APAN Home
   
 


 
 Session  Middleware: Extending Campus Identity & Security
 Chair(s)  Yasuo OkabeNate, Klingenstein
 Objective  TBA
 Target Audience  Deployers and maintainers of campus identity management systems, applications that use that identity information, and other organizations involved with running national identity systems.
 Agenda 1. [VTC] Shibboleth Implementation for the Australian Access Federation (AAF)
Speaker: James Dalziel / Macquarie University Sydney, Australia

Abstract: This presentation provides an overview of Shibboleth implementation for the Australian Access Federation (the national Shibboleth and PKI rollout for the Australian higher education and research sector). The AAF Shibboleth rollout builds on the lessons of the MAMS (Meta Access Management System) project at Macquarie University, which has implemented a testbed Shibboleth federation with 27 IdPs and 28 SPs, covering approximately 1 million identities. The presentation will discuss the Operational Requirements recommended for the Shibboleth rollout, together with related technologies such as ShARPE and Autograph for institutional and personal privacy management. The presentation will also discuss the use of a Federation Manager system (including customised metadata) and Federation Services, and conclude with discussion of implementation timelines.

Biography: James Dalziel is Professor of Learning Technology and Director of the Macquarie E-Learning Centre Of Excellence (MELCOE) at Macquarie University in Sydney, Australia. James leads a number of projects including: LAMS (Learning Activity Management System), including roles as a Director of the LAMS Foundation and LAMS International Pty Ltd; MAMS (Meta Access Management System), a national identity and access infrastructure project for the Australian higher education sector; RAMP (Research Activityflow and Middleware Priorities), a project investigating open standards authorisation and e-Research workflows, and ASK-OSS (the Australian Service for Knowledge of Open Source Software), a national advisory service on open source issues for the Australia higher education and research sector. Prior to his current roles, James helped lead the COLIS (Collaborative Online Learning and Information Services) project, was a Director of WebMCQ Pty Ltd, an e-learning and assessment company, and was a Lecturer in Psychology at the University of Sydney.
2. Application Resources Integration to CARSI Federation
Speaker: Hao Ma / Computer Center, Peking University

Abstract: CARSI (CERNET Authentication and Resource Sharing Infrastructure) project aims to provide a resource sharing platform for CERNET (China Education and Research NETwork) universities and users through cross-domain identity management. Among those internet web applications which intend to be integrated with CARSI, different authentication and access control mechanisms are required. The diversity and complexity of the application local user management policy increases the difficulty of integrating applications to the CARSI federation. Therefore, it hindered federation extension and application resource abundance. The presentation will introduce related research in CARSI and mainly focuses on the problem of how to easily integrate various internet applications into the cross-domain resource sharing platform. Based on the web application inherent user management policies and requirements, when it comes the problem to upgrade them to CARSI resources, the legacy applications are classified to three that is 1) the authentication only resources, 2) the authentication and authorization independent resources, 3) the authentication and authorization embedded resources. The presentation will analyze the three resource categories in detail and introduce the CARSI resource integration model that uniformly supports the three categories with little modification to application codes and big enhancement to federation sharing.
Biography: Hao Ma is a Associate Professor of Computer Center at Peking University. His research interests are in computer networks. In particalar, his current projects span serveral areas, such as P2P streaming, P2P security, network management and Internet measurement.

3a. Identity and Access Management Development in New Zealand
Speakers: Jenni Harrison (Ministry of Research, Science and Technology), Neil James(IT Strategy Consultant)

Abstract: In New Zealand, the research and education community is beginning to realise the benefits of extensive use†of KAREN (Kiwi Advanced Network for Education and Research). However to be confident in exchanging research information, there is a requirement for robust identity and access†management (IAM) within our institutions. This†presentation will discuss the background that has led to the current†environment, including the relationship with the Australian R&E†community.

