20061019-middleware
advertisement
Campus middleware in the service of Science Keith Hazelton Internet2 Middleware Architecture Committee for Education NSF Internet2 Day October 19, 2006 Middleware serving science • • • • • • • The vision: from siloed applications to layered services A fictional illustrative example Examples from the real world Results so far Who is involved Scope of work The emergence of Federations and Virtual Organizations A Map of Middleware Land Vision in one slide • Build a campus/enterprise core middleware infrastructure that • Serves the overall enterprise IT environment, providing business drivers and institutional investment for sustainability and scalability • Is designed to support the research and instructional missions • Implies consistent approaches and common practices across campuses and internationally • Build, plumb, and replumb the tools of research on top of that emergent infrastructure • Domain-specific middleware (grids, sensor nets, etc) • Common collaboration tools (video, protected wikis, shared calendaring, audioconferencing, etc.) Components of Core Middleware: Internet2 with NSF support Why • Ease of use • Common tools used in a consistent fashion • Allow students to access research capabilities in instructional environments • Better security • Integrate with local security • Facilitate flexible options for effective use • Preserve privacy but maintain accountability Why • Realizes efficiencies, economic and strategic, that serves both the institution and its individuals • Facilitate advanced networking and science • Trust-mediated transparency • Transparent-to-use tools for collaboration • Better diagnostics An Example: Jean Blue and VOGUE • Hypothetical Professor Jean Blue • Professor of Micro-astro Physics at Sandstone U, teaching MAP 1010 • PI of international VOGUE project • Fiscal authority of local VOGUE funds • Parking permit for Lot 421 • ID Card 465631-1289 Integrating science and education • Jean Blue, as PI of VOGUE, gets lots of research capabilities that need to work in education. • Assign to students of MAPS 101 permission to read the VOGUE mass-hypometer • Assign to the four TA/discussion leaders permission to reset the mass-hypometer • Facilitate on-line discussions among the students taking classes at other universities from her co-PI’s • Have read/write privileges on the VOGUE wiki, and give her students read access to parts of the Wiki • There are many, many problems with the current ad hoc approaches Functions and Roles for Jean Blue • Lead VOGUE scientist • • • • Run experiments Manage instruments and data Administer rights for others to manage I&D Collaborator – audioconferences, IM, wikis • Co-PI of VOGUE grant • Manage local financial accounts • Approve local hires • Edit and electronically submit proposals Functions and Roles for Jean Blue • VOGUE Disseminator • Provide editorial content for outreach wiki • Mentor K-12 teachers in community programs • Educator • Teach undergraduate classes using research tools • Supervise graduate students, TA’s, etc. Concrete examples • Elsevier, JSTOR e-resource providers: – Scientists aren't even aware that their access to digital library materials is mediated by NMI federating software, shibboleth (Ohio State) • Physics professor using WebAssign service for content and testing (Penn State) Concrete examples • Cancer Biomedical Informatics Grid • Incorporates NMI group/role management and federation software in caGrid 1.0, rolling out in December Concrete examples • Scientists in Denmark and Norway have access to supercomputer facility through a portal in Finland • Shib-enabled access to Condor – Georgetown users, Univ. of Wisconsin resources The Vision, from the User View • A consistent set of tools to manage their campus and virtual organization lives • Provide a common approach to authentication, authorization, delegation, etc. • Permit activities that cross educational and virtual organization boundaries • Provide usability, security and privacy • Satisfy regulatory and audit requirements From Vision to Reality • We’re now 5-6 years into a multi-year development and deployment effort • Broad participation of higher education and the commercial sector in the US and internationally • Deep engagement with the federal government • Key players include Internet2, NSF, Educause, GSA, NIH, etc. The results so far • Effective promotion of issues, roadmaps, etc to campuses and corresponding investment by campuses (“2006 Number 1 IT Issue”) • Broad adoption of community standards • Provision of key open-source components • Shape major technical standards • Creation of inter-institutional trust fabrics to provide federated identity infrastructure • Consistent international deployments, some more extensive than the US • The early beginnings of virtual organization development. Who’s involved • Many interested parties – the time is now, for both the needs and the capabilities • Within the academic sector, driven by campus IT organizations supplying architects, working open source code, and participation in community standards processes • In the corporate sector, both vendors and large, heterogeneous companies see the needs and opportunities Who’s involved • Initiatives within government, from NSF NMI to GSA E-Authentication, providing project funding and use the resulting products. • Internationally, R&E sectors are active and in some cases exceeding US efforts • Internet2 Middleware Initiative and MACE have been focus points and coordination mechanisms. Scope of work • Core middleware infrastructure, including directories, authentication, authorization, etc. in service to academic, administrative and research missions. • An emerging set of developments in virtual organization support, including both basic collaboration tools and platforms such as GridShib • Deliverables are open source software (Shib, Signet, Grouper, etc.), community standards (eduPerson, eduOrg), best practices, dissemination and sharing, and some modest services (InCommon, USHER) Parallel trajectories outside the US • e-Science initiatives in Great Britain and Australia • both include heavy investment in middleware development • many of the projects building on prior NSF Middleware Initiative deliverables from Internet2 • Most notably: National Higher Education Shibboleth deployment in Great Britain Parallel trajectories outside the US • January 2005, the Australian Department of Education, Science and Training (DEST) and the UK Joint Information Systems Committee (JISC) signed a DEST-JISC Cooperation Framework • Closer collaboration, continued investment in eScience and related middleware activities Federations Concept Federated identity and virtual organizations • Campuses build consistent and sustainable middleware infrastructures • Federating software and federations create effective inter-institutional collaboration infrastructure on that substrate • Federations peer internationally and across sectors to extend the value • Virtual organizations leverage campus infrastructure and peered federations for usercentric enterprise-leveraged collaborations The Art of Federating GridShib • A set of approaches to leveraging federated identity in Grids • Projects leverage local authentication in a variety of ways, and some contemplate extending local authorization approaches to Grids • All approaches provide significant improvements to user experience, security, privacy, cost of operations and more. • Pilot deployments planned in the next few months across a part of the Teragrid The impacts on cyberinfrastructure “The event was a nice example of why you get on an airplane and travel to a workshop - to make progress about 50 times faster than exchanging email and position papers! Having made this investment, we are ready to take the next concrete steps to make this vision a reality. Improving security and usability at the same time. How often do you get a chance to do that? “ Charlie Catlett, Teragrid Director Q&A
