Post on 15-Jun-2015
description
SWAMID - WAYF
Concrete initiatives in identity federations – case: the Nordic Countries
Overview
• Who are we?
• Why are we here?
• WAYF/SWAMID
• Kalmar2
• eduGAIN
• Summary
• Question and comments
Who are we?
• Valter Nordh, IT Coordinator, eduGAIN, SUNET and University of Gothenburg.
• Jacob-Steen Madsen, Head of Secretariat, WAYF Secretariat, Copenhagen
Why are we here?
• Electronic id-federations gives you:– Cost savings of maintaining logins– Economics of scale (cloud services!)– Reusability of logins– User convenience – provides Single Sign On– Enabling collaboration
WAYF
• Research network Service– Funding: 3 ministeries, the electronic research library
& research network (3,5 million DKK/year)– 6 years old – In production since march 2008– Basic infrastructure
WAYF
• Demographics– 5.534.738 citizens– 4.319.228 adults– 1.188.796 under education
• 3 public identity federations in Denmark– NemLog-in (3.500.000 vetted users)– UNI-Login (500.000 vetted users)– WAYF (>4.500.000 vetted users)
WAYF
• Mission statement:– To facilitate exchange of identity information between
users and services at both a national and internationally in a safe way.
WAYF
Strategy– To support an open market for federated services– To enhance the digital life for the federations end
users– To be preferred choice of partner for advice on service
creation amongst members– To ensure a very high level on competence on privacy
related issues
WAYF
7. Jun 27. Jun 17. Jul 6. Aug 26. Aug15. Sep 5. Oct 25. Oct 14. Nov 4. Dec 24. Dec 13. Jan 2. Feb 22. Feb14. Mar 3. Apr 23. Apr13. May0
5000
10000
15000
20000
25000
30000
35000
Series1
WAYF
Goals for 2011-2012– 3.000.000 logins (2010-2011) -> 10.000.000 logins
(2011 – 2012)– A reuse rate > 2 pr. login medio 2012– 50% more services connected to WAYF ultimo 2011
compared to ultimo 2010
WAYF
1 4 7 10 13 16 19 22 25 28 31 34 37 40 43 46 49 52 55 58 61 64 67 70 73 76 79 82 85 88 91 94 97 1001030
100000
200000
300000
400000
500000
600000
700000
800000
Series1
WAYF
SWAMID
• History– Started as a collaboration between universities around
2005/2006– eduroam was initially a driving factor– Funded by participating universities and SUNET– Governed by SUNET with universities represented
SWAMID
• Growth and use of SWAMID– Two use cases that draw adoption:
NyA and the SUNET Video Conferencing service
– NyA (National admission system)NyA issues logins to applying usersUniversities reuse those, thereby reducing costs
– More details in the presentation from EUNIS 2008 at Aarhus University:http://eunis.dk/papers/p17.pdf
SWAMID
• Growth and use of SWAMID (cont)– The SUNET Video Conferencing service:
Potential # of users: 350.000 students + employees– Cost of maintaining logins? Helpdesk?
– Demonstration of SWAMID:https://connect.sunet.se/swamix
SWAMID
• Technical model of SWAMID– So called mesh-structure:
everyone can talk to everybody– Lightweight central infrastructure– No (?) single points of failure– Flexible architecture for participating universities– Requires competence from participants
SWAMID
• Governance and policy of SWAMID– A new policy for SWAMID as of 2011, SWAMID 2.0– Governed and financed by SUNET– SWAMID target Universities and University Colleges– Approx. 2 FTE for running and maintaining SWAMID
SWAMID
• Future of SWAMID!– SWAMID is used as a reference model for the new e-
id from the Swedish government– SWAMID is actively participating in international
collaborations– Working with municipals in extending federations
outside of higher education– International standards are emerging around
electronic identities, SWAMID aims to comply with these
SWAMID
• Future of SWAMID!– Working together with universities in developing
practices around managing user identities– New use cases are emerging – for example foreign
students admitted through NyA– SWAMID provides the infrastructure for connecting
AND to transfer information securely
– What can SWAMID do for you?
HAKA + FEIDE
• Finland: Has a federation called Haka
• Norway: Has a federation called Feide
• Some differences BUT in essence alike
• Kalmar2!
Kalmar2
Kalmar2
Kalmar2
Kalmar2
• Characteristics– One common standard between contries– IdM requirements– Service Purpose– Attribute proportionality– Consent
eduGAIN
• Enable collaboration outside of the Nordic countries!
• eduGAIN is intended to simplify the movement of people and data between participant federations
• FP7 funded project from the EC (within GEANT)• Offered as a service, still growing from pilot
eduGAIN today
eduGAIN
eduGAIN
• Challenges!Personal number? Legal issues!To be solved!
• We have a service to build upon• Most countries/federations in EU has indicated
that they will join• More information on www.edugain.org
A brief summary
– Login within a Nordic service:HAKA - checkFEIDE - checkSWAMID - checkWAYF - check
– Login between Nordic services:Kalmar2 – check
– Login between international services:eduGAIN – ”check”
• Questions and comments