Middleware Planning and Deployment 201: Implementation Roadmap Keith Hazelton, University of Wisconsin/Internet2 Renee Woodten Frost, Internet2/University of Michigan

1
Middleware Planning and Deployment 201
Implementation Roadmap Keith Hazelton,
University of Wisconsin/Internet2Renee Woodten
Frost, Internet2/University of Michigan
2
Agenda

• Introductions Overview
• Project Planning, Preparation Requirements
• Directory Architecture Design Initial Policy
  Development
• Break
• Data Flow Business Process Policy Development
• Directory Applications Implementation/Deployment
  
• Research, Resources, Wrap up

3
Outcomes

• Understanding of how to plan your enterprise
  directory implementation
• Overview of major project stages

4
A Bit About Middleware

• Middleware makes transparent use happen,
  providing consistency, security, privacy and
  capability
• Identity - unique markers of who you (person,
  machine, service, group) are
• Authentication - how you prove or establish that
  you are that identity
• Authorization - what an identity is permitted to
  do
• Directories - where an identitys basic
  characteristics are kept

5
Map of Middleware Land

6

• Enterprise Directory Implementation Roadmap

7
Before You Begin

• The goal of any middleware project should be to
  deploy enabled applications, not to implement
  middleware
• Much of this work is iterative in nature
• Middleware projects are a reflection of the
  technology, data, policy, and political
  environments in which they are implemented
• All implementations are not the same, but they do
  address the same functions

8
Project Stages

• Technology/Architecture and Policy/Management
• Project Planning, Preparation, Requirements
• Directory Architecture Design Initial Policy
  Development
• Data Flow Business Process ReviewContinue
  Policy Development
• Directory Applications Implementation
  Deployment

9
Project Planning, Preparation and Requirements

• Policy/Management
• Develop Business Case Secure Support
• Develop Project Plan
• Assemble Resources

10
Planning Policy/Management

• Develop Business Case Secure Support
• Educate yourself and organization on need for
  middleware
• Assemble drivers for campus
• Assess strengths, weaknesses, and critical
  success factors
• Develop business case
• Secure support

11
Secure Support

• Stakeholders
• Champion
• Funding Sources
• Business and Policy Process

12
Planning Policy/Management

• Develop Project Plan
• Decide on implementation strategy, timing, and
  organizational approach
• Develop communications and PR plan
• Discuss with stakeholders when appropriate
• Develop project plan

13
Decisions for Strategy

• Clarifying relationships between individuals
  institution. When does admitted student become a
  student able to access online library resources?
• Determining who manages, who can update and who
  can see common data. How does an address get
  changed? Who is responsible for its accuracy?
• Structuring information access use rules
  between departments central administrative
  units. Who can use e-procurement system to
  purchase lab rats?
• Reconciling business rules practices. What
  needs to happen in systems of record to have new
  student accounts added? Who must initiate this?

14
Develop Communication Plans

• Use to help manage expectations
• Publicize quick wins a shared vision, support
  from the executive levels
• Use combination of face-to-face conversations
  presentations web/hard copy communications,
• Tailor message to disparate audiences
• Keep the overall message consistent.
• Identify ways to involve stakeholders in decision
  and policy making process.
• Need to reiterate overall goals business case
  many times before directory is deployed apps
  are enabled.

15
Project Plan Considerations

• Quick wins early in process to demonstrate value.
• Identify ways to measure benefits (productivity
  gains, self-service) ahead of time.
• Success enables more success. Make sure later
  requests can be accommodated to keep enthusiasm
• Over provision first infrastructure to
  accommodate growth for first applications
  addition of new ones.
• Develop overall guidelines for directory
  project to help in decision making later
• Be prepared to redefine responsibilities of
  people as workload changes.
• Treat directory as formal application development
  project provide for life-cycle support mgmt

16
Planning Policy/Management

• Assemble Resources
• Decide on funding model and secure funding
• Develop technical, policy, executive and
  organizational project structure
• Begin communication plan

17
Funding

• Costs
• staff time in acquiring data, establishing
  policy, and implementing the technical
  infrastructure.
• capital and operational costs
• Securing Funds depends largely on existing
  staff, their expertise, available resources for
  outsourcing, level of commitment to other
  production systems.
• Funding Options
• absorb cost of project into existing initiatives
  underway, or within ongoing operational budgets
• Submit to management for funding as a standalone
  project

18
Project Structure

• Project Champion
• Project Manager
• Core Team
• Big Team
• Steering Team
• Technical Team

19
Develop Project StructureStaffing

• Technical architect
• Project manager (Could be the same as the
  technical architect).
• Systems analysts and interpersonal communication
  specialists
• Systems, database, and application developers.

20

• Discussion

21
Directory Architecture Design Initial Policy
Development

• Technology/Architecture
• Develop campus identifier strategy
• Research directory service architectures
• Research systems design architectures

• Policy/Management
• Continue communication plan
• Educate targeted policy staff/group about
  directories
• Review policy structure and begin development

22
Design Technology/Architecture

• Develop campus identifier strategy
• Create an identifier inventory
• Decide on unique identifier strategy

23
Design Technology/Architecture

• Research directory service architectures
• Understand the components and how they interact
• Review campus technical infrastructure and
  requirements
• Research current higher ed practices
• Research security issues and models
• Review and decide on products

24
Core Middleware for an Integrated Architecture
25
Design Technology/Architecture

• Research systems architectures
• Design software, hardware and networking
  infrastructure
• Work with project management and others to
  assemble needed technology components

