Identity Management

So yesterday was the first programme meeting of the JISC AIM Programme, being ably led by Chris Brown. I won’t go in to too much detail about all of the nine projects, as you can see for yourself on the JISC website. Instead, I will try and tell you the things that struck me from the day.

Things I am excited about:

• I think I may have already mentioned that I am very interested in the RAPTOR project as I think the stats tool they are producing will provide real and immediate benefit to universities and colleges throughout the UK. They are looking for people who would be willing to product test for them – so do get in touch if you would like to be involved!
• The SMART project will look at the emerging UMA (User Managed Access) protocol that is part of the Kantara Initiative. I’m really pleased to see some real UK effort going in to Kantara, and as far as I know, this is the first project we have funded that really looks at the tricky problem of getting students firmly engaged as the ‘managers’ of their identity. This is definitely one to watch.

Things I am curious about:

• The Identity and Access Using Social Networking Technologies Project (phew, now you know why we use acronyms) is a fascinating look at how we might use the Friend-of-a-Friend vocabulary within the NGS and the UK federation access management approaches. I find this really interesting, particularly as it tackles the complexities of both describing people’s relationships rather than just their memberships and the tricky issue of delegation. As I mentioned on twitter, I’m worried about creating a user-friendly interface to allow this complexity to be managed. I’m sure the project team are up for the challenge though!

Things I am worried about:

The recurring theme of the day was, ‘how do we make institutions populate x…..’. Encouraging institutions within the UK to both use richer attributes sets and tackle the group management problem is something I am very keen on. It is something that is encouraged within the recently published Identity Management Toolkit but is a problem we have yet to solve. I would really like to see JISC fund some more projects to help universities and colleges take the next steps to have rich attributes and well manged group systems and would be interested to hear your views on what we should do next in this space to make this happen.

My advice to the projects was to really understand their use case. Do they have attributes they need everyone in the UK to adopt? Is there instead a small group of target institutions? Are there IdPs in other federations that would need to adopt the attributes? Is this a virtual organisation or larger community problem? I also encouraged the projects to use each other as test sites and to make use of the lovely people on the jisc-shibboleth mailing list who are always happy to come forward and give their opinions and support!

My final recommendation is that smaller VO style projects might be more interested in looking at lightweight metadata aggregation than working within the structures of formal national federations. Andreas Solberg has some really interesting tools and ideas on his blog that are definitely worth looking at. I’m interested in these concepts as they challenge our expectations of where ‘federation’ metadata is published, where it is aggregated and by whom.

Challenging our processes and exploring new ways of implementing ideas is what innovation is all about, so I very much look forward to seeing more from these projects from the innovation arm of the JISC Access Management stable!

The following text is taken from a briefing paper I prepared for the UK federation Policy and Advisory Board – i thought it might be of broader interest!

1. Introduction

One of the most discussed topics within the federation space at the moment is ‘interfederation’. This describes the process of two or more federations exchanging metadata to allow members within different federations to connect via a federated access management exchange. This process results in a ‘metadata aggregation’ – the subject of a useful paper by Ian Young and Chad La Joie. This briefing paper is intended to give an overview of the current thinking behind interfederation at the current time.

In most interfederation models, the principle that Identity Providers are static, and Service Providers are mobile is used. This means that Identity Providers are expected to join their ‘home’ federation (their local education and research federation) but that Service Providers have no such natural affiliation. At the present time, this means that Service Providers have to join multiple federations to interact with each separate group of national Identity Providers. This is clearly sub-optimal for Service Providers, who have to deal with multiple agreements different approaches to discovery, attributes etc. and differing approaches to charging. The interfederation approach aims to solve this problem as effectively as possible.

Whilst these assumptions generally form the basis of most discussions, there is no requirement for Identity Providers to be ‘static’ within federations and future models may see more mobility from IdPs.

2. Available approaches

2.1 Aligning Policy

Whilst not strictly an ‘interfederation’ approach, the complexities faced by Service Providers could be addressed through more work on ensuring that education and research federations use policies that are aligned. This would mean that SPs could be given assurances that the policy of federation A is the same as federation B, with perhaps minor changes to clauses x,y and z, thus cutting down on the lead time and legal expenses of SPs as they join multiple federations. This approach was the subject of a JISC funded study: “Investigation into the Feasiblity of a Cross-Jurisdictional Common Access Management Federation Agreement”. This report noted that there were no significant legal reasons why federations have adopted different policy agreements, and that most differences were based on cultural and funding issues.

Advantages

• Supports SPs by improving their experience of approaching multiple federations.
• Does not impact on charging models adopted by many federations.
• No need for interfederation agreements to be signed.

Disadvantages

• Still requires SPs to join multiple federations.

