Duke ITAC - April 25, 2019 Minutes
ITAC Meeting Minutes - Thursday, April 25, 2019
4:00 – 4:05 – Announcements
The ITAC Chairs Ken Rogerson and Tracy Futhey warmly welcomed all to this last meeting of the academic year and there were no announcements.
4:05 – 4:20 – Wireless SSID Consolidation, Richard Biever, James Nesbitt, John Robinson
What it is: A Service Set Identifier (SSID) is the technical term for a wireless network’s name. For example, at Duke, SSIDs include “DukeBlue” and “eduroam.” This presentation will explain proposed changes to Duke’s wireless networks – primarily, consolidating SSIDs to a smaller list, with eduroam as primary – and the reasoning behind them, as well as potential benefits or drawbacks. ITAC members are invited to pose questions about how this would affect users.
Why it’s relevant: Changes to wireless offerings will affect the entire Duke community and how we connect to the web. This specific proposal will require careful communication with end users, but it would also lead to advances in infrastructure.
Duke’s students, staff, and faculty register for each one of the SSID networks and often have to switch over to a different wireless network several times in the course of the day. Some devices automatically start to flip between various networks whereas some prefer the most open network and default to Visitor. To improve the overall usability-experience the number of SSIDs are being consolidated from 6 to 3.
SSIDs Before Consolidation:
- Dukeblue – default network
- DukeOpen – IoTs, door locks and building control systems, and other known devices
- Eduroam – Duke’s primary wireless network for visitors
- DukeVisitor – guests and non-Eduroam visitors
- GoDuke – mainly configured for athletic events and not available in all locations
- Duke-maintenance – setup for troubleshooting
The proposed plan is to reduce the SSIDs after Consolidation to:
Why Eduroam is a better option:
- It already exists
- Strengthens and eases login as security is certificate-based/device-based and only needs to be done once as it authenticates the device and future netid/password changes don’t have to be reconfigured for that device
- Dynamically separates Duke users from guests by configuring a portion of the network behind the scenes as a VPN
- Duke travelers (both outgoing and incoming) are already enrolled in Eduroam and connect seamlessly
- Reduces the number of choices and confusion for the clients from cycling and flipping through SSIDs
- Dynamic assignment to network segments based on roles/authorization
DukeOpen will provide:
- Better controls for IoT devices (end users and network security) such as wireless door locks and known devices will be registered
- Seamless connection to Duke visitors that are non-Eduroam visitors
The transition timeline is as follows:
- Duke-maintenance (Q3-Q4 2019) to GoDuke
- Duke-visitor (Q4 2019 - Q1 2020) to DukeOpen
- Dukeblue (Q2-Q3 2020) to Eduroam
In conclusion, configuring a network involves a bit of art rather than just logic and science alone and is customizable in many ways. This proposal is an idea of identity-based networking where once authenticated a user’s network traffic can be dynamically segmented off to a portion of the network that best suits their connectivity needs. This will also allow for greater control of IoT devices as known devices will be registered. The transition will be seamless and done in phases as certificates will be pre-installed before everyone can connect to the new wireless networks.
Q1: How many faculty, staff, and students are registered for Eduroam?
A: Several thousand as of last count.
Q2: When are you going to transfer the certificates?
A: The certificates are based on the device so once a device is registered and authenticated it will dynamically connect to the appropriate segment of the network.
Q3: Are there downsides to our principal network not being Duke branded? Many of our peers have switched to similar architecture and all traffic connects to the same network. We don’t anticipate any issues as we have been in discussions with our counterparts in the Health System network and had positive feedback.
Q4: How are the devices configured for the network now?
A: Currently, we’re using a Cloud-based service called SecureW2, a solution that configures and auto-enrolls managed devices for certificate-based authentication.
Q5: What happens with the Health System now because we made great strides last year in agreeing that DukeBlue would be broadcasted within the system and now Eduroam is becoming primary?
A: One of the concerns in the Health systems network is the number of SSIDs. The discussions with the Health system network counterparts have been positive understanding that communication is vital to make the transition seamless.
Q6: What is the use case if I am a Duke student or faculty or a device and choose DukeOpen?
A: If you’re connecting for the first time as a student, staff or faculty, you will be first directed to the registration page and then steered over to the appropriate network. In the case of a device, authentication is done via certificates when the device is registered so the devices do not see a splash page which is same as today.
Q7: I just got a spy camera or a drone so how do I connect?
A: You will need to go to the registration page to authenticate the device.
4:20 – 4:45 – Web Accessibility and Automation Tools, Joel Crawford-Smith
What it is: Duke is committed to making web content available to all. Joel will provide an update on our digital accessibility initiatives, including progress made and new areas of focus. He will also demonstrate accessibility automation tools, and how to use them to assess and address conformance with web content accessibility guidelines.
Why it’s relevant: Following web accessibility best practices not only meets legal compliance, but it also supports the Duke community’s mission to foster inclusivity. A deeper look at the guidelines and tools behind these practices will help promote understanding of why web accessibility is so important and how we can apply it to our web platforms.
