 October 2003Internet2 Fall Member Meeting18 Group Toolset: next steps Refine the architecture into finer level of detail Resolve several thorny issues Nature of rules to process streams Representation of compound groups Representation of changes Decide which subset of the result should be built, initially

19 14 October 2003Internet2 Fall Member Meeting19 otherPerson schema efforts localPerson schema survey by MACE- Dir Int’l coordination of person schema efforts

20 14 October 2003Internet2 Fall Member Meeting20 localPerson schema survey by MACE-Dir http://middleware.internet2.edu/dir/ http://middleware.internet2.edu/dir/localsurvey.ht ml

21 14 October 2003Internet2 Fall Member Meeting21 localPerson schema survey by MACE-Dir institution-level need for attributes not provided in existing object classes describe the attributes you’ve added & why have you created a container object class for them? Auxiliary, structural?

22 14 October 2003Internet2 Fall Member Meeting22 localPerson schema survey by MACE-Dir Are there emergent common or best practices? Are there some attributes that could be promoted to eduPerson? Other actions suggested by survey results? Thanks to Brendan Bellina (Notre Dame) and Ann West (Mich. Tech. U) for driving this!

23 14 October 2003Internet2 Fall Member Meeting23 Int’l Collaboration on Schema Work Person schema activities are flourishing http://domen.uninett.no/~im/schema/ http://domen.uninett.no/~im/schema/ (Ingrid Melve, Uninett) norEduPerson funetEduPerson swissEduPerson NLEduPerson DEEP survey questions on schema needs & further afield, WALAP activity in Australia

24 14 October 2003Internet2 Fall Member Meeting24 Collaboration on Schema Work What to work toward? (In order of increasing difficulty and decreasing probability of success) Agreement on a list of interesting attributes Common syntax and semantics across schema for given attribute type –A kind of inter-federation diplomatic activity Agreement on inclusion in a standard schema –eduPerson? –Next release of X.520? –Other candidates? Processes for ongoing schema coordination Even common syntax & semantics would boost interoperability in attribute mapping

25 14 October 2003Internet2 Fall Member Meeting25 Collaboration on Schema Work How will we do the work? Internet2 is scheduling a concentrated series of conference calls Europe & US (one set of calls) …and Pacific -- US (a second, parallel set of calls) Charter is to tackle the identified work items Time permitting, move on to organizational object schema

26 14 October 2003Internet2 Fall Member Meeting26 Roundup of other activity eduPersonScopedAffiliation attribute Driven by Shibboleth needs Syntax like eduPersonPrincipalName –student@brown.edu Raises problems about who is authorized to assert what –An “inter-realm metadirectory function” –A field full of ratholes and land mines… eduPersonAffiliation value vocabulary growth Prospect, parent

27 14 October 2003Internet2 Fall Member Meeting27 Roundup of other activity eduPerson implementation files.ldif,.schema, programmatic loader eduOrg Should it support Shibboleth based Federations? H.350 & video middleware cookbook http://metric.it.uab.edu/vnet/cookbook LDAP Analyzer Will rev to track changes to eduPerson, eduOrg, & H.350.

28 14 October 2003Internet2 Fall Member Meeting28 Roundup of other activity isMemberOf What: attribute in member objects that lists references to groups to which that object belongs Status: Related work in IETF being reviewed, prior to submitting a proposal to ITU study group 16 to include in X.520.

29 14 October 2003Internet2 Fall Member Meeting29 Authorization Perspective on MACE-Dir Work Areas Support for authZ: metadir, registry, directory Coming to fore in Group toolset work with Grouper, Stanford Info model to support authZ requirements: –Non-person objects (courses, services, resources,...) –Relationally structured authZ info: "instructors in physics” –Identifiers for each and every one of these info objects (principles on naming)

30 14 October 2003Internet2 Fall Member Meeting30 MACE-Dir BoF Where: Lincoln room When: 5:45 – 7:15 tonight (i.e., now) What: Discussion of future work Food & drink

Download ppt "Recent Developments in Directories Tom Barton, University of Chicago Keith Hazelton, University of Wisconsin."

Similar presentations

04 June 2002, TERENA, Limerick MACE: Directories at Work Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Chair, MACE-Dir Working Group.

04 June 2002, TERENA, Limerick MACE: Directories at Work Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Chair, MACE-Dir Working Group.
EduPerson and Federated K-12 Activities InCommon/Quilts Pilot Group February 27, 2014 Keith Hazelton UW-Madison, InCommon/I2.

EduPerson and Federated K-12 Activities InCommon/Quilts Pilot Group February 27, 2014 Keith Hazelton UW-Madison, InCommon/I2.
Managing Roles & Privileges with Grouper and Signet Middleware Nate Klingenstein (some words stolen from Tom Barton & Lynn Mcrae) Helsinki EuroCAMP, April.

Managing Roles & Privileges with Grouper and Signet Middleware Nate Klingenstein (some words stolen from Tom Barton & Lynn Mcrae) Helsinki EuroCAMP, April.
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.

Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
Integration Technologies for Grouper & Signet Tom Barton, U Chicago Joy Veronneau, Cornell Gary Brown, U Bristol Lynn McRae, Stanford.

Integration Technologies for Grouper & Signet Tom Barton, U Chicago Joy Veronneau, Cornell Gary Brown, U Bristol Lynn McRae, Stanford.
Schema: eduPerson views Michael R Gettes Duke University EuroCAMP, November 2005.

Schema: eduPerson views Michael R Gettes Duke University EuroCAMP, November 2005.
Recent Developments in Directories Tom Barton, University of Chicago Keith Hazelton, University of Wisconsin.

Recent Developments in Directories Tom Barton, University of Chicago Keith Hazelton, University of Wisconsin.
Lecture Nine Database Planning, Design, and Administration

Lecture Nine Database Planning, Design, and Administration
IRS XML Standards & Tax Return Data Strategy For External Discussion June 30, 2010.

IRS XML Standards & Tax Return Data Strategy For External Discussion June 30, 2010.
OCLC Online Computer Library Center A Global OpenURL Resolver Registry Phil Norman OCLC Dlsr4lib Workshop March 23 rd, 2006 Arlington VA.

OCLC Online Computer Library Center A Global OpenURL Resolver Registry Phil Norman OCLC Dlsr4lib Workshop March 23 rd, 2006 Arlington VA.
Introduction to UDDI From: OASIS, Introduction to UDDI: Important Features and Functional Concepts.

Introduction to UDDI From: OASIS, Introduction to UDDI: Important Features and Functional Concepts.
Learning Information Services Exchanging Data Between Enterprise Systems.

Learning Information Services Exchanging Data Between Enterprise Systems.
Welcome to CAMP Identity Management Integration Workshop Ann West NMI-EDIT EDUCAUSE/Internet2.

Welcome to CAMP Identity Management Integration Workshop Ann West NMI-EDIT EDUCAUSE/Internet2.
Introduction to Group Management Tom Barton, Blair Christensen University of Chicago.

Introduction to Group Management Tom Barton, Blair Christensen University of Chicago.
Directories Update: Status & Next Steps Tom Barton, University of Chicago Keith Hazelton, University of Wisconsin.

Directories Update: Status & Next Steps Tom Barton, University of Chicago Keith Hazelton, University of Wisconsin.
This chapter is extracted from Sommerville’s slides. Text book chapter 29 1 1.

This chapter is extracted from Sommerville’s slides. Text book chapter
Signet and Grouper for Distributed Attribute Administration

Signet and Grouper for Distributed Attribute Administration
07 May 2002, I2 Member Meeting MACE: Directories at Work Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Chair, MACE-Dir Working Group.

07 May 2002, I2 Member Meeting MACE: Directories at Work Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Chair, MACE-Dir Working Group.
Database System Development Lifecycle © Pearson Education Limited 1995, 2005.

Database System Development Lifecycle © Pearson Education Limited 1995, 2005.
Mairéad Martin The University of Tennessee September 13, 2015 Federated Digital Rights Management.

Mairéad Martin The University of Tennessee September 13, 2015 Federated Digital Rights Management.

Similar presentations

Ads by Google