Supporting further and higher education

Middleware and AA within the JISC Environment

Nicole Harris, JISC Development Group

<n.harris@jisc.ac.uk>

08 June 2004 TERENA 2004, Rhodes 2

Overview

• What is the JISC ‘Environment’?– The JISC Information Environment (IE);– eLearning Technical Framework;– GRID / Virtual Research Environment;– The UK “Common” Information

Environment (CIE).

• What have we done to support AA?• What are we planning?• Why this, why now?

08 June 2004 TERENA 2004, Rhodes 3

The IE Architecture

JISC-fundedcontent providers

institutionalcontent providers

externalcontent providers

brokers aggregators catalogues indexes

institutionalportals

subjectportals

learning managementsystems

media-specificportals

end-userdesktop/browser

pres

enta

tion

fusion

prov

isio

n

OpenURLresolvers

shared infrastructure

authentication/authorisation (Athens)

JISC IE service registry

institutional profilingservices

user preferences services

resolvers

metadata schema registries

08 June 2004 TERENA 2004, Rhodes 4

The eLearning Technical Framework

Institutional Infrastructures

User Agents

VLE Portal LibrarySRS Authoring tool

Timetabling Space alloc

Application Services

CollaborationSequencing Learning flow Activity mgmt Course mgmt

Group mgmt Resource mgtScheduling Discover Content mgmt

Cataloguing Activity author ArchivingResource listPackaging

Rating/annotate Assessment Profile mgmtGradingTerminology

Competency PreferencesePortfolio

Common Services

Messaging Authentication DRMAuthorisation Hierarchy

Terms/conditn Logging WorkflowIdentifier Filing

Search Service registry Metadata regResolver Institution profile

Institutional Infrastructures

User Agents

VLE Portal LibrarySRS Authoring tool

Timetabling Space alloc

User Agents

VLE Portal LibrarySRS Authoring toolVLE Portal LibrarySRS Authoring tool

Timetabling Space allocTimetabling Space alloc

Application Services

CollaborationSequencing Learning flow Activity mgmt Course mgmt

Group mgmt Resource mgtScheduling Discover Content mgmt

Cataloguing Activity author ArchivingResource listPackaging

Rating/annotate Assessment Profile mgmtGradingTerminology

Competency PreferencesePortfolio

Application Services

CollaborationSequencing Learning flow Activity mgmt Course mgmtCollaborationSequencing Learning flow Activity mgmt Course mgmt

Group mgmt Resource mgtScheduling Discover Content mgmtGroup mgmt Resource mgtScheduling Discover Content mgmt

Cataloguing Activity author ArchivingResource listPackagingCataloguing Activity author ArchivingResource listPackaging

Rating/annotate Assessment Profile mgmtGradingTerminologyRating/annotate Assessment Profile mgmtGradingTerminology

Competency PreferencesePortfolioCompetency PreferencesePortfolio

Common Services

Messaging Authentication DRMAuthorisation Hierarchy

Terms/conditn Logging WorkflowIdentifier Filing

Search Service registry Metadata regResolver Institution profile

Common Services

Messaging Authentication DRMAuthorisation HierarchyMessaging Authentication DRMAuthorisation Hierarchy

Terms/conditn Logging WorkflowIdentifier FilingTerms/conditn Logging WorkflowIdentifier Filing

Search Service registry Metadata regResolver Institution profileSearch Service registry Metadata regResolver Institution profile

08 June 2004 TERENA 2004, Rhodes 5

eResearch Community

?

08 June 2004 TERENA 2004, Rhodes 6

The “Common” IE (CIE)

• A much wider UK public sector partnership

• JISC• Museums/Galleries/Public Libraries• The British Library• National Health Service• e-Science Core Programme

• Aim is to provide consistent access for the UK public across a wide spread of publicly-funded work

08 June 2004 TERENA 2004, Rhodes 7

Athens in the UK

• Athens currently provides the authentication and authorisation service for the Information Environment. A username /password based service for unifying access to electronic library-type resources.– Mainly though not exclusively licensed via JISC

consortium deals.• Over 2 million current usernames.

– Username/password database; maintenance devolved to institutions.

• Around 500 HE and FE institutions use the Athens service.

• Around 200 licensed resources are controlled via Athens.– A high proportion of the major academic publishers have

now implemented Athens.

08 June 2004 TERENA 2004, Rhodes 8

The e-Science CA

• Part of the Grid Support Centre at CLRC/RAL

• Based on OpenCA software (with local modifications)

• Verification of user identities carried out by trusted RAs around the community

• Current scale of operation a few hundred certificates per year

08 June 2004 TERENA 2004, Rhodes 9

The AAA Programme

July 2002:

“to undertake a number of projects designed to give the UK experience of

the emerging technologies in the authentication and authorisation area, based on open, vendor-independent

standards.”

An Audit.

08 June 2004 TERENA 2004, Rhodes 10

AAA Projects

• Very briefly, technologies investigated:– AKENTI.– PERMIS.– CAS (Community Authorisation Service).– PAPI.– RADIUS.– SHIBBOLETH.– DIGITAL CERTIFICATE / PKI

DEVELOPMENTS. • Supported By:

– Study of Institutional Roles.– Policy Study.

08 June 2004 TERENA 2004, Rhodes 11

Moving Forward

• Next-generation AAA infrastructure must support the following scenarios: – Internal (intra-institutional) applications as

well as use between organisations;– Management of access to third-party

digital library-type resources (as now);– Inter-institutional use – stable, long-term

resource sharing between defined groups (e.g. shared e-learning scenarios);

– Inter-institutional use – ad hoc ;collaborations, potentially dynamic in nature (virtual organisations or VOs).

• Athens in current form does not.

08 June 2004 TERENA 2004, Rhodes 12

Core Middleware: Technology Development

• 16 funded projects.• April 2004 – March 2007.• Investigating the development of

middleware technology within key areas: – grid development,– PERMIS development,– portals development, – inter-institutional collaboration,– Shibboleth in non-University environments.

08 June 2004 TERENA 2004, Rhodes 13

Core Middleware: Infrastructure

• Aim: to build working Shibboleth Infrastructure within the UK.

• ‘Shibbolising’ JISC resources.• Central services: WAYF, target

support, origin support, policy development.

• Early Adopters calls.• Athens gateway.

08 June 2004 TERENA 2004, Rhodes 14

Why this? Why now?

• Clearly identified NEED for new service from community.

• Good international take-up of Shibboleth.

• Shibboleth trials successful (AAA Programme) – proven to meet requirements.

• Interest from Publishers. • Being open!