140 likes | 287 Views
Federated Access implementation: experience of AUCA Library - Kyrgyzstan. Sania Battalova, EIFL Country and FOSS Coordinator, Kyrgyzstan. 4 th -7 th June, 2008, Aberdeen , Scotland. EIFL General Assembly 2011 Minsk, Belarus Belarus National Library June 26 - 28, 2011.
E N D
Federated Access implementation: experience of AUCA Library - Kyrgyzstan Sania Battalova, EIFL Country and FOSS Coordinator, Kyrgyzstan 4th -7th June, 2008, Aberdeen, Scotland EIFL General Assembly 2011 Minsk, Belarus Belarus National Library June 26 - 28, 2011
AUCA Background Information Former American University in Kyrgyzstan - Founded in 1993 – privet Liberal Arts University 11 Degree programs and MBA 1,200 students(40% men and 60% women) – undergraduates and graduate from 15 countries 125 full-time faculty Merged Library/IT Structure
Electronic books - Ebrary - Subscribed collection of 35,000 titles of electronic books Electronic periodicals – more then 15,000 titles at 13 databases AUCA digital Library – Open Electronic Repository and the University Documents Archive University Library Electronic Resources and Databases – off-campus access EIFL General Assembly 2011 Minsk, Belarus Belarus National Library June 26 - 28, 2011
University On-line Services: • Off-campus access to AUCA Library Databases and Archives • Library patrons authentication System • E-course System (Moodle) • E-portfolio System (Mahara) • On-line Registration and Students’ Portal • On-line Evaluation • Students Career Service • Alumni Service System • Discussion Forum (for local needs) EIFL General Assembly 2011 Minsk, Belarus Belarus National Library June 26 - 28, 2011
AUCA User’s Authentication System • Primary authentication source - Active Directory. Every user is assigned an Active Directory account that they must use to access University services Based on organization units distributed roles for students, employees, guests and administrators. • RADIUS (Remote Authentication Dial-in-User Service) - allows authentication realization, authorization and registration, by means of using remote access policies (RAP). • LDAP (Lightweight Directory Access Protocol) - application protocol for reading and editing directories over IP network - uses for Off-campus access (EZProxy, ePortfolio authentication and for Federal Access). EIFL General Assembly 2011 Minsk, Belarus Belarus National Library June 26 - 28, 2011
Why Federated Access in AUCA? • For our users – only ‘single window’ for authentication to access to all services • Single Point of access – one Username and Password to access all on-line services • Once accessed you don’t need to login to all different services • The services and data may be located outside the University. • Future Cooperation EIFL General Assembly 2011 Minsk, Belarus Belarus National Library June 26 - 28, 2011
Federated Access: from University to Country level University level (AUCA): • For federated authentication and authorization infrastructure internally Consortium level (KLIC): • In getting a pilot in Kyrgyzstan Identity Federation started, • Library consortium resource providers to use federated authentication and authorization infrastructure EIFL General Assembly 2011 Minsk, Belarus Belarus National Library June 26 - 28, 2011
Federated Access – University Level – AUCA Experience • Selection of SP (Service Provider ) and IdP (Identity Provider) software • Selection criteria: MS Windows/Linux, Java/PHP, Shibboleth/simpleSAMLphp • University IT staff qualification EIFL General Assembly 2011 Minsk, Belarus Belarus National Library June 26 - 28, 2011
simpleSAMLphp (http://simplesamlphp.org/) as IdP and SP for AUCA • Set up simpleSAMLphp (IdP and SP) • http://login.auca.kg/idp/ - AUCA authorization page created • For security reasons SSL certificate has been registered - www.startssl.com - free of charge • Connection between created IdP and AUCA Active Directory • AUCA Idp and SP connection EIFL General Assembly 2011 Minsk, Belarus Belarus National Library June 26 - 28, 2011
AUCA authorization web-page (AUCA IdP) EIFL General Assembly 2011 Minsk, Belarus Belarus National Library June 26 - 28, 2011
Challenges • New software, no experience • Time consuming • Coordination between IT offices – IdP and SP set up and local databases, and the University Authentication rules EIFL General Assembly 2011 Minsk, Belarus Belarus National Library June 26 - 28, 2011
Benefits and the Future Plans • Work experience (Shibboleth and simpleSAMLphp) and trained IT staff • Promotion Federated Access in AUCA – easy access to on-line service • Promotion Federated Access among Kyrgyz Libraries Information Consortium (training sessions for IT staff and librarians) – new way of Kyrgyz libraries cooperation • CAREN EIFL General Assembly 2011 Minsk, Belarus Belarus National Library June 26 - 28, 2011
Thank you! Contact information: Sania Battalova – battalovas@mail.auca.kg EIFL General Assembly 2011 Minsk, Belarus Belarus National Library June 26 - 28, 2011