Presentation is loading. Please wait.

Presentation is loading. Please wait.

05 October 2001 Directories: The Next Stage Keith Hazelton, Senior IT Architect University of Wisconsin-Madison Keith Hazelton, Senior IT Architect University.

Published byHelena Owen Modified over 9 years ago

Similar presentations

Presentation on theme: "05 October 2001 Directories: The Next Stage Keith Hazelton, Senior IT Architect University of Wisconsin-Madison Keith Hazelton, Senior IT Architect University."— Presentation transcript:

1 05 October 2001 Directories: The Next Stage Keith Hazelton, Senior IT Architect University of Wisconsin-Madison Keith Hazelton, Senior IT Architect University of Wisconsin-Madison

2 5-Oct-01 2 N O T E ! ! ! For this morning’s session, send questions via email to: mw-vimm-questions@ internet2.edu

3 5-Oct-01 3 Directories, the Next Stage: Outline MACE-Dir growth courtesy of NMI Game plan for this morning’s session Projects directly under MACE-Dir eduPerson, other object classes Shibboleth support Affiliated directories & VidMid dir bits

4 5-Oct-01 4 MACE-Dir growth courtesy of NMI NSF Middleware Initiative (NMI) NSF-funded program ($12m) to establish standard environment for scientific and educational computing Recipients: Internet2, Educause, SURA, Grids

5 5-Oct-01 5 MACE-Dir growth courtesy of NMI Directory work prominent in Internet2 NMI Panelists: volunteers of yesteryear, their home institutions will now be reimbursed The top tasks for year one? Watch today’s presentations

6 5-Oct-01 6 MACE-Dir growth courtesy of NMI I2 Middleware Architecture Committee for Education Shibboleth VidMid HEPKIMACE-Dir Groups MetadirAffil. Dirs....

7 5-Oct-01 7 MACE-Dir growth courtesy of NMI MACE-Dir Technical Advisory Board World class experts like: David Chadwick (X.500 fame) Kurt Zeilenga (IBM, OpenLDAP) Kim Cameron (MS, Zoomit) & more To stress-test and improve our ideas

8 5-Oct-01 8 Gameplan for this session Keith Hazelton: eduObjects, affiliated dirs. Michael Gettes: Dir. of Dirs. for Higher Ed. Tom Barton: Groups and roles in directories Richard Jones: Metadirectories Panel discussion / Q & A

9 5-Oct-01 9 eduPerson, other eduObject classes eduObjects: People, Organizations, Services, Resources,… Widely implemented common attributes Extensible object classes (your attr.here) Lower impedance in application access to info No need to invest in your own wheel factory

10 5-Oct-01 10 eduPerson, other eduObject classes The tough parts: Being smart in picking the attributes worth the long, hard journey to consensus Being modest about how much of the ocean to boil Engaging the critical stakeholders Promulgating achieved goodness

11 5-Oct-01 11 eduObject win: Shibboleth support Authenticate locally, access resources globally Secure sharing of authorization information between home institution and target site eduOrganization information essential

12 5-Oct-01 12 eduObject win: Shibboleth support Person taking a for-credit course at a different institution: Need to define, create and share new data elements such as class names, majors, without risking naming chaos Need to define equivalency mappings

13 5-Oct-01 13 eduObject win: Shibboleth support And further out there: What if we had shareable object classes that could carry access control policies? A more flexible and dynamic Shibboleth

14 5-Oct-01 14 Affiliated directories Discarded goal: Single huge institutional directory with all attributes anyone and any application will ever need New goal: One institutional directory that manages identity across IT systems; Plus a federation of special-purpose directories with complementary contents

15 5-Oct-01 15 Affiliated directories wins If we find a solid approach and offer tools: NASA could launch object classes at the same time as a new International Space Station experimental module Auto-linked to the assigned investigators at research centers and universities Keep investigator contact info current

16 5-Oct-01 16 Affiliated directories wins MACE-VidMid could create vendor supported solution for authenticated, controlled access to video streams Basic person information in general purpose directory Video attributes in application-specific directory Mappings from person to workstation

17 5-Oct-01 17 Affiliated directories: the challenges How to associate an attribute value with its ultimate, authoritative source, and trust that it has not been altered in transit Digital signatures look like part of the solution How to agree upon who is authoritative for what

18 5-Oct-01 18 Affiliated directories: the challenges How to link identities across directories How to make the linkage persistent in the face of identifier changes How not to degrade privacy as information repositories aggregate bits and pieces of personal information

19 5-Oct-01 19 Affiliated directories: the challenges Not to mention synchronizing data without benefit of synchronization standards If MACE-Dir and its working groups can meet challenges such as these, NMI will have gotten real value for its investment

20 5-Oct-01 20 Conclusion Track NMI Directory work, or better yet, participate http://middleware.internet2.edu

Download ppt "05 October 2001 Directories: The Next Stage Keith Hazelton, Senior IT Architect University of Wisconsin-Madison Keith Hazelton, Senior IT Architect University."

