How eduGAIN can help education: a real life story Sabita Behari Product Manager TNC14.

Slides:

Advertisements

Similar presentations

Federation management A mess? Nordunet Conference Mikael Linden CSC, the Finnish IT Center for Science.

Advertisements

1 Evaluating Online Sources A Module of the CYC Course – Computer Basics

Innovation through participation eduGAIN federation operator training eduGAIN interfederation service /18 Valter Nordh, NORDUnet / GU 1.

Presentation at The Conference for Family Literacy Louisville, Kentucky By Apter & O’Connor Associates April 2013 Evaluating Our Coalition: Are We Making.

EduGAIN – Are we there yet? Lukas Hämmerle (ghost writer, Brook Schofield) FIM4R, Helsinki – 2 October 2013.

Step-up Authentication as-a Service Pieter van der Meulen Technical Product Manager.

Scrutiny Scrutiny is a major tool for evaluating and then effecting change. Reviewing and evaluating what is done and measuring its success is key to better.

Horizon 2020 Energy Efficiency Information Day 12 December 2014 Essentials on how to submit a good proposal EASME Project Advisors: Francesca Harris,

Information and Communication Technologies in the field of general education in Armenia NATIONAL CENTER OF EDUCATIONAL TECHNOLOGIES.

SWITCHaai Team Federated Identity Management.

Partnership & Collaboration Tools 303. Partnership and Collaboration Tools 303 Objectives Provide tools to guide you through various stages of a Partnership.

Federated Identity Management in New Zealand Sat Mandri Service Manager TNC15 REFEDs Meeting, 14 th June 2015.

IEBC Sunkosi Webinar © 2015 All rights reserved. Successfully Implementing Your Student Success Plans Ensuring The Success Of Well Managed Interventions.

CASE: Haka federation EuroCAMP, 3-5 April, 2006 CSC, the Finnish IT Center for Science

Feasibility Study of a Wiki Collaboration Platform for Systematic Review Eileen Erinoff AHRQ Annual Meeting September 15, 2009.

Innovation through participation Interfederation through eduGAIN - steps and challenges eduGAIN interfederation service Federated Identity Systems.

AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.

The ReFEDS/GÉANT Code of Conduct (CoC) An Approach to Compliance with the EU Data Protection Directive Steve Carmody April 23, 2012.

Latvian Presidency PCC conference 2015 EULIS: Update on the Interconnection of Land Registers and Cadastres May, 2015, Riga Rik Wouters.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

A Practical Guide for Joining EduRoam EuroCAMP Torino A Practical Guide for Joining EduRoam 4 March 2005 Version 1.6.

Identity Federation Policy Marina Vermezović, AMRES Federated Identity Technology Workshop Sofia, Bulgaria, 20. Jun 2014.

Getting Started Conservation Coaches Network New Coach Training.

Helsinki Institute of Physics (HIP) Liberty Alliance Overview of the Liberty Alliance Architecture Helsinki Institute of Physics (HIP), May 9 th.

© 2013 Federal Reserve System. Materials are not to be used without consent. Federal Reserve Financial Services Strategic Direction: Payment.

Presented by: Presented by: Tim Cameron CommIT Project Manager, Internet 2 CommIT Project Update.

Supporting Are we ready? REFEDS, Oct 2013 Ann Harding

HOW TO EFFECTIVELY COMMUNICATE WITH ELECTED OFFICIALS.

1-2 Training of Process Facilitators 3-1. Training of Process Facilitators 1- Provide an overview of the role and skills of a Communities That Care Process.

SURFfederatie & SURFconext Federated identity system for scientific collaborations 9-10 June 2011 CERN Remco Poortinga – van Wijnen*, SURFnet

This document produced by Members of the Helix Nebula Partners and Consortium is licensed under a Creative Commons Attribution 3.0 Unported License. Permissions.

Kalmar Union lessons: Findings in federation harmonisation REFEDS Mikael Linden, CSC.

Security Vulnerabilities Linda Cornwall, GridPP15, RAL, 11 th January 2006

Claudio Allocchio TERENA Technical Programme - Update General Assembly, 21 October 2005, Budapest 1 TERENA Technical Programme Update Claudio Allocchio.

Géant-TrustBroker project overview Slides assembled by the Géant-TrustBroker team at Leibniz Supercomputing Centre, Germany for a short presentation by.

INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.

“ I'm still loving the fact that I share a virtual classroom with such a mix of students from all over the world. Other strengths include: engaging, up-

Authentication and Authorisation for Research and Collaboration Licia Florio REFEDS Meeting The AARC Project I2 Technology Exchange.

Innovation through participation eduGAIN policy: A worm report TF-EMC2 Vienna Mikael Linden, CSC The worm farmer.

Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos GRNET Proposed Pilots for Libraries and eGov.

Authentication and Authorisation for Research and Collaboration Michał Jankowski, Maciej Brzeźniak AARC General Meeting, Milan.

Géant-TrustBroker Project Overview Daniela Pöhn 7 th FIM4R meeting Frascati, Italy April 24 th, 2014.

Connect. Communicate. Collaborate Deploying Authorization Mechanisms for Federated Services in the eduroam architecture (DAMe)* Antonio F. Gómez-Skarmeta.

WP4 – Cloud Platform & Provisioning Technical Review Period 1 This document produced by Members of the Helix Nebula consortium is licensed under a Creative.

Understanding deployment issues on the Supply Chain Ann Harding, SWITCH, Nicole Harris, TERENA Cambridge July 2014.

NREN Trust and Identity Strategy Ann Harding, SWITCH Cambridge July 2014.

Networks ∙ Services ∙ People Thomas Bärecke Journée Fédération, Paris Collaboration européenne GÉANT SA5 03/07/2015 SA5 T5 team

b2access.eudat.eu B2ACCESS The simple and secure authorisation and authentication platform of EUDAT This work is licensed under the Creative.

Innovation through participation Expectations on eduGAIN and next steps Valter Nordh, NORDUnet / GU 1.

Networks ∙ Services ∙ People Nicole Harris UK federation meeting eduGAIN, REFEDS and the UK 23 June 2015 Project Development Officer GÉANT.

Networks ∙ Services ∙ People Marina Adomeit FIM4R meeting Virtual Organisation Platform as a Service VOPaaS Nov 30, 2015, Austria Task Leader,

Federated Identity Fundamentals Ann Harding, SWITCH Cambridge July 2014.

Facing the challenge of relevance Erwin Bleumink 4 June 2013 TNC13.

Project Management Methodology Project Closing. Project closing stage Must be performed for all projects, successfully completed or shut off by management.

INTRODUCTION TO IDENTITY FEDERATIONS Heather Flanagan, NSRC.

Networks ∙ Services ∙ People Andrea Biancini #TNC15, Porto, Portugal Implementing Grouper to federate user authorization Federated Authorization.

Open Collaboration Exchange Alexander Blanc, Niels van Dijk, Jocelyn Manderveld, Remco Poortinga - van Wijnen VAMP 2013, Espoo.

Designing Identity Federation Policy, the right way Marina Vermezović, Academic Network of Serbia TNC2013 conference 4 May 2013.

Networks ∙ Services ∙ People Marina Adomeit TNC16 Conference, Prague Towards a platform for supporting collaboration GÉANT VOPaaS

Networks ∙ Services ∙ People TNC 2016, Prague Alice Through the Looking Glass Science DMZ goes above the network 13 June

Authentication and Authorisation for Research and Collaboration Peter Solagna, Nicolas EGI AAI integration experiences AARC Project.

Networks ∙ Services ∙ People Ann Harding Networkshop 44, Manchester Thinking globally, acting locally Trust and Identity in the GÉANT project.

Authentication and Authorisation for Research and Collaboration Taipei - Taiwan Mechanisms of Interfederation 13th March 2016 Alessandra.

Successfully Implementing Your Student Success Plans

Mechanisms of Interfederation

Are you ready for a federated security incident?

Project Management Tips

Community AAI with Check-In

What is InAcademia? An affiliation validation service

Presentation transcript:

How eduGAIN can help education: a real life story Sabita Behari Product Manager TNC14

Virtual Campus Hub: how it all began

Ambition ‘a technical platform that can deliver virtual meeting spaces for lectures, conferences, laboratory and numerical exercises, as well as innovation tools, executive learning modules, self-study, etc’.

