Project Brief
Document Sign-off
|
Name |
Role |
Date signed off |
|---|---|---|
|
Graeme Wood |
Project Sponsor Service Owner |
25/05/2017 |
|
Maurice Franceschi |
Programme Manager |
13/04/2017 |
|
Jon March |
Project Manager |
13/04/2017 |
|
Kenneth MacDonald |
Senior Supplier |
25/05/2017 |
Background
This project is required to maintain the integrity and reduce the costs of running the EASE authentication service. The EASE authentication service is overdue a software, management process refresh.
This project will:
- Encrypt data at rest in the database, reduce the risk of unauthorised access to that data.
- Host the EASE service on a Linux platform, our platform of choice.
- Produce the application using best practise management methods, e.g. source code version control and appropriate development environments, and thus reduce effort, complexity and risk when making improvements and bug fixes.
- Apply EdGel themes to User Interface
This project may:
- Move documentation from www.ease.ed.ac.uk to EdWeb.
- Use LDAP groups for authorisation to web applications, and eliminate the need to manually maintain local files on each server.
- Split COSIGN login service from other user facing utilities, and enable future automation of COSIGN service registration process.
Scope
The new EASE service will:
- Host all technical components of the EASE service on the virtual hosting service
- Be ported from Solaris to Linux
- Be themed with EdGEL
- Encrypt sensitive data in a Galera database cluster
Authorisation
- Utility web applications may authorise computing officers via the Central Authorisation service, using LDAP.
Documentation
- User documentation may be reviewed and published on EdWeb.
- System administrator documentation may be moved to a new EASE space on the Central Wiki.
Development
- Locally developed or patched third party source code, will be in version control, and deployed as RPMs.
- New system will be load tested.
Out of Scope
The project / re-implemented services will not:
- Change the user registration experience when joining the University
- Change the roles of LIVE, TEST and DEV EASE
- Change the operation of the Kerberos KDCs
- Change the EASE Friend facility
- Change the EASE the structure database tables (beyond encrypting sensitive data)
- Require changes to other EASE protected web services
- Re-implementation of round robin DNS management scripts
- Re-implementation of GeoIP log analysis
Potential future work
COSIGN service:
- Registration process improvements to enable future automation
- Registration web application re-implementing using the Django framework
Objectives and Deliverables and Success Criteria
Unless otherwise indicated, the deliverables are a success when accepted when accepted by the Project Sponsor and Service Owner.
|
Description of the Objective |
Success Criteria |
|
|
Objective 1 |
Modern Database |
|
|
Deliverable 1.1 |
Galera Cluster |
|
|
Deliverable 1.2 |
Migrate Data |
|
|
Deliverable 1.3 |
Add Encryption |
|
|
Objective 1 |
Move Documentation |
|
|
Deliverable 2.1 |
EdWeb Pages |
|
|
Deliverable 2.1.1 |
Investigate embedded apps in EdWeb |
|
|
Deliverable 2.2 |
Wiki Space |
|
|
Objective 3 |
Use Central Authorisation |
|
|
Deliverable 3.1 |
Design Strategy |
|
|
Deliverable 3.1 |
LDAP Groups |
|
|
Deliverable 3.2 |
Apache Configuration |
|
|
Objective 4 |
Migrate to Linux |
|
|
Deliverable 4.1 |
Web App RPM(s) |
|
|
Deliverable 4.2 |
Utility RPM(s) |
|
|
Deliverable 4.3 |
Cosign Server RPM |
|
|
Deliverable 4.4 |
Web App Service |
|
|
Deliverable 4.5 |
Cosign Service |
|
|
Deliverable 4.6 |
New VMs |
|
|
Deliverable 4.7 |
GeoIP |
|
|
Deliverable 4.8 |
DNS scripts |
|
|
Objective 5 |
Deploy Like for Like |
|
|
Deliverable 5.1 |
Re-develop without EdGel |
|
|
Deliverable 5.2 |
Test in Proj-EASE |
|
|
Deliverable 5.3 |
Deploy to Dev-EASE |
|
|
Deliverable 5.4 |
Deploy to Test EASE |
In June 2017 |
|
Deliverable 5.5 |
Load Test |
In June and July 2017 |
|
Deliverable 5.6 |
Deploy to Live EASE |
We will have ported the current EASE service from Solaris to Linux by in August 2017. |
|
Objective 6 |
Apply EdGEL |
|
|
Deliverable 6.1 |
(Place holder) |
|
|
Deliverable 6.2 |
Re-develop with EdGel |
|
|
Deliverable 6.3 |
Deploy to Dev-EASE |
|
|
Deliverable 6.4 |
Deploy to Test EASE |
In June 2017 |
|
Deliverable 6.5 |
Load Test |
In June and July 2017 |
|
Deliverable 6.6 |
Deploy to Live EASE |
We will have ported the current EASE service from Solaris to Linux and themed it with EdGEL by the in August 2017. |
|
Objective 7 |
Communications |
|
Requirements
Requirements are aligned with objectives and deliverables, and also the opportunity to realise the benefits.
