Upload
nancy-farmer
View
212
Download
0
Tags:
Embed Size (px)
Citation preview
Web Services in Higher Education
Jim Farmer
instructional media + magic, inc.
New York UniversityFriday · October 18, 2002 · New York, New York
i n s t r u c t i o n a l m e d i a + m a g i c, i n c.
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Opinion
• Web Services technologies, including portals, are over-hyped, but real.
• These technologies have simultaneously demonstrated reduced investment and operating costs and improved service.
• Portal and Web Services technologies are “disruptive technologies.”
• Enterprise Resource Planning (ERP) architecture is obsolete, and will be replaced by application component architecture.
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Observations
Successful portal/Web Services implementations typically have:• Top level commitment to simultaneously
reduce unit cost of administration and improve on-line services.
• CIO sharply aligned with business objectives.
• Re-engineered business processes.
• IT staff retrained in the new technologies.Based on presentations by the Universities of British
Columbia and Nottingham, and comments about
Linkoping University reported from the June 27-28, 2002 Swedish Higher Education Portals Conference
at Portals 2002, Nottingham, United Kingdom, July 1, 2002
Web services, a paradigm
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Web services
Offers
• real-time access to information • wherever it is located• by anyone• using multimedia
Changing
• the way work in done.• and the roles of customers and service
providers
Which implies
• organizational change and business process re-engineering
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Real-time access
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
The airline experience
• Single point of contact for the customer
• Direct communication between the passenger and the airline
• Intermediaries developed when value is added – travel agencies (when paper books were used for references)
• Development of customer-facing call centers
• Beware, the paradigm fails with increased complexity
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Administrative
Instruction
Library
Research
A Student’s Web World
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Students now expect...
• Customer service 24 hours a day,7 days a week
• Complete information from a single source
• Delivery by Web, e-mail, telephone, and facsimile, and, wireless devices
• response time of 15 seconds for telephone, 10 seconds for Web, and 2 hours for e-mail and facsimile
• access to a complete customer history
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Students expectations shaped by their ...
• Use of the Internet
• Life in a “real-time, information rich” environment
• Use of financial services portals
• Experience applying for federal financial aid
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
College students as users
“College students are heavy users of the Internet compared to the general population. Use of the Internet is a part of college students’ daily routine, in part because they have grown up with computers. It is integrated into their daily communication habits and has become a technology as ordinary as the telephone or television.”
“The Internet Goes to College,” Pew Internet and American Life Project, Sep 15, 2002
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
College students as users
• 20% began using computers between age 5 and 8, all by 16 to 18
• 86% go online
• 85% own their own computer
• 26% use instant messaging
• 72% check their e-mail at least once per day
“The Internet Goes to College,”
Pew Internet and American Life Project, September 15, 2002
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Future students
• “Internet-savvy students rely on the Internet to help them do their schoolwork—and for good reason.
• “Internet-savvy students describe dozens of different education-related uses of the Internet.
• “The way students think about the Internet in relation to their schooling is closely tied to the daily tasks and activities that make up their young lives.”
“The Digital Disconnect,” Pew Internet and American Life Project, August 14, 2002
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Future students
“Students report that there is a substantial disconnect between how they use the Internet for school and how they use the Internet during the school day and under teacher direction. For the most part, students’ educational use of the Internet occurs outside of the school day, outside of the school building, outside the direction of their teachers.”
“The Digital Disconnect,” Pew Internet and American Life Project, August 14, 2002
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Modes of Web Use
• Entertainment - “browse in a passive style that mimics the way we watch television”
• Socializing - peer-to-peer chat, casual e-mail, message boards, and multi-person chat rooms. “little tolerance for advertising”
• Shopping - dependent upon good user interfaces, easily frustrated
• Researching - Use the Internet like an encyclopedia, scouring search engines and online databases.
Joshua A. Fruhlinger, “Usage modes that work together,” WebTechniques, v. 6, nr. 12, December 2001
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Mixed modes that support each other
• Entertainment and Socializing
• Shopping and Researching
Joshua A. Fruhlinger, “Usage modes that work together,” WebTechniques, v. 6, nr. 12, December 2001
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Web services defined
“Web services are a set of standards for how systems connect to each other, and communicate information. It’s an extension of a distributed computing framework, which provides an open standard that most software vendors support.”
Chandra VekatapathMarket Manager, Web Services, IBM Corporation,
TheBusiness Integrator, Second Quarter 2002, pp. 5-11
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Value of Web services
“[Web services] provides a facility for an application or a system to collaborate with another application or systems regardless of how the applications are implemented, regardless of where they are implemented, or on which platform they are implemented.”
Chandra VekatapathMarket Manager, Web Services, IBM Corporation,
The Business Integrator, Second Quarter 2002, pp. 5-11
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Value of Web services
“Web services enable systems to collaborate with each other regardless of the underlying infrastructure.”
“Leverage existing infrastructure”
“Easily use business processes of your partners and customers.”
Chandra VekatapathMarket Manager, Web Services, IBM Corporation,
The Business Integrator, Second Quarter 2002, pp. 5-11
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
The business case
Originally, the exchange of data with others.
Now, integration between disparate application, disparate computer systems, disparate operating systems, disparate programming languages—the Enterprise Application Integration EAI bus.
”Getting access to stove-piped data is the primary reason for implementing Web services.”
