EDUCAUSE Day 2
EDUCAUSE Day 2
Identity Management
Goal is easy and secure exchange among “known” individuals and secure access to restricted resources they know can be trusted without onerous access processes
Ideally there would be a single digital credential that positively identifies the person, positively identifies certifying authority, is presentable only by that person, is tamperproof, is accepted by all systems.
Positive identification could be picture (what we usually use now), fingerprints, DNA, but we may have role-based attributes too. Identity attributes could include birthday, address, group membership, city of birth, etc. Need to be able to answer these questions: is the person positively identified?; is their digital credential valid?; are they currently affiliated?; are authorization attributes valid?
Credential Assessment Framework Suite (see http://www.cio.gov/eauthentication/) -- defines levels of assurance. If you use only username/password, you can only get to level 2, need pki (cryptographic tokens) for level 3 and cryptographic hard tokens (smart card, usb token, etc.) for level 4.
InCommon (“most of us will probably be members eventually!) – makes it easier to trust guests.
Most universities have multiple “sources of authority”: HR, Student system, faculty, others?), and there may be multiple roles for any one person, so you need a reconciliation process. They break up into authentication (UID/password, PKID on token) and then authorization by particular service.
Lesson from Holbrook session (dynamic stability—great thing to try for?): tie your class projects back to your university so that you are building connections for alumni (e.g., photosynthesis module as demonstrated by football team, Krebs cycle by marching band, Jane the dinosaur as cheerleader) Can’t hurt?
IT Leadership Development discussion:
What does a CIO do? List generated by group: Communicates; sets policy; plays politics; builds consensus; provides vision; sets priorities; strategic planning; coordinates; professional development
To get there, you need to transition from tactical to strategic, be aware of broader perspective. People felt you need: skills, mentoring helps; academic degrees? (maybe not, recent ECAR survey says need for PhD declining); to know academic priorities (should read Chronicle – or InsideHigherEd—to see where university is going and how IT is viewed, can help), you need opportunities to show you’ve got leadership potential (CIOs in room felt that would be a good discussion to have with them); professional affiliations;
Ask CIO: what does a day in your life look like?; what keeps you up at night?
Most tech jobs are deep, but not broad—but you need to broaden yourself. Many times CIOs are coming from outside, even vendors, since many feel you should run IT more like a business.
One issues: distributed computing (how do you corral those cats?; how do you control faculty-run servers?). Take those issues forward and try to show you have everyone’s interest in mind. Define responsibilities of each group. Get ahead of power curve: give a brief presentation to trustees/president on upcoming issue (e.g., wireless) to help them understand and present your group as experts early. Use the “Ed Sullivan” approach: keep yourself in the background, but promote those using your help to accomplish things (faculty)—you’ll be in the picture!
Best practice: CIO moving to new position asks what key meetings and conferences people attend. Asks to go with them (many have IT-related tracks and you may even be able to present)—builds knowledge of what they need, what they hear. Can also ask them for what they think are short and long term issues and then post back to the group—some good ideas.
Advice: stop whining! (well, do your whining to someone in peer group that you can trust, but don’t do it at the “big table”.)
Upcoming EDUCAUSE conference (Chicago/May) on nextgen CIOs
Online Video Collections
Why?: users expect it, media streaming technologies are robust; media collections still are physical with short checkouts, copyright has been barrier.
They bought license with Films from Humanities and Sciences with “budget dust” (accumulation at end of year that will be swept up). Built implementation task force: library, media resources, classroom technology, center for instructional technology, IT, computing support.
Recommendations: campus infrastructure adequate, MPEG-4 format (compromise size/quality with MPEG-2), streaming options (bandwidth of 300 or 500k), download options for faculty (if license allows); quicktime player standard (dramatically reduces trouble calls); user access/authentication from in-house built database (opensource: mdid.org); small pilot project first, links in library catalog and searchable as a database too.
Goal: 1400 by Summer 06 (700 now—about 1.5 terabytes). Getting use (~200 hits in 9/05); rare complaints (good, because they are hard to troubleshoot); quality seems decent (better if “born digital”; they don’t watch each one, so may not know, but pilot showed worked OK)
Process: DVD received from vendor, “cataloged” into excel (for database and library formats), sent to CIT for encoding. Ripped by Handbrake (free w/ Mac OS)—very time consuming. Encoded using “Sorensen’s squeeze”—not free. 3 machines (Dual2.3Ghz G5) dedicated to rip task—processors/hard drive space most important criteria for purchase.
They upload files and send out catalog spreadsheets to db and catalog. Streaming server: apple x w/ x RAID, Dual 1.8 ghz, 1.1 TB storage in RAIDS, expandable to 4.6 w/ modules.
Issues: security (now IP, looking for VPN for off campus); format (flash may provide additional features, but will lock in vendor which is not desirable to them.) Impact on network? They don’t know
Copyright and licensing issues: he says TEACH covers only students in class, videos are “performed” so limited, rather than “displayed” which has no limit. Whole videos not “reasonable and limited portions” (what about clips??)
They custom negotiate licenses—try to get longest license (3-5 years are common), program files encoded to tech standards, security standards that fit infrastructure, ideally should permit justifiable fair use activities by end users.
Compromises: download option needs to be negotiated. They very carefully give workshops that demonstrate fair use—individuals may go farther. In general, larger distributors have more limited licenses, you can try to negotiate leeway.
