1 / 75

The Other Side of Middleware: Working with Policy Makers, Data Owners and Campus Constituents

The Other Side of Middleware: Working with Policy Makers, Data Owners and Campus Constituents. Panelists. Joseph Lazor Florida State University Lesley Tolman Tufts University Dave Tomcheck University of California, Irvine Art Vandenberg Georgia State University

habib
Download Presentation

The Other Side of Middleware: Working with Policy Makers, Data Owners and Campus Constituents

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Other Side of Middleware:Working with Policy Makers, Data Owners and Campus Constituents

  2. Panelists • Joseph Lazor Florida State University • Lesley TolmanTufts University • Dave TomcheckUniversity of California, Irvine • Art VandenbergGeorgia State University • Ann WestEDUCAUSE/Internet2/Michigan Tech

  3. A Bit About Middleware • Middleware makes “transparent use” happen, providing consistency, security, privacy and capability • Identity - unique markers of who you (person, machine, service, group) are • Authentication - how you prove or establish that you are that identity • Authorization - what an identity is permitted to do • Directories - where an identity’s basic characteristics are kept

  4. Map of Middleware Land

  5. Topics Not Covered • Business Case • Long-term Value • Technology details

  6. Themes • Middleware is not just a technology project • Implementation challenges are a reflection of • Institutional culture and needs • Installed technology, requirements, and available resources • Leadership

  7. Middleware Politics

  8. Topics • Project Methodology • Stakeholders • Challenges • Lessons Learned

  9. What’s unique about middleware? • It’s like an ERP project • Cross institutional impact and value • Changes the way business is done • Leverages the crown jewels, our data • It’s not like an ERP project • Rare for non-IT to lead the way • Costs less • Rare for the IT-data staff to implement it • Difficult to communicate the benefits • Transparent

  10. Project Methodology • Three project approaches • Stealth • Application-based • Strategic

  11. Stakeholders • Contributes to or benefits from implementation • IT (supplies/oversees data; offers services) • Telecommunications • Campus-wide (email, calendaring, video, etc.) • Administrative • Academic • Student Services (supplies/oversees data; offers services) • Registrar • Financial Aid • Advising • Admissions • HR (supplies/oversees data; offers services) • Finance (supplies/oversees data; offers services) • ebusiness (vendors)

  12. Stakeholders • Library (supplies/oversees data; offers services; consumers) • Research services (supplies/oversees data; offers services) • Advancement (supplies/oversees data; offers services) • Alumni (supplies/oversees data; offers services) • Athletics (supplies/oversees data; offers services) • Academia (faculty/departments) • teaching (supplies data/consumer) • on-campus • distance ed • research (supplies data/consumer) • Facilities management (supplies/oversees data; offers services) • Students (supplies/oversees data)

  13. Challenges and Pitfalls • Misjudging readiness of environment • Business needs are not obvious • Aim, fire, ready • Going too slow is a problem too. • Lacking leadership and support • IT trusted? • IT on board? • Where are the weak spots? • Failing to plan up-front • What could go wrong/right? • Just-in-time opportunities • Not setting boundaries, short and long term • Leaving out key participants • Do they lose control? • Do they need control? Do you?

  14. Challenges and Pitfalls (cont.) • Incurring legal or PR risks • Your president gets a call… • Educating campus • What have you done for me lately? • Why should I care again? • Best practices • Passwords are like underwear… • We’re never done • Resourcing the project • Missing one or more function: architect, implementer, project manager, communicator • Do this in your spare time… • Let’s go for the big bucks… • Moving the on-going cost to the infrastructure category • Moving the operations to data-knowledgeable staff

  15. Suggestions • Plan up front • Educate IT well before the external campaign • Assess weak spots • Allocate resources • Consultants, Training, Creative management? • What are the boundaries? • Be flexible and allow for opportunities • Overall architecture and tenets • Go for the easy wins to set up a track record • Include ability to iterate, pilot, and fail; iterate, pilot, and succeed • Identify ways to measure benefits ahead of time for later flag waving • Consider opportunities taken, productivity gains through self-service

  16. Suggestions (cont.) • Include key stakeholders early • Don’t promise what they want; offer reality instead • Bring them inside and develop strategy together • Develop your story early • Decide if middleware should even be mentioned • Tie the implementation to culture and business needs • Use stories and words your audience can relate to • On-going communication is critical • Find IT staff who can talk to the campus constituents • Include web/hard copy/personal communications • Consistency and constancy of message • Use the informal network • Don’t do what you shouldn’t do

  17. If you build it… • They will: • Want it before you know they want it. • Want it before the pilot is done. • Want it right after it’s done because department A wants it. • Wait and see until department A &B weigh in and then want it. • Wait until they are required to want it and still not want it.

