Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright Ann West 2003. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,

Published byKrystal Drudge Modified over 9 years ago

Similar presentations

Presentation on theme: "Copyright Ann West 2003. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,"— Presentation transcript:

1 Copyright Ann West 2003. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author. NERCOMP March 17, 2003

2 Middleware: Addressing the Top IT Issues on Campus Lesley Tolman Tufts University NERCOMP March 17, 2003

3 Outline Set the context Define middleware Outline the top 10 issues Discuss the relevancy of middleware Introduce NMI-EDIT Highlight available resources and educational opportunities

4 NERCOMP March 17, 2003 What is IT being asked to do? One stop for university services (portal) integrated with course management systems Email-for-life Automatic creation and deletion of computer accounts Submit and/or update information online Browser or desktop preferences follow you

5 NERCOMP March 17, 2003 More on the “to do” list Multi-campus scanning electron microscopes Integrated voicemail, email, and faxmail for Advancement staff Secure PDA and wireless support All-campus email announcements (spam) Expensive library databases shared with other schools in the system …

6 NERCOMP March 17, 2003 What do all of these have in common? Are the people using these services who they claim to be? Are they a member of our campus community? Have they been given permission? Is their privacy being protected?

7 NERCOMP March 17, 2003 What is middleware? Suite of campus-wide security, access, and information services –Integrates data sources and manages information about people and their contact locations –Establishes electronic identity of users –Uses administrative data to assign affiliation and gives permission to use services based on that role

8 NERCOMP March 17, 2003 Definitions: Identifiers Identifiers– your electronic names –Multiple names and corresponding information in multiple places –Single unique identifier for each authorized user –Names and information in other systems can be cross- linked to it Admin systems, library systems, building systems Bio Betty

9 NERCOMP March 17, 2003 Definitions: Authentication Authentication – links the physical you to an electronic identifier –Password authentication most common –Security need should drive authentication method –Dean of Students and Scary Mary, Bio Betty –Distance learning and inter-campus applications

10 NERCOMP March 17, 2003 Definitions: Authorization Authorization services – allowing you to use services –Affiliated with the school (role) –Permitted to use the services based on that role Dean of Students and Scary Mary Troubled Todd and his assistant

11 NERCOMP March 17, 2003 Definitions: Enterprise Directory Services Enterprise Directory services - where your electronic identifiers are reconciled and basic characteristics are kept –Very quick lookup function –Phone number, address, campus identifiers –Machine address, voice mail box, email box location –Biker Bill, Troubled Todd

12 NERCOMP March 17, 2003 What is Middleware? specialized networked services that are shared by applications and users a set of core software components that permit scaling of applications and networks tools that take complexity out of application integration a second layer of the IT infrastructure, sitting above the network a land where technology meets policy the intersection of what networks designers and applications developers each do not want to do

13 NERCOMP March 17, 2003 Map of Middleware Land

14 NERCOMP March 17, 2003 Core Middleware Middleware makes “transparent use” happen, providing consistency, security, privacy and capability Identity - unique markers of who you (person, machine, service, group) are Authentication - how you prove or establish that you are that identity Directories - where an identity’s basic characteristics are kept Authorization - what an identity is permitted to do Public Key Infrastructure (PKI) - emerging tools for security services

15 NERCOMP March 17, 2003 What’s the Problem? 2002 EDUCAUSE Current Issues Survey Criteria –Important for strategic success –Potential significance in next year –Most time consuming for leaders –Most resource intensive 10 issues most significant

16 NERCOMP March 17, 2003 The Top Ten Issues Administrative Systems/ERP IT Funding Faculty Development, Support, and Training IT Strategic Planning Security Management Online Student Services Teaching and Learning Strategies Distance Education Maintaining Network Infrastructure Emerging Network Technologies (Portals)

17 NERCOMP March 17, 2003 Threads Woven Throughout Money and Time Integration Policy Enforcement Enhanced Security Ease of Use Capability to Iterate and Deploy Faster Privacy management

