Middleware Workshop
 Chairman :  Yasuo Okabe ( Kyoto University, Japan ) [ okabe@i.kyoto-u.ac.jp ]
 Members :  Nate Klingenstein (Internet2, USA)
  Kento Aida (NII, Japan)
 Objectives :  This session will encourage the collaborations of middleware developers and those responsible for identity management and directory services to discuss ways to get campuses ready for middleware technologies so that end users can connect to the network and access resources (online journals, collaborative services, grid applications, wireless roaming, etc.) in a secure, scalable and manageable way. This workshop may also include some Grid Middleware talks.

 Target Audience :  Open for any attendees, especially researchers, application developers and operators working on academic networks, AAI and Grid.
 Expected Number of Participants :  30
 Agenda :  

9:00-9:30: #1 CARSI: Cross University Identity Management and Resource Sharing over CERNET, China   Slides

Speaker:   CHEN Ping , PH.D, professor, director of Network Group, Computer Center, Peking Univ., China

Abstract:CARSI (CERNET Authentication and Resource Sharing Infrastructure) is a project chartered to build a federated identity infrastructure over CERNET. In the past 5 years, the experimental pilot project is sponsored by CNGI (China Next Generation Internet) project, National Hi-tech Research and Development project, and other national projects, focusing on different application topics. The recent project is to build a cross-university campus communication platform over 28 universities. The underlying identity infrastructure is CARSI. The communication expands to Bulletin Board Systems, online courses, classic lectures, learning material sharing, video sharing, library, and other materials over learning, living, entertainment of university student daily life. Compared to previous projects, this time, the member university number is the biggest and it's the first time that most of the members connect their online campus-wide user management system and online applications. Application types are also richer than before.

Compared to federated identity in other countries, CARSI is still in its beginning phases. It is a grateful that more and more people begin to know the technology and are willing to use it, but there is still a long way to go.

To learn more, please visit the CARSI homepage

9:30-10:00: #2 Tuakiri, the New Zealand Identity Federation   Slides

Speaker:   Tim Chaffe , Enterprise Architecture Manager, University of Auckland

Abstract: An overview of New Zealand, it's institutions, their significant activities, the state of identity across the education and research sectors.

10:00-10:30: #3 Japanese Academic Access Federation in 2010 and our Current Challenges   Yamaji's Slides   Nakamura's Slides

Speaker:   Kazutsuna Yamaji   and   Motonori Nakamura

Abstract: The Japanese academic access federation, GakuNin, is deploying federated identify in Japan using the SAML 2.0 standard, primarily with Shibboleth software. GakuNin entered production operation last April, and has grown today to 19 IdPs and 20 SPs This talk summarizes our progress in the 2010 fiscal year. In order to accelerate its activity, the federation focuses on additional technologies beyond just operational management. Of these new technologies, we will specifically discuss our user consent acquisition system and our virtual organization system.


10:30-11:00: Break

11:00-11:30: eduroam talks

#4 Title: eduroam APAN updates   Slides
Speaker:   Hideaki Goto , (Tohoku University/NII)
Abstract: eduroam is the secure, world-wide roaming access service developed for the international research and education community. Although the number of eduroam-ready countries is still small in Asia-Pacific region, we have seen steady growth in the number of member institutions. This talk provides brief updates of eduroam APAN including some country updates. All countries are invited to eduroam.

#5 Title: Collaboration with ISPs for Large-Scale Deployment of eduroam in Japan   Slides

Speaker:   Hideaki Goto , (Tohoku University/NII)
Abstract: There exist more than 1,200 high-education institutions in Japan, and the large-scale deployment of eduroam is a challenging problem. Absence of ICT professionals in many universities and colleges is also considered as one of the difficulties in eduroam adoption. On the other hand, we have seen growing needs for Wi-Fi services outside the campuses since more and more faculty staff and students carry their mobile devices such as laptop computers and smart phones.

Collaboration with Internet Service Providers (ISPs) and telecom companies has a great potential not only to ease the eduroam deployment but also to virtually expand campus networks to downtown areas.

In this talk, we introduce a Cloud-style user authentication system for eduroam and show the case study results of an on-going eduroam-ISP collaboration project.

#6 Title: Flexible Campus VLAN System Based on OpenFlow   Slides

Speaker:   Yasuhiro Yamasaki , (Tohoku University)
Abstract:Using a lot of VLANs on campus networks has become quite popular in order to deploy many logical networks over minimal fibres/cables. A campus-wide Wi-Fi system, for example, requires a lot of VLANs for separating the access networks from other campus networks and for realizing a sophisticated access control such as guest-/home-users separation and security filtering. The requirement is high especially when a network roaming system, such as eduroam, is introduced. The conventional VLAN based on IEEE802.1Q has some limitations, and the system configuration work is laborious. In this presentation, we propose a Flexible Campus VLAN System Based on OpenFlow to solve the problems.

11:30-12:00: #7 An Update on U.S. Identity Standards & Deployment   Slides

Speaker:   Nate Klingenstein , (Internet2)
Abstract: The identity standards world is entering another period of consolidation. Standards like SAML and OAuth 2.0 and non-standard protocols like Facebook Connect have strongly established their place as the foundations of federated identity. The innovation curve is turning towards new functionality now, such as attribute predicates and zero-knowledge proof, attribute consent engines, and integration with protocols beyond HTTP. Nate will update the working group on this progress.

InCommon, the higher education & research federation in the US, continues to grow rapidly. There are now 192 university members and new key service providers like NBC Learn, NIH iTrust, and BlackBoard. Partnerships with corporations and government are growing rapidly. Nate will discuss some recent successes and problems from InCommon.

12:00-12:30: #8 Discussion: Collaborative Identity in Asia

Abstract: Europe has the most advanced identity deployments in the world. Projects like the Kalmar Union and TERENA are uniting national federations, simplifying federated identity for many providers. The secret to their success has been strong European collaboration and application needs. The APAN Middleware WG will spend 30 minutes trying to identify some such projects in Asia.

Please take time to think about some applications and projects that can be shared across APAN's membership before this discussion.

 Remarks :   Videoconferencing will probably NOT be required. Standard lecture-style seating will be fine.

© Copyright 2009 - 2011 APAN | | Last updated: 22 Mar 2011