140 likes | 271 Views
The JANET Roaming Service. Covering …. Background The Location Independent Networking (LIN) trial The JANET Roaming service What the service provides Overview of the technology How it works in practice The eduroam federation Parallel international effort. Background.
E N D
Covering… • Background • The Location Independent Networking (LIN) trial • The JANET Roaming service • What the service provides • Overview of the technology • How it works in practice • The eduroam federation • Parallel international effort
Background • JANET Wireless Advisory Group (WAG) established May 2003 • Develop a location independent networking (LIN) infrastructure to enable networks to support guest users in a transparent & secure manner • Proof of concept tests carried out on RADIUS (Remote Authentication Dial-In User Server) hierarchy
Location Independent Networking (LIN) Trial • January 2005 – January 2006 • 36 institutions in the UK • Positive feedback from JANET community • Transition to service
Launched: end of April 2006 • Resilient NRPS infrastructure • Community support team fronted by JANET Customer Services • Consultancy service • Online documentation: deploying, using and supporting the service • JANET Roaming is the UK element of the eduroam federation
The service • Enhances user mobility • Provides hassle free guest network access • Promotes single sign-on
RADIUS Hierarchy • Organisational RADIUS Proxy Server (ORPS) • National RADIUS Proxy Server (NRPS) • International RADIUS Proxy Server (IRPS)
Federated Trust Model • Participating institutions sign-up to the federation policy • Institutions trust each other to keep their user databases up to date • Network access is granted to a visitor after their credentials have been verified by their home institution
For example… Authenticator (AP or switch) University of Exeter ORPS UKERNA ORPS User DB User DB Visitor’s Username louiss@ukerna.ac.uk JANET National RADIUS Proxy server (NRPS)
Eduroam federation • 29 European countries plus Australia, Japan and Taiwan • Based on the same technology (RADIUS) • IRPS hosted in Denmark and the Netherlands on behalf of TERENA • Enabling international roaming • http://www.eduroam.org/
Eduroam RADIUS Hierarchy Authentication Request Authentication Response International RADIUS Proxy Server (TERENA) UK National RADIUS Proxy Server Australian National RADIUS Proxy Server UKERNA ORPS University of Hertfordshire ORPS University of Ballarat ORPS University of Queensland ORPS
USA • FWNA (Federated Wireless Network Authentication) • Internet2 working group • Trial in progress • Close collaboration between TERENA and Internet2 • http://security.internet2.edu/fwna/
Questions? www.ja.net/roaming