As You Like It Identity at JISC Conference 09

So, we had a great session at the JISC Conference 2009 on identity and both Lawrie and I were exteremely pleased with the audience feedback and involvement we had.  I won’t repeat the notes of what was discussed as the very diligent and accurate roving JISC blogger assigned to our session got those and they are here (many thanks for that).

What I will do is to go through what I got out of the session, a few more resources on identity and some of the material we didn’t get to cover.

So, starting on what I got out of the session:

- People are thinking a lot more about identity issues in academia; when we first started talking about identity in groups  (a good example being in the first blog post I ever did for JISC) , we had a large number of listeners and fewer particpants.  Great to see that more people have gone to find out more and are looking at how they need to deal with identity in their area;

- Universities such as Cardiff (thanks to David Harrison for mentioning this at the session) are starting to educate their students on how they need to deal with identity.  It would be useful to have more examples as one of the points raised in the session is that students are a key group to engage with;

- There are many people out in institutions who have a good grasp on the issues that need to be dealt with and an appreciation of what it means for their areas;

- Working with an audience rather than presenting to them can get the most out of a session for both the people leading the session and those attending.  I must admit I was a bit fearful of how this would work given we had a small room that was packed full (Lawrie even gave up his chair!) and it was quite a large group (70+);

- Identity is a complex subject yet it is one that can be approached simply by working with our peers to understand how it will affect how we work in academia;

- We can control our identity and reputation online, which benefits not only us but also our teams our departments and our institutions.  We need to think at a variety of scales;

In terms of resources, we had a jargon segment to try to explain key terms that are used within identity management.  I’ll stick my hand up to a few admissions:

- These weren’t intended to be ‘absolute’ definitions;

- They aren’t intended to be a comprehensive glossary - there are no doubt omissions but I feel it is best to start small and these are the most common (and often for a new user most confusing) terms that are heard;

- When I wrote them I was writing them for the average learner, teacher or student in an institution - yes they are simplified and lose some of the technical detail;

So, after all the excuses, here are the terms:

Identity credentials - generally a username and password but anything that identifies you as a user.  Also known more commonly as an ‘identity’.

Registration - ensuring that the person who you are issuing a set of identity credentials to is who they say they are.  When we talked about the birth of an identity in the session, registration is when this happens.

Authn - Authentication - re-verifying that the user is who they say they are before they are allowed to carry out an action.

Auths or authz - Authorisation - the process of verifying that someone who is trying to access a resource (be that a paper, journal article, some data or something else) is entitled to do so.

PII – Personally Identifiable Information - anything that can personally identify you or another person. This could be your name or a piece of information about you that could only apply to you.  This is what we most need to protect and ensure is up to date as it can affect our academic reputation.

User-centric identity - the concept of the user being able to control what information (PII or otherwise) they release about themselves and thus control their identity.

OpenID - a technology that came out of the social software world (think blogs and wikis) that allows you to control what information you release about yourself. One of the most popular user-centric identity systems.

OAuth - a new technology that allows applications or sites to carry out an action for a user without handing over user names and password details to another site. The best example is the recent talk over software like Tweetdeck being able to post comments to Twitter on behalf of users.

Federated identity - is where a series of bodies that provide identity credentials and a series of bodies that control access to resources get together to agree a common set of rules so someone who has identity credentials from any of the bodies that issue them can access resources from any of the bodies that control access to them.

UK federation - the body in the UK that provides federated identity for UK further and higher education.

Finally, here are a few further resources:

- The presentation and notes can be found here;

- www.pipl.com allows you to see what information is held about you.  You can equally use Google to do a similar search for yourself;

- http://openid.net tells you more aboutOpenID and how to get one;

- http://oauth.net/about/gives more information on OAuth and how it works;

- Andy Powell is running a symposium on access and identity management in e-research; more details can be found here;

- JISC’s latest project is producing an identity management toolkit for institutions.  More details on what it is doing can be found here;

I’d welcome comments on this blog, the events blog or tweets tagged with either #jisc09 or #jisc09_id.  We need to keep this discussion going and build on the good work done in the session.  If you have any direct questions on what JISC is doing in access and identity management going forward then please talk with Chris Brown, who is taking over this area from me.

