VIVA Multimedia Task Force Steering Committee Briefing 7/13/2006
Briefing Paper
VIVA Task Force on Multimedia Collections
Steering Committee Retreat
July 13, 2006
Executive Summary
The VIVA Task Force on Multimedia Collections is considering issues associated with encoding, cataloging, distributing and controlling access to over 500 hours of video that VIVA has licensed from PBS. The PBS collection license allows broad access to online video streams by all VIVA members but requires viewers to login with a user id and password. The task force is pursuing a dual strategy of providing VIVA members with recommendations on hosting their own streaming video content and developing a centrally hosted solution. Each of the paths on this parallel effort will be based on a common set of encoding standards. Each strategy will also be based on an understanding of the circumstances of VIVA members as reflected in surveys done by the task force.
The centrally hosted service would involve a 3 year pilot with UVa providing the service and authentication and authorization handled by open source Shibboleth software, an Internet2 initiative. Shibboleth provides a trust framework for sharing online resources and services among institutions. A Shibboleth project will require buy-in from IT departments on participating campuses and installation of software on each campus. UVa is willing to host an Install Fest to help schools implement the Shibboleth software. VIVA may be asked to underwrite that event. Participation in a centrally hosted service will also require participants to join the InCommon federation. There is a potential for VIVA to play a role in supporting InCommon licensing. To begin the testing associated with such a Shibboleth authenticated streaming video pilot project, it will be necessary to identify a group of VIVA schools who are willing to work with UVa on a prototype service. The most important issue to consider during testing is efficient use of network bandwidth.
The task force is also working on encoding and cataloging standards that will be compatible with centrally hosted and locally hosted streaming services. Task force members are encoding the same title (Influenza 1918) using a variety of different encoding formats, bit rates, frame sizes, codecs, tools and processes. Results will be compared and recommendations will balance video quality with efficient, replicable encoding processes. It is also likely that once a process model has been developed, that files for the initial service can be mass encoded at JMU. At the current time the most promising approach is likely to involve bit rates in the range of 300-800 Kbps in QuickTime format, using the H.264 codec and suitable for streaming on a Darwin or QuickTime server. The task force is also developing a model catalog record for a PBS resource, once again, using Influenza 1918 as the sample case.
Future issues to be considered by the Steering Committee include the VIVA role with regard to InCommon, distribution costs of encoded files, recommendations on cataloging, support for a Shibboleth Install Fest, and the long term implications of establishing a federation infrastructure.
Possibility for a UVa hosted service
Jim Jokl, the network administrator from UVa would be willing to host the VIVA PBS video collection as a Shibboleth service provider. Shibboleth uses open source software to authenticate and authorize access to services for institutions that have joined a federation and developed policy agreements regarding access to services. In this case access for a VIVA pilot would be available to current students, faculty and staff within a federation of participating VIVA institutions. It is likely that a pilot would run for a period of three years after which VIVA and UVa would evaluate our progress and make decisions on future direction.
Shibboleth Basics
Shibboleth requires cooperating pieces of software at the Service Provider (SP) or Target end of the connection and at the Identity Provider (IdP) or Origin end of the connection. Additional software is used to represent and manage the trust relationships between Service Providers (in this case, UVa) and Identity Providers (in this case, participating VIVA schools) in a federation and to route service requests based on the request originator’s response to the question “Where are you from?(WAYF)”
Once Shibboleth has identified the home institution of a person requesting a service the Shibboleth Identity Provider (IdP) software at their institution interacts with the local identity management and directory systems on their campus; people who want to use services login using the approach used on their local campuses and Shibboleth Identity Providers are then able to pass assertions about users to Shibboleth Service Providers. Service Providers provide access to services based on user attributes and policies governing which users or types of users have access to which resources and services.
Background resources on Shibboleth including an FAQ, articles, PowerPoint’s, a WIki and software downloads may be found on the Internet2 Shibboleth web site at:
http://shibboleth.internet2.edu/
And a live demo from the Swiss federation, SWITCH AAI may be found at: http://www.switch.ch/aai/demo/demo_live.html
UVa is currently using Shibboleth to provide their Physics faculty and students with access to a course management system shared with students and faculty in North Carolina. They are also using Shibboleth to provide access to JSTOR; access to JSTOR is based on attributes rather than identity. One of the advantages of Shibboleth is that it protects users’ privacy and identity. Another advantage is that each participating campus would use its own identity management system and information that could be linked to individuals would not be passed across the network.
Streaming and Encoding
For this project UVa would provide the streaming service, hosting QuickTime files on a Darwin server; the library at UVa typically use streams encoded at 300 and 800 Kbps. This assumes a storage requirement of ~1-1.5TB. Jim Jokl recommends that in order to maximize use of available network bandwidth that we consider a lower bit rate than 800 Kbps for a Shibboleth streaming service. A rate of 300 Kbps should be adequate to meet the needs of desktop users with limited access to bandwidth. He was not certain whether we might be able to differentiate between students and faculty in order to offer faculty in classrooms higher bit rate streams to improve presentation quality.
Whether for a Shibboleth solution or for a set of local host recommendations, we will need to settle on an encoding format, bit stream rate, production process and quality control tests. At the current time Windows or RealMedia streams are not a possibility that would address both a Shibboleth approach and local hosting. Encoding and cataloging of the PBS collection will need to be completed before either type of streaming service could be put into production. One requirement for a pilot federation is a format that would be easy to offer from a Darwin streamer, QuickTime, most likely. Flash could be a possibility in the future, perhaps in a federation in which different service providers would assume responsibility for providing access to different encoding formats. The following action item was considered by the Multimedia Task Force at our meeting on May 30, 2006.
