slide1 l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Use case: Federated Identity for Education (Feide) Identity collaboration and federation in Norwegian education PowerPoint Presentation
Download Presentation
Use case: Federated Identity for Education (Feide) Identity collaboration and federation in Norwegian education

Loading in 2 Seconds...

play fullscreen
1 / 20

Use case: Federated Identity for Education (Feide) Identity collaboration and federation in Norwegian education - PowerPoint PPT Presentation


  • 370 Views
  • Uploaded on

Use case: Federated Identity for Education (Feide) Identity collaboration and federation in Norwegian education Internet2 International Workshop, Chicago, 2006-12-04 Ingrid Melve, UNINETT CTO Overview Why work on federated identity in education? Feide Higher education Schools

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Use case: Federated Identity for Education (Feide) Identity collaboration and federation in Norwegian education' - Audrey


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1
Use case: Federated Identity for Education (Feide)

Identity collaboration and federation in Norwegian education

Internet2 International Workshop, Chicago, 2006-12-04

Ingrid Melve, UNINETT CTO

overview
Overview
  • Why work on federated identity in education?
  • Feide
    • Higher education
    • Schools
  • Rollout process
    • Applications get «Feidefied»
  • Current identity focused initatives
  • Future plans
    • Collaboration, research, development, deployment
norwegian education
Norwegian education
  • 7 universities, 46 university colleges (210 842 persons)
  • Extensive collaboration on electronic services in higher education
    • BIBSYS and other library services
    • FS and MSTAS student registry systems
    • Administrative systems: finance, HR, archive, invoice,
    • High performance computing, super-computers and grids
  • Schools (865 000 persons, pluss parents)
    • 454 upper secondary schools owned by 19 regions
    • Around 4500 schools owned by 430 municipalities
  • User populations, including parents, make up 43% of population
ict trends usage in higher education
ICT trends: Usage in higher education
  • All Norwegian universities and colleges are online since 1992
  • Currently all students in higher education use e-learning
    • Tracking learning, tracking teaching
    • Personalization requires stronger central ICT systems
  • Half of the students have laptops (growing number), and they grew up with PCs
  • Web self service is increasingly deployed
  • Traffic grows exponentially
uninett and feide
UNINETT and Feide
  • UNINETT is the Norwegian research network
  • UNINETT is chartered to
    • Provide advanced network services among the world best
    • Support open standards and interoperability
    • Work in collaboration with education and research
  • Feide organization
    • A central service (7 persons)
      • Login service, operated by Oslo University, with integration support
      • Trust model
      • Information model
      • Project management
    • Deployment in higher education (3-1 persons)
    • Deployment for school owners (4-9 persons)
collaboration
Collaboration
  • Strong involvement from universities and colleges
    • User groups
    • Active participation in various project(s)
    • Close collaboration with SAP roll-out
    • Operational Feide service run by UiO
  • Backing from Ministry of Education and Research
    • Financial support
    • Clear political support for integrating services
    • Identity management for schools scheduled for 2008
  • Partnership with commercial technology partner (Sun) for open source Liberty-based software
  • International participation: TF-EMC²/REFEDS, eduGAIN, GNOMIS, EuroCAMP, Internet2
identity management for education
Identity management for education
  • Feide since 2000 (initially higher education)
    • Operational federation with login service since 2003
    • Universities and university colleges: 2003 - 2006(7)
  • Schools and Feide
    • Participation decided by Ministry of Education early 2006
    • Identity management should be available by 2008 for all schools
  • Strong campus identity management efforts
    • Universities and colleges develop and deploy IdM software
    • Organizational process: identify responsibilities and enforce routines for processing personal information
    • Supporting the Personal Data Act
  • Operational service providers (current: 26)
    • Adding 2-3 every month this fall
why federate
Why federate?
  • Users and home organizations and service providers need to exchange information
  • Trust establishment
    • Feide-name and password
    • PKI and other credentials supported
  • Policy with privacy support
  • Technology:
    • Easy service provider integration
    • Multi-vendor environment
    • Open standards
    • Clear integration path
feide federated electronic identity for norwegian education
Feide – Federated Electronic Identity for Norwegian Education
  • Feide is a non-commercial identity management federation for people in education
  • Feide is technology and platform agnostic
  • Feide offers guidelines and policy for campus identity management
  • Feide-names are valid for all education services, and may be used internally, for community services and with educational related services
feide login
Feide login
  • User tries to access service
  • Service transfer user to Feide login
  • Authentication is done at campus
    • Local authentication point
    • Local control over information
  • Authentication is confirmed with the service, possibly with attribute release
    • Attribute release controlled by user, governed by contract
feide federates education
Feide federates education

Federations:

  • Establish trust
  • Authenticate
  • Do privacy control
  • Enforce information flow policy
  • Security
business drivers for feide
Business drivers for Feide
  • End user: one username, one password
  • Each educational institution benefits from
    • Local dataflow clean-up
    • Overview and control of services
    • Common guidelines, requirements and best practice for identity management
  • University, college or school as Service Provider benefits
    • Easy integration of non-local users
    • Data protection contracts and guidelines
  • Common shared services benefit from
    • Integrated user space
    • Data protection contracts and guidelines
collaboration15
User groups

Technology based for campus IdM

Regional based

Support from vendors

Novell for campus IdM

Various Microsoft-affiliates

Sun for federation support

IBM, Oracle, Kantega for roll-out and applications

Collaboration
  • Parents/guardians should be able to log in
    • How to reuse existing credentials?
    • How to link parent-child?
  • Public sector: MyID
    • PKI is on hold
    • Pincode-based federated ID
    • SAML2.0
  • Possibilities in private sector
    • Private federations
    • PKI-based login
    • Not yet concrete plans
ongoing work
Ongoing work
  • Feide operates with
    • One Identity Provider (central login service)
    • Many Authentication points (one at each educational insitution)
  • Attribute release is important
    • Feide-name valid only in organizational context
    • What school, affiliation, group, address, NIN, unit?
    • Provisioning: started PIFU standardization effort
  • Cross-federations needed (imply IdP chaining)
    • National: MyID for public sector
    • Nordic: Kalmar Union for higher education and research
    • International: eduGAIN, InCommon?
  • Service Oriented Architecture (implies ID-WSF)
    • Services talk on behalf of user to mediate content delivery
more information
More information
  • Information from Feide, including deployment status
    • http://www.feide.no/index.en.html
    • http://feide.no
  • Email for Feide:
    • administrasjon@feide.no
  • Questions for Ingrid
    • ingrid.melve@uninett.no

Collaboration builds education

campus identity provider benefits
Campus Identity Provider benefits
  • Authoritative quality for all affiliated users
  • Control of information flow for all affiliated users
  • Enhanced user management simplifies and automates business processes
  • Federated login provides access to services
  • One contract with Feide eliminates bi-lateral contracts with all service providers
service provider benefits
Service Provider benefits
  • Access for all Feide users
  • No local administration of user database
  • Feide handles login and gives high quality data about users
  • One contract with Feide eliminates bi-lateral contracts with all identity providers
user benefits
User benefits
  • One username
  • One password (or other credential)
  • Do not need to register information at each service, automatic updates from campus information
  • Informed consent for personal data transfer
  • Familiar log-in page may increase security