Report on Identity management for lifelong learning

This report has just gone up on the e-learning blog so please click here to get to the blog post, which has a link through to the report and explains some of the context plus offers a chance to comment.  Following on after the Review of OpenID, it would be good to get folks’ comments on what they think.

As the post says:

The study was intended to describe current practices, envision future processes in identity management and explore identity management issues within the context of lifelong learning.

The study set out to detail the identity management lifecycle in a series of episodes within the educational journey of a lifelong learner, both in an ideal world and also as they are currently. It also looked at how far existing initiatives were meeting these requirements and to map the differences between the ideal world and what happens currently.

The use cases in the study were expected to cover provisioning of identity, maintenance of identity, deprovisioning of identity and provision of authenticated information about learners to other organisations.
The study was commissioned to aid understanding of the challenges facing the education sector in identity management for lifelong learning, and to support JISC in future planning in this area.

Audiences

Increasingly at JISC we are asking projects to look at who their audiences are and what the audience would like from the project.  I thought I’d write a post to explain what it is we are looking for as I realise it can be quite a confusing area.  I’d also welcome comments from those who are grappling with this at the moment so we can improve the advice we give and hopefully make it a positive experience for all concerned.

To set the background, looking in much more detail at audiences has recently become important for JISC.  Back in the ‘Thousand Flowers’ days we knew broadly who the audience was for projects and it was sufficient to broadly outline who the key stakeholders were (which, note, could be a larger group than the audience).  What was important was to get small projects out there experimenting with the technology and passing those lessons on to quite a broad audience who would pick up what was of interest to them.  Some projects would fail as a result of not quite connecting with their audience or simply not having an audience but that was all part of the risk-taking we did for the sector.  Fast forward to today and we are commissioning some very large projects and we are getting some of those to go along what we call the Development to Service route.  What this means is that we are interested in how they go from being a good idea to being something that can be used by others.  Unfortunately JISC can’t support all of those projects so we have to know which ones are of particular interest and for the others we’d like to help them find funding from other sources.   This is where knowing who could use the service and who would be interested in funding it proves to be vital.

So, how do you go about doing that?  I’ve tried to combine some do’s and don’ts below from projects that have been both successful and unsuccessful in finding audiences to use them.

DO:

- Get engaged with your community through events, mailing lists, blogs, etc and find out what they think about your idea and who they think would find it useful.  They are also likely to have some useful input into what you need to do.  A good recent example is my last post that I did on OpenID; the JISC-SHIB list are actively discussing its conclusions and helping suggest how we can take it forward;

- Identify named communities, institutions, companies and organisations who would be interested in your project.  It is so much easier if you can name members of your audience.   So, for example, my NAMES project is working very closely with the British Library.  That is so much better than saying the audience is ‘those in the academic community who would be interested in an authoritative registry of academic names’;

- Work with those named entities to establish their interest in your project.  They could well help with testing intial demos and prototypes or be able to offer some financial asssistance or resources in other areas such as connections to other similar initiatives or those who could help you;

- Talk with your programme manager who may be able to suggest useful people to get in touch with or audiences it may be useful to engage with;

- Put the work in on your project plan to identify key named audiences, record who those are and come back and revisit these, changing them as necessary;

- Get a demo or prototype out early so your potential audiences can see what it is you are doing and get to grips with it;

- Come along to JISC organised events such as Andy McGregor’s Developer Happiness Days  or the JISC Conference as they provide a good opportunity to talk about what you are doing and find more potential named interested parties for your audience;

DON’T:

- Define your audience so widely that it will be impossible to take practical action to engage with them.  If you’re aiming at ‘the UK academic community’ or ‘those interested in repositories’ then you need to be doing some more work;

- Skimp on engaging with your audience and getting their feedback.  You need their interest even if JISC are doing the funding as it provides evidence that what you are doing is useful;

- Use surveys as a substitute for engaging with your audience or finding it.  Surveys are useful but they can’t be used on their own;

Hopefully that is helpful and if you have something to add to the above then please post a comment.

JISC OpenID Report

This morning I got the final copy of this report so I popped it straight up onto the JISC site, which means you can see it around lunchtime if you click here.

We feel this is an important report for the sector as it reviews a technology that we constantly get asked questions about and up to now we haven’t had authoritative answers for.  OpenID is, without a doubt, an important technology but up until now there hasn’t been a comprehensive review of how it could be used in the higher and further education sectors.  This has led to a lot of speculation and rhetoric with very strong advocates for the technology but, equally, very strong critics.  We’re hoping this report will inform the debate, particularly given the project has also developed a gateway between OpenID and the UK federation so those with OpenID credentials can access Shibbolised resources (subject to the resource provider being happy with providing access).

