Jim Farmer

As presented at thePortals2007 “Up and Running” Conference

7 June 2007 | Gettysburg College, Gettysburg PA USA

From pilot to enterprise portalFive years and counting

A portal is the toolbox of the knowledge worker

“Portals are a journey of increasing functionality for

expanding communities."

In the beginning

Georg

eto

wn

U

niv

ers

ity

Classic “portal”

Georg

eto

wn

U

niv

ers

ityThe aggregation game…

Georg

eto

wn

U

niv

ers

ity

Administrative

Instruction

Library

Research

The University Web World

Georg

eto

wn

U

niv

ers

ity

With portlets

PortalFramework

Portaldatabase

Portlet A

Portlet B

Portlet C

Portlet D

Georg

eto

wn

U

niv

ers

ity

Aggregation today (by Yoodlee)

Financial, payment,

airline accounts

news

Federated email

Bankingactivity

Generated alerts

Georg

eto

wn

U

niv

ers

ity

Multiple target devices

From uPortal development, 2003

Georg

eto

wn

U

niv

ers

ity

Multiple “themes”

Georg

eto

wn

U

niv

ers

ity

ESUP Portail Project (France)

Most successful open source project in higher education.

Georg

eto

wn

U

niv

ers

ity

Georg

eto

wn

U

niv

ers

ity

Denison University

Georg

eto

wn

U

niv

ers

ityA brief history of portals

Waves of Implementation Examples

1 Aggregation of information Yahoo

2aIntegration with Administrative Systems

CampusPipeline

2b Open standard portlets JISC library portlets

3 Enterprise All of the above

Georg

eto

wn

U

niv

ers

ity

The evolution

First Year Fifth YearContent authority

One or two Hundreds

Users Public, students Public, faculty, students, alumni, administrators

Purpose Broadcast communication

Data resource, transactions, learning delivery, research environment

Driver Single signon Authorization, integration

Georg

eto

wn

U

niv

ers

ity

Agenda

• The information environment

• Governance

• Content

• Security

• Configuration

The information environmentAn organizing perspective

Georg

eto

wn

U

niv

ers

ity

A perspective

The information environment

Governance

Georg

eto

wn

U

niv

ers

ityGovernance defined

• Who gets to add, change, and delete content?

• Who gets to have access to what content?

• Who has final authority over style?

• Who is responsible for security of the site and for required recordkeeping?

Georg

eto

wn

U

niv

ers

ity

Approaches to governance

• Current organizational structures should be used to resolve policy issues.

• Otherwise a change in processes is being “imposed” on the organization externally.

• The policy issues should be understood and communicated in a way they can be understood.

“The Politics of Knowledge,” American Enterprise Institute, 21 May 2007

Georg

eto

wn

U

niv

ers

ity

Commentary

During the presentation an example was given where a special-purpose committee was used to gain resolution of portal issues. A similar example from Coventry University was given in a subsequent conference session. In both cases the portal was a college and university priority and had a fixed implementation date within six months.

Georg

eto

wn

U

niv

ers

ity

Modeling the organization

The IT industry view

Georg

eto

wn

U

niv

ers

ity

Modeling the organization

The higher education reality

Georg

eto

wn

U

niv

ers

ity

Modeling the organization

As users see it

Georg

eto

wn

U

niv

ers

ityGroups and permissions

• Separate database

• Real-time data access from authoritative source (e.g. integration with the student system)

• Informal data entry (Columbia University’s “ski club” spreadsheet)

• Groups of groups (courses, sections, and study groups)

In version 3 of uPortal, an application independent of uPortal

ContentThe information environment

Georg

eto

wn

U

niv

ers

ity

Portal coverage: first year

Portal coverage

Georg

eto

wn

U

niv

ers

ityPortal coverage: second

yearAuthication/Authorization

Required

Georg

eto

wn

U

niv

ers

ity

Portal coverage: third year

IntegrationRequired

Georg

eto

wn

U

niv

ers

ityPortal coverage: fourth

year

Georg

eto

wn

U

niv

ers

ity

Portal coverage: fifth year

Georg

eto

wn

U

niv

ers

ityPortal coverage: for the

bold

Security policy

Georg

eto

wn

U

niv

ers

ity

Security policy challenges

• Providing authentication

and associated

• “Level of assurance”

• OMB Memo 04-04NIST 800-63

• Economically feasible authorization

• Document perspective

• (Hierarchical) Inherited by “rank”

• Groups and permissions

• Required recordkeeping

Georg

eto

wn

U

niv

ers

ity

Evolution of security

• Single signon (Web signon)

• Groups and permissions

• Federated authentication and authorization

Georg

eto

wn

U

niv

ers

ity

Portal security

• Implied authentication

• User logged on to the portal sufficient

• Implied authorization

• User authenticated; applications only require authentication of user

• Authentication

• Level of assurance

• Authorization or information the application can use to make an authorization decision

Georg

eto

wn

U

niv

ers

ity

Level of assurance - proofing

• 1: Little or no confidence in the asserted identity’s validity.

• 2: Some confidence in the asserted identity’s validity.

• 3: High confidence in the asserted identity’s validity.

• 4: Very high confidence in the asserted identity’s validity.

Office of Management and Budget Memo 04-04, 16 December 2003

Georg

eto

wn

U

niv

ers

ity

Level of assurance - technical

• 1: Plaintext passwords or secrets are not transmitted across a network.

• 2: Single factor remote network authentication. At Level 2, identity proofing requirements are introduced.

• 3: Multi-factor remote network authentication.

• 4: Proof of possession of a key through a cryptographic protocol.

NIST 800-63, April 2006

Georg

eto

wn

U

niv

ers

ity

In higher education

• Level 0 – The identity of the user is not revealed, but the organization (college or university by IP address), the role (e.g. student or faculty), or other data (e.g. contract number) may be included for authorization.

• Library – “patron” and perhaps role: student, faculty, public

• Online Journal – college or university (e.g. JStor), contract number.

Configuration

Georg

eto

wn

U

niv

ers

ity

Basic configuration

IntegratedDirectory

Computer A

Groups and Permissions

Georg

eto

wn

U

niv

ers

ity

Multi-application configuration

IntegratedDirectory

Computer A Computer B

Groups and Permissions

Georg

eto

wn

U

niv

ers

ity

SOA configuration

IntegratedDirectory

Enterprise Services Bus

Computer B

Groups and Permissions

Computer A

Georg

eto

wn

U

niv

ers

ityPortal interface options

ProviderApplication

Connector

ExternalApplication

WSRPJSR 168

Georg

eto

wn

U

niv

ers

ity

With portlets

PortalFramework

Portaldatabase

College announcements

Regional library

Learning system

Administration

WSRP

JSR 168

Georg

eto

wn

U

niv

ers

ityPhased implementations

• Gradual changes for users; minimizes user training, problem resolution

• Reduced risk of broad failure

• Opportunity to modify in accordance with usage

Year 1 2 3 4 5

Integration of Portal Projects

Georg

eto

wn

U

niv

ers

ity

Observations

• The portal technologies may be different, but the issues are similar (as this conference demonstrates).

• There are many ways to achieve a working portal, the “best” depend “upon local needs and environment.”

• Seek the one application that benefits a substantial number of users and drives adoption.

The end

jxf@immagic.comjxf@Georgetown.edu