A presentation made by me for the 5th International Conference on Games and Virtual Worlds for Serious Applications (VS-GAMES 2013), at Bournemouth University, UK.
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Federation technology and Virtual Worlds for Learning: Research trends and opportunities towards identity federation
1. Federation technology and Virtual Worlds for
Learning:
Research trends and opportunities towards identity federation
Gonçalo Cruz; António Costa; Paulo Martins; Ramiro Gonçalves; João Barroso
(University of Trás-os-Montes e Alto Douro and INESC TEC, Portugal)
28. 26 - 28 September 2012, Villach, Austria
Thanks for listening
Hope to hear from you...
@GCruzMatos or @elearning_utad
Facebook.com/goncalocruzmatos
Msu Speiser
goncalo@utad.pt
Thanks for listening! Any questions?
@GCruzMatos or @elearning_utad
Facebook.com/goncalocruzmatos
goncaloc@utad.pt
Editor's Notes
The emerging number of terminals supporting IPv4 (Internet Protocol) complemented with the increasing penetration of IPv6, improved geographical coverage and higher bandwidth availability will bring the ability to treat even physical products as e-services. The proliferation of digital identities is also a concern. It is no longer possible the strict interconnection of a user with a digital identity [1].
This allows the emergence of new e-service paradigms that can share services or even combine eservices to create new ones.
Shared services will also bring profound changes on how personal data will be saved and used. The shared control of the user data and the users of services should also be taken into account [1].The customization and personalization capabilities will increase the use of e-services, but the attitudes of the users will take into account considerations of privacy, security and trust on the e-services and in the service providers. To ensure the security, confidentiality, accountability, and reliability of data, the identities of users and information systems is currently a theme on debate.
The concept of identity federation can be understood as a group of organizations or service providers which have built trust relationships among themselves in order to enable sharing of information about the identity of its users. This concept thus allows the possibility of integration and sharing of resources in a secure and reliable way [2].
Federated identity system includes various standards, technologies, and solutions that enable users to access multiple services in the Internet with only a single user identity. This model of identity management can benefit both users and service providers, since users only need to remember the credentials for one account, and service providers can reduce the costs related to the management of identity information. In addition, a number of other benefits can be achieved with federated identity, such as increasing the collaboration and interoperability between organizations and improving security, privacy and usability of the services [3] allows organizations full control over centralized access to all applications, whether internal or external. Organizations also control how validating users, regardless of which credentials that may be required.
Examples in Higher Education European System.
There are currently a large set of systems of identity federation. From systems based on open standards to those based on proprietary solutions, developed by private companies. Nearly all have similar features, ranging in scope and applicability of the solution. However, two architectures stand out. The Security Assertion Markup Language (SAML) is a standard created to exchange security related information between organizations. The Shibboleth specification is anextension of the standard SAML addition to being an example of an identity federation system uses web based implementation methodology of SAML. The WS-Federation, stands out as a specification whose base rests on standards of Web Services framework Security (WSS).
Extensive research agenda can be found addressing Virtual Worlds technology issues and concerns [4][5][6][7]. Here we point out some of them that are particularly related to identity, security, privacy-assurance, and interoperability, where federation systems can have a major role.
Identity - How we can merge real and virtual identities? How we can manage multiple roles and permissions?
Security and privacy assurance - How we can manage digital rights and intellectual property?Unfortunately, there are no currently effective means for managing identity and security for that purpose. As a result, it's difficult to prevent disruptive behavior or inappropriate postings by anonymous users who may appear and quickly disappear. Moreover, to assure intellectual property rights of3D content, and prevent the occurrence of situations like CopyBot [8] (a modified Second Life client which is able to copy copyrighted elements).
Interoperability - How we can merge Virtual Worlds and Websites? How we can cross through heterogeneous Virtual Worlds?If anyone can create a website, it makes sense for anyone to create a virtual world. Furthermore, it also makes sense that an end user's avatar is able to travel from one virtual world to another. However, Virtual Worlds implementations are heterogeneous, and most still don't interoperate. There is a need to develop and find solutions to simplify this user experience, making possible the access between virtual worlds, with users coming and going like on websites.
Hypergrid: an architecture and protocol for securely decentralizing multiuser virtual environments. It establishes an open federation of multiuserapplications that supports the teleporting of user agents between worlds in different administrative domains while preserving user identity, as well as the user's 3D virtual representation and connections tocertain home-world services [9].
Another promising technology, called Medulla, created by the Federation of American Scientists (FAS) and is also still in progress, uses web single sign-on access control with Shibboleth and DSpace databases manager for identity management, team building, information sharing, project management, peer review, data versioning, data archiving, intellectual property management, and learning management in virtual worlds [10].
Similarly, a project called Moonshot, from Janet-led, is developing a single unifying technology for extending the benefits of SAML-based federated identity to a broad range of non-web services, including cloud infrastructures, high performance computing & grid infrastructures and other commonly deployed services including mail, file store, remote access and instant messaging [11].
Virtual Worlds typically use a client-side viewer that renders content stored remotely on servers, but it also makes sense to integrate virtual world viewers into Web browsers. A practical example of that is Jibe [13], an extensible architecture created by ReactionGrid, that uses a middleware abstraction layer to communicate with multiple backend systems (currently SmartFox & Photon) and frontends (currently Unity3D, ready for WebGL). The Jibe platform also includes detailed logging of in-world events and user tracking, and the ability to integrate with existing user databases like LDAP, Facebook Connect, LMS and CMS.
