Presentation is loading. Please wait.

Presentation is loading. Please wait.

Supporting further and higher education AA(A) – What does it mean to the service provider? Alan Robiette, JISC Development Group.

Published byRaymond Lawson Modified over 8 years ago

Similar presentations

Presentation on theme: "Supporting further and higher education AA(A) – What does it mean to the service provider? Alan Robiette, JISC Development Group."— Presentation transcript:

1 Supporting further and higher education AA(A) – What does it mean to the service provider? Alan Robiette, JISC Development Group

2 24 Oct 2002TERENA General Assembly, Prague2 Overview JISC and its activities AAA in the UK academic and research community The Athens service Experience with service providers Both within the academic community, and with commercial publishers Pointers to the future

3 24 Oct 2002TERENA General Assembly, Prague3 JISC activities Provision of the JANET network Via operations contract with UKERNA Provision of electronic content Procurement: national contracts Some hosting at national data centres Environments for teaching and learning Development, support and advice Across all topics listed

4 24 Oct 2002TERENA General Assembly, Prague4 AAA: UK requirements A service available to all higher and further education institutions ca 180 HE plus 500 FE in total ca 6 million potential users in total Controlling access to a wide range of electronic resources Both internally and externally hosted Providing usage statistics to both institutions and suppliers

5 24 Oct 2002TERENA General Assembly, Prague5 What is Athens? An access management system written specifically to meet these requirements Originally designed by a team at the University of Bath (JISC-funded) Now owned, developed and operated by EduServ (http://www.eduserv.org.uk) Besides JISC, Athens is also used similarly by the National Health Service (National Electronic Library for Health)

6 24 Oct 2002TERENA General Assembly, Prague6 Some recent statistics These cover both education and NHS, unless otherwise stated 497 FE + HE sites; 769 sites total including NHS Approximately 2 million user accounts Average authenticated access request per day 85,650 (August 2002) 51 content providers, offering between them 249 Athens-controlled resources

7 24 Oct 2002TERENA General Assembly, Prague7 How does it work? Athens is a “trusted third party” network service Essentially a large database of user ID and authorisation data Replicated to provide a resilient service Each participating college or university administers its own part of the database Content providers refer access requests to Athens for validation, and run special plug-in software to achieve this

8 24 Oct 2002TERENA General Assembly, Prague8 Athens data flows © EduServ, 2002

9 24 Oct 2002TERENA General Assembly, Prague9 Service providers Need to run special software to carry out the dialogue with Athens Easier for some than others! Athens “agent” plugins provided either as toolkit (C, Java, Perl implementations all available) for integration into supplier’s system Or as prepackaged modules (for Apache or IIS) Standards of software quality assurance, documentation, etc, are very important

10 24 Oct 2002TERENA General Assembly, Prague10 Athens developments “Single sign-on” introduced in early 2002 Limited-life ticket cached in user’s browser, allows access to all service providers running latest agent version Devolution of authentication back to user’s campus Initially via campus LDAP directory Also prototype using client-side X.509 certificate

11 24 Oct 2002TERENA General Assembly, Prague11 Devolved authentication © EduServ, 2002

12 24 Oct 2002TERENA General Assembly, Prague12 Developments elsewhere Athens is a pioneering system: it has served the JISC community well but is now dated in various ways e.g. It is proprietary and does not conform to emerging open standards Other communities similar to ours are now working on standards- based models

13 24 Oct 2002TERENA General Assembly, Prague13 Shibboleth Being developed by Internet2 community (top US universities) Much less centralised than Athens Most messages pass directly between user organisation and content supplier Message syntax defined in SAML (Security Assertion Markup Language) Strong emphasis on user privacy (user attributes disclosed selectively) Not yet fully operational

14 24 Oct 2002TERENA General Assembly, Prague14 PAPI Developed by RedIRIS for the Spanish university community Strongly campus-centred (all authentication and authorisation takes place at user’s organisation) Makes fewest demands on content supplier Working at ~25 sites in Spain Next major version will add Shibboleth compliance

15 24 Oct 2002TERENA General Assembly, Prague15 What of the future? Shibboleth (and SAML) likely to be very influential PAPI is moving towards compliance with Shibboleth Could Athens also do so? TERENA (TF-AACE) and Internet2: a common approach? Extremely desirable for dealing with content suppliers

16 24 Oct 2002TERENA General Assembly, Prague16 Athens data flows © EduServ, 2002

17 Supporting further and higher education Questions?

Download ppt "Supporting further and higher education AA(A) – What does it mean to the service provider? Alan Robiette, JISC Development Group."

