WP3: the ÆSOP architecture Methods issues: how we did it. Explaining the architecture: –latest version of the pictures Identity management –Registrars –Relationship managers –Identity managers Where next?

A complete, integrated solution….

Architecture AG, Development, April 2002 Security infrastructure Application level

Letting users acquire, configure and share private spaces

Structure versus infrastructure Draw a new line on an evolved product. Construct a metaphor for the revealed capability Change the question: –Not “Tell us what you do and how you do it?” –But “What could you do with this?” We applied this to other products such as CRM, integration servers, eCommunity, knowledge management…

What is a “3 rd. Generation Portal” ? Where have they come from ? What is like to be connected to one ? “Hubs and spokes” ?

The new “middle” where things can be joined up Hardware Middleware Applications Database New channels and media The “publication” layer What are the metaphors?

Hardware The Hub New channels and media Recognising & naming Index Switch Marshalling & dispatching Finding & accessing Portal Single Authority Front office Back office Middleware Applications Database

New channels and media Finding & accessing Recognising & naming The Hub Switch Index Marshalling & dispatching Portal Partnership Publication & collaboration space. Agency systems with local records. Chamber Association client services client Administration

Though thirty spokes may form a wheel, it is the hole within the hub which gives the wheel utility. The Tao Te Ching Integration does not scale for ever… …hubs must be able to talk to hubs. What do they have to say to each other?

Joining up at the regional and national levels Federation services Workflow crossing local partnership boundaries Choice, mobility and ubiquity. Identity and consent across boundaries of established trust Hub to hub interactions

Hubs, spokes

Building networks of hierarchies and hierarchies of networks... and axels: Hubs, spokes

Structures like this are not designed in a top down way. …both real and virtual. and axels: Hubs, spokes Building networks of hierarchies and hierarchies of networks...

But what would it feel like? An example from social care.

Local Hub Systems Gateway MainfamilylocalPane 4 Achievement Record Summary Session log-on Case History John Henry Smith PCT Acute Trust Social Services Education Remote Systems National Systems Voluntary

Identity and relationship We need some rigorous foundations: – Identity is not a simple concept. –We can not rely of assumptions. –The way we represent it has consequences. Information, events, individuals, transactions. Transactional concept of relationship. Relational concept of identity.

Relationship Rc. Relationship Ra. Sets of records of the same individual with different relationships. A local identifier Identity attributes Profile and history An identity An Individual Register 1

Associated identifiers Register 1 Relationship Ra. Relationship Rc. An identity Ra, Pb Rb, Pb Rc, Pb Rd, Pb Re, Pb Rf, Pb Rg, Pb An index correlating identifiers A relationship type + A provider identity Sets of records of the same individual with different relationships. An Individual

Associated identifiers Ra, Pb Rb, Pb Rc, Pb Rd, Pb Re, Pb Rf, Pb Rg, Pb Register 1 Registers which use different attribute sets to indicate identities. Relationship Ra. Relationship Rc. An index correlating identifiers A domain of integration… …but where is federation? An identity A relationship type + A provider identity An Individual

IMPb Identity Management Provider B IMPb IMPa Identity Management Provider A Relationship Rb. Relationship Rk. Relationship Ra. Relationship Rc. Ra, Pb Rb, Pb Rc, Pb Rd, Pb Re, Pb Rf, Pb Rg, Pb Register 2Register 3 Register 1 Rc, Pb Rm, Pb Rk, Pb Rl, Pb Ra, Pb Rb, Pb Rd, Pb

Rk, Pb Rl, Pb Rm, Pb Ra, Pb Rb, Pb Rd, Pb Rc, Pb IMPa IMPb Ra, Pb Rb, Pb Rc, Pb Rd, Pb Re, Pb Rf, Pb Rg, Pb IMPb Register 2Register 3Register 1 A range of trust models: A B A B C A B A B C A range of modes of centralisation and distribution..

Some thoughts about ÆSOP environments: what is new, what is different? This is no more than a way of explaining what we do today… …but we needed a new way of explaining. The integration/federation as an approach to “ambiance”, “ubiquity”… We have proposed a new integration between identity and relationship management – the new “middle”. We have identified some new demarcations between structure and infrastructure.

How can we deliver this?

Portal Top navigation Bottom navigation Side navigation Pane 1Pane 2Pane3Pane 4 Portlet A Portlet C Portlet B Session log-on The Jetspeed Portlet presentation view Back Office Applications Content WEB Services

Portal Pane 4 Pane 3 Pane 2 Pane 1 Portlet Service α Portlet Service α Portlet Service β Portlet Service β Portlet Service γ Portlet Service γ Portlet service API Server Platform Portlet C Portlet B View Controller Command Model Portlet A Portlet invocation API Portal engine Back Office Applications Content WEB Services PKI smart card & digital signatures ÆSOP now… J2EE

Portal Pane 4 Pane 3 Pane 2 Pane 1 Portlet service API Server Platform Portlet C Portlet B View Controller Command Model Portlet A Portlet invocation API Portal engine Local community resources Federation services Remote resources J2EE ÆSOP in the future ?

Portal Pane 4 Pane 3 Pane 2 Pane 1 Portlet Service α Portlet Service α Portlet Service β Portlet Service β Portlet Service γ Portlet Service γ Portlet service API Server Platform Portlet C Portlet B View Controller Command Model Portlet A Portlet invocation API Portal engine Back Office Applications Content WEB Services PKI smart card & digital signatures ÆSOP now… J2EE