1 / 19

NSF Middleware Initiative

NSF Middleware Initiative. NSF Middleware Initiative. Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2. Topics for Today. NMI goals and processes Major elements Campus middleware infrastructure - Directories, security

marycameron
Download Presentation

NSF Middleware Initiative

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. NSF Middleware Initiative NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2

  2. Topics for Today • NMI goals and processes • Major elements • Campus middleware infrastructure - Directories, security • National middleware services - HEBCA, DODHE, etc. • Further Grid development • Grid deployment and integration into campus infrastructure • First year targets • Internet2 middleware activities • HEBCA developments CIC AIS Directors - April 15, 2002

  3. What is the NMI? • NSF award for integrators to • Globus (NCSA, UCSD, University of Chicago, USC/ ISI, and University of Wisconsin) • Internet2, EDUCAUSE, and SURA • Build on the successes of the Globus project and the Internet2/MACE initiative • Multi-Year Effort • A practical (deployment) activity that necessitates some research • Separate awards to academic pure research “throw it long” components CIC AIS Directors - April 15, 2002

  4. To allow scientists and engineers the ability to transparently use and share distributed resources, such as computers, data, and instruments To develop effective collaboration and communications tools such as Grid technologies, desktop video, and other advanced services to expedite research and education, and To develop a working architecture and approach which can be extended to Internet users around the world. Middleware is the stuff that makes “transparently use” happen, providing consistency, security, privacy and capability The Problem We’re Trying To Solve... CIC AIS Directors - April 15, 2002

  5. What Outcomes is it Trying to Achieve? • A unified model for managing the campus infrastructure • directories • identity • meta-directories • security • authentication • authorization • services • A model for achieving interoperability for the research and higher ed communities • A model for building applications CIC AIS Directors - April 15, 2002

  6. How Will it Accomplish these Goals? • Facilitate communication among interested parties to increase the likelihood of interoperable solutions - vendors - standards groups develop middleware tools • Develop consensus around “Best Practices” • Develop consensus around recommendations to support interoperability and standard directory • Facilitate the development and availability of Open Source Implementations for middleware components CIC AIS Directors - April 15, 2002

  7. How Will it Accomplish these Goals? • Integrate emerging middleware components into a well-tested, comprehensive, commercial-quality, middleware distribution package that runs on multiple platforms. • Facilitate the availability of applications that leverage this infrastructure • - e.g., H.323 clients • - open source services CIC AIS Directors - April 15, 2002

  8. A Map of Middlewareland CIC AIS Directors - April 15, 2002

  9. Build campus middleware infrastructure in support of research and education Collaborative inter-realm infrastructure development desktop video interoperable web services Grid advancement and integration Nurture innovative new middleware components NMI Release 1 - May, 2002 NMI First Year Goals CIC AIS Directors - April 15, 2002

  10. Identity Services on One Slide Objectclass standards (e.g.eduperson, gridperson) Content Portals Shibboleth exchange of attributes Future PKI DODHE et al Grids et al Interrealm Learning Management Systems Security Domain Personal Portals Web services and servers WebISO Enterprise directory Campus authentication Future PKI CIC AIS Directors - April 15, 2002

  11. Simple Federated Administration Model Service discovery service Policy enforcement point Policy enforcement point Policy enforcement points Authentication Service client target Protocols Enterprise LDAP directory Enterprise LDAP directory Attribute requestor Policv decision point Attribute authority Grid directory Video directory Video directory CIC AIS Directors - April 15, 2002

  12. Internet2 Middleware Initiative Directories eduPerson 1.5 eduOrg Groups Metadirectories Shibboleth - interrealm exchange of attributes DoDHE PKI-light - edging towards signed (and perhaps encrypted) email Authentication - webiso Authorization CIC AIS Directors - April 15, 2002

  13. The pieces fit together… Campus infrastructure Directories Name space Enterprise authentication Interrealm infrastructure the edu objectclasses exchange of attributes Upperware Digital libraries Grids uPortal OKI CIC AIS Directors - April 15, 2002

  14. D. Wasley’s PKI Puzzle CIC AIS Directors - April 15, 2002

  15. HEBCA developments The Higher Ed Bridge Certificate Authority is intended to be a exchange of trust point for certificate authorities that serve the higher ed community An effort of EDUCAUSE, with support from NIH , Internet2, and testbed campuses (UAB. Wisconsin, Dartmouth, California, Texas) MitreTek providing the services The HEBCA peers with the Federal Bridge and can act as an exchange for commercial CA’s (e.g. DST, Verisign, Entrust, etc.) and non-profit CA’s (e.g. CREN, campus CA’s, etc.) Challenges in technology and policy CIC AIS Directors - April 15, 2002

  16. Challenges in technology Conversions in formats between different CA implementations Securing the HEBCA system Getting all the directories to find each other Clients must be “bridge-aware” CIC AIS Directors - April 15, 2002

  17. Challenges in policy Current peering with FBCA is “test” Peering with the FBCA is a lugubrious process Policy mapping may be a hard process Policy OIDs are all placeholders Creating Certificate Policies and Certificate Practice Statements hard No Policy Management Authority (PMA) yet CIC AIS Directors - April 15, 2002

  18. Security PKI X.509 certificates Attribute certs Proxy certs Certificate Policies and Practice Statements XML schemas common Privacy CIC AIS Directors - April 15, 2002

  19. What to watch… The campus middleware infrastructure - make sure it is being developed and reflects needs Vendor and database licensing and service changes Shibboleth Demos and Pilots NMI web sites http://www.nsf-middleware.org http//www.nmi-edit.org http://www.grids-center.org CIC AIS Directors - April 15, 2002

More Related