260 likes | 271 Views
This case study discusses the strategic importance and challenges of implementing directory and public key infrastructure (PKI) at Georgia State University. It explores the university's enterprise strategy, alignment with higher education initiatives, and the creation of Advanced Campus Services to address the next generation eUniversity environment.
E N D
Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure Art Vandenberg Director, Advanced Campus Services Information Systems & Technology Georgia State University 404-463-9685 avandenberg@gsu.edu Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
Georgia State University • Atlanta, Georgia http://www.gsu.edu/ • A Unit of the University System of Georgia • Doctoral/Research University – Extensive • Enrollment Fall 1999: 23,492 • Degrees Conferred 1999: 5,096 • Facts: http://gsupublic-relations.gsu.edu/Facts/facts.html • Internet2 Member • Southeastern Universities Research Association (SURA) Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
Abstract • The “eUniversity” & strategic importance of ecommerce • Industry analysis, vendor strategy, and higher education initiatives (cf. Internet2’s Middleware) concur • Leveraging resources is challenging • This presentation: “Year in the Life” • Awareness • Communities of interest • Aligning enterprise strategies • Participating in higher education initiatives Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
Establishing a Strategic Initiative • Competitive advantage of having an enterprise strategy • Directories & PKI – scalable solutions for: • Managing multiple identities • Providing secure transactions • Supporting an increasingly mobile population • GartnerGroup: “recommending that enterprises proactively plan for directory implementation” • The Burton Group: “integrated enterprise directory infrastructure… reduces management overhead and supports a variety of applications. Customers must invest in and plan for that infrastructure…” Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
GSU Strategy: CIO Creates Advanced Campus Services • “Advanced Campus Services will have a broad, coordinating role in the establishment of standards, methods and processes to… investigate possible common solutions for addressing the next generation eUniversity environment” • University-wide directory services and metadirectory solutions • Public-private key infrastructure • Define universal account creation, userids/password synchronization • Universal e-mail solutions • Interface to other electronic domains (one-card, library patron…) • Specific charge, responsibility & focus Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
A Strategy Among Strategies • But it’s not that simple, is it? GSU strategic projects include: • Migrating student/financial aid to vendor system • Completing network upgrades for Internet2 (and refresh cycles) • Supporting new financial system • Providing support for educational technology • Addressing student technology fee priorities • Managing security • Facing budget constraints… and more! • ACS started with 2 eft (reallocated) March 2000 • Educate, discover resources, start “doing it” Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
Early Steps – Education &Resource Discovery • Internet2 Middleware Initiativehttp://www.internet2.edu/middleware/ • CRENhttp://www.cren.net/ • Federal PKI Technical Working Group http://gits-sec.treas.gov/fpkitechwork.htm • Net@Edu “PKI for Networked Higher Education” http://www.educause.edu/netatedu/groups/pki/ • The Burton Group Network Strategy Service http://www.tbg.com/ • The GartnerGrouphttp://gartner4.gartnerweb.com/public/static/home/home.html Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
Early Steps – Education &Resource Discovery…(cont’d) • Georgia Senate Bill 465, effective July 1, 2000, establishes the Georgia Technology Authority http://www.gagta.com “All state agencies, authorities, and boards are authorized to establish pilot projects… as models for the application of technology such as electronic signatures… One such pilot project may involve digital signatures and the use of a public key infrastructure established by a service provider.” • Overall Context: ACS IT GSU University System of Georgia higher education State, Federal, Industry initiatives • Alignment of enterprise strategies Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
Strategy Alignment • The Burton Group: Public Key Infrastructure (PKI) Strategy Workshop March 2000 for University System GA. • “Major recommendations • The University System must begin implementation of the common directory infrastructure... immediately… • Member institutions should not deploy PKI without… directory plans. The University System must build a directory infrastructure that binds the member institutions to a community… as authoritative sources for information on their own students, faculty, and services.” • Endorsed by University System’s Administrative Committee on Information Technology Spring 2000 Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