Similar presentations

Athens and Shibboleth ® : the choices Phil Leahy Athens Product Manager.

Athens and Shibboleth ® : the choices Phil Leahy Athens Product Manager.
Shibboleth and UKAMF-FEAR not as scary as it sounds! Rhys Smith Cardiff University.

Shibboleth and UKAMF-FEAR not as scary as it sounds! Rhys Smith Cardiff University.
Authorisation Models for National Scale Services Alan Robiette Joint Information Systems Committee

Authorisation Models for National Scale Services Alan Robiette Joint Information Systems Committee
Supporting education and research Core Middleware Development Nicole Harris, Programme Manager, JISC Middleware Team.

Supporting education and research Core Middleware Development Nicole Harris, Programme Manager, JISC Middleware Team.
Joint Information Systems Committee 01/04/2014 | | Slide 1 Connecting People to Resources The JISC Access Management Strategy Nicole Harris Programme Manager.

Joint Information Systems Committee 01/04/2014 | | Slide 1 Connecting People to Resources The JISC Access Management Strategy Nicole Harris Programme Manager.
Joint Information Systems Committee 01/04/2014 | slide 1 Support e-Research at JISC Access Management and Security Joint Information Systems CommitteeSupporting.

Joint Information Systems Committee 01/04/2014 | slide 1 Support e-Research at JISC Access Management and Security Joint Information Systems CommitteeSupporting.
Eduserv Athens Federations David Orrell Eduserv Athens Technical Architect.

Eduserv Athens Federations David Orrell Eduserv Athens Technical Architect.
Next Generation Athens Services Ed Zedlewski UK e-Science Town Meeting, London, 11 April 2005.

Next Generation Athens Services Ed Zedlewski UK e-Science Town Meeting, London, 11 April 2005.
Joint Information Systems Committee 25/08/2014 | slide 1 JISC Core Middleware Programme Meeting Middleware in Development Joint Information Systems CommitteeSupporting.

Joint Information Systems Committee 25/08/2014 | slide 1 JISC Core Middleware Programme Meeting Middleware in Development Joint Information Systems CommitteeSupporting.
KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.

KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.
Controlling Access to Resources for Walk-In Users 14 September 2006 Rod Crowley Systems Team Leader Leeds University Library.

Controlling Access to Resources for Walk-In Users 14 September 2006 Rod Crowley Systems Team Leader Leeds University Library.
Supporting Further and Higher Education Building the UK National Information Environment - Lessons from the Past and Pointers To the Future Norman Wiseman.

Supporting Further and Higher Education Building the UK National Information Environment - Lessons from the Past and Pointers To the Future Norman Wiseman.
Developing portal services: the Subject Portals Project Rosemary Russell SPP Project Manager UKOLN, University of Bath

Developing portal services: the Subject Portals Project Rosemary Russell SPP Project Manager UKOLN, University of Bath
Copyright JNT Association 20051Optional www.ukfederation.org.uk Copyright JNT Association 2007 1 Joining the UK Access Management Federation 4th April.

Copyright JNT Association 20051Optional Copyright JNT Association Joining the UK Access Management Federation 4th April.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST 24-27 May 2005, Edinburgh.

1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.

David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.
Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (http://www.ag-nbi.de)http://www.ag-nbi.de.

Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (
Electronic Authentication for Flexible Learning Workshop Presentation (5 August 2003) Chris Connolly, CEO, Galexia Consulting.

Electronic Authentication for Flexible Learning Workshop Presentation (5 August 2003) Chris Connolly, CEO, Galexia Consulting.
03 December 2003 Digital Certificate Operation in a Complex Environment Consultation/Stakeholders Meeting 3 December 2003.

03 December 2003 Digital Certificate Operation in a Complex Environment Consultation/Stakeholders Meeting 3 December 2003.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.

Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.

Similar presentations

Ads by Google