User Provisioning Project - ITLC Middleware Project

Note: This is the User Provisioning wiki's old home page. It has been archived. Please refer to the wiki's current home page.

ITLC Middleware Project Description:

UC ITLC is sponsoring a common UC Middleware to provide an architecture/approach that enables UC to more optimally leverage system wide information technology resources while still addressing campus specific operational differences and cultures.

Common Middleware provides a common tool set to facilitate sharing applications and services between campuses, promotes interoperability, creates opportunities for re-use, and provides opportunities for canpuses to act as ASPs, thus lowers costs in time, effort and resources both centrally and locally.

The goals specific to this project are:  A Pilot/Proof of concept operationalization of common UC Middleware and a White Paper with recommendation for common UC Middleware standards going forward.

User Provisioning has been selected as the proof of concept project for the ITLC Middleware Project.

User Provisioning Proof of Concept Project Overview and Goals:

UCTrust has provided a common infrastructure for identifying users to multi-campus applications, including information that can be used to make authorization decisions. The Shibboleth technology used by UCTrust provides that information at the start of an online session. However, we have learned that many applications need to incorporate contextual information about their users before those users' first sessions.

For example, the LMS employee training system must be able to send email to various categories of employees to inform them that they are due for legally-mandated training (such as sexual harassment prevention training for supervisors). While UCOP has built software to upload basic employee information to the LMS, each campus is required to create a process to upload basic information about non-employees who must (or can) take training, as well as complementary information not maintained by UCOP. A similar need exists for Connexxus and UC Ready, and would have been needed for At Your Service Online if the identity information had not already been in place within the payroll system.

The goal of the proposed project is to leverage the policies and agreements already established for UCTrust to develop a second software infrastructure that supports the exchange of identity information before, and independently of, the establishment of a user session. While it is unlikely that all campus-level implementation in support of multi-campus applications can be eliminated, not addressing this issue will mean that future applications will continue to require 10-12 separate development efforts to provision users.

The development of detailed specifications should be a collaborative effort of the ITAG and the UCTrust Work Group so as to maximally leverage the perspectives of both architecture and implementation experience perspectives (although there is considerable overlap in the membership in any case).

User Provisioning Proof of Concept Key Benefits and Deliverables:

The key benefit of a common framework is more rapid deployment and greater agility in launching multi-campus applications, with lower costs in time, effort, and resources both centrally and at the campus level.

The key deliverable is the common framework/infrastructure, probably based on a service bus, that can facilitate these exchanges of identity information. This includes a standard interface specification to be used by applications that require such identity information.

User Provisioning Proof of Concept Timeline:

The target for completion of this work is the end of calendar year 2011. This will, however, require work by each of the campuses, so the first milestone should be a checkpoint to giving the ITLC a go / no-go decision on whether to proceed to subsequent milestones. The first milestone, to be complete by the end of 2010, should deliver:

• A technical and business architecture to address these issues
• An approach / plan with the subsequent milestones to implement this architecture throughout UC
• An estimate of resources required for those subsequent milestones, both UC-wide and at each campus.

User Provisioning Proof of Concept Key Stakeholders:

• Primarily campus IT organizations who have to create the various processes and run them on an ongoing basis.
• Business officers seeking to implement new applications in a timely manner.

User Provisioning Proof of Concept Advisory Groups and Their Role:

• ITAG
• UCTrust Work Group

Project Sponsor: Chuck Rowley, Mary Doyle, Pete Siegel

Project Manager: Dede Bruno

Participants:

• Mary Doyle - UCSC
• Arlene Allen - UCSB
• Albert Wu - UCLA
• Chet Burgess - UCOP
• David Walker - UCD
• Dede Bruno - UCOP
• Max Garrick - UCI
• Tony Merriweather - UCLA
• Datta Mahabalagiri - UCLA
• Dedra Chamberlin - UCB
• Benjamin Oshrin - UCB
• Jeff McCullough - UCB

Milestones:

Status as of 02/03/11:

Milestones/Accomplishments Since Last Report;

• Start Detail Design for User Provisioning – 1/28/11 Completed

 Upcoming Milestones/ Next Steps Due Before Next Report:

• Create One Page Summary and Architectural Diagram for Detail Design for User Provisioning – 2/4/11 In Progress

