We're developing a cloud-based third-party service called Liberate, which will reduce the cost of identity provider (IdP) provision while uniquely providing an IdP that supports all Jisc access management services.
We currently offer three services that employ a federated approach to access management. These are: the UK Access Management Federation, eduroam, and Assent. Our members can use these services to manage user access to web-based content, wifi networks, and research e-infrastructure respectively.
Organisations with users wanting to use these services must first obtain an identity provider (IdP). The IdP’s primary function is to authenticate and authorise the user when they attempt to access a service (eg, a journal, wifi access point, or HPC cluster). This allows the provider to assess their eligibility for access.
About the project
We're developing a new service, named Liberate, which will:
- Authenticate user credentials against the organisation’s LDAP-compliant directory
- Authorise users via membership of groups defined in an LDAP-compliant directory
- Provide user attributes to services, based on policies determined by group membership
- Provide accounting and reporting on user authentications and service use
- It supports all three access management services: eduroam, UK Access Management Federation and Assent
- It simplifies access to the benefits of eduroam, the UK Access Management Federation and Assent by reducing the technical and management overhead required to participate
- High resilience and 24-7 availability over the Janet network
- It reduces the staff time on administering services, freeing them for more strategic priorities
- It is significantly cheaper than other competing forms of provision, where these exist
Visit the Liberate community group to view tariffs. You will need to log onto the Jisc community site, then request group membership to see these.