Uttam NasrsuGIGA Information Group
At the FSA CIO Update ConferenceArlington, Virginia, May 8, 2002
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Value of Web services technology
Open standards Web service projects are taking one-fourth the time and costing one-fifth comparable projects using traditional technology. Performance is 2 to 10 times better than expected.• HFC Bank - IFX credit card application using XML, SOAP
and XSLT
• Deutsche Bank Bauspar - FixML security transaction integration using XML messages and XSL transformations
• Hypo Vereinsbank - Integration
Based on presentations at the XSLT [Invitational] Conference
Oxford, University, April 8-9, 2001
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Cost Savings, Federal Student Aid
8
Cost savingsFAFSA On the Web
-2
-1
0
1
2
3
4
5
6
7
8
9
10
1997-1998 1998-1999 1999-2000 2000-2001 2001-2002 2002-2003
We
b F
ilers
(in
mill
ion
s)
-$10
-$5
$0
$5
$10
$15
$20
$25
$30
$35
$40
Ann
ual C
ost
Sav
ings
(in
mill
ions
of
dol
lars
)
Annual Cost Savings
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Cost Avoidance, Federal Student Aid
9
Reengineer…Retire…Replace Modernize Systems to Serve More With Less
DLOS
DLSS
FFEL
CBS
CDS
DLCS
CPS
NSLDS
MDE
PEPS
DMCS
FARS
RFMS
TIVWAN
NSLDS
DLCS
CPS
FMS
CRM4FSA
IAOD
CSB
PEPS
FFEL
DLSS
NSLDS
DLCS
CPS
MDE
PEPS
DMCS
FMS
CRM4FSA
IAOD
CSB
1999 2000 2001 2002 2003 2004
DLOS
DLSS
TIVWAN
FFEL
CBS
DLCS
CPS
NSLDS
MDE
PEPS
DMCS
FARS
RFMS
TIVWAN
DLOS
DLSS
DLCS
CPS
NSLDS
MDE
PEPS
DMCS
FARS
RFMS
14+ Stove-piped
SystemsIntegrated
Modernized Solutions
FSA OperatingBudget
$700M
$800M
$600M
$500M
$400M
$300M
$900M
Student Aid Participants
30M
20M
40M
25M
35M
Integrated Modernized SolutionsModernization In ProgressStov e-Piped Legacy System
Legend:
~$622MFlat Line Budget
FMS FMS
NSLDS II
COD COD
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Web self-service
• Web self-service $ .06
• E-mail $ 6.00
• Telephone call $12.00
Forrester Research as quoted by Bonnie Azar Power in “Taking self-service out of the dark into Broad
Daylight,” Red Herring, No. 110, Feb 2001, pp. 36-37
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
No single vendor...
“It is a fact of IT life that no single vendor can provide all the software necessary to run a business.”
Christopher Koch, “Why Your Integration Efforts End Up Looking Like This,” CIO Magazine, v. 15, nr. 4,Nov 14,
2001, pp. 98-108.
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
“Best of Breed” strategy
“With Web services, best of breed becomes more feasible.”
“Web services will make best of breed more cost effective.”
Rick Bergquist, CTO of PeopleSoftas quoted by Heather Harreld and Mark Jones in
“Chasing suite success,” InfoWorld, Nr. 24, June 17, 2002.
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Components architecture
“Software has become so big that no company can do everything alone anymore.” “… the industry must adopt standards that would enable a variety of different software vendors to provide the parts needed to quickly build a sophisticated software system.”
Hasso Plattner, CEO SAP AG at the JavaOne Conference in San Francisco, March 2002, as reported by Reuters,
“Software's future is in components, SAP chief says,” March 27, 2002
Web Services, an information architecture
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
A Web service is
• An exchange of XML business messages
• using SOAP compliant data transport,
• described by WSDL,
• listed in a UDDI directory of services,
• for a remotely authenticated user (using WS-Security and SAML),
and, for most,
• presented using XSL transformations (XSLT)
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Web services standards
• XML “tagged” data contenteXtensible Markup Language (W3C)
• ebXML/SOAP data transportSimple Object Access Protocol (W3C)
• XSL transformations for presentationeXtensible stylesheet language (W3C)
• UDDI/WSDL directory servicesUniversal Description, Discovery, and Integration, (industry) and Web Services Description Language (W3C)
• SAML authentication and authorizationSecurity Assertion Markup Language (OASIS)
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
SOAP template
<soap:Envelopexmlns:soap="http://schemas.xmlsoap.org/soap/envelope/“soap:encodingStyle=“http://schemas.xmlsoap.org/soap/encoding/”>
<soap:Header>…</soap:Header>
[SAML Assertions here]
<soap:Body>…</soap:Body>
[Application XML document here]
<soap:Fault>…</soap:Fault>
[Status and Error messages here]
</soap:Envelope>
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
SOAP data transport supports...
• Real-time data transport
• HTTP or HTTPS
• TCP or UDP using Microsoft’s proposed WS-Routing
• Batch data exchamge
• FTP or Secure FTP
• E-mail data exchange
• SMTPSee Jonathan Chawke,
“Making Apache SOAP Invocations using SMTP,”Apache Foundation, 9 March 2001
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
The standards
• Data XML
• Validation Schema
• Transport SOAP (real-time)
SMTP (batch)
• Security SAML
• Description WSDL
• Directory UDDI
• Transformation XSLTNote: Message content is not defined by any of these standards.
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Industry content standards
Industry Standards
Financial Services
Financial Reporting
ebXML compliant IFX
XBRL
Student loans
Financial aid
CommonLine XML
Common Record
Human Resources HR-XML, HumanML
Academic Records PESC and California
Community Colleges
Library In discussion
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Process content standards
Function Standard
Work flow WSFL and WfML
Portal Support WSRP
Presentation WSUI
Security Assertions
Security Access Control
SAML
XACML
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
EDI and Web Services compared
EDI Web Services
Network
Topology
Hub and spoke Network “cloud”
Processing cycle Over night batch Near instantaneous
Data representation
Positional Tagged
Response to change
High maintenance
Lower maintenance
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Why XML and SOAP?
“[XML and SOAP] will become a widely implemented ‘standard’ because they are simple.”
