Presentation is loading. Please wait.

Presentation is loading. Please wait.

Management Primer on Middleware Louise Miller-Finn, Johns Hopkins University Renee Woodten Frost, Internet2 & University of Michigan.

Published byEmory McDaniel Modified over 8 years ago

Similar presentations

Presentation on theme: "Management Primer on Middleware Louise Miller-Finn, Johns Hopkins University Renee Woodten Frost, Internet2 & University of Michigan."— Presentation transcript:

1 Management Primer on Middleware Louise Miller-Finn, Johns Hopkins University Renee Woodten Frost, Internet2 & University of Michigan

2 Base CAMP 24 June 2002Primer on Middleware2 Agenda What is Middleware? Why is it Important? How is it Used? What are the Underlying Concepts and Architecture? What Resources are There to Help?

3 Base CAMP 24 June 2002Primer on Middleware3 Middleware in Action Mary is a grad student at Alpha U, taking courses both in a traditional classroom and online and interns at a biotech company nearby. Using her laptop, Mary needs to access her e-mail, courseware, calendar and library resources from all three locations; home, campus and work. She also uses a wireless PDA when on-campus to stay in touch with her lab mates.

4 Base CAMP 24 June 2002Primer on Middleware4 Middleware in Action The new Chair of the Dept. of Physiology has arrived on campus over the weekend. Dr. Agnew is very anxious to get access to campus IT resources such as e-mail, calendar, web services and the mainframe. He does not want to wait for the requisite 3-5 business days it takes to get the accounts setup. Since IT already knows of him, he can use a self-service interface to accomplish his goal.

5 Base CAMP 24 June 2002Primer on Middleware5 What is Middleware? specialized networked services that are shared by applications and users a set of core software components that permit scaling of applications and networks tools that take complexity out of application integration a second layer of the IT infrastructure, sitting above the network a land where technology meets policy the intersection of what networks designers and applications developers each do not want to do

6 Base CAMP 24 June 2002Primer on Middleware6 NMI Definition of Middleware Middleware is software that connects two or more otherwise separate applications across the Internet or local area networks. More specifically, the term refers to an evolving layer of services that resides between the network and more traditional applications for managing security, access and information exchange to:

7 Base CAMP 24 June 2002Primer on Middleware7 NMI Definition of Middleware Let scientists, engineers and educators transparently use and share distributed resources, such as computers, data, networks and instruments. Develop effective collaboration and communications tools such as Grid technologies, desktop video and other advanced services to expedite research and education and Develop a working architecture and an approach that can be extended to the larger set of Internet and network users.

8 Base CAMP 24 June 2002Primer on Middleware8 Map of Middleware Land

9 Base CAMP 24 June 2002Primer on Middleware9 Core Middleware Middleware makes “transparent use” happen, providing consistency, security, privacy and capability Identity - unique markers of who you (person, machine, service, group) are Authentication - how you prove or establish that you are that identity Directories - where an identity’s basic characteristics are kept Authorization - what an identity is permitted to do Public Key Infrastructure (PKI) - emerging tools for security services

10 Base CAMP 24 June 2002Primer on Middleware10 How is it used? Email –Common authentication and directories Account management –Common authentication and provisioning mechanism Next-generation portals –Common authentication and storage for profiles and preferences. Web access controls –Common authentication and directories Calendaring –Common authentication and directories

11 Base CAMP 24 June 2002Primer on Middleware11 How is it used? Digital Libraries –Scalable, interoperable authentication and authorization. Grids (Research for now) –Model for a distributed computing environment, addressing diverse computational resources, distributed databases, network bandwidth,etc.; –Globus provides security, location and allocation of resources, and scheduling. Instructional Management Systems –Common authentication and directories. Academic Collaboration –Restricted sharing of materials among institutions.

12 Base CAMP 24 June 2002Primer on Middleware12 Organizational Drivers Federal government E-enterprise functions Service expectations Resource allocation pressures Collaboration

13 Base CAMP 24 June 2002Primer on Middleware13 Benefits to the Institution Economies for central IT - reduced account management, better web site access controls, tighter network security... Economies for distributed IT - reduced administration, access to better information feeds, easier integration of departmental applications into campus-wide use... Improved services for students and faculty - access to scholarly information, control of personal data, reduced legal exposures... Participation in future research environments - Grids, videoconferencing, etc. Participation in new collaborative initiatives – Directory of Directories, Shibboleth, etc.

