Beruflich Dokumente
Kultur Dokumente
Sandy England
Objective - Key Target State
Vision Enablers
2
Target State Vision
Target State Vision
Students, Borrowers,
Financial Partners Federal Agencies Service Providers
Applicants
Customers &
Department of
Partners Schools State Agencies
Education
Enterprise Information
Financial Management
Integrated Partner
Enterprise Access
Common Services
Campus Based
for Borrowers
Management
Management
ADvance
System
System
Enterprise
Applications
3
TSV Architecture Overview
• Integrated Technical Architecture, Portal, ESB, Security Architecture,
Gateway and internal applications are integrated within the enterprise
target state vision
4
Key Target State Vision Enablers
5
What is Integrated Technical
Architecture?
• Common, shared, proven architecture using standardized tools, technology,
and technical support services
• An effective technical architecture supports a business’ ability to deliver
sufficient resources to users
• Provides strategic and economic benefits
6
Integrated Technical Architecture
Benefits
• Leverage current investments and assets -
– Provides simplified, secure, and integrated access to Federal Student Aid
services and resources
– Facilitates an enterprise-wide perspective to planning, developing, and
delivering IT application systems and services
7
Integrated Technical Architecture
Students Schools Financial Partners Vendors Federal Student Aid Others
Firewall
Load Balancer
Cisco ACE
Application Layer
Application Servers Portal Servers Customer Relationship Management
IBM WebSphere (WAS) IBM WebSphere Portal Siebel Application
Supporting Technologies
8
Product Selection Approach
Research best practices Investigate high-level functional
Determine business and
and market research to and technical capabilities of
technical architecture
determine industry each product to create a short
requirements
leaders of products list of vendors to evaluate
Interview/talk with current Conduct Technical Proofs of Determine which products best
customers that are using Concept to determine if products fit by evaluating their ability to
products to assess support are technically compatible with meet the detailed evaluation
quality, etc. existing architecture and meet criteria and understanding their
requirements key differentiators
Provide product
recommendation based on
product’s ability to meet the
key selection criteria.
9
Key Target State Vision Enablers
10
What is a Portal?
• An integrated and personalized access point to information, applications, and
services
• Provides a single, secure, simplified, and personalized access point to
business information
• Delivers integrated content and applications, within a unified, collaborative
workplace
11
Portal Benefits
• Leverage current investments and assets
• Increase productivity and efficiency
• Improve decision-making
• Strengthen constituent goodwill and trust
• Improved customer service and cost savings
• Standard look and feel
12
Portal Framework
Students Schools Financial Partners Vendors FSA Others
Web/Intranet/Telephony
Security Architecture
Framework
Portal(s)
provides a
Presentation Layer: Provides user interface for access channels, such as Web and Telephony
taxonomy for
Services Layer describing
Personalization Search & Categorize Collaboration & Task Mgmt. & Workflow portal
Communication
Content Management Administration & Security capabilities
Business Information and System Services
13
Key Target State Vision Enable
14
What is a Enterprise Service Bus?
• Architecture and an infrastructure that unifies and connects services,
applications, and resources within a business
• Provides the open, standards-based connectivity infrastructure for a service
oriented architecture (SOA)
• Provides communication between systems through shared services
15
Enterprise Service Bus Benefits
• Provides the following Web services mediation
capabilities -
– Centrally apply security (encryption, authentication, & authorization) by
leveraging Security Architecture
– Audit service requests/replies
– Data transformation
– Dynamic routing
16
Current State EAI
Students Schools Financial Partners Vendors Federal Student AidGov’t Agency Others
EAI Core Capabilities -
Public/Private Data Networks
– Assured Message Delivery
FTP HTTP HTTP
– Location Transparency
HTTP HTTP
– Platform Independence
SAIG eMPN eCB
– Protocol Independence
– Single Multi-platform API
FAFSA eZ-Audit
DLSS/
CPS PEPS DataMart
CSB
17
Transition State ESB
Students Schools Financial Partners Vendors Federal Student Aid Gov’t Agency Others
HTTP TBD
HTTP HTTP
Security Architecture
HTTP TBD
SAIG eMPN eCB
Portal Gateway
FAFSA eZ-Audit
ESB Infrastructure
Security Architecture
Enterprise Application Integration (EAI) ESB/EAI Bridge Enterprise Service Bus (ESB)
DLSS/
CPS PEPS DataMart IPM CSB FMS Other IF/SAHM ADvance
CSB
18
Target State ESB
Students Schools Financial Partners Vendors Federal Student Aid Gov’t Agency Others
ESB Technologies
Public/Private Data Networks IBM
IBM IBM
WebSphere
WebSphere WebSphere
Process
DataPower MQ
HTTP TBD Server
IBM
Security Architecture Metastorm
WebSphere
IBM WS RR Data
Message
Integrator
Broker
HTTP TBD
Portal Gateway
Service Service
Security Architecture
19
Key Target State Vision Enablers
20
What is Security Architecture?
• Provides a single, integrated authentication, and authorization framework
• Enables consistent Authentication, Authorization, and Accountability
– Authentication: Who are you?
– Authorization: What are you allowed to do?
– Accountability: What did you do?
21
Security Architecture Benefits
• Provides consistent security services & configurations
across Federal Student Aid systems -
– Decrease security risks
– Improves maintainability of systems
– Offloads ad-hoc application security from application teams
• Gives better service to our customers/partners -
– Simplified sign-on for web applications
– Simplified registration/approval processing
– Delegated administration
• Promote enterprise security management -
– Consolidated security views and reporting
– Flexibility to accommodate new or redeployed systems
– Lowers security development and operational costs
22
Security Architecture
FSA and Trading
Partners FSA Target
State Vision
Systems
System Response
FSA Users
Guaranty
Other Users
Agencies
Collection
Agencies
Manages trading partner
eligibility, enrollment,
and oversight
23
Target State Security Architecture
Students Schools Financial Partners Vendors Federal Student Aid Others
Protocol Firewall
FSA
Enterprise
Bounary Reverse Proxy
Demilitarized Zone Tivoli Access Manager WebSEAL
Domain Firewall
24
Key Target State Vision Enablers
25
What is Gateway?
• It is part of an organization's technical architecture that facilitates the
communication between internal applications and external systems
• Provides separation and security between the outside world and an internal
network
• Acts as a proxy to broker requests between external partners and Federal Student
Aid systems
26
Gateway Benefits
• Creates an enterprise view of external interface
information exchanged with Federal Student Aid
• Enables centralized management of external interfaces
• Provides the capability for an external partner to
upload and download files
• Provides a layer of security between Federal Student
Aid and external partners
• Creates well defined procedures for integrating with
Federal Student Aid services
• Validates and enforces the use of a standard data
schema between systems and enables data consistency
throughout data exchange process
27
Current State
• Multiple communication channels and entry points into Federal Student Aid are
not centrally tracked or managed
• No real-time data interchanges
• Security architecture is not being leveraged
28
Target State Gateway Solution
TSV Gateway solution will be a single communication channel between
Federal Student Aid, external partners and external service providers
External Partners External partners can send batch and real-time data
transmissions.
Lender
Federal Student Aid
Security Architecture
Enterprise Service Bus (ESB)
Guaranty
Agency Gateway Communication Layer Applications
Shared Shared
External Service Service Service
Providers
WS Interface
Service
IRS, SSA,
etc...
WS Interface
29
Gateway Framework
30
Contact Information
I appreciate your feedback and
comments. I can be reached at:
• Name:Sandy England
• Phone:202-377-3537
• Email:Sandy.England@ed.gov
31
Questions?
32