Overall, the conclusions were:
i) there is considerable interest in OpenID in the commercial market place, with players such as Google and Microsoft taking an active interest. However,
ii) all commercial players want to be OpenID providers, since this gives them some control over the users, but fewer want to be service providers since this increases their risks without any balancing rewards
iii) until we can get some level of assurance about the registration of users and their attributes with the OpenID providers, it won’t be possible to use OpenID for granting access to resources of any real value. In other words, without a trust infrastructure OpenID will remain only of limited use for public access type resources such as blogs, personal repositories, and wikis
iv) imposing such a trust infrastructure with barriers to the acquisition and use of OpenIDs may be seen to negate its open-access, user-centric advantages
v) OpenID has a number of security vulnerabilities that currently have not been addressed, but at least one of these is also present in the current UK federation.

The implications from this are:
i) Whilst OpenID does have its security vulnerabilities and weaknesses, some of these are also shared by Shibboleth as it is currently designed. Other technologies may subsequently solve these and therefore this could have implications for the UK federation.
ii) The UK federation as currently deployed has a significant shortcoming which is the readiness of IdPs to disclose the real-world identity of users to SPs (as distinct from providing opaque persistent identifiers to support simple customisation). This is not a technical shortcoming but an operational one. Whilst it is relatively easy to solve, until it is, it limits the applicability of Shibboleth to personalised and other services which need to know who the users are. OpenID does not suffer from this limitation and therefore there might be use for it in some scenarios where trust issues can be resolved.

And, finally, the recommendations are:
i) The UK academic community should keep track of both OpenID and CardSpace identity management systems as they evolve. There is clearly a great demand for a ubiquitous secure identity management system, but no consensus yet as to what this should be.
ii) Now that a publicly available OpenID gateway has been built, publicise its availability to the community and monitor its applications and usage. If usage becomes substantial, consider productising the service.
iii) Consider offering a more secure and more trustworthy gateway registration service for SPs that do not use, or use more than, the eduPersonPrincipalName attribute. This will allow them to use OpenIDs for authentication and a wider selection of eduPerson attributes for authorisation. (The current self-registration service is clearly open to abuse).

I’d welcome any comments on the report and/or gateway.  I think what we need to do is to keep the debate going and share experience to ensure that researchers and learners can get the most of OpenID.

AHM2008

I am currently sitting waiting for a sleeper back to London so it seemed a good time to reflect on this year’s All Hands Meeting that I attended in Edinburgh, the main annual e-Science conference in the UK.  There were several changes for this year.  The first was the venue so goodbye to the East Midlands Conference Centre and hello to a multi-location venue in Edinburgh.  I think the overall reaction was positive with a variety of places to meet up with colleagues both on and off site and a series of venues from the National e-Science Centre (NeSC) to the Appleton Tower and the very shiny and slick Informatics Forum.  Accommodation was a little far from the main venue locations but had wireless and a good breakfast (always essential to get me going in the morning!).  Dinner was also very well received at Dynamic Earth, with plenty to look around before the dinner and plenty of opportunities to mix with colleagues old and new.  I was rather less convinced about having coffee breaks that ran through the sessions but most people seemed to get used to it and there was a good deal of material to fit in so you could forgive the programme committees from running out of space to get it all in! So, down to the sessions, which proved notable this year for being very much focused on researchers carrying out good research enabled by e-Science.   It seemed that this year we saw a good deal more adoption of the tools that we’ve heard about in previous years and that was good to see.  Whilst tool development is still vital, it’s equally vital that the tools are used in a production environment.My first session was a BoF run by Alex Hardisty and Neil Chue Hong on e-Infrastructure.   I think the level of attendance rather took the organisers by surprise and a couple of thought-provoking presentations helped kick off our consideration of the subject material.  I’ll pop a link in here to the conclusions of the session when I get it but, in summary:

