Jim Farmer As presented at the Portals2007 “Up and Running” Conference 7 June 2007 | Gettysburg...
-
Upload
josephine-gibson -
Category
Documents
-
view
214 -
download
1
Transcript of Jim Farmer As presented at the Portals2007 “Up and Running” Conference 7 June 2007 | Gettysburg...
Jim Farmer
As presented at thePortals2007 “Up and Running” Conference
7 June 2007 | Gettysburg College, Gettysburg PA USA
From pilot to enterprise portalFive years and counting
A portal is the toolbox of the knowledge worker
“Portals are a journey of increasing functionality for
expanding communities."
In the beginning
Georg
eto
wn
U
niv
ers
ity
Classic “portal”
Georg
eto
wn
U
niv
ers
ityThe aggregation game…
Georg
eto
wn
U
niv
ers
ity
Administrative
Instruction
Library
Research
The University Web World
Georg
eto
wn
U
niv
ers
ity
With portlets
PortalFramework
Portaldatabase
Portlet A
Portlet B
Portlet C
Portlet D
Georg
eto
wn
U
niv
ers
ity
Aggregation today (by Yoodlee)
Financial, payment,
airline accounts
news
Federated email
Bankingactivity
Generated alerts
Georg
eto
wn
U
niv
ers
ity
Multiple target devices
From uPortal development, 2003
Georg
eto
wn
U
niv
ers
ity
Multiple “themes”
Georg
eto
wn
U
niv
ers
ity
ESUP Portail Project (France)
Most successful open source project in higher education.
Georg
eto
wn
U
niv
ers
ity
Georg
eto
wn
U
niv
ers
ity
Denison University
Georg
eto
wn
U
niv
ers
ityA brief history of portals
Waves of Implementation Examples
1 Aggregation of information Yahoo
2aIntegration with Administrative Systems
CampusPipeline
2b Open standard portlets JISC library portlets
3 Enterprise All of the above
Georg
eto
wn
U
niv
ers
ity
The evolution
First Year Fifth YearContent authority
One or two Hundreds
Users Public, students Public, faculty, students, alumni, administrators
Purpose Broadcast communication
Data resource, transactions, learning delivery, research environment
Driver Single signon Authorization, integration
Georg
eto
wn
U
niv
ers
ity
Agenda
• The information environment
• Governance
• Content
• Security
• Configuration
The information environmentAn organizing perspective
Georg
eto
wn
U
niv
ers
ity
A perspective
The information environment
Governance
Georg
eto
wn
U
niv
ers
ityGovernance defined
• Who gets to add, change, and delete content?
• Who gets to have access to what content?
• Who has final authority over style?
• Who is responsible for security of the site and for required recordkeeping?
Georg
eto
wn
U
niv
ers
ity
Approaches to governance
• Current organizational structures should be used to resolve policy issues.
• Otherwise a change in processes is being “imposed” on the organization externally.
• The policy issues should be understood and communicated in a way they can be understood.
“The Politics of Knowledge,” American Enterprise Institute, 21 May 2007
Georg
eto
wn
U
niv
ers
ity
Commentary
During the presentation an example was given where a special-purpose committee was used to gain resolution of portal issues. A similar example from Coventry University was given in a subsequent conference session. In both cases the portal was a college and university priority and had a fixed implementation date within six months.
Georg
eto
wn
U
niv
ers
ity
Modeling the organization
The IT industry view
Georg
eto
wn
U
niv
ers
ity
Modeling the organization
The higher education reality
Georg
eto
wn
U
niv
ers
ity
Modeling the organization
As users see it
Georg
eto
wn
U
niv
ers
ityGroups and permissions
• Separate database
• Real-time data access from authoritative source (e.g. integration with the student system)
• Informal data entry (Columbia University’s “ski club” spreadsheet)
• Groups of groups (courses, sections, and study groups)
In version 3 of uPortal, an application independent of uPortal
ContentThe information environment
Georg
eto
wn
U
niv
ers
ity
Portal coverage: first year
Portal coverage
Georg
eto
wn
U
niv
ers
ityPortal coverage: second
yearAuthication/Authorization
Required
Georg
eto
wn
U
niv
ers
ity
Portal coverage: third year
IntegrationRequired
Georg
eto
wn
U
niv
ers
ityPortal coverage: fourth
year
Georg
eto
wn
U
niv
ers
ity
Portal coverage: fifth year
Georg
eto
wn
U
niv
ers
ityPortal coverage: for the
bold
Security policy
Georg
eto
wn
U
niv
ers
ity
Security policy challenges
• Providing authentication
and associated
• “Level of assurance”
• OMB Memo 04-04NIST 800-63
• Economically feasible authorization
• Document perspective
• (Hierarchical) Inherited by “rank”
• Groups and permissions
• Required recordkeeping
Georg
eto
wn
U
niv
ers
ity
Evolution of security
• Single signon (Web signon)
• Groups and permissions
• Federated authentication and authorization
Georg
eto
wn
U
niv
ers
ity
Portal security
• Implied authentication
• User logged on to the portal sufficient
• Implied authorization
• User authenticated; applications only require authentication of user
• Authentication
• Level of assurance
• Authorization or information the application can use to make an authorization decision
Georg
eto
wn
U
niv
ers
ity
Level of assurance - proofing
• 1: Little or no confidence in the asserted identity’s validity.
• 2: Some confidence in the asserted identity’s validity.
• 3: High confidence in the asserted identity’s validity.
• 4: Very high confidence in the asserted identity’s validity.
Office of Management and Budget Memo 04-04, 16 December 2003
Georg
eto
wn
U
niv
ers
ity
Level of assurance - technical
• 1: Plaintext passwords or secrets are not transmitted across a network.
• 2: Single factor remote network authentication. At Level 2, identity proofing requirements are introduced.
• 3: Multi-factor remote network authentication.
• 4: Proof of possession of a key through a cryptographic protocol.
NIST 800-63, April 2006
Georg
eto
wn
U
niv
ers
ity
In higher education
• Level 0 – The identity of the user is not revealed, but the organization (college or university by IP address), the role (e.g. student or faculty), or other data (e.g. contract number) may be included for authorization.
• Library – “patron” and perhaps role: student, faculty, public
• Online Journal – college or university (e.g. JStor), contract number.
Configuration
Georg
eto
wn
U
niv
ers
ity
Basic configuration
IntegratedDirectory
Computer A
Groups and Permissions
Georg
eto
wn
U
niv
ers
ity
Multi-application configuration
IntegratedDirectory
Computer A Computer B
Groups and Permissions
Georg
eto
wn
U
niv
ers
ity
SOA configuration
IntegratedDirectory
Enterprise Services Bus
Computer B
Groups and Permissions
Computer A
Georg
eto
wn
U
niv
ers
ityPortal interface options
ProviderApplication
Connector
ExternalApplication
WSRPJSR 168
Georg
eto
wn
U
niv
ers
ity
With portlets
PortalFramework
Portaldatabase
College announcements
Regional library
Learning system
Administration
WSRP
JSR 168
Georg
eto
wn
U
niv
ers
ityPhased implementations
• Gradual changes for users; minimizes user training, problem resolution
• Reduced risk of broad failure
• Opportunity to modify in accordance with usage
Year 1 2 3 4 5
Integration of Portal Projects
Georg
eto
wn
U
niv
ers
ity
Observations
• The portal technologies may be different, but the issues are similar (as this conference demonstrates).
• There are many ways to achieve a working portal, the “best” depend “upon local needs and environment.”
• Seek the one application that benefits a substantial number of users and drives adoption.