middleware: addressing the top it issues on campus renee woodten frost internet2 and university of...
TRANSCRIPT
![Page 1: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/1.jpg)
Middleware: Addressing the Top IT Issues on Campus
Renee Woodten FrostInternet2 and University of Michigan
CUMREC May 13, 2003
![Page 2: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/2.jpg)
CUMREC May 13, 2003
Outline
• Set the context
• Define middleware
• Outline the Top 10 issues
• Discuss the relevancy of middleware
• Introduce NSF Middleware Initiative
• Highlight available resources and educational opportunities
![Page 3: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/3.jpg)
CUMREC May 13, 2003
What is IT being asked to do?
• One stop for university services (portal) integrated with course management systems
• Email-for-life• Automatic creation and deletion of computer
accounts• Submit and/or update information online• Browser or desktop preferences follow you
![Page 4: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/4.jpg)
CUMREC May 13, 2003
More on the “to do” list
• Multi-campus scanning electron microscopes• Integrated voicemail, email, and faxmail for
Advancement staff• Secure PDA and wireless support• All-campus email announcements (spam)• Expensive library databases shared with other
schools in a system or consortium• . . . .
![Page 5: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/5.jpg)
CUMREC May 13, 2003
What do all of these have in common?
• Are the people using these services who they claim to be?
• Are they members of our campus community?
• Have they been given permission?
• Is their privacy being protected?
![Page 6: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/6.jpg)
CUMREC May 13, 2003
What is middleware?
• Suite of campus-wide security, access, and information services– Integrates data sources and manages
information about people and their contact locations
– Establishes electronic identity of users– Uses administrative data to assign affiliation
and gives permission to use services based on that role
![Page 7: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/7.jpg)
CUMREC May 13, 2003
Definitions: Identifiers
• Identifiers– your electronic names– Multiple names and corresponding information in
multiple places– Single unique identifier for each authorized user– Names and information in other systems can be cross-
linked to it
Ie, Admin systems, library systems, building systems
![Page 8: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/8.jpg)
CUMREC May 13, 2003
Definitions: Authentication
• Authentication – links the physical you to an electronic identifier– Password authentication most common
– Security need should drive authentication method
– Distance learning and inter-campus applications
![Page 9: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/9.jpg)
CUMREC May 13, 2003
Definitions: Authorization
• Authorization services – allowing you to use services– Affiliated with the school (role)
– Permitted to use the services based on that role
![Page 10: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/10.jpg)
CUMREC May 13, 2003
Definitions: Enterprise Directory Services
• Enterprise Directory services - where your electronic identifiers are reconciled and basic characteristics are kept– Very quick lookup function
– Phone number, address, campus identifiers
– Machine address, voice mail box, email box location
![Page 11: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/11.jpg)
CUMREC May 13, 2003
What is Middleware?
• specialized networked services that are shared by applications and users
• a set of core software components that permit scaling of applications and networks
• tools that take complexity out of application integration• a second layer of the IT infrastructure, sitting above the
network • a land where technology meets policy• the intersection of what networks designers and
applications developers each do not want to do
![Page 12: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/12.jpg)
CUMREC May 13, 2003
Map of Middleware Land
![Page 13: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/13.jpg)
CUMREC May 13, 2003
Core Middleware
Middleware makes “transparent use” happen, providing consistency, security, privacy and capability
• Identity - unique markers of who you (person, machine, service, group) are
• Authentication - how you prove or establish that you are that identity
• Directories - where an identity’s basic characteristics are kept
• Authorization - what an identity is permitted to do• Public Key Infrastructure (PKI) - emerging tools for
security services
![Page 14: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/14.jpg)
CUMREC May 13, 2003
2002 EDUCAUSE Current Issues Survey
• Criteria– Importance for strategic success– Potential significance in next year– Most time consuming for leaders– Most resource intensive
• 10 issues most significant
![Page 15: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/15.jpg)
CUMREC May 13, 2003
The Top Ten Issues
• Administrative Systems/ERP• IT Funding• Faculty Development, Support, and Training• IT Strategic Planning• Security Management• Online Student Services• Teaching and Learning Strategies• Distance Education• Maintaining Network Infrastructure• Emerging Network Technologies• (Portals)
![Page 16: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/16.jpg)
CUMREC May 13, 2003
Threads Woven Throughout
