Supporting further and higher education
Middleware and AA within the JISC Environment
Nicole Harris, JISC Development Group
08 June 2004 TERENA 2004, Rhodes 2
Overview
• What is the JISC ‘Environment’?– The JISC Information Environment (IE);– eLearning Technical Framework;– GRID / Virtual Research Environment;– The UK “Common” Information
Environment (CIE).
• What have we done to support AA?• What are we planning?• Why this, why now?
08 June 2004 TERENA 2004, Rhodes 3
The IE Architecture
JISC-fundedcontent providers
institutionalcontent providers
externalcontent providers
brokers aggregators catalogues indexes
institutionalportals
subjectportals
learning managementsystems
media-specificportals
end-userdesktop/browser
pres
enta
tion
fusion
prov
isio
n
OpenURLresolvers
shared infrastructure
authentication/authorisation (Athens)
JISC IE service registry
institutional profilingservices
user preferences services
resolvers
metadata schema registries
08 June 2004 TERENA 2004, Rhodes 4
The eLearning Technical Framework
Institutional Infrastructures
User Agents
VLE Portal LibrarySRS Authoring tool
Timetabling Space alloc
Application Services
CollaborationSequencing Learning flow Activity mgmt Course mgmt
Group mgmt Resource mgtScheduling Discover Content mgmt
Cataloguing Activity author ArchivingResource listPackaging
Rating/annotate Assessment Profile mgmtGradingTerminology
Competency PreferencesePortfolio
Common Services
Messaging Authentication DRMAuthorisation Hierarchy
Terms/conditn Logging WorkflowIdentifier Filing
Search Service registry Metadata regResolver Institution profile
Institutional Infrastructures
User Agents
VLE Portal LibrarySRS Authoring tool
Timetabling Space alloc
User Agents
VLE Portal LibrarySRS Authoring toolVLE Portal LibrarySRS Authoring tool
Timetabling Space allocTimetabling Space alloc
Application Services
CollaborationSequencing Learning flow Activity mgmt Course mgmt
Group mgmt Resource mgtScheduling Discover Content mgmt
Cataloguing Activity author ArchivingResource listPackaging
Rating/annotate Assessment Profile mgmtGradingTerminology
Competency PreferencesePortfolio
Application Services
CollaborationSequencing Learning flow Activity mgmt Course mgmtCollaborationSequencing Learning flow Activity mgmt Course mgmt
Group mgmt Resource mgtScheduling Discover Content mgmtGroup mgmt Resource mgtScheduling Discover Content mgmt
Cataloguing Activity author ArchivingResource listPackagingCataloguing Activity author ArchivingResource listPackaging
Rating/annotate Assessment Profile mgmtGradingTerminologyRating/annotate Assessment Profile mgmtGradingTerminology
Competency PreferencesePortfolioCompetency PreferencesePortfolio
Common Services
Messaging Authentication DRMAuthorisation Hierarchy
Terms/conditn Logging WorkflowIdentifier Filing
Search Service registry Metadata regResolver Institution profile
Common Services
Messaging Authentication DRMAuthorisation HierarchyMessaging Authentication DRMAuthorisation Hierarchy
Terms/conditn Logging WorkflowIdentifier FilingTerms/conditn Logging WorkflowIdentifier Filing
Search Service registry Metadata regResolver Institution profileSearch Service registry Metadata regResolver Institution profile
08 June 2004 TERENA 2004, Rhodes 5
eResearch Community
?
08 June 2004 TERENA 2004, Rhodes 6
The “Common” IE (CIE)
• A much wider UK public sector partnership
• JISC• Museums/Galleries/Public Libraries• The British Library• National Health Service• e-Science Core Programme
• Aim is to provide consistent access for the UK public across a wide spread of publicly-funded work
08 June 2004 TERENA 2004, Rhodes 7
Athens in the UK
• Athens currently provides the authentication and authorisation service for the Information Environment. A username /password based service for unifying access to electronic library-type resources.– Mainly though not exclusively licensed via JISC
consortium deals.• Over 2 million current usernames.
– Username/password database; maintenance devolved to institutions.
• Around 500 HE and FE institutions use the Athens service.
• Around 200 licensed resources are controlled via Athens.– A high proportion of the major academic publishers have
now implemented Athens.
08 June 2004 TERENA 2004, Rhodes 8
The e-Science CA
• Part of the Grid Support Centre at CLRC/RAL
• Based on OpenCA software (with local modifications)
• Verification of user identities carried out by trusted RAs around the community
• Current scale of operation a few hundred certificates per year
08 June 2004 TERENA 2004, Rhodes 9
The AAA Programme
July 2002:
“to undertake a number of projects designed to give the UK experience of
the emerging technologies in the authentication and authorisation area, based on open, vendor-independent
standards.”
An Audit.
08 June 2004 TERENA 2004, Rhodes 10
AAA Projects
• Very briefly, technologies investigated:– AKENTI.– PERMIS.– CAS (Community Authorisation Service).– PAPI.– RADIUS.– SHIBBOLETH.– DIGITAL CERTIFICATE / PKI
DEVELOPMENTS. • Supported By:
– Study of Institutional Roles.– Policy Study.
08 June 2004 TERENA 2004, Rhodes 11
Moving Forward
• Next-generation AAA infrastructure must support the following scenarios: – Internal (intra-institutional) applications as
well as use between organisations;– Management of access to third-party
digital library-type resources (as now);– Inter-institutional use – stable, long-term
resource sharing between defined groups (e.g. shared e-learning scenarios);
– Inter-institutional use – ad hoc ;collaborations, potentially dynamic in nature (virtual organisations or VOs).
• Athens in current form does not.
08 June 2004 TERENA 2004, Rhodes 12
Core Middleware: Technology Development
• 16 funded projects.• April 2004 – March 2007.• Investigating the development of
middleware technology within key areas: – grid development,– PERMIS development,– portals development, – inter-institutional collaboration,– Shibboleth in non-University environments.
08 June 2004 TERENA 2004, Rhodes 13
Core Middleware: Infrastructure
• Aim: to build working Shibboleth Infrastructure within the UK.
• ‘Shibbolising’ JISC resources.• Central services: WAYF, target
support, origin support, policy development.
• Early Adopters calls.• Athens gateway.
08 June 2004 TERENA 2004, Rhodes 14
Why this? Why now?
• Clearly identified NEED for new service from community.
• Good international take-up of Shibboleth.
• Shibboleth trials successful (AAA Programme) – proven to meet requirements.
• Interest from Publishers. • Being open!