See: http://www.centerforsocialmedia.org
http://www.centerforsocialmedia.org/rock/backgrounddocs/printable_rightsreport.pdf
Identity Management
Goal is easy and secure exchange among “known” individuals and secure access to restricted resources they know can be trusted without onerous access processes
Ideally there would be a single digital credential that positively identifies the person, positively identifies certifying authority, is presentable only by that person, is tamperproof, is accepted by all systems.
Positive identification could be picture (what we usually use now), fingerprints, DNA, but we may have role-based attributes too. Identity attributes could include birthday, address, group membership, city of birth, etc. Need to be able to answer these questions: is the person positively identified?; is their digital credential valid?; are they currently affiliated?; are authorization attributes valid?
Credential Assessment Framework Suite (see http://www.cio.gov/eauthentication/) -- defines levels of assurance. If you use only username/password, you can only get to level 2, need pki (cryptographic tokens) for level 3 and cryptographic hard tokens (smart card, usb token, etc.) for level 4.
InCommon (“most of us will probably be members eventually!) – makes it easier to trust guests.
Most universities have multiple “sources of authority”: HR, Student system, faculty, others?), and there may be multiple roles for any one person, so you need a reconciliation process. They break up into authentication (UID/password, PKID on token) and then authorization by particular service.
Lesson from Holbrook session (dynamic stability—great thing to try for?): tie your class projects back to your university so that you are building connections for alumni (e.g., photosynthesis module as demonstrated by football team, Krebs cycle by marching band, Jane the dinosaur as cheerleader) Can’t hurt?
IT Leadership Development discussion:
What does a CIO do? List generated by group: Communicates; sets policy; plays politics; builds consensus; provides vision; sets priorities; strategic planning; coordinates; professional development
To get there, you need to transition from tactical to strategic, be aware of broader perspective. People felt you need: skills, mentoring helps; academic degrees? (maybe not, recent ECAR survey says need for PhD declining); to know academic priorities (should read Chronicle – or InsideHigherEd—to see where university is going and how IT is viewed, can help), you need opportunities to show you’ve got leadership potential (CIOs in room felt that would be a good discussion to have with them); professional affiliations;
Ask CIO: what does a day in your life look like?; what keeps you up at night?
Most tech jobs are deep, but not broad—but you need to broaden yourself. Many times CIOs are coming from outside, even vendors, since many feel you should run IT more like a business.
One issues: distributed computing (how do you corral those cats?; how do you control faculty-run servers?). Take those issues forward and try to show you have everyone’s interest in mind. Define responsibilities of each group. Get ahead of power curve: give a brief presentation to trustees/president on upcoming issue (e.g., wireless) to help them understand and present your group as experts early. Use the “Ed Sullivan” approach: keep yourself in the background, but promote those using your help to accomplish things (faculty)—you’ll be in the picture!
Best practice: CIO moving to new position asks what key meetings and conferences people attend. Asks to go with them (many have IT-related tracks and you may even be able to present)—builds knowledge of what they need, what they hear. Can also ask them for what they think are short and long term issues and then post back to the group—some good ideas.
Advice: stop whining! (well, do your whining to someone in peer group that you can trust, but don’t do it at the “big table”.)
Upcoming EDUCAUSE conference (Chicago/May) on nextgen CIOs
Online Video Collections
Why?: users expect it, media streaming technologies are robust; media collections still are physical with short checkouts, copyright has been barrier.
They bought license with Films from Humanities and Sciences with “budget dust” (accumulation at end of year that will be swept up). Built implementation task force: library, media resources, classroom technology, center for instructional technology, IT, computing support.
Recommendations: campus infrastructure adequate, MPEG-4 format (compromise size/quality with MPEG-2), streaming options (bandwidth of 300 or 500k), download options for faculty (if license allows); quicktime player standard (dramatically reduces trouble calls); user access/authentication from in-house built database (opensource: mdid.org); small pilot project first, links in library catalog and searchable as a database too.
Goal: 1400 by Summer 06 (700 now—about 1.5 terabytes). Getting use (~200 hits in 9/05); rare complaints (good, because they are hard to troubleshoot); quality seems decent (better if “born digital”; they don’t watch each one, so may not know, but pilot showed worked OK)
Process: DVD received from vendor, “cataloged” into excel (for database and library formats), sent to CIT for encoding. Ripped by Handbrake (free w/ Mac OS)—very time consuming. Encoded using “Sorensen’s squeeze”—not free. 3 machines (Dual2.3Ghz G5) dedicated to rip task—processors/hard drive space most important criteria for purchase.
They upload files and send out catalog spreadsheets to db and catalog. Streaming server: apple x w/ x RAID, Dual 1.8 ghz, 1.1 TB storage in RAIDS, expandable to 4.6 w/ modules.
Issues: security (now IP, looking for VPN for off campus); format (flash may provide additional features, but will lock in vendor which is not desirable to them.) Impact on network? They don’t know
Copyright and licensing issues: he says TEACH covers only students in class, videos are “performed” so limited, rather than “displayed” which has no limit. Whole videos not “reasonable and limited portions” (what about clips??)
They custom negotiate licenses—try to get longest license (3-5 years are common), program files encoded to tech standards, security standards that fit infrastructure, ideally should permit justifiable fair use activities by end users.
Compromises: download option needs to be negotiated. They very carefully give workshops that demonstrate fair use—individuals may go farther. In general, larger distributors have more limited licenses, you can try to negotiate leeway.
See: http://www.centerforsocialmedia.org
http://www.centerforsocialmedia.org/rock/backgrounddocs/printable_rightsreport.pdf
0 Comments:
Post a Comment
<< Home