The Meteor Project and Financial Aid Delivery Justin Tilton instructional media + magic, inc....

Preview:

Citation preview

The Meteor Project and Financial Aid Delivery

Justin Tiltoninstructional media + magic, inc.

Presented to: The National Association of

Student Financial Aid Administrators

October 11, 2001

Th

e M

ete

or

Pro

ject

2

Financial aid services

• In the past, regulations drove practicesand determined services

• Now, information technology drives practices and has the potential to increase service

________________

Using information technology, the U.S. Department of Education is improving its services, and setting higher expectations. The challenge for schools and others in the Higher Education loan community is to meet the current expectations and collaborate on standards for the future.

Th

e M

ete

or

Pro

ject

3

Some key initiatives• Student loan industry

• CommonLine• Common Account Maintenance (CAM)• The High Performance Channel (HPC)• The Meteor Project • ELMnet

• Department of Education OSFA• Web enabled applications• Common Origination and Disbursements

• College and university collaboratives• JA-SIG (Java in Administration Special Interest Group)

• Internet 2 and Shibboleth• MIT’s Open Knowledge Initiative

• Florida State University, University of Hawaii• “30 minute application to funds”

Th

e M

ete

or

Pro

ject

4

SFA Web-enabled applications

• FAFSA on the web

• Schools portal release 2.0with single sign-on

• Financial partners portals – FY 2002

• Student on-line access todirect loan servicing

• API to SFA systems

Th

e M

ete

or

Pro

ject

5

Impact on colleges and universities

Changes:

• From Batch to Real-time Transactions,

• From Proprietary File Transfers to Internet XML Messaging Standards

• From SFA-defined to Industry Standard Message Content

• An integrated Student Experience

• Use of SFA-provided Java (J2EE)shared-components

Th

e M

ete

or

Pro

ject

6

The Meteor Project

• An initiative of the student loan industry

• Collaborative effort of 37 guaranty agencies, lenders, secondary markets, and servicers

• On-line, real-time information services

• Separate channels for students and financial aid professionals

• Aligned with industry, SFA standards

______________________

“Building the IT infrastructure for the next decade”

Th

e M

ete

or

Pro

ject

7

Students expectations shaped by...

• Their experience applyingfor federal financial aid

• Their use of financial services portals

• Their use of the Internet

• Their life in a “real-time, information rich” environment

Th

e M

ete

or

Pro

ject

8

Students now expect...

• Customer service 24 hours a day, 7 days a week

• Complete information froma single source

• Delivery by Web, e-mail, telephone, facsimile, and wireless devices

• response time of 15 seconds for telephone, 10 seconds for Web, and 2 hours for e-mail and facsimile

• access to a complete customer history

Th

e M

ete

or

Pro

ject

9

Is technology important?

• Technology choices determine the quality of electronic services offered to Web-savvy prospective students, current students, alumni, faculty, staff and the public.

• Technology choices will determine with whom you do e-business and how it is done.

Th

e M

ete

or

Pro

ject

10

SFA technology choices

• XML - B2B Standard

• Business Messages

• XML Schema (data validation)

• Java - Transportable Programs

• Shared Java Components

• Web Implementations – FAFSA

• UML - Unified Modeling Language

Th

e M

ete

or

Pro

ject

11

eBusiness Web services architecture

• XML “tagged” data contenteXtensible Markup Language

• SOAP data transportSimple Object Access Protocol

• XSL transformations for presentationeXtensible stylesheet language

• XML Digital Signature

for Server Authentication

• UDDI/WSDL directory servicesUniversal Description, Discovery, and Integration,and Web Services Description Language

Th

e M

ete

or

Pro

ject

12

Technology standards

M - from Meteor installationO - optional

Industry

OSFA

Mete

or

JA-S

IGuPort

al

IBM

Web S

erv

ices

Mic

roso

ft.N

et

Sun O

ne

Java Programming Language XML Markup Language SOAP Data Transport M UDDI Directory M WSDL Service Description M

Where does The Meteor Project fit into all of this?

Th

e M

ete

or

Pro

ject

14

Relationship of Meteor and JA-SIG

JA-SIG

uPortal

Meteor Channel

The Meteor Project

Th

e M

ete

or

Pro

ject

15

The Meteor Project

Meteor is the software and service to obtain a student’s own financial aid information from a number of different sources.

• The software can be installed on any Website--a school, lender, guaranty agency, secondary market, servicer, or collection agency.

• The software is Open Source--a “gift” from the Meteor sponsors to the financial aid community.

