COmanage Call 2-April-2010
*Attending*
Heather Flanagan, Stanford (chair)
Ken Klingenstein, Internet2
Tom Barton, U. Chicago
Rebecca Wilson Lundin, Penn. State U.
Jim Leous, Penn. State U.
Ann West, Internet2
Renee Frost, Internet2
Steve Olshansky, Internet2
Emily Eisbruch, Internet2 (scribe)
*New Action Items*
[AI] (All) send Renee ideas on lists/websites/publications on which to publicize the COmanage job opening.
[AI] (Ken) will email the COmanage-dev list about logistics for a call with the Dutch.
[AI] (Ken) will create slides about the COmanage paths and which ones are useful
[AI] (Ken) will develop and distribute flow diagrams showing attribute aggregation strategies.
[AI] (Ken) will talk with Steven about providing COmanage service to the VOs Steven is in contact with.
*Carry Over Action Items*
[AI] Jim will send the group some screenshots of the Penn State Confluence dashboard.
[AI] (Jim) will send out info about a potential Energy Dept. hub
[AI] (Tom) and (Ken) will discuss moving forward on incorporating the Grouper Lite UI into COmanage.
[AI] (Jim) will discuss with Kevin possible CIC engagement with COmanage.
[AI] (Ken) will follow up with Niels about domesticating Adobe Connect.
[AI] (Danno) will continue to pursue communication with U. Minnesota about domesticating Adobe Connect.
[AI] (Heather) will resubmit the request for COmanage service for the Ivy+ Infrastructure.
*DISCUSSION*
*Job Description for COmanage*
Ideas on where to post the Project Coordinator/Integrator job description:
- Chronicle of Higher Education - Jim says it may include an RSS feed of just IT jobs - he will send Renee the URL for that.
- CraigsList
- HPC Wire Job Bank (http://www.hpcwire.com/jobbank/)
- Career Path online service
- LinkedIn (IT Architects Group, plus others TBD)
- Talk with Contacts in Higher Ed
[AI] (All) send Renee ideas on lists/websites/publications on which to publicize the COmanage job opening.
*COmanage Documentation*
Rebecca is on hold in her effort to document how to install and how to work with COmanage. Chris needs time to get COmanage working in order for Rebecca to begin that. In the meantime, Rebecca is working under Jim's direction on documenting a vision for collaboration management and the humanities. She is looking at the Penn State Institute for the Arts and Humanities as well as at external humanities collaborations.
*Campus Bridging Workshop*
Ken will attend the Campus Bridging Technologies Workshop, April 7-8 in Indianapolis. Ken has submitted a white paper covering concepts including attribute based access control.
http://ndcampusbridging.iu-pti.org/
*Call with Dutch*
The April 1 call with the Dutch was postponed. Most likely a call will be held on Thurs. April 8.
[AI] (Ken) will email the COmanage-dev list about logistics for a call with the Dutch.
*COmanage as a Service*
It's clear COmanage has an important role in the area of identities, groups and attributes. Questions have been raised on whether a service like COmanage will run applications directly, or whether it will manage identity and access for apps run and hosted by participating organizations/VOs. It has been speculated that in the future, most applications will be run by Google Apps for Education. Ken thinks COmanage will retain a role running applications in the future, especially with institutions being concerned about privacy and compliance issues with Google-provided applications.
It was noted that both options should be open -- COmanage running applications and COmanage providing identity services but not running applications.
[AI] (Ken) will create slides about up the COmanage paths and which ones are useful.
*GENI Meeting and Attribute Aggregation Issue*
Ken reported that at the 7th GENI Engineering Conference, March 16 - 18, at Duke, there was interest in attribute based access control.
COmanage was discussed as a way to create and manage the attributes. There were questions about where the attribute aggregation should happen: in COmanage or at the relying party?
Tom stated that he has thought of COmanage as a central, convenient, transparent point of a federation of applications.
So attribute management should happen in COmanage.
This could be an efficient division of labor, with COmanage handling attributes from many different sources. A way to look at this model is that the COmanage instance lies between the external IdP and the VO. Statistical reporting is possible from the COmanage platform, e.g. reporting on how many students logged over a certain period.
For applications housed locally in some scientific organizations, there will also be a second pass mechanism for authorization. This applies to TeraGrid.
De-provisioning users can be handled in large part through authorization processes, with a de-provisioned user being denied access.
COmanage will most likely need to be registered in the InCommon federation as an SP, either part of a campus SP, or as a sponsored SP.
[AI] (Ken) will develop and distribute flow diagrams showing attribute aggregation strategies.
*Servicing VOs*
Within Internet2 or InCommon, can we get a several-year commitment to providing COmanage as a service to interested VOs? Tom suggested a progression of smaller steps, including asking a hosting campus to host the applications. A multi-year commitment to COmanage is easier if it does not include hosting applications.
[AI] (Ken) will talk with Steven about providing COmanage service to the VOs Steven is in contact with.
*Internet2 Spring Member Meeting*
Ken reported that the NIH representative will be at the SMM. Ken will invite her to the COmanage sessions so she can report back to the NIH.
COmanage SMM Events to Note:
- Interfederation Meeting (Invitation Only)
April 25, 5:00 PM - 7:00 PM, Salons E/F
- The first hour will focus on COmanage and the Dutch COIN project.
- The second hour will focus on Interfederation issues.
- COmanage Working Group
April 26, 9:15 AM - 10:15 AM, Salon A
- Federated Collaboration Approaches (Track Session)
April 27, 8:45 AM - 10:00 AM, Salon A
Speakers: Heather, Steven, Michael and Niels
*COmanage WAYF Issue*
Ken noted that the COmanage WAYF is not same as the Spaces WAYF. The Spaces WAYF has more international federations.
Is there a lightweight way of solving this using interfederation approaches? The idea was floated of creating a bucket of SPs that are used by many international federations. It would be helpful to establish a single point of registration.
Next call: Fri. April 16 at 2pm ET.