JISC will centrally support federated access management from July 2008 as the preferred access system in UK higher and further education. This will be enabled by the UK Access Management Federation run by UKERNA. Institutions will need to implement authentication and authorisation systems to participate. Federated access management aligns with international standards, improves flexibility and access to resources, and is required to meet strategic goals around e-learning and collaboration.
9. Reviewing Readiness: Independent Review How many institutions will adopt federated access by July 2008? (FE figures: Scotland, Wales and Northern Ireland only) â The Sunday Times University Guide was used as a measure of the top 20 Universities. Of the top 20, information on institutional position was obtained for 18. Of the 18, 8 are early adopters of FAM, 9 plan to adopt by July 2008, 1 is interested but has no current plans to adopt. â
10.
11. Predicted Adoption 182 28.40% not set laggards 207 32.30% 01/11/2009 late majority 128 20% 01/11/2008 early majority (2) 83 13% 01/11/2007 early majority (1) 39 6% 31/05/2007 early adopters 2 0.30% 01/04/2004 innovators No. Institutions Percentage Adoption Milestone Adopter Type
14. Choices for Service Providers COSTS Providers using Athens will continue to pay current subscription and licence costs to Eduserv BENEFITS Athens providers will have access to the Federation through the âgatewayâ, funded by the JISC at least until July 2008 Decide not to implement Shibboleth Continue with Athens or other access management solution COSTS Cost of support from supplier and internal effort in liaison between supplier and Federation BENEFITS Full support in implementation, compliance with international standards and institutional requirements Become a full member of the UK Access Management Federation, using tools with paid-for support COSTS Internal effort to implement software, join federation and manage provider attributes BENEFITS No ongoing subscription costs, compliance with international standards and institutional requirements Become a full member of the UK Access Management Federation, using community-supported tools
15. Option 3: The Gateways ATHENS INSTITUTION UK ACCESS MANAGEMENT FEDERATION FEDERATED INSTITUTION ATHENS CENTRAL ATHENS PROTECTED RESOURCE FEDERATED RESOURCE IdP Gateway SP Gateway
16. UK Federation Core Attributes Used when a specific resource has a specific entitlement condition not covered elsewhere: must be over 21, must have completed foundation course module. eduPersonEntitlement (expressed as an agreed URI) mutually agreed by institution and service Used when a persistent user identifier is required across services. Typically used in for internal institutional services. Real identity can be established from attribute. eduPersonPrincipalName (harrisnv) defined by institution â login name â A persistent user pseudonymâ to allow for service personalisation and usage monitoring across sessions. Not a real world identity. eduPersonTargetedID (r001xf4rg2ss) opaque string defined by institution Establishes userâs relationship with institution â e.g. staff, student, member. Terms as used in JISC Model license. Most authorisation can be done against this attribute. eduPersonScopedAffiliation ( [email_address] ) UK specific controlled vocabulary WHAT THIS REALLY MEANS TECHNICAL ATTRIBUTE NAME