  18. Case Studies

  19. Enterprise Directory Service:A Case Study Florida State University • Joseph A. LazorOffice of Technology Integrationjlazor@fsu.edu

  20. Florida State UniversityHighlights • 58,000 students, faculty, staff. • Main Campus, London, Puerto Rico, Panama City Campuses. • 10th largest in research royalties. • 17th most wired –1st in Florida. • 1200+ Distance Learning courses. • Largest University owned supercomputer configuration in the U.S. • Bobby Bowden

  21. Highlights • Centralized Finance & Administration. • Centralized Information Technology – Office of Technology Integration. • AVP-CIO – Provost & VP F&A • Administrative: human resources, financial, student, administrative services. • Academic: Network, Labs, E-mail. • User: Helpdesk, CBT training. • Office of Distributed Distance Learning – Blackboard. • Data Center • Colleges, Schools operate with great deal of autonomy.

  22. Enterprise Directory Service • Mission • Provide FSU and Our Constituents With Secure • Web Delivered Information Services that are: • Personalized • Access to Many System Services with ONE Password • Easy to Use • Easy to Support • Available World-wide • Based on Progressive Industry Standard Technology • Positioning FSU for Integrated Systems with a Single Login.

  23. Enterprise Directory Service • Expanding Community of Constituents • Expanding with “Lifelong Relationships”, Distance Learning, and Enrollment Management, etc. • Students on Our Four Campuses plus • Remote Learning Centers and Distance Learners Worldwide • Special Education Relationships (e.g.. Navy, Army, IRS) • Faculty and Staff • Prospective Students

  24. Enterprise Directory Service • A Complex Community of Constituents • Students and Alumni sharing information • Family, Friends and Potential Employers – Delegation of Access • Alumni Access to Services after they leave FSU • Academic • Business Partners i. e. Technology Transfer Partners • Research Partners i. e. Mag Lab, Internet 2, JA-SIG, Weather Service • Administrative • Potential FSU Employees • Oversight Relationships i.e. Purchasing, Accounting, Travel • Vendor for Business Services i e. Bookstore, Food Services • Complexity - Invisible to people using Integrated Web Security

  25. Enterprise Directory Service • Security with an LDAP • A technical word for - Progressive Industry Standard Technology • Strong Password Encryption Worldwide • Reliable 7/24 Access to Services • Selective Access Control with User Roles • Limit Number of Invalid Login Attempts • Password Change + Lost Password Processes • No Password Retrieval • Position Ourselves to Phase out the SSN and Move to Self-selected Webname for Web Identification

  26. Enterprise Directory Service • Usability/Drivers • Single Login to Individualized Set of FSU’s Systems • Privacy & Security • Ease of Use, Familiar Look • Personal Choice of Favored Login Method • User Friendly Procedures (e.g. Lost Password, Secure Q/A)  Help Desk Relieve • Personalized Services Environment (Real Name) • Fast and Easy Setup for First Time Users • Scalable to Larger Communities (Roles!)

  27. Enterprise Directory Service Rollout Step One – Business needs – Campus wide. Web enabling legacy systems as foundation for Integrated Web Security was Implemented for Faculty and Staff Fall 2000. Personalized Web names

  28. Enterprise Directory Service • Rollout – Continued • Step Two – Personalized User Account Service and the Integrated Authentication Process • Conduct training Sessions for Key Business Offices. • Implement the User Account Service and the Integrated Authentication Process (using LDAP) for Faculty and Staff; while Retaining the Current Menu and Applications.

  29. Enterprise Directory Service • Rollout – Continued • Step Three – Students get Personalized Web services • Implement the New User Friendly Menu of Services including the Services for Enrolled Students. • Add Enrolled Students • Step Four - Implement Common Security and Password for ACNS and AIS Services - using LDAP

  30. Enterprise Directory Service • Rollout – Continued Proceed to Integrate Additional Services and Communities: • Blackboard’s “Teaching and Learning Services” • FSU’s Web Based E-Mail • Alumni and Foundation - with our Shared Login • “Admitted but not Enrolled” Students • People applying for jobs at FSU • Student Support Service Toolkits for Staff • Student’s Delegation of Access - Family & Employers

  31. Enterprise Directory ServiceOutputs/Results • Integrated Web Security, and the Services Accessed through it, will Position FSU as an Integrated Web Services Leader in Higher Education. • FSU will be Positioned to Continue that Leadership with the Future Implementation of Digital Certificates which will Provide a technique for electronic signatures - an even Higher Level of Security.

