This document discusses Edugate, an Irish single sign-on system that allows users in higher education to authenticate at participating institutions and access various online services without needing separate credentials. It explains that Edugate is a SAML federation consisting of identity providers, like universities, and service providers. It authenticates users against campus directories and authorizes access to services. This allows students to prove they are enrolled to get discounts, and avoids repeatedly entering credentials across multiple services. It highlights that Edugate is used by all publicly funded Irish universities and colleges, as well as research agencies and some private groups.
2. Q. How can you offer a web based service to the academic
community that requires authentication and authorisation without
asking users to register for an account?
3. Q. How can you offer a web based service to the your own
institution that requires authentication and authorisation without
handling the users campus credential?
4. Q. How do I proove that I am a student online in order to get a
discount from an e-retailer?
5. Q. How to aviod repeatedly asking users to enter credentials as
they go from one service to another?
6. Q. How did RCSI, NUIM and DCU establish a web based service
shared by two or more collaborating institutions?
8. •IT Department: “Single-sign-on for staff and students”
•Website operator: “like Facebook login button, but for the
academic community”.
•User: “one less password, thanks!”
•Eric Clarke: “the only option when it came to delivering a shared
VLE”
•HEAnet: Irish instance of 27 such research and education
federations
What is Edugate?
9. •Edugate is a SAML federation.
•SAML is a single-sign-on protocol
•A SAML federation comprises multiple;
• Identity Providers (IdP)
An IdP authenticates users against the campus ldap
• Service Providers (SP)
An SP authorises those users based on what the IdP
says about the user
•How it works…
What is Edugate?
12. Identity Providers
• All publicly funded Universities, Colleges, IoT’s
• Research Agencies/Institutes
• Cavan VEC
Service Providers
• Student Discount
• VLE (Blackboard & Moodle)
• HEAnet (policy for all shared services)
• Internal Campus Services and student run services (SU, Societies)
• Academic Publishers
33 IdP, 55 SP and 50 Internal, 60,000 logins/day
Who is using Edugate
13. • Interfederation with other federations
UK agreement in principle, eduGAIN likely by October
• Integration with social login providers (Facebook/Google etc)
http://lirgroup.heanet.ie
• Re-use of groups from service to service
• Identity schema extenstion to include photo, course, year etc.
• Use by non-HEAnet institutions
• Use for identity validation step for MOOC?
Potential or future uses