|
|
|
MoSCoW |
Set By |
|
Requirement 1 |
Encrypt data at rest in the database |
M |
PS, SO |
|
Requirement 2 |
Move documentation from www.ease.ed.ac.uk to EdWeb |
S |
PS, SO |
|
Requirement 3 |
Use LDAP groups for authorisation to web applications |
C |
PS, SO |
|
Requirement 4.1 |
Host the EASE service on a Linux platform |
M |
SA |
|
Requirement 4.2 |
Split COSIGN login service from other user facing utilities |
C |
PS, SO |
|
Requirement 5 |
Produce the application and manage source code using best practise management methods |
M |
PS, SO |
|
Requirement 6 |
Apply EdGel themes to User Interface |
M |
PS, SO |
Benefits
The project will realise the following benefits:
- Reduce cost of making changes to the EASE service in response to business requirements.
- Reduce risk of sensitive data breaches.
- Improved consistency of the EASE service with the rest of the University website.
- Simplification of business continuity planning for the EASE service.
Governance
Portfolio Governance
|
Role |
Name |
Division / Group / Team / College / School and Title |
|---|---|---|
|
Project Sponsor |
Graeme Wood |
IS / ITI / Enterprise Services, Manager |
|
Programme Owner |
Tony Weir |
IS / ITI, Director of |
|
Programme Manager |
Maurice Franceschi |
IS / ITI / Programmes Management, Portfolio Manager |
|
Portfolio Owner |
Tony Weir |
IS / ITI, Director of |
|
Portfolio Manager |
Maurice Franceschi |
IS / ITI / Programmes Management, Portfolio Manager |
|
Service Owner |
Graeme Wood |
IS / ITI / Enterprise Services, Manager |
Project Board
|
Role |
Name |
Division / Group / Team / College / School and Title |
|
Project Sponsor |
Graeme Wood |
IS / ITI / Enterprise Services, Manager |
|
Service Owner |
Graeme Wood |
IS / ITI / Enterprise Services, Manager |
|
Project Manager |
Jon March |
IS / Apps / Proj Svcs, Project Manager |
|
Senior Supplier |
Kenneth MacDonald |
IS / ITI / Enterprise Services, Computing Officer |
|
Solution Architect |
Kenneth MacDonald |
IS / ITI / Enterprise Services, Computing Officer |
|
Senior User |
Hugh Brown |
IS / Apps / Production Management |
|
Senior User |
Neil Bruce |
IS / User Services / Operational Services |
Tolerances
To be delivered by early to mid August or in December 2017.
