MACE-paccman Call 7-Jan-2010
Tom Dopirak, CMU, (chair)
R.L. “Bob” Morgan, University of Washington
Chris Hyzer, U. Penn
Tom Barton, U. Chicago
David Bantz, U. Alaska
Mark Scheible, NCSU
Rob Carter, Duke
Dan Seibert, UCSD
Renee Frost, Internet2
Ann West, Internet2
Steve Olshansky, Internet2
Emily Eisbruch, Internet2 (scribe)
**New Action Items**
[AI] (Everyone) review use cases, especially Kuali Rice responses
https://spaces.internet2.edu/display/macepaccman/Rice+KIM+and+selected+uses+cases
[AI] (Rob) will send Marc examples of similar use cases to the NC State use case. Rob and Marc will make a determination on uniqueness.
[AI] (TomD) and (R. L. Bob) will set a date for MACE review of the MACE-paccman charter.
[AI] (TomD) will share a white paper -- written several years ago -- on access management. Do not to forward it further without TomD’s permission.
[AI] (TomD) will ask Keith about workflow and access management, and request that Keith join a future call.
[AI] (R.L. Bob) will send the group a link to the Kantara Identity and Access Services working group.
**Carry Over Action Items**
[AI] (MichaelP) will work to polish the glossary, as a next step, until events warrant revisiting it.
[AI] (R.L. Bob) will separate “assurance” from “authentication” in the glossary.
[AI] (Rob) and (Paul) will look at Rob’s use cases and mapping to XACML.
*Use Cases*
Dan has responded to the use cases on the wiki from the Kuali Rice KIM perspective. Dan has asked additional Kuali people to look at it. He hopes to get comments and suggestions and possibly to update the wiki based on that feedback.
[AI] (Everyone) review use cases, especially Kuali Rice responses
https://spaces.internet2.edu/display/macepaccman/Rice+KIM+and+selected+uses+cases
*NC State Use Case*
Mark and Rob will talk more about the NC State use case to determine if it’s unique enough to add to the MACE-paccman use case library. This use case involves workflow, which is a theme that keeps coming up.
[AI] (Rob) will send Mark examples of similar use cases to the NC State use case. Rob and Mark will make a determination on uniqueness.
*Charter*
[AI] (TomD) and (R. L. Bob) will set a date for MACE review of the MACE-paccman charter.
The next MACE call is at the beginning of February.
*Diagramming Use Cases*
Ideas for standard ways of diagramming use cases:
Swim lane diagrams.
Tables
Graphl
Use Gliffy diagrams in Confluence. Example of a Gliffy diagram: https://spaces.internet2.edu/display/macepaccman/exploratory+diagram
One of the MACE-paccman goals is to present the use cases to a broader audience, making consistent representation highly desirable.
*Next Issues for MACE-paccman*
MACE-paccman is fairly far along on the first level of use case modeling. How should we spend the next couple of months?
Chris: Interested in discussion of web service interfaces for access and privilege management. What are common operations?
Bob: It would be valuable if MACE-paccman could provide guidance for campuses that are looking to do things in the privilege management area. Providing a high level summary of how to get started toward consistency and central services.
Rob: Formulate advice to give an institution that’s redoing IdM about how to structure IdM so it will be easier to implement privilege management.
Mark is creating an IdM and Access Management toolkit dealing with how to go from strategy to implementation.
[AI] (TomD) will share a white paper -- written several years ago -- on relationship between Identity Management and Privilege management. Do not to forward it further without TomD’s permission.
Chris: Interested in reviewing existing privilege management UIs.
MIT has a privilege management UI, Kuali has one… U-W has one, but only campus individuals can view it.
*Workflow*
Workflow is a substantial part of several of the use cases the MACE-paccman group has been addressing. Do we need to specifically model workflow?
Rob suggested that BPEL could be useful for expressing workflow. It was mentioned that the Kuali project backed away from BPEL and developed their own workflow engine for the short term. A limitation of BPEL is that everything it invokes is a service.
[AI] (TomD) will ask Keith about workflow and access management, and request that Keith join a future call.
**Opportunities to Present MACE-paccman's Work **
- Spring Internet2 Member Meeting, April 26-28
There will be a MACE-paccman working group session at the Internet2 SMM, April 26-28.
A track session may also feature the privilege management use case work to date. (Rob and Chris are interested in working on this.) Proposals are due Jan 29.
- Advanced CAMP, June 24-25
Plans are underway for Advanced CAMP: Identity Services Summit June 24-25, 2010.
The theme will be similar to the 2009 Advanced CAMP, focusing on ways to align Identity Services for Higher Ed Open/Community-Source Projects
https://spaces.internet2.edu/display/ACAMPIdSummit/Advanced+CAMP+Notes
Bob noted that a report out from MACE-paccman will be central at Advanced CAMP
- EDUCAUSE Annual Meeting, October 12–15 in Anaheim
Suggestion for a presentation at the EDUCAUSE annual meeting, possibly highlighting Internet2 Middleware collaborations with the Kuali project, including in MACE-paccman.
- Webinar
There may be a chance to present the MACE-paccman work in a webinar during 2010.
* Grouper Update *
Grouper 1.5 has been released. Rob reported that Duke is moving along with installation.
http://www.internet2.edu/grouper/software.html
Substantial progress has been made on Grouper/Rice Kim integration.
* Kantara Update *
Bob reported on the Kantara Initiative ( formerly Liberty Alliance). They are spinning up an Identity Services Working Group.
[Ai] Bob will send a link to the Kantara Identity Acess Services Working group. Some representatives of large
banks are participating.
http://kantarainitiative.org/confluence/display/ias/Home;jsessionid=4DB3F33FD6856DA5AEBD1F26B562F123
The Kantara Group will meet in Portland, March 9-11
http://www.regonline.com/builder/site/Default.aspx?eventid=800403
Next Meeting: Thursday, 21-Jan-2010, 1pm ET