1 / 40

Management Primer on Middleware

This primer provides an overview of middleware, its importance, underlying concepts and architecture, and resources available for assistance. It includes real-life examples of how middleware is used by students, faculty, and organizations to access various resources and enhance collaboration.

travisharrell
Download Presentation

Management Primer on Middleware

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Management Primer on Middleware Louise Miller-Finn, Johns Hopkins University Renee Woodten Frost, Internet2 & University of Michigan

  2. Agenda • What is Middleware? • Why is it Important? How is it Used? • What are the Underlying Concepts and Architecture? • What Resources are There to Help? Primer on Middleware

  3. Middleware in Action Mary is a grad student at Alpha U, taking courses both in a traditional classroom and online and interns at a biotech company nearby. Using her laptop, Mary needs to access her e-mail, courseware, calendar and library resources from all three locations; home, campus and work. She also uses a wireless PDA when on-campus to stay in touch with her lab mates. Primer on Middleware

  4. Middleware in Action The new Chair of the Dept. of Physiology has arrived on campus over the weekend. Dr. Agnew is very anxious to get access to campus IT resources such as e-mail, calendar, web services and the mainframe. He does not want to wait for the requisite 3-5 business days it takes to get the accounts setup.Since IT already knows of him, he can use a self-service interface to accomplish his goal. Primer on Middleware

  5. What is Middleware? • specialized networked services that are shared by applications and users • a set of core software components that permit scaling of applications and networks • tools that take complexity out of application integration • a second layer of the IT infrastructure, sitting above the network • a land where technology meets policy • the intersection of what networks designers and applications developers each do not want to do Primer on Middleware

  6. NMI Definition of Middleware • Middleware is software that connects two or more otherwise separate applications across the Internet or local area networks. More specifically, the term refers to an evolving layer of services that resides between the network and more traditional applications for managing security, access and information exchange to: Primer on Middleware

  7. NMI Definition of Middleware • Let scientists, engineers and educators transparently use and share distributed resources, such as computers, data, networks and instruments. • Develop effective collaboration and communications tools such as Grid technologies, desktop video and other advanced services to expedite research and education and • Develop a working architecture and an approach that can be extended to the larger set of Internet and network users. Primer on Middleware

  8. Map of Middleware Land Primer on Middleware

  9. Core Middleware Middleware makes “transparent use” happen, providing consistency, security, privacy and capability • Identity - unique markers of who you (person, machine, service, group) are • Authentication - how you prove or establish that you are that identity • Directories - where an identity’s basic characteristics are kept • Authorization - what an identity is permitted to do • Public Key Infrastructure (PKI) - emerging tools for security services Primer on Middleware

  10. How is it used? Email • Common authentication and directories Account management • Common authentication and provisioning mechanism Next-generation portals • Common authentication and storage for profiles and preferences. Web access controls • Common authentication and directories Calendaring • Common authentication and directories Primer on Middleware

  11. How is it used? Digital Libraries • Scalable, interoperable authentication and authorization. Grids (Research for now) • Model for a distributed computing environment, addressing diverse computational resources, distributed databases, network bandwidth,etc.; • Globus provides security, location and allocation of resources, and scheduling. Instructional Management Systems • Common authentication and directories. Academic Collaboration • Restricted sharing of materials among institutions. Primer on Middleware

  12. Organizational Drivers • Federal government • E-enterprise functions • Service expectations • Resource allocation pressures • Collaboration Primer on Middleware

  13. Benefits to the Institution • Economies for central IT - reduced account management, better web site access controls, tighter network security... • Economies for distributed IT - reduced administration, access to better information feeds, easier integration of departmental applications into campus-wide use... • Improved services for students and faculty - access to scholarly information, control of personal data, reduced legal exposures... • Participation in future research environments - Grids, videoconferencing, etc. • Participation in new collaborative initiatives – Directory of Directories, Shibboleth, etc. Primer on Middleware

  14. Costs to the Institution • Modest increases in capital equipment and staffing requirements for central IT • Considerable time and effort to conduct campus wide planning and vetting processes • One-time costs to retrofit some applications to new central infrastructure • One-time costs to build feeds from legacy source systems to central directory services • The political wounds from the reduction of duchies in data and policies Primer on Middleware

  15. Nature of the Work • Technology • Establish campus-wide services: name space, authentication • Build an enterprise directory service • Populate the directory from source systems • Enable applications to use the directory Primer on Middleware

  16. Nature of the Work • Policies and Politics • Clarify relationships between individuals and institution • Determine who manages, who can update and who can see common data • Structure information access and use rules between departments and central administrative units • Reconcile business rules and practices Primer on Middleware

  17. Underlying Concepts & Architecture

  18. Pause for some terminology • Identity: set of attributes about you. • Authentication: process used to prove your identity. Often a login process. • Authorization: process of determining if policy permits an intended action to proceed. • Customization: presentation of user interface (UI) tailored to user’s identity. Primer on Middleware

