CSG Spring 2014 – Notre Dame – Identity Landscaping Workshop

A very brief history of Identity in Higher Education – a short stroll down memory lane: Michael Gettes

In the beginning: essentially no security on the Internet; then CMU did Andrewy, MIT did Athena in the ’80s; BITNET-III, a project to use home University creds to access remote modem pools and central bill the University – FAIL!

94/6 – slapd emerges from uMich (LDAP), 1998 OpenLDAP project started. Most of uMich slapd team moves to Netscape in ’98.Public Key + LDAP – cost effective PKI – still 19 months away.

Various SSO efforts: MIT Kerberos; Yale CAS; Michigan CoSign; Washington PubCookie; Many WebAuths. Did WebISO effort in Internet2.


September 1999, Ken Klingenstein, first ideas of inter-org AutnN/AuthZ on the web.

1998 – MACE fomred – first projects: DoDHE, eduPerson, Shibboleth. 

US Federal Viewpoint – HSPD1-12 mandated government-wide secure IDs for all employees + contractors. Yielded NIST FIPS 201 – PIV, using PKI, LDAP/X.500 and friends. Ded E-Auth initiative spawns guidance. InCommon Bronze/Silver != Fed 1-4 but comparable.

NSF Middleware (NMI-EDIT) – 2002 – 2006 collab between I2MI and GRID. Produced tons of stuff, regular software package releases of many components.

2004- InCommon is born. IBM tried to patent Shib/SAML, but were unsuccessful. SAML largely developed by RL Bob Morgan and Scott Cantor. 10 years lager.. InCommon is critical infrastructure to many Universities. 

What worked/works: Shibboleth, simpleSAMLphp, SAML 2.0 by vendors; LDAP (eduPerson, LDAP-Recipe); Grouper; Middleware Resarch; CAMPS; Global collaborations; NMI-EDIT; InCommon! (~600 participants, >7.5 million users; 10 years).

Not so much: Signet (Priv Mgmt System – didn’t take off); DoDHE (Directory of Directories); USHER – Root CA for HE – couldn’t get it in the browsers; Voice/Video AuthN/Z – still proprietary; EDDY – Distributed Diagnistics; InCommon Bronze, Silver, Gold – not a lot of uptake yet. 

PKI Still 18 months away!

And we move on…

SHibboleth Consortium formed; REFEDS (locus for R+E federation operators_; CommIT project; Scalable Privacy Grant; IAM test-bed emerging; Multi-factor authentication; Provisioning and integration – practices for all. Still much to do – Trusted Identity in Education and Research (TIER).

IAM Test-bed: https://spaces.internet2.edu/display/InCCollaborate/IAM+Testbet


CSG Winter 2014 – Digital Campus: IT, Media Management, Innovation, pt. 1: Vision

It was nice to make the change from -10 degrees in Chicago to 70 in San Diego! We’re being hosted for the Winter meeting by the kind folks from UC San Diego.

Kelly Doney from Georgetown kicks off the full-day workshop on the Digital Campus. With all the digital changes we see on campus, are these all a natural evolution of the role of CIO or is there something new? We’ll hear from Ron Kramer (Notre Dame) who has the title of Chief Digital Officer in addition to CIO. Is the role of the CIO changing? Is there a role for a Chief Digital Officer?

Survey results (15 institutions responding) – Only 2 institutions have a Digital strategy, but many are thinking about it. CIO is sharing responsibility for driving the digital strategy or directly responsible in 12 of the 15 schools.  MIT and Notre Dame have a CDO, at Notre Dame it’s the same person as the CIO. At MIT, the CIO is not directly involved in the institutional digital strategy.  What is the primary reason the campus does not have a CDO – Mostly because digital issues are handled adequately by multiple offices across campus, and the need to centralize ind a CDO is not pervasive or possible.  Conclusions – a formal digital strategy seems rare. Digital can be and is handled by the CIO. Very few feel the need to appoint a CDO.

Ron Kramer, Notre Dame

What is the role of the CIO and IT in driving the campus “digital strategy” and creating the “digital campus” of the future?

Is this a time where we can take advantage of things going on around us to serve the universities better?

“Anything we render as digital can be open to measurement, learning, and ultimately iteration – nothing is finished and nothing is final”. So what is our role? Does IT become part of the conversation, influence outcomes, or take a leadership role?  The IT organizations are the only ones that touch all the parts of the University, so that’s why it became the focal point of this effort at Notre Dame. Is the “digital phenomena” different enough to take special note? Is the core of what we do being disrupted by “digital”?

What’s in the CDO portfolio? Some possible examples: Operating the classroom; Evolving the Library; Creating and managing learning materials; Enabling digital publishing; Orchestrating the mobile ecosystem; Enhancing campus life when mobile enabled; Producing and managing video (going to build a $30 million digital media center at Notre Dame); Building new production facilities; Archiving, curating & preserving digital assets; Supporting research and data analytics; Delivering a demanding fan experience; Supporting increasing monitoring and tracking; Guiding architecture and design.

Lots of corporations are appointing CDOs, which came about largely from the marketing role. What is the role in higher ed of the marketing communications role? One school noted that the conversation is driven by the tactical (not strategic) orientation of the public affairs and communications role.

Panel – 

Lisa Davis, Georgetown (CIO and VP for Information Services). Working closely with the COO and the Provost to figure out what a digital campus looks like and how they will evolve Georgetown. Looking at using digital tools and content to drive revenue back into the university to move the institution forward.

Tracey Futhey – Duke. 0s and 1s have been our life since we started our jobs, so what’s this new mantra? Historically we thought of partners as being the business people for enterprise systems, or the faculty for research computing, today the list of partners is further expanded, but that doesn’t mean there’s a need for a different strategy or title. But it is different than looking at IT as just the plumber role, but many IT organizations have already made that evolution.

Scott Midkiff – VP of IT and CIO at VA Tech. The combination of strategy and operations is important to have the leverage and resources to achieve new goals. Partnerships are important as we move new strategies forward. There are evolutions, but there are always areas where we have to be thinking about strategies, but might not need a new role or title.

There are lots of organizations at our universities that have been fairly siloed and digital has the capability of transforming the ways they do business – having those conversations is what’s important.

Ron – If there is going to be a CDO, wouldn’t we want it to be the CIO?

At Harvard there’s a CDO, which grew out of the Communications office, is very tied to the campaign and external public digital communications.

Adobe was talking to 9 different units at Notre Dame, poised to sell each of them Digital Publisher licenses. Ron was able to coordinate that conversation. They also had 5 different units trying to build production studios – there was advantage of having the CDO role to be in that conversation and helping to coordinate.