Conception of Educational Resources Organization and Access Management for Virtual University - PowerPoint PPT Presentation

Loading...

PPT – Conception of Educational Resources Organization and Access Management for Virtual University PowerPoint presentation | free to view - id: 215c3a-M2MzN



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Conception of Educational Resources Organization and Access Management for Virtual University

Description:

http://udec.ntu-kpi.kiev.ua. e-mail: vv_at_udec.ntu-kpi.kiev.ua. Authors: Vyacheslav Valuisky ... Modern University educational resources organization and an ... – PowerPoint PPT presentation

Number of Views:82
Avg rating:3.0/5.0
Slides: 35
Provided by: l266120
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Conception of Educational Resources Organization and Access Management for Virtual University


1
Conception of Educational Resources Organization
and Access Management for Virtual University
Ukrainian Institute for Information
Technologies in Education (UIITE) Technical
University of Ukraine Kyiv Polytechnic
Institute (NTUUKPI)
http//udec.ntu-kpi.kiev.ua e-mail
vv_at_udec.ntu-kpi.kiev.ua
Authors Vyacheslav Valuisky Inna
Malyukova Michael Goncharenko
2
Report Activities
  • Modern University educational resources
    organization and an access management
  • Analysis of worldwide activities, principal
    directions
  • Concept of software model for
  • intra-university and inter-universities
    education support.

3
Report Main Tasks
  • To analyze a main set of web-oriented virtual
    services which need to be accessible for modern
    (virtual) university students and staff.
  • To analyze and to determine principal points in
    line
  • to design of virtual university software
    architecture.
  • To analyze progressive worldwide solutions for
    above items.
  • To make recommendations.

4
Modern University Educational Resources
Organization (typical)
Virtual Laboratories
Virtual Knowledge Centers
Digital Libraries
Research Projects
Educational Projects
Internet
Web Content Management System
Full Screen Video Conferences
Computer Testing System
Distance Course SCORM format
E-Learning Platforms
Authoring Tools
Off-Line Client
Technical University of Delft (Netherlands)
5
Principal Points in Line to Design of Virtual
University Software Architecture.
  • A Single Sign-On authentication via Web for every
    user to all distributed restricted educational
    resources.
  • Web authorization for every user to access all
    distributed restricted educational resources.

6
Definitions
  • Authentication a registration of user for an
    access to resource as usually with login and
    password or other identifiers smart-cards,
    certificates, etc.
  • Authorization assignment of different rights
    for every user to access a resource (i.e.
    student, tutor, administrator, etc.)

7
Why these Principal Points are Selected
  • - Individual authentication and authorization
    for an every educational
  • resource
  • requires
  • -a lot of different logins and passwords for
    every user
  • -a lot of logins and passwords for all
    users
  • -administrators complicated support
  • -a lot of repositories
  • creates problems
  • -with inter-institutional and
    intra-institutional access to educational
    resources
  • -with development of e-learning using
    inter-institutional links
  • -with a virtual university organization

8
What well get
  • -a single login and password for user to access
    all educational resources
  • -easy inter-institutional and intra-institutional
    access to resources
  • -transparent organization of e-learning using
    inter-institutional links

9
Internet2IBM ProjectShibboleth WebISO model
Open Source software oriented
Shibboleth is a web-based inter-institutional
Single Sign-On (SSO) authentication and
attribute exchange mechanismfor an access to
educational resources. WebISO is a web-based
intra-institutional SSO authentication for an
access to educational resources
Shibboleth joints 262 Universities in the U.S.A.
A-Select (compatible with Shibboleth) has 150,000
users in higher education of the Netherlands in
2005
currently
http//shibboleth.internet2.edu/
http//middleware.internet2.edu/ http//www.a-sel
ect.org http//www.projectliberty.org/
Liberty joints 150 global organizations
10
A-Select
  • A-Select uses as a standard authentication
    platform in the Netherlands. There is designed
    initially as a commercial product. From 2004
    A-Select is open source.
  • Compatible with Shibboleth.
  • There are three product lines
  • A-Select Basis (a continuation of the
    current implementation)
  • A-Select Components (additional
    functionality such as attribute acquisition and
    authorisation)
  • A-Select Next Generation (NG) - research
    and development of the new A-Select platform.