  19. What IT needs to know Identity – “you”. Characteristics that pertain to the service at hand. Examples: • Library resource: current member of the set of licensees • Video for course: enrolled in the course • Email or calendar: University username • Videoconference: current network address Primer on Middleware

  20. What IT needs to do Each service must determine what it should present to you & what you are entitled to do. Possible ways it might undertake that: • Ask you to login and look up info in its own database. (authentication & authorization) • Ask you to login and look up info in a common or central database. • Trust some other source to assert needed info (the other source might make you login). Primer on Middleware

  21. Service architectures Stovepipe (or silo): Service performs its own authentication and consults its own database for authorization and customization attributes. service service authN attrs authN attrs Primer on Middleware

  22. Comparative service architectures Stovepipes are run by separate departments/divisions. • Environment is more challenging to users, who may need to contact each office to arrange for service. • No automated life cycle management of accounts. • Per-service identifiers and security practices make it more difficult to achieve a given level of security across the enterprise. Primer on Middleware

  23. Service architectures Integrated: Service refers authentication to and obtains attributes for authorization and customization from enterprise infrastructure services. authentication service service1 Service N attribute service An Organization Primer on Middleware

  24. Comparative service architectures Enterprise authentication & attribute services are run by a central office. • All attributes known by the organization about a member can be integrated and made available to services. • Automated life cycle account management is possible across the enterprise. • Common identifiers across integrated services makes an easier and more secure user environment. Primer on Middleware

  25. Four service architectures Federated: Service refers authentication to and obtains attributes for authorization and customization from possibly external infrastructure services. authentication service service attribute service Organization 1 Organization 2 Primer on Middleware

  26. Four service architectures Grid: Service refers authentication to and obtains attributes for authorization and customization from common grid services. authentication service service1 attribute service Service N A Virtual Organization Primer on Middleware

  27. Comparative service architectures • Federated authentication & attribute services rely on each participating organization’s enterprise authentication & attribute services. • Integration of Grid services with enterprise services is a medium term goal of the NSF Middleware Initiative. Primer on Middleware

  28. The Objective Prepare campuses to implement core middleware for an integrated architecture. authentication service service1 Service N attribute service An Organization Primer on Middleware

  29. Core middleware for an integrated architecture Primer on Middleware

  30. Vignettes Revisited

  31. Provisioning vignette: The new Chair of the Dept. of Physiology has arrived on campus over the weekend. Dr. Agnew is very anxious to get access to campus IT resources such as e-mail, calendar, web services and the mainframe. He does not want to wait for the requisite 3-5 business days it takes to get the accounts setup.Since IT already knows of him, he can use a self-service interface to accomplish his goal. <to model> authN Metadirectory HRS attrs Acct Init Service Primer on Middleware

  32. Student vignette: Mary is a grad student at Alpha U, taking courses both in a traditional classroom and online and interns at a biotech company nearby. Using her laptop, Mary needs to access her e-mail, courseware, calendar and library resources from all three locations; home, campus and work. She also uses a wireless PDA when on-campus to stay in touch with her lab mates. <to model> Mailbox Lib Proxy authN CMS NAS Server attrs Calendar Wireless Gateway Primer on Middleware

  33. Vignette analysis • Set of vignettes portray: • Seamlessness of transitions between services. • Independence of location of service or user. • Suites of services designed to support activities of different constituencies. • Absence of need to make prior arrangement for resources required to enable services. Primer on Middleware

  34. Middleware Resources Primer on Middleware

  35. What resources are there to help? • Expert, diverse leadership and collaborators • MACE and the working groups • NSF catalytic grants • Early Adopters • Higher Education Partners – campuses, EDUCAUSE, CREN, CNI, SURA, GRIDS, NACUBO,AACRAO, NACUA, etc • Government Partners - NSF, NIH, NIST, fPKI TWG, etc • Corporate Partners – IBM, SUN, Metamerge, Radvision, etc • International communities Primer on Middleware

  36. What resources are there to help? • Websites http://middleware.internet2.edu http://www.nsf-middleware.org http://www.nmi-edit.org http://www.grids-center.org • Middleware information and discussion lists mw-announce@internet2.edu mw-discuss@internet2.edu NMI lists (see websites) Primer on Middleware

  37. What resources are there to help? • Workshops • Pre-conference Seminars • Summer CAMPs (Campus Architectural Middleware Planning) • Base – June 24-26, 2002 • Advanced – July 31 – August 2, 2002 Primer on Middleware

  38. What resources are there to help? • Introductory Documents • Sample Middleware Business Case and corresponding Writer’s Guide • Identifiers, Authentication, and Directories: Best Practices for Higher Education • Identifier Mapping Template and Campus Examples Primer on Middleware

  39. What resources are there to help? • NSF Middleware Initiative Release 1 Components Software Directory Object Classes Conventions and Practices Recommended Practices White Papers Policies Services Works in progress: White Papers • Working Groups and Projects Primer on Middleware

  40. Contacts • Renee Woodten Frost Internet2 & University of Michigan rwfrost@internet2.edu • Louise Miller-Finn Johns Hopkins University lmiller@jhmi.edu Primer on Middleware

More Related