Barry Walsh, Indiana Universityat the FSA CIO Update Conference
Arlington, Virginia May 8, 2002
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Typical SOAP implementation
Portal Server
Data Provider
HTMLover HTTP
SOAP over HTTPS
College Target
Application Server
SOAP Messages
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Authentication and authorization
Access Provider Data Provider
Login & Password
TLSAuthentication
SAML Assertion
College Target
ebXML Security Profile 3
Non-persistent confidentiality and non-persistent authentication
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
JA-SIG Web Services model
HTTPSSOAP Business Message
HTTPSSOAP Business Message
University Agency
ScenarioUser: Student, staff, or facultyAccess Provider: University PortalData Provider: Agency Web Server
SIS
Portal
Web ServerUser App Server
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Meteor in a nutshell…
Lender
XML
Based on the prototype
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Diagram of Meteor Concept
Web ServicesHTML
MeteorXML
StudentStudent Access Provider Access Provider Data Provider Data Provider
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
As implemented in the prototype ...
Web ServicesSecure HTML
MeteorSecure XML
StandardBrowserStandardBrowser uPortaluPortal
MeteorSOAP
MeteorSOAP
MeteorSOAP
MeteorSOAP
DatabaseDatabase
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Data from multiple sources, locations
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Meteor list of loans
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Sample Meteor loan detail
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Meteor Channel in the uPortal
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Meteor XML Request message
>>(Tue Jan 09 11:50:58 EST 2001) Processing SOAP request...
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/1999/XMLSchema" xmlns:xsi="http://www.w3.org/1999/XMLSchema-instance"> <SOAP-ENV:Body> <ns1:getLoanHistory SOAP-ENV:encodingStyle="http://xml.apache.org/xml-soap/literalxml" xmlns:ns1="urn:ifx-loan-server"> <IFXRequestEl> <IFX> <SaisSvcRq> <RqUID/> <SPName>gov.studentclearinghouse</SPName> <LoanHistoryRq> <CustId> <SPName>gov.ssa</SPName> <CustPermId>448377707</CustPermId> </CustId> <DateOfBirth>1980-09-03</DateOfBirth> </LoanHistoryRq> </SaisSvcRq> </IFX> </IFXRequestEl> </ns1:getLoanHistory> </SOAP-ENV:Body></SOAP-ENV:Envelope>
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
California eTranscript - UML
• User Login
• Get Student List
• Select Student from List
• Select Transcript View Or Build Custom View
• Get Transcript
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
User login
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Get student list
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Select student from list
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Select transcript view
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Or build custom view
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Get transcript
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Web Services in higher education
• Digital library search and retrieval (Columbia, Cornell)
• Transcripts (California Community Colleges, Florida, Arizona, Ohio)
• Student Aid (NCHELP, U.S. Department of Education)
• Security (Internet 2 Shibboleth)
• Portals (JA-SIG)
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Web services and integration
“Application integration is proving to be the first killer app for Web services, as early adopters build on these standards [XML, SOAP, WSDL] to improve internal and cross-enterprise collaboration.”
“Indeed, integration is the common theme among Web services pioneers.”
Richard Karpinski, “Web Services Crack App Integration Nut,”
InternetWork, Nov 12, 2001, pp. 44ff.
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Full integration defined
[The separate products] are
• built using the same basic programming technologies
• share the same user interface, and
• use a common data model.
Christopher Koch, “Why Your Integration Efforts End Up Looking Like This,” CIO Magazine, v. 15, nr. 4,Nov 14,
2001, pp. 98-108.
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Waves of Internet integration
1. TCP/IP Client-server
2. HTTP Browser-based Web-enabled applications
3. XML, SOAP, Business messaging
WSDL
Based on waves from Richard Karpinski, “Web Services Crack App Integration Nut,”
InternetWork, Nov 12, 2001, pp. 44ff.
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Middleware integration
“The note passing [business messaging middleware] mechanism makes upgrading the integration simpler and cheaper, and users can adjust the frequency of the note-passing to get to near real-time.”
Christopher Koch, “Why Your Integration Efforts End Up Looking Like This,” CIO Magazine, v. 15, nr. 4,Nov 14,
2001, pp. 98-108.
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Approach to Success
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Current Web services standards
• XML serves as the foundation for other “languages” or protocols.
• SOAP defines the “envelope” used to deliver Web services messages and how they should be processed.
• WSDL is a version of an IDL, or interface definition language, and more granularly defines the methods, protocols, and data formats of a specific Web service.
• UDDI is a higher-level framework for companies to register themselves and their Web services
Richard Karpinski, “Web Services Crack App Integration Nut,” InternetWork, Nov 12, 2001, pp. 44 ff.
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Emerging Web services standards
• SOAP routing such as Microsoft’s WS-Routing
• Security such as IBM’s HTTP-Reliable and Microsoft’s WS-Security
Watch:
• WSCM Web Service Component Model for portal integration (includes WSUI)
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Spanning the worlds
“Web services protocols also span the [Microsoft] .Net and [Sun] Java worlds, which makes them perfect for stitching together heterogeneous application environments.”
Richard Karpinski, “Web Services Crack App Integration Nut,”
InternetWork, Nov 12, 2001, pp. 44ff.
Portals
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Portal defined
• generally synonymous with gateway, for a World Wide Web site that is or proposes to be a major starting site for users when they get connected to the Web
www.whatis.com, May 19, 2001
• software integrating many divergent systems for presentation and use on the Web
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Classic “portal”
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Portal defined
Portal - an entry point or starting site for the World-Wide Web, combining a mixture of content and services and attempting to provide a personalized "home base" for its audience with features like customizable … pages and personal homepage construction kits.