Whilst it is unlikely that we will see a wholesale change in policy across federations, the study has been useful in making small changes to policies in order to support interfederation – such as the alignment of meaning assigned to values in the eduPersonScopedAffiliation field.

2.2 Interfederation

Interfederation is achieved by two federations bilaterally agreeing to exchange metadata, and agreeing a policy for achieving this aim. Uses for the UK federation would be interfederation with the Government Gateway to allow parents to use their citizen ID to access school data, and interfederation with organisations such as InCommon, with Service Providers are of interest to UK Identity Providers.

Advantages

• Solves the problem of SPs joining multiple federations;
• Interfederation agreement can be lightweight;
• Model template agreement is available.

Disadvantages

• Getting commitment and agreement from two federations to take forward;
• Legal issues surrounding the agreements.

This model is now well developed, and an interfederation agreement for use by educational and esearch federations has been tabled. However, no real use is being made of the process. For this approach to be successful, it will be necessary for two federations to take the plunge and sign an agreement and start testing with Service Providers.

2.3 Confederation

Confederation involves multiple federations all agreeing to abide by a single agreement on how metadata will be published, issued and aggregating. This model is being explored by the GEANT funded eduGain project.

Advantages

• Federations only need to agree to one policy;
• Easier for entities to understand the process when centrally managed.

Disadvantages

• Not all federations are likely to be in each confederation ‘club’ so bi-lateral agreements will still be needed;
• Sensitivity over charging models used by each federation;
• Complex to achieve widescale agreement;
• Complexities over ‘lowest common denominator’ for assurance.

As this approach requires many different parties to agree on an approach, it is the most complex to finalise. The eduGain model is suffering from this, and has built up quite a complex set of agreements: a constitution that federations will need to sign, a policy agreement that federations will need to sign and a metadata terms of use (which seems redundant in the light of the preceding agreements). This will act as a significant barrier to entry for many federations, including the UK federation.

Another example of this in action is Kalmar2. This is a collaboration between four of the Nordic countries, allowing confederation to be achieved between a set of like-minded federations.

2.4 Metadata Terms of Use

In this approach, a Federation Operator simply publishes a set of metadata, with a terms of use attached to it (similar to an opensource software license). Any other Federation Operator, or indeed any other metadata distributor, may use the metadata file subject to the terms of use. Trust is established by the consuming Federation Operator obeying the terms of use and the publishing Federation Operator providing a ‘Federation Operator Practise’ statement that the consuming Operator can read, assess and chose to trust.

Advantages

• No need for complex legal agreements;
• Allows metadata aggregation at many levels – does not need to involve a Federation Operator / Registrar;
• Advantageous for ‘virtual organisations’ that cross multiple federations.

Disadvantages

• Does not provide the ‘safety net’ of a signed legal agreement.

This approach is popular among technical developers and federations that have very limited liability, but is less popular with those who are naturally risk adverse or have concerns about legal liability. As this is the easiest way to achieve interfederation, it is beginning to be used extensively amongst small projects. This ‘bottom up’ approach is likely to grow rapidly, and as federations mature it is likely to be the process of choice for achieving simple interfederation.

According to recent reports, nicole is the 11th most likely password in a survey of one million (hacked) user accounts.

This leads me to the following conclusions:

1. My impact on the access management world is so significant, I have become a standard password….OR
2. People called Nicole are generally so dumb they are the most likely to use their own name as their password.

I’ll leave it to you to decide

Given the current economic issues for HEFCE and the education sector as a whole, I read with interest the HEFCE Grant letter for 2010 / 11. The figures are reasonably unintelligible unless you are significantly involved in grant allocations, but the interesting part of these letters is always the wording around the objectives expected of HEFCE. Can we learn anything from this that relates to access and identity management?

The key focus seems to be on greater flexibility, more part-time courses, more modular courses, more partnership courses etc. etc. This does present new challenges, particularly for identity and access management.

Current models of identity management tend to assume that the student’s primary affiliated institution will provide the student with an identity / identities – predominantly an e-mail address and credentials. A more flexible model may make it increasingly difficult to manage such a process, and also raise questions about the importance of such an approach in delivering a service to the student.

The complexity of licensing and assigning authorised rights associated with a license also becomes much more complex. If I am effectively attending four institutions, at what point in time am I authorised to access which resources in which institutions and how will you assign me these rights? Four sets of credentials? We obviously need to do much more work to look at managing multiple affiliations from an access management perspective, and also perhaps the model of institutional licensing for cross-collaboration courses. The upcoming multiple affiliations study final report from LSE and funded by Eduserv will be an interesting read, as will linking services such as the Shintau model.