Similar presentations

04 June 2002, TERENA, Limerick MACE: Directories at Work Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Chair, MACE-Dir Working Group.

04 June 2002, TERENA, Limerick MACE: Directories at Work Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Chair, MACE-Dir Working Group.
FAME-PERMIS Project University of Manchester University of Kent London, July 2006.

FAME-PERMIS Project University of Manchester University of Kent London, July 2006.
1 Leveraging Your Existing Campus Systems to Access Resource Partners: Federated Identity Management and Tales of Campus Participation EDUCAUSE 2006 October.

1 Leveraging Your Existing Campus Systems to Access Resource Partners: Federated Identity Management and Tales of Campus Participation EDUCAUSE 2006 October.
EduPerson and Federated K-12 Activities InCommon/Quilts Pilot Group February 27, 2014 Keith Hazelton UW-Madison, InCommon/I2.

EduPerson and Federated K-12 Activities InCommon/Quilts Pilot Group February 27, 2014 Keith Hazelton UW-Madison, InCommon/I2.
Internet2 Middleware BASE CAMP slides Michael R. Gettes Principal Technologist Georgetown University

Internet2 Middleware BASE CAMP slides Michael R. Gettes Principal Technologist Georgetown University
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.

Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
Welcome to CAMP Shibboleth Ken Klingenstein, Director, Internet2 Middleware Initiative.

Welcome to CAMP Shibboleth Ken Klingenstein, Director, Internet2 Middleware Initiative.
Welcome to CAMP! Ken Klingenstein, Director, Internet2 Middleware Initiative.

Welcome to CAMP! Ken Klingenstein, Director, Internet2 Middleware Initiative.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.

Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
NSF Middleware Initiative: GridShib Tom Barton University of Chicago.

NSF Middleware Initiative: GridShib Tom Barton University of Chicago.
CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,

CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,
InCommon Policy Conference April 2005. 2 Uses  In order to encourage and facilitate legal music programs, a number of universities have contracted with.

InCommon Policy Conference April Uses  In order to encourage and facilitate legal music programs, a number of universities have contracted with.
Welcome to CAMP Identity Management Integration Workshop Ann West NMI-EDIT EDUCAUSE/Internet2.

Welcome to CAMP Identity Management Integration Workshop Ann West NMI-EDIT EDUCAUSE/Internet2.
NMI-EDIT Outreach: The first five years. Topics for Today  NMI-EDIT background  Activities  Outcomes  Resources.

NMI-EDIT Outreach: The first five years. Topics for Today  NMI-EDIT background  Activities  Outcomes  Resources.
Directories and PKI Keith Hazelton Senior IT Architect, UW-Madison PKI Summit, Snowmass, 9-Aug-01.

Directories and PKI Keith Hazelton Senior IT Architect, UW-Madison PKI Summit, Snowmass, 9-Aug-01.
EDUCAUSE PKI Working Group Where Are We and Where are We Going.

EDUCAUSE PKI Working Group Where Are We and Where are We Going.
07 May 2002, I2 Member Meeting MACE: Directories at Work Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Chair, MACE-Dir Working Group.

07 May 2002, I2 Member Meeting MACE: Directories at Work Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Chair, MACE-Dir Working Group.
Ray Collins27th September 2005LGfL Project – workshop report1 LGfL Project Report Proof of Principle of the Shibboleth Authentication & Authorisation Infrastructure.

Ray Collins27th September 2005LGfL Project – workshop report1 LGfL Project Report Proof of Principle of the Shibboleth Authentication & Authorisation Infrastructure.
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.

3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.
Directory Services at UMass  Directory Services Overview  Some common definitions  What can a directory do or not do?  User Needs Assessment  What.

Directory Services at UMass  Directory Services Overview  Some common definitions  What can a directory do or not do?  User Needs Assessment  What.

Similar presentations

Ads by Google