1 / 24

Welcome to CAMP!

Welcome to CAMP!. Ken Klingenstein, Director, Internet2 Middleware Initiative. Overview. CAMP Goals Workshop Context A word from our sponsors A word about NMI-EDIT. Goals of CAMP: Authentication Overview/Deployment. Overview of deploying authentication WebISO technologies

rupert
Télécharger la présentation

Welcome to CAMP!

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Welcome to CAMP! Ken Klingenstein, Director, Internet2 Middleware Initiative

  2. Overview • CAMP Goals • Workshop Context • A word from our sponsors • A word about NMI-EDIT 2

  3. Goals of CAMP: Authentication Overview/Deployment • Overview of deploying authentication • WebISO technologies • Update on directory activities • Inter-institutional authorization and leveraging campus authentication 3

  4. Goals of CAMP • Develop contacts from other institutions implementing middleware • Learn about current research • Take home ideas to help remove those roadblocks on your campus • Benchmark your own implementation against current higher-ed practices 4

  5. Thanks to our CAMP “Program Committee” • Mike Berman • CSU Pomona • Kent McKinney • CSU Hayward • Bill Winn • Bradley University 5

  6. A Word From Our Sponsors • National Science Foundation’s Middleware Initiative (NMI) • NMI – Enterprise Desktop Integration Technologies (EDIT) Consortium • Internet2 – primary on grant and research • EDUCAUSE – primary on outreach • Southeastern Universities Research Association (SURA) – primary on NMI Integration Testbed …with support from Sun Microsystems Inc. 6

  7. NMI-EDIT: Goals • Create a ubiquitous common, persistent and robust core middleware infrastructure for the R&E community • Provide tools and services (e.g. registries, bridge PKI components, schemas, root directories) to support inter-institutional and inter-realm collaborations 7

  8. NMI-EDIT: Core Middleware Scope • Identity and Identifiers – namespaces, identifier crosswalks, real world levels of assurance • Authentication – campus technologies and policies, inter-realm interoperability via PKI, Kerberos • Directories – enterprise directory services architectures and tools, standard object classes, inter-realm and registry services • Authorization – permissions and access controls, delegation, privacy management • Integration Activities – common management tools, use of virtual, federated and hierarchical organizations 8

  9. A Map of Middleware Land 9

  10. NMI-EDIT: Strategic Direction • Overall technical direction set by MACE • Middleware Architecture Committee for Education (MACE) • Bob Morgan, University of Washington, Chair • Campus IT architects and representatives from Grids and International Communities • Directions set via • NSF and NMI management team • Internet2 Network Planning and Policy Advisory Council • PKI, FOO and Directory Technical Advisory Boards • Internet2 members 10

  11. Sample NMI-EDIT Process: Directories • MACE-DIR Working Group • Prioritize needed materials • Establish subgroups • revision of basic documents (LDAP Recipe) • new best practices in groups and metadirectories • standards development for eduPerson 1.5 and eduOrg 1.0 • Workin enhanced IETF approach: scenarios, requirements, architectures, recommended standards stages • Announce deliverables; start input and conference call review/feedback processes; reconvene work groups as needed • Process schedule and requirements • 4-6 months for completion, depending on product • 6-8 primary contributors • 15-50 schools participating 11

  12. NMI-EDIT: Participants • Higher Ed • 15-20 leadership institutions, with 50 more campuses represented as members of working groups; readership around 2000 institutions • Corporate • (IBM/Metamerge, Microsoft, SUN, Liberty Alliance, DST, MitreTek, Radvision, Polycom, EBSCO, Elsevier, OCLC, Baltimore Technologies) • Government • NSF, NIST, NIH, Federal CIO Council • International • Terena, JISC, REDIRIS, AARnet, SWITCH 12

  13. The pieces fit together… Campus infrastructure Name space, identifiers, directories Enterprise authentication and authorization Portals and LMS’s Inter-realm infrastructure edu schemas Exchange of attributes Inter-realm Upperware Grids Digital libraries Video 13

  14. Middleware as Infrastructure • It serves both academic and administrative units • It serves both instructional and research missions • It must be reliable, scalable, extensible, ubiquitous, and transparent. • It must be deployed, which requires real technical, financial and political processes. 14

  15. Middleware as Art • There is no proven policy path • Much depends on local legacy systems • Much depends on local legacy people • Much of the technology base is being invented as we meet 15

  16. The Last Six Months in Middleware • Directories • Eduperson – new attributes, passions about vocabulary, new pressures for internationalization • CommObject becomes H.350 • Metadirectories… • Shibboleth – grows to v1.0, libraries and content providers drive deployments, federations take shape • Enterprise, federated Chandler is hatched 16

  17. The Last Six Months in Middleware • Desktop video – what’s proving hard • PKI – needs grew, CREN died… • DRM – wins and losses • OKI – fits and starts • Portals – growing consensus on a few standards 17

  18. Drivers for federations • At least four technologies… • Shibboleth, Liberty Alliance, Federated .NET, PAPI from RedIris (Spain), perhaps PKI • Several business needs • Internal exchanges • Inter-institutional collaboration • Federal e-authentication initiative • Deployments now beginning 18

  19. Origin Side Architecture 19

  20. The Next Six Months in parts of Middleware • Federations • A Higher Ed CA • Chandler • Signed email • Credential convertors and identity mapping • OGSA • Shibbing collaboration tools • DRM 20

  21. Federations and Classic PKI • They are very similar • Both imply trust models • Federations are a enterprise-enterprise PKI • Local authentication may well be end-entity certs • Name-space control is a critical issue • And they are very different • End user authentication a local decision • Flat set of relationships; little hierarchy • Focus as much on privacy as security • Web Services only right now: no other apps, no encryption • We get to define… 21

  22. Overall Trust Fabric 22

  23. The Next Two Years in parts of Middleware • Desktop video • Authzanity • A Higher Ed Bridge CA • Federated enterprise P2P • Virtual organization support • Federated directories • Middleware diagnostics 23

  24. Getting the Most Out of CAMP • Conventional wisdom is not wisdom • Its about deployments • We have met the enemy… • Friday morning consulting • Netequitte • The creek path • Stay engaged 24

More Related