Enabling Middleware for Academic Mobility

Registration + Attendee List: http://www.terena.org/events/details.php?event_id=1924

Attendees:| Lluís Alfons Ariño | Universitat Rovira i Virgili |

2:00pm:    Victoriano welcomed everyone.

2:10pm:     Simone Ravaioli gave an introduction of the group and what is the goal. This started with RS3G.

Implementation needs some work.

The Bologna process is a great idea - but the implementation needs work.

We need to work on the implementation - and this is what we are to work on at this event.

There are many ways of dealing with this….
* SOAP/REST
* Data Synchronisation
* OpenSocial <-- SURFnet Project COIN (COllaboration INfrastructure)
* …

Wednesday morning will focus on planning for the "Coding Camp" with an initial concept was to lock developers in a room and have them develop 12 web services that are interoperable at the end of the event.

The agenda is purposefully informal.

Simone, Italy, KION, part of consortium of Universities called CINECA which support approximately 75% of Universities. CO-Founded RS3G in 2007.

Roland Hedberg from SWEDEN. "Been around for some time". Initially working on Directories with Peter. Metadirectory project and implemented SAML in Python. His favourite programming language. Responsible for the registry within GEMBus.

Mikael B. Umea Univ. IT architect of the system. eduGAIN interfederation project. Lurks in TF-EMC2. Been an RS3G.

Toni Marín. Univ. Murcia. Spain. Diego told him to attend. Service composition witihin  GN3/GEMBus.

Olivier Salaün, CRU/France. National Identity

Erik van den Broek  (europass project).

Diego Lopez (RedIRIS). TF-EMC2 Chair. GEMBus Task Leader within the GN3 Project.

Brook Schofield (TERENA). Australian living in The Netherlands and is the Secretary of TERENAs mobility task forces (TF-EMC2 and TF-MNM).

Introductions over.

2:40pm:

SIS implementers explictly committed to the RS3G Mobility Project (http://wiki.teria.no/display/RS3G/Mobility+Project):* MUCI (Poland), Janina

• CINECA (Italy), Simone & Fabio
• SIGMA (Spain), Joan Ferrer
• LADOK (Sweden), Michael Berglund, Reijo Soreus
• FS (Norway), Geir Vangen
• HIS (Germany), Uwe Huebner
• Oodi (Finland), Antti Maki, Jorma Korkiakoski

Are there any more?
- There is a service in Austria written by Graz Uni ,
- STADS in Denmark, not in this co-op
- Kuali in USA, more than just a SIS but because of its wide range of components could become popular within some European institutions.
- ...

I’m glad to see there are additional people reading this :-)

2:45pm - Janina presented http://usos.edu.pl/Mobility/ this site contains a list of papers which are organised chronologically on the evolution of RS3Gs activities and the mobility project.

Simone questioned whether this was new or old information to the group. A significant number of the participants had not seen this presentation or were aware of this content.

Olivier didn’t believe that the difference between REST and SOAP was significant - he wanted to know why SOAP work was started and then a re-engineering in REST.

Roland talked about the ….

Once work on this REST implementation and workflow had been expressed Roland returned to his institution to discuss the workflow. The process within the University is very different that the process between Universities. There isn’t a lot of information being transferred between institutions.

Janina said that there is a lot of repetition of data between institutions for the co-ordination of courses etc. There is also a lot of communication to transfer a small amount of information.

Diego wanted to know how the learner agreements between institutions limited mobility. If you can move between any corner of Europe - can’t this happen after the fact.

Janina said that they want to transfer structured information to simplify the learning agreements.

Janina talked about the change of coding from ASCII to UTF8. This created problems that although database could store UTF8 - the personnel couldn’t type in UTF8 characters to search for people. This resulted in multiple database records for a single student.

Brook’s comment was to find out whether “two birds could be killed with one stone” by combining all enrolment and mobility transfers with the same process.

Simone returned to Olivier’s original question - what is the problem that we can possibly solve.

After returning from the coffee break, Simone displayed a mindmap of the issues.

Janina covered the schema that is used by the Polish SIS.

Day 2

9:40am - Simone started the “solutions day” and appointed Victoriano as moderator to ensure that the day started.

Diego talked about the GEMBus registry as a solution to discovery rather that UDDI.

Roland on “Why NOT UDDI?” Within GEMBus there was origingally the desire to have a UDDI interface, but Roland was instrumental in its removal from the specification. The ESB in use utilised OpenSearch/AtomPub and coupled with not just WSDL being used meant that relying on UDDI wasn’t a wise choice.

SPARQL (Web Ontology Query Language) http://en.wikipedia.org/wiki/SPARQL
PubSubhubub http://code.google.com/p/pubsubhubbub/

<editor’s note>What is the relationship between http://activitystrea.ms/ and PubSubhubub</editor’s note>

Taken from the Activity Stream specification: “If the Consumer wishes to maintain an synchronized copy of the data or get new activities as soon as they are available. They should subscribe to the resource as defined in the PubSubHubub specification”

Business Process Execution Language (BPEL)
Business Process Modeling Notation (BPMN - http://www.bpmn.org/)

On the discussion of BPEL and Orchestration languages for Web Services, Milan questioned whether this this level of complexity was required or whether we should be talking about wire interoperability between systems or overall orchestration.

