Federated Access Management - a roadmap
Technical developments and the growing need for collaborative approaches in e-learning and e-research have led JISC to devote significant funds to the implementation of the next generation access management system based on Shibboleth technology. Benefits of the new system include easier access to online resources, enhanced opportunities for collaboration and greater control by institutions of access management procedures. Central to these developments will be the creation of the UK Access Management Federation which is to be launched in September 2006.
This publication has now been updated. Please read Version 2: March 2008
Federated Access Management: Connecting People to Resources
Version 1
Connecting students and staff to resources subscribed to by educational institutions is essential to the sector. Nicole Harris looks at how the evolving needs of e-learning and e-research communities require some far-reaching changes to the ways in which institutions manage access to resources.
Technical developments and the growing need for collaborative approaches in e-learning and e-research have led JISC to devote significant funds to the implementation of the next generation access management system based on Shibboleth technology. Benefits of the new system include easier access to online resources, enhanced opportunities for collaboration and greater control by institutions of access management procedures. Central to these developments will be the creation of the UK Access Management Federation which is to be launched in September 2006.
Educational institutions throughout the UK will be invited to join the UK Federation and adopt new technologies such as Shibboleth. This will provide institutions with a route to single sign-on to resources for users through the implementation of federated, devolved authentication.
The Athens service in its current form will not be funded by JISC after July 2008 and JISC has established a transition programme with clear choices to minimise disruption to end-users.
The diagram overleaf gives an outline of the steps institutions will need to take and the box below gives the options available to institutions in adopting federated access management.
Communications have been sent to all FE and HE institutions outlining in greater detail the options available to institutions as well as the various means of support available, including the establishment of the Middleware Assisted Take Up service (MATU) hosted by Eduserv and a range of early adopter projects whose experiences will be disseminated to the wider community.
Nicole Harris JISC
Joining the UK Access Management Federation
Choice for institutions
It is important to emphasise that institutions will have choices, and that these choices should be supported by informed decisions. The potential models for adoption by institutions are described in the table below and institutions should consider how well each of these models fits with their IT Strategy. Case studies, reports and advice are all available from the Middleware Assisted Take-Up Service (MATU).
1 Become a full member of the UK Access Management Federation, using community-supported tools
Costs
Institutional effort to implement software, join Federation and enhance institutional directories
Benefits
Full institutional control, skilled staff and access management solution for internal, external and collaborative resources
2 Become a full member of the UK Access Management Federation, using tools with paid-for support
Costs
Cost of support from supplier and institutional effort in liaison with supplier and Federation
Benefits
Full support in implementation and access management solution for internal, external and collaborative resources
3 Subscribe to an ‘outsourced Identity Provider’ to work through the Federation on your behalf, such as continued use of Athens with the gateways
Costs
Subscription costs to external supplier (from July 2008) and internal administration role
Benefits
Minimum institutional effort to achieve access to external resources only
Further information
UK Federation
Email: jisc-access-management@jiscmail.ac.uk