Middleware Business Case and Stakeholders: The why and who of enterprise. Mark Crase, Ed.D. Sr....

Middleware Business Case and Stakeholders: The why and who of enterprise.

Mark Crase, Ed.D.

Sr. Director, Technology Infrastructure Initiatives

The California State University Office of the Chancellor

Copyright Mark Crase, 2003. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.

Base CAMP - February 5-7, 2003 2

Overview of Presentation

• Business Case Basics:– Business Case Components– Stakeholders

• The California State University: – Background – Integrated Technology Strategy– Identity Management Infrastructure

• Discussion


What is Middleware?

The are any number of definitions, but for the purpose of this presentation I’d like to define it as…

A suite of services (directories, authn, authz, etc.) used to enable secure and reliable transactions in a networked environment


Given this definition, we have…

• Business requirements that must be met when developing an infrastructure to support our transactions

and• Stakeholders who have a vested interest in

ensuring that the transactions are carried out successfully


Business Case Components

By definition, middleware cannot be effective unless it maps closely to an institution’s business policies and practices. In this context, a strong business case will…• Outline the Issue(s)

• Articulate the Opportunities & Challenges• Define the Benefits• Enumerate the Costs


The Opportunity: What are the drivers?

• Legislative pressure to reduce paperwork, secure information, and deploy electronic services (HIPAA, etc.)

• Interdisciplinary and inter-institutional research and collaboration (Grid computing)

• Changing needs of teaching and learning• User expectations of access to technology• Budgetary pressures


Challenges

• Investing the time and effort for planning, review and negotiation

• Surviving the politics of reviewing/revising data stewardship policies and procedures

• Resource reallocation – People and $$! • Covering up-front costs• Finding $$ to build/maintain data feeds from

authoritative data sources to central directory• Potential legal risk WRT publishing personal

data in white pages


Benefits

• Enhance Security– A secure enterprise directory can:

• Be used to manage access to multiple apps/services (web, remote access, etc.) to the entire institutional community

• Facilitate differential access to wireless ports, restricted content, restricted listservs, etc.

• Allow identity management to be administered by fewer staff

• Simplified Network and on-line service access– A common middleware infrastructure can enable single sign-

on access to a larger range of customized and personalized services


Benefits (cont.)

• Achieves Economies for Central and Distributed IT organizations– Access to primary user identity sources such as HR,

Payroll, SIS, and secondary sources such as library, parking, alumni assoc., etc. can be more effectively managed by fewer people saving time and money

– Access to any one of these services can be enabled or disabled more readily

– Access to a range of services can be accomplished more quickly and in a more coordinated manner

– Deployment time for new applications is reduced


The Costs

• Phase 1: Building the Enterprise Directory– Hire new staff vs. Repurpose current staff– New equipment/software vs. Use of existing

resources

• Phase Two: Deploying Applications– Application dependent, but ROI is high considering:

• Cost Savings• Lost Productivity• Increased Opportunity• Increased Security


Stakeholders

• Executive Leadership• Business and Finance VP’s• HR Directors and Registrars• CIO’s• Program Directors and Data Stewards• Auditors and Risk Managers• Faculty• Staff• Students


The California State University

Identity Management Infrastructure


First, some background…

The California State University• 23 Campuses

– 1 R2 Research – 21 4-year Comprehensive– California Maritime Academy

• 420,000 Students• 80,000 Faculty and Staff


Integrated Technology Strategy

• Outcomes-based strategy• Built on Integrated Academic and

Administrative Initiatives • Supported by a Robust Infrastructure

– Access (Hardware, Software, Network)– Training– Support Services


• Technology

Prerequisites

Outcomes

Initiatives

SupportTraining

Access

Net

wor

k

Har

dwar

e

Sof

twar

e

Initiatives / Projects

Dis

trib

uted

Lea

rn. &

Tea

ch.

Mul

timed

ia R

epos

itory

Libr

ary

Res

ourc

es

Student Friendly S

ervices

Com

mon. M

gt. System

s

Stream

line I/T Delivery

Procurem

ent Process Im

provement

One C

ard

Access Infrastructure Initiative

Cen

ters

for

Inst

. Tec

h. D

evel

op.

