1 / 34

Inter-Institutional Registration

Inter-Institutional Registration. UNC Cause December 4, 2007. Background. 500-600 students each year Various campus agreements No consistency Paper-based process Difficult for students Difficult for administrators Registrars Financial aid University of North Carolina Online

fritz-calhoun
Télécharger la présentation

Inter-Institutional Registration

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Inter-Institutional Registration UNC Cause December 4, 2007

  2. Background • 500-600 students each year • Various campus agreements • No consistency • Paper-based process • Difficult for students • Difficult for administrators • Registrars • Financial aid • University of North Carolina Online • Doesn’t scale

  3. Goal • Policy • System-wide consortia agreement • Registrars & Financial Aid • Clearinghouse • Management • Tracking • Convenience • Students • Administrators

  4. Inter-Institutional Registration Home Institution Inter-institutional System Visited Institution 1. Search for Courses Student 2. Add to Bookbag Select Home Campus 3. Request Registration Sign In 4. Redirect 5. Redirect if Successful Confirm & Process NOTIFY Acknowledge Registrar 6. Authenticate 7. Download Request Evaluate Request Process NOTIFY 8. Approve & Enter Data Registrar 9. Authenticate Acknowledge Evaluate Request 10. Download Request Process 11. Approve & Enter Data NOTIFY Registrar 12. Authenticate View Status Fully Process credit hours financial aid cashier 13. Get Tuition Costs 14. Mark as Completed Done

  5. Phased Approach Phase I - Manual Students Find courses Request registration Registrar Approve/Deny via dashboard Manually enter information Distributed Authentication Phase II - Web Services Eliminate Data Entry Campus to Clearinghouse Clearinghouse to Campus ERP Streamline campus operation using Banner APIs Web Services Architecture Shibboleth

  6. What is Shibboleth? • Higher education standard • From Internet2 • Open standard • Open source implementation • Federated approach • Single sign on • Signed attribute assertions • Distributed authentication • Clearinghouse never sees credentials!

  7. Shibboleth Architecture Service Provider (Inter-Institutional Clearinghouse) • Service Provider - The entity willing to accept identity credentials and attributes in order to provide a service to the user. • Identity Provider - The entity that knows information about the user and is willing to share that information with another party. • Enterprise Directory - The local campus directory that contains the information to be shared. Campus A Identity Provider (tomcat) Enterprise Directory (LDAP, etc) Apache

  8. Shibboleth Architecture Service Provider (Inter-Institutional Clearinghouse) Campus A Identity Provider (tomcat) Enterprise Directory (LDAP, etc) Apache 1. Request Secured Content User (via web browser)

  9. Shibboleth Architecture Service Provider (Inter-Institutional Clearinghouse) Campus A Identity Provider (tomcat) Enterprise Directory (LDAP, etc) Apache 2. Send Redirection 1. Request Secured Content 3. Request Auth. Form User (via web browser) Redirect

  10. Shibboleth Architecture Service Provider (Inter-Institutional Clearinghouse) Campus A Identity Provider (tomcat) Enterprise Directory (LDAP, etc) Apache 2. Send Redirection 1. Request Secured Content 3. Request Auth. Form 4. Send HTML Form User (via web browser) Redirect

  11. Shibboleth Architecture Service Provider (Inter-Institutional Clearinghouse) Campus A Identity Provider (tomcat) Enterprise Directory (LDAP, etc) Apache 2. Send Redirection 1. Request Secured Content 3. Request Auth. Form 5. Provide Credentials 4. Send HTML Form User (via web browser) Redirect

  12. Shibboleth Architecture Service Provider (Inter-Institutional Clearinghouse) Campus A Identity Provider (tomcat) Enterprise Directory (LDAP, etc) 5a. Authenticate Apache 2. Send Redirection 1. Request Secured Content 3. Request Auth. Form 5. Provide Credentials 4. Send HTML Form User (via web browser) Redirect

  13. Shibboleth Architecture Service Provider (Inter-Institutional Clearinghouse) Campus A Identity Provider (tomcat) Enterprise Directory (LDAP, etc) 5a. Authenticate Apache 7. Send Assertion 2. Send Redirection 1. Request Secured Content 3. Request Auth. Form 5. Provide Credentials 4. Send HTML Form 6. Embed Assertion User (via web browser) Redirect

  14. Shibboleth Architecture Service Provider (Inter-Institutional Clearinghouse) Campus A 7a. Exchange Attributes Identity Provider (tomcat) Enterprise Directory (LDAP, etc) 5a. Authenticate Apache 7. Send Assertion 2. Send Redirection 1. Request Secured Content 3. Request Auth. Form 5. Provide Credentials 4. Send HTML Form 6. Embed Assertion User (via web browser) Redirect

  15. Shibboleth Architecture Service Provider (Inter-Institutional Clearinghouse) Campus A 7a. Exchange Attributes Identity Provider (tomcat) Enterprise Directory (LDAP, etc) 5a. Authenticate Apache 7. Send Assertion 2. Send Redirection 8. Send Secured Content 1. Request Secured Content 3. Request Auth. Form 5. Provide Credentials 4. Send HTML Form 6. Embed Assertion User (via web browser) Redirect

  16. UNC Federation Service Provider Demo

  17. Security - Ideal Internet Firewall Private Network ASU UNC-GA WSSU … …

  18. Security - Actual Internet No Private Network Firewall Firewall Firewall ASU UNC-GA WSSU … …

  19. Shibboleth Security • Solution = Public Key Cryptography • x509 open standard Service Provider Campus A SSL Signed & Encrypted Identity Provider Enterprise Directory Apache SSL Encryption Server Certificate signed by well known Certificate Authority (CA) User (via web browser)

