1 / 25

Middleware Initiatives in Australia

Middleware Initiatives in Australia. Alex Reid Director, eResearch/Middleware, AARNet. Contents. Australian Research Infrastructure Government Initiatives NREN Middleware Strategy MAMS PKI Project eduroam. National Research Infrastructure.

henrik
Download Presentation

Middleware Initiatives in Australia

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Middleware Initiatives in Australia Alex Reid Director, eResearch/Middleware, AARNet JISC Core Middleware Meeting

  2. Contents • Australian Research Infrastructure • Government Initiatives • NREN • Middleware • Strategy • MAMS • PKI Project • eduroam JISC Core Middleware Meeting

  3. National Research Infrastructure Backing Australia’s Ability – An Innovation Action Plan for the Future 2001/2004:http://backingaus.innovation.gov.au/ $3 billion over 5 years from 2000-1 $5.3 billion over 7 years from 2004-5 Systemic Infrastructure Initiative (SII) to upgrade research infrastructure at Australian universities: $246m over 5 years from 2000-1 to 2005-6 $542m over 6 years from 2005-6 to 2010-11 • HEBAC (Higher Education Bandwidth Advisory Committee) 2002-3http://www.dest.gov.au/highered/research/pdf/aren.pdf • ARENAC (Australian Research and Education Network Advisory Committee) 2003+http://www.dest.gov.au/sectors/research_sector/programmes_funding/programme_categories/key_research_priorities/australian_research_and_education_network/arenac.htm • HEIIAC -> ARIIC (Australian Research Information Infrastructure Committee) 2003+http://www.dest.gov.au/highered/research/ariic.htm • NRIT (National Research Infrastructure Task Force) 2003-4http://www.dest.gov.au/sectors/research_sector/policies_issues_reviews/reviews/previous_reviews/national_research_infrastructure_taskforce_framework/default.htm • NCRIS (National Collaborative Research Infrastructure Strategy) 2004-5http://www.dest.gov.au/sectors/research_sector/policies_issues_reviews/key_issues/ncris/default.htm • eResearch Coordinating Committee 2005+http://www.dest.gov.au/sectors/research_sector/policies_issues_reviews/key_issues/e_research_consult/default.htm/ JISC Core Middleware Meeting

  4. Research Infrastructure Framework JISC Core Middleware Meeting

  5. AARNet3 Components • APL Tender for v3 of AARNet mid-2004 • ARENAC $70m + APL own reserves • National Backbone: own 2 fibre pairs across the country – deployed since 2004 at 10Gbps • Regional Network: diverse routes, using DWDM, up to 320Gbps • International Links: IRU on 2x 10Gbps fibres across the Pacific (SCCN) – PoPs in Seattle, LA • “Commodity” connectivity in Australia & USA (Seattle, Palo Alto) • Participate in TEIN2 – PoPs in Singapore & Frankfurt JISC Core Middleware Meeting

  6. AARNet3 Infrastructure – National JISC Core Middleware Meeting

  7. AARNet3 Infrastructure – Comparison JISC Core Middleware Meeting

  8. AARNet3 Infrastructure – Global JISC Core Middleware Meeting

  9. Place of Middleware Users Applications, Human Interfaces Middleware: Application-independent; Resource- & Location-neutral Knowledge Management, Resource Management, Collaboration Tools, Grid Services Authentication, Authorisation, Access, Accounting: PKI, Shibboleth, etc Local, Regional, National & International Network Infrastructure Facilities, Services, Resources: Processing, Data Storage, Instruments, Electronic Information JISC Core Middleware Meeting

  10. Draft Middleware Action Plan Following National Forum Dec-04, a Draft Plan was agreed: • Undertake an environmental scan. • Establish a single PKI Certification Authority for R&E. • Establish a sound basis for federated security systems in Australia that will scale to international federations. • Establish appropriate mechanisms to coordinate all R&E Middleware initiatives in Australia. • Agree to investigate adopting Shibboleth. • Establish and sustain strong connections with relevant Australian initiatives/entities. • Establish and strengthen overseas links. • Promote the swift implementation of enterprise directory services at all Australian education and research institution. • Develop strong visibility for and marketing of the Middleware agenda in Australia. JISC Core Middleware Meeting

