170 likes | 269 Views
Drive-By Dialogues. Topics. The Long Strange Trip of I2 – NLR Merger A Brief Comment on Optical Networking Middleware Developments Security Developments. A Long Strange Trip. Optical Networking. “Packet vs switched” The final answer is both, and it can be done Needs control plane
E N D
Topics • The Long Strange Trip of I2 – NLR Merger • A Brief Comment on Optical Networking • Middleware Developments • Security Developments
Optical Networking • “Packet vs switched” • The final answer is both, and it can be done • Needs control plane • Needs monitoring and measurement • Capstone architecture; market will refine • Higher ed can drive the invention • Future frontiers are not performance related • Security, transparency, mobility • Trust (note ISOC/IETF Meeting) • Non-IP, non-optical wave
Security • Lots and lots of issues – DDOS, phishing, DNS attacks, problems within the perimeter; some successes • Federal efforts • REN-ISAC • http://ren-isac.net/ • Services • Business model work • CSI2 • FWNA and eduRoam • Security and middleware (roles)
Middleware Developments • SAML and Shibboleth • Working with open source and legacy apps • InCommon and international federations • Collaboration management platforms • NSF-Mellon Scientific and Scholarly Workflow
SAML and Shibboleth • Common roots (RL Bob Morgan, UW and Scott Cantor, OSU) • Shibboleth has always been built on SAML/preSAML and primarily add multilateral federation support and metadata • With SAML 2.0 convergence is complete, with the Shib code providing multilateral, WS-FED interop • Shib 1.3 widely deployed; Shib 2.0 now in beta • Undeveloped areas (ARP editors, WAYF, n-tier) becoming visible
Shibboleth and applications • Wireless access, bandwidth allocation • CAS and other SSO • Wikis, mail lists, etc • Sharepoint (!) • Sakai, Kuali, Mellon • OpenId is the vapor-weight alternative
InCommon • Growing steadily now; 75 members and 1.3M user base • Major applications include outsourced services, content providers, wiki and collaboration tools • NIH and federal follies elsewhere • Apple, Google and Microsoft • InCommon Bronze and Silver now under discussion
Some inter-federation key issues • Multi-protocols • Sharing metadata • Aligning policies • WAYF functionality • Dispute resolution • Virtual organization support
Prague Meeting on Inter-federation • 15-20 International R&E federations (5 continents) plus Liberty Alliance and a few others • Prague, September 3 • Lots of topics: Attribute mapping, Privacy Policies, Dispute resolution, Financial considerations, Technical direction setting • UK drafting an analysis of International Peering needs, opportunities, etc.
Scientific and Scholarly Workflow • Jointly commissioned by NSF and Mellon • Intent is not to open new lines of research but identify key components (and implementations) that, with investment, is readily deployable cyberinfrastructure • Role of enterprise and federations in collaborative workflow
Comanage • Management of collaboration a real impediment to collaboration, particularly with the growing variety of tools • Goal is to develop a “platform” for handling the identity management aspects of many different collaboration tools • Platform includes a framework and model, specific running code that implements the model, and applications that take advantage of the model • This space presents possibilities of improving the overall unified UI as well as UI for specific applications and components.
Comanage 2 • Leverages federated identity and the attribute ecosystem heavily • Uses Grouper to manage groups and Signet to manage privileges • Built completely on open protocols, using open source components • Open and proprietary applications can be plumbed to work with it
Comanageable applications • Already done • Sympa, Federated wikis, Asterisk (open-source IP audioconferencing), Dim-Dim (open-source web meeting) • Immediate targets • Rich access controlled wikis • Web-based file shares
Comanage dimensions of growth • In the applications that can be driven by it • Collaboration and domain science prime areas • Largely a function of the application’s respect for middleware • In the areas being managed • Diagnostics? Others? • In the identities being managed • In the coupling of autonomous and diverse instances • Deployment instances may be at many layers of organization and shift as it matures • Underlying stores may be db, directory, or other
Takeaways • Identity management – several related services • Directories and getting applications to use them • The REN-ISAC • Federations