•  e-Infrastructure is for everyone and is useful for a range of different challenges.  What determines its success is how it is used;
• e-Infrastructure is increasingly being used by researchers as part of what they do on a day to day basis;
• There are increasingly varied ways in which e-infrastructure can be used and this is likely to get more diverse into the future;
• There is a mix of requirements from e-Infrastructure.  Some are quite happy to glue together components and use it in a very ad hoc way.  Others would like a more structured approach.  All in all, it’s quite a complex landscape so it’s important to work with the researchers as to what best suits what they are doing;
• e-Infrastructure is already part of everyday research and that is likely to get to be more so as time goes on;

My first event followed after the BoF.  We’d invited an Australian delegation led by Dr Ann Borda to a drinks reception so that they could meet up with the eResearch team and members of the JISC Support of Research Committee (JSR).    There were some great conversations as all of the eResearch team got a chance to swap experiences of eResearch.  From my side, I got up to date with Australian developments in eResearch tools with Jane Hunter, Paul Davies and Ann Borda.  I also had a great conversation with Andrew Treloar, David Groenewegen and Paul Bonnington that ranged from approaches to data and the latest on ANDS to internet TV.  Finally, I got the chance to catch up over dinner with Andy Richards and Neil Geddes from the National Grid Service.  As always in these events, one of the main reasons for us to attend is to meet up with those who are out practising eResearch so I spent quite a lot of time on the stand on Tuesday.   It proved to be a great opportunity to catch up with some of my more recent projects so thanks to Tom Jackson from iREAD, Pete Burnap from SPIDER and Stephen Booth from Grid-SAFE for popping in and catching up.

I also had an interesting conversation with Andrew Cormack on PII (Personally Identifiable Information).  Andrew’s point was that most applications simply don’t need to ship PII and I would agree.  I think it’s often used as a comfort blanket but it’s a comfort blanket that carries its own risks.  If SPs (or RPs if you prefer that term) were to adhere to Kim Cameron’s second law (minimal disclosure for a constrained use)  from his Laws of Identity then the world would be a better place.   This brought us to an interesting case of what happens with grid computing.  It’s one of the few cases where you cannot get around issuing PII because you need to have a way of contacting the user in case their job fails or if it’s not going as intended.  However, it still adheres to Kim’s second law in that there is only the need to get a contact address for the user.

Finally, I talked with Richard Sinnott and David Medyckyj-Scott on geo data and access to more complex data sets. Richard has a long history of complex access to data sets, particularly around medical data and using roles to determine who can access what. I think we are reaching a stage where we can start moving towards a broader rollout of the technologies so that they become more ubiquitous and it is hopefully something we can build on top of Richard’s work and that of the data access projects we are currently running.  On the geo side, we are already running quite a few geo projects and I can see that location is going to prove to be increasingly important for research data and collaboration.  One of the initiatives that David is very much interested in is INSPIRE, a European directive to create a spatial data infrastructure in Europe.  I think INSPIRE is going to prove important over the next few years as it will help make spatial data easier to access and also provide an incentive to talk about spatial data in a common way.

POSTSCRIPT - This has been a long time in gestation as I’ve tried to get my notes down to a reasonable size for a blog post, which reflects just how much material there is at All Hands, making it a very worthwhile event to attend if you are involved in research and want to find new and better ways of doing research.

Less of the XML

I’m sitting in another conference where I’ve seen several presentations that are littered with XML that is then dissected ad nauseam.  Now, I’m sure that they are very valuable for the people who are presenting them and we’re all familiar with the pride with which we talk about our new ‘baby’.  Unfortunately, it switches off the bulk of the audience (I’m not just talking about myself, btw - there are several people who feel the same way).  So, if you’re a developer or technical manager then please resist the temptation to put XML in your presentation.  Diagrams to show how your system works are good (animated ones even better).  Short, concise slides that outline where your solution could be used and how it helps the user are good.  Short demonstrations of your system working are good.  Sharing all that lot on a site like SlideShare or on a website (which is what we do at JISC) is even better.

If you do this then you avoid the demoralising prospect of people switching off from what you are presenting altogether (and, yes, this even applies to technical people).  If someone wants to see exactly what is in the XML you output or  take in then you can safely rest assured that they’ll ask you about it over coffee.

IDM2008

Given this is my second blog entry in as many days you’re either in for a treat or the tedium continues; I leave  you to decide.  I’d also add that due to train issues, this and the above entry WERE written separately but offline as there doesn’t yet appear to be a 3G service that provides continuous coverage on the journeys I make; if anyone can suggest one then please comment below.