The establishment and the role of the IMAGER (Identity and access†Management Action Group for Education & Research) will be discussed,†and there will be a discussion of proposed initiatives to support future IAM†development in the R&E community.

Neil James's Biography : Neil James has been employed in IT activities for almost 40 years, including technical development work, university lecturing, and the use of technology in teaching and learning. He was the Director of Information Technology Services at the University of Otago for 15 years.
Neil has been involved in the development of computer networking in New Zealand for over 30 years, including taking a major role in the evolution of the research and education advanced network, KAREN, and now serves on the Advanced Network Capability Build Advisory Panel as Deputy Chair.
Neil has maintained a keen interest in eResearch, regularly attending relevant conferences. He has recently taken a lead in raising the need for New Zealand institutions to upgrade their identity and access management capabilities as a precursor to joining IT Trust Federations. In November 2007 he was contracted to run identity and access management workshops for members of the KAREN community.

Jeni Harrison's Biography: Dr Jenni Harrison is a Policy Adviser in e-Research at New Zealandís Ministry of Research, Science & Technology (MoRST). MoRST is responsible for managing the Governmentís research, science and technology (RS&T) investment. In addition MoRST provides policy advice on RS&T issues and encourages innovation and commercialisation of scientific and technological knowledge and ideas. Jenni drafts policy on behalf of the Minister on R,S&T to enhance e-Research development within New Zealand.
Jenniís work in identity and access management allows her to engage with those leading in e-Research to help develop a confident community effectively using New Zealandís e-infrastructure. Her work with IMAGER involves close working relationships with leading researchers and a number of research organisations.
Jenni actively participates in national ICT policy governance groups such the New Zealand Digital Strategy Steering Group and Education Sector Agencies ICT committees. She is keen to encourage New Zealand e-Research national and international discussions to encourage collaboration to address common challenges.

3b. ScenzGRID - new middleware architecture for geospatial collaboration
Speakers: Robert Gibb

Abstract: As network connectivity increases in speed and capacity, new collaborative opportunities emerge. Robert will describe how Landcare Research and GNS Science plan to capitalise on KAREN's speed to develop SCENZ-Grid - a new middleware architecture for geospatial collaboration and computation. At its core SCENZ-Grid brings together the concepts of GRID-computing and GRID-data storage, managed workflows and web based collaboration tools and applies them to delivery of on-demand geospatial analysis.

Presenter biography: Dr Robert Gibb is the Geospatial Informatics Research Leader at Landcare Research and PI for the SCENZ-Grid REANNZ Capability Build Fund project. He has over 25 years experience in geospatial research in New Zealand and pioneered GIS metadata catalogues in the late 80s and web-based GIS in the mid 90s. He was closely involved in the development of NZ's Geospatial Strategy, and continues to be closely involved with its implementation.


4. (Tentative )Policy-based access control for secure and user-friendly WLAN roaming systems
Speakers: Hisaya Wakayama (speaker), Junichi Yamato, Hideaki Goto, Hideaki Sone(Tohoku University, Japan)

Abstract: Security and usability are both very important in campus WLAN roaming systems. We have developed two functions to improve eduroam-based WLAN systems. One of them is a policy-based access control function that grants roaming users' accesses to the local resources at the visited institution. The function uses access level assigned to the user at the home institution and access policy at the visited institution. The other one is a proxy VPN function which automatically establishes VPN connections for roaming users' terminals. Throughout evaluations using our prototype system, we have confirmed that the system can provide transparent accesses to home institutions' resources with easier operations for users and appropriate access controls to the local resources.
Biography: Hisaya Wakayama, received his B.E. and M.E. degrees from Waseda University, Japan, in 2004 and 2006, respectively. In 2006, he joined NEC Corporation, Japan, and is also a researcher for the collaboration with industry, academia and government, at Tohoku University, Japan. His current research interests are wireless communication systems, especially multi-layered mobility systems
 Remark  Room setup: Class Room Shape

© 2008 APAN | Last Updated 18 Jul 2008