An Annotated Chronology of Action • Initial Goals – Mar 2000 • Issue White Paper on enterprise directory strategy • Develop evaluation criteria and methodology for PKI • Identify collaborative initiatives for directory or PKI • Define common directory structure for “GSU Person” • Draft policy and procedure for managing “GSU Person” • Identify PKI funding requirements & sources • Establish account management of administrative applications Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
Chronology of Action – (cont’d) • SCT Summit Conference – Mar 18-22, 2000 • Session topics included e-commerce/e-university issues • Directory services, resolving identifiers • Security, universal e-mail, single sign on • Technical integration with WebCT initiatives • SCT’s technology paradigm – “Relationship Leverage Solution” • Directory Strategy Presentation – Mar 27, 2000 • Level setting document CIO, IT directors, staff • Overview of basic strategy, middleware definition • Proposed leveraging existing activities • Established strategic goals & recommended reading list Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
Chronology of Action – (cont’d) • Conf. Call Renee Frost, U. Michigan – Apr 18, 2000 • Project Director Internet2 Middleware “Early Adopters” Project • Guideline and roadmap • Campus profiles and identifier mappings • GartnerGroup PKI selection tool – Apr 20, 2000 • Audio conference on software tool for evaluation of PKI vendors • Led to a demonstration for GSU, Board of Regents, Georgia Tech • Tool facilitates weighting and evaluation of criteria • Opportunity to discuss common goals – an enterprise approach Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
Chronology of Action – (cont’d) • Net@EDU PKI Working Group – May 7-9, 2000 • In conjunction with North American Strategic Consultants group • How to communicate technical ideas to key decision makers • Context: an integrated, cost-effective solution – drivers include: • Authentication and authorization for distributed/distance learning • Access to online library resources • Secure email services • Management of web services • Interoperation of the eUniversity, government, higher ed vendors • Contacts: Internet2, University of Alabama at Birmingham, Georgetown, University of Wisconsin… Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
Chronology of Action – (cont’d) • CUMREC – May 14-17, 2000 • Internet2 middleware and directory sessions • Renee Frost (Internet2 Middleware Initiative: Early Harvest to Early Adopters and Beyond) • Mark Luker (Public Key Infrastructure and Digital Certificates) • Organizational Structure for GSU – May 22, 2000 • Steering Group: CIO, IST Directors (matrix management) • Data Stewards for GSU Person Working Group • “eduPerson” LDAP object class • Identifying source data & mapping to directory attributes • Synchronization & interface processes; enterprise directory policy • LDAP Design Technical Working Group: Novell, UNIX, Oracle… Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
Chronology of Action – (cont’d) • SURA Directory Proposal & “PKILabs” – Jun 2000 • USG “common directory” proposal draft • Leads to SURA collaborative response to I2 “PKIlabs” RFP • Not awarded to SURA group, but collaborative dialog set • ACS connects to John Wandelt, Georgia Tech Research Institute, and the Federal PKI Technical Working Group activities • White Paper Issued – Jul 2000 • “Enterprise Directory Infrastructure For a Community of Interest, A White Paper” • GSU’s directory/public key initiative in context • Context = GSU, University System of Georgia, higher education, State of Georgia and federal initiatives Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
Chronology of Action – (cont’d) • University System Commitment – Aug 17, 2000 • Vice Chancellor/CIO requested restatement of directory proposal • Enterprise Directory Infrastructure Technical Working Group • Convene a working group • Conduct campus profiles, identify existing directory initiatives • Recommend common directory design solutions • Establish an architectural model for the USG enterprise directory • Identify policy, administrative, and business issues • Recommend specific resource or funding requirements • Explore opportunities for collaboration • USG Technical Working Group – Oct 19, 2000 • Commitment to implement a consolidated LDAP directory Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
Chronology of Action – (cont’d) • Educause Conference– Oct 10-13, 2000 • Directories and PKI; multi-campus Birds Of a Feather • ViDe video conferencing – no directory services • USG “Rock Eagle” Conference – Oct 25-27, 2000 • Paper: Implementing Infrastructure for the eUniversity • Mary Trauner (GT): George Jetson – Can You Hear Me? next steps of video conferencing infrastructure include directories • Inernet2 Fall Meeting – Oct 29-Nov 21, 2000 • Higher ed certificate policy; bridge certificate authority model • European directory work cf. SurfNet http://www.surfnet.nl/ • Keith Hazelton mentions “ArchiTech” metadirectory services • Higher Education PKI Policy Activity Group – VOLUNTEER Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