So,  today was IDM2008, billed as an opportunity for those from business and government to get together and share their experiences on identity management.  I was the representative from higher and further education and giving a presentation on Innovation, which outlined what we had done on the Access Management Federation and subsequent developments.

The day featured the following presentations;

·         Graham Morrison on getting Kerberos to solve the Home Office’s issues of ‘seamless authentication’ across a range of different systems.  I liked this one for a number of reasons.  The first was that it was using what was already there and proven to work, which I think is important in identity and access management (IAM).  Next, it has been kept simple – you can’t get much more simple than using Kerberos to issue a ticket to authenticate the user (the Ticket Granting Ticket) and a ticket to authorise them to do ‘stuff’ (the Session Ticket or TGS).  Finally, it deals with levels of assurance but only gets into heavyweight biometrics and role-based access control, etc when it needs to;

·         David McIntosh (hope I spelt that right) presenting on biometric technologies and SITC.  The former taught me that your ear echoes back any sound that is played into it in a unique way to you; interesting but not particularly useful unless you want to biometrically identify someone in a quiet environment.  The latter could be more widely useful to JISC as it is a body consisting of SMEs that would like to engage with universities;

·         Jim Slevin on Manchester Airports IDM systems.  A very topical presentation as the authentication of a user can now be carried out by National Identity Card, which has caused quite a stir in the papers this morning.  More interestingly, their focus was on delivering a capability, not a solution, which I think we should focus more on.  You can actually do something with a  capability;

·         Joe Baguely presented on AD as an identity store.  The sub-title was ‘are you mad?’ and I think this summed up many people’s impression of doing this but Joe presented a very convincing argument to re-use what is already in place with Active Directory (AD) and carried out a rather unsubtle plug for his organisation, which does this and I am not going to repeat here.  I also quite liked the idea of Segregation of Duties or SOD – I’ve known it as a concept but having an acronym somehow makes me feel so much better;

·         Fraud and IDM by Logica.  I quite liked the abstract for this so attended.  I didn’t entirely regret it but found out more interesting facts about fraud than necessarily the business case for IDM, which is why I’d originally gone;

·         Dave Nesbitt on how to avoid an identity trainwreck.  Whilst this was saying what we all know such as getting senior level sponsorship, having clear priorities on what is going to be done agreed with key users, iteratively deploying rather than going for big bang and technology is difficult, it’s the human stuff that is difficult, it’s all worth repeating.  Even the take home message was worthwhile: ‘IDM is many small projects to constantly improve your infrastructure that never end’;

·         David Bowen looked at how identity management worked at Great Ormond Street Hospital.  I didn’t learn much from this but had a sharp intake of breath on the mention that single sign-out is more difficult but more valuable than single sign-in.  On the Shib front I don’t think we are ever going to get there and we shouldn’t be trying given the issues, IMHO;

·         Yours truly was next up and if you read this blog and the stuff on what I do on the JISC site then you’re going to know what was presented;

·         Conn Crawford went through how local authorities approach identity management but specifically what Sunderland have been doing.  It was great to see Conn again.  He has a knack of connecting up a range of identity management ‘stuff’ to do really valuable things in the community.  What he has done ranges from federated solutions right the way through to user-centric identity management and he was presenting on the Let’s Go Sunderland portal he has put together that allows kids from a disadvantaged background to load up a smart card with activities they can attend.  They have an allowance every month and sign up for activities but the smart thing is that they also tell the portal what they are interested in, which gives the resource providers some anonymised marketing info back and hence an incentive to offer their resources to the scheme.  This is a great example of making personalisation work whilst protecting the individual;

·         Alan Coburn presented on Glow, a teaching and learning portal for Scottish schools.  I think the most interesting thing out of this was that schools wanted to sign up for it, hence there were a great number of users, and that they had used Shib but not the federation.  It turns out the latter was due to specifying it before the federation existed;

·         Hellmuth Broda had the rather unenviable task of being last up and went through Liberty Alliance.  All very good stuff but nothing new for me.  What was of more interest was his company’s creation of batches of unique codes that could be attached to 2D bar codes, RFID tags and text messages; basically, name a media and it could be attached.  The potential was huge as these codes linked to specific actions such as vouchers, one time visits to web sites, etc.  More info on this is at www.firstondemand.com;

 

Thanks also go to Professor Gloria Laycock, who did a great job chairing the meeting to the extent that we even finished early!  All in all, a useful day and there were quite a few contact I met during the day that I’ll follow up further.  Well worth a look next year if you are interested in identity management outside the education sector.

