Duke ITAC - July 21, 2011 Minutes
ITAC Meeting Minutes
July 21, 2011, 4:00-5:30
RENCI Engagement Center
- Duke Digital Initiative 2010-11 wrap-up (Lynne O'Brien, Samantha Earp)
- Technology in School of Medicine's Learning Center (Dr. Edward Buckley)
- SSL certificate directions and options (Richard Biever, Rob Carter)
- Other business
Duke Digital Initiative 2011 Summary
Lynne O'Brien, Samantha Earp
Lynne introduced the Duke Digital Initiative, a collaborative program run primarily by the Office of Information Technology, Center for Instructional Technology, and Trinity College of Arts & Sciences. DDI grew out of the well-known experiment in 2004 in which Duke gave iPod devices to the incoming freshman class for academic use. DDI was organized in the continued spirit of open-ended, low barrier to entry, experimentation with new technology. Each year DDI identifies and acquires a handful of technologies or products, makes them accessible to faculty, staff, and students, and then gathers feedback from the users. Some technologies are found useful from a long-term perspective and transitioned to broad support at Duke. Others found to be more specialized might be transitioned to more niche forms of support within groups. Lynne also noted that some technologies are simply found to be less useful than anticipated and discontinued without transition. A benefit of DDI is that interested users can experiment with a very minimal admission process. The full report for each year is provided on the CIT website. This years report can be found at: http://cit.duke.edu/pdf/reports/DDI2011report.pdf
For academic year 2011, DDI offered 10 iPads to be checked out through the Link Service Desk. This was a largely open ended exploration, allowing all students, faculty, and staff to sign out the devices for any reason. Lynne noted that all iPads were returned in working condition. A larger pool of iPads was managed by CIT for faculty with weekly or semester time frames. Faculty were also able to use this pool for students in their courses. Throughout the year, 400 students, faculty, and staff took advantage of these offerings and checked out iPads. The devices were commonly used for viewing video, web browsing, digital sketching, annotating documents, digital text books, PDF viewing, research articles, peer review and grading, and several interactive iOS specific applications. Users found the iPad was excellent for browsing, speech to text, and video. It also received high marks for eBooks, PDF viewing, and brain storming. The iPad received lesser scores for on-screen keyboard use, annotating documents, and projection. It should be noted that by the time of this document, many of these issues could be addressed in Apple's regular updates.
Another area of exploration for DDI was in 3D video and computer modeling. In this case devices were not loaned out, but specialty labs featuring advanced video editing software and high-end monitors were made available. This technology was applicable to a much smaller number of people and has a significantly steeper learning curve than most DDI technologies. Continued access will be provided but unlikely to move on to broader support.
In the classroom, DDI experimented with Poll Everywhere (http://www.polleverywhere.com/(link is external)) software as a replacement for traditional clicker devices. Both web enabled smart phones and laptops can use this software eliminating the need to purchase additional devices, and providing users with the ability to use a familiar device. Text message capable phones can also be used in place of web browsing when necessary, but campus cellular signal may proved to be problematic in some classrooms. This project will be continued for another year. Ed Gomes will also be pursuing this project as it relates to the eLearning roadmap group. Bob Johnson asked why students could not use the wireless network when cellular networks were unavailable. Lynne responded that many students could, but that the texting feature relies on the cellular network.
Lynne noted that the Link's technology loaner pool has been an extraordinarily used and popular offering. There were 4,000 equipment loans in AY2011, a 26% increase over the previous year. Popular items were Flip cameras, HD video cameras, and 5th generation iPods for simple recording.
In AY2012 the iPad loaner programs will continue with the existing pool of devices for courses focusing on interactive learning and those requiring e-reader devices. Second generation iPads will be made available for those with plans specifically requiring features of the new device. It is anticipated that the new camera feature will be used for recording and video conferencing. There will be a moderate refresh of other loaner pool hardware. Robert Wolpert asked the cost of the polling software. Samantha indicated that total cost for the year was about $3,000 for licensing of Poll Everywhere.
