Title: Middleware Planning and Deployment 201: Implementation Roadmap Keith Hazelton, University of Wisconsin/Internet2 Renee Woodten Frost, Internet2/University of Michigan
1Middleware Planning and Deployment 201
Implementation Roadmap Keith Hazelton,
University of Wisconsin/Internet2Renee Woodten
Frost, Internet2/University of Michigan
2Agenda
- Introductions Overview
- Project Planning, Preparation Requirements
- Directory Architecture Design Initial Policy
Development - Break
- Data Flow Business Process Policy Development
- Directory Applications Implementation/Deployment
- Research, Resources, Wrap up
3Outcomes
- Understanding of how to plan your enterprise
directory implementation - Overview of major project stages
4A Bit About Middleware
- Middleware makes transparent use happen,
providing consistency, security, privacy and
capability - Identity - unique markers of who you (person,
machine, service, group) are - Authentication - how you prove or establish that
you are that identity - Authorization - what an identity is permitted to
do - Directories - where an identitys basic
characteristics are kept
5Map of Middleware Land
6- Enterprise Directory Implementation Roadmap
7Before You Begin
- The goal of any middleware project should be to
deploy enabled applications, not to implement
middleware - Much of this work is iterative in nature
- Middleware projects are a reflection of the
technology, data, policy, and political
environments in which they are implemented - All implementations are not the same, but they do
address the same functions
8Project Stages
- Technology/Architecture and Policy/Management
- Project Planning, Preparation, Requirements
- Directory Architecture Design Initial Policy
Development - Data Flow Business Process ReviewContinue
Policy Development - Directory Applications Implementation
Deployment
9Project Planning, Preparation and Requirements
- Policy/Management
- Develop Business Case Secure Support
- Develop Project Plan
- Assemble Resources
10Planning Policy/Management
- Develop Business Case Secure Support
- Educate yourself and organization on need for
middleware - Assemble drivers for campus
- Assess strengths, weaknesses, and critical
success factors - Develop business case
- Secure support
11Secure Support
- Stakeholders
- Champion
- Funding Sources
- Business and Policy Process
12Planning Policy/Management
- Develop Project Plan
- Decide on implementation strategy, timing, and
organizational approach - Develop communications and PR plan
- Discuss with stakeholders when appropriate
- Develop project plan
13Decisions for Strategy
- Clarifying relationships between individuals
institution. When does admitted student become a
student able to access online library resources? - Determining who manages, who can update and who
can see common data. How does an address get
changed? Who is responsible for its accuracy? - Structuring information access use rules
between departments central administrative
units. Who can use e-procurement system to
purchase lab rats? - Reconciling business rules practices. What
needs to happen in systems of record to have new
student accounts added? Who must initiate this?
14Develop Communication Plans
- Use to help manage expectations
- Publicize quick wins a shared vision, support
from the executive levels - Use combination of face-to-face conversations
presentations web/hard copy communications, - Tailor message to disparate audiences
- Keep the overall message consistent.
- Identify ways to involve stakeholders in decision
and policy making process. - Need to reiterate overall goals business case
many times before directory is deployed apps
are enabled.
15Project Plan Considerations
- Quick wins early in process to demonstrate value.
- Identify ways to measure benefits (productivity
gains, self-service) ahead of time. - Success enables more success. Make sure later
requests can be accommodated to keep enthusiasm - Over provision first infrastructure to
accommodate growth for first applications
addition of new ones. - Develop overall guidelines for directory
project to help in decision making later - Be prepared to redefine responsibilities of
people as workload changes. - Treat directory as formal application development
project provide for life-cycle support mgmt
16Planning Policy/Management
- Assemble Resources
- Decide on funding model and secure funding
- Develop technical, policy, executive and
organizational project structure - Begin communication plan
17Funding
- Costs
- staff time in acquiring data, establishing
policy, and implementing the technical
infrastructure. - capital and operational costs
- Securing Funds depends largely on existing
staff, their expertise, available resources for
outsourcing, level of commitment to other
production systems. - Funding Options
- absorb cost of project into existing initiatives
underway, or within ongoing operational budgets - Submit to management for funding as a standalone
project
18Project Structure
- Project Champion
- Project Manager
- Core Team
- Big Team
- Steering Team
- Technical Team
19Develop Project StructureStaffing
- Technical architect
- Project manager (Could be the same as the
technical architect). - Systems analysts and interpersonal communication
specialists - Systems, database, and application developers.