Task Force Action Item: Encoding strategy
· File Type
· Codec
· Tool Set
· Bit Rate
· Encoding work flow and responsibility
· File Distribution Process
At that meeting we agreed to try a wide variety of encoding formats and methods with a single title and to document our results so we can compare both the quality of the output and the workflow/overhead associated with the different encoding processes used. The title we are working with is Influenza 1918, part of the American Experience series.
As part of the same effort we agreed establish a recommended approach to cataloging, once again, using the flu documentary as our example. Scott Piepenburg from Hampton has agreed to develop sample catalog records based on that title. Cataloging will address the issues of title, episode and series associated with the PBS collection as well as companion web sites that exist for most of the titles.
Task Force Action Item: Cataloging Strategy
· Schema
· Use of existing descriptive data (e.g. companion web sites)
· Data elements
· Cataloging work flow and responsibility
· Meta-data distribution Process
Shibboleth System Administration
VIVA schools wishing to participate in a federation must be able to set up a Shibboleth Origin; there is potential for UVa and VIVA to co-sponsor an Install Fest to help with that task. A Shibboleth Origin requires a dedicated UNIX box running Apache and Tomcat and a commitment of someone’s time to install and maintain the software. Schools must also have the ability and the willingness to enter into an authentication agreement with federation partners and to tie their Shibboleth origin to their campus authentication service. And VIVA would need to work on a service agreement with UVa, develop policies for the initial project and future projects and determine to what extent it wanted to support federation participants, for example, by developing an agreement with InCommon that VIVA members could opt in on. Right now we have an informal agreement with UVa. Our next step is to identify schools that are interested in developing and testing a prototype. We also need to begin educating the library and IT communities about the requirements and possibilities with this approach.
Implications Go Beyond Video Streaming Service
A VIVA federation offers future potential for shared management of and access to multimedia content. The PBS collection is a potential high payoff, low risk starting point for a federation because access to rich educational content can be extended to a broad audience who need only authenticate themselves at their own institutions. There are other implications for VIVA. Once a federation was established the basic elements would be in place for other shared services as well as for access control to services and resources supplied to VIVA by Shibboleth compliant vendors. Shibboleth could also be used to enable interoperability across diverse integrated library system platforms, opening up new services such as students at one school being able to request loans from other schools. Finally, Shibboleth offers intriguing possibilities for integrating online learning environments across institutions, allowing students and faculty from different places to participate in learning communities in the same way they now share access to the kinds of quality online information provided by VIVA. To the extent that it lays in place the infrastructure for inter-institutional sharing of online services, this means that it is an issue worth the attention of senior management.
Action Item: Discuss federation policy framework in Steering Committee
Service Responsibilities
Our colleagues at UVa are discussing terms for a draft 3-year service agreement with VIVA for a Shibboleth authenticated video streaming service starting with the PBS content licensed by VIVA. UVa would install and configure the Shibboleth Service Provider or Target software and the VIVA members would be responsible for encoding, file distribution, cataloging, and implementing and connecting the Origin software on their campuses with the UVa Target. Training and documentation responsibility would be shared by UVa and VIVA. For this project to succeed close cooperation between the library and IT departments on each campus will be essential. This project has the potential for high visibility since it would be the first large scale Shibboleth project in Virginia, and one of the largest nation wide.
Federation Management and WAYF Service
Federation management involves encoding the policies and trust relationships that govern which services and resources are available to whom at which member institutions. Federation management also includes managing the Shibboleth WAYF (Where Are You From) service which is used to route service requests to appropriate Shibboleth Origins or Identity Providers. In the Shibboleth world the metadata representing the policies and trust relationships between institutions is managed at the national level. The agency responsible for federation management in the US is called InCommon. Roles performed by InCommon include serving as the repository for metadata about trust relationships, functioning as a sort of certificate authority and managing WAYF services for US higher education and research institutions that use Shibboleth to control access to online services and resources.
Another possibility, for those wanting to explore federation technology before making the formal commitment required by InCommon is InQueue, a free test bed. In Queue is currently under review within Internet2 and it is possible that it will be replaced with another test bed in the near future. Neither InQueue nor its replacement will be able to provide the level of security assurance needed to enforce a license contract. It is also conceivable that the services provided by InCommon or InQueue could be implemented at UVa or one of the other VIVA schools. However, that approach would be hard coded and thus difficult to modify or expand as federation needs change. Jim Jokl strongly recommends the InCommon approach. InCommon seems like the best way to take advantage of federation capabilities while maintaining maximum flexibility to support future sharing agreements between campuses.
Schools that want to join InCommon would need to apply for membership and sign a participation agreement, pay a one-time $700 initiation fee and $1,000 per calendar year. It is possible that securing legal approval for the InCommon participation agreement could cause significant delay. At UVa the delay was due to the unwillingness of InCommon to join eVa and concerns over whether the contract is governed by the laws of Delaware or the laws of Virginia. They were able to modify their contract so that the laws of Virginia apply and in the end they had to pay the 1% eVa fee to get around that issue. Perhaps VIVA could take actions on behalf of its members in order to expedite or otherwise support membership in InCommon.
Task Force Action Item: Plan for Implementing Federation Management & WAYF service
Origin Software
VIVA institutions that wanted to participate in a federation would need to install Shibboleth Identity Provider or Origin software and that software would need to be configured to interact with their local attribute authority and identity management solution. Based on the survey done by the VIVA multimedia task force it appears that LDAP is the most widely used identity management solution in the state. However comments and data on other approaches such as Active Directory indicate widespread variation in approaches to identity management. To support a Shibboleth authenticated streaming video service VIVA and UVa would need to collaborate on recommending standards, preparing documentation, building a support network and offering Install Fests to help members get up and running with the Origin software.