John Board asked if we could have an active feedback loop with Bob Johnson's networking group regarding which classrooms are suitable for these types of activities. Bob replied that his group would be happy to work with the DDI group on understanding and documenting future needs.
School of Medicine Learning Center
Dr. Edward Buckley
Dr. Edward Buckley began by sharing some of the challenges faced in training the next generation of doctors. As the required knowledge base continues to expand, the ability to memorize necessary information is rapidly becoming impossible. Instead, doctors must be able to locate and understand information quickly, and possess critical thinking, problem solving, and interdisciplinary skills. Much of this training is now being done using simulation, virtual reality, and gaming theories. Mannequin simulation is becoming more expensive, and less realistic than it's virtual counterparts. The didactic lecture is steadily decreasing in use.
The new Learning Center facility is being developed with the capability to support not only the above activities, but also the flexibility to change with the future. Prior to beginning the project, Dr. Buckley toured the newly build Link space at Perkin's Library, and feels that space epitomizes this type of project. Learning spaces must vary largely in size, supporting classes with over 200 students, and study rooms for as few as one.
An important aspect of this facility is that IT and AV services must provide audio, video, and data services from anywhere, to anywhere, not only within the building itself, but also across the world. The building will be six stories high and located next to the medical center library, which will be incorporated as part of the learning space.
The 1st floor is a major conference center with a variable sized meeting room for groups as large as 400. At the time of construction, this will be the largest meeting space on the medical campus. The room can be easily divided and used for team based learning, configurable as a pair of 200 seat rooms, or four 100 seat rooms. Waiting areas can be used for additional seating in the future if needed. Projection and wireless connectivity will be provided throughout the building with very little cable being run during construction. The 1st floor also houses an IT center, which provides the ability to handle AV in auditoriums and group rooms from a single location.
The 2nd floor houses the primary entrance to the building and another substantial learning space; a 140-seat classroom built to embrace modern theories of adult learning. According to Dr. Buckley, adults learn by performing tasks rather than being fed information. They need an idea of importance and context for information, and without this the learning curve drops off quickly. Course content will be provided outside of class and students will come on-site to interact with professors and each other. John Board asked if this strategy was based on feedback from the Singapore project. Dr. Buckley said that it was, and that the concept was extremely successful in Singapore. However, a somewhat specific facility is required to accomplish this goal. Chairs must be movable and individuals need to be grouped appropriately, not only for the participants on each team, but for all participants in the room. People do not only interact within their groups, but groups interact with other groups as well.
The 3rd floor is a highly adaptable space. Student labs with movable walls can be divided in halves and fourths, or used as single larger rooms. Walls roll into the ceiling and can be converted in as little 30 seconds.
Alvy Lebeck asked how projection will work in rooms that are heavily dividable. Dr. Buckley noted that this challenge is still a topic of discussion, and that his group would be appreciative of any suggestions ITAC may have. It is unavoidable that moving walls may limit the ability to project in certain areas. Consistency among AV control systems will also be important to establish. Alvy asked how the person facilitating the classroom environment should present in this new type of group based interactive learning. Dr. Buckley responded that a whiteboard was still high on the list of demands from faculty for these rooms. While sophisticated technical resources will be used prior to class, the ability to improvise and write visibly remains crucial. All walls and surfaces will be capable of being written on. John board asked if students will be expected to bring devices with them. Dr. Buckley responded that laptops are already provided for all medical students, and iPads are now being investigated as well.
The 4th floor is primarily student space. A significant lounge area is provided as well as an admissions suite and smaller offices for advisory deans. Every floor has at least one classroom, and the 4th floor's can handle roughly 30 students.
The 5th floor is a simulation center featuring a clinical skills area and a number of rooms for mannequin simulation. These rooms are being created with the intention of evolving into areas for virtual simulation rather than physical in the future. A number of smaller standardized patient rooms are also on this level where role-playing can be done. A standardized 12 patient licensing exam can be conducted in this space, as well as admissions testing.