NGS Innovation Forum 2008

I was recently at the NGS (National Grid Service) Innovation Forum 2008 to find out what existing users of the NGS were doing and to see what the reaction was to future plans for NGS Phase 3.  The first, very encouraging, point was that there were more users there this year than there have been for previous years.  Secondly, these users were more diverse, with representation from researchers, e-science centres and support functions for researchers such as IS and research computing directors.

Day one started with presentations from researchers in biology and physics biomolecules with representatives from other research areas being amongst those at the event.  It has been particularly encouraging for JISC as a funder to see this transition of the NGS from providing resource predominantly for those in the ‘hard’ sciences such as physics and chemistry to greater provision for those in social sciences and the arts and humanities.  One message that remains, however, is that if the NGS is to get more users from a wider range of disciplines then they need to offer alternative methods of accessing the service to the command line and these need to be easy to use.  The benefits are very tangible, with one presentation reporting that modelling time had been taken down from one month to six  hours.

Michael Wilson then described how EGI (the European Grid Initiative) could involve the NGS amongst others and sparked off a very lively debate on who would take the NGI (National Grid Initiative) role for the UK that was required by EGI.  Whilst the UK and other countries have expressed an interest in EGI there is still no firm commitment and Michael’s talk stressed that EGI was only a co-ordinating body for European provision of grid infrastructure, not a funding body for national facilities, as has previously been the case with bodies such as EGEE.  This meant there needed to be national commitment to ensure that the UK was appropriately represented.

From the European perspective we moved to Daniel Katz’s presentation on TeraGrid, the American national grid.  There were a number of points that were particularly notable in the presentation, out of which the most interesting one was the concept of Campus Champions.  Campus Champions help promote TeraGrid and grid usage within their campus in exchange for attendance at TeraGrid meetings and a t-shirt!  More to the point, they are people who would like to encourage grid usage and work with those who are new to the grid to help them carry out their research more quickly or simply do new research.  It is something that we see happen on an ad hoc basis in the UK but gives food for thought on how we get phase 3 of the NGS to encourage new users.  Also of interest for me, with my access management hat on was TeraGrid’s experimental use of InCommon to access grid resources.

After lunch, the programme moved onto grid technologies.  There was a good section on Condor for managing campus grids.  Whilst there is often not much attention paid to grids within an institution they form a vital part of the infrastructure available to researchers.  Hugh Beedie also pointed out that they could be a very effective green alternative to high performance computing, especially given modern machines’ power efficiency.  Next up was a session on Clearspeed from Steven Young.  He described how there were four of these maths acceleration cards that now feature at the Oxford node of the NGS.  At this stage, there isn’t much use of them but they look promising for jobs that are maths intensive.

The day finished with presentations on the training available on the NGS (from David Ferguson) and Andy Richards talking about NGS Phase 3.  Both provoked lively debate from the audience and there was a great deal of interest in David’s offer to run training on a regional basis so if  you couldn’t attend the event and you read this then get in touch directly with the training team and find out about courses at http://www.nesc.ac.uk/training/.

Day two was a chance to tie up with the campus grid SIG and to look at what the experience was for those who had joined the NGS.  The overall conclusions seemed to be that whilst it wasn’t easy to set up the software, the NGS had a very active support community that made the whole process a easier and that there were tangible benefits from going through that process.  This led into how to make the NGS sustainable, which follows the general trend with projects in JISC that are moving to be a service.  It was a topic that received a good deal of audience feedback and I am hoping that this can be followed up after the event as it is not going to be an easy task keeping access as easy as possible whilst making sure that institutions are appropriately recompensed for what they contribute.

The day finished with presentations on new directions for the NGS.  Keir Hawker went through what data services were on offer, with a range of options from Oracle through to MySQL.  Mike Jones then went through how the SARoNGS project was working to allow users who were members of the UK Access Management Federation to get access to NGS resources.

