COmanage Call 21-Jan-2011

COmanage Call 21-Jan-2011

Attending

Heather Flanagan, Internet2 (chair)
Ken Klingenstein, Internet2
Chris Hyzer, U. Penn
Keith Hazelton, U. Wisc
R.L. "Bob" Morgan, U. Washington
Steven Carmody, Brown U.
Jim Leous, Pennsylvania State U.
Benn Oshrin, Internet2
Steve Olshansky, Internet2

New Action Items

[AI] Heather will track on a wiki page approaches to sharing metadata between collab platforms.

Carry Over Action Items

[AI] (Ken) will develop a one-page writeup on the differences between a VO IdMS versus an enterprise IdMS
[AI] (Benn and Keith) will talk about Bamboo's requirements for person registry.
[AI] (Ken) will email Bob B. regarding the possibility of speaking at ACAMP
[AI] (Heather) will schedule an Internet Identity webinar for iPlant IT staff.
[AI] (Ken) will contact David Groep about VOMS GUMS.
[AI] (Steven) will develop a one-page write-up on attribute aggregation.
[AI] (Jim) will check on whether there has been discussion on the CIC list concerning LIGO and the domesticated apps list.
[AI] (Heather) will ask U. Chicago people to contribute an academic (intra-institutional) use case to the COmanage use case library.
[AI] (Jim) will share ESWN call notes with the COmanage-dev list.

DISCUSSION

Development Report

Benn is working towards a February goal of having some core functionality running on the demo servers. This is not expected to be  a full demo; it will be similar to what was shown on the laptop at 2010 FMM.

After meetings and discussions with the VOs in February, the plan is to commit more firmly to a technical direction and technical road map, with details on what features / deliverables should be included for which COs.

Q: Is the registry - the interface to enter people into the population of interest -- in scope?

A: Benn; yes that is what I'm getting ready for the demo servers... mostly  it's the person registry part. The plan is to establish a basic service that understands an organizational identity versus a VO identity and has basic roles built into it. This will serve as a talking point with the VOs

Q: COmanage starts without a system of record. Is there something that corresponds to a person registry, where people get added?

A: Benn: in the current version, you can add someone as an organizational person (you can imagine they came in some other way, to demonstrate the point of external subjects) or provide basic support for doing an LDAP query to populate the organizational directory.

Summary: Benn wants people working with VOs to know that there is a call for requirements coming in early Feb. That should come out of LIGO, iPlant and maybe Bamboo.

VOs Report

 - Project Bamboo

Heather and Keith had a recent call with Project Bamboo folks, including Steve Masover.

• Project Bamboo is focused on the apps their scholars will need to use and has just starting to think about identity issues.

• They seemed pleased to have the chance to work together.

• SteveM was concerned about timelines and he wondered if COmaange will be ready for their demonstration project that must be done in their Phase I. Project Bamboo may create their own identity mechanism and later they might migrate to COmanage

• Project Bamboo will most likely have use cases about adding poeple to the registry and giving them roles.  So what Project Bamboo needs most is what LIGO needs most, which is a person registry. Keith thinks it wil all come together.

• Keith plans to interview Bruce Barton, at U-Wisc about Project Bamboo.

Benn: Regarding timing issues, we say we need a real customer to ensure we are developing for real requirements, but maybe we need to approximate what a real customer needs and create it, have running code, so that our timing will align with some real customer.

Keith: The capability that organizations need early is a way to get people in and make them appear available to the outside world via interfaces, such as Grouper. So having the people registry would get us ahead of our customers

Benn: Yes that is the path we are on now.

- ESWN

• JimL said that ChrisH demoed the ESWN COmanage instance on a recent OpenID call. It's coming along.
• ESWN had a recent board meeting and Rose (of Brown U and ESWN) did a demo there also. StevenC reported that demo went well.

- LIGO

• After the December 2010 LIGO meeting, LIGO was going to decide if they would create something on their own in short term.
• They have decided to work on their own to get back the functionality they lost in the MYLIGO platform when they transferred to a new homegrown system
• LIGO wants Heather and Benn to return in early Feb. to continue going over needs/requirements

- IPlant

• iPlant meeting (duration 2.5 days) will take place in Tucson in early February, to discuss design questions
• Scott K from LIGO will attend along with Ken, Heather and Benn.

- US Govt

- Ken will have more to report after an upcoming call w KevinT.
- There may some interest at NIH in using COmanage type services.
- We are engaging w Dept. of Energy via Mike Helm and his role w ESnet
- JimL reported that Penn State is involved with two DOE funded projects.

• Project One:
• CLSF (Center for Lignocellulose Structure and Formation) is a DOE Energy Frontiers Research Center focused on developing a detailed understanding of lignocellulose, the main structural material in plants.
• http://www.lignocellulose.org/
• Penn State is the PI.
   Also involved are  NC State and VA Tech,  NC A&M, and College of Rhode Island.
• Jim has worked with the manager of CLSF in relation to "Shibbing" the wiki. CLSF uses the wiki heavily, including wroting their grant with it.
• Jim has been encouraging people to use the wiki with their own institutional IDs.  There may be a role for Grouper there, integrating Grouper into the way they use Confluence.
• Jim had email discussion w Shib folks at NC State and VA tech and they are passing the EPPN.
• CLSF is starting 2nd year of 5 years of funding. Funding is ~$21 million
• There may be the chance to introduce CLSF to COmaange.

• Project Two:
• Energy Innovation Hub at Philadelphia Navy Yardhttp://www.research.psu.edu/news/2010/penn-state-to-lead-energy-efficient-building-designs
• Funding is ~$127 million.
• They are using SharePoint for collaboration, combined with some of the work ChrisH has done.
• There may be a chance to introduce them to COmanage

It was noted that a way to introduce COs to COmanage may be to expose them to Shib, Grouper, and/or Confluence first. Then COmanage can help solve access issues for COs.

Sharing Between Collab Management Platforms

Ken noted that collab management platforms will be a topic at the TF-EMC2 Meeting in Lyon in February.

http://www.terena.org/activities/tf-emc2/meetings/17/

Q: When there are instances of collab management platforms in diverse countries, what metadata needs to be shared between those for collaborations to work together?

Chris discussed the Grouper Group Sync capability, which is described here:

https://spaces.at.internet2.edu/display/Grouper/Syncing+groups+between+group+management+systems
 
  Bullets provided by Chris on the Grouper Syncing:

• You can link up one group from one Grouper with a group in another Grouper.  This uses Grouper Web Services.
• This can be push (cron), pull (cron), or incremental (means push cron and real time diffs)
• One Grouper needs WS credentials and privileges to read or update a group in another grouper.
• You need to configure how subject sources in one grouper “map” to subject sources in another grouper.  i.e. in one grouper, you have an identifier attribute in the subject source (e.g. eppn, but could be anything), which maps to the subject API id or identifier in the other Grouper
• If the subject does not exist in the other Grouper, you can optionally configure “addSubjectIfNotExist”, so that a call is triggered to the Grouper External Subject interface to create that external subject.  This is either built-in in the Grouper DB, or a customization to however external subjects are managed at the institution.  Note that customization could be a notification for someone or something to process the new user.
• If there are other attributes required to use the service (e.g. email address), that needs to be self-managed by the user (e.g. in the case of Grouper External Subjects module), or however that is managed at the institution.  If it is a pull type sync, then that attribute might be available via Grouper WS (depending on security).

[AI] Heather will track on a wiki page approaches to sharing metadata between collab platforms.

Next COmanage-Dev Call: Friday, 18-Feb-2011, 2 pm ET

4-Feb-2011 COmanage-dev call cancelled due to travel schedules