Resources Skills and Cost
Budget
Applications, Project Services - 20 days
ITI / Enterprise Services - as required, expected to be 70 days
User Services - 10 days
Applications, Production Management - 3 days
Applications, Development Services - 5 days
Priority and Funding
Priority - 1 (Top)
Funding - 20 days (for Project Management)
Project Team
|
Role |
Name |
Division / Group / Team / College / School and Title |
|---|---|---|
|
Project Manager |
Jon March |
IS / Apps / Proj Svcs, Project Manager |
|
Senior Supplier, Solution Architect, Solution Development, Application Support |
Kenneth MacDonald |
IS / ITI / Enterprise Services, Computing Officer |
|
Solution Development, Application Support |
Mark Cairney |
IS / ITI / Enterprise Services, Computing Officer |
|
Solution Development, Application Support |
Gavin Gray |
IS / ITI / Enterprise Services, Computing Officer |
|
Operational Docs, IS Website update, Is Helpdesk briefing |
Gavin Anderson |
Is / User Svcs / Ops Svcs / User Supp (Helpdesk), Asst Computing Officer |
|
|
|
|
|
For info only |
Graham Newton |
ITI / Desktop Services |
|
Virtual hosting service provision |
Martin Campbell (few hours) |
IS / ITI / Enterprise Services, Computing Officer |
|
Solution consultant |
Toby Blake (few hours) |
CSE / Informatics |
|
Senior User, Contributor |
Hugh Brown |
IS / Applications / Production Management |
|
|
|
|
|
Senior User Test main applications (which ones?) |
Alain Forrester (few hours, not day) |
ITI / ??? / CPanel, web hosting service |
|
Pre-deployment checks (infrastructure) |
Heather Larnach (few days) |
ITI / Apps / Prod Mngt / Technology Management |
|
Test main applications (which ones?), Pre-deployment checks (application) |
Various SOs, SOMs or nominated testers |
IS / … |
|
Other website sysadmin(s) |
Ask for volunteers |
Via a mailing list: ease-admins@mlist.is.ed.ac.uk |
|
|
|
|
|
Support integration testing with new Cosign infrastructure. |
Mark Lang |
ITI / Apps / Dev Svcs / Dev Tech |
|
Load testing |
Defeng Ma |
ITI / Apps / Dev Svcs |
|
EdGel consultant |
Mairi Fraser |
ITI / Apps / Dev Svcs |
|
Senior User? EdGel knowledge, user side? UoE website svc owner |
Stratos Filiathis |
CSG / Learning Teaching and Web (LTW, “The Web Team) |
|
|
|
|
|
Communications Assistance |
Chris Kant |
IS, User Svcs, IT Consultancy |
Quality of Project and Deliverables / Key Project Milestones
|
Milestone |
Sign-Off means |
Date of Milestone |
Who signs-off (Accountability) |
Start of Project |
Project can begin, is in line with Programme and Portfolio priority, has resource |
15 Mar |
Sponsor, Programme Manager |
End of Planning |
Project Brief, Plan, Estimated Budget, Risks, Communication Plan - all approved. Project has resource approved by section head for the estimated effort. Project has funding for effort for other costs. |
24 May |
Sponsor, PM, Programme Manager, Section Head(s) |
|
End of Analysis |
quality and completeness of analysis |
3 Mar |
Technical lead |
|
End of Design |
quality and completeness of design |
3 Mar |
Technical lead |
|
End of Build |
quality and completeness of build |
30 Jun |
technical lead / senior supplier/ PM |
|
Security QA |
deliverable satisfies security |
30 Jun |
Section Head |
Delivery, Like for Like |
Change to Service can proceed |
7 Aug |
Sponsor, PMservice owner/ service operations manager (helpline) |
|
End of UI Design |
quality of UI - to show we have designed an interface that is usable, accessible, promotes equality and diversity |
30 May |
technical lead / senior supplier/ business lead / senior user |
|
Branding QA |
for new, upgraded services, sign-off that branding guidelines for ISG, University, school/college has been followed by the project team |
30 Jun |
PM / and as appropriate ... UoE C&M, college C&M and (pending) ISG Branding Team |
|
Design UI QA |
to show we have built an interface that is usable, accessible, promotes equality and diversity |
30 Jun |
Sponsor and Service Owner |
|
EqIA |
For new services or services undergoing substantial change, there must be an Equality Impact Assessment completed, validated by equality office and deposited on EqIA website |
30 Jun |
PM / Service Owner / Equality Officer |
|
PIA |
Check if your project needs to undergo a Privacy Impact Assessment |
30 Jun |
PM / Service Owner / CISO |
|
Acceptance |
overall quality of deliverable, UAT has been passed, Integration testing successful, all components technically checked - fit for delivery to live service |
4 Aug |
technical lead / senior supplier /business lead / senior user /business analyst /PM
|
Delivery, Applied EdGel |
Change to Service can proceed |
7 Aug |
Sponsor, PMservice owner/ service operations manager (helpline) |
|
Handover to Support |
support can take over running of the Service |
8 Aug |
service owner/ service operations manager (helpline) |
Closure |
Project can close |
15 Aug |
Sponsor, PM |
Assumptions
None.