11
Yesterday without Shibboleth
Yesterday - without Shibboleth
Disadvantages
-individual authentication and authorization
for every educational resource -a lot of
logins and passwords -problems with
inter- institutional access to resources -proble
ms with organization of e-learning
using inter-institutional links
e-Learning
University A
Virtual Labs
Virtual Knowledge Centers
Digital Libraries
e-Learning
University B
Virtual Labs
Virtual Knowledge Centers
Digital Libraries
Authentication
Authorization
Educational Resource
12
Intra-University Educational Resources
Organization (WebISO model)
Web Login Server
Users Database LDAP
Web Application Server 1
WebISO Agent
Web Application Server 2
WebISO Agent
User


Web Application Server N
WebISO Agent
SSO WebISO authentication
SSO Single Sign-On
13
WebISO Model Intra-Institutional Connection
WebISO aware Application
Web-based Application
Web-Application Agent
User
Web-Server (Apache, IIS)
SSO
Database user (LDAP)
Request to Access Web Application
WebISO Credential
0
1
Web Application
Login Service
Web Application Server 1
WebISO Credential
Web Application Server 2
Web Login Server
Single Sign-On
SSO
14
WebISO Related Software
Open Source software oriented
  • Pubcookie from the Pubcookie Team
    (http//www.pubcookie.org/)
  • Central Authentication Service (CAS)
  • from Yale University (http//www.yale.edu/tp/
    auth/)
  • WebAuth from Duke University (https//webauth.duke
    .edu/)
  • Campus-Wide Login (CWL) from University of
    British Columbia (http//www.cwl.ubc.ca/)
  • Bluestem from University of Illinois
  • (https//www-s.uiuc.edu/bluestem/notes/overvi
    ew.html)
  • Brown Web-Authentication from Brown University
    (http//www.brown.edu/Facilities/CIS/Network_Servi
    ces/web-auth/)
  • Stanford WebAuth (http//webauthv3.stanford.edu/)

15
Shibboleth Getting Attributesand Determining
Access
Shibboleth Protected
Shibboleth Protected
Shibboleth Indexical Reference Establisher
Shibboleth Attribute Requestor
5 Attribute Query Message 6 Attribute
Response Message
16
Shibboleth Authorization
Shibboleth Protected Resource Provider
University
User
User (Attempt to Access)
Shared Resource
Attribute Authority
HTTP Server
AQM (Attribute Query Message)
Attribute Release Policy
Manages Users Attributes
Other Shibboleth Components
ARM (Attribute Response Message)
SHAR (Shibboleth Attribute Requestor)
LDAP (LightWeight Directory Access Protocol)
University Users Database
17
Yesterday without Shibboleth
Yesterday - without Shibboleth
Disadvantages
-individual authentication and authorization
for every educational resource -a lot of
logins and passwords -problems with
inter- institutional access to resources -proble
ms with organization of e-learning
using inter-institutional links
e-Learning
University A
Virtual Labs
Virtual Knowledge Centers
Digital Libraries
e-Learning
University B
Virtual Labs
Virtual Knowledge Centers
Digital Libraries
Authentication
Authorization
Educational Resource
18
Currently with Shibboleth
Currently - with Shibboleth
Advantages
e-Learning
University A
-Single Sign-On authentication for every
educational resource -a single login
and password for user -easy inter- institutional
access to resources -transparent
organization of e-learning using inter-instituti
onal links
Virtual Labs
Virtual Knowledge Centers
Digital Libraries
Shibboleth Federation
e-Learning
University B
Virtual Labs
Virtual Knowledge Centers
Digital Libraries
Authentication
Authorization
Educational Resource
19
Shibboleth Federation(definition)
  • Shibboleth federation - is a group of
    organizations (universities, corporations,
    content providers, etc.) who agree to exchange
    attributes using the Shibboleth protocols.
  • As a rule, it has links to SSO and AA (Attribute
    Authority) of registered organizations.

20
Shibboleth Federations
Currently
2005 status 7 univer, 1 polytech, 58,000
logins 2006 status 12 univer., 15 polytech.
  • Haka, Finland (http//en.wikipedia.org/wiki/Finlan
    d)
  • InCommon, U.S.A. (http//www.incommonfederation.or
    g/ )
  • InQueue, world-wide (http//inqueue.internet2.edu/
    )
  • SDSS, UK (http//sdss.ac.uk/ )
  • SWITCHHaai, Switzerland (http//shibboleth.interne
    t2.edu/ )

262 universities
For testing Shibboleth
11 universities
21
Shibboleth Federations(examples)
  • InCommon, U.S.A. http//www.incommonfederation.org
    /
  • operates on a cost-recovery basis with fees
    reviewed annually.
  • Fees are a one time Participant Application
    Fee of 700. An annual fee of 1000 will be
    charged for the basic Sponsored Partner system
    package.
  • InQueue, world-wide (http//inqueue.internet2.edu/
    )
  • for testing Shibboleth installation and for
    learning how Shibboleth works (free access)