Another well-known project that merges Virtual Worlds and websites, with a great emphasis in the educational community, is SLOODLE [14] - a free and open source project which integrates the multi-user virtual environments of Second Life and/or Open Simulator with the Moodle learning management system. One of the most fundamental affordances of SLOODLE is to pair Moodle users to their virtual world avatars. When a user clicks on the Second Liferegistration booth, while logged in with their avatar, they are prompted to visit a Moodle registration page. However, there are fairly strict limitations on the amounts of data that can be sent in a single request and received in a response and additional issues relating to authentication and checking permissions still missing. This simply outlines how itis possible to integrate Second Life virtual world and Moodle.
The use of Virtual Worlds for educational purposes is well documented within several studies, and has been increasingly adopted in a cross-disciplinary way. However, running and managing educational activities in these environments is a hard task yet, particularly in formal learning contexts, where institutions face a wide range of technological challenges. Therefore, we are moving toward a Virtual Worlds technology maturity process, and identity federation will have a critical impact on its widespread adoption by educational community.
the fluidity and playfulness inherent in virtual world’s identity construction can be disconcerting and confusing. Building social relations can be problematic and fraught when identities are never fixed and the freedom to play with identity and manage reputation can become an issue of concern, and accountability for actions becomes displaced. Identity federation provides the identity and trust needed to be certain that the students and instructors participating are who they say they are. For instance, parents could ensure that when their children went to an online virtual world for kids, everyother person there had been properly authenticated and was really a kid.
Secondly, designing and running teaching activities requires time and multiple skills to address issues such as intellectual object permissions, property rights, and accessibility. Identity management provide access-control mechanisms, similar to digital rights management, that could limit the rights to user or control smart devices to the owner or others who have been granted that right. In practice, it makes possible that a teacher of one school or institution uses 3D resources and spaces from teachers of other schools or institutions, thus increasing time-efficiency and reusability. Similarly, a student from one school or institution can participate in virtual classes from teachers of other schools or institutions.
Besides this, another important concern within Virtual Worlds technology, for it to be successfully adopted by mainstream educators, is the need to be able to share data and interoperate with existing web-based information systems in a federative way. The lack of course management and learningsupport tools, available on web but missing in virtual worlds, is wasting opportunities to enrich the learning experience. Class lists, access controls, quizzes, grade books, asynchronous forums for discussion, e-portfolios, video conferencing, etc., are traditional well known tools that educators and institutions are already comfortable and willing to use. As we saw before, SLOODLE was a first step toward this kind of possibility. Thus, we need solutions on how tointegrate 2D and 3D environments (especially social networks like Facebook, Twitter, etc. - in order to migrate our currently relationships and social connections), in a way that assure one unique user identity regardless the side in which we find ourselves.
Finally, we are one step behind to achieve Massive Online Open Courses (MOOCs) in Virtual Worlds. For instance, identity federation can help educational politics to lead, globally, a joint network of 3D schools and universities. With the agreement between different organizations and systems forshared identity information beyond internal boundaries, controlling and monitoring (through authentication and authorization processes) the access to protected resources based on users attributes (can be staff, faculty or student), it will be possible to bridge the gap between Virtual Worlds andformal learning
This would allow educational institutions to create their own Virtual Worlds in a secure, sustainable and cost efficiency way. It raises the possibility to cooperate between other organizations, in the development of federated environments and/or serious applications, tracking students learning performance and results. This will bring us huge amounts of data, related to the learning and teaching processes in Virtual Worlds. We will be able to take a deepenunderstand on how we interact with our students and resources in Virtual Worlds, what are the most used tools, visited spaces, which students are scattering from the course focus, etc., during the learning process. If identity federation occurs, Learning analytics and Virtual Worlds will be other researchtrend in the near future.
Many areas of virtual world technology need further exploration, but we are moving toward standardization that help insure interoperability: Collada is recognized as the standard for graphical content; the IETF Virtual World Region Agent Protocol effort focused on interoperability, but has beenabandoned; the Web 3D Consortium is also developing 3D standards; and the IEEE Metaverse Standards working group is developing a glossary and a reference architecture for virtual worlds [5]. However, most of the standards efforts have concentrated on virtual worlds' graphical aspects, neglectingother important areas that can impact the widespread adoption of Virtual Worlds by formal education institutions, as identity federation (with the ISO/IEC effort known as MPEG-V being a notable exception but still lacking depth).
There is a need for consensus in order to connect digital identities with physical identities, thus creating a unique federated identity system that can act independently from the service in use. Instead of the need to adapt virtual worlds to the federation systems, we need an open agreement that allowsvirtual worlds with basic federated and interoperable standards capable to adapt within the broad range of available services on the Internet. This way, Virtual Worlds technologies are able to scale and evolve independently within the different research areas, without compromising the user’s identity. Forinstance, if a student have an identity in their educational institution to access their learning management system, e-mail service, etc., the same student have to be also recognized as it when access to the virtual world (even with different kind of roles and permissions).
This kind of approach allows federated worlds, services and identities to evolve towards user-centric management, where the focus is on the physical identity and not on the services or infrastructures. That must allow the user to determine which information should be revealed to whichparties and for what purposes, how dependable those parties are, how they will deal with the information, and what are the consequences of sharing their information. This can change the paradigm of identity management - not only a business process, but a user activity [15].