middleware planning and deployment 201: implementation roadmap keith hazelton, university of...
TRANSCRIPT
Middleware Planning and Deployment 201:
Implementation Roadmap
Keith Hazelton, University of Wisconsin/Internet2
Renee Woodten Frost, Internet2/University of Michigan
March 24, 2003 Middleware Planning and Deployment 201 2
Agenda
• Introductions & Overview• Project Planning, Preparation & Requirements• Directory Architecture Design & Initial Policy
Development• Break • Data Flow & Business Process; Policy Development• Directory & Applications Implementation/Deployment• Research, Resources, & Wrap up
March 24, 2003 Middleware Planning and Deployment 201 3
Outcomes
• Understanding of how to plan your enterprise directory implementation
• Overview of major project stages
March 24, 2003 Middleware Planning and Deployment 201 4
A Bit About Middleware
Middleware makes “transparent use” happen, providing consistency, security, privacy and capability
• Identity - unique markers of who you (person, machine, service, group) are
• Authentication - how you prove or establish that you are that identity
• Authorization - what an identity is permitted to do
• Directories - where an identity’s basic characteristics are kept
March 24, 2003 Middleware Planning and Deployment 201 5
Map of Middleware Land
March 24, 2003 Middleware Planning and Deployment 201 6
Enterprise Directory Implementation Roadmap
March 24, 2003 Middleware Planning and Deployment 201 7
Before You Begin…
• The goal of any middleware project should be to deploy enabled applications, not to implement middleware
• Much of this work is iterative in nature
• Middleware projects are a reflection of the technology, data, policy, and political environments in which they are implemented – All implementations are not the same, but they do
address the same functions
March 24, 2003 Middleware Planning and Deployment 201 8
Project Stages
Technology/Architecture and Policy/Management
• Project Planning, Preparation, & Requirements
• Directory Architecture Design & Initial Policy Development
• Data Flow & Business Process ReviewContinue Policy Development
• Directory & Applications Implementation & Deployment
March 24, 2003 Middleware Planning and Deployment 201 9
Project Planning, Preparation and Requirements
Policy/Management
• Develop Business Case & Secure Support
• Develop Project Plan
• Assemble Resources
March 24, 2003 Middleware Planning and Deployment 201 10
Planning: Policy/Management
Develop Business Case & Secure Support– Educate yourself and organization on need for
middleware
– Assemble drivers for campus
– Assess strengths, weaknesses, and critical success factors
– Develop business case
– Secure support
March 24, 2003 Middleware Planning and Deployment 201 11
Secure Support
• Stakeholders
• Champion
• Funding Sources
• Business and Policy Process
March 24, 2003 Middleware Planning and Deployment 201 12
Planning: Policy/Management
Develop Project Plan
• Decide on implementation strategy, timing, and organizational approach
• Develop communications and PR plan
• Discuss with stakeholders when appropriate
• Develop project plan
March 24, 2003 Middleware Planning and Deployment 201 13
Decisions for Strategy
• Clarifying relationships between individuals & institution. When does admitted student become a student able to access online library resources?
• Determining who manages, who can update and who can see common data. How does an address get changed? Who is responsible for its accuracy?
• Structuring information access & use rules between departments & central administrative units. Who can use e-procurement system to purchase lab rats?
• Reconciling business rules & practices. What needs to happen in systems of record to have new student accounts added? Who must initiate this?
March 24, 2003 Middleware Planning and Deployment 201 14
Develop Communication Plans
• Use to help manage expectations• Publicize quick wins a shared vision, support from the
executive levels• Use combination of face-to-face conversations &
presentations & web/hard copy communications,• Tailor message to disparate audiences • Keep the overall message consistent. • Identify ways to involve stakeholders in decision and
policy making process. • Need to reiterate overall goals & business case many
times before directory is deployed & apps are enabled.
March 24, 2003 Middleware Planning and Deployment 201 15
Project Plan Considerations• Quick wins early in process to demonstrate value.• Identify ways to measure benefits (productivity gains,
self-service) ahead of time.• Success enables more success. Make sure later
requests can be accommodated to keep enthusiasm• Over provision first infrastructure to accommodate
growth for first applications & addition of new ones.• Develop overall guidelines for directory & project to
help in decision making later• Be prepared to redefine responsibilities of people as
workload changes.• Treat directory as formal application development
project; provide for life-cycle support & mgmt
March 24, 2003 Middleware Planning and Deployment 201 16
Planning: Policy/Management
Assemble Resources
• Decide on funding model and secure funding
• Develop technical, policy, executive and organizational project structure
• Begin communication plan
March 24, 2003 Middleware Planning and Deployment 201 17
Funding
• Costs– staff time: in acquiring data, establishing policy, and
implementing the technical infrastructure. – capital and operational costs
• Securing Funds; depends largely on existing staff, their expertise, available resources for outsourcing, & level of commitment to other production systems.
