MIDDLEWARE

The sixth release of the National Science Foundation Middleware Initiative (NMI) - NMI-R6 - offers several new components relating to end-user authorization services. Architected to integrate with academic and research software and infrastructures such as Grids, the release is available under open-source licenses to the public at www.nsf-middleware.org. New and updated components in NMI-R6 include standards-based intra- and inter-institutional authentication and authorization components, frameworks, and related directory schema. Designed to address specific challenges in research and education security infrastructures, the release includes a rich variety of tools that enable researchers to work more efficiently. "NMI-R6 represents the continued identity management work critical for the seamless and secure access to resources," said Kevin Thompson, NSF program director for NMI. "It contains the introductory releases of privilege, authorization decision, and group management tools that fit together and provide ways to manage security and access in the complex research and education environments," added Ken Klingenstein, Director of Middleware and Security for Internet2 and Principal Investigator of the NMI-EDIT project. "Researchers will be able to use their local credentials to access restricted resources supported by national and international virtual organizations." Upcoming releases of NMI will feature components that enable the scalable integration of campus and Grid infrastructures and reduce the complexity in managing their daily academic, institutional, and research work. The NMI-R6 release features NMI-EDIT's Signet: An Introduction, a set of privilege management tools based on the Stanford Authority System in use since 2001, Signet allows the delegated management of resource access privilege information that can then be provisioned to applications or directories. Also included in the release is Grouper, a set of group management tools that integrates with Signet or can be used independently. Also new for Release 6.0 is SPOCP, a language and software used for making authorization decisions. Companion components include new schema: of eduMember, which holds group-related information, and eduCourse, which is used to describe academic course information. The draft of the new Enterprise Implementation Authentication Framework, offering organizations assistance with implementing well-designed authentication infrastructure, is also included. Other NMI-EDIT tools updated for NMI-R6 include Shibboleth, an inter-institutional authorization system; A-Select and Cosign, two web initial-sign-on packages; PERMIS, an authorization package; eduPerson, the de facto standard directory schema for higher-education; H.350 Cookbook, documentation describing the use and implementation of the multimedia directory schema; and Pubcookie, an web initial sign-on package. The GRIDS Center is pleased to announce a new resource to help make sense of the complicated and ever growing landscape of Grid technologies. The web reference version of the Grid Ecosystem has been adapted from a highly successful set of tutorials presented to more than 160 people over the last 6 months. The Grid Ecosystem provides a mix of high level discussion on architecture and main subsystems, and drills down into technical detail and reference pointers for individual software packages. Also new from the GRIDS team in NMI-R6 is a pilot community collaboration server. Targeted for members of the NMI community, this is an opportunity for everyone involved in this community to discuss, publish and disseminate information and success stories with cyberinfrastructure activities. GRIDS Center continues to support the R5.1 software stack released on August 31, 2004. The baseline Grid software stack provided as the GRIDS Center Software Suite will be updated early next calendar year, and will include the forthcoming Globus Toolkit Version 4.0. Custom stacks are available upon request. The other NMI systems integrator teams include the Open Grid Computing Environments Collaboratory (OGCE) and the Common Instrument Middleware Architecture (CIMA) team. CIMA seeks to develop a standard, reusable Grid methodology for access to instrumentation devices such as synchrotrons, embedded network monitors and wireless sensors. OGCE builds on the Grid-service specifications to enable the creation of Grid portals or web-based user interfaces that simplify the process of identifying and accessing Grid resources. OGCE's current release includes standards compliant portal components ("portlets") that may be used to quickly build a Grid portal out of reusable components that encapsulate common Grid operations like proxy credential management, file management, system monitoring, and remote command execution. OGCE portlets may be reused between different vendors' portal containers and are tested against NMI releases on the University of Wisconsin's NMI testbed. In September 2001, the first NMI systems integrator teams, GRIDS Center and NMI-EDIT, began work along with a number of smaller targeted awards. Along with the continued funding of its original teams, the OGCE, CIMA and new experimental projects were added in 2003. After six releases of software, tools, and practices, NMI is at the leading edge of the growing "cyberinfrastructure" established to support the next generation science and engineering.