Meeting of the Trust and Identity PAG, InCommon Steering, and the TCIC (2017 Global Summit)
Approval of Minutes - InCommon Steering minutes from April 3, 2017, have been approved via the wiki.
Trust and Identity Program Advisory Group (PAG)
Kevin Morooney reported that the Trust and Identity PAG has formed and this is the first meeting (in conjunction with InCommon Steering and the TIER Investor Community Council). Membership currently includes four members from InCommon Steering, four members from TCIC, and a representative from a regional network. There are still some openings, by design, which will be filled as the PAG determines additional constituencies that need to be represented. He noted that InCommon Steering will continue in its role. TCIC will still operate, although it will wind down as the initial investor phase of TIER will end in December 2018.
The Trust and Identity PAG membership includes:
Tom Barton, University of Chicago (as the temporary chair of CACTI)
Ted Hanss, University of Michigan Medical School
Klara Jelinkova, Rice University - serving as chair
Mark Johnson, MCNC
Ron Kraemer, Notre Dame University
Michele Norin, Rutgers University
John O'Keefe, Lafayette College
Sean Reynolds, Northwestern University
Kelli Trosvig, University of Michigan
CACTI - Committee Architecture Committee for Trust and Identity
CACTI has been formed, initially with 12 members:
Warren Anderson, University of Wisconsin-Milwaukee and LIGO
Tom Barton, University of Chicago
Rob Carter, Duke University
Nathan Dors, University of Washington
Jill Gemmill, Clemson University
Ann Harding, SWITCH (Switzerland)
Karen Herrington, Virginia Tech
Todd Higgins, Franklin and Marshall College
Tom Jordan, University of Wisconsin
Christos Kanellopoulos, GRNET (Greece)
Les LaCroix, Carleton College
Chris Phillips, CANARIE (Canada)
CACTI will assume the roles and responsibilities of the TIER Ad Hoc Advisory Committee and MACE. The InCommon TAC will continue to exist and work with InCommon. After the first two years, one-third of the CACTI membership will turn over each year.
InCommon Marketing and Segmentation Project
Kevin Morooney provided an extensive overview of the findings and data developed for the InCommon marketing and segmentation project (slides are here). The consultant has segmented the data in two ways:
- By market; that is, commercial, higher ed, non-profit (research agencies), and regional networks
- By personality segments (activists, scholars, functionalists, pacifists, minimalists) based on the respondent’s level of engagement
One of the consultant’s recommendations is to develop ways to encourage and reinforce the involvement of the activists and scholars. While we expected that many of these people would come from the large research universities, but there is also a large contingent among the L3 (smaller schools).
One key finding is that perceived value and satisfaction of InCommon are both very high - and value is even higher than satisfaction. From the consultant’s experience this is opposite of what he almost always sees (typically satisfaction is higher than value). This may mean that we are inexpensive, but also that we should explore ways we can increase value (such as increasing service levels).
Other food for thought:
- The combination of activists and scholars are important for the current and future success of InCommon activities.
- Can activists and scholars be differently engaged/leveraged to close knowledge and action gaps among functionalists and minimalists?
- Is there an opportunity for Internet2 to partner with EDUCAUSE to develop a support community for functionalists and minimalist?
- How can we get a keen sense of what is meant by “Identity as Service”?
- Are Google and Microsoft threats? Or does this indicate an opportunity to leverage the general purpose IAM capabilities that those companies offer, and define our role as meeting the challenges specific to education and research?
- Value leading satisfaction – challenges to be overcome with prioritization, speed of execution, scope of services, and expectations management
TIER Outreach and Communication
Ann West reported on a TIER workshop held prior to the RUCC meeting in Denver. The event provided an opportunity for feedback on the TIER effort. One recommendation is to define communications and outreach to three different campus roles: executive, architect, and implementer. This effort is underway. There have also been interviews conducted with CIOs from non-RUCC investor schools, which reinforced the need for targeted communications to those in key IAM roles.
Kevin noted that a number of campuses are rebooting their IAM infrastructure and are looking for information. This correlates with information provided by the marketing consultant.
Steve Zoppi provided an update on TIER development. The project has introduced the second full release of the combined suite of products. The development team can now run a new product through the development stage in a couple of days. This is all fully supported production-ready software, including the containers. A user guide has been produced for Grouper; guides for Shibboleth and COmanage will also be developed. Grouper has seen a significant increase in deployment since the first TIER containers appeared. We still need greater community adoption.
The TCIC conducted a survey to ensure that we are meeting investor needs and expectations. Twenty-seven investors returned the survey. In addition, five investor campuses have been interviews via phone (and two more are scheduled). Top questions/comments expressed included those concerning packaging, the registry, the API work, and provisioning. Other thoughts and insights:
- Overall communications were rated highly, but there are still a lot of questions about the value proposition, the need for technical documentation, and support materials to help in making the case with campus executives
- Surveys revealed that many campuses are not testing the TIER releases
- There were a number of suggestions for making the development process easier and faster
- Campuses need help with transition (roadmaps, planning, mapping, consulting, adoption)
- TIER is creating a focus for overall direction for trust and identity
- Campuses are not seeing themselves as part of the development process - but they must be - campuses must provide functional review - but there are campus resource issues
- There is a desire for commercial-grade services and documentation (can’t provide this with the seed money)
- Documentation for multiple audiences
- Local planning and integration assistant
- Example implementation case studies
- Business value documents
- Technical sales
- Support models
There was discussion about the components; one idea that emerged was that COmanage may need to be separated into its three distinct parts and renamed/rebranded. Some parts of the software are perceived not to scale.
There was general discussion about the business model for TIER once the investor funds have ended (end of 2018). Is this a commercial product? How will this become sustainable? Is there some sort of middle ground that can keep the software as open source, but provide some funding?
There was consensus that targeted communications to the CIOs and other campus executives is necessary, since those will be the decision makers on future investments. It would help to have materials that could, for instance, make the case to a CFO who may know very little about the area of identity management. There were general observations that campuses are turning more inward and projects like TIER must demonstrate that the campus will benefit in the near future – there is less support for the more general case of helping the higher education community.
The New Internet2 CEO
There was discussion about the information that this group would want to provide to the new CEO (expected to be named in May). General thoughts were:
- The need to rebuild the relationships with the NSF and NIH. The NSF provided funding for the original middleware work, which came through the NMI-Edit grant
- The case for the continued prioritization (both philosophically and financially) of Trust and Identity, particularly TIER and the InCommon Federation
- Continued alignment of Internet2 offices in support of the top priorities of the network and trust and identity
- Defining Internet2’s role with, and support for, the research community (which, admittedly, is a diverse group)
Dave Lambert joined the meeting and was asked about his thoughts.
- While progress is being made, trust and identity is still not deeply invested in the culture of Internet2, as the network is. There are historical reasons for this. It is critical, however, that we make progress in this area, given that we are providing a critical service to higher ed in this area
- We need to continue to help the entire Internet2 community understand the need for our trust and identity solutions
- Just as with the network, the issues are global in nature (not just national). The Internet2 work is critical (like TIER), but the approach has to take place within the global context
- InCommon and TIER are separate projects, but rely on the same technology. These are the main focus now, but are part of a broader trust and identity strategy (which we need to continue to define and articulate)