  20. Web Services Machine-to-machine communication over a network: Standard protocols/formats Simplifies exchange of data Using standard web technologies HTTP XML Platform agnostic Vendor agnostic

  21. Why Web Services? Cost effective Open standards architecture Acts as middleware between heterogeneous systems Automate Entry of bio-demo information Enrollment & registration in campus student system Fee assessment Fee posting

  22. Standard Architecture • Service Provider • Owner of the process • Platform that hosts access to the service • Service Requestor • Client to request and consume a service • Manual or automated initiation • Service Registry • Searchable directory of published service descriptions Service Registry Service Requestor Service Provider

  23. Standard Architecture • Service • Software module deployed on a network accessible platform • Service Description • Details of the implementation • Data types • Operations • Binding information • Network location Service Registry Service Requestor Service Provider Service Service Description

  24. Standard Architecture • WSDL (Web Services Definition Language) defines • message formats • data types • transport protocols • transport serialization formats Service Description Service Registry WSDL Publish Find Service Requestor Service Provider Service Service Description

  25. Standard Architecture • SOAP - Service Oriented Architecture Protocol • Framework for packaging and exchanging XML messages • Typically sent using HTTP • Language and platform independent • Lightweight protocol Service Description Service Registry WSDL Publish Find Service Requestor Service Provider Bind Service Service Description SOAP, WSDL

  26. Inter-Institutional Web Services(Phase II) • 3 distinct web services • Each university implements • Implementation can differ depending on internal processes • Implementation should make use of APIs provided by Banner & PeopleSoft • Clearinghouse consumes these services • Services are invoked via human intervention within the clearinghouse Service Requestor Service Provider Bind Service Service Description SOAP, WSDL

  27. Web Service #1(GET_BIODEMO_INFO) Home Institution Inter-institutional System Visited Institution 1. Search for Courses Student 2. Add to Bookbag Select Home Campus 3. Request Registration Sign In 4. Redirect 5. Redirect if Successful Confirm & Process NOTIFY Acknowledge Registrar 6. Authenticate 7. Download Request Evaluate Request Process NOTIFY 8. Approve & Enter Data Registrar #1 9. Authenticate Acknowledge Evaluate Request 10. Download Request Process 11. Approve & Enter Data NOTIFY Registrar 12. Authenticate View Status Fully Process credit hours financial aid cashier 13. Get Tuition Costs 14. Mark as Completed Done

  28. Web Service #1(GET_BIODEMO_INFO) • Home Campus Registrar initiates • From within clearinghouse • Clearinghouse consumes service • Passes unique student identifier • Service uses identifier to obtain bio/demo data • Returns data to clearinghouse • Home Campus Registrar proceeds with work flow Simulates Manual Data Entry

  29. Web Service #2(REGISTER_STUDENT) Home Institution Inter-institutional System Visited Institution 1. Search for Courses Student 2. Add to Bookbag Select Home Campus 3. Request Registration Sign In 4. Redirect 5. Redirect if Successful Confirm & Process NOTIFY Acknowledge Registrar 6. Authenticate 7. Download Request Evaluate Request Process NOTIFY 8. Approve & Enter Data Registrar #1 9. Authenticate Acknowledge Evaluate Request 10. Download Request Process 11. Approve & Enter Data NOTIFY Registrar #2 12. Authenticate View Status Fully Process credit hours financial aid cashier 13. Get Tuition Costs 14. Mark as Completed Done

  30. Web Service #2(REGISTER_STUDENT) • Visited Campus Registrar initiates • From within the clearinghouse • Provides student ID number if this student has attended before • Clearinghouse consumes service • Passes all Bio/Demo and course information • Register the student • Create/update the student in Banner/PeopleSoft • Admit the student • Register student into approved course • Return information • Student’s unique identifier • Course fees (if automatically assessed at time of registration) Simulates Manual Data Entry into ERP

  31. Web Service #3(FINALIZE_REGISTRATION) Home Institution Inter-institutional System Visited Institution 1. Search for Courses Student 2. Add to Bookbag Select Home Campus 3. Request Registration Sign In 4. Redirect 5. Redirect if Successful Confirm & Process NOTIFY Acknowledge Registrar 6. Authenticate 7. Download Request Evaluate Request Process NOTIFY 8. Approve & Enter Data Registrar #1 9. Authenticate Acknowledge Evaluate Request 10. Download Request Process 11. Approve & Enter Data NOTIFY Registrar #3 #2 12. Authenticate View Status Fully Process credit hours financial aid cashier 13. Get Tuition Costs 14. Mark as Completed Done

  32. Web Service #3(FINALIZE_REGISTRATION) • Home Campus Registrar initiates • From within clearinghouse • Clearinghouse consumes service • Passes tuition/fee and course data • Cache data in new tables (specifically for this purpose) • Processed in batch mode • Applied to student’s account • No automated processing of student data Simulates Manual Entry of Tuition & Fees

  33. Conclusion • Lookup & tracking service • Students • Registrars • Phase I = Fall 2008 • Shibboleth (required for participation) • Phase II = At campus’ discretion • Web Services • UNCG pilot for Banner schools • Suggest PeopleSoft campuses collaborate as well

  34. Questions & Discussion

More Related