DEPARTMENT OF PUBLIC INSTRUCTION / MCNC The National Report: State, K-12, and Federal Government...

DEPARTMENT OF PUBLIC INSTRUCTION / MCNC

The National Report:State, K-12, and

Federal Government

CAMP: June 23rd, 2010, 10:45-11:45

Presenters: Tim Poe – Sr. Collaborative Technologist at MCNC Mike Veckenstedt, Ph.D – CTO/Deputy CIO at NC-DPI Steve Thorpe – Systems Analyst at MCNC


Agenda

(A) Overview of NCTrust (Tim)

(B) K-12 in NCTrust (Mike)

(C) Configuration Management (Steve)

Slide 2


Overview of NCTrust

• Now that we have the NCREN for K-20, what are the opportunities to:• Collaborate between campuses?• Break down the silos between public

universities/independents/community colleges/K-12?

• Collaborate with campuses in other states and nations?

Slide 3


Overview of NCTrust (cont.)

• Also, what are the opportunities to provide collective resources in our state that are:

•Cheaper•Better•Faster

Slide 4



•And how can we provide granular access so that the right people get access to the right resources at the right time (or not)?

Slide 5



• The CSWG (Collaborative Services Working Group) is a part of the MCNC/NCREN Advisory Structure. Co-chaired by:• CIO of the public university system

(UNC GA)• CIO of the community college system

(NCCCS)• CIO for state K-12 (NC DPI)• Independent representation (CIO of Elon

University)

Slide 6



• Federated Identity Management Task Force established (Chairs Mark Scheible and Mike Veckenstedt)

• Comprised of the best and brightest identity management experts in NC

• Recognition that a K-20 solution needed (not just higher education)

• Group determined early on to utilize InCommon, largely due to value of legal framework.

Slide 7



• A pilot project was created:

• Two K-12 Districts (Rockingham County &, Davie County)

• Three Universities (UNC-Chapel Hill, Duke University, NC State University)

• Two Community Colleges (Central Piedmont CC, Wake Tech CC),

• Two Other Organizations (NC DPI and MCNC)

• Two primary SPs (NC LIVE and VCL)Slide 8


NCTrust is a Subset of InCommon Federation

Slide 9



• Pilot “ended” in May 2010.

• Results published in End of Year Report available at www.mcnc.org - follow links from “Advisory & Governance.”

• Now we proceed with “growing” and managing the trust.

Slide 10



• Success to date do to:• Platforms (CSWG and eLearning

Commission) for K-20 collaboration. • Immense amounts of expertise and

good will from all sectors of K-20. • Persistent belief in achieving a vision

that relies on each organization knowing who its members are, what their roles are, and the benefits of collaboration and shared resources.

Slide 11


K-12 in NCTrust• 115 School Districts with ~ 2,500

schools

• ~97 Charter Schools

• ~1.4 mill students (K12)

• 17 UNC system institutions

• 58 community colleges

• 36 independent colleges / universities

• Plus many othersSlide 12


21st Century Learning (K-12)

• K-12 moves into P-20: Schools, Colleges and Universities “converging”

• Learn-And-Earn: NC program

• Virtual Public Schools

• Student, Teacher, Parents are all part of the student’s education

• “Streamlining student account administration”

Slide 13


Teacher and Staff Time Is Valuable• 2 min per student per year for

account administration, focusing on Middle and High School

~ 3000 admin work days statewide(K6-12)

• Times logins for Network, Media-Center, Lunch, Study Island, Moodle, etc. (~5)

=> 15,000 work daysSlide 14


Other Important Benefits of FIM

• Systems- and Data Security• Decentralized Account Administration

works; Centralized Administration doesn’t.• Staff joining/leaving• Parents/Guardians associated to a student

• Use of other Educational Resources• Virtual Computing Lab• iTunes University• NC-Live

Slide 15


Statewide Rollout in K-12

• Selected CIMS Project:• Computerized Instructional

Management System – Teacher Tool, Testing Students Online.

• Included two School Districts• Shibbolized Identity Mmt Systems.

• Vendor became SP.

• Pilot ended in May successfully.

Slide 16


Attribute Release Policy

• Lots of discussion – still unclear what the total set of released attributes will be…

• Student Identifier seems to be a good one.

• What about:• Age?• Grade?• Special Needs?

Slide 17


Some Challenges …

• Membership Management of 100+ School Districts.• Legalities, Responsibilities• Central Meta-Data Management

• How do you build a business case one SP at time?• One project cannot pay for all

infrastructure.• Readiness of K-12 software vendors.

Slide 18


… even more Challenges

• Available staff at School Districts• Technical Skills of Local School

District Staff• 10 month Employees.

• Maintenance of the NCTrust/Shibboleth Infrastructure

Slide 19


Technical Issues Non-Trivial

Slide 20

• Requires understanding of many layers• XML• Web application server configuration, X509 certificates• IdP and SP packaging• OS configuration• Managing software updates• Network configuration, etc.

• This is can be challenging, especially for smaller institutions


IdP Virtual Machine Appliance

Slide 21

• MCNC developed a customizable VM for the NCTrust federation participants

• Guest OS is CentOS

• Host OS can be Windows or Linux, running Xen or VMware

• Preconfigured to use NCTrust Metadata (subset of InCommon’s)

• Customized for each NCTrust member

• This helped a LOT!


Configuration Management

Slide 22

• MCNC’s Automated Configuration Management System• Rapid building and replicating of

customized OS installs• Automated deployment of patching

and reconfigurations

• Delta among IdPs is small• Only ~15 small files are different,

totaling just ~150KB• Rest of the appliance is same for all


IdP Appliance Only Goes So Far

Slide 23

• Each institution is unique• Back-end Identity Infrastructure• Technical Skill Set

• Considerable ramp-up effort is still required at each organization

• Centralized NCTrust Federation IdP Hosting?• NCTrust is looking at options for this• Probably this is much more scalable

for NC’s K-12 community


Conclusions

Slide 24

• It works…, even in K-12!

• How can we finalize an Attribute Release policy for K-12 / P-20?

• Skill set requirements are challenging.

• More vendors have to become SPs

• Scaling requires

• New organizational thinking

• Cloud-like computing


Thank You

Also thanks to the many Federated ID Task Force members from throughout the NCREN community that are participating with us in the NCTrust pilot project

More Info:

Link: http://edspace.mcnc.org/confluence/display/FIM

Tim Poe: [email protected]

Mike Veckenstedt: [email protected]

Steve Thorpe: [email protected]

Slide 25

See you in the Federation

Date post:	12-Jan-2016
Category:	Documents
Upload:	elinor-wilson
View:	212 times
Download:	0 times

DEPARTMENT OF PUBLIC INSTRUCTION / MCNC The National Report: State, K-12, and Federal Government...

Documents