Online Educa: JISC Access and Identity Management

Joint Information Systems Committee 05/31/07 | | Slide 1

Connecting People to Resources

Trust Federations in the UKNicole HarrisProgramme Manager

Joint Information Systems Committee 05/31/07 | slide 2

UK Education and Access Management - Past

UK first country to have a national access management system for education – Athens.

Centralised system (large, replicated database) responsible for both:

– Authentication: determining that a person is who they say they are;

– Authorisation: determining what that person is entitled to access.

Used by majority of Universities and Colleges in the UK.

Connects these institutions to a large number of third party resources such as e-journals, databases etc.

Administration devolved back to institution who manage users and resources within the database via the ‘Athens Administrator’ interface.


UK Education and Access Management – Future Requirements

Research showed that institutions had a clear demand for a more encompassing system:

– Internal (intra-institutional) applications (mostly through SSO system)

– Management of access to third-party digital library-type resources (as now)

– Inter-institutional use – stable, long-term resource sharing between defined groups (e.g. shared e-learning scenarios)

– Inter-institutional use – ad hoc collaborations, potentially dynamic in nature (virtual organisations or VOs)

Administration happening in two places: institutional directories and Athens Administrator interface.

Agreed international standards and specifications emerged (SAML, eduPerson, WS-Security).


UK Access Management Federation - Now


UK Education and Identity Management

Devolved authentication means that identity management must become a priority. You must know who all of your users are.

Increasingly complex users groups within institutions that need to be managed: visiting professors, visiting students, access entitlements for doctors, shared courses, commercial collaborations.

Increasing need to manage identities across institutions: lifelong learning and ePortfolios.

Increasing obligation to protect your users: Data protection act.

Increasing requirements to protect your users: identity more and more online.

Joint Information Systems Committee 05/31/07 | | Slide 6

Trust Federations in the UK

Hot Topics:

Open Access, Social Software, eLearning


Hot Topic: Open Access

Open Access Repositories increasingly common, but ‘open’ does not mean that access control is not required. Repositories often about ‘self-archiving’ rather than ‘open access’ and are restricted to institutional members.

ShibboLEAP project: consortia of seven London Universities who used federated access management to allow access to each others institutional repositories (D-Space and ePrints).


Sharing Open Access Repositories

Identity Provider

Identity Provider

Identity Provider

Service Provider

(Repository)

Service Provider

(Repository)

Service Provider

(Repository)


Hot Topic: Open Access

Open Access Repositories increasingly common, but ‘open’ does not mean that access control is not required. Repositories often about ‘self-archiving’ rather than ‘open access’ and are restricted to institutional members.

ShibboLEAP project: consortia of seven London Universities who used federated access management to allow access to each others institutional repositories (D-Space and ePrints).

Access control also means you can control who can write, read, comment, annotate etc. by giving people different permissions. It is also permits versions to be ‘locked’. This allows trust and verification of final versions.

Trusted, verified versions are important for the UK Research Assessment Exercise – hope that this approach will encourage assessors to accept institutional repositories as a verified resource.


Hot Topic: Social Software


Social Software and Identity


Hot Topic: eLearning


Who does this impact?

SCH01LIF02

UNI07

SEC08

DES11

UNI12

GAM13

LIF15 INC17

COM19

DES21

LIF22

TOO25

UNI26

GEN27

SEC29

DES30

DES32


The International Perspective

Working to same standards and specifications means we can all work together!

– New opportunities for international collaboration – like the London School of Economics and Columbia University shared e-Learning resource.

– New business opportunities for publishers and service providers.

– Shared understand through initiatives like the e-Framework.

Federated access management is being adopting in a wealth of countries: US, Netherlands, UK, Spain, Switzerland, Norway, Sweden, France, Germany, Australia, New Zealand, Canada.

Economies of scale through co-operation, partnership and communication.

International working groups having a strong impact:

– TERENA European Middleware Co-ordination and Communication (TF-EMC2).

– ‘Shib-enable’ groups led by Internet2.

– Refeds group looking at federation peering.


Key Messages

Access Management is not about restricting, it is about enabling access by connecting the right people to the right resources.

Federated access management opens up new opportunities that meet strategic drivers that we all face.

By devolving responsibility for authentication to an institution, an institution must know who all its users are.

By knowing who your users are, you can better protect, support and help them through their educational journey.


Contact Details

Nicole Harris, Programme Manager

[email protected]

07734 058308

www.jisc.ac.uk

mailto:[email protected]

Online Educa: JISC Access and Identity Management

Business

Transcript of Online Educa: JISC Access and Identity Management