22
Shibboleth Related Software
JSTOR Moodle (E-Learning Platform) Napster NSDL
OCLC OLAT (E-Learning Platform) Ovid
Technologies Inc. Proquest Information and
Learning Serials Solutions SYMPA Thomson Gale
TWiki Useful Utilities - EZproxy Web Assign
WebCT (E-Learning Platform)
ArtSTOR Blackboard (E-Learning
Platform) Bodington.org (E-Learning Platform) CSA
Darwin Streaming Server Digitalbrain PLC
(E-Learning Platform) eAcademy EBSCO Publishing
Elsevier ScienceDirect ExLibris - SFX Fedora
(Web Content Management System) Higher Markets
Hupnet ILIAS (E-Learning Platform)
OS
OS
OS
OS
OS
OS
OS
OS
OS
OS
-open source
23
Shibboleth with commerciale-learning platforms
  • WebCT company supports Shibboleth for e-learning
    platforms WebCT Vista and WebCT CE using
    special shibboleth adapters
  • BlackBoard company supports Shibboleth for
    e-learning platform Blackboard using special
    Blackboard Building Block

24
Shibboleth with open sourcee-learning platforms
  • OLAT (On Line Learning And Training) supports
    Shibboleth completely
  • http//www.olat.unizh.ch (University of
    Zurich, Swiss)
  • Moodle currently supports Shibboleth
    authentication. A support of Shibboleth
    authorization is planned in the future
  • (http//moodle.org)

25
Shibboleth inside a separate University
Shibboleth Origin (ShibIdP)
User
As usually located in ShibIdP
Where are You From? may be located anywhere
WAYF
1
0
SSO
SSO (WebISO)
Restricted Web Resource Shibboleth Target (ShibSP)
26
Shibboleth Federation(local activities)
  • URAN (Ukrainian Research and Academic Network)
  • is established and operates under NTUUKPI
    leadership,
  • may be selected as local Shibboleth Federation

is established, 1998
Joints Basic Ukrainian Universities
URAN
Funded by NATO Grants-USD.300,000
Provides high speed Internet access
GEANT connected
27
URAN Regional Nodes
  • TU Kiev Polytechnic Institute
  • TU Kharkov Polytechnic Institute
  • Dnipropetrovsk Mine University
  • TU Lvivska Polytechnika
  • Odessa Mechnikov University
  • TU Donetsk
  • TU Zaporizhzhia
  • Institute for Biology of South Seas of NAS,
    Sevastopol

URAN Operators
28
New structure of NOC URAN in Kiev
Internet channel 3,5
Mbps
Kiev Central Node
Cisco 7206 VXR
Ministry of Education and Science
Ukraine Exchange
point IX-UA
KARnet
To RC and RN
155Mbps
64-2048 Kbps
network
MES local network
Cisco 7206
E1 2048
TDM digital network
1 GB
100MB
ATM digital network
CEF fiber optic line 100/1000 MB
NTUU "KPI" node and control centre
SWR AT8664
1MB
To Kiev
users 64-2048
512??i?/?
Kbps
1000MB
Local network
1 GB
Aviation University
SWR WGSW 2620
NTUU "KPI local network
Kiev cybernetic node
ICITS,
Cisco 2612
40 Glushkova
100/1000 MB
Pedagogical University
100/1000 MB
State Management Academy
Economic University
Medical University
Architecture University
29
Shibboleth Support (local activities)
  • UIITE (Ukrainian Institute for Information
    Technologies in Education)
  • of NTUUKPI
  • may be selected for Shibboleth support

9 International Projects Including
UNESCO Project CEEVU Central and
Eastern European University
UIITE
is established, 2000
uses e-learning platforms -IBM Lotus
LearningSpace Forum, -IBM Lotus LearningSpace
5.01, -Simurg, Experiences with e-learning
platforms -Moodle, -Atutor, Olat
more than -180 distance courses are developed
-2,000 Ukrainian specialists are trained,
retrained and certified in distance learning more
than 40 local organizations -5 Research
laboratories are opened -40 agreements are
signed with Ukrainian Educational
organizations -10 full screen videoconferences
via Internet with local and International
universities are provided including conference
with Kennedy Space Center in the U.S.A.
Full Screen Video Conferencing
30
UIITE Local Activities
  • Participation in development of Ukrainian
    Conception of Distance Learning
  • Project of National Program of Distance Learning
    (2002-2004)
  • the National Project of distance learning for
    secondary schools
  • Pilot Project Bachelor for NTUUKPI (complete
    support of bachelor degree for one faculty of
    NTUUKPI using distance learning technologies)
  • the National Project Preparation and Development
    of Human Potential in IT (IT Association and
    Universities)
  • Project Development of a Strategy of Information
    Society
  • (Ukrainian Federation of Informatics)
  • State Program Information and Communication
    Technologies in Education and Science
  • Pilot Project Information and Communication
    Technologies in Education in within one district
  • Project Virtual School