• Optimal Personal Productivity

• Excellence in Learning and Teaching

• Quality of Student Experience

• Administrative Productivity and Quality

Baseline Training & User Support Infrastructure

ITS FRAMEWORK

FULL

BASELINE

CURRENT


Drivers for a Multi-campus Approach to Middleware

• Financial– While a one-size-fits-all approach may not work for

all components, some economies of scale can be achieved.

• Political– Being a State-subsidized institution, proper

stewardship of public resources is always important, but it is especially important when budgets are tight.



• Coordination– Success even at the campus level will depend on a

well coordinated approach. A Systemic effort will help reinforce the importance of coordination and cooperation.

• Help communicate the value of middleware and the benefits of the effort.

• Consistent with CSU Integrated IT Strategy


SupportTraining

Net

wor

k

Har

dwar

e

Sof

twar

e

Access Infrastructure Initiative Baseline Training & User Support Infrastructure

Middleware

ServiceOutcomes

InitiativeApplications

The position of Middleware in the ITS Pyramid when viewed through the technology.



• Maximize Value of Technology Investments– Infrastructure Terminal Resources Project– Common Management Systems– PHAROS Library Project

• Help balance requirements for Strategic and Tactical planning

• Assist with Change Management


Development Principles for an Enterprise Directory

• Collaborative effort among all CSU campuses• Maintain appearance of unified directory

architecture• Adopt a system wide unique identifier• Common view (eduPerson, etc.)• Standard software (LDAP now, others later)• Security at least as good as source

data/applications/business processes


Highlights of Draft Recommendations

• Organized into three phases:

– January 2003 – June 2003

– July 2003 – December 2003

– January 2004 – December 2004


Phase One: Jan 2003 – June 2003

• Establish CSU Middleware Policy Board• Create initial policies• Establish CSU LDAP definition <EduPerson• Establish a single, state-wide LDAP directory

service– Replicate external-facing portion of

individual directories– One-third of campuses providing data to

this directory• Pilot Shibboleth authorization



– Register the CSU as a certificate authority – Establish a model and whitepaper to define

best practices for identity reconciliation. – Prepare a “good practices” whitepaper on

developing campus registry and directories• Create recipe for campus development• Conduct System-wide workshop



– Work with CalVIP to integrate of the directory structure into Video initiatives.

– Working group to evaluate business case for CSU-wide permanent identifier for individuals

– Get commitment from CMS Executive Committee to assure integration into CMS baseline (ERP Project)


Phase Two:July 2003 – December 2003

• Complete external directories for all entities.• Move Shibboleth from pilot into full production.• Develop a plan to integrate campus-wide directories

into CMS and CSU Mentor (Admissions)• Develop a plan to integrate campus-wide directories

into Pharos (Library system).• Pilot secure messaging/digital signature system,

possibly based on PKI-Lite specification• CSU-wide identifier - consider initial development of

technology and procedures for implementation


Phase Three:January 2004 – December 2004

• Complete Integration with CMS and CSU Mentor

• Complete integration with Pharos• Extend secure messaging/digital signatures to

all campuses• Assignment of permanent identifiers in full

operation.• Pilot extension of Middleware infrastructure to

Community College and K12 community.


Reaction within CSU

• CIO’s – very supportive – “we need to do this”• Initial response from Library, ERP initiative

has been positive• Challenge to find resources in tight budget

environment


Discussion• What are the drivers at your

institution?

• How are defining success?

• Have you faced any unique challenges?

• Have you realized any successes you would like to share?


More Information

Middleware:• http://middleware.internet2.edu/• http://www.nmi-edit.org/

My contact information:• [email protected]

Middleware Business Case and Stakeholders: The why and who of enterprise. Mark Crase, Ed.D. Sr....

Documents

Transcript of Middleware Business Case and Stakeholders: The why and who of enterprise. Mark Crase, Ed.D. Sr....