So, what were the key points to take away from the meeting?  I think they were:

• Research is global and the grid offers a good way of working collaboratively within a trusted infrastructure.  It will be interesting to see how this ties into ongoing work on interfederation and virtual organisations in the identity and access management area;
• The NGS has a great deal to offer the researcher and they are very keen to engage with active researchers to help them carry out novel research or to make what they do more efficient;
• There are no doubt potential users of the NGS who could benefit enormously from using it so it is well worthwhile attending a training event or one of the e-Research Roadshows to find out more;
• Whilst there are resources to try the NGS that are free at the point of use, this model will not scale infinitely so there need to be equitable models for sustainability;
• There is a growing community of researchers from an increasingly wide range of disciplines but there still needs to be a focus on growing that further;
• The institution needs to get involved in helping its researchers access grid facilities as more and more research is collaborative in nature.  This is not just providing access to the NGS but includes grid resources on campus so that researchers have a range of resources available to them;

All in all, it looks to be an exciting future for the NGS.  The next major decision point is whether approval is granted by JSR for the Phase 3 proposal.  My thanks to Andy Richards and the team at NGS for a great event and inviting me along and paying for my accommodation.

New Research Project: Privacy Value Networks

I spotted this on the Oxford Internet Institute Newsletter, which may be of interest to those looking at privacy and identity.

3. New Research Project: Privacy Value Networks
————————————————–

The OII is to lead the £2m Privacy Value Networks project: one of three awarded funding under the Technology Strategy Board’s ‘Ensuring Privacy and Consent’ research programme. It will investigate the way the public thinks about privacy and how organisations can model the costs and benefits of processing personal information.

Project website: http://www.pvnets.org/

Project PI Dr Ian Brown, said: “Privacy has become a major issue in the UK, with worries about the development of a surveillance society. We are delighted to have this opportunity to carry out research that will ensure businesses and government agencies fully understand privacy concerns, and can provide effective and efficient services that properly deal with them.”

The project will look at privacy in a range of contexts. These include creating a sensor-enhanced Facebook to help understand how students might share or restrict automatically gathered information such as their location, current companions and activity. Researchers will also investigate how families share this type of information using a new mobile phone application, and how it might be used to improve the lives of children and the elderly while protecting their privacy and autonomy.

The project will look at the government’s own use of sensitive personal information in the Identity and Passport Service, and how it is interpreted by staff and passport applicants. It will also work with financial institutions to design privacy-friendly services that reduce the financial exclusion of those with limited or damaged credit histories.

Given it is sponsored by the TSB, who are doing quite significant projects in this area then I think it is is one to watch over the next few months.  I feel it has some interesting tie-ins with projects such as FLAME and is going to provide useful input into the future work that JISC are  looking to do on identity.

Grant 10/08: Project to Develop an Identity Toolkit

This all sounds a little complex from the title above but I’m really looking forward to some good responses on this grant (started off as a call but has now moved into our new money issuing process so has a different name).  More details can be found here.

For those with quite long memories the background to this was to take up a recommendation from the Identity Project  and provide funding for the development of an identity toolkit that would help universities and colleges with putting in an identity infrastructure. It’s work that has been done at some institutions already so people like Cardiff, for example, have done a good deal of work in this area.  However, what this grant aims to do is to bring together that good experience and provide it all in one place so that everyone can use it either a little or a lot, dependent on where they are in the cycle of managing identity.

We’re hoping this is going to be a very useful piece of work as more and more institutions are joining the federation and having to address the subject of identity management as part of moving to using the federation to control access to resources.  Whilst it is not going to be a panacea it should form an important part of the future work on identity and access management that is going to go ahead over the next few years.

Next Page →

• Search

  
  

• Recently Written

  • As You Like It Identity at JISC Conference 09
  • Report on Identity management for lifelong learning
  • Audiences
  • JISC OpenID Report
  • AHM2008
  • Less of the XML
  • IDM2008
  • NGS Innovation Forum 2008
  • New Research Project: Privacy Value Networks
  • Grant 10/08: Project to Develop an Identity Toolkit

• Categories

  • Access Management
  • eResearch
  • General
  • Identity Management
  • JISC
  • JISC09
  • Project Management
  • Uncategorized

• Archives

  • March 2009
  • January 2009
  • December 2008
  • November 2008
  • October 2008
  • September 2008
  • August 2008
  • July 2008
  • June 2008
  • May 2008

• Blogroll

  • WordPress.com
  • WordPress.org

• Admin

  • Login
  • WordPress
  • XHTML