  32. Enterprise Directory ServiceCase Study • This concludes my first presentationand now Art!

  33. Georgia State University – Case Study 1 Middleware:Working with Policy Makers, Data Owners, and Campus Constituents • Art Vandenberg • Director, Advanced Campus Services • Information Systems & Technology • Georgia State University • Avandenberg@gsu.edu

  34. Culture, Business Needs& Project Methodology • CIO - top level sponsor of eUniversity • Analogous to eCommerce, higher ed needs: • Directory services (not limited point solutions) for id, authN, authZ per application • Seamless interfaces to applications: libraries, email, calendaring, eLearning, room/resource access, etc. • Reduction of multiple electronic identities • Specific commitment, assignment & charge for Advanced Campus Services - broad coordination

  35. Specific Direction& Action Plans • Feb 2000, ACS charged with: • University-wide directory, metadirectory • Universal account creation (namespace) • Universal email solutions • Interface to other electronic domains (one card, library…) • Public-private key infrastructure • NOTE: Georgia State’s ERP domain: • Peoplesoft financials, Student SCT begun, WebCT…

  36. Stakeholders • CIO and IT directors • Steering Group, scope doc, charter • Data Stewards for Person Working Group: • registrar, hr, financials, card office, person registry • LDAP Technical Working Group • Application domains • WebCT, student email, Rec Center, one card office • University System - discussion, promotion • CIOs, Vice Chancellor, Technical staff

  37. Pitfalls/Missed Opportunities? • Misjudging readiness • Competing ERP deployments • “Not ready for prime time” PKI • Business needs not obvious • Hard to engage ERP teams focused on their core tasks • “But we can already do that!” (finding a killer app…) • “We’ll do that later, as soon as finished with priorities.” • Lack of trust from data custodians? • Not really, but challenges with“technical” custodians

  38. … Opportunities?… • Re: Bringing in key stakeholders • Deference to ERP teams (hindsight is 20/20… but) • However…aircraft carriers need room (time) to turn • Changes the way we do business • Easier for new applications to embrace change? • WebCT, student email, Rec Center • Major event horizon (inevitable…) • First stop is person registry, then HR • Change process, not business • University System - a necessary engagement

  39. Legal Risks with Data • Limit initial issues (but be aware) • If risky, leave data behind ERP wall (cf. bank accounts) • Person registry actually inserts level of protection • Publishing/provisioning can have appropriate limits • Registry remains behind access controls • White pages: “print” directory (Registrar/HR) • Core principles: • Authoritative sources remain ERP systems • Data Stewardship & Access Policy governs all data

  40. Silos and Fortresses? • What about aircraft carriers? • Major ERP implementations already underway • Production and operations culture vs. R&D • Technical debates can be: <invigorating/debilitating> • Tactical versus strategic • Just do it (works well initially) • Iterative process, that keeps focusing on strategy • Remember, we’re part of a state system • Keeping one eye on national initiatives in middleware

  41. Communication Model • Enterprise Directory Infrastructure Steering Group • CIO and IT directors • Start biweekly, phase toward monthly end year 2 • Level setting, resource identification, priorities • University System • Burton Group directory/PKI seminars (1999-2000) • Directory Working Group (3 research, system office) • Establish vocabulary, concepts, general consensus • Recommendation to ACIT (CIOs & V.Chancellor) • Directory of directories/system-wide id/ERP integration

  42. Communication… • Conferences • University System Rock Eagle, CUMREC • Focus-IT newsletter, campus contacts • System Committee on policy for SSN • Internet2 Middleware working groups • Support group, sanity check, best practices • Consider as “retreat & renewal” for more evangelism • Technical staff (listen, be patient, leverage) • Work it until it’s part of the IT vocabulary

  43. The Sales Pitch… • Focus on application areas • Middleware may be too arcane, except for “initiates” • “Printed Directory” as a metaphor • Provisioning - as it impacts colleges/depts: • Automatic course rolls for WebCT • Universal email(and for admitted students) • New staff hires (get them online “day one”) • Account management - as it impacts technical • User X has what accounts? Who is in application Y?

  44. Hot Buttons – Internal Pressures • Doesn’t everyone use same email? (No!) • President: Why can’t I send email to all faculty? • “I want to choose my own unique ID” • New hire online “day one” • Group email, paperless office, email check advice • Too many ids, too little management • Operational/production missions take priority • Resources: staff, time, money (in that order)

  45. Wormholes…Strategic Goals • Goose & gander (student email policy… staff too) • Aha! (Metamerge & NMI-R1 for dynamic groups) • Just do it! (Forgiveness negotiable) • Involve faculty & students (competitive edge) • Support teaching & learning mission • Integrate with ERP systems (Campus Pipeline…) • 3 years… but directory services on VC’s plan!

  46. Carrots & Sticks • We’ll do this app for you if… • vs • We can do this app better if… • Involve from beginning? • Advantage sometimes, sometimes not • Good for us: research faculty & students • Find customer app that sells: WebCT, demographics • The problem you want: middleware advisors! • You’ve really arrived!

  47. Policy and Data

  48. Overview • Technical Implementation of Institutional Policy • Pitfalls • Suggestions

  49. Institutional Policy • Defining and Maintaining Policy, e.g. Parking Permits • Business Rules Derived from Policy • Implementing Technical Triggers of Policy • Applications enforce business rules and policy definition, e.g. SAA • Middleware glues applications via messaging and transaction services

  50. Challenges • Data Owners and Control Issues • Policy Framework out of Sync with Reality • New Culture of Staff/Faculty/Students • New Mobility • Increased Regulatory Environment • Greater Concern over Privacy

More Related