  11. Survey of Identity & Access Management • Undertaken in May 2005 • Establish State-of-Play at Australian universities • Identify best practice, barriers to rapid implementation, authorisation requirements • Goal is: • pervasive, federated infrastructure that integrates organisations internally while simultaneously allowing them to interoperate with others [Burton Group, 2002] • 49% response (low, due to complexity) • Currently: • Usernames/passwords, Same Sign-on, EZProxy, VPNs, LDAP, in-house integration • Moving to: • Single Sign-on, automated integration (data feeds from corporate systems), Portals, PKI • Barriers: • Resources, high risk to critical systems, lack of standards/guidance & training, coordinated middleware JISC Core Middleware Meeting

  12. ARIIC Projects • 1st Round (FRODO) 22-Oct-03 ($12m): (Federated Repositories of Digital Objects) • MAMS (Meta Access Management System) $4.2m • ARROW (Australian Research Repositories Online to the World) • ADT (Australian Digital Theses Program Expansion) • APSR (Australian Partnership for Sustainable Repositories) • 2nd Round (MERRI) 22-Aug-05 ($19m): (Managed Environment for Research Repository Infrastructure) • MAPS • PKI/Shibboleth (operationalise the CAUDIT PKI Standards Project) • 18 Others (mostly specific collections development/access & digitisation) JISC Core Middleware Meeting

  13. ARIIC MERRI Grant – MAPS • Announced by Minister 22-Aug-05 • $582,910 granted • Lead site: University of Queensland (Nick Tate) • Supported by: CAUDIT, CAUL, Monash, ANU, Macquarie, AARNet, GrangeNet • From now till end 2006 • Purpose: • This project will identify the software and services (middleware) that are currently being used in Australia to link applications across a range of resources on networks and computer systems in Australian universities. The MAPS project will identify existing areas of activity in the university and research sectors, and use these results to tap into the expertise across the sector to build a strategic plan of activities and projects for an Australian collaborative middleware strategy. This is an important project whose outcomes will enable other projects to leverage off common infrastructure and focus on providing new services that can be shared across the education and research sectors. JISC Core Middleware Meeting

  14. MAPS Activities Goal: Agreed Strategy for Middleware Deployment and Development (note the 2 strands) • Project Manager • Steering Committee, Reference Group, Kick-off Forum • Wide consultation: committees, forums, wikis, mailing lists, Website • Environmental Scan/Stocktake (local and global) • Analysis of findings, development of draft Strategy • Expert Reports • Round-Table • Finalisation of Strategy • Future Funding Proposals JISC Core Middleware Meeting

  15. Existing Middleware Activity • APAC Grid (http://www.apac.edu.au/programs/GRID/index.html) • Nimrod-G (http://www.csse.monash.edu.au/~davida/nimrod/) • CAUDIT-PKI (http://www.aarnet.edu.au/engineering/middleware/archive/middle/2004/ref/CAUDIT%20PKI%20Standards%20Proposal%20-%20V5.doc) • AARLIN (http://www.aarlin.edu.au/) • DEST/JISC e-Framework • eduroam • Emerging developers, end users, identity providers, service providers • MAMS (https://mams.melcoe.mq.edu.au/zope/mams): • Developing hands-on technical/policy experience with Shibboleth within the community • Test Shibboleth federation is being established, including a WAYF server • Scouting for suitable test IdP’s and SP’s JISC Core Middleware Meeting

  16. MAMS – Broad Goals • Meta-Access Management System • Addressing the “Authentication, Authorisation, Identity, Single-Sign-On, Federation, Trust, Security, Digital Rights and Automated Access Policy” Cluster of Problems!! • Iterative demonstrations to help drive the gathering of user requirements • Development of common services prototypes • Intra-institutional multi-modal SSO • Inter-institutional access management • Attribute exchange (Shibboleth) • Automation of policy • Federated and extensible identity • Other common services: DRM, search, metadata • Implementation advice and programs JISC Core Middleware Meeting