Constraints
None.
Risks
- Insufficient resources available to deliver to milestone dates.
- Insufficient testing may lead lack of confidence and thus delay deployment beyond August 2017.
- Insufficient testing may lead University wide services being unavailable after deployment
- Increased helpdesk incidents due to end users reporting unexpected change to authentication presentation
Issues
None.
Previous Lessons Learned
None applicable.
Dependencies
None.
Communication
The project/change is internally driven with Stakeholders across Information Systems (IS) who are also contributors or directly managing contributing resources.
Project Team meetings will be held as required. These are not scheduled as the team is already engaged and the team members will have had plenty of experience of working with each other.
A communications plan covering engagement with the wider community of computing stakeholders, i.e. EASE admins, will be developed to fit with service rollout.
There will also be a “for your information” communication associated with the application of EdGel themes to the EASE service.
Run / Grow / Transform
Runs / Transforms the existing EASE authentication.
Alignment with Strategic Vision
The elements of the IS Strategic Vision that this projects contributes to have a commentary.
|
Student Experience |
Commentary |
|
Student experience and the unique Edinburgh offer |
EASE consistent with our EdGEL standards. Improved end user documentation. |
|
Online and distance learning leaders |
|
|
Library national and international leadership |
|
|
Research and Innovation |
|
|
Research IT and Data Sciences |
|
|
Innovation |
|
|
Collaborative leadership and social responsibility |
|
|
Service Excellence |
|
|
Process improvement, efficiency, quality and best practice |
Improve service efficiency, reduce cost of future changes to the EASE authentication service: use of central Authorisation, software version control, automation. |
|
Long‐term IS strategic planning and linked professional services |
Standardised Linux OS |
|
Information Security |
Reduce risk of sensitive data breaches. Use of Encrypted store for sensitive data, up to date software. |
University's Strategic Vision for 2025 the main elements of the vision that this projects contributes to are highlighted in bold.
|
Vision Themes |
Commentary |
|
A unique Edinburgh offer for all of our students |
|
|
• all of our undergraduates developed as student/ researchers with clear, supported pathways through to Masters and PhD |
|
|
• all our students offered the opportunity to draw from deep expertise outside their core discipline |
|
|
• a highly satisfied student body with a strong sense of community. |
|
|
Strong and vibrant communities within and beyond the University – making the most of our unique offer of world-leading thinking and learning within one of the world’s most attractive cities |
|
|
A larger, more international staff who feel valued and supported in a University that is a great and collegial place to work, develop and progress |
|
|
More postgraduate students – underpinned by the best support in the sector to ensure we attract the brightest and best regardless of ability to pay |
|
|
A strong culture of philanthropic support focussed especially on our students and on outstanding research capabilities. |
|
|
Many more students benefiting from the Edinburgh experience (largely or entirely) in their own country – supported by deep international partnerships and world- leading online distance learning |
|
|
Sustained world leading reputation for the breadth, depth and interdisciplinary of our research supported by strong growth in research funding and strong international partnerships – drawing from well-established and less well developed sources |
|
|
An estate that matches expectations, responds flexibly to changing student and staff needs, and showcases the University |
The project delivers a service that members, visitors and prospective students would expect the University to provide |
|
A deeper and earlier collaboration with industry, the public sector and the third sector – in terms of research; knowledge exchange; and in giving our students the best possible set of skills for their future |
|
|
Digital Transformation |
Commentary |
|---|---|
|
Describe how the changes this project delivers will contribute to the digital transformation of the Service |
Future changes to the EASE authentication and registration processes will carry less risk and be efficiently developed and deployed. |
IS Change Programme - How will this project's Deliverables and Benefits promote the Themes
|
IS Change Programme Theme |
How the project deliverables and benefits contribute to change |
|
Project Management |
|
|
Working Together |
Engaging with the Website and Communications section |
|
Standards and Technical Leadership |
Improves EASE authentication by implementing a best practise technical solution and associated service, developed with the Local Software Lifecycle. |
|
Staff Learning and Development |
|
|
Service Based Culture |
Improved user documentation |
|
Equality and Diversity |
|
|
Partnerships and Philanthropy |
|
|
Flexible Resourcing |
|
|
Communication and Branding |
Consistent EdGEL theme |
Service Excellence - Information and Security
The EASE service is to be refactored into standard builds onto the virtual hosting service. The data is to be stored in the standard Galera database cluster with sensitive data encrypted. Source code is to be version controlled.
