inter-institutional registration
DESCRIPTION
Inter-Institutional Registration. UNC Cause December 4, 2007. Background. 500-600 students each year Various campus agreements No consistency Paper-based process Difficult for students Difficult for administrators Registrars Financial aid University of North Carolina Online - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/1.jpg)
Inter-Institutional Registration
UNC Cause
December 4, 2007
![Page 2: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/2.jpg)
Background
• 500-600 students each year
• Various campus agreements– No consistency
• Paper-based process– Difficult for students– Difficult for administrators
• Registrars• Financial aid
• University of North Carolina Online– Doesn’t scale
![Page 3: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/3.jpg)
Goal
• Policy– System-wide consortia agreement– Registrars & Financial Aid
• Clearinghouse– Management– Tracking– Convenience
• Students• Administrators
![Page 4: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/4.jpg)
Inter-Institutional Registration
Home Institution Inter-institutional System Visited Institution
1. Search for Courses2. Add to Bookbag
Select HomeCampus
3. Request Registration
Sign In 4. Redirect
Confirm & Process
5. Redirect if Successful
Acknowledge
NOTIFY
6. Authenticate
EvaluateRequest
7. Download Request
Process8. Approve & Enter DataNOTIFY
Acknowledge9. Authenticate
EvaluateRequest
10. Download Request
Process11. Approve & Enter Data
NOTIFY
View Status
12. Authenticate
Fully Processcredit hoursfinancial aid
cashier
13. Get Tuition Costs
Done14. Mark as Completed
Student
Registrar
Registrar
Registrar
![Page 5: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/5.jpg)
Phased Approach
Phase I - Manual
• Students– Find courses
– Request registration
• Registrar– Approve/Deny via dashboard
– Manually enter information
• Distributed Authentication
Phase II - Web Services
• Eliminate Data Entry– Campus to Clearinghouse
– Clearinghouse to Campus
– ERP
• Streamline campus operation using Banner APIs
![Page 6: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/6.jpg)
What is Shibboleth?
• Higher education standard– From Internet2– Open standard– Open source implementation
• Federated approach– Single sign on– Signed attribute assertions
• Distributed authentication– Clearinghouse never sees credentials!
![Page 7: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/7.jpg)
Shibboleth Architecture
Service Provider(Inter-Institutional Clearinghouse)
Campus A
IdentityProvider
(tomcat)
EnterpriseDirectory
(LDAP, etc)Apache
• Service Provider - The entity willing to accept identity credentials and attributes in order to provide a service to the user.
• Identity Provider - The entity that knows information about the user and is willing to share that information with another party.
• Enterprise Directory - The local campus directory that contains the information to be shared.
![Page 8: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/8.jpg)
Shibboleth Architecture
Service Provider(Inter-Institutional Clearinghouse)
Campus A
User(via web browser)
IdentityProvider
(tomcat)
EnterpriseDirectory
(LDAP, etc)Apache
1. Request Secured C
ontent
![Page 9: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/9.jpg)
Shibboleth Architecture
Service Provider(Inter-Institutional Clearinghouse)
Campus A
User(via web browser)
IdentityProvider
(tomcat)
EnterpriseDirectory
(LDAP, etc)Apache
1. Request Secured C
ontent
2. Send Redirection
Redirect
3. R
eque
st A
uth.
For
m
![Page 10: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/10.jpg)
Shibboleth Architecture
Service Provider(Inter-Institutional Clearinghouse)
Campus A
User(via web browser)
IdentityProvider
(tomcat)
EnterpriseDirectory
(LDAP, etc)Apache
1. Request Secured C
ontent
2. Send Redirection
Redirect
3. R
eque
st A
uth.
For
m
4. S
end
HTM
L Fo
rm
![Page 11: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/11.jpg)
Shibboleth Architecture
Service Provider(Inter-Institutional Clearinghouse)
Campus A
User(via web browser)
IdentityProvider
(tomcat)
EnterpriseDirectory
(LDAP, etc)Apache
1. Request Secured C
ontent
2. Send Redirection
Redirect
3. R
eque
st A
uth.
For
m
4. S
end
HTM
L Fo
rm5.
Pro
vide
Cre
dent
ials
![Page 12: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/12.jpg)
Shibboleth Architecture
Service Provider(Inter-Institutional Clearinghouse)
Campus A
User(via web browser)
IdentityProvider
(tomcat)
EnterpriseDirectory
(LDAP, etc)Apache
1. Request Secured C
ontent
2. Send Redirection
Redirect
3. R
eque
st A
uth.