• Funding Options– absorb cost of project into existing initiatives underway, or
within ongoing operational budgets– Submit to management for funding as a standalone project
March 24, 2003 Middleware Planning and Deployment 201 18
Project Structure
• Project Champion
• Project Manager
• Core Team
• Big Team
• Steering Team
• Technical Team
March 24, 2003 Middleware Planning and Deployment 201 19
Develop Project StructureStaffing
• Technical architect• Project manager (Could be the same as the
technical architect).• Systems analysts and interpersonal
communication specialists • Systems, database, and application
developers.
March 24, 2003 Middleware Planning and Deployment 201 20
Discussion
March 24, 2003 Middleware Planning and Deployment 201 21
Directory Architecture Design & Initial Policy Development
Technology/Architecture• Develop campus identifier
strategy • Research directory service
architectures• Research systems design
architectures
Policy/Management• Continue communication
plan• Educate targeted policy
staff/group about directories
• Review policy structure and begin development
March 24, 2003 Middleware Planning and Deployment 201 22
Design: Technology/Architecture
Develop campus identifier strategy
• Create an identifier inventory
• Decide on unique identifier strategy
March 24, 2003 Middleware Planning and Deployment 201 23
Design: Technology/Architecture
Research directory service architectures
• Understand the components and how they interact
• Review campus technical infrastructure and requirements
• Research current higher ed practices
• Research security issues and models
• Review and decide on products
March 24, 2003 Middleware Planning and Deployment 201 24
Core Middleware for an Integrated Architecture
March 24, 2003 Middleware Planning and Deployment 201 25
Design: Technology/Architecture
Research systems architectures
• Design software, hardware and networking infrastructure
• Work with project management and others to assemble needed technology components
March 24, 2003 Middleware Planning and Deployment 201 26
Design: Policy/Management
Continue communication plan
Educate targeted policy staff/group about directories• Discuss business plan and need for services• Discuss on-going need for oversight of directory services
March 24, 2003 Middleware Planning and Deployment 201 27
Design: Policy/Management
Review policy structure and begin development• Work with policy team, to identify gaps and develop overall requirements• Determine what you can do to streamline approval process and when to bring in legal counsel, if necessary
March 24, 2003 Middleware Planning and Deployment 201 28
Discussion
March 24, 2003 Middleware Planning and Deployment 201 29
Data Flow & Business Process ReviewContinue Policy Development
Technology/Architecture• Review chosen
application requirements• Develop data flow from
source systems and to consumer systems
• Develop technical processes according to business and architecture requirements
Policy/Management• Continue
communication plan• Review and design
business processes• Continue policy
development
March 24, 2003 Middleware Planning and Deployment 201 30
Data: Technology/Architecture
Review chosen application requirements
• Design for the first applications, keeping the long term in mind
March 24, 2003 Middleware Planning and Deployment 201 31
Data: Technology/Architecture
Develop data flow from source systems and to consumer systems
• Consider and architect the three major processes involving consolidation/identity matching, intelligence, and application/system consumers
• Work with data custodians to populate the directory with the correct data and work with management on getting clean data
March 24, 2003 Middleware Planning and Deployment 201 32
Data: Technology/Architecture
Develop technical processes according to business and architecture requirements
• Develop person registry and other functions
March 24, 2003 Middleware Planning and Deployment 201 33
Data: Policy/Management
Continue communication plan
Review and design business processes• Review business and application requirements
• Work with technical implementation team to determine where current practices need alteration and new ones need development
• Work with data custodians to develop data update, flow, and oversight approaches.