Diego likened this work to a “Hello World!” example as a proof of concept on how more complex systems should be developed.

"Make everything as simple as possible, but not simpler."
--  Albert Einstein

A link to my REST document “RESTful implementation of the Mobility methods”.

Victoriano’s User Stories

Definitions:* IAE - Integrity, Authenticity, Encryptions

• PU -
• HU/HV -
• IROB -
• SOB -
• CP - Co-ordinating Professor
• Person - Person involved in the transfer (usually Student).

^^^I’ve put a truth table on the message vs channel signed vs encrypted debate above.
Authenticity and integrity of envelope data as well as the actual mobility data is needed
Encryption is done on the transport level (HTTPS)

TCS - TERENA Certificate Service https://www.terena.org/activities/tcs/
NREN - National Research and Education Networks

STESTA: Secure Trans European Services for Telematics between Administrations
http://ec.europa.eu/idabc/en/document/2097/5644.html#future

What we want?
Integrity - Transport level
Authentication -Transport level  ( ^ message level)
Encryption - Transport level

WS - Web Services
XMPP - eXtensible Messaging and Presence Protocol
BMT - Browser Mediated Transport
SMTP - Simple Mail Transfer Protocol
M2M - Machine to Machine
KM - Key Management
MN - Mobility Node

Security implementation remarks on Web Services* Every mobility node has to have a certificate (for now a TCS certificate, see https://www.terena.org/activities/tcs/)

Different cases:# Client## Request URL and certificate name of the server (mobility node of the partner institution)

1. 1. do a TLS connection to server, get server certificate
   2. check the name of the server from the registry with the respective part subjectDN of the server certificate (subjectAltname should have been checked by the TLS library already)
2. Server## require  client certificate
   1. TLS Accept
   2. check the name of the client with the name of the client certificate
   3. do the authorization (verify that all the statements inside the data are connected to this organisation, and that you have a bilateral agreement with that organisation)

--------------------------------------
Only accept TCS certificate

More information about TCS certificates at http://terena.org/tcs
NB: You need to request certificates via your NREN. TERENA doesn’t offer the service directly.

Day 3

The “Passport” requirements for the coding camp:* Revision of the Mobility node by January 15th with TLS support.

• Nodes to be deployed in (Italy, Poland, Spain, Germany, Norway, Sweden, Finland, Portugal)

Course/Grade and how that is expressed in a …

Chad? from Uni Vienna has expressed the entire course catalogue in MLO (Metadata for Learning Opportunities). http://www.google.com/search?q=metadata+for+learning+opportunites
http://www.cen-ltso.net/main.aspx?put=1042

Simone asks the question “What do you want to get from this coding camp?”

Janina recommends that the event be called - “Mobility CAMP”

CODING CAMP

Proposed dates:* Mon 14 - Wed 16, March

• Wed 23 - Frid 25, March

https://foodl.org/foodle/Mobility-CAMP-4d089 <-- used to decide on the times

Proposed location:

• University Balearic Islands - Palma, Mallorca.
• http://www.uib.cat/

Objective:

The objective of the coding camp is to test the  RS3G Mobility Project Network by
- successfully exchanging data among the participating partners in a test enviroment
- using the agreed upon architecture and solution (outcome of Malaga meeting)
- by “pushing the button” in a test environment previously prepared
- going from SIS (Student information System) system-to-system where available.

Participants
Business: IRO Officer s(Day 1)
Technical:  Developers, Architects, Network specialists (Day 2-3)

Ideally the IRO participants should come from one of the universities running the systems managed by the implementers involved in the project (KION, MUCI, SIGMA, LADOK, FS, OODI, HIS... )

The Digital Student Data Portability (DSDP) Task Force in EAIE may be involved in organizing Day 1 (agenda and participants).

Schedule for the Mobility CAMP
Day 1 - Business Process Review and Validation* (Morning) Demontration of the workflow as demonstrated by IRO staff.

• Clarification of the processes and what components can be implemented.
• Paper that clarifies how software can support the processes of IROs.

Day 2 - Technical Day  (may include break-out sessions)* Review of Technical contstraints (e.g. Tomcat vs Glassfish)

• Connectivity between the partcipating “nodes” ** “push the button”
  • system-to-system if possible (from SIS database, onto the network, over to the other node)  MUCI, KION, SIGMA, Porto...
  • REST vs SOAP approach
• Webservices finalization

Day 3 - Technical Day (may include break-out sessions)* Service Registry update (Roland - UMEA)

• workflow process modeling using BPEL (Toni - MURCIA)
• GemBus update (Diego - RedIris)
• evolutionary roadmap defininition

Homework  (preparation)* Data Format assessment (define exactly what data)

• Nodes set-up
• Schema review (for example check with MLO XML)
• prepare SIS enviroment to run “push the button” test (integrate with SIS)

Tasks* Describe the details of the “WS” selected interim solution above (Victoriano, Milan)

• Define the technical preparatory activities in detail (Janina)
• Propose an appropriate “coding camp” agenda structure - sessions (Peter)
• Select official meeting date (Foodle)
• Organize logistics (Louis)
• Do the homework (all, particularly the implementers)!

Peter thanked Victoriano for his hospitality and co-ordination of the event.

Date the next meeting being a telco: Wednesday 12. January 11:30
Phone: +31 2053 09271
SIP:   conf1@terena.org
PIN:   4488#