14 Base CAMP 24 June 2002Primer on Middleware14 Costs to the Institution Modest increases in capital equipment and staffing requirements for central IT Considerable time and effort to conduct campus wide planning and vetting processes One-time costs to retrofit some applications to new central infrastructure One-time costs to build feeds from legacy source systems to central directory services The political wounds from the reduction of duchies in data and policies

15 Base CAMP 24 June 2002Primer on Middleware15 Nature of the Work Technology –Establish campus-wide services: name space, authentication –Build an enterprise directory service –Populate the directory from source systems –Enable applications to use the directory

16 Base CAMP 24 June 2002Primer on Middleware16 Nature of the Work Policies and Politics –Clarify relationships between individuals and institution –Determine who manages, who can update and who can see common data –Structure information access and use rules between departments and central administrative units –Reconcile business rules and practices

17 Underlying Concepts & Architecture

18 Base CAMP 24 June 2002Primer on Middleware18 Pause for some terminology Identity: set of attributes about you. Authentication: process used to prove your identity. Often a login process. Authorization: process of determining if policy permits an intended action to proceed. Customization: presentation of user interface (UI) tailored to user’s identity.

19 Base CAMP 24 June 2002Primer on Middleware19 What IT needs to know Identity – “you”. Characteristics that pertain to the service at hand. Examples: –Library resource: current member of the set of licensees –Video for course: enrolled in the course –Email or calendar: University username –Videoconference: current network address

20 Base CAMP 24 June 2002Primer on Middleware20 What IT needs to do Each service must determine what it should present to you & what you are entitled to do. Possible ways it might undertake that: –Ask you to login and look up info in its own database. (authentication & authorization) –Ask you to login and look up info in a common or central database. –Trust some other source to assert needed info (the other source might make you login).

21 Base CAMP 24 June 2002Primer on Middleware21 Service architectures Stovepipesilo Stovepipe (or silo): Service performs its own authentication and consults its own database for authorization and customization attributes. service authNattrs service authNattrs

22 Base CAMP 24 June 2002Primer on Middleware22 Comparative service architectures Stovepipes are run by separate departments/divisions. –Environment is more challenging to users, who may need to contact each office to arrange for service. –No automated life cycle management of accounts. –Per-service identifiers and security practices make it more difficult to achieve a given level of security across the enterprise.

23 Base CAMP 24 June 2002Primer on Middleware23 Service architectures Integrated Integrated: Service refers authentication to and obtains attributes for authorization and customization from enterprise infrastructure services. service1 authentication service attribute service Service N An Organization

24 Base CAMP 24 June 2002Primer on Middleware24 Comparative service architectures Enterprise authentication & attribute services are run by a central office. –All attributes known by the organization about a member can be integrated and made available to services. –Automated life cycle account management is possible across the enterprise. –Common identifiers across integrated services makes an easier and more secure user environment.

25 Base CAMP 24 June 2002Primer on Middleware25 Four service architectures Federated Federated: Service refers authentication to and obtains attributes for authorization and customization from possibly external infrastructure services. service authentication service attribute service Organization 1Organization 2

26 Base CAMP 24 June 2002Primer on Middleware26 Four service architectures Grid Grid: Service refers authentication to and obtains attributes for authorization and customization from common grid services. service1 authentication service attribute service Service N A Virtual Organization

27 Base CAMP 24 June 2002Primer on Middleware27 Comparative service architectures Federated authentication & attribute services rely on each participating organization’s enterprise authentication & attribute services. Integration of Grid services with enterprise services is a medium term goal of the NSF Middleware Initiative.

28 Base CAMP 24 June 2002Primer on Middleware28 The Objective Prepare campuses to implement core middleware for an integrated architecture. service1 authentication service attribute service Service N An Organization

29 Base CAMP 24 June 2002Primer on Middleware29 Core middleware for an integrated architecture

30 Vignettes Revisited

31 Base CAMP 24 June 2002Primer on Middleware31 Provisioning vignette Provisioning vignette: The new Chair of the Dept. of Physiology has arrived on campus over the weekend. Dr. Agnew is very anxious to get access to campus IT resources such as e-mail, calendar, web services and the mainframe. He does not want to wait for the requisite 3-5 business days it takes to get the accounts setup. Since IT already knows of him, he can use a self-service interface to accomplish his goal. to model HRS Metadirectory Acct Init Service authN attrs

32 Base CAMP 24 June 2002Primer on Middleware32 Student vignette Student vignette: Mary is a grad student at Alpha U, taking courses both in a traditional classroom and online and interns at a biotech company nearby. Using her laptop, Mary needs to access her e-mail, courseware, calendar and library resources from all three locations; home, campus and work. She also uses a wireless PDA when on-campus to stay in touch with her lab mates. to model Mailbox Calendar Wireless Gateway NAS Server Lib Proxy CMS authN attrs

33 Base CAMP 24 June 2002Primer on Middleware33 Vignette analysis Set of vignettes portray: –Seamlessness of transitions between services. –Independence of location of service or user. –Suites of services designed to support activities of different constituencies. –Absence of need to make prior arrangement for resources required to enable services.

