TOSIroam Project

Concept

The proposal is for the past Loop schools combined with Crystal schools to share a Radius and  SQL server located on EdSerf and using Crystal software to provide a roaming wireless service with automatic configuration and logon with a view of  linking with Eduroam type services  sometime in the future.

Definition

TOSIroam will allow students and staff from participating institutions to obtain Internet connectivity across their school campus and when visiting other participating institutions by simply opening their device.

Objectives (of trial)

  1. Design and prove the technical model.
  2. Establish what prerequisites a school requires.
  3. Establish a ownership model
  4. Establish costs and from this ongoing service fees.

Assumptions
Digital learning in ‘future focused” schools is a significant  theme in today's education.
There are three key technologies that can be leveraged by the proposed TOSIroam.

  • 4xA’s: Digital access must be Anytime, Anywhere, Anyhow and with Anyone.

  • Digital hubs: A concept introduced by the Manaiakalani Trust where ultra fast digital access available in schools can also be delivered to the local community.

  • Loop: It is only one year since The Loop schools moved to the N4L (Network for Learning). The Loop Trust is still in existence and collegial support and cooperation between Loop schools  remains strong

  • Clusters: It appears that future MoE funding  will be based on Clusters. This project seeks to provide the seamless communication technologoes needed to support this practice.
    That is the ability to wirelessly and seamlessly roam throughout the cluster with ehanced secuirty and tracking while still adhering to the old Loop 3xF's (Fat, Fast and Free) and 2 second rule (everything has to work in seconds).

History
In the year of 2004 Nelson schools together with Network Tasman as its main sponsor built an ultra fast fiber network called “The Loop” across the top of the South Island.
One of the services offered was a roaming wireless service where users could automatically access their digital resources from any participating school.

Unfortunately because of technical and contractual barriers this service could not be continued when the Loop was absorbed by the N4L.
The infrastructure used by the Loop for this service is still in place ready to go.

Since the demise of the Loop  the contractual barriers have been clarified and with a little research and development using cutting new edge technologies the opportunity to rebuild  and re energise this roaming service has become a reality.
The major difference between the Loop and N4L environments is that the Loop was essentially OSI layer 2 (direct connections) whereas the N4L is OSI layer 3 (web or Internet). This introduces the requirement for additional security and virtual tunnels.

Security
The need for secure network access has never been greater. In today's diverse and roaming staff, learners and even guests require access to multiple network resources. As data networks become increasingly indispensable in day-to-day business operations, the possibility that unauthorized people or devices will gain access to controlled or confidential information also increases.
The best and most secure solution to vulnerability at the access edge is to use the intelligence of the network. One access control technique is called MAC Authentication Bypass (MAB). MAB uses the MAC address of a device to determine what kind of network access to provide.
MAB can be defeated by spoofing the MAC address of a valid device so digital certificates are used to authorise the device.


The Project
As with all projects there are a number of steps that need to worked through.

  1. Update existing resources:
    It has been noted above that the physical and organisational structure to operate the proposed service still exists.
    The first step would be to update and and test  all components of that structure. (Done)

  2. Establish connections:
    The next step to ensure that each of the test schools (appendix 1) has at least a virtual OSI layer 2 connection back to the EdSerf based SQL Crystal server farm (appendix 2).
    Each connection will be continually monitored by Crystal ‘weathermap’. . (Done)

  3. Implementation:
    The third step is the most critical and requires  significant R&D (Research and Development)..
    Step 3 is to ensure the data flow and procedures operate effectively in a valid, reliable secure manner.
    The Loop has significant research and experience in this area and this will be enhanced using new technologies and models.. (Current focus - operational details being reviewed)

  4. Evaluation: Once operational the model must be tested against the project's goals.

  5. Rollout of the project to schools.
    Time: As schools request the service. Schools will be required to fund their own configuration.
    Time: 30min/school

Cost
The hardware (radius server) still exists from The Loop period and is located  in in the EdSerf server farm.
The software core structure (Identity and database management) still exists inside the Crystal model.
It is estimated that approximately 30-50 hours of research and development will be needed to change the operating environment of both hardware and software from OSI layer 2 (old Loop) to OSI layer 3 (Web based).

The engineers that designed the original roaming wireless system  are still available but now also have new skills and technologies to help and enhance the proposed service.

Conclusion
The vision is to be able to access digital resources within two clicks (2 seconds) anywhere at any time.
This service  has been delivered regionally in the past and now has the prospect of also delivering internationally in the future.

Project Questions (link)
Project Comments
(link)
Project Management (link)
Appendix
(link)
Technical Appendix (link)
Rollout FAQ's (Link) ... what the final rollout FAQs will look like.