26
Design Policy/Management

• Continue communication plan
• Educate targeted policy staff/group about
  directories Discuss business plan and need for
  services Discuss on-going need for oversight of
  directory services

27
Design Policy/Management

• Review policy structure and begin development
  Work with policy team, to identify gaps and
  develop overall requirements Determine what you
  can do to streamline approval process and when to
  bring in legal counsel, if necessary

28

• Discussion

29
Data Flow Business Process ReviewContinue
Policy Development

• Technology/Architecture
• Review chosen application requirements
• Develop data flow from source systems and to
  consumer systems
• Develop technical processes according to business
  and architecture requirements

• Policy/Management
• Continue communication plan
• Review and design business processes
• Continue policy development

30
Data Technology/Architecture

• Review chosen application requirements
• Design for the first applications, keeping the
  long term in mind

31
Data Technology/Architecture

• Develop data flow from source systems and to
  consumer systems
• Consider and architect the three major processes
  involving consolidation/identity matching,
  intelligence, and application/system consumers
• Work with data custodians to populate the
  directory with the correct data and work with
  management on getting clean data

32
Data Technology/Architecture

• Develop technical processes according to business
  and architecture requirements
• Develop person registry and other functions

33
Data Policy/Management

• Continue communication plan
• Review and design business processes
• Review business and application requirements
• Work with technical implementation team to
  determine where current practices need alteration
  and new ones need development
• Work with data custodians to develop data update,
  flow, and oversight approaches.
• Continue policy development

34

• Discussion

35
Directory Applications Implementation
Deployment

• Technology/Architecture
• Install network, hardware, and software systems
  to support the deployed services
• Implement directory, security, and data flow
  architectureDevelop technical processes
  according to business and architecture
  requirements
• Deploy monitoring and operational tools

• Policy/Management
• Continue communication plan
• Work with data managers/stakeholdersDevelop
  oversight process
• Publish project success and thank participants

36
Deployment Technology/Architecture

• Install network, hardware, and software systems
  to support the deployed services
• Implement directory, security, and data flow
  architecture
• Populate directory and test
• Prototype first applications and work with
  stakeholders on testing
• Include mechanisms for implementing institutional
  privacy policy/approach

37
Deployment Technology/Architecture

• Develop technical processes according to business
  and architecture requirements
• Develop person registry and other functions
• Deploy monitoring and operational tools

38
Deployment Policy/Management

• Continue communication plan
• Work with data managers/stakeholders
• Develop clean data set
• Include stakeholders and data custodians in
  testing phase and verifying of application
  performance
• Review initial applications for policy/legal
  compliance
• Develop oversight process
• Publish project success and thank participants

39

• Discussion

40
Research and Resources
41
Research Community

• Expert, diverse leadership and collaborators
• Broad participation and review
• MACE and related working groups
• NSF catalytic grants
• Early Adopters
• Higher Education Partners
• campuses, CNI, CREN, GRIDS, NACUBO, NACUA
• Government Partners
• NSF, NIH, NIST, fPKI TWG
• Corporate Partners
• Liberty Alliance, IBM, Sun, WebCT, OCLC,
  Radvision
• International communities
• Standards bodies
• IETF, ITU, OASIS

42
NSF Middleware Initiative

• NSF award for middleware integrators to
• GRIDS Center
• Globus (NCSA, UCSD, University of Chicago, USC/
  ISI, and University of Wisconsin)
• NMI-EDIT Consortium
• Internet2, EDUCAUSE, and SURA
• Separate awards to academic pure research
  components
• Build on the successes of the Globus project and
  Internet2/MACE initiative
• Multi-year effort
• A practical (deployment) activity that
  necessitates some research
• Releases occur every six months, roughly May and
  October

43
ResearchWorking Groups/Projects

• Directories
• Group Utilities
• Directory Management Utilities
• Practice Papers and Implementation Roadmap
• Directory Schema
• Shibboleth Inter-institution web access
• PKI HEPKI-TAG PAG, S/MIME, PKI Labs
• Middleware for Video VC, Video on Demand
• Medical Middleware

44
Enterprise Middleware Resources Available

• NMI-EDIT Release Components
• Software
• Directory Schemas
• Conventions and Practices
• Recommended Practices
• White Papers
• Policies
• Services

45
Enterprise MiddlewareEducational Opportunities

• Workshops
• Pre-conference Seminars at EDUCAUSE Regional
  Meetings
• Campus Architectural Middleware Planning
  Workshops
• CAMP June 4-6, 2003
• Focused on authentication
• Architects and project management
• Getting started topics
• Advanced CAMP July 9-11, 2003
• Focused on authorization
• Highly technical
• Research topics
• Campuses with mature directory and
  authentication infrastructure

46
On-line Resources Available

• Introductory Documents
• Sample Middleware Business Case and corresponding
  Writers Guide
• Identifiers, Authentication, and Directories
  Best Practices for Higher Education
• Identifier Mapping Template and Campus Examples
• See resource list

47
Websites and Discussion Lists

• Websites
• http//middleware.internet2.edu
• http//www.nmi-edit.org
• Look for the Enterprise Implementation
  Directory Roadmap Coming in April!
• Middleware information and discussion lists
• http//mw-announce_at_internet2.edu
• http//mw-discuss_at_internet2.edu
• NMI lists (see websites)
• EDUCAUSE Constituency Group on Middleware
  Coming Soon!

48
Questions and Comments?

• Keith Hazelton
• University of Wisconsin/Internet2
  hazelton_at_doit.wisc.edu
• Renee Woodten Frost
• Internet2/University of Michigan
  rwfrost_at_internet2.edu