WP3: the ÆSOP architecture
• Methods issues: how we did it.• Explaining the architecture:
– latest version of the pictures• Identity management
– Registrars– Relationship managers– Identity managers
• Where next?
A complete, integrated solution….
Architecture
http://www.comnetmedia.deComNetMedia AG, Development, April 2002
Security infrastructureSecurity infrastructure
Application levelApplication level
Letting users acquire, configure and share private spaces
Letting users acquire, configure and share private spaces
Structure versus infrastructure
• Draw a new line on an evolved product.• Construct a metaphor for the revealed
capability• Change the question:
– Not “Tell us what you do and how you do it?”– But “What could you do with this?”
We applied this to other products such as CRM, integration servers,
eCommunity, knowledge management…
What is a “3rd. Generation Portal” ?
Where have they come from ?What is like to be connected to
one ?
“Hubs and spokes” ?
The new “middle” where things can be joined up
Hardware
MiddlewareApplications
Database
New channels and media
The “publication”
layer
What are the metaphors?
Hardware
The HubThe Hub
New channels and media
Recognising & naming
IndexIndexSwitchSwitch
Marshalling & dispatching
Finding & accessing
PortalPortal
Single Authority
Front office
Back office
MiddlewareApplications
Database
New channels and media
Finding & accessing
Recognising & naming
The HubThe Hub
SwitchSwitchIndexIndex
Marshalling & dispatching
PortalPortal
Partnership
Publication & collaboration space.
Agency systems with local records.
Chamber Association
client servicesclient
Administration
Though thirty spokes may form a wheel, it is the hole within the hub which gives the wheel utility.
The Tao Te Ching
Integration does not scale for ever…
…hubs must be able to talk to hubs.
What do they have to say to each other?
Joining up at the regional and
national levels
Federation services
Workflow crossing local
partnership boundaries
Choice, mobility and ubiquity.Identity and
consent across boundaries of
established trust
Hub to hub interactions
Hubs, spokes
Building networks of
hierarchies and hierarchies of
networks...
and axels:Hubs, spokes
Structures like this are not designed in a top down way.
…both real and virtual.
and axels:Hubs, spokes
Building networks of
hierarchies and hierarchies of
networks...
But what would it
feel like?
An example from social
care.
Local Hub SystemsLocal Hub Systems
GatewayGateway
GatewayGateway
Main family local Pane 4
Achievement RecordAchievement Record
SummarySummary
Session log-on
Case HistoryCase History
John Henry Smith
PCT Acute Trust
Social Services
Education
Remote Systems
National Systems
Voluntary
Identity and relationship
• We need some rigorous foundations:– Identity is not a simple concept.– We can not rely of assumptions. – The way we represent it has
consequences.
• Information, events, individuals, transactions.
• Transactional concept of relationship.• Relational concept of identity.
Relationship Rc.
Relationship Ra.
Sets of records of the same individual with different relationships.
A local identifier
Identity attributes
Profile and history
An identity
An Individual
Register 1
Associated identifiers
Register 1
Relationship Ra.
Relationship Rc.
An identity
Ra, P
bRb,
Pb
Rc, P
bRd,
Pb
Re, P
bRf,
PbRg,
Pb
An index correlating identifiers
A relationship type +A provider identity
Sets of records of the same individual with different relationships.
An Individual
Associated identifiers
Ra, P
bRb,
Pb
Rc, P
bRd,
Pb
Re, P
bRf,
PbRg,
Pb
Register 1Registers which use different attribute sets to indicate identities.
Relationship Ra.
Relationship Rc.
An index correlating identifiers
A domain of integration…
…but where is federation?
An identity
A relationship type +A provider identity An Individual
IMPb
Identity Management Provider B
IMPb
IMPa
Identity Management Provider A
Relationship Rb.
Relationship Rk.Relationship Ra.
Relationship Rc.
Ra, P
bRb,
Pb
Rc, P
bRd,
Pb
Re, P
bRf,
PbRg,
Pb
Register 2 Register 3Register 1
Rc, P
b
Rm, P
b
Rk, P
bRl, P
b
Ra, P
bRb,
Pb
Rd, P
b
Rk, P
bRl, P
bRm
, Pb
Ra, P
bRb,
Pb
Rd, P
b
Rc, P
b
IMPa
IMPb
Ra, P
bRb,
Pb
Rc, P
bRd,
Pb
Re, P
bRf,
PbRg,
Pb
IMPb
Register 2 Register 3Register 1
A range of trust models:
A
B
A
BC
A
B
A
BC
A range of modes of centralisation and distribution..
Some thoughts about ÆSOP environments: what is new, what is different? • This is no more than a way of explaining
what we do today…
• …but we needed a new way of explaining.
• The integration/federation as an approach to “ambiance”, “ubiquity”…
• We have proposed a new integration between identity and relationship management – the new “middle”.
• We have identified some new demarcations between structure and infrastructure.
How can we deliver this?
Portal Top navigation
Bottom navigation
Sid
e na
viga
tion
Pane 1 Pane 2 Pane3 Pane 4
Portlet A
Portlet C
Portlet B
Session log-on
The Jetspeed Portlet presentation view
Back Office Applications
Content
WEB Services
PortalPortal
Pane 4Pane 4
Pane 3Pane 3
Pane 2Pane 2
Pane 1Pane 1
Portlet Service α
Portlet Service α
Portlet Service β
Portlet Service β
Portlet Service γ
Portlet Service γ
Portlet service API
Server Platform
Portlet CPortlet C
Portlet BPortlet B
ViewView
ControllerController
CommandCommand
ModelModel
Portlet A
Po
rtle
t in
voca
tio
n A
PI
Po
rtal
en
gin
e
Back Office Applications
Content
WEB Services
PKI smart card & digital signatures
ÆSOP now…
J2EE J2EE
PortalPortal
Pane 4Pane 4
Pane 3Pane 3
Pane 2Pane 2
Pane 1Pane 1
Portlet service API
Server Platform
Portlet CPortlet C
Portlet BPortlet B
ViewView
ControllerController
CommandCommand
ModelModel
Portlet A
Po
rtle
t in
voca
tio
n A
PI
Po
rtal
en
gin
e
Local community resources
Federation services
Remote resources
J2EE J2EE
ÆSOP in the future ?
PortalPortal
Pane 4Pane 4
Pane 3Pane 3
Pane 2Pane 2
Pane 1Pane 1
Portlet Service α
Portlet Service α
Portlet Service β
Portlet Service β
Portlet Service γ
Portlet Service γ
Portlet service API
Server Platform
Portlet CPortlet C
Portlet BPortlet B
ViewView
ControllerController
CommandCommand
ModelModel
Portlet A
Po
rtle
t in
voca
tio
n A
PI
Po
rtal
en
gin
e
Back Office Applications
Content
WEB Services
PKI smart card & digital signatures
ÆSOP now…
J2EE J2EE