pilot federation service - launch sat mandri project leader 30 june 2011
TRANSCRIPT
Pilot Federation Service - Launch
Sat Mandri
Project Leader
30 June 2011
2Attribution Share Alike
Tuakiri, New Zealand Access Federation 2011
Tuakiri Team
Julie Watson Senior Advisor, Ministry of Science and Innovation
Nick Jones Co-Director eResearch, Centre for Research
Dr. Matt Cocker Services Manager, The University of Auckland
Tim Chaffe Enterprise Architecture Manager, The University of Auckland
Tim Greville The Registrar & General Counsel, The University of Auckland
Greg Jones Manager Information Service, Landcare Research New Zealand
Robert Gibb Informatics Team Science Leader, Landcare Research New Zealand
Vladimir Mencl eResearch Services & Systems Consultant, University of Canterbury
Sat Mandri Project Leader Tuakiri, The University of Auckland
Daniela Dunn Technical Specialist, The University of Auckland
Aaron Hicks Technical Specialist, Landcare Research New Zealand
AcknowledgementOur Partners
AAF Inc, Australian Access Federation Inc
SWITCHaai, Switzerland Access Federation
Internet2
3
Introduction
Tuakiri will make sharing protected online resources easier
Tuakiri will eliminate the need for researchers, students, and academics to maintain multiple passwords and usernames.
Reduced complexity for the service providers on maintenance of the user accounts. Identity providers manage the levels of their users' privacy and information exchange.
Tuakiri Federation Service has deployed SAML-based distributed authentication and authorization service (Shibboleth® Software) to enable scalable, trusted collaborations among its community of participants.
4
Tuakiri, NZ Access Federation
Tuakiri, New Zealand Access Federation, whose establishment is
being funded by the Ministry of Science and Innovation, will:
provide a legal structure within which NZ’s research and education organizations can share a set of agreed policies, rules and identity for access to online resources.
provide capability for secure and seamless collaboration for the NZ Universities, Crown Research Institute by 31 July 2011.
establish trust relationships and shared understanding of language or terminology.
enable people to use their home institution credentials to connect to remote sites without revealing their credentials or releasing unnecessary private information.
Interim Governance Committee
5
Name Position/Institution/Contact Details Representation NominationJulie Watson eResearch Advisor
Ministry of Science and InnovationEmail: [email protected]: +64 4 917 2863
Government, Ministry of Science and Innovation
Project Sponsor, Advisor
Timothy GrevilleIan McCombe/Brookfields Lawyers
Registrar & General Counsel The University of AucklandEmail: [email protected]: +64 9 923 2048
Legal Counsel Advisor
Nick Jones Co-Director eResearchCentre for eResearchDirector of BeSTGRIDThe University of AucklandEmail: [email protected]: +64 9 373 7599
1) eResearch
2) BeSTGRID
3) NeSI, and
partnership
inclusive, NZGL
Project
Executive Officer
Tim Chaffe Enterprise Architecture ManagerITS Strategy & Development Dept.The University of AucklandEmail: [email protected] Phone: +64 9 923 2469
Project Owner Executive Officer
Greg Jones Manager Information ServicesLandcare Research New ZealandEmail: [email protected]: +64 3 321 9710
Representing CRITTERs, and the Crown Research Institutes
Executive Officer
Dr. Matthew Cocker
Technical Services ManagerInformational Technology DepartmentThe University of AucklandEmail: [email protected] Phone: +64 9 923 7075
IAM Consultant, Representing ICTC and NZ Universities
Executive Officer
6
Participating Institutions
Universities Crown Research Institutes
T
T T
T
T TT
7
Why?
Some of the drivers are:
NeSI NZGL
Enable Collaboration
8
IdM ServiceDeploy IdP
University, CRI
Join
Service
Online resource remotely located
www.myservice.com
www.myscienceproject.ac.nz
www.nesi.org.nz
Deploy SP
www.myservice.com
www.myscienceproject.ac.nz
www.nesi.org.nz
9
Tangibles The outcome of the MSI, The University of Auckland and Landcare Research IAM
Programme will be:
1) Tuakiri, establishment of NZ Access Federation Service
Tuakiri, New Zealand Access Federation project which started in May 2010, has
delivered the following output to date:
2) Interim Governance Committee
3) Constitution (Draft)
4) Federation Rules for the participating institutions (Draft)
5) Development and Test Environment
6) Pilot Federation Service (fit for purpose and functional)
7) Website, technical tools and documentation for Identity Provider and Service Provider deployments. (SAML implementation with Shibboleth Software)
8) Tuakiri Test Federation Terms of Use, and
9) Tuakiri Test and Pilot Federation Usage Policy
Deliverables & Milestones
10
Milestone 1High Level Program Plan, Web Presence, Technical Resources & Tool Kits• 30 November 10
Milestone 2Pilot Federation Service, Interim Governance & Working Committee, Project Scope, Governance Structure, Legal Entity, Federation Rules, Policies & Constitution• 30 April 11
Milestone 3Establish pre-prod model, Tuakiri Infrastructure, Operational Support Model, Transactional Website, Self-Service Tools, Go-Live & Launch of Tuakiri Pilot Services• 31 July 11
Milestone 4Co-federation with Australian Access Federation • 31 March 12
11
Service Model – draft status
As part of the Business Plan work stream, proposition analysis has
been carried out to determine the service model for Tuakiri’s
sustainability as a service.