Service Excellence - Process Improvement, efficiency, quality and best practice (Social Responsibility and Sustainability)
Not applicable. Internal process to IS is being improved.
Digital Transformation
Not applicable. A digital solution is being replaced by another similar digital solution.
IS Change Programme - How will the execution of this project promote the Themes
|
IS Change Programme Theme |
How the project process will contribute to change |
|
Project Management |
|
|
Working Together |
The project team talk to other colleagues across ISG to work towards a consolidated approach to authentication services and thus reduce complexity and associated service management effort. |
|
Standards and Technical Leadership |
Refactors service with best practise technology elements. |
|
Staff Learning and Development |
|
|
Service Based Culture |
|
|
Equality and Diversity |
|
|
Partnerships and Philanthropy |
|
|
Flexible Resourcing |
Project Manage – contract staff appointed Solution Architect –service development activity in addition to BAU service management role. |
|
Communication and Branding |
Improved consistency of the EASE service with the rest of the University website with application of EdGel themes. |
Project Sponsor – Project Responsibilities
The sign-off milestones are associated with specific responsibilities of the Sponsor role.
DONE = done already
(NR) = not required (will be delete from next draft)
? = discuss
(SP) = to be done by Sponsor
(PB) = project board to do
(PM) = project manager to do
(PT) = project team to do
Start of project – Explicitly Included in the Initiation Milestones Sign-Off
- DONE Negotiates and confirms funding for the project
- (SP) Ensures the project is in line with organisational strategy and priorities
- DONE Chairs the project board, appoints its members and ensures they are effective
- (NR) Advises the project manager of protocols, political risks, issues and sensitivities
- (NR) Makes the project visible within the organisation
End of Planning – Explicitly Included in the Planning Milestone Sign-Off
- (SP) Works with the project manager to develop the Project Brief
- (PM) Ensures a realistic project plan is produced
- ? Sets tolerance levels for escalation to themselves and to the project board
- (PM) Ensures that project team have representation and engagement from users and suppliers
- (PT) Helps identify Stakeholders
- (SP) Approves Communication Plan
- (SP) Agrees on frequency of meetings with Project Manager
- (SP) Agrees of frequency of meetings with Project Team
- (SP) Agrees on milestones and who signs-off
Development / Execution – ongoing
- DONE Provides strategic direction and guidance to the project manager as directed by the Board
- ? (PB) Approves changes to plans, priorities, deliverables, schedule
- ? (NR) Encourages stakeholder involvement and maintains their ongoing commitment
- ??? Chief risk taker
- ? (PB) Makes go/no-go decisions
- (NR) Communicates change in organisational structure, priorities, business benefits or funding
- (SP) Helps the project manager in conflict resolution
- (SP) Helps resolve inter project boundary issues
- (SP) Gains agreement among stakeholders when differences of opinion occur
- (SP) Assists the project by exerting organisational authority and the ability to influence
Delivery – Explicitly Included in the Delivery Sign-Off
- (Svc Owner) Ensures that Service is ready for change
Closure - Explicitly Included in the Closure Milestone Sign-Off
- (NR) Helps with publicity for the change delivered
- (NR) (or Svc Owner) Ensure that benefits will be managed, measured and realised post-project
- ? (PM) or (Svc Owner) Evaluates the project’s success upon completion