Federation information for publishers and service providers
See JISC's guide to Publishers and Service Providers (updated Mar 08) for full details of JISC's federation plans and the impact it has had on publishers and service providers
JISC announcement list for publishers and service providers:
jisc-shibboleth-publishers@jiscmail.ac.uk
Introduction
JISC has invited all publishers and service providers to join the UK Access Management Federation and to adopt federated access management technology. This page provides some useful information about the transition to the UK federation. If your organisation would like to learn more, please contact the Access Management Team at jisc-access-management@jiscmail.ac.uk.
In January 2008 JISC announced significant changes to its Federated Access Management Transition Programme. Regretfully, JISC did not continue funding the Federation Gateway Services after 31 July 2008. More information and JISC advice to Service Providers.
Why change?
There are a number of reasons JISC advocated federated access management:
- Educational institutions demanded a single sign-on solution that supported institutional authentication of all resources whether internal to the institution, through the use of collaborative platforms or to licensed third-party materials.
- Other countries had been developed their own solutions to the problem of accessing multiple resources with a single identity. A system based on international standards is therefore essential for publishers and other service providers who operate and compete at an international level.
- Federated access management separates authentication from authorisation. Authentication is controlled by the user's home institution; authorisation is based on user-attributes and controlled by the resource provider. This meant less work in administering usernames and passwords.
Back to top
What are the benefits?
The use of federated access management and the software available to support its implementation provides significant benefits to service providers:
- Improved user experience
Users don't have to remember a separate identity, they simply use their institutional username and password. This should increase the use of subscribed services and reduce the risk of users compromising their accounts by writing down their username and password and sharing it with others.
Federated access management enables personalisation through finely-controlled access to services or resources, allowing for subscriptions by department and group or courseware targeted at individual classes without releasing the identity or location of the user.
- International take-up
Based on international standards and is achieving wide support in Australia, New Zealand, the USA, Japan and also in many European countries. Service providers have therefore built a skills-base on one technology that has supported a wide range of customers, reducing costs in time and resources.
- More choice and flexibility
There is no tie-in to one provider for software and implementation support, this has given identity and service providers more choice about which software to use. It has been implemented using freely available open-source software, resulting in cost savings on subscription charges.
Listen to Elsevier ScienceDirect, an early adopter of Shibboleth, talk about some of the issues around adopting this new technology and what the main benefits and challenges are for publishers and service providers.
Back to top
Choices and costs
In developing the UK Access Management Federation, JISC has considered the requirements of both institutions and service providers in making the transition.
JISC has encouraged all publishers of information resources that provide a service to the UK education and research community to apply for free membership of the UK federation. Information about how to join can be found on the UK federation website.
Costs of implementing a federated access management solution was dependent on the model chosen by the service provider. Service providers were free to choose either open source or commercial products. The products that are chosen must be SAML compliant and meet the requirements of the UK federation. Service providers had the option of either implementing and using in-house technical staff or outsource technical support to one of several suppliers that had developed expertise in standards compliant software. Technical recommendations for participants and other core federation documentation can be found on the UK federation website.
For more details on the process that a service provider needs to follow in order to implement federated access management, check the Joining the UK federation process map (pdf).
Back to top
JISC Support
JISC is committed to supporting institutions and service providers in this changing environment. As well as supporting the UK federation, JISC has:
- Funded the provision of the Athens service and Federation gateways until 31 July 2008
- Provided support for institutions, publishers and other service providers through the JISC Access Management Outreach Team
- Provided additional support and training for smaller institutions and publishers that lack the technical skills and resources to implement a solution in-house
- Provided case studies, reports, toolkits and advice from the work carried out by its 'early adopter' programmes
- Ensured the services hosted by MIMAS, EDINA and other JISC services were compliant with federated access management technologies.
There is also a dedicated JISC mailing list for publishers and service providers: jisc-shibboleth-publishers@jiscmail.ac.uk.
More on JISC support for publishers and Service Providers, including support for smaller publishers.
Service provider specific FAQs
JISC prepared some service provider specific Frequently Asked Questions (FAQs)
JISC advice on Login & WAYF design
JISC prepared some advice for publishers and service providers on federation login terminology and WAYF design.
Timescales
Key milestones in the transition to Federated Access Management
Service providers offering federated access in the UK and beyond
Find out which services offer federated access via the UK federation and beyond
News and events
For the latest information about the JISC Access Management Programme, go to News. The JISC Access Management blog is also a good place for keeping up-to-date with current access management issues.
To find out about federated access management events, go to Events.
Back to top