Th

e M

ete

or

Pro

ject

16

Data from multiple sources, locations

The Pilot Implementation

Th

e M

ete

or

Pro

ject

17

Reference implementation

The reference implementation includes:

• Authentication of the user

• A list of loans

• Details on any specific loan

• Error, warning, and information messages for the user

Th

e M

ete

or

Pro

ject

18

Meteor authentication

Th

e M

ete

or

Pro

ject

19

Meteor list of loans

Th

e M

ete

or

Pro

ject

20

Sample Meteor loan detail

Th

e M

ete

or

Pro

ject

21

User message, no Meteor service

Th

e M

ete

or

Pro

ject

22

User message, please call

How does Meteor work?

Th

e M

ete

or

Pro

ject

24

Meteor in a nutshell…

Lender

XML

UDDI

Th

e M

ete

or

Pro

ject

25

The first step…

The student chooses a portal to their Financial Aid information

Th

e M

ete

or

Pro

ject

26

Next, a secure connection

Th

e M

ete

or

Pro

ject

27

Requests sent...

XML

<LoanHistoryRq> <CustPermId>448377707</CustPermId> <DateOfBirth>1980-09-03</DateOfBirth></LoanHistoryRq>

Guaranty Agencies

NSC

SFA

Th

e M

ete

or

Pro

ject

28

Responses returned

XML

SFA

GA

NSC

<LoanInformation><LenderIdType>OPEID</LenderIdType><LenderId>809063</LenderId><LenderName>Bank of Oklahoma</LenderName><SchoolIdType>OPEID</SchoolIdType><SchoolId>003152</SchoolId><SchoolBranch>00</SchoolBranch><SchoolName>University of Central Oklahoma</SchoolName><InformationSourceIdType>OPEID</InformationSourceIdType><InformationSourceId>809063</InformationSourceId><InformationSourceName>Bank of Oklahoma</InformationSourceName><InformationSourceDate>2000-11-12</InformationSourceDate></LoanInformation>

XML

XML

Th

e M

ete

or

Pro

ject

29

Aggregated data in portal

Th

e M

ete

or

Pro

ject

30

Student wants details

Th

e M

ete

or

Pro

ject

31

Request for detail sent to Lender

Lender

XML

Th

e M

ete

or

Pro

ject

32

Detail screen displayed

Lender

XML

Th

e M

ete

or

Pro

ject

33

Diagram of Meteor Concept

Web ServicesHTML

MeteorXML

StudentStudent Access Provider Access Provider Data Provider Data Provider

Th

e M

ete

or

Pro

ject

34

As implemented ...

Web ServicesSecure HTML

MeteorSecure XML

StandardBrowserStandardBrowser uPortaluPortal

MeteorSOAP

MeteorSOAP

MeteorSOAP

MeteorSOAP

DatabaseDatabase

Th

e M

ete

or

Pro

ject

35

The development configuration

uPortalStandardBrowserStandardBrowser uPortaluPortal

Meteor SOAPJAVA ComponentsMeteor SOAPJAVA Components

Meteor SOAPJAVA ComponentsMeteor SOAPJAVA Components

DatabaseJDBC ConnectionDatabase

JDBC Connection

LinuxApacheTomcat

LinuxApacheTomcat

Th

e M

ete

or

Pro

ject

36

What we learned...

• The XML/SOAP business message turnaround is less than 1 second

• Because of the scope of authorization for access and different uses, Meteor needed two separate channels

• Student and parental access to the student’s information

• Financial aid professionals access to information about students

Th

e M

ete

or

Pro

ject

37

Professional - Authorization

Th

e M

ete

or

Pro

ject

38

Selection

Th

e M

ete

or

Pro

ject

39

Display

Why is Meteor important?

Th

e M

ete

or

Pro

ject

41

The Meteor software

• Provides an information servicefor students and alumni

• Provides an information resource for financial aid professionals

• Becomes a first step toward implementation of the Department of Education’s real-time “Common Origination and Disbursement” -due in 2003

Th

e M

ete

or

Pro

ject

42

Meteor software will be available as:

• A channel in JA-SIG’s uPortal 2.0 or later

• A Java servlet that can in incorporated into any Website that supports servlets

• Possibly a channel in Apache Foundation’s JetSpeed portal (also IBM’s general portal)

The school experienceAuthentication, a barrier to

implementation

Th

e M

ete

or

Pro

ject

44

Some definitions

• Proxy (a) An entity authorized to act for another; (b) authority or power to act for another ; (c) a document giving such authority.

OASIS Security Services TC Glossary, July 2001

• Financial aggregation is the process of gathering content from multiple sources and consolidating that information at a single web location for review and, potentially, financial transactions by the customer.

BITS Voluntary Guidelines forAggregation Services, April 2001

Th

e M

ete

or

Pro

ject

45

Some definitions

• Credential - Data that is transferred to establish a claimed principal identity.

• Assertion - A piece of data, produced by a SAML authority, constituting a declaration of identity, or attribute information, or authorizations.

• Login, Logon, Signon - The process of presenting credentials to an authentication authority, establishing a simple session, and optionally establishing a rich session.

