Eifl pres
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
286
On Slideshare
286
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
1
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. FEDERATION RECIPE NICOLE HARRIS, JISC ADVANCE nicole.harris@jiscadvance.ac.ukFriday, 18 February 2011
  • 2. In order to make one federation you will need...Friday, 18 February 2011
  • 3. A selection of Identity Providers (IdPs) - i.e. institutions with a directory of people that want to access stuff. A selection of Service Providers (SPs) - i.e. stuff you want to access. Some Policy. Some Infrastructure. A smattering of metadata. One large pot to boil it in.Friday, 18 February 2011
  • 4. CAN I BE AN IDENTITY PROVIDER? Do you have some kind of directory of your users? Could you manage installing software such as Shibboleth or SimpleSAMLPhP? IF YES, GO TO NEXT SLIDE IF NO.... Is there someone who could do that work for you? Eduserv in the UK offers ‘managed directories’ (at a cost) Could an organisation manage a central directory for you?Friday, 18 February 2011
  • 5. WHAT ABOUT SERVICE PROVIDERS? The good news here is that most of the providers with EIFL licenses already offer federated access in countries such as the UK (see: http://www.ukfederation.org.uk/content/Documents/AvailableServices). Negotiations would be required to sign them up for EIFL participant federations. What about institutions as Service Providers? Your repositories, blogs, wikis, webpages etc. Can you manage to install SimpleSAMLPhP or Shibboleth Service Provider software?Friday, 18 February 2011
  • 6. AND THE POLICY? Each ‘federation’ (see later slides) is typically governed by a policy that defines how the IdPs and SPs can work together and trust each other. The good news here is that we have lots of examples from federations around the world that could be repurposed. Policy doesn’t have to be complex.Friday, 18 February 2011
  • 7. FEDERATION INFRASTRUCTURE Currently most federations are managed on a national basis and each federation has its own infrastructure that registers IdPs and SPs and collects, aggregates, distributes and signs metadata - there is a overhead . Other models can be used - e.g. perhaps an EIFL federation. Federations already looking at different models - the REFEDS PEER project is looking at providing a central repository for metadata that could be a good solution here.Friday, 18 February 2011
  • 8. AND THE METADATA? The information that makes this all work. Tell IdPs and SPs how and where to find stuff - where is your login page. Is signed for trust purposes. Tells you about attribute policies - i.e. what information is the Identity Provider willing to give the Service Provider (anonymous, pseudonymous, personal data).Friday, 18 February 2011
  • 9. However, federations cannot be cooked in a day. The good news?....Friday, 18 February 2011
  • 10. EXPERT HELP REFEDS group of national federations (www.refeds.org) with capacity to support emerging federations. TERENA training and advice (www.terena.org), talk to Brook Schofield). Supportive people in the community. Natural links (i.e. JISC Advance with HEA).Friday, 18 February 2011
  • 11. WHAT CAN WE DO TO HELP?Friday, 18 February 2011