Visualization Middleware for e-Science UK e-Science Core Programme Open Call gViz Project
The JISC’s Core Middleware Programme
description
Transcript of The JISC’s Core Middleware Programme
Joint Information Systems Committee
The JISC’s Core Middleware Programme
Terry Morrow
JISC Consultant
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
Summary
Athens
JISC Core Middleware Programme– Technology Development
– Infrastructure
Early adopter programme
The Future
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
The Athens Story
Athens developed in the UK
– over 10 years old
– solution to problem of multiple identities accessing multiple remote services
– centralised authentication + authorisation
Technology plus infrastructure
– Help desk, local administrators etc
Very successful
– 500 HE/FE institutions; over 2 million usernames registered
– “Ahead of its time”
Most service providers have provided an Athens compliant access mechanism
– Mandatory for recent supplier contracts with JISC
– Approximately 200 licensed resources controlled via Athens
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
Athens – good, but not perfect
Requires management of separate “Athens accounts”
– Users must obtain separate Athens username password (“Classic Athens”)
– Have to remember Athens username/password – only used for remote services
– AthensDA works more like Shibboleth (local id’s used)
Little take-up of Athens outside UK
– though used in other sectors in the UK - eg Health service
Service providers have to licence Athens - cost
Centralised service – relatively high operational costs
Not well suited to increasingly complex authorisation scenarios
Meanwhile, other countries starting to adopt SAML/Shibboleth based technologies
– USA (InCommon), Switzerland (SWITCHaai), Finland (HAKA)
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
JISC’s Core Middleware Programme
Programme :
Commenced April 2004; two components:
– Technology Development
– Infrastructure
Aims:
better understanding of middleware potential and application within HE and FE
build a working Shibboleth infrastructure
support take-up and use of Shibboleth within HE and FE
ensure developments are embedded within HE and FE
ensure join-up across JISC development in relation to middleware
More details online at
– http://www.jisc.ac.uk/programme_middleware.html
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
Joint Information Systems Committee
Core Middleware
Technology Development Programme
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
Technology Development
Core Middleware: Technology Development Programme
– April 2004 – March 2007
Programme has funded 15 different projects
Supports investigations into several key areas:
– Internal (intra-institutional) applications
– Access to external, third-party resources
– Inter-institutional use
• stable, long-term resource sharing between defined groups e.g. shared e-learning scenarios
• ad hoc collaborations, potentially dynamic in nature (virtual organisations or VOs)
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
Technologies
Some of the technologies investigated:
– PERMIS (Privilege and Role Management Infrastructure Standards)
– RADIUS (Wireless Networking and Roaming)
– SHIBBOLETH
15 Projects include eg:
– PERMIS/Shibboleth integration (SIPS project, Salford)
– DyVOSE – Dynamic Virtual Organisations in e-Science Education (Glasgow/Edinburgh)
– ESP-GRID – Evaluation of Shibboleth & PKI for Grids – Oxford University
Supported By:
– SDSS (Shibboleth Development & Support Services) - Edinburgh University
– Study of Institutional Roles
– Expert reports (e.g. Single Sign-on – Gilmore, Farvis, Maddock)
Joint Information Systems Committee
Core Middleware
Infrastructure Programme
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
Infrastructure Programme
Aim - establish a working UK Shibboleth infrastructure
Government Comprehensive Spending Review funding
– Additional funding to JISC’s main annual budget
– Approx £3.4m from Apr 2004 to Mar 2006
Main work areas:
– Making Data Centre services (MIMAS and EDINA) Shibboleth compliant
– Creating Athens/Shibboleth gateways
– Funding for organisations willing to be early Shibboleth adopters
– Creating a service to assist the early adopters
– Establishing a national UK federation (to be known as Sparta)
– Liaising with suppliers: publishers, subscription agents etc
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
Early Adopters
Early Adopter Programme runs from March 2005 – December 2006
Two strands:
– Institutional Adopters (introducing Shibboleth at a university, FE college etc)
– 12 projects
– Funding up to £50,000 available per institution
Distributed E-learning Regional Pilot projects
– 9 of the projects funded to add Shibboleth capability
– Up to £40,000 available
Additional call recently issued – closing date 19 Sep
– 18 responses now being evaluated – not all can be funded
– 4 responses from Scotland