From www.Auburn.edu/helpdesk/glossary/, Auburn University. March 24, 2002
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
With channels (portlets)
uPortalFramework
uPortaldatabase
Channel A
Channel B
Channel C
Channel D
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Why are portals important
• Makes knowledge workers more productive
• Preferred by users
• Market share
• Brand identity
• A viable architecture for information services
• Time to market
• Improved services
• Lower costs
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
A Student Portal
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Multiple Target Devices
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
CalPoly San Luis Obispo
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
University of British Columbia
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
University of California, Irvine
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Columbia University
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Denison University
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
University of Delaware
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Princeton University (prototype)
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Theme: matrix
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Some commercial portals
• Sun Microsystems (iPlanet)• Epicentric (Foundation Server)• Oracle (Application Server Portal)• IBM (WebSphere Portal/Jetspeed)• Computer Associates (Jasmine ii)• Microsoft (SharePoint Portal Server)• Sequoia (XML Portal Server)• PeopleSoft (PeopleSoft Portal)• Citrix (XPS)• Sybase (Enterprise Portal)• SAP AG (SAP Portals Enterprise Portal)
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Types of portals
• Enterprise [integration]
• Knowledge/document management
• Collaboration and messaging
• Front end to application servers
Jim Rapoza, “Enterprise value of portals is clear,” eWeek, September 13, 2001
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Common goals/different technologies
• System Integration & Consistency
• Single Sign-on & Security
• Personalization
• Collaboration
• Component Reuse
• Task Management & Workflow
• Internationalization
• Syndicated Content SubscriptionAdapted from Justin E. Tilton, “uPortal: An Open-Source,
Higher Education Web Portal,” The Educational Technology Standards Workshop, University of California at Berkeley,
July 31, 2002
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Students prefer
• Single sign-on even if that means revealing personal logons and passwords [aggregation/credential caching]
• Selection of content [channels] and layout [user profile]
• Common channel navigation and icons [consistent look & feel]
Justin E. Tilton, “uPortal: An Open-Source, Higher Education Web Portal,” The Educational Technology Standards
Workshop, University of California at Berkeley, July 31, 2002
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Value of a portal
…by driving all of your task-based web services through a single, customizable interface, the whole becomes greater than the parts. The most important element a portal brings to an institution is the ability to aggregate many tasks into a common authentication and interface.
James Watkins, Kansas University Medical Center,
on the JA-SIG –PORTAL listserv, May 17, 2002
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
With channels (portlets)
uPortalFramework
uPortaldatabase
Channel A
Channel B
Channel C
Channel D
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
RSS Channel
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Portal with channels
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Portal with channels shown
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
RSS channel hyperlink
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
With channels (portlets)
Internet
Student Information
System
Remote Content Provider
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Interface options
Provider
Connector
ExternalApplication
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Connectors may communicate
• By calls to the application
• By custom protocols over, say, “sockets”
• By standard protocols such as LDAP
• By business messages using Web services - XML, SOAP, UDDI
• As a remote channel (WSRP)
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Required capabilities
Type of Portal J SP Chat & Mail
ContentClassificationand Search
WebServices
Enterprise ? ? ?
Collaboration ? ? ?
Knowledgemanagement
? ? ?
Front end ? ? ? ?
uPortal
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Available services
Type of Portal Dir
ecto
ryA
uth
enti
cati
onR
oles
Gro
ups
Wal
let
Auth
oriz
atio
ne-
mai
l an
d c
hat
Web
Ser
vice
sX
ML,
SO
AP,
UD
DI
Wor
kflow
Cal
endar
ing
Annou
nce
men
ts
Enterprise X ? ? ? ? ?
Collaboration ? ? ? X ? X X ? ?
Knowledgemanagement
? X ? X ? ?
Front end ? ? ? ? ? ? ? ? ? ? ?
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Required authentication
Type of Portal Local Remote Anonymous
Enterprise X
Collaboration ? X
Knowledgemanagement
?
Front end ? X
uPortal
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Portlet Standards
• Restricted HTML, moving to XHTML fragments
• RDF Site Summary (RSS) 0.91 (Mar 1999) moving to 1.0 (Dec 2000) + Modules (continuing, e.g. streaming, events)
• WSRP (Web Services Remote Portlet) (Sep 2002)
• SOAP if the portal interprets the message
The Web Services Community
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Gleason’s “Transitive Trust”
SAML Assertions
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
ED/FSA “Transitive Trust”
7
FSA Systems/Datastores
FSA SECURITY BOUNDARY
Internet
FederalBridge CA
Higher EDBridge CA
School orOther Official
School/CREN/State Certificate Authority
School orOther Official
Shared Secret(Username/Password)
Over SSL
Student, ParentOr Borrower
Personal data + PINOver SSL
AuthenticationGateway
(multi-protocol)
SingleSign-On
PIN Authentication
School orOther Official
School Network/Portal
Transitive Trust – Technical Vision
Andy Boots, FSA CIO Technology Update, May 8, 2002
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
ED/FSA “Transitive Trust”
7
FSA Systems/Datastores
FSA SECURITY BOUNDARY
Internet
School orOther Official
School/CREN/State Certificate Authority
School orOther Official
Shared Secret(Username/Password)
Over SSL
Student, ParentOr Borrower
Personal data + PINOver SSL
AuthenticationGateway
(multi-protocol)
SingleSign-On
School orOther Official
School Network/Portal
Transitive Trust – Technical Vision
Andy Boots, FSA CIO Technology Update, May 8, 2002
Digital CertificateSAML Assertions
Certificate validation
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
SAML Assertion
<SAML><AssertionID>AE0221</AssertionID>
<Issuer>URN:dns-date:www.CREN.test:2002-05-16:19283 </Issuer>
<ValidityInterval> <NotBefore>2002-05-16T12:34:00Z</NotBefore> <NotOnOrAfter/>2002-05-16T13:34:00Z</NotOnOrAfter> </ValidityInternal> <Conditions>
<Audience>http://www.CREN.test/school_list.html</Audience>
</Conditions> <Subject> <Account>K4356783</Account> </Subject> <Resources> <string>http://www.elseviser.com/Journal_X/ </string> <string>https://www.Alpha College.edu/SIS/ </string> </Resources></SAML>
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Required authentication
Type of Portal Local Remote Anonymous
Enterprise ? X
Collaboration ? X
Knowledgemanagement
?
