TF-EMC2 – Internet2 update

Dr. Ken Klingenstein,Senior Director, Middleware and Security, Internet2

Technologist, University of Colorado at Boulder

kjk@internet2.edu

Topics

Internet2 Stuff

Middleware

Other middleware and apps activities in the US

Kuali

Rice / KIM

US Gov

kjk@internet2.edu

Internet2

• Network wars with NLR have subsided

• DCN remains an expensive and uncertain service

• 100GE the new thrill

• New governance mechanisms, but little effect yet

kjk@internet2.edu

Internet2 Middleware

• Core products include Shib, Grouper• Plans for privilege management evolving• Maybe some add-ons to Grouper• Maybe a stand-alone library ala Signet• Maybe…

• COmanage about to go beta and seems to be an obvious approach• GUI work important; engagement with Fluid• Basic domesticated applications include Confluence,

Drupal, Sympa, etc.

kjk@internet2.edu

Shibboleth

• Thanks to the Swiss, Hungary, Sweden, etc for the code development

• Geneva does SAML and will, with configuration guidance, function as a Shib IdP and SP

• 2.1 on the street

• Delegation and portal integration next in the roadmap

kjk@internet2.edu

InCommon Update

• Growth is quite strong; doubled in size for the fifth year straight…

• Potential size estimates (pre-interfederation) could grow > 5,000; revenue stream….

• MoU for federal agencies to join in the works• Silver profile approved• Federation soup in the US is increasing in complexity• Major planning effort on the future of InCommon now

underway, including governance, community served, pricing and packaging principles, business models

kjk@internet2.edu

Grist for InCommon background

• Comparison to other national R&E federations

• Budget, basics

• Strength-weakness-opportunities-threats analysis

• Status of soup

• Growth and expense/revenue projections• Effect of interfederation and soup on projections

• Other business opportunities

kjk@internet2.edu

Principles to be established

• Community served• Business opportunities• Governance and representation• Pricing and packaging principles – membership models,

working with soup, etc.• Charge by cost or charge by value

• -------------• The relationship between InCommon and Internet2

kjk@internet2.edu

CAMPs 2009

• Feb – Arizona – Institutional Identity – registrars and IT folks

• June - ?• Base Camp – getting starting with group and privilege

management• Advanced Camp – either

• Integration of Institutional and Social Identity

• API’s for basic IdM

• Workflow and priv management

kjk@internet2.edu

Kuali

• Open Source Major Enterprise Apps• Kuali Financials• Kuali Student• Kuali Grant Management – Coeus• Kuali Library Systems

• Often catalyzed by grant funding but operated by community source and development

• Have a lot of interest but have yet to prove themselves

kjk@internet2.edu

Rice and KIM

• Rice is the unifying middleware for the Kuali applications, and now much more. It includes workflow, service buses, etc.

• KIM is the Kuali Identity Management part of Rice• But since the the Kuali apps are of different

generations, Rice isn’t simple• And KIM is urgent• And many schools have implemented Shib and

Grouper…

kjk@internet2.edu

US Gov

• EAuthentication is back and is new and improved

• Model is to “do that stuff like InCommon” (form community of interest federations) and do something inter-federation

• NIST 800-63 is undergoing some revisions; R&E has emerged as the key user community

kjk@internet2.edu

A Partial List of Important Things on the R&E Federated Space

• Learning the business of federations (business models, governance structures, membership models, etc) and sharing that knowledge R

• Coordination of interfederation basic technical approaches (from InfoCard and attribute management strategies to metadata tagging and services to, gasp, monitoring and diagnostics) TF

• Coordination of interfederation basic policy issues (from overlapping or competing members to common policy frameworks to legal structures between federations, orphanages) R

• Application enablement, from DKIM to video TF• Federated operator standards, best practices, audits, etc. R• Support of virtual organizations in science, humanities, etc. R• eGov Interactions ? + LA• LOA profiles ? +LA• Common membership agreement formats R• Standardized member POP R

kjk@internet2.edu

A Partial List of Important Things on the R&E Federated Space

• Outreach of model to other vertical sectors (eg. Medical, Telecomm and ISP’s) LA

• Outreach of R&E feds to other emerging national feds nobody

• Short-term multi-fed metadata R + Ken • Long-term solutions to dynamic metadata, etc. TF• Effective attribute standards/mapping processes R+ TF• Coordination of attributes ->English in uApprove,

Autograph, InfoCard, etc. R+TF• Convening and hosting REfeds and TAC

kjk@internet2.edu

Places where talking could happen

• REfeds• Liberty Alliance• REfeds TAC (possible)• EMC2• ECAM/MACE• ISOC• Geant/eduGAIN• ??

kjk@internet2.edu

Other items

• Privman venue

• EDDY

• Bob

• Hit the refresh button frequently…