• Money and Time• Integration• Policy Enforcement• Enhanced Security• Ease of Use• Capability to Iterate and Deploy Faster• Privacy management
![Page 17: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/17.jpg)
CUMREC May 13, 2003
Money and Time
• Consolidated access management– Fewer staff for more applications
– Fewer information repositories to manage
– Fewer accounts to manage
– Automated creation and deletion of accounts
![Page 18: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/18.jpg)
CUMREC May 13, 2003
Integration
• Leverage existing infrastructures– Data
• Unique identifier is mapped to application-dependent identifiers
– Network• Integrated sign-on
– Services • Administrative and Course Management Systems
![Page 19: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/19.jpg)
CUMREC May 13, 2003
Policy Enforcement
• Access follows institutional policy and legal requirements– Business changes reflected in access
• Dismissed students/staff have access to all services and buildings immediately revoked
![Page 20: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/20.jpg)
CUMREC May 13, 2003
Enhanced Security
• Consolidation of Access – Status/role change alters service mix
– Use of same identifier enhances auditing
– Access to critical applications is concentrated
• More security minded
![Page 21: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/21.jpg)
CUMREC May 13, 2003
Ease of Use
• Directory-enabled applications– Reduce faculty need to update class rosters
• Consolidated authentication– Reduces the number of userids/passwords
• Move updating of information to ultimate data owner– Students update address information or
destination of their forwarded email
![Page 22: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/22.jpg)
CUMREC May 13, 2003
Capability to Iterate and Deploy Faster
• Use same authentication and identity infrastructure for new services
• Extend services to new groups by adding to the directory
• One group of staff responsible for implementing business rules
![Page 23: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/23.jpg)
CUMREC May 13, 2003
Privacy management
• Increasing need both to pass information about people for access and to protect privacy– Must have a central policy structure and
related technical infrastructure for privacy management
• Library applications where both authorized access and anonymity is critical
![Page 24: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/24.jpg)
CUMREC May 13, 2003
Next Steps
• Develop project plan
• Decide on unique namespace
• Review application and directory requirements
• Pick initial target applications
• Design and populate the directory with big picture in mind
• Deploy directory and enable applications
![Page 25: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/25.jpg)
CUMREC May 13, 2003
NMI-EDIT Consortium
• Funded by the NSF Middleware Initiative (NMI)
• Enterprise and Desktop Integration Technologies (EDIT) Consortium– Internet2 – primary on grant and research– EDUCAUSE – primary on outreach– Southeastern Universities Research Association (SURA) – primary on Integration Testbed
• Higher-ed, government, corporate, research, and international participation
![Page 26: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/26.jpg)
CUMREC May 13, 2003
NMI-EDIT: Goals
• Much as at the network layer, create a ubiquitous common, persistent and robust core middleware infrastructure for the Research & Education community
• In support of inter-institutional and inter-realm collaborations, provide tools and services (e.g. registries, bridge PKI components, root directories) as required
![Page 27: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/27.jpg)
CUMREC May 13, 2003
NMI-EDIT: Core Middleware Scope
• Identity and Identifiers – namespaces, identifier crosswalks, real world levels of assurance
• Authentication – campus technologies and policies, inter-realm interoperability via PKI, Kerberos
• Directories – enterprise directory services architectures and tools, standard object classes, inter-realm and registry services
• Authorization – permissions and access controls, delegation, privacy management
• Integration Activities – common management tools, use of virtual, federated and hierarchical organizations
![Page 28: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/28.jpg)
CUMREC May 13, 2003
Enterprise MiddlewareEducational Opportunities
• Pre-conference Seminars & track sessions: EDUCAUSE Annual & Regional Meetings, CUMREC, Internet2, etc
• Campus Architectural Middleware Planning Workshops– CAMP, Boulder CO – June 4-6, 2003
• CIO and Technical staff• Best practices in middleware deployment• Check the www.nmi-edit.org site for announcement or past
conference proceedings
– Advanced CAMP, Boulder CO – July 9-11, 2003• Highly technical• Research topics
![Page 29: Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003](https://reader036.vdocument.in/reader036/viewer/2022062517/56649ea75503460f94baac22/html5/thumbnails/29.jpg)
CUMREC May 13, 2003
On-line Resources Available• Introductory Technical and Management Documents
– Sample Middleware Business Case and Writer’s Guide– Identifiers, Authentication, and Directories: Best Practices
for Higher Education– Identifier Mapping Templates and Campus Examples– And more….
• Enterprise Directory Implementation Process (Roadmap) www.nmi-edit.org
• For more information, contact Ann West [email protected] or send mail to [email protected]