Front end ? X
University
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
The facets of security
• Confidentiality – communicated in secret
• Integrity – unaltered, genuine
• Anonymity – having a name or identity that is unknown or concealed.
• Non-repudiation – validity of identification of the parties and the date and time of the message, and integrity of the contents
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Major barriers to implementation
• The ability to work together, both within the college or university and among institutions, on the details
• Education and training of current staff at all levels
• Claims on ownership of “business processes”
• Institutional cost of mandated changes
• Limited budgets
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Federal mandates
• Immigration and Naturalization Service
SEVIS Student and Exchange Visitor Information System, on or after January 1, 2003
• Department of EducationCOD Common Origination and
Disbursements February 2004 (pilot began May 7, 2002)
• Department of Veterans AffairsVACert Certificates of attendance
sometime 2003
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Federal e-Authentication
Aut
hent
icat
ion
Nee
ds
Aut
hent
icat
ion
Nee
ds
None
Strong
Solution SetsSolution Sets
Non
e
One
-Tim
e
Passw
ord
Single Sign On
Bio
met
rics
PKI
Use
r ID
/
Passw
ords
PINS
Pen-b
ased
Signa
ture
Privileged Management
Digital Signature
Click-wrap
StrongWeak
John Sindelar, “Achieving the Vision of E-Government,” Nov 27, 2001
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
SAP Learning Management System
• Delivered by MySAP through a standard browser
• based on SCORM (ADL’s Sharable Content Object Reference Model) and IMS ([Instructional Management Systems] IMS Global Learning Consortium, Inc.) content
• in a WebDAV (IETF’s Web Distributed Authoring and Versioning) open-source content base
• using Web services for integration (PeopleSoft HR in Version 2)
• with a Windows-based authoring platform
Will Chatham, SAP Public Services, Inc. “E-Learning,” at e-Gov 2002 Conference, Washington, DC, June 26, 2002
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Opinion restated
• Portal and Web Services technologies are over-hyped, but real.
• These technologies have simultaneously demonstrated reduced investment and operating costs and improved service.
• Portal and Web Services technologies are “disruptive technologies.”
• Enterprise Resource Planning (ERP) architecture is obsolete, and will be replaced by application component architecture.
The end
www.immagic.com
inst
ruct
ional m
ed
ia +
magic
inst
ruct
ional m
ed
ia +
magic
Publisher’s Note
The following slides were taken from presentations made at the U.S. Department of Education Federal Student Aid (FSA) CIO Update held September 30, 2002 in Atlanta, Georgia.
Some slides were omitted in some of the presentations that would not effect the content.
Higher Education, Shibboleth, and the Liberty Alliance
Scott CantorMACE / The Ohio State [email protected]
Outline
What is Shibboleth? Why Shibboleth? High Level Architecture SAML and the Liberty Alliance Current Status
What is Shibboleth?
An initiative to develop an architecture and policy framework supporting inter-organizational sharing of secured web resources and services
A project delivering an open source implementation
An Internet2/MACE project with early intellectual and financial support from IBM/Tivoli
Example Scenarios
1. A member of the campus community accessing a licensed library resource
2. Students enrolled in a course across multiple universities accessing class materials and Learning Mgmt Systems
3. Research workgroups sharing controlled resources (the original web)
4. Intra-university information access
5. <your scenario here>
What is Shibboleth?
A system...
with an emphasis on privacy
users control release of their attributes
based on open standards (SAML) and available in open source form
built on “federated administration”
that exists!
Outline
What is Shibboleth? Why Shibboleth? High Level Architecture SAML and the Liberty Alliance Current Status
Why Shibboleth?
Growing interest in collaboration and resource sharing among institutions
Better security tools will make deploying new applications more “painless” and more secure
Offer new services to constituents that leverage higher education’s role as an identity provider for millions of people
Stakes a role for higher education in the emerging federated identity space
Federated Administration in Shibboleth
Users registered only at their “home/origin”institution, or “identity provider”
Authorization information sent, instead of authentication information
when possible, uses groups instead of people on ACLs
identity still available for auditing and for applications that require it
Privacy
Higher Education has privacy obligations
In US, “FERPA” requires permission for release of most personal identification information
General interest and concern for privacy is growing
Shibboleth has active (vs. passive) privacy provisions “built in”
Outline
What is Shibboleth? Why Shibboleth? High Level Architecture SAML and the Liberty Alliance Current Status
Shibboleth: High Level Architecture
Outline
What is Shibboleth? Why Shibboleth? High Level Architecture SAML and the Liberty Alliance Current Status
SAML is…
… Security Assertion Markup Language
... an OASIS XML (soon to be) standard for exchanging authentication, attribute, and authorization information within and between security domains
… an industry standard supported by most major web security vendors for web SSO
… a security token explicitly profiled for use with the WS-Security specifications
SAML: Scope
SAML defines XML syntax for “statements” about past authentication events, user attributes, and authorization decisions.
SAML also defines how applications can ask “authorities” for such statements, and includes “profiles” for Web SSO.
SAML does NOT define specific trust models, attribute syntax, subject naming, or how to secure specific transaction flows.
Shibboleth messages and flows are SAML conformant.
Shibboleth adds to SAML:
• a lightweight PKI-based trust model
• privacy-preserving Subject naming
• standards for attribute syntax and semantics, derived initially from eduPerson 1.5
From SAML to Shibboleth
WS-Security
a proposed family of standards to add both general and specific security features to SOAP
submitted to OASIS by MS/ IBM/Verisignfor refinement by a new technical committee
currently, consists only of a high-level framework for embedding security “tokens” like SAML assertions into SOAP
orthogonal to Shibboleth, for now anyway
Liberty Alliance
Full Disclosure
I ’m not a Liberty spokesman, or a Liberty representative, nor did I have any influence on the Liberty specifications, apart from as a contributor to SAML.