18 NERCOMP March 17, 2003 Money and Time Consolidated access management –Fewer staff for more applications –Fewer information repositories to manage –Fewer accounts to manage –Automated creation and deletion of accounts

19 NERCOMP March 17, 2003 Integration Leverage existing infrastructures –Data Unique identifier is mapped to application-dependent identifiers –Network Integrated sign-on –Services Administrative and Course Management Systems

20 NERCOMP March 17, 2003 Policy Enforcement Access follows institutional policy and legal requirements –Business changes reflected in access Dismissed students have access to all services and buildings immediately revoked

21 NERCOMP March 17, 2003 Enhanced Security Consolidation of Access –Status change alters service mix –Use of same identifier enhances auditing –Staff concerned with access to critical applications is concentrated More security minded

22 NERCOMP March 17, 2003 Ease of Use Directory enabled applications –Reduce faculty need to update class rosters Consolidated authentication –Reduces the number of userids/passwords Move updating of information to ultimate data owner –Students update address information or where their email is forwarded to

23 NERCOMP March 17, 2003 Capability to Iterate and Deploy Faster Use same authentication and identity infrastructure for new services Extend services to new groups by adding to the directory One group of staff responsible for implementing business rules

24 NERCOMP March 17, 2003 Privacy management Increasing need to both pass information about people for access and protect privacy –Must have a central policy structure and related technical infrastructure for privacy management Library applications where both authorized access and anonymity is critical

25 NERCOMP March 17, 2003 Next Steps Develop project plan Decide on unique namespace Review application and directory requirements Pick initial target applications Design and populate the directory with big picture in mind Deploy directory and enable applications

26 NERCOMP March 17, 2003 NMI-EDIT Consortium Funded out of the NSF Middleware Initiative (NMI) Enterprise and Desktop Integration Technologies Consortium –Internet2 – primary on grant and research –EDUCAUSE – primary on outreach –Southeastern Universities Research Association (SURA) – primary on NMI Integration Testbed Higher-ed, government, corporate, research, and international participation

27 NERCOMP March 17, 2003 NMI-EDIT: Goals Much as at the network layer, create a ubiquitous common, persistent and robust core middleware infrastructure for the R&E community In support of inter-institutional and inter-realm collaborations, provide tools and services (e.g. registries, bridge PKI components, root directories) as required

28 NERCOMP March 17, 2003 NMI-EDIT: Core Middleware Scope Identity and Identifiers – namespaces, identifier crosswalks, real world levels of assurance Authentication – campus technologies and policies, inter-realm interoperability via PKI, Kerberos Directories – enterprise directory services architectures and tools, standard object classes, inter- realm and registry services Authorization – permissions and access controls, delegation, privacy management Integration Activities – common management tools, use of virtual, federated and hierarchical organizations

29 NERCOMP March 17, 2003 Enterprise Middleware Educational Opportunities Pre-conference Seminars and track sessions at EDUCAUSE Regional Meetings Campus Architectural Middleware Planning Workshops –Base CAMP, Boulder CO – June 4-6, 2003 CIO and Technical staff Best practices in middleware deployment Check the www.nmi-edit.org site for announcement or past conference proceedingswww.nmi-edit.org –Advanced CAMP, Boulder CO – July 9-11, 2003 Highly technical Research topics

30 NERCOMP March 17, 2003 On-line Resources Available Introductory Technical and Management Documents –Sample Middleware Business Case and Writer’s Guide –Identifiers, Authentication, and Directories: Best Practices for Higher Education –Identifier Mapping Templates and Campus Examples –And more…. See Enterprise Directory Implementation Process Site coming in April on www.nmi-edit.org For more information, contact Ann West awest@educause.edu or send mail to request@nmi-edit.org

31 NERCOMP March 17, 2003 Questions? Lesley Tolman Tufts University lesley.tolman@tufts.edu

Download ppt "Copyright Ann West 2003. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,"

Similar presentations

Experiences in Middleware Deployment: Teach a man to fish… Mary Fran Yafchak NMI Integration Testbed Manager SURA IT Program Coordinator.

Experiences in Middleware Deployment: Teach a man to fish… Mary Fran Yafchak NMI Integration Testbed Manager SURA IT Program Coordinator.
How Identity and Access Management Can Help Your Institution Touch Its Toes Renee Woodten Frost Internet2 and University of Michigan Kevin Morooney The.

How Identity and Access Management Can Help Your Institution Touch Its Toes Renee Woodten Frost Internet2 and University of Michigan Kevin Morooney The.
Lynn Ray ISO Towson University Strategic Planning for IT Security Copyright Lynn Ray, 2007. This work is the intellectual property rights of the author.

Lynn Ray ISO Towson University Strategic Planning for IT Security Copyright Lynn Ray, This work is the intellectual property rights of the author.
Copyright Tom Parker, Ron DiNapoli, Andrea Beesing, Joy Veronneau 2004. This work is the intellectual property of the authors. Permission is granted for.

Copyright Tom Parker, Ron DiNapoli, Andrea Beesing, Joy Veronneau This work is the intellectual property of the authors. Permission is granted for.
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.

Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
Andrea Eastman-Mullins Information & Technology Coordinator University of North Carolina, Office of the President Teaching and Learning with Technology.

Andrea Eastman-Mullins Information & Technology Coordinator University of North Carolina, Office of the President Teaching and Learning with Technology.
Welcome to CAMP! Ken Klingenstein, Director, Internet2 Middleware Initiative.

Welcome to CAMP! Ken Klingenstein, Director, Internet2 Middleware Initiative.
Copyright Jill M. Forrester 2008. This work is the intellectual property of the author. Permission is granted for this material to be shared for non- commercial,

Copyright Jill M. Forrester This work is the intellectual property of the author. Permission is granted for this material to be shared for non- commercial,
Advancing Security Programs through Partnerships Cathy HubbsShirley Payne IT Security Coordinator Director for Security Coordination & Policy George Mason.

Advancing Security Programs through Partnerships Cathy HubbsShirley Payne IT Security Coordinator Director for Security Coordination & Policy George Mason.
Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.

Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.
Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –

Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –
Identity Management: The Legacy and Real Solutions Project Overview.

Identity Management: The Legacy and Real Solutions Project Overview.
Copyright Statement © Jason Rhode and Carol Scheidenhelm. 2006. This work is the intellectual property of the authors. Permission is granted for this material.

Copyright Statement © Jason Rhode and Carol Scheidenhelm This work is the intellectual property of the authors. Permission is granted for this material.
NLII - 2003 Mapping the Learning Space New Orleans, LA Colleen Carmean NLII Fellow Information Technology Director, ASU West Editor, MERLOT Faculty Development.

NLII Mapping the Learning Space New Orleans, LA Colleen Carmean NLII Fellow Information Technology Director, ASU West Editor, MERLOT Faculty Development.
Copyright Shanna Smith & Tom Bohman (2003). This work is the intellectual property of the authors. Permission is granted for this material to be shared.

Copyright Shanna Smith & Tom Bohman (2003). This work is the intellectual property of the authors. Permission is granted for this material to be shared.
Embedded Librarian Program: Librarians and Faculty Partnering to Serve Online Students NERCOMP Annual Conference Innovation and Reliability: Finding the.

Embedded Librarian Program: Librarians and Faculty Partnering to Serve Online Students NERCOMP Annual Conference Innovation and Reliability: Finding the.
CAMP - June 4-6, 2003 1 Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin 2003. This work is the intellectual property of the authors.

CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,

CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,
Identity Management – Why and How Experiences at CU-Boulder Copyright Linda Drake, Director of Development and Integration, University of Colorado, Boulder,

Identity Management – Why and How Experiences at CU-Boulder Copyright Linda Drake, Director of Development and Integration, University of Colorado, Boulder,
EDUCAUSE April 25, 2006Enforcing Compliance with Security Policies … Enforcing Compliance of Campus Security Policies Through a Secure Identity Management.

EDUCAUSE April 25, 2006Enforcing Compliance with Security Policies … Enforcing Compliance of Campus Security Policies Through a Secure Identity Management.

Similar presentations

Ads by Google