The web accessibility automated tools can specify if something is not accessible but cannot specify if they are. The assessments automation and creation tools use OpenAssessIt, available on Github under OpenAssessItToolkit as follows:
- Indicates issues that can be automated
- Takes screenshots of failing elements using Chrome or Firefox
- Lists manual checks
Monitoring Automation to Detect major changes includes:
- Running Lighthouse reports on Tiered websites every 23 hours
- Converting Deque’s Lighthouse JSON to log format and sending to Splunk
- Splunk sends alert when score changes to detect new features or redesign launches and also checks the best practices score
- Investigating changes by getting the last stored image
PDF Detection Automation includes:
- Searching Splunk server logs for list of most downloaded PDF files. It is very expensive to correct PDF files, and if not tagged with correct reading order, it’s just stored as an image.
- Exporting as CSV.
- Running OpenDiffIt on github for evaluating differences to look for new or updated PDFs from last report
- Reviewing diff files
Q1: Do you teach classes?
A: Yes, as requested.
Q2: How often do you run checks to look for differences?
A: The checks are mainly automated but can also be run on demand.
4:45 – 5:00 – Full Frame Festival Virtual Reality Experience, Michael Faber, Mark-Everett McGill
What it is: The Full Frame Documentary Film Festival approached OIT and the Center for Documentary Studies to coordinate a first-of-its-kind virtual reality (VR) experience for this year’s festival attendees to watch the made-for-VR documentary, Traveling While Black – a “3D/360-degree immersive experience that confronts the ways we understand and talk about race in America.” Michael and Mark will walk us through this partnership and how OIT provided technical oversight for the experience.
Why it’s relevant: Duke is exploring new and innovative uses for VR technology in the learning environment, and this community partnership helps bring VR to a wider audience. We will discuss how VR enhanced the documentary experience and what steps Duke took to make it happen.
- organizers of the Full Frame Documentary Film Festival approached OIT for assistance in featuring a made-for-VR film, Traveling While Black, and as a result the partnership with Full Frame, Center for Documentary Studies, and Innovation and Entrepreneurship created an extraordinary experience in making this possible. organizations collaborated as follows:
- CDS provided logistical support
- OIT provided technical support
- I&E provided location (Bullpen)
OIT, in its technical role, setup four viewing stations with swivel chairs in the I&E classroom and carried 8 Oculus Go headsets. The footage for the film was already loaded prior to the event thereby making these devices self-contained as in a travelling show and eliminated relying on network availability. Attendees signed up to watch the show and the event was held for 2 straight days. While four headsets were in use, the other four were being charged. The staff were present to assist viewers with setup, sanitize equipment, and answer any questions.
Travelling while Black is a real story based on The Green Book, a survival guide, first published in 1936, that African American travelers relied on to avoid brutal discrimination; it listed safe places that would fulfill their basic needs. In 1958, Ben and Virginia Ali’s new restaurant, Ben’s Chili Bowl, joined the list. The show is an emotionally moving and immersive VR experience about race and restricted movement in America and the viewer connects face-to-face with the characters in an intimate booth at Ben’s Chili Bowl. This was a 3D/360°VR experience like no other and the people were very moved.
In conclusion, this successful partnership demonstrated our preparedness to push the boundaries between media and technology and created a positive experience for all. All organizations were very excited with the outcome and want to partner again for other similar experiences. We look forward to partnering with these and other organization in the future using the latest VR/AR tools.
Q1: How did the Film Festival find us?
A: OIT was approached by Full Frame and showed a keen interest in this partnership.
Q2: How can the scalability be addressed?
A: Since this is a single person experience, obtaining more headsets will allow for more viewers.
Q3: Did the 20 minutes viewing drain the battery?
A: No, we charged the headsets after 4 viewings but charging takes the same amount of time as running the full battery.
Q4: Is there now an established standard or did this movie have to be produced for this particular hardware and can only be played on it?
A: The film is co-produced by Oculus Go, maker of the VR headsets, but it can also be played on another VR hardware as long as it’s made for 360 VR.
Q5: Were staff from OIT required to be present at the theater the entire time?
A: OIT staff were present most of the time and we had an excellent team of well-trained students providing coverage.
Q6: How did the viewers respond?
A: If a viewer was found facing in one direction for an extended period of time, and since the show was emotionally heavy, immersive and transporting, we asked the staff to gently tap on their back and spin their chair. The viewers were also advised to pause the show and/or take breaks if they felt any adverse symptoms.
Q7: What are the other things coming in the realm of VR/AR that we should plan for and when can ITAC members experience this technology?
A: We plan to do another screening of this show at any location including the ITAC meeting space.
- Many areas including the School of Nursing and Medical Engineering see tremendous value in the VR/AR technology.
- It is also a great tool for giving an immersive experience in learning Empathy in a clinical home care as it allows someone to wear a headset and be the person who is suffering or disabled.
- We are continuing to talk with Microsoft about VR/AR and once we have a few use cases, we can request them to provide some headsets.
5:00 – 5:30 – Celebration