  17. MAMS Next Steps • Shibbolise Fedora, Dspace repository systems • Add Shib to test environments at NLA, APSR, … • Organise install-fests (SSO workshop) & roadshows • Offer support (CMS, forum, mailing-list, FAQs) • Start an Australian Federation: • 3 levels: Test-Fed (sand pit); OZFed (identity verification); Legal (technically = OZFed, but formal agreement like InCommon) • Integrate cross-domain SSO with institutional SSO • Integrate with desktop SSO (Kerberos) • Integrate XACML into SAML • Develop plug-ins for legacy systems • Develop ARP manager (Sharpe) & provisioning tools • Easy installation packages (Shib+WebISO) • Virtual Organisation (client & server) packages • Offer policy & legal documents, etc… JISC Core Middleware Meeting

  18. MAMS ARP Editor – Sharpe Manage SP: - Add & Delete SPs Manage Attribute Mapping: - Create, Edit, Copy (clone), Delete Mapping Sets Manage SP Contracts: - Create, Edit, Delete SP Contracts Manage User Contracts: - Create, Edit, Delete User Contracts JISC Core Middleware Meeting

  19. CAUDIT PKI Project The CAUDIT PKI Project involves developing a single national PKI standards framework for HE & Research, including: • Certification Authority (CA) • Registration Authorities (RA) – 50+ • Certificate Policy (CP) • Certification Practice Statement (CPS) • Able to scale to 1 million clients Initially built purely for test/trial purposes: • not evolve into a production service model; • only survive until late 2005; • support 4 levels of assurance; • support cross-certification; • support embedding in web browsers (positive Microsoft discussions); • support signed emails. JISC Core Middleware Meeting

  20. CAUDIT PKI Project Certification Levels JISC Core Middleware Meeting

  21. PKI Trust Model • AusCERT Root CA is trust anchor for the CAUDIT PKI • Old CA’s continue to work • Cross-certifies with national, international and global PKIs (eg HEBCA) • AusCERT will provide: • PMA • Directory of Directories • Single point Certificate Dissemination. • Single point CRL and OCSP. • Virtual CA for institutions that can’t deploy own PKI PMA = Policy Mgt Authority; CMS = Cert Mgt System; CRL = Cert Revocation List; OCSP = Online Cert Status Protocol JISC Core Middleware Meeting

  22. CAUDIT PKI Project Status Current Status: • The AusCERT Root CA and the 4-Certification-Level CA have been set up and are issuing certificates. • UQ has set up its 4 Institution Level CAs and is issuing end-entity certificates. • Monash and Victoria Universities have set up their Institution Level CAs and issuing end-entity certificates; they are now heavily involved in client and CMS capability and interoperability studies with UQ and AusCERT. • Certificate Policy/ Certification Practice Statement has been drafted and sent to participant universities for feedback. • A few pilot sites have dropped out because they couldn't supply the necessary resources; the others have also had resourcing issues but are soldiering on. • Final Report submitted October 2005. Next Step is to turn it into a production system, and establish close ties with Shibboleth (authorisation elements) – this has been funded as part of MERRI JISC Core Middleware Meeting

  23. eduroam • Being undertaken jointly by AARNet & GrangeNet • 17 members signed up • Deploy eduroam in AARNet offices & staff • Write and seek endorsement for national eduroam policies (ratification by CAUDIT imminent) • Promote and participate in eduroam developments within the APAN region • Participate in eduroam global working group • See www.eduroam.edu.au JISC Core Middleware Meeting

  24. Global Middleware Involvement • Europe • Close co-operation with JISC, Terena and European NRENs on eduroam & other Middleware activities • Americas • Working on eduroam and Shibboleth activities • APAN (Asia-Pacific Area Network) • Taking responsibility for advancing Middleware awareness/agenda within APAN • APAN Middleware mailing list • APAN Middleware stream for Jan 2006 Tokyo APAN meeting • Global • Convened eduroam global working group • Involved in general Middleware policy (eg “Slaughter” meeting) • Global Research & Education Federations mailing list (Refeds) • MACE/MICE participation JISC Core Middleware Meeting

  25. END For further information about Australian Middleware developments, see: http://www.aarnet.edu.au/engineering/middleware/ Email: Alex Reid alex.reid@aarnet.edu.au James Sankar: james.sankar@aarnet.edu.au QUESTIONS??? JISC Core Middleware Meeting

More Related