Chronology of Action – (cont’d) • NSF Pre-proposal, GSU & UAB – Nov 29, 2000 • “to integrate and build an application toolkit that seamlessly ties a PKI infrastructure with voice-based IP communications” • While not invited to submit a full proposal, positive outcome: • Communication was positive • NSF review comments • Collaboration between ACS and GSU’s CIS department • GSU “person registry”– Dec 2000 - Jan 1, 2001 • WebCT provisioning a prime driver • Bob Morgan (I2 Fall 2000 conf): “person registry” site http://depts.washington.edu/cac/project/personreg/resource/ • Morgan’s “Phase I” list vs. Directories Save the World! Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
Chronology of Action – (cont’d) • Directory Proposal to SURA – Jan 8, 2001 • Directory Services Architecture for a Community of Interest • Extend European directory work & “directory-of-directories” with custom directory services • More discussion, collaboration • NSF Proposal, Directory Services – Jan 24, 2001 • ITR/SI – Scalable, Customized, Authoritative LDAP Directory Services for Communities of Interest • Dr. Sham Navathe, Georgia Tech College of Computing, Co-PI • Web-based XML toolkit for user interfaces • Automated mechanisms to select entries from varied set of sources • Hosting services optimize placement, performance, management Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
Chronology of Action – (cont’d) • Gartner PKI Tool & HEPKI-PAG – Jan 26, 2001 • Evaluating PKI & model RFP guidelines • PKI inter-realm operation, mobility, open standards • How well does tool address higher education needs? • Account Process Working Group – Jan 31, 2001 • Data Stewards, GSU Security Officer, ACS • Internal Audit findings on administrative account management • Findings can be addressed without reference to directory… • BUT: integrated directory greatly facilitates account management • “Person Registry” Weekly Status – February 15, 2001 • Iterative “prototyping”: WebCT, student email, Rec Center access Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
Chronology of Action – (cont’d) • GA Enterprise Info. Security Program – Feb 20, 2001 • Ga Tech Research Inst support to Ga Technology Authority • John Wandelt: Overall security infrastructure • Resources include ACS, GT Info Security Officer • USG Consolidated Directory – Feb 23, 2001 • Architecture based on “directory-of-directories” model • Likely will scale well for 34 institutions • Local independence of LDAP access • MetaMerge (ArchiTech) Acquired – Feb 26, 2001 • “great potential for addressing a number of the thorny problems in shared infrastructure development facing administrators in…higher education.” Keith Hazelton, Senior IT Architect, U. of Wisconsin Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
Chronology of Action – (cont’d) • CIS Graduate Student Resources – Feb 28, 2001 • Navathe at GT Dr. Vijay Vaishnavi at GSU CIS • Vaishnavi research area: efficiency of B2B communications • Student resources possible • Internet2 VidMid Working Group – Mar 7-9, 2001 • “Middleware” services supporting video conferencing • Includes directory services • ACS Subcontract to GTRI Proposal – Apr 18, 2001 • PKI Planning & Support • Delivery order for PKI pilot June 2001-November 2001 Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
Chronology of Action – (cont’d) • USG Admin Comm. for IT Status Report – May 1, 2001 • Request funding (hw, staff) for consolidated directory service • Highlight need for system level Unique Identifier • Link to data warehousing project, SSN project, web ADA access • SURA Proposal for Directory Services – …May 7, 2001 • GSU, Georgia Tech, Georgetown participation • Cost matching with GSU, directory-of-directories project • Sun Academic Equipment Grant for hardware • Memos noting synergy with ViDeNet proposal to SURA • ACS support for 3 graduate students – May 11, 2001 • Undergrad, Masters, PhD in coordination with Vaishnavi GSU CIS Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
Outcome • Resources discovered • Data sources mapped, “person registry” established • Enterprise Directory Policy drafted • Commitment to System level consolidated directory • Synergy with national initiatives higher ed, Internet2 • Collaborative initiatives being developed • Funding sources being worked • Relationships built: GSU, USG, higher ed, Internet2… Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
Conclusion • High level vision & sponsorship • Dedicate someone • Establish some basic goals • Educate your organization • Communicate • Develop relationships • Stay open to opportunity Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure
Questions & Discussion Case Study: Establishing Momentum for Implementing Directory & Public Key Infrastructure