20 21 Directory Architecture Design Initial Policy
Development
- Technology/Architecture
- Develop campus identifier strategy
- Research directory service architectures
- Research systems design architectures
- Policy/Management
- Continue communication plan
- Educate targeted policy staff/group about
directories - Review policy structure and begin development
22Design Technology/Architecture
- Develop campus identifier strategy
- Create an identifier inventory
- Decide on unique identifier strategy
23Design Technology/Architecture
- Research directory service architectures
- Understand the components and how they interact
- Review campus technical infrastructure and
requirements - Research current higher ed practices
- Research security issues and models
- Review and decide on products
24Core Middleware for an Integrated Architecture
25Design Technology/Architecture
- Research systems architectures
- Design software, hardware and networking
infrastructure - Work with project management and others to
assemble needed technology components
26Design Policy/Management
- Continue communication plan
- Educate targeted policy staff/group about
directories Discuss business plan and need for
services Discuss on-going need for oversight of
directory services
27Design Policy/Management
- Review policy structure and begin development
Work with policy team, to identify gaps and
develop overall requirements Determine what you
can do to streamline approval process and when to
bring in legal counsel, if necessary
28 29Data Flow Business Process ReviewContinue
Policy Development
- Technology/Architecture
- Review chosen application requirements
- Develop data flow from source systems and to
consumer systems - Develop technical processes according to business
and architecture requirements
- Policy/Management
- Continue communication plan
- Review and design business processes
- Continue policy development
30Data Technology/Architecture
- Review chosen application requirements
- Design for the first applications, keeping the
long term in mind
31Data Technology/Architecture
- Develop data flow from source systems and to
consumer systems - Consider and architect the three major processes
involving consolidation/identity matching,
intelligence, and application/system consumers - Work with data custodians to populate the
directory with the correct data and work with
management on getting clean data
32Data Technology/Architecture
- Develop technical processes according to business
and architecture requirements - Develop person registry and other functions
33Data Policy/Management
- Continue communication plan
- Review and design business processes
- Review business and application requirements
- Work with technical implementation team to
determine where current practices need alteration
and new ones need development - Work with data custodians to develop data update,
flow, and oversight approaches. - Continue policy development
34 35Directory Applications Implementation
Deployment
- Technology/Architecture
- Install network, hardware, and software systems
to support the deployed services - Implement directory, security, and data flow
architectureDevelop technical processes
according to business and architecture
requirements - Deploy monitoring and operational tools
- Policy/Management
- Continue communication plan
- Work with data managers/stakeholdersDevelop
oversight process - Publish project success and thank participants
36Deployment Technology/Architecture
- Install network, hardware, and software systems
to support the deployed services - Implement directory, security, and data flow
architecture - Populate directory and test
- Prototype first applications and work with
stakeholders on testing - Include mechanisms for implementing institutional
privacy policy/approach
37Deployment Technology/Architecture
- Develop technical processes according to business
and architecture requirements - Develop person registry and other functions
- Deploy monitoring and operational tools
38Deployment Policy/Management
- Continue communication plan
- Work with data managers/stakeholders
- Develop clean data set
- Include stakeholders and data custodians in
testing phase and verifying of application
performance - Review initial applications for policy/legal
compliance - Develop oversight process
- Publish project success and thank participants
39 40Research and Resources
41Research Community
- Expert, diverse leadership and collaborators
- Broad participation and review
- MACE and related working groups
- NSF catalytic grants
- Early Adopters
- Higher Education Partners
- campuses, CNI, CREN, GRIDS, NACUBO, NACUA
- Government Partners
- NSF, NIH, NIST, fPKI TWG
- Corporate Partners
- Liberty Alliance, IBM, Sun, WebCT, OCLC,
Radvision - International communities
- Standards bodies
- IETF, ITU, OASIS
42NSF Middleware Initiative
- NSF award for middleware integrators to
- GRIDS Center
- Globus (NCSA, UCSD, University of Chicago, USC/
ISI, and University of Wisconsin) - NMI-EDIT Consortium
- Internet2, EDUCAUSE, and SURA
- Separate awards to academic pure research
components - Build on the successes of the Globus project and
Internet2/MACE initiative - Multi-year effort
- A practical (deployment) activity that
necessitates some research - Releases occur every six months, roughly May and
October
43ResearchWorking Groups/Projects
- Directories
- Group Utilities
- Directory Management Utilities
- Practice Papers and Implementation Roadmap
- Directory Schema
- Shibboleth Inter-institution web access
- PKI HEPKI-TAG PAG, S/MIME, PKI Labs
- Middleware for Video VC, Video on Demand
- Medical Middleware
44Enterprise Middleware Resources Available
- NMI-EDIT Release Components
- Software
- Directory Schemas
- Conventions and Practices
- Recommended Practices
- White Papers
- Policies
- Services
-
45Enterprise MiddlewareEducational Opportunities
- Workshops
- Pre-conference Seminars at EDUCAUSE Regional
Meetings - Campus Architectural Middleware Planning
Workshops - CAMP June 4-6, 2003
- Focused on authentication
- Architects and project management
- Getting started topics
- Advanced CAMP July 9-11, 2003
- Focused on authorization
- Highly technical
- Research topics
- Campuses with mature directory and
authentication infrastructure
46On-line Resources Available
- Introductory Documents
- Sample Middleware Business Case and corresponding
Writers Guide - Identifiers, Authentication, and Directories
Best Practices for Higher Education - Identifier Mapping Template and Campus Examples
- See resource list
47Websites and Discussion Lists
- Websites
- http//middleware.internet2.edu
- http//www.nmi-edit.org
- Look for the Enterprise Implementation
Directory Roadmap Coming in April! - Middleware information and discussion lists
- http//mw-announce_at_internet2.edu
- http//mw-discuss_at_internet2.edu
- NMI lists (see websites)
- EDUCAUSE Constituency Group on Middleware
Coming Soon!
48Questions and Comments?
- Keith Hazelton
- University of Wisconsin/Internet2
hazelton_at_doit.wisc.edu - Renee Woodten Frost
- Internet2/University of Michigan
rwfrost_at_internet2.edu