Continue policy development
March 24, 2003 Middleware Planning and Deployment 201 34
Discussion
March 24, 2003 Middleware Planning and Deployment 201 35
Directory & Applications Implementation & Deployment
Technology/Architecture• Install network, hardware, and
software systems to support the deployed services
• Implement directory, security, and data flow architectureDevelop technical processes according to business and architecture requirements
• Deploy monitoring and operational tools
Policy/Management• Continue communication plan• Work with data
managers/stakeholdersDevelop oversight process
• Publish project success and thank participants
March 24, 2003 Middleware Planning and Deployment 201 36
Deployment: Technology/Architecture
Install network, hardware, and software systems to support the deployed services
Implement directory, security, and data flow architecture
• Populate directory and test• Prototype first applications and work with
stakeholders on testing• Include mechanisms for implementing institutional
privacy policy/approach
March 24, 2003 Middleware Planning and Deployment 201 37
Deployment: Technology/Architecture
Develop technical processes according to business and architecture requirements
• Develop person registry and other functions
Deploy monitoring and operational tools
March 24, 2003 Middleware Planning and Deployment 201 38
Deployment: Policy/Management
Continue communication plan
Work with data managers/stakeholders• Develop clean data set• Include stakeholders and data custodians in testing
phase and verifying of application performance• Review initial applications for policy/legal
complianceDevelop oversight process
Publish project success and thank participants
March 24, 2003 Middleware Planning and Deployment 201 39
Discussion
Research and Resources
March 24, 2003 Middleware Planning and Deployment 201 41
Research Community
• Expert, diverse leadership and collaborators• Broad participation and review
–MACE and related working groups–NSF catalytic grants–Early Adopters–Higher Education Partners
• campuses, CNI, CREN, GRIDS, NACUBO, NACUA…–Government Partners
• NSF, NIH, NIST, fPKI TWG…–Corporate Partners
• Liberty Alliance, IBM, Sun, WebCT, OCLC, Radvision …–International communities–Standards bodies
• IETF, ITU, OASIS
March 24, 2003 Middleware Planning and Deployment 201 42
NSF Middleware Initiative
• NSF award for middleware integrators to– GRIDS Center
• Globus (NCSA, UCSD, University of Chicago, USC/ ISI, and University of Wisconsin)
– NMI-EDIT Consortium• Internet2, EDUCAUSE, and SURA
• Separate awards to academic pure research components• Build on the successes of the Globus project and
Internet2/MACE initiative • Multi-year effort• A practical (deployment) activity that necessitates some
research• Releases occur every six months, roughly May and
October
March 24, 2003 Middleware Planning and Deployment 201 43
ResearchWorking Groups/Projects
• Directories– Group Utilities
– Directory Management Utilities
– Practice Papers and Implementation Roadmap
– Directory Schema
• Shibboleth: Inter-institution web access
• PKI: HEPKI-TAG & PAG, S/MIME, PKI Labs• Middleware for Video: VC, Video on Demand
• Medical Middleware
March 24, 2003 Middleware Planning and Deployment 201 44
Enterprise Middleware Resources Available
• NMI-EDIT Release Components Software
Directory Schemas Conventions and Practices
Recommended PracticesWhite Papers
PoliciesServices
March 24, 2003 Middleware Planning and Deployment 201 45
Enterprise MiddlewareEducational Opportunities
• Workshops– Pre-conference Seminars at EDUCAUSE Regional Meetings– Campus Architectural Middleware Planning Workshops
• CAMP – June 4-6, 2003– Focused on authentication– Architects and project management– Getting started topics
• Advanced CAMP– July 9-11, 2003– Focused on authorization– Highly technical– Research topics– Campuses with mature directory and authentication
infrastructure
March 24, 2003 Middleware Planning and Deployment 201 46
On-line Resources Available
• Introductory Documents
– Sample Middleware Business Case and corresponding
Writer’s Guide
– Identifiers, Authentication, and Directories: Best Practices
for Higher Education
– Identifier Mapping Template and Campus Examples
• See resource list
March 24, 2003 Middleware Planning and Deployment 201 47
• Websiteshttp://middleware.internet2.eduhttp://www.nmi-edit.orgLook for the Enterprise Implementation Directory
RoadmapComing in April!
Middleware information and discussion listshttp://[email protected]://[email protected] lists (see websites)EDUCAUSE Constituency Group on Middleware
Coming Soon!
Websites and Discussion Lists
March 24, 2003 Middleware Planning and Deployment 201 48
Questions and Comments?
– Keith Hazelton
University of Wisconsin/Internet2 [email protected]
– Renee Woodten Frost
Internet2/University of Michigan [email protected]