Samantha Earp noted that similar constructions have had massive support efforts to go alongside them and asked what plans exist for this project. Dr. Buckley responded that a medical IT staff of 6 has been assigned to this project. He hopes that by standardizing the look and feel of services in the building some of the demand for support will be reduced. IT and AV support have locations on the 2nd and 3rd floors.
Molly Tamarkin expressed approval of the interactive learning approach and asked if people have openly accepted the concept. Dr. Buckley responded that there has been significant resistance to change, but that progress is being made. Some courses have already moved entirely to the team based approach. A different teaching methodology at Duke Medicine currently in place is that courses are taught by a large number of faculty, not just a couple of individuals. One particular course today has as many as 100 speakers. Pre-classroom technology and team-based review could reduce the need to physically involve so many people, and instead simply take advantage of their content.
Ed Gomes asked when the facility is expected to be complete. Dr. Buckley responded that the building must be completed in 18 months.
Personal Certificates and Key Escrow
Richard Biever, Rob Carter
Richard stated that while SSL certificates are used regularly to vouch for server names, personal certificates are still relatively unfamiliar to many people. A common use for these certificates today is in email clients for digital signage of messages. Personal certificates can also be used to digitally sign or encrypt documents. Files are typically signed using a private key and decoded with a related public key.
The challenge with personal certificates is that they can be used both as a signing authority, authentication, and for encrypting, or a combination of the three. Rob Carter noted that this is now becoming a topic of discussion at Duke because unlimited use of certificates is provided by the recent InCommon agreement. Personal certificates can be used as part of this agreement as well as SSL certificates, and there is no longer an incremental cost per certificate. Duke also now has the ability to control certificate use parameters.
Messages/files signed with a private key are decoded using the corresponding public key. Files encrypted by a public key can only be decoded by a specific private key. Because of this, if a private key is lost, it can create a serious problem. Key Escrow is a method of storing copies of private keys, similar to a virtual key safe. The benefit of doing so is the ability to recover lost keys. However, as with physical duplicate keys, key escrow presents a potential possibility for fraudulent activity. If used, the reputation and reliability of key escrow agents will be critical.
The dilemma facing Duke today is that in order to begin issuing personal certificates, we must choose to have key escrow or not. This choice is permanent and irrevocable for any Certificate Authority (CA) Duke chooses to operate, although we can choose to operate more than one CA with different characteristics. The current recommendation is to establish separate Certificate Authorities for signing certificates and encryption certificates; to enable escrow for encryption certificates, but not for certificates used for signing and authentication. There is no need to recover a key used for signatures, the signing has already been completed and does not need to be used again with the same key.
Encryption certificates on the other hand, may need to be used again in the future. If Duke decides to issue this type of certificate we must be able to recover keys, otherwise we risk data loss.
Robert Wolpert asked how key escrow plays into issues of eDiscovery. Rob responded that we are unsure at this time, but that data encrypted using a key that we have the capability of recovering could be subpoenaed. Alternatively, if we are not capable of decrypting subpoenaed information, we may have to answer for why we cannot.
John Board asked if the current generation of clients could handle a single certificate being used for all purposes. Rob responded that they could, and that this is purely an issue of policy. Alvy Lebeck agreed that this sounds like a policy based decision rather than technical, and said that it will need to involve Duke Legal and leadership. Alvy also asked what our peer institutions are doing to solve this issue. Rob responded that Duke is on the leading edge of this technology and there are not a lot of existing cases to follow.
Robert Wolpert noted that there are relatively few things so private that he would wish for IT staff to be unable to recover it for him. And in that case, not having key escrow for signage makes sense, but escrow for encryption keys seems reasonable. Rafael Rodriguez asked how the InCommon licensing relates to users who may be affiliated with Duke as a business partner rather than employee of Duke. Rob scmsaid he has not specifically asked that question, but that as long as what the certificate is asserting an identity provided by the institution, it should not matter how the creator is affiliated with the university.
Rafael asked where escrowed keys would be kept if Duke decides to go that route. Rob replied that the escrowed keys would be kept by a third party through our arrangement with InCommon, but could only be accessed through use of a master key maintained by Duke.