A simple overview of the steps that colleges need to take to join the UK Access Management Federation

1. LR Forum – Ulster University Jordanstown 13 February 2008 Mike Moran RSCni

5. The Gateways ATHENS INSTITUTION UK ACCESS MANAGEMENT FEDERATION FEDERATED INSTITUTION ATHENS CENTRAL ATHENS PROTECTED RESOURCE FEDERATED RESOURCE IdP Gateway SP Gateway LR Forum Note: Athens is referred to here simply for comparison with many existing situations

6. LR Forum Mike Moran RSCni IdP Gateway SP Gateway Identity Provider Gateway Outputs the data that confirms that the user requesting service is a registered student or staff member of the college concerned. This can be done with the minimum amount of personal information transferring directly to the supplier. Service Provider Gateway Confirms that the IdP data sent by the college matches the rights to access that the college has paid for (even if this is a FREE service) and causes the release of the item.

7. LR Forum Mike Moran RSCni See handout for explanation Shibboleth Flow Diagram User Service Provider (SP) Identity Provider (IdP) = College or Its Agent Where Are You From (WAYF) 1 2 3 4 5 6 7 8 Amount of information provided here can be managed by College

9. LR Forum Mike Moran RSCni Why did we go down this Shibboleth route at all? Posted by nicole [ Harris ] on January 23rd, 2008 “ There has obviously been a lot of debate in the last two days surrounding the regrettable announcement that JISC will no longer be funding the Federation Gateway Services [ through a contract with Eduserv (Athens) ]. This has led to people asking questions such as ‘why did we go down this Shibboleth route at all?’. I thought it might be useful to go back to the beginning. Below is the vision statement (we are very MSP here) for the Access Management Transition Programme. I think it sums things up quite nicely. The JISC Access Management Transition Programme aims to change the access management landscape within UK Further and Higher Education from a system predominantly based on proprietary systems to one with open standards at its core. The primary enabler of this change will be the introduction of federation access management and a strong recommendation to all institutions and organisations involved in education to implement access management solutions based on the SAML (Security Assertion Mark-Up Language) standard.

15. LR Forum Mike Moran RSCni

18. LR Forum Mike Moran RSCni 18. What is the last point at which my institution can make a decision about joining the UK federation? If you are currently using Athens, you can join the UK Access Management Federation at any time from November 2006 onwards. There is no end date for the Athens service – but see below (Q19). 19. What will happen to Athens? Athens will continue as a fee-charging service. JISC is providing extensive support mechanisms for institutions wishing to adopt federated access management solutions. JISC will not be funding the Athens service beyond July 2008. JISC Answers to some FAQs

21. LR Forum Mike Moran RSCni Does all of this have anything to do with re-structuring or selecting a Library Management System? Not directly – but there would be an advantage to sorting everything out at one time. Otherwise ,the directory structures created for the UK Federation may have to be re-visited when any new or re-configured LMS is installed.