 Milestones:

• Confirmation of short list for demonstration of proof of concept for common UC Middleware - 05/14/10 Completed
• Identify candidates for pilot/proof of concept for common UC Middleware - 05/21/10 Completed
• Present candidates to ITLC for provisional approval - 05/27/10 Completed
• Identify Team Members for P1 (architectural design concept) of Pilot - 6/24/10 Completed
• Identify and confirm functional design criteria for User Provisioning - 7/16/10 Completed
• Start Technical Design/Use Case Creation - 7/16/10 Completed
• Hold  Working Session for User Provisioning to start concept design - 07/16/10 Completed
• First Draft High Level Design components – 8/3/10 Completed
• Consolidate High Level Design components – 8/17/10 Completed
• Review consolidated Draft High Level Design components with Mary Doyle  – 8/17/10 Completed
• Distribute High Level Design to ITAG & UCTrust for validation and input – 8/24/10 Completed
• Incorporate input from ITAG & UCTrust to High Level Design validation and finalize High Level Design – 9/14/10 Completed
• Provide High Level Project Plan for User Provisioning Infrastructure – 9/14/10 Completed
• Identify potential candidates for User Provisioning/Middleware project – 9/14/10 Completed
• Complete Draft Proposal for User Provisioning/UC Wide ITLC Middleware Project for ITLC – 9/21/10 Completed
• Incorporate draft resource and time estimates to Draft High Level Project Plan for Provisioning Infrastructure – 9/21/10 Completed
• Finalize Proposal to present to ITLC 9/28 – 9/22/10 Completed
• Present Proposal for User Provisioning/UC Wide ITLC Middleware Project for ITLC – 9/28/10 Completed
• Complete Phase 1 of Project - 9/30/10 - Completed
• Identify Team  for User Provisioning/Detail Design for UC Wide ITLC Middleware Project for ITLC – 11/10/10 Completed
• Hold initial Detail Design Planning Session 11/19/10 Completed
• Start Detail Design for User Provisioning – 1/28/11 Completed
• Create One Page Summary and Architectural Diagram for Detail Design for User Provisioning – 2/4/11 In Progress
• Develop approach and plan to implement a demonstration of the proof of concept project – 3/15/11
• Estimate Resources required at each campus and UC-wide approach – 3/15/11
• Complete Detail Design – 4/15/11 In Progress
• Implement Proof of Concept Project - 12/31/11

Issues/Risks:

• Issue: None to Report. 

Meeting Schedule:

• January 28, 2011 - Detail Design Working Session - Agenda 01/28/11, Minutes 01/28/11
• November 19, 2010 - Detail Design Planning Session - Agenda 11/19/10
• November 8, 2010 - Agenda 11/08/10, Minutes 11/08/10
• October 19, 2010 - Agenda 10/19/10, Minutes 10/19/10
• October 1, 2010 - Agenda 10/01/10, Minutes 10/01/10
• September 21, 2010 - Agenda 09/21/10
• September 14, 2010 - Minutes 091410, Agenda 091410,
• August 31, 2010 - Minutes 08/31/10, Agenda 08/31/10
• August 17, 2010 - Minutes 08/17/10
• August 3, 2010 DRAFT High Level Design Review - Agenda 08/03/10, Minutes 8/3/10
• July 16, 2010 User Provisioning Working Session - Minutes 7/16/10

Documents:

• Background
  • User Provisioning - ITLC Proposal Presented by Mary Doyle 052710
  • ITLC Middleware Update Presented 052710
• Early Documents Related to Design
  • User Provisioning Project Objectives and Principles
  • User Provisioning Use Cases
• The High Level Design
  • User Provisioning High-Level Design
    • User Provisioning Use Cases
    • Service Provider High-Level Design
    • IAM Provider Notes and Observations
    • Thoughts about Interchange Formats
  • Implementation Project
    • High-Level User Provisioning Project Tasks
• Report to the ITLC
  • User Provisioning Project - Report to the ITLC - 2010-09-28 
  • Middleware User Provisioning Presentation Present to the ITLC 09/28/10
• Presentation
  • UserProvisioning-2010-09-15.ppt
• The Detail Design
  • Conceptual Design
  • Home

Related Web Sites:

• UCTrust Workgroup
• UC ITAG
• Platform Strategy