OASIS Security Services TC Glossary, July 2001

Th

e M

ete

or

Pro

ject

46

IFX Business Message

• SOAP Header

• Routing information

• Business Message

• SecurityPassword

[Digital] Certificate

Magnetic Stripe and PIN

Request/Response of Secret

• Business services content

Th

e M

ete

or

Pro

ject

47

Authentication and authorization

• Defining “Level of identification”

• Incomplete standard protocols for authentication or authorization

• Web Single Signon • Internet2/Shibboleth

Originally Jan 2001 now Dec 2001

• SAML Security Assertion Markup LanguageIndefinite Delay (from June 2001) likely 2002

• Indeterminate policies and procedures

• Legal - new laws and lack of precedents• Lack of e-business experience

Th

e M

ete

or

Pro

ject

48

e-Business users

• Hierarchy of trust

• Government

• Banks

• “Brand name” companies

• Pattern of e-Business Use (typically six to twelve months)

• Data only

• Small transactions - $10 to $25

• Larger transactions

Th

e M

ete

or

Pro

ject

49

Boston College expectation

• Only ”regular” students and employees in the financial aid office will access Meteor through the College’s secure portal.

• The National Student Clearinghouse, and subsequently others, will “trust” the Boston College authentication.

Th

e M

ete

or

Pro

ject

50

The “trusted” college

Secure Collegeenvironment

Secure Internetconnection

Employee uses school logonand password

College sends institutional logon

and password

Loan list message

ScenarioUser: EmployeeAccess Provider: Boston CollegeData Provider: Clearinghouse

Th

e M

ete

or

Pro

ject

51

As a proxy service

Secure Collegeenvironment

Secure Internetconnection

Student useslogon and passwordfrom Data Provider

College forwardsthis logon

and password

Loan list message

ScenarioUser: StudentAccess Provider: College or UniversityData Provider: Guarantee Agency

Th

e M

ete

or

Pro

ject

52

As a security aggregation service

Student useslogon and passwordfrom Access Provider

College forwardsthis logon

and password

Loan list message

ScenarioUser: StudentAccess Provider: College or UniversityData Provider: Guarantee Agency

CitiBank

SallieMae

1

6

4

32

Secure Internetconnection

5

Th

e M

ete

or

Pro

ject

53

Third party authentication

Student useslogon and password

from third party College forwardsthe assertions

Loan listmessage

ScenarioUser: StudentAccess Provider: College or UniversityData Provider: Guarantee Agency

1

6

4

3

2

5

SAML Request

Assertionsreturned

Secure Collegeenvironment

Secure Internetconnection

Th

e M

ete

or

Pro

ject

54

Meteor sponsors

American Education ServicesAmerican Student AssistanceBank OneCollege Foundation, Inc. [NC]The College Board/CollegeCredit Education Loan ProgramConnecticut Student Loan FoundationEducation Assistance CorporationEducation Funding AssociationFlorida Department of Education, OSFAGeorgia Higher Education Assistance CorporationGreat Lakes Higher Education Guaranty CorporationGuaranTec, LLPHigher Education Student Assistance AuthorityIllinois Student Assistance CommissionIowa Student Loan Liquidity CorporationKentucky Higher Education Assistance AuthorityKey Education ResourcesLoanStar Systems, Inc.

Th

e M

ete

or

Pro

ject

55

Meteor sponsors

Michigan Higher Education Assistance AuthorityMontana Guaranteed Student Loan ProgramNational Student Loan Program, Inc.New Hampshire Higher Education Assistance Foundation New York State Higher Education Services Corporation North Carolina State Education Assistance Authority Northwest Education Loan Association (NELA)Oklahoma Guaranteed Student Loan ProgramOregon Student Assistance Commission Panhandle-Plains Student Loan CenterRhode Island Higher Education Assistance AuthoritySallie Mae, Inc.Southwest Student Services CorporationStudent Loan Finance AssociationStudent Loan Guarantee Foundation of ArkansasStudent Loans of North DakotaTexas Guaranteed Student Loan CorporationUnited Student Aid FundsVermont Student Assistance Corporation

Th

e M

ete

or

Pro

ject

56

And we had help...

• The National Student Clearinghouse’s Roberta Hyland and Joy Wang provided data access and programming assistance to make their database available to Meteor users.

• Interactive Business Solutions Software Engineer (and Harvard University graduate student) Peter Karchenko joined the Meteor team working on the project.

• Priority Technologies, Inc. extended the Meteor software and contributed the UDDI/WDSL implementation.

• Credit Online’s Dennis Warnke and Glenn Leyba shared LoanML drafts and their experience implementing IFX SOAP messaging.

• Great Lakes’ Steve Marganeau provided CommonLine XML as it was being produced in December 2000.

• Sigma Systems Inc.’s Andy Sprague provided test data and design guidance and Randy Timmons gave Meteor briefings and demonstrations.

The end

Recommended