31
What we done practically
  • Shibboleth software (Identity Provider, Service
    Provider, Pub-Cookies) is installed and
    completely debugged for testing purposes at
    UIITE
  • Registration in InQueue World-wide Shibboleth
    Federation was done for UIITE and experiences
    with Shibboleth under InQueue support are started.

32
What we plan
  • To start experiences with completely shibbolized
    e-learning platform OLAT
  • To use UIITE LDAP repository for experiences with
    Shibboleth
  • To create a local Shibboleth Federation for test
    purposes on a base of UIITE
  • To learn possibilities of Netherlands National
    system A-Select at Delft Technical University
    during a visit to Delft from Feb.18 through March
    05, 2006.

33
Conclusion
  • Shibboleth (Internet2IBM) project may be
    recommended as a basic for development of virtual
    university architecture or any other distributed
    web-oriented educational organization
  • Shibboleth allows to use web-based Single Sign-On
    (SSO) for Inter-Institutional and
    Intra-Institutional access to educational
    resources and facilitates all procedures for
    modern education support
  • Shibboleth is supported by modern commercial
    e-learning platforms
  • Shibboleth is oriented for using of open source
    software
  • Shibboleth allows to use different types of
    distributed architectures for web-oriented
    learning
  • Shibboleth is most progressive technology in line
    to education support in modern university or any
    virtual university.

34
List of publications
  • Shibboleth, Internet2-mace-shibboleth-introduction
    -200404.pdf, URL http//sibboleth.internet2.edu.
  • Shibboleth, Internet2-mace-shibboleth-advantage-20
    0309.pdf, URL http//sibboleth.internet2.edu.
  • Shibboleth Architecture. Technical Overview,
    Draft-mace-shibboleth-tech-overview-latest.pdf,
    URL http//shibboleth.internet2.edu.
  • Shibboleth-Architecture DRAFT v05,
    draft-internet2-shibboleth-architecture-05.html,
    URL http//shibboleth.internet2.edu.
  • Shibboleth Documentation, http//sibboleth.interne
    t2.edu.
  • Shibboleth Target Deployment Guide, Shibboleth
    Version 1.2May 10, 2004 URL http//sibboleth.int
    ernet2.edu.
  • Shibboleth Target Deployment Guide, Shibboleth
    Version 1.1December 3, 2003, URL
    http//sibboleth.internet2.edu.
  • Shibboleth Target Deployment Guide, Shibboleth
    Version 1.2.1November 15, 2004, URL
    http//sibboleth.internet2.edu.
  • Shibboleth Origin Deployment Guide, Version
    1.2.1, November 15, 2004, URL http//sibboleth.in
    ternet2.edu.
  • Shibboleth Origin Deployment Guide, Version 1.2,
    July 2, 2004, URL http//sibboleth.internet2.edu.
  • Patrik Schnellmann, Valery Tschopp, Lukas
    Haemmerle. Install Shibboleth 1.3 Identity
    Provider on Debian 3.1 (sarge), Tomcat only with
    CAS SSO, URL http//www.switch.ch/aai/docs/shibb
    oleth/SWITCH/1.3/idp/install-idp-1.3-debian.html,
    pp.18, 2006.
  • Ken Klingenstein. Internet2 Shibboleth Project.
    TERENA Networking Conference 2002, Limerick,
    Ireland, pp.43.
  • Kathryn Huxtable. Identity Management
    Infrastructure at The University of Kansas, 11
    March 2005, AIMStalk.ppt.
  • James Burger. Shibboleth for Middle Schools,
    NSDL, 20040901-ms_shib_presentation.ppt.
  • Vyacheslav Valuisky. "Platforms of Distance
    Learning Support. The Analysis and the
    Compatibility". Journal of Multimedia Aided
    Education Research, 2005, vol.2, No.1,
    pp.103-111, Japan, Institute of Multimedia
    Education, 2-12, Wakaba, Mihama-ku, Chiba-Chi
    261-0014, Japan.
About PowerShow.com