Analysis considerations:
1) Not for profit, steady state service line with income derived solely from affordable subscription fees
2) Number of institutions the service will initially be available to, 8 x NZ Universities and 8 x NZ Crown Research Institutes
3) It is envisaged that The University of Auckland will initially host the Tuakiri Federation Service (Primary Site) and will provide support services, whilst future-state decision are being made. 11
12
Benefit Realisation
1) Controlled access to protected resources
2) Deployment of standards based Identity Attributes Profile - eduPerson schema
3) eliminate the need for separate or multiple accounts to access resource
4) The home institution controls when an identity is disclosed, and how much information is revealed
5) Build the level of institutional trust through conformance to standards, Act/s and Law:
1) Levels of Assurance (NIST IAM Standards Guide)
2) NZ Privacy Act 1993 (Principles 11 and 12)
3) NZ Immigration Act 2009
6) Enable secure and seamless collaboration
7) Near future - enable collaboration with Australians and the EduGAIN Community
13
What will it cost me?
The project carried out an analysis on the fees structure and it is
envisaged that the model will be similar to Australian Access
Federation, with the possibility of slightly higher cost because of the
smaller number of institutions in NZ. (8 x Universities and 8 x CRIs)
Tuakiri Subscription Fees in NZ Dollars, indicative only:
1. Base Annual Subscription Fee = $4,750
2. Annual Fee Rate per Staff FTE = $2.50 - $3.50
3. One-time sign-up fee $4,750 effective from 01 January 201313
14
What do I need to do?
Engage with the Tuakiri Project Visit: www.tuakiri.ac.nz
Email: [email protected]
Contact the Project Leader: Sat Mandri, [email protected]
Plan and allocate resource to deploy IdP
Plan and allocate resource to deploy SP, and enable services
Budget ~ NZD$10 – 15k for Subscription Fees in FY12
Complete the Services Engagement Survey to Identify the business critical service provider or partner services
Communicate and provide your feedback to the Project Leader
15
Join Now
Institutional servicesContent providersVRE – Virtual Research EnvironmentsResearch Infrastructure Experimental toolsFileSender - Large File Transfer ServiceDatasources……………
Enquire now to join Tuakiri Pilot
Federation Service
send an email to [email protected] or
contact the Project Leader, Sat Mandri, email [email protected] or Phone 64 9 923 1888
joining Tuakiri as an early adopter is free
the free service is available till 31 December 2011.
NeSI
NZGL
Who can join?
Who can join: an institution and/or a service provider to the higher education and research sector
The institutions are required to follow and abide by:
1)the Federation Rules
2)Tuakiri Test Federation Terms of Use, and
3)Tuakiri Test and Pilot Federation Usage Policy
16
Become a trendsetter in the higher education and research sector, collaborate and drive innovation
Connecting Virtual Communities
17
18
Thank you for listening
1919
High Level Program Plan
Q1 Q2 Q3 Q4 Q1 Q2
Jul 10 Jul 11Apr 10 Oct 10 Jan 11 Apr 11Jan 10
Q3 Q4
Oct 11 Jan 12
New Zealand Universities and Crown Research Institute Identity Federation Strategy• Matthew Cocker
Report Commissioned
Communication, Workshops, Events & Seminars
Enablement
Project Initiation• AAF• MoRST
IAM Project Team• Landcare
Research NZ
• The University of Auckland
• The University of Canterbury
Build Relationships with the International Community
Program Establishmen
t
Engagement with Australian Access Federation (AAF)Enabling the Technical Resources and Toolkits for the establishment of New Zealand Access Federation Services
Establish • Project
Program• Project
Leader
NZ eResearch Symposium
Australian eResearch Symposium
Develop • Exec Briefing• High Level Program
Plan
Go-live • Technical Support &
Resources Tuakiri Web Presence • Informational
website
Establish Interim Governance & Working Committee
Federation
Establish Legal Entity
Create Constitution & Policies
Establish Development & Test Environment
Establish Pilot Federation Service
Implement PFS Infrastructure
Define Operational Readiness Model
Go-Live Tuakiri PFS
Explore Co-
Federation
with AAF
Implement Co-
Federation with AAF
Technical Capability Plan
Develop Service Model
Project Technical Team
Marketing & Communication Campaign
Landcare IdP Identify IdP
CandidatesImplement IdP Candidates
Identify SP Candidates
IdP ToolkitSP Toolkit
Implement SP Candidates
Sustainable Technical Capability
Establish & Confirm Governance Structure
WS 1
WS 2
WS 3
WS 4
WS 5
Develop Detailed Project Scope
Keys
Completed
Work in progress
In pipeline
2020
Mission
The New Zealand Access Federation,
Tuakiri will establish and manage the legal,
governance, policy and technical
frameworks required to form an identity
federation between New Zealand
Universities and Crown Research
Institutes
21
Vision
The New Zealand Access Federation
“Tuakiri” will enable federation users to
seamlessly, securely and easily access
federation resources at remote locations
using a single set of credentials provided
by their home institution