This is an outsider’s view of the technical specifications, from the perspective of a SAML implementer and user.
Liberty Alliance
A consortium of businesses formed by Sun, developing a technical architecture for identity management, in the interest of furthering business partnerships and electronic commerce.
Specifications are developed in a closed*process, then released for public consumption without encumbrances.
Released 1.0 specification in J uly.
* contrasts with the public OASIS processes
Liberty Alliance: Scope
1.0 specification focused on SSO and federating identities between sites with which a consumer already has a relationship:
• Identity federation protocols via opaque mutual aliases, controlled by consumer
• SSO protocols “adapted from” SAML
• Extended information about authentication “context”
• A suite of distributed logout protocols
Shibboleth and Liberty: Future Directions
Future versions of the Liberty specs are expected to explore controlled attribute exchange between organizations.
Both Liberty and Shibboleth have to define what it means to live in a multi- federation world.
Many of the Liberty extensions/additions to SAML will be useful to Shibboleth.
Outline
What is Shibboleth? Why Shibboleth? High Level Architecture SAML and the Liberty Alliance Current Status
SAML and Liberty
Both specifications have been published as 1.0 documents.
SAML has been widely (and independently) implemented by vendors, and by Internet2 in open source J ava and C++.
A J ava Specification Request for a SAML API is under development.
Liberty hasn’t indicated an intent to deliver a reference implementation. Open source versions may or may not be forthcoming.
Shibboleth
Specifications are in final draft form.
A second alpha release is available now, and the source code is publicly available.
Pilot implementations are beginning at a dozen or more institutions and a growing list of information providers and application vendors.
A feature-complete beta is due in October for the NMI 2 release.
For More Information
http://middleware.internet2.edu/shibboleth/
http://middleware.internet2.edu/opensaml/
http://www.oasis-open.org/committees/security/
http://www.projectliberty.org/
… plus many open mailing lists available
1
EE--Government: Government:
The Path to The Path to Breakthrough Breakthrough Performance in GovernmentPerformance in Government
Jonathan WomerG2C Portfo lio Manager
Office of Management and Budget
2
Recent Surveys on Citizen Wants
Pew Report: The Rise of the eCitizen: How people use Government Agencies’ Web-Sites - April, ’02
• “Citizens on-line are learning to demand answers at Internet speed.”
• 68 Million American adults have used government Web sites –a sharp increase from 40 million in March 2000
http://www.pewinternet.org/reports/pdfs/PIP_Govt_Website_Rpt.pdf
Council for Excellence in Government: E-Government: To Connect, Protect and Serve – Feb. 26, 2002
Citizens overwhelmingly believe that E-Government leads to better government.
http://www.excelgov.org/techcon/0225poll/report.PDF
3
The President’s Views on Government Management
• The President’s vision for reforming government:
“…government needs to reform its operations-how it goes about its business and how it treats the people it serves.”
• The President’s remarks at the “21st Century High Tech Forum”:“Our government plans to spend $53 billion on information technology next year…It is important. It's important to make sure government functions better, but more importantly, it will help our taxpayers have better response to democracy and get better information more quickly. And so I'm pleased that we're working on e-government.”
• The President’s E-Government Memorandum to the Cabinet:
“E-government is important for making the federal government citizen centered and results oriented”
4
Four Segments in the Citizen-Centered Strategy
Individuals: building easy to find one-stop-shops for citizens --creating single points of easy entry to access high quality government services.
Businesses: reduce burden on businesses through use of Internet protocols and by consolidating myriad redundant reporting requirements.
Intergovernmental: make it easier for states and localities to meet reporting requirements, while enabling better performance measurement and results, especially for grants.
Internal efficiency and effectiveness: reduce costs for federal government administration by using best practices in areas such as supply chain management and financial management, and knowledge management.
5
Government to Citizen
Government to Government Internal Effectiveness and Efficiency
1. USA Service2. EZ Tax Filing 3. Online Access for Loans 4. Recreation One Stop5. Eligibility Assistance
Online
1. e-Vital (business case) 2. e-Grants3. Disaster Assistance
and Crisis Response4. Geospatial Information
One Stop 5. Wireless Networks
1. e-Training 2. Recruitment One Stop3. Enterprise HR Integration 4. e-Travel 5. Integrated Acquisition6. e-Records Management7. Payroll Processing
E-Government Initiatives and Managing Partners
Managing Partner
OPMOPMOPMGSAGSANARAOPM
Managing Partner
SSAHHSFEMA
DOI
FEMA
Managing Partner
GSATREASDoEdDOILabor
Government to Business
1. Federal Asset Sales2. Online Rulemaking
Management 3. Simplified and Unified
Tax and Wage Reporting4. Consolidated Health
Informatics (business case)5. Business Compliance
One Stop6. International Trade Process Streamlining
Managing
Partner
GSADOT
Treas
HHS
SBA
DOC
E-Authentication
6
Users Must Have a Unified View of data and Simple Business Processes In order to Reap Benefits From E-Government
11
Capture
Store
Query
Distribute
Analyze
Act
Learn
External Customer View
?
There are opportunities throughout the Information Value Chain: But what are the binding constraints on better decisions?
