The concept of Logins for Life places the user at the centre of the university’s information systems: it is recognised that as people go through life they obtain different accounts at different service providers, and cease to use some of their existing accounts. Furthermore, remembering all the passwords of the different accounts is onerous on the user, and costly to the service provider who has to provide a password recovery service. A system whereby any user is able to register a new login account at any time, regardless of their status, and de-register any of their existing login accounts when they no longer wish to use them for login/ authentication empowers a user to manage their own identities and user IDs. This is a very novel feature, and it will ensures that users can continue to login to university services using the account that is most convenient to them at any stage in their life. Furthermore, users will be able to continue to use their university login account for logging into other services which support Shibboleth SSO. This should dramatically decrease the problem of forgotten passwords, since users will be able to use the login account that suits them best for a wide variety of services.

Logins for life

Download final report

Overview

The concept of Logins for Life places the user at the centre of the university’s information systems: it is recognised that as people go through life they obtain different accounts at different service providers, and cease to use some of their existing accounts. Furthermore, remembering all the passwords of the different accounts is onerous on the user, and costly to the service provider who has to provide a password recovery service. A system whereby any user is able to register a new login account at any time, regardless of their status, and de-register any of their existing login accounts when they no longer wish to use them for login/ authentication empowers a user to manage their own identities and user IDs. This is a very novel feature, and it will ensures that users can continue to login to university services using the account that is most convenient to them at any stage in their life. Furthermore, users will be able to continue to use their university login account for logging into other services which support Shibboleth SSO. This should dramatically decrease the problem of forgotten passwords, since users will be able to use the login account that suits them best for a wide variety of services.

Aims and Objectives

The Logins for Life project addresses the needs of a University to engage with users throughout their lives. It will create use cases, policies and recommendations for dealing with user accounts throughout their changing roles while catering for existing digital identities. It will also create a test environment which will demonstrate how these policies can be delivered using open source tools.

Project methodology

Agile project management techniques with regular group meetings will help to plan and run the Logins for Life project in an efficient and light-weight manner.

  • WP1. Project management. (6 person weeks) led Peter Riley
  • WP2. Requirements gathering. (11 person weeks) led by Bonnie Ferguson
  • WP3. Investigating technologies. (14 person weeks) led by Bonnie Ferguson
  • WP4. Building and testing a demonstration system. (32 person weeks) led by David Chadwick
  • WP5. Dissemination. (8 person weeks) led by John Sotillo

Anticipated outputs and outcomes

The deliverable for the Logins for Life project are:

  • D1.1 Project Plan, D1.2 Progress Report, D1.3 Final Report and D1.4 Completion Report. 
  • D2.1 Requirements and Use cases for the University of Kent 
  • D2.2 Survey of best practises for lifetime identity provision amongst Universities and leading online companies such as Amazon and Google. 
  • D3.1 Design of overall architecture and any missing glue components 
  • D4.1 Demonstration system for trialling with users. 
  • D4.2 Demonstration results. Results obtained from performance and stress testing and usability results from trialling with users. 
  • D5.1 Project Web Site 
  • D5.2 Recommendations to JISC and Kent for Logins for Life policies and procedures 
  • D5.3 Recommendations to JISC and Kent for software architectures 
  • D5.4 Roadmap for deployment at Kent
Technology / Standards used

SAML assertions, Shibboleth and OpenID protocols, OGF-authz profiles

Project Staff

Project Director
  • John Sotillo, Director of Information Services, Templeman Library, University of Kent, Canterbury, Kent CT2 7NU, 01227 823635 J.Sotillo@kent.ac.uk
Project Manager
  • Matthew Slowe, Computing Officer, IS Technical Services, University of Kent, Canterbury, Kent CT2 7NF, 01227 823635 M.Slowe@kent.ac.uk
Project Team
  • Professor David Chadwick, Leader of the Information Systems Security Research Group (ISSRG), University of Kent, 01227 823221 d.w.chadwick@kent.ac.uk 
  • Dr Peter Riley, Technical Services Manager, Computing Service, University of Kent 
  • Bonnie Ferguson, Senior Web Developer, University of Kent 
  • Dr Stijn Lievens, Team Leader, Information Systems Security Research Group, University of Ken, 01227 823823 S.F.Lievens@kent.ac.uk 
  • George Inman, Research Associate, University of Kent, 01227 823823 G.Inman@kent.ac.uk

 

Documents & Multimedia

Bookmark and Share
Summary
Start date
1 January 2010
End date
31 March 2011
Funding programme
Access and Identity Management Programme
Project website
Lead institutions
University of Kent
Committees
  • JISC Infrastructure and Resources Committee
Topic