Very ambitious indeed ‘a technical platform that can deliver virtual meeting spaces for lectures, conferences, laboratory and numerical exercises, as well as innovation tools, executive learning modules, self-study, etc’. EVERYTHING

Results First use of eduGAIN on a production level, involving several IdPs and (commercial) SPs: working environment A ‘how to’ with steps on setting up an international collaboration environment An infographic about collaborating online

Some lessons learned Having a project leader is essential

Having a clear view of all parties involved would have been very useful However, we did not do our homework beforehand

It worked to have committed resources: you need people to do technical implementations and fix issues. The EU funding the project helped a lot with this.

‘All politics is local’ (Thomas P. O’Neill, December 9, 1912 – January 5, 1994) Source:

‘Don’t expect me to say anything sensible about computers…’ Barend Mons, keynote speaker at opening plenary TNC14

Education and research first, not the cool technical stuff Most people have never heard of federations

‘Security is more important than the vision of the school’ Jelmer Evers, keynote speaker at TNC14 this morning

There is still no optimal solution for guest users ? ? ? ? ? ?

Not every IdP is a member of a federation Not every federation is a member of eduGAIN

How we got there In 16 simple steps Ok…maybe not that simple

1 Get a Champion ✓ The project needs a specific person within each institution who is responsible for the overall project and can make decisions. ✓ This person should serve as a central point of contact, coordinate the activities and communication and fix issues within the local organization.

2 List requirements Decide on the functional requirements for your collaboration and match these to the technical possibilities.

3 Analyse stakeholders Make a stakeholder analysis. Involve everyone from the beginning of the project. Create an inventory of the responsibilities of each stakeholder and the risks involved for the implementation of each of their tasks. Give credit where credit is due: mention contributors (the EU!)

4 Secure resources Be sure there are enough people involved within the organisations for development, configuration and management.

5 Involve all relevant national federations Make sure all relevant National Federations are involved from the start of the project.

6 Inform yourself about federations Get familiar with the functionality of identity federations.

7 Manage expectations Discuss the goals and desired functionalities from the get-go. Discuss what is technically feasible and what policies and processes come into play. Make a plan with milestones and evaluate these during the project.

8 Make sure institutions have an Identity Provider and are connected to their national federation ✓ Early on in the project, make sure all the institutions are a member of their local federation. SOURCE: geant.net

9 Make an inventory of users ✓ Analyse whether there are ‘guest users’ in the IdPs and decide how to deal with them. Are they allowed access? How is this access arranged?

10 Connect local services to local federations The services involved in the project should be connected to the national federations. The existing expertise of the national federation’s experts should be used to streamline this domestication effort.

11 Agree on attribute exchange ✓ The institutions that provide the user identities should agree with the service providers on which attributes are available and can be used.

12 Make sure local federations are members of eduGAIN ✓ Make sure all the involved federations are members of eduGAIN on the production level. ✓ When a federation uses a hub-and-spoke model, SAML- scoping for IdP-preselection should be supported. Otherwise, users will be confronted with two IdP selection pages.

13 Test the eduGAIN connection As a first step in making the international connections, the federations involved should test their eduGAIN implementation by connecting test services to foreign test identity providers, and vice versa. SOURCE: geant.net

14 Publish participating IdPs and SPs in eduGAIN Make sure you can answer: who should make an agreement with whom in the relation of SP, federation 1, federation 2 and the IdP which agreement is valid for the connection between foreign SPs and local IdPs via eduGAIN how an IdP should give permission for the connection

15 Make interconnections between services and institutions via eduGAIN In the case of a hub-and-spoke federation, like SURFconext (NL) or WAYF (DK), it is the responsibility of the federation operator. In the case of mesh federations, like Swamid (SE) or SWITCH (CH), this should be handled by the administrators of the services and identity providers themselves.

16 Educate users Make end-users aware of which services are available, how they get access to the applications, and how the login procedure works. Students Researchers Education institutions Collaborative Organisations

Consider implementing a central portal so users have a central starting point. For pointers on the most effective way to present federated identity to users of your site, visit the REFEDS Discovery Guide.REFEDS Discovery Guide

Conclusion It was not always easy, but federations and eduGAIN have great value for our community. It is clear that NRENs are in a unique position to actively shape and support these new kinds of collaborations in higher education and research.

More information We are happy to provide you with more detailed information. Visit or us. Visit for more on the Virtual Campus Hub Project. Check out our infographic about international online collaboration. It contains links to the 16 steps and lessons learned.infographic Visit to read more about eduGAIN.

sabitabe Creative Commons “Attribution” license: W