•Data Collection Improvements do not necessarily affect results
• Data Sharing Problem Sometimes Reflects too many conflicting Analysts or Decisionmakers
•knowledge management tools improve decisions, yielding better service, faster and at lower costs
7
Architecting Change: Government Processes and Organization Structures Must Become Citizen-centered, Not Agency Centered
Program Admin ComplianceServices to Citizens
Public Asset ManagementMarket able Asset ManagementDefense & Nat’l Security OpsDiplomacy & Foreign RelationsDisaster ManagementDomestic EconomyEducationEnergy ManagementInsurancePublic HealthRecreation & National ResourcesSocial ServicesR&D & Science
Regulated Activity ApprovalConsumer Safety
Environmental ManagementLaw Enforcement
LegalRevenue Collection
Trade (Import/Export)Transportation
Workforce Management
Support Delivery of Services
Internal Operations/Infrastructure
Legislative ManagementBusiness Management of InformationIT ManagementPlanning and Resource AllocationRegulatory Management
Controls and OversightPublic AffairsInternal Risk Management and MitigationFederal Financial Assistance
Human Resources Financial Management Admin Supply Chain Management
Human Resources Financial Management Admin Supply Chain Management
Inter-Agency Intra -Agency
Program Admin ComplianceServices to Citizens
Public Asset ManagementMarket able Asset ManagementDefense & Nat’l Security OpsDiplomacy & Foreign RelationsDisaster ManagementDomestic EconomyEducationEnergy ManagementInsurancePublic HealthRecreation & National ResourcesSocial ServicesR&D & Science
Regulated Activity ApprovalConsumer Safety
Environmental ManagementLaw Enforcement
LegalRevenue Collection
Trade (Import/Export)Transportation
Workforce Management
Support Delivery of Services
Internal Operations/InfrastructureInternal Operations/Infrastructure
Legislative ManagementBusiness Management of InformationIT ManagementPlanning and Resource AllocationRegulatory Management
Controls and OversightPublic AffairsInternal Risk Management and MitigationFederal Financial Assistance
Human Resources Financial Management Admin Supply Chain Management
Human Resources Financial Management Admin Supply Chain Management
Inter-Agency Intra -Agency
(On average 10 Cabinet Departments and agencies per Line of Business)
(On average 21 Cabinet Departments and agencies per Line of Business)
(All 24 Cabinet Departments and agencies per Line of Business)
8
In Conclusion, Success Requires A Passion for Solutions
• Measures of success linked to program performance
• Successful Management of Change Requires Innovation
• Transform: Unify and simplify around customer needs
• Address chronic problems, don’t ignore them, e.g.:– Good ideas that lack proper securi ty and business case– Opportunities to leverage partially funded, redundant IT
initiatives to get full benefit
• Prevent focus on just Web enabling
eGov Initiatives: eLoans
Charlie ColemanDirector, CIO Innovations
September 30, 2002
The Hype Cycle
TechnologyTrigger
Peak ofInflated
ExpectationsTrough ofDisillusion
Slope ofEnlightenment
Plateau ofProductivity
Online not always good
Channel man agement troubles
Government portals
Enterprisee-government
strategies
Single d ept online services Failures and no ROI
drive divestments
Back-officere-engineering
Governments focus on corePartner-sourcing for value-added services
1994–1999 2000 2001 2002 2003 2004 2005 2010
Visibility
E-governmentstagnates
Surveys andbenchmarking
Information-onlysites
Securit y issues
well adv anced
laggards
moderate progress
Inv olv e external partnersto solv e problems
Inv olv e external partnersto leapf rog
Area of uncertainty
Scoping eLoans
Original eLoans Business Case envisioned a “single point of entry” or “one size fits all” approach. However:
• Federal loan programs are diverse
• Over $240 billion/year is awarded in federal loans
• Over 80% are guaranteed and insured loans
• Less than 20% are direct loans
• Target customers are varied and may interact with many partners during the loan life cycle
eLoans Scoping PlanDistribute agency
survey and collect results
Identify partner agency “value
adds”
Identify private sector “value
adds”
“Value Add” opportunities
Deliver on Recommendations
Yes No
Validate vision with citizens
July August September
Form workgroups to finalize scope and plan for moving
forward
August / September
Develop justification for not proceeding
with eLoans initiative
August / SeptemberReceive go/no go decision
September
June
Value Add Opportunities
Value Add Workgroup ED HUD SBA USDA
FSA/RHS VA
Quick Win
eLoans Web Gateway
Mid-to-Long Term
B2G Lender Reporting Improvements FSA RHS
Risk Management Coordination (Sharing Lender / Citizen Data)
Electronic Lender Payments to Agencies
check () = participating = sharing informationshaded box = indicates lead agency
Agency Voting
eLoans Gateway
Develop a simple web site (as part of GovBenefits’ infrastructure) that educates citizens on federal loan programs and directs them to the best loan information at agency and private sector websites.
Goal
ED (lead), HUD, SBA, USDA, VAAgencies
FY03: Partner with GovBenefits to develop and implement the eLoans Gateway. Partner with commercial and federal search engines to increase visibility of the eLoans Gateway.
FY04: Enhance Gateway functionality per citizen recommendations.
Approach
• Citizens that use the web today are faced with an enormous amount of information on federal loan programs (a search on “federal loans”at Google gives 1.3 million hits and on FirstGov gives over 1,000 hits). The Gateway simplifies this search by providing access to the best available loan information on a single site.
• Increase awareness of and traffic to agency and private sector web sites• Build on existing GovBenefits architecture (reuse versus rebuild)• Leverage GovBenefits marketing capabilities
Benefits
Citizen
eLoans Gateway
eLoans Gateway
Commercial Search Engines
Google, Yahoo!, AOL, etc…
Small Business
Loans
Housing Loans
Farm LoansStudent
Loans
Veterans Loans
• Click individual clouds to learn more
OR • Click the Loan Wizardto see what programs you may be eligible for
Lenders / Business Partners
B2G Lender Reporting ImprovementsAnalyze agency systems and data for opportunities to coordinate improvements in lender reporting processes during the loan lifecycle.