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
Early Adopters
12 Institutional early adopter projects funded:
– ShibboLEAP (consortium of 6 London University colleges)
– Leeds (GILEAD)
– Nottingham (UNISA)
– Nottingham Trent (East Midlands deployment)
– UK Data Archive (SAFARI)
– Newcastle (SAPIR)
– Bristol (Metaleth)
– Liverpool (LSIP)
– Cardiff (ASMIMA)
– Exeter (Project SWISh)
– St George’s Hospital Med Sch (ADAMS)
– Liverpool (Cheshire Project)
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
E-Learning Early Adopters
The following are including Shibboleth in their e-learning pilot projects:
– University of Newcastle (EPICS)
– University of Central England
– University of Nottingham (RIPPLL)
– Liverpool John Moores University
– University of Staffordshire
– Birkbeck, University of London (L4ALL)
– University of Wolverhampton
– University College Worcester
– University of Essex (EERN) (Chimera)
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
Examples of Early Adopter Projects
Leeds University – GILEAD
– Creating a Shibboleth IdP based on AthensIM for access to Nathan Bodington VLE
– Eliminate requirement is issue Athens accounts by using Athens gateway
Nottingham University – UNISA
– Deploying Eduserv implementation of Shibboleth IdP
– Had hoped to register all new students this September with only local identities
Bristol University – Metaleth
– Implement Shibboleth
– Integrate with Ex Libris’s Metalib & SFX link server
UK Data Archive – SAFARI
– Access control to a wide range of social science survey data
– Embedding in one-stop registration service
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
More Examples
Cardiff University – ASMIMA
– Implement Shibboleth IdP
– Move from 10,000 Athens accounts to using local identifiers via Shibboleth
– Investigating using Shibboleth to control access to National Health Service resources
Exeter University – SWISh
– Implement Shibboleth IdP
– Implement a pilot service with a small number of users
– Expand service
– Investigate using with university portal, VLE, Library management service
Newcastle University – SAPIR
– Replacement of Athens with Shibboleth
– Configuration of online Reading List Management; Ex Libris’s Metalib
– Test Environment for Aleph Library Management System
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
ShibboLEAP
Consortium of 6, led by LSE:
– Royal Holloway, SOAS, KCL, UCL, Birkbeck, Imperial
Members of the SHERPA-LEAP consortium
– SHERPA = Securing a Hybrid Environment for Research Preservation & Access (Nottingham)
– LEAP = London E-prints Access Project
Aims:
(1) Establish general purpose Shibboleth origins at each college.
(2) Integrate the ePrints.org server making it a target
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
Middleware Assisted Take-Up Service (MATU)
Dedicated support service for early adopters
Scoping future requirements for institutions adopting Shibboleth
Support services include:
– Comprehensive website
– Documentation
– Help desk
– Onsite support
– Training events
– Links to, and information about, software
See: http://www.matu.ac.uk
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
Future
UK Federation will be established over next 6-9 months
– will cover UK higher/further education & research
Federation will be known as SPARTA
UK HE WAYF (Where Are You From) service to be established
Athens contract with JISC due for renewal 2006
– Likely to be renewed for further 2 years (but possible conditions)
– Expectation that support will diminish/stop after that
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
Challenges (1)
Ensure that the new Sparta federation covers both HE/FE and Research
Multiple federations issues
Getting national federations to interwork
Establishing how multiple federations within a country inter-operateEg:
– Sparta and the new BECTA federation
– Sparta and NHS federation
– InCommon and the US Federal Government
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
Challenges (2)
Suppliers (eg publishers) need to be persuaded to adopt the technology
– May be “pushing at open doors”
– Some (eg Elsevier, JSTOR) taking the initiative
Cultural, organisational change
– Shifting functions from libraries to computing services
Persuading institutions to move from Athens to Shibboleth
– resistance to change
– short term cost for long term gain
Early adopter experiences will encourage other institutions
– strong interest in second call for early adopters – 18 bids
Educating the community on the advantages of a Shibboleth regime
– examples: more flexible subscription models; fine control of courseware access
Security & Access Management Workshop – Edinburgh – 20 Oct 2005
Further Information
JISC web pages – http://www.jisc.ac.uk/programme_middleware.html
Internet2 http://shibboleth.internet2.edu
MATUhttp://www.matu.ac.uk
JISCmail lists:JISC-ShibbolethJISC-Shibboleth-Announce
Terry MorrowJISC [email protected]