For
m
4. S
end
HTM
L Fo
rm5.
Pro
vide
Cre
dent
ials
5a. Authenticate
![Page 13: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/13.jpg)
Shibboleth Architecture
Service Provider(Inter-Institutional Clearinghouse)
Campus A
User(via web browser)
IdentityProvider
(tomcat)
EnterpriseDirectory
(LDAP, etc)Apache
1. Request Secured C
ontent
2. Send Redirection
Redirect
3. R
eque
st A
uth.
For
m
4. S
end
HTM
L Fo
rm5.
Pro
vide
Cre
dent
ials
5a. Authenticate
6. E
mbe
d A
sser
tion
7. Send Assertion
![Page 14: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/14.jpg)
Shibboleth Architecture
Service Provider(Inter-Institutional Clearinghouse)
Campus A
User(via web browser)
IdentityProvider
(tomcat)
EnterpriseDirectory
(LDAP, etc)Apache
1. Request Secured C
ontent
2. Send Redirection
Redirect
3. R
eque
st A
uth.
For
m
4. S
end
HTM
L Fo
rm5.
Pro
vide
Cre
dent
ials
5a. Authenticate
6. E
mbe
d A
sser
tion
7. Send Assertion
7a. Exchange Attributes
![Page 15: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/15.jpg)
Shibboleth Architecture
Service Provider(Inter-Institutional Clearinghouse)
Campus A
User(via web browser)
IdentityProvider
(tomcat)
EnterpriseDirectory
(LDAP, etc)Apache
1. Request Secured C
ontent
2. Send Redirection
Redirect
3. R
eque
st A
uth.
For
m
4. S
end
HTM
L Fo
rm5.
Pro
vide
Cre
dent
ials
5a. Authenticate
6. E
mbe
d A
sser
tion
7. Send Assertion
7a. Exchange Attributes
8. Send Secured Content
![Page 16: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/16.jpg)
UNC Federation
WSSU
WCU
UNCW
UNCP
UNCG
UNCC
UNCCHUNCA
NCSU
NCSA
NCCU
NCA&T
FSU
ECSU
ECUASU
GeneralAdmin
Service Provider
Demo
![Page 17: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/17.jpg)
Security - Ideal
Internet
Firewall
PrivateNetwork
ASU UNC-GA WSSU… …
![Page 18: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/18.jpg)
Security - Actual
Internet
Firewall
ASU
Firewall
UNC-GA
Firewall
WSSU… …
![Page 19: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/19.jpg)
Shibboleth Security
• Solution = Public Key Cryptography– x509 open standard
Service Provider Campus A
User(via web browser)
IdentityProvider
EnterpriseDirectoryApache
SSL EncryptionServer Certificate signed by well known Certificate
Authority (CA)
SSL Signed & Encrypted
![Page 20: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/20.jpg)
Web Services
• Machine-to-machine communication over a network:– Standard protocols/formats– Simplifies exchange of data– Using standard web technologies
• HTTP• XML
• Platform agnostic• Vendor agnostic
![Page 21: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/21.jpg)
Why Web Services?
• Cost effective– Open standards architecture– Acts as middleware between heterogeneous systems
• Automate– Entry of bio-demo information– Enrollment & registration in campus student system– Fee assessment– Fee posting
![Page 22: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/22.jpg)
Standard Architecture
• Service Provider– Owner of the process
– Platform that hosts access to the service
• Service Requestor– Client to request and consume
a service
– Manual or automated initiation
• Service Registry– Searchable directory of
published service descriptions
Service Provider
Service Requestor
Service Registry
![Page 23: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/23.jpg)
Standard Architecture
• Service– Software module deployed on a
network accessible platform
• Service Description– Details of the implementation
– Data types
– Operations
– Binding information
– Network location
Service Provider
Service Requestor
Service Registry
Service
ServiceDescription
![Page 24: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/24.jpg)
Standard Architecture
• WSDL (Web Services Definition Language) defines– message formats
– data types
– transport protocols
– transport serialization formats
Service Provider
Service Requestor
Service Registry
Service
ServiceDescription
Publish
WSDL
ServiceDescription
Find
![Page 25: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/25.jpg)
Standard Architecture
• SOAP - Service Oriented Architecture Protocol
– Framework for packaging and exchanging XML messages
– Typically sent using HTTP
– Language and platform independent
– Lightweight protocol
Service Provider
Service Requestor
Service Registry
Service
ServiceDescription
Publish
WSDL
ServiceDescription
Find
Bind
SOAP, WSDL