The overarching model in all of this is ensuring the trust model in federated access. As we look to combine accounts and add authorisations to identities not managed by specific affiliations, how can we assure that these are well managed, revocated at the right point in time, and correctly asserted so we maintain trust? An interesting challenge for all of us I feel!

Now, how are we going to pay for it?!

if I were an Institution with shib 1.3;
I’d migrate to shib 2
if I were a Publisher who has implemented access management with shib;
I’d migrate to shib 2
if I were a publisher who has not implemented access management but said they would in 2010;
I’d go ahead and deploy shib or other SAML compatible product
if I were a member of JISC access management team;
I’d federate everything I use so it wouldn’t matter that I come back after xmas holidays and can’t remember a million passwords…..

So it has been a while since I wrote a blog piece that wasn’t more representative of the mush my mind is in at this time of year than a thoughtful piece on access management. So this is me attempting to tip the balance. Bear with me if it comes out as dribble!

Inspired by some tweets by @m1ke_ellis, I got to thinking about how much a system needs to know about me to make that system effective. The case in discussion was a Virtual Learning Environment – does this need to know that I am a mother, JISCite, author, bad karaoke singer (to plagiarise @m1ke_ellis!) to be able to engage with me effectively?

I have always had a problem with the term VLE as I think very few can be regarded as real learning environments in the pedagogical sense. I think the US term Learning Management System (LMS) is probably more accurate – something that performs a role as the administrative interface to my learning. Thus I need to feed it information that it needs to administrate (address, e-mail, course, preferences) not information about who I am and how I learn. That is the context of this environment.

So, to Carrie Bradshaw the moment, is this all about persona – or personality?

I have often used the term persona on this blog to represent what is often called having ‘multiple identities’. We all have multiple personas to help us interact online in different contexts. I chose to present myself differently within these contexts, so some may include a link to my work blog, others details about my musical preferences etc. etc.

Personality is something slightly different and more elusive, but is the thing that makes me who I am. In a pedagogical environment, this might traditionally be described as my learner type and many systems have attempted to frame themselves differently to recognise the importance of learner type. However, as our identity interactions online become more sophisticated, we need to look at a more specific way of framing this nuance.

A lot of how we are represented and interact online is about what is gleaned from conversations we are having online, and how we are linked to groups and other individuals. Someone is likely to decide to follow on Twitter based on:

• Keywords from my conversations / statements.
• People I follow.
• People who follow me.

So if attributes about me define my persona, what defines my personality? I think it is a mix of:

• Attributes / Persona.
• Environment Context.
• Relationships.

There have obviously been some development in all of these fields, but a formalised approach to the relationships part of personality is still to emerge. Friend of a Friend is an interesting but minimal impact approach, and there have been other tools such as PeopleAggregator and many different ways of ranking and rating the outputs of individuals.

It may not be possible to create a tool to capture this difficult area of our online identity, and of course communities tend to be very self selecting and resistant of categorisation. However I still think it is an interesting part of our personalities in online interactions that is to be further explored.

Well, OK, not that great but I like alliteration

For #FAM09, we decided to make use of the Google Sites facility to manage all of our information flow around the event. We did mount information formally on the JISC website, but there is much richer information on the JISC FAM09 Google Site. This was really part of an experiment on my part as I wanted to know how efficiently Google could support our information requirements, as information is their business!

We were already using Google Docs to manage most of our information. Normally, I would then use the JISC website for the programme+BOS Surveys for the registration+slideshare for slides (copied to the JISC website)+a.n.other for audio / video+this blog+possibly something like Ning for delegates to talk about the event. Given that the JAM team is not overly resourced, I wanted to make life a lot easier for myself, so decided to see if Google could duplicate most of this functionality with a reasonable amount of ease.

My observations?

• Ease of Use: Google Sites is pretty easy to use, and has some nice built in tools like the ability to create different types of pages such as html pages, announcement pages, document pages, and widgit pages. None of the team had used Google Sites before and we all picked it up pretty quickly.
• Look and feel: Google Sites has a number of templates that you can chose from, and there are a variety of tools available for editing the templates. I managed to get ours looking a bit JISC-y. It would be nice to be able to create a formal JISC template, but I couldn’t see a way of uploading your own template. The urls for pages are fairly sensible, and you can chose to have word or number strings for pages.
• Forms: the forms function was very helpful and the outputs automagically created an Excel spreadsheet in our Google Docs. This was so much better and easier to manage than out normal form system so was a really big win.
• Upload: it is fairly easy to embed a document from your Google Docs into a Google Site. Making sure that all of the permissions are set so that people can download or embed in other sites (particularly presentations) was more complex and I had to revisit permission in both Google Docs and Google Sites several times before I got this right – leading to some requests for documents to be shared with delegates (sorry all). It was better than previously as Google does now let you set share permission across a whole folder of documents, but still annoying. The biggest grumble was the document page template on the Google Site. This doesn’t link to Google Docs at all and you have to physically upload files on to the Sites area. an unnecessary and annoying duplication. The presentation facilities aren’t as advanced or pretty as slide share, but the convenience of not having to upload on yet another site was helpful.
• Access Management: this was one of the most disappointing features of the site. To even be able to leave a comment, you needed to be logged in, and the only way to log in was with a Google ID. This was despite the fact that the site was fully open. Given this was a federated access event, this was a big fail for me.
• User Profiles: this really links in to the point above, but it was not possible to create a proper user profile on the site. This really cut down on some of the interaction features that I would expect from a site like Ning. However, at events I have attended in the past where Ning has been used, actual meaningful use of the functions have been low. Is this really in demand as a facility?