Goal
SBA (lead), ED, HUD, USDA, VAAgencies
Thorough analyses that compare and contrast B2G loan lifecycle reporting strategies across loan programs will reveal specific opportunities for interagency resource sharing and B2G reporting synergies such as:• Streamlining data/reports• Isolating reporting redundancies or inefficiencies• Developing common data definitions • Providing a common interface for conducting business with the federal
government
Benefits
FY03: • Conduct an analysis of technologies, systems, and processes lenders
use to transmit data/reports to agencies during the loan lifecycle (includes working with private sector).
• Develop data model/inventory of lender reporting data collected during the loan lifecycle (includes working with private sector).
FY04: Conduct and evaluate pilot test of possible best practices with private sector.
Approach
Share citizen default data across agencies to improve risk management for federal credit programs.
Goal
FY03: • Web enable HUD’s CAIVRS (used to track and report borrower
government credit history) for non-HUD agencies and lenders. • Conduct a feasibility study on providing citizen access to CAIVRS. FY04: • Work with business partners and customers to analyze risk management
improvement opportunities. • Implement web enhancements for citizen access and business process
improvements.
Approach
Sharing Citizen Default Data
• Provides agencies and lenders with online access to borrower credit history versus using touchtone telephone system
• Enables agencies to better monitor credit programs (HUD realizes over $215 million in loss avoidance every year)
• Provides citizens with self-service access to CAIVRS credit report• Coordinates system improvements based on customer and business
partner feedback and other related initiatives (improves service delivery while reducing administration costs)
Benefits
HUD (lead), ED, SBA, USDA, VAAgencies
Risk Management Coordination -- Borrower
Share lender performance data across agencies to improve risk management for federal credit programs.
Goal
FY03: • Conduct a feasibility study on coordinating the sharing of lender
performance data across agencies.
• Begin implementation of study recommendations.
FY04: Continue implementation efforts.
Approach
Sharing Lender Performance Data
• Coordinates current agency initiatives and identifies potential best practices
• Provides agencies with cross-government information on lender performance
• Improves agency monitoring effectiveness by identifying high risk lenders, and enabling trend analysis and query capabilities
• Protects the public borrowers and restores public trust
Benefits
HUD (lead), ED, SBA, USDA, VAAgencies
Risk Management Coordination -- Lender
Explore opportunities to coordinate implementation of electroniclender payment systems and processes across agencies.
Goal
FY03: Assess feasibility of pay.gov as a possible solution for electronically collecting lender payments for the partner agencies. FY04: Begin implementation of proposed solution.
Approach
• Web-based application provides costs savings by reducing handling of “paper”
• Lender partners can get receipts in one day vs. several
• Pay.gov offers strong agency reporting capabilities • Pay.gov is willing to absorb costs of feasibility analysis,
development, implementation, and operations/maintenance (excludes agency FTE needs and changes to agency systems
Benefits
VA (lead), ED, HUD, SBA, USDAAgencies
Electronic Lender Payments
Private Sector Feedback
Met with key loan industry associations on August 14, 2002: • Support the eLoans initiative• Interested in:
• Continued participation/involvement• More uniform interface for doing business
with the government• Reducing cost, improving cycle time, etc.
“…MBA very much wants to continue to participate in …[the] eLoans effort […, and] would also like to see initiatives…that allow easier and more uniform interface with government agencies in a B2G environment.” Mortgage Bankers Association representative
Citizen Focus Group Feedback
Held citizen focus groups in September 2002 with students, homebuyers, small business owners, veterans, and farmers:• Citizens think it’s important for government and private
sector to work together in this effort• Citizens rated the Gateway concept a 5.3 on a scale of 1
to 6 and provided useful feedback• Encouraged eLoans to consult citizens on future
enhancements
“Work together!”, Student participant …in response to question on what was the one thing they would like to say to the partner agencies“[in reference to the Gateway, agencies should] put it out there … make it as good as you can, but don’t try to make it perfect from the start … and improve it over time.”, Housing participant
Charles HavekostE-Grants Program [email protected]
E-Grants:Fulfilling the President's Management Agenda
and PL106-107 Streamlining Goals
Size•Over 600 grant programs at 26 Federal agencies•$300B in grants to State and Local governments via 141K awards•$60B in grants to academia, non-profits and others via 71K awards
Variety•Many Types of Grants, Agencies, Applicants, and Award sizes •Types include Discretionary, Formula, Block Grants•Purposes include Research, Service, I nfrastructure, Security
Culture•Entrenched Grants Processes and Data Requirements
E-Grants Background
The E-Grants project will: Produce a simple, unified “storefront” for all customers of federal grants to electronically find opportunities, apply, and manage grants.
Facilitate the quality, coordination, effectiveness, and efficiency of operations for grant makers and grant recipients.
E-Grants Vision
Selected E-Grants Milestones•Pilot “Find Opportunities” tool (7/ 1/ 02) [done]•Define application data standards (10/ 1/ 02) [done]•Deploy unified application mechanism (10/ 1/ 03)
“Find Opportunity” Strategy•Use FedBizOpps model (www.fedbizopps.gov)•Standard synopsis data •Promote value-added repackaging
“Apply Electronically” Strategy•CCR/ BPN for Organizational Profile (www.ccr.gov)•Single System for submission of grant applications
•Avoids “many-to-many” costs and problems•Data standards for grant applications
•Core = SF424 + DUNS via TS194•Use standards to foster system-to-system interfaces and person-to-system interfaces
•Conform to E- Gov Architecture, including XML
E-Grants: Standards are the Strategy
Collaboration with Grant-Making Agencies•Ensure participation•Meet business process needs•Fulfill grant streamlining mandates
Collaborate with Applicant Communities•Ensure participation•Meet business process needs•Make the process of finding, applying for, and managing federal grants easier, less costly, and more electronic•Encourage collaboration on common solutions and interfaces
Work with E-Grants! [email protected]
E-Grants: Collaboration is the Key