VISION STATEMENT: “Using a single password, postgraduate students can access not only King’s own electronic resources but also those of other universities and institutions by co-operative agreements.
VISION STATEMENT: “Provide services which reduce the burden of administration and information management.”
VISION STATEMENT: “Provide services which facilitate scholarly communication, collaboration and research
Federated access management allows not only single sign-on internally using an institutional password, but also allows users to access resources (such as VLEs) at other institutions using that same password (i.e. no need to register elsewhere).
Devolved authentication means that institution do not have to administer Athens accounts and single sign-on reduces the need for libraries to manage people as well as resources.
Federated access management supports the adoption of ‘virtual organisations and key research tools (such as open access repositories) have been ‘federated’.
Costs associated with adopting federated access management need to be assessed on an institution by institution basis.
Depend on starting point (state of directory services, choice of directory services, use of Athens, size of institution etc. etc.).
Depends on ‘end’ goal (full single sign-on implementation or more lightweight approach).
Use case studies of ‘early adopters’ to judge where you might be – please contact me.
Talk to the early adopters (they are very nice).
NMI-EDIT full Enterprise Directory project example: £250,000 capital, £130,000 recurrent.
Simple adoption of federated access management: £5,000.
Early adopter projects: £50,000. All successful within these constraints.
Athens: no more than 50p per user account for all Athens systems.
Achievability: Skill Set (with thanks to Swish!) Setting up a CVS Repository; Populating (importing) new data;Check out/in. CVS Profiles, bindings and extensions SAML Format and content of XML files ; Namespace (xmlns) definition and use ; XML Schema definitions XML Log4j and log4cpp configuration options ; Analyzing stack traces and locating configuration errors. Java Configuration files: server.xml, workers2.properties, tomcat-users.xml Application WAR deployment ; Use of conf, webapps, WEB-INF and classes directories. Mod_jk use and Tomcat modification to use it ; “ant command” and editing build.properties and build.xml files.Build WAR and dist files. Tomcat Writing simple web pages ; Meaning of every HTTP code ; CSS authoring HTTP and HTML PKI ; Use of the openssl command and every option Trust stores and certificate stores Obtaining certificates, installing them, converting to/from different encoded methods. Building certificate chains. SSL Knowledge of the configuration files for the webserver and being able to correctly specify values for all directives. Virtual host configuration with SSL. Adding modules, building modules Configuring a content management system to host documentation about procedures and configuration file changes. Webserver (Apache, IIS) Security policy management for controlling port use . Where to install applications, configuration files. Syslogd operation, writing startup services, obtaining and inspecting packet dumps, writing scripts to monitor and control multiple log files in many windows and using filtering, sorting and pattern matching to reformat output. Operating System Minimum requirements Skill area