34 Base CAMP 24 June 2002Primer on Middleware34 Middleware Resources

35 Base CAMP 24 June 2002Primer on Middleware35 What resources are there to help? Expert, diverse leadership and collaborators –MACE and the working groups –NSF catalytic grants –Early Adopters –Higher Education Partners – campuses, EDUCAUSE, CREN, CNI, SURA, GRIDS, NACUBO,AACRAO, NACUA, etc –Government Partners - NSF, NIH, NIST, fPKI TWG, etc –Corporate Partners – IBM, SUN, Metamerge, Radvision, etc –International communities

36 Base CAMP 24 June 2002Primer on Middleware36 What resources are there to help? Websites http://middleware.internet2.edu http://www.nsf-middleware.org http://www.nmi-edit.org http://www.grids-center.org Middleware information and discussion lists mw-announce@internet2.edu mw-discuss@internet2.edu NMI lists (see websites)

37 Base CAMP 24 June 2002Primer on Middleware37 What resources are there to help? Workshops –Pre-conference Seminars –Summer CAMPs (Campus Architectural Middleware Planning) Base – June 24-26, 2002 Advanced – July 31 – August 2, 2002

38 Base CAMP 24 June 2002Primer on Middleware38 What resources are there to help? Introductory Documents –Sample Middleware Business Case and corresponding Writer’s Guide –Identifiers, Authentication, and Directories: Best Practices for Higher Education –Identifier Mapping Template and Campus Examples

39 Base CAMP 24 June 2002Primer on Middleware39 What resources are there to help? NSF Middleware Initiative Release 1 Components Software Directory Object Classes Conventions and Practices Recommended Practices White Papers Policies Services Works in progress: White Papers Working Groups and Projects

40 Base CAMP 24 June 2002Primer on Middleware40 Contacts Renee Woodten Frost Internet2 & University of Michigan rwfrost@internet2.edu Louise Miller-Finn Johns Hopkins University lmiller@jhmi.edu

Download ppt "Management Primer on Middleware Louise Miller-Finn, Johns Hopkins University Renee Woodten Frost, Internet2 & University of Michigan."

Similar presentations

Defining the Security Domain Marilu Goodyear John H. Louis University of Kansas.

Defining the Security Domain Marilu Goodyear John H. Louis University of Kansas.
Joint CASC/CCI Workshop Report Strategic and Tactical Recommendations EDUCAUSE Campus Cyberinfrastructure Working Group Coalition for Academic Scientific.

Joint CASC/CCI Workshop Report Strategic and Tactical Recommendations EDUCAUSE Campus Cyberinfrastructure Working Group Coalition for Academic Scientific.
The Internet2 NET+ Services Program Jerry Grochow Interim Vice President CSG January, 2012.

The Internet2 NET+ Services Program Jerry Grochow Interim Vice President CSG January, 2012.
Middleware Implementation Case Studies Tom Barton, The University of Memphis Renee Woodten Frost, Internet2 & UMich Louise Miller-Finn, Johns Hopkins University.

Middleware Implementation Case Studies Tom Barton, The University of Memphis Renee Woodten Frost, Internet2 & UMich Louise Miller-Finn, Johns Hopkins University.
High Performance Computing Course Notes 2007-2008 Grid Computing.

High Performance Computing Course Notes Grid Computing.
Copyright Ann West 2003. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,

Copyright Ann West This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
EInfrastructures (Internet and Grids) US Resource Centers Perspective: implementation and execution challenges Alan Blatecky Executive Director SDSC.

EInfrastructures (Internet and Grids) US Resource Centers Perspective: implementation and execution challenges Alan Blatecky Executive Director SDSC.
David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.

David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.
Active Directory: Final Solution to Enterprise System Integration

Active Directory: Final Solution to Enterprise System Integration
Public Key Infrastructure at the University of Pittsburgh Robert F. Pack, Vice Provost Academic Planning and Resources Management March 27, 2000 CNI Spring.

Public Key Infrastructure at the University of Pittsburgh Robert F. Pack, Vice Provost Academic Planning and Resources Management March 27, 2000 CNI Spring.
Information Technology Current Work in System Architecture November 2003 Tom Board Director, NUIT Information Systems Architecture.

Information Technology Current Work in System Architecture November 2003 Tom Board Director, NUIT Information Systems Architecture.
Introduction and Overview “the grid” – a proposed distributed computing infrastructure for advanced science and engineering. Purpose: grid concept is motivated.

Introduction and Overview “the grid” – a proposed distributed computing infrastructure for advanced science and engineering. Purpose: grid concept is motivated.
Thee-Framework for Education & Research The e-Framework for Education & Research an Overview TEN Competence, Jan 2007 Bill Olivier,

Thee-Framework for Education & Research The e-Framework for Education & Research an Overview TEN Competence, Jan 2007 Bill Olivier,
Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.

Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.

Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.
Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –

Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –
Imperial College Web Review 2002 1 Imperial College.... An audience-focused realignment of our web strategy with our College strategy, our market, technology.

Imperial College Web Review Imperial College.... An audience-focused realignment of our web strategy with our College strategy, our market, technology.
Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.

Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.
Welcome to CAMP Identity Management Integration Workshop Ann West NMI-EDIT EDUCAUSE/Internet2.

Welcome to CAMP Identity Management Integration Workshop Ann West NMI-EDIT EDUCAUSE/Internet2.

Similar presentations

Ads by Google