Scholarly Identity and Collaboration Dr Ken Klingenstein, - - PowerPoint PPT Presentation

scholarly identity and collaboration
SMART_READER_LITE
LIVE PREVIEW

Scholarly Identity and Collaboration Dr Ken Klingenstein, - - PowerPoint PPT Presentation

Mar 03, 2023 195 likes •338 views

Scholarly Identity and Collaboration Dr Ken Klingenstein, Director, Middleware, Internet2 User Contexts Individuals do trusted Internet transactions in a variety of contexts The enterprise/federated use of identity well- established;

slide-1
SLIDE 1

Scholarly Identity and Collaboration

Dr Ken Klingenstein, Director, Middleware, Internet2

slide-2
SLIDE 2

kjk@internet2.edu

User Contexts

  • Individuals do trusted Internet transactions in a variety of

contexts

  • The enterprise/federated use of identity well-

established; may be enhanced with roles

  • Consumer
  • Citizen
  • Geo-temporal
  • Personal “wallet” – preferred language, accessability,

etc

  • Same identity; different roles; different policies and

governance on privacy, etc

slide-3
SLIDE 3

kjk@internet2.edu

Privacy management

  • Small spanning set of attributes
  • Extensible but end-user manageable
  • Use of bundles to minimize complexity
  • Rich metadata for trusted dialogue
  • Defaults, learning to minimize dialogues
  • Putting the informed into informed consent
  • End user privacy manager with quality UI, some out of

band consent, context-sensitive, getting the defaults right

slide-4
SLIDE 4

kjk@internet2.edu

Elements of Scholarly Identity

  • Attribute management for collaboration
  • The R&S bundle
  • Eduperson and the ORCID identifier
  • Cyberinfrastructure identity
  • CIlogon - www.cilogon.org - bridging federated logon with

national computational resources

  • IGTF type certificates
  • Social to SAML gateways
  • Science Agency data set access controls
  • Collaboration platforms
  • VO IdM + “domesticated applications”
  • CoCoA
  • Opportunities for leverage and integration
slide-5
SLIDE 5

kjk@internet2.edu

Attribute management

  • The R&S bundle is intended precisely for collaboration

and scholarship

  • Hugely eases the boarding process for new apps by

giving IdP’s defaults for necessary attribute release

  • Qualified apps include most R&S services
  • Eduperson normative university schema
  • Should it include the ORCID identifier?
  • If so, how would it be populated?
  • If so, how can it be leveraged?
  • Others?
slide-6
SLIDE 6

kjk@internet2.edu

Data lifecycle access management

  • Agencies call for research data management plans but

neglect long-term access control issues

  • Not all data is public – sensitive, PHI, international or

private, etc.

  • Access controls may change over time, by policy or

sale or types of devices or …

  • Access controls are needed
  • Scalable
  • Linkable identities
slide-7
SLIDE 7

kjk@internet2.edu

Collaboration platforms

  • Drive identity and access control for both general

collaboration and domain-specific apps

  • Leverage existing IdM technologies
  • Leverage existing IdM deployed infrastructure
  • Connect to the scholarly record
  • Offer a variety of implementation and deployment
  • ptions
  • https://spaces.internet2.edu/display/COmanage/Vide
slide-8
SLIDE 8

kjk@internet2.edu

ABC: A Typical Use Case of VO IdM

  • Has 50 researchers who can schedule ABC instruments, run

compute jobs on the TG with ABC allotments, etc

  • Has 500 academics who need access controlled wikis, ad hoc

calendaring (ala Doodle), lists, VO event calendaring, file sharing, chat rooms, videoconferencing, etc.

  • Has administrators at fifteen universities who can access

rosters, change roles, etc.

  • Has partner VO’s in other countries, with varying privileges on

what they can see and use on ABC resources

  • Has outreach coordinators at 50 school districts who can

post/read to certain wiki sections

  • Works closely with publishers, funding agencies, etc.
slide-9
SLIDE 9

kjk@internet2.edu

slide-10
SLIDE 10

kjk@internet2.edu

The LIGO List for domestication

  • wiki/web (read, read-write, admin)
  • mailing list (subscribe, moderate,

post-only, view-archive, admin)

  • repository (read, read-write,

admin)

  • ticketing system (post, view,

modify, manage)

  • voting system (create, vote, view)
  • calendaring
  • polling
  • dcc- document control center
  • command line tools
  • grid space
  • guests
  • google apps
  • conferencing
  • activity streams
  • roster
slide-11
SLIDE 11

kjk@internet2.edu

Integration around the scholarly record

  • Campus scholarly systems, whether home-brew,

emerging open-source or commercial product, need enterprise authentication and basic access controls, e.g. groups and roles

  • Trusted citations
  • Integration of scholarly API’s (e.g. LTI) with federated

richness

  • ScienCV
slide-12
SLIDE 12

kjk@internet2.edu

Opportunities

  • For leverage
  • The value of a unique disambiguated identifier
  • Federation entity metadata
  • For aligned business processes
  • Membership, subscription, delegation, etc
  • Contracts, liability and indemnification
  • For sustainability
  • Scholarly Identity as a Net+ service
  • What to include?
  • Expansive in vision but select in choices
slide-13
SLIDE 13

kjk@internet2.edu

Some thoughts

  • Can all the varieties of metadata sharing use some

common tools

  • Register, publish, aggregate, manage and control
  • PEER, aggregators, etc.
  • InCommon/I2 interest is not discovery of data, not

content or taxonomies but access to content

  • Future – rich metadata for discovery, ontology tools

and mapping but not complex access controls on the data

  • Conservation of policies
  • Reputation systems, experts, the grinding part of

research