1 / 19

Joining the UK Access Management Federation

Joining the UK Access Management Federation. 4th April 2007 Mark Tysom, UKERNA. Overview. What is the UK Federation? Benefits Eligibility Suggested approach Methods of participation Application process Membership. What is the UK Federation?. A set of Rules that binds members:

adonis
Download Presentation

Joining the UK Access Management Federation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Joining the UK Access Management Federation 4th April 2007 Mark Tysom, UKERNA

  2. Overview • What is the UK Federation? • Benefits • Eligibility • Suggested approach • Methods of participation • Application process • Membership

  3. What is the UK Federation? • A set of Rules that binds members: • Make accurate statements to other members • Keep federation systems and data secure • Use personal data correctly (inc. DPA1998) • Resolve problems within the Federation • Not by legal action • Assist Federation Operator and other members

  4. What is it used for? • Allows a browser user to access protected online resources based on information asserted by their home organisation. • Allows providers of online resources to control access to their services.

  5. The UK Federation • Launched November 2006 • For UK schools, FE, HE and research • Organisations and providing online services to these sectors • Funded by JISC and Becta • Operational management by UKERNA

  6. What are the benefits? • Centrally funded • Access to resources from anywhere • Provides consistency across the whole of education for AuthN & AuthZ • Can be used to protect internal resources • At least one less password to remember • Improves the user experience • Facilitates sharing of content and collaboration across sectors

  7. Who is eligible to join? • Colleges and universities • Local Authorities with responsibility for the schools sector • Research council funded establishments • Other publicly funded bodies subject to support from relevant authorities • Commercial and other organisations providing online services to these sectors

  8. Considerations • Review your identity management strategy • for example, how many directories you have and who owns them? • Build the business case • JISC will cease to centrally fund Athens in July 2008

  9. Suggested approach

  10. The six steps • Review ID management strategy 2. Develop user directories: to hold user’s status/entitlements/etc 3. Authentication development: implement an institutional web authentication system

  11. The six steps 4. Implement compatible Identity provider software linked to organisational directory and authentication systems 5. Join the federation: apply for membership and sign up to federation rules. 6. Deployment and roll out: staff training, user guides, etc.

  12. Participation • In-house • Deploy own IdP infrastructure • Out-source • Purchase IdP service from a third party

  13. Pros and cons: In-house • Benefits • Retain strategic control over ID management • Convergence of internal/external ID management • Easier to comply with data protection regulations • Considerations • May require significant effort to consolidate authentication and authorisation infrastructure • New technology to learn and deploy

  14. Pros and cons: Outsourced • Benefits • Enables participation in the Federation with less effort than taking the in-house route • Considerations • Effort required to manage user information • Both the organisation and outsourcing third party must be federation members • User experience may be impaired – less intuitive • Diminution of strategic control

  15. What do I need to do to join? • Identify your host organisation (the legal body that will sign the rules of membership) • Arrange for your host organisation to sign the rules of membership and nominate • Executive liaison who agrees, on behalf of the organisation, to be bound by the rules of membership • Management liaison who registers entities • Obtain an X.509 server certificate • Once membership accepted, management liaison can register entities • Details of the entity added to federation metadata

  16. Support • JANET Customer Services Helpdesk: - Joining the federation - Registering entities - Trouble shooting metadata • Internet 2 team and Shibboleth community: - general Shibboleth and Shib-related queries

  17. Current Membership • 22 institutional IdPs • 13 SPs • 18 in the pipeline

  18. Further Information • Website • www.ukfederation.org.uk • E-mail lists • Ukfederation-announce@jiscmail.ac.uk • Ukfederation-discuss@jiscmail.ac.uk

  19. Questions? • Website • www.ukfederation.org.uk • E-mail lists • Ukfederation-announce@jiscmail.ac.uk • Ukfederation-discuss@jiscmail.ac.uk

More Related