So overall, it was a helpful, if not completely professional approach to managing all the information for the event. I still have to finalise some details – I want to pull in some RSS feeds and look at embedding some other tools but it worked pretty well. I will really need to consider the access management, document management and template issues before using again. I’m also slightly worried now the Developer Happiness Days have gone all website posh on me…must keep up with the Jones’!

The best storytelling starts with a sense of mystery to pull you in, but what is NOT a story? This is the opening to the “teaching and storytelling using Web 2.0″ session at Educause. An exercise in the room included comments around something that is not heard, something that lacks personal engagement, something that does not have narrative. This describes a lot of the way we present information.

Of course the web was used for storytelling before web 2.0: Dreaming Methods is a good example of this. So what is the difference now? I think the real difference is a) the ease in which everyone can now communicate online without needing to understand html and b) the ability to respond to stories, which is closer to the older concept of storytelling as a community exercise.

Bringing this back to make it a bit more relevant to this blog, I’m interested in the difference between fictional storytelling and personal storytelling. As we all use web 2.0 tools, how do we build and manage our own storytelling? This is described as character 101 in this session. We have the aibility to create characters online using persona, and to also use our personas to tell non-fictional stories without necessarily revealing our identity. This creates interesting nuances, with people following and befriending fictional characters (such as meerkats from adverts) and personas of real people that are entirely disconnected from the real person behind them.

Important take away from this session for me? what we do in Web 2.0 is no different from what we have always done. We Chat. We Gossip We Relate. We Discuss. We sometimes Work. Is Web 2.0 really all that different from attending a ball at Netherfield?

OK, so I haven’t written a post for a while due to uber-travelling mode and when I do, it is completely off topic. I finally got around to having a play with Google Wave yesterday. I knew I wouldn’t get very far unless I set myself a task to manage, but luckily @simonmcleish noticed my plea for a use case and suggested we carry out a long over due interview with regard to attribute aggregration. This is something I have been known to have opinions about, so seemed like something that would keep us entertained for a while.

First impressions? Easy enough to use and as we were having a two-way dialogue we were able to give each other hints on what do to. I couldn’t work out how to insert a comment half way through an existing text without prompting (double click on the words before you want to add a comment, not the white space after!). It was also convenient for the task at hand as we both had several other things to do that day and were able to have a fairly in-depth interview whilst popping out and taking phonecalls. Convenience marks – good. A good way to have a discussion online? Probably yes.

We didn’t try to upload files or anything like that so i can’t comment on this experience but again, assume this would be quite a convenient way to collaborate on files. However, I’m not sure it would be any more useful than several other collaboration tools that are out there.

Would I use Wave as a primary communication tool? Probably not. I like the fact that my e-mail address expresses my affiliation and therefore I can speak from it with a certain amount of authority. My Google account (particularly as I don’t use my name in my Google identity) really says nothing about me. Simon brought this up at the beginning of the interview, given that we were talking about verified identities! I also do not want to be limited to finding out what everyone’s Google Wave ID is – I have a nightmare of my e-mail signature getting longer and longer (phone, fax, mobile, twitter, skype, Google Wave, blog….).

As an IM tool? Google Wave has the same drawbacks as all other IM tools in that they are limited to accounts within the same system (with the exception of tools such as Pidgin, where you lose functionality instead). The market is already well covered and again, I have no incentive to really establish my identity in Google Wave other than, say, MSN.

A good collaboration tool? Google Wave is this and I imagine we will see it grow and improve. I already regularly use Google Docs with my team because of the convenience it offers and I guess I will pop in to Wave should it offer us functionality we need at certain points in time. As a communication tool? No thanks, not really ready to ride the Wave as yet.

David Kennedy from Duke presented an incommon sponsered study concerning vendor (what Yanks call Service Providers) best practice regarding access management. Interesting to see how some common themes aligned with our publisher study and it supports us in making arguments to publishers from both sides of the Atlantic.