JISC will centrally support federated access management from July 2008 as the preferred access system in UK higher and further education. This will be enabled by the UK Access Management Federation run by UKERNA. Institutions will need to implement authentication and authorisation systems to participate. Federated access management aligns with international standards, improves flexibility and access to resources, and is required to meet strategic goals around e-learning and collaboration.

1. Connecting People to Resources Federated Access Management within the UK Nicole Harris Senior Services Transition Manager, JISC

2. Connecting People to Resources OVERVIEW

8. Connecting People to Resources STATISTICS

9. Reviewing Readiness: Independent Review How many institutions will adopt federated access by July 2008? (FE figures: Scotland, Wales and Northern Ireland only) “ The Sunday Times University Guide was used as a measure of the top 20 Universities. Of the top 20, information on institutional position was obtained for 18. Of the 18, 8 are early adopters of FAM, 9 plan to adopt by July 2008, 1 is interested but has no current plans to adopt. “

11. Predicted Adoption 182 28.40% not set laggards 207 32.30% 01/11/2009 late majority 128 20% 01/11/2008 early majority (2) 83 13% 01/11/2007 early majority (1) 39 6% 31/05/2007 early adopters 2 0.30% 01/04/2004 innovators No. Institutions Percentage Adoption Milestone Adopter Type

12. Connecting People to Resources CHOICES

13. Option 1 and 2: Roadmap for Institutions

14. Choices for Service Providers COSTS Providers using Athens will continue to pay current subscription and licence costs to Eduserv BENEFITS Athens providers will have access to the Federation through the ‘gateway’, funded by the JISC at least until July 2008 Decide not to implement Shibboleth Continue with Athens or other access management solution COSTS Cost of support from supplier and internal effort in liaison between supplier and Federation BENEFITS Full support in implementation, compliance with international standards and institutional requirements Become a full member of the UK Access Management Federation, using tools with paid-for support COSTS Internal effort to implement software, join federation and manage provider attributes BENEFITS No ongoing subscription costs, compliance with international standards and institutional requirements Become a full member of the UK Access Management Federation, using community-supported tools

15. Option 3: The Gateways ATHENS INSTITUTION UK ACCESS MANAGEMENT FEDERATION FEDERATED INSTITUTION ATHENS CENTRAL ATHENS PROTECTED RESOURCE FEDERATED RESOURCE IdP Gateway SP Gateway

16. UK Federation Core Attributes Used when a specific resource has a specific entitlement condition not covered elsewhere: must be over 21, must have completed foundation course module. eduPersonEntitlement (expressed as an agreed URI) mutually agreed by institution and service Used when a persistent user identifier is required across services. Typically used in for internal institutional services. Real identity can be established from attribute. eduPersonPrincipalName (harrisnv) defined by institution – login name ‘ A persistent user pseudonym’ to allow for service personalisation and usage monitoring across sessions. Not a real world identity. eduPersonTargetedID (r001xf4rg2ss) opaque string defined by institution Establishes user’s relationship with institution – e.g. staff, student, member. Terms as used in JISC Model license. Most authorisation can be done against this attribute. eduPersonScopedAffiliation ( [email_address] ) UK specific controlled vocabulary WHAT THIS REALLY MEANS TECHNICAL ATTRIBUTE NAME

18. Connecting People to Resources EXAMPLES

19. Connecting People to Resources INDEX TO THE TIMES: EDINA

20. Shibboleth Access via a WAYF for external services And where they are from User knows URL of resource and that Shibboleth is used

21. Connecting People to Resources JSTOR

22. JSTOR Example: Service Provider Developed WAYF

23. Connecting People to Resources SCIENCE DIRECT

25. Shibboleth behind the library portal The expanded list shows a link direct to the Service Provider, in this case Elsevier

26. Shibboleth behind the library portal After clicking link in library portal:

27. Connecting People to Resources LANDMAP: MIMAS With thanks to Ross Macintyre

40. Connecting People to Resources SUPPORT