From IIW

Elgg OpenSource Social Networking Platform: What it is and what we’re doing with it

Convener: Justin Richer

Notes-taker: Justin Richer

Tags: Social networking, opensource, openid, portable groups

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

MITRE has been doing research with social networking for the past few years using the Elgg platform (http://elgg.org), which is an OpenSource whitebox social networking system. We’ve used Elgg to build social networks for the intelligence community and MITRE itself. Elgg is highly modular, and is designed from the ground up as a user-focused social networking site, as opposed to the more common CRM with social-like artifacts bolted on. Elgg also has pervasive fine-grained access controls on every artifact in the system.

In the intelligence community, the OneCommunity research prototype is installed on the Intelink network, accessible to US Intelligence Analysts. We developed plugins to allow connection into the existing Intelink Passport identity structure to let users make use of existing credentials. We also developed connections to other social software systems on the Intelink network, such as Intellipedia (a MediaWiki instance). We have worked with analysts to build a recommendation system that is aware of the social media artifacts created by users that can recommend potential working contacts. Our research has shown that people, even in this serious working environment, are interested in social information and “icebreakers” in order to facilitate new conversations.

At MITRE, we used the same software to build out two sites, MITREverse and Handshake. MITREverse is MITRE-only and resides completely inside the firewall. It has acted as a research testbed for our user recommendation and data connection systems. We believed early on that we did not want the social network to own all the data, but to have access to the data available on other tools. We have developed an OAuth module for Elgg to allow for connection to WordPress and our own microblogging tools. This also has the possibility of allowing multiple Elgg sites to connect to each other to create a federation of independent social networking islands. The possibility of portable groups and portable permissions system seem very great in this area.

Our other site, Handshake, is designed as an outward-facing social network hosted by MITRE to facilitate collaboration with MITRE’s sponsors, academics, and industry people. All MITRE employees have access to Handshake through a custom IdP system, and all external participants are invited by MITRE personnel. This leads to some very interesting problems with identity, such as the need for MITRE to (currently) manage all the accounts for non-MITRE users of the system. This is something we are currently looking to move away from, perhaps by allowing OpenID credentials or other forms of trusted-partner identification.

In parallel, we are looking at deploying an OpenID system for MITRE personnel both inside and outside the firewall to allow MITRE people to self-identify as MITRE people both to our own OpenID-enabled applications and to sites on the larger Internet. We are also researching trusted partner networks and the implications of having portable data across different sites and what that means for access controls and permissions.