Presentation is loading. Please wait.

Presentation is loading. Please wait.

Schema: eduPerson views Michael R Gettes Duke University EuroCAMP, March 2005.

Published byVirgil Harrington Modified over 9 years ago

Similar presentations

Presentation on theme: "Schema: eduPerson views Michael R Gettes Duke University EuroCAMP, March 2005."— Presentation transcript:

1 Schema: eduPerson views Michael R Gettes Duke University EuroCAMP, March 2005

2 Whence we came  Phoenix, Arizona Airport, February 2000  Hazelton/Gettes set ground rules for development of eduPerson objectclass with eye towards DoDHE, “Shibboleth to be” and other inter-institutional applications. Low-hanging fruit and controlled vocabularies. Learn why schools will want more instead of flexibility A better definition than the “standard OCs” (like CN) Assist local directory implementations -- not be the answer! DomainComponent Naming (eduPerson, dukeEduPerson)  eduPerson 1.0 released Jan. 2001 First version July 2000 0.6 (or something like that)

3 Where we are now?  Schema (LDAP) for US Higher Education  Low hanging fruit, interoperable data Easy stuff that we can all agree is true  eduPerson + LDAP-Recipe go together Auxiliary OC extending Person, orgPerson, inetOrgPerson  localEduPerson local attributes are a local problem (clear enough?)  eduOrg (and edu* schemas being developed)  usPerson / govPerson? (work just beginning)  http://middleware.internet2.edu

4 Where are we going?  Use the past as a predictor of the future  Not much change in perspective  Current view is serving well  We are considering some new attributes  We are NOT expanding our vocabularies as much as we thought  Continuing struggle: local vs. non-local  Has been difficult getting Int’l involvement This has been improving over the last 18 months  UML for general schema; LDAP is one expression

5 eduPerson 200312  eduPerson OrgDN, OrgUnitDN, NickName, PrincipalName*, PrimaryAffiliation*, Affiliation* Entitlement*, ScopedAffiliation*,  eduPerson{Primary}Affiliation Values: faculty, student, staff, alumni, employee, member, affiliate Considering: parent, prospect

6 eduPersonPrincipalName  What is a Principal? (think security)  This is NOT a Kerberos Principal  And it is not a Mail Address gettes@duke.edu, pbh@mit.edu  An inter-institutional identifier  SINGLE-VALUE definition  Used by Shibboleth -- this was the intent from the beginning  But, used in ACLs by other tools as well

7 eduPersonScopedAffiliation  Driven by Shibboleth needs  Syntax like eduPersonPrincipalName student@brown.edu alumni@duke.edu subscriber@nytimes.com (!?!)  Raises problems about who is authorized to assert what An “inter-realm metadirectory function” A field full of ratholes and land mines…

8 eduPersonEntitlement  Original problem: how to change schema without changing schema. Needed by GRIDs  Values are URIs (URL or URN)  urn:mace: accepted by IETF and registered with IANA  Gives us a way to make values unique in the entitlement namespace without elaborate registry mechanism urn:mace:wisc.edu:bucky-bundle urn:mace:oclc:org:autho:NNNN urn:mace:duke.edu:library:oclc:contract-NNN  namespace registry by MACE

9 eduOrg 200210  Higher Ed Organization object class Basic organizational info attributes from X.520 –Telecomm, postal, locale eduOrgHomePageURI eduOrgIdentityAuthNPolicyURI eduOrgLegalName eduOrgSuperiorURI eduOrgWhitePagesURI

10 LDAP Analyzer (part of NMI)  Todd Piket, Michigan Tech  Web based tool to empirically analyze a directory  eduPerson compliance  Indexing and naming  LDAP-Recipe guidance (good practice)  H.350 compliance  eduOrg compliance http://middleware.internet2.edu/dir/

11 Other related work  eduCourse Separate Working Group Current Status: ????  H.350 Effort associated with Internet2 Vid-Mid working group. VidMid + MACE-Dir co-developed. Pushed through ITU by Tyler Johnson, UNC

12 LDIF Management  See http://www.educause.edu/eduperson  LDIF used to describe schema and also manage schema. Provides history and technical details in one place.  File File

13  Other Questions???

Download ppt "Schema: eduPerson views Michael R Gettes Duke University EuroCAMP, March 2005."

Similar presentations

Vidmid-vc: Middleware for Video Conferencing Services

Vidmid-vc: Middleware for Video Conferencing Services
Secure Videoconferencing Jill Gemmill, UAB. Room for Improvement… Videoconferencing applications today No resource discovery – need to already know address.

Secure Videoconferencing Jill Gemmill, UAB. Room for Improvement… Videoconferencing applications today No resource discovery – need to already know address.
04 June 2002, TERENA, Limerick MACE: Directories at Work Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Chair, MACE-Dir Working Group.

04 June 2002, TERENA, Limerick MACE: Directories at Work Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Chair, MACE-Dir Working Group.
All About Attributes (in federated identity) Nate Klingenstein 30 January 2007 OGF 19 Chapel Hill.

All About Attributes (in federated identity) Nate Klingenstein 30 January 2007 OGF 19 Chapel Hill.
Credentialing, Levels of Assurance and Risk: What’s Good Enough Dr. Michael Conlon Director of Data Infrastructure University of Florida.

Credentialing, Levels of Assurance and Risk: What’s Good Enough Dr. Michael Conlon Director of Data Infrastructure University of Florida.
Directory of Directories for Higher Education (DoDHE) October 5, 2001 Michael R. Gettes Principal Technologist Georgetown University Project Leader, DoDHE.

Directory of Directories for Higher Education (DoDHE) October 5, 2001 Michael R. Gettes Principal Technologist Georgetown University Project Leader, DoDHE.
EduPerson and Federated K-12 Activities InCommon/Quilts Pilot Group February 27, 2014 Keith Hazelton UW-Madison, InCommon/I2.

EduPerson and Federated K-12 Activities InCommon/Quilts Pilot Group February 27, 2014 Keith Hazelton UW-Madison, InCommon/I2.
Internet2 Middleware BASE CAMP slides Michael R. Gettes Principal Technologist Georgetown University

Internet2 Middleware BASE CAMP slides Michael R. Gettes Principal Technologist Georgetown University
Welcome to CAMP! Ken Klingenstein, Director, Internet2 Middleware Initiative.

Welcome to CAMP! Ken Klingenstein, Director, Internet2 Middleware Initiative.
Schema: eduPerson views Michael R Gettes Duke University EuroCAMP, November 2005.

Schema: eduPerson views Michael R Gettes Duke University EuroCAMP, November 2005.
Recent Developments in Directories Tom Barton, University of Chicago Keith Hazelton, University of Wisconsin.

Recent Developments in Directories Tom Barton, University of Chicago Keith Hazelton, University of Wisconsin.
1 Internet2 EduPerson 2nd TF-LSD meeting, Amsterdam, 2. February 2001 Peter Gietz

1 Internet2 EduPerson 2nd TF-LSD meeting, Amsterdam, 2. February 2001 Peter Gietz
A Middleware Unified Field Theory Identity Management / Directories Privileges / Groups Single Sign-On / Federation Enterprise Integration from network.

A Middleware Unified Field Theory Identity Management / Directories Privileges / Groups Single Sign-On / Federation Enterprise Integration from network.
Got Directory? January 28, 2004 TIP2004. 2015-06-01 2 metadirectory enterprise directory database departmental directories OS directories (MS, Novell,

Got Directory? January 28, 2004 TIP metadirectory enterprise directory database departmental directories OS directories (MS, Novell,
GGF2 -GIS WG \ GOS Grid Object Specification Presented by Gregor von Laszewski Developed under discussion by the whole working group and more July, 2001.

GGF2 -GIS WG \ GOS Grid Object Specification Presented by Gregor von Laszewski Developed under discussion by the whole working group and more July, 2001.
Florida’s Water Management District Permitting Website – Phase II (Permitting Portal II)

Florida’s Water Management District Permitting Website – Phase II (Permitting Portal II)
Peter Deutsch Director, I&IT Systems July 12, 2005

Peter Deutsch Director, I&IT Systems July 12, 2005
CAMP Integration Reflect & Join A Case Study The University of Texas Health Science Center at Houston William A. Weems Assistant Vice President Academic.

CAMP Integration Reflect & Join A Case Study The University of Texas Health Science Center at Houston William A. Weems Assistant Vice President Academic.
Configuration Management Supplement 67 Robert Horn, Agfa Healthcare.

Configuration Management Supplement 67 Robert Horn, Agfa Healthcare.
Welcome to CAMP Identity Management Integration Workshop Ann West NMI-EDIT EDUCAUSE/Internet2.

Welcome to CAMP Identity Management Integration Workshop Ann West NMI-EDIT EDUCAUSE/Internet2.

Similar presentations

Ads by Google