the switchaai framework2006 © switch the switchaai framework 15 university a library b university c...
TRANSCRIPT
2006 © SWITCH 2The SWITCHaai Framework
SWITCHaai Building Blocks
IdentityProviders
Service Providers
OrganisationalFramework
Interoperation
CentralServices Funding
2006 © SWITCH 3The SWITCHaai Framework
The Swiss NREN
SWITCH
• is the National Research & Education Network
• was founded in 1987
• is a foundation owned by the federal and regional authorities
• operates the higher education backbone network
• provides additional services like CERT, e-Conferencing
• is registry and registrar for .ch and .li top level domains
2006 © SWITCH 4The SWITCHaai Framework
Why SWITCHaai?
• Swiss Virtual Campusa national long-term program to promote e-learning
• Subsidies for the development of course content,if at least three universities contribute to a course
• User Authentication should not be developed individuallyfor each course or course platform
Initiated activities towards a nationalAuthentication and Authorization infrastructure (AAI)
2006 © SWITCH 5The SWITCHaai Framework
SWITCHaai Project Timeline
ArchitectureEvaluation
Shibboleth
2001 2002 2003 2004 2005 2006 2007
ImplementationPilot Operation Study
Study, Planning …
Organisation
2006 © SWITCH 6The SWITCHaai Framework
Organisational Framework
SWITCH acts as SWITCHaai Federation Service ProviderFederation membership based on signed service agreements
Organisation
2006 © SWITCH 7The SWITCHaai Framework
The Federations & Infrastructures
Pilot Infrastructure
Test Infrastructure
Production Infrastructure
200520042003 2006 2007
SWITCHaai Federation
Technical Standards
PoliciesMetadata
Trust
Security
AAI Test Federation
Technical Standards
Metadata
Legal Framework
Organisation
2006 © SWITCH 8The SWITCHaai Framework
Central AAI-Services
• Strategy & Marketing
• International Contacts
• Federation-specific Configuration Guides and Metadata files
• Support, Consulting & Training
• Operating the ’Where Are You From?’ – Server (WAYF)
• AAI Test Federation: Test-IdP and Test-SP
• Tools: AAIportal, Resource Registry
• Virtual Home Organization (VHO)
• Jump Start ServiceCentralServices
2006 © SWITCH 9The SWITCHaai Framework
Funding
02000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010
fund
ing
/ cos
ts
pilot project project operationalservice
funded by SWITCH funded by subsidies funded by tariffs
Funding