![Page 26: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/26.jpg)
Inter-Institutional Web Services(Phase II)
• 3 distinct web services– Each university implements
– Implementation can differ depending on internal processes
– Implementation should make use of APIs provided by Banner & PeopleSoft
• Clearinghouse consumes these services
• Services are invoked via human intervention within the clearinghouse
Service Provider
Service
ServiceDescription
Bind
SOAP, WSDL
Service Requestor
![Page 27: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/27.jpg)
Web Service #1(GET_BIODEMO_INFO)
Home Institution Inter-institutional System Visited Institution
1. Search for Courses2. Add to Bookbag
Select HomeCampus
3. Request Registration
Sign In 4. Redirect
Confirm & Process
5. Redirect if Successful
Acknowledge
NOTIFY
6. Authenticate
EvaluateRequest
7. Download Request
Process8. Approve & Enter DataNOTIFY
Acknowledge9. Authenticate
EvaluateRequest
10. Download Request
Process11. Approve & Enter Data
NOTIFY
View Status
12. Authenticate
Fully Processcredit hoursfinancial aid
cashier
13. Get Tuition Costs
Done14. Mark as Completed
Student
Registrar
Registrar
Registrar
#1
![Page 28: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/28.jpg)
Web Service #1(GET_BIODEMO_INFO)
• Home Campus Registrar initiates– From within clearinghouse
• Clearinghouse consumes service– Passes unique student identifier– Service uses identifier to obtain bio/demo data– Returns data to clearinghouse
• Home Campus Registrar proceeds with work flow
![Page 29: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/29.jpg)
Web Service #2(REGISTER_STUDENT)
Home Institution Inter-institutional System Visited Institution
1. Search for Courses2. Add to Bookbag
Select HomeCampus
3. Request Registration
Sign In 4. Redirect
Confirm & Process
5. Redirect if Successful
Acknowledge
NOTIFY
6. Authenticate
EvaluateRequest
7. Download Request
Process8. Approve & Enter DataNOTIFY
Acknowledge9. Authenticate
EvaluateRequest
10. Download Request
Process11. Approve & Enter Data
NOTIFY
View Status
12. Authenticate
Fully Processcredit hoursfinancial aid
cashier
13. Get Tuition Costs
Done14. Mark as Completed
Student
Registrar
Registrar
Registrar
#1
#2
![Page 30: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/30.jpg)
Web Service #2(REGISTER_STUDENT)
• Visited Campus Registrar initiates– From within the clearinghouse– Provides student ID number if this student has attended before
• Clearinghouse consumes service– Passes all Bio/Demo and course information– Register the student
1. Create/update the student in Banner/PeopleSoft2. Admit the student3. Register student into approved course
– Return information– Student’s unique identifier– Course fees (if automatically assessed at time of registration)
![Page 31: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/31.jpg)
Web Service #3(FINALIZE_REGISTRATION)
Home Institution Inter-institutional System Visited Institution
1. Search for Courses2. Add to Bookbag
Select HomeCampus
3. Request Registration
Sign In 4. Redirect
Confirm & Process
5. Redirect if Successful
Acknowledge
NOTIFY
6. Authenticate
EvaluateRequest
7. Download Request
Process8. Approve & Enter DataNOTIFY
Acknowledge9. Authenticate
EvaluateRequest
10. Download Request
Process11. Approve & Enter Data
NOTIFY
View Status
12. Authenticate
Fully Processcredit hoursfinancial aid
cashier
13. Get Tuition Costs
Done14. Mark as Completed
Student
Registrar
Registrar
Registrar
#1
#2#3
![Page 32: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/32.jpg)
Web Service #3(FINALIZE_REGISTRATION)
• Home Campus Registrar initiates– From within clearinghouse
• Clearinghouse consumes service– Passes tuition/fee and course data– Cache data in new tables (specifically for this purpose)
• Processed in batch mode• Applied to student’s account
– No automated processing of student data
![Page 33: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/33.jpg)
Conclusion
• Lookup & tracking service– Students– Registrars
• Phase I = Fall 2008– Shibboleth (required for participation)
• Phase II = At campus’ discretion– Web Services– UNCG pilot for Banner schools– Suggest PeopleSoft campuses collaborate as well
![Page 34: Inter-Institutional Registration](https://reader035.vdocuments.us/reader035/viewer/2022062721/56813637550346895d9db239/html5/thumbnails/34.jpg)
Questions & Discussion