1 / 20

Baltic IT&T, Riga 2007 Identity Management within the educational sector in Norway

Baltic IT&T, Riga 2007 Identity Management within the educational sector in Norway. Senior Adviser Jan Peter Strømsheim, Norwegian ministry of Education and Research jps@kd.dep.no. Identity Management (IdM). Identity management is a broad administrative area that deals with

fairly
Download Presentation

Baltic IT&T, Riga 2007 Identity Management within the educational sector in Norway

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Baltic IT&T, Riga 2007Identity Management within the educational sector in Norway Senior Adviser Jan Peter Strømsheim, Norwegian ministry of Education and Research jps@kd.dep.no

  2. Identity Management (IdM) Identity management is a broad administrative area that deals with • identifying individuals in a system (such as a country, a network, or an enterprise) and • controlling their access to resources within that system by • associating user rights and restrictions with the established identity.

  3. ICT trends: Usage in education • All Norwegian universities and colleges are online since 1992 • Currently all students in higher education use e-learning • Tracking learning, tracking teaching • Personalization requires stronger central ICT systems • Traffic grows exponentially • Above 95% of all primary and secondary schools are on-line • Upper secondary schools – 55 students pr 100 PC • LMS and digital learning resources • Compulsory education – 21 students pr 100 PC

  4. Report No. 17 (2006–2007) to the Storting:An Information Society for All New National Curriculum in Primary & Secondary Education from 2006 • Basic skills as basis for all learning and development. • The ability to • express oneself orally • read • express oneself in writing • do arithmetic • use information and communication technology • ICT is integrated in all subject areas being part of the curriculum • Three preconditions in particular form the basis for the government’s commitment to digital inclusion: • Digital access, • Universal design and • Digital skills. • Provisions must be made for identity management for primary and secondary education based on the Feide project.

  5. FEIDE – Federated Electronic Identity for Norwegian Education • FEIDE is a non-commercial identity management federation for people in education • FEIDE is technology and plattform agnostic • FEIDE offers guidelines and policy for campus identity management • FEIDE-names are valid for all education services, and may be used internally, for community services and with educational related services

  6. Why federate? Federations: • authenticate • enforce information flow policy • privacy control • security • trust establishment • Users and home organizations and service providers need to exchange information • Trust establishment • Information exchange • Policy • Technology

  7. Business drivers for Feide • End user: one username, one password • Each educational institution benefits from • Local dataflow clean-up • Overview and control of services • Common guidelines, requirements and best practice for identity management • University, college or school as Service Provider benefits • Easy integration of non-local users • Data protection contracts and guidelines • Common shared services benefit from • Integrated user space • Data protection contracts and guidelines

  8. Feide login • User tries to access service • Service transfer user to Feide login • Authentication is done at campus • Local authentication point • Local control over information • Authentication is confirmed with the service, possibly with attribute release • Attribute release controlled by user, governed by contract

  9. Studying today… • “Hei! I am Maia – a freshman student” (Identity) • “…this is my FEIDE name and password to prove it (Electronic identity) • (Authentication: is this the right person?) • “I want to delete a file in my Virtual Learning Environment” • (Authorization : Maia can use the services she is supposed to have access to) • “And I would like to change my midterm exam B into A” • (Authorization : Stop Maia from using a service she is not supposed to have access to )

  10. CleanIT, the User Management System (BAS) process • Identify key data • Identify who is reponsible for • Initial data • Data updates • Data removal • Organizational process • Move data maintenance out of the IT department • Enable Human Resource and Student Management staff to do their jobs better • Student registry: FS or MSTAS • HR/payroll system: rolling in SAP, currently shared systems across several institutions

  11. Benefits: Campus/Institution Identity Provider • Authoritative quality for all affiliated users • Control of information flow for all affiliated users • Enhanced user management simplifies and automates business processes • Federated login provides access to services • One contract with Feide eliminates bi-lateral contracts with all service providers Service Provider • Access for all Feide users • No local administration of user database • Feide handles login and gives high quality data about users • One contract with Feide eliminates bi-lateral contracts with all identity providers User • One username • One password (or other credential) • Do not need to register information at each service, automatic updates from campus information • Informed consent for personal data transfer • Familiar log-in page may increase security

  12. Identity management for education • Feide since 2000 (initially higher education) • Operational login service since 2003 • Universities and university colleges: 2003 - 2006(7) • Schools and Feide • Participation decided by Ministry of Education early 2006 • Identity management should be available by 2008 for all schools • Strong campus identity management efforts • Universities and colleges develop and deploy IdM software • Organizational process: identify responsibilities and enforce routines for processing personal information • Supporting the Personal Data Act • Operational service providers (current: 23)

  13. Feide operates with • One Identity Provider (central login service) • Many Authentication points (one at each educational insitution) • Attribute release is important • Feide-name valid only in organizational context • What school, affiliation, group, address, NIN, unit? • Provisioning: started PIFU standardization effort • Cross-federations needed (imply IdP chaining) • National: MyID for public sector • Nordic: Kalmar Union for higher education and research • International: eduGAIN, InCommon? • Service Oriented Architecture • Services talk on behalf of user to mediate content delivery

  14. The way ahead -technical • Consolidating BAS (user management system) for user management • Technical solutions • Policy and regulations • Giving access to someone I do not control? • Interfaces • XML definitions for import/export • LDAP based on eduPerson/noredu* • Available software is improving

  15. 7 universities, 46 university colleges (210 842 persons) • +70% of students/others use FEIDE • Primary, Lower and Upper Secondary Schools • 865 000 pupils, teachers + pluss parents • 454 upper secondary schools owned by 19 regions • Around 3100 schools owned by 430 municipalities

  16. The way ahead -organizational • Higher Education – FEIDE is on track The challenge: Primary and Secondary Education • We need the important stakeholders onboard • theBusiness Associations of Norwegian knowledge- and technology based enterprises, • the Union of Education, • The Norwegian Association of Local and Regional Authorities, • The National Parents’ Committee for Primary and Lower Secondary Education • Political and financial backing • FEIDE is recognized by the Government as the IdM for Education in Norway • Funding is allocated on an annual basis

  17. More information • Information from Feide, including deployment status • http://www.feide.no/index.en.html • Email for Feide: • administrasjon@feide.no • Questions for Jan Peter or Ingrid Melve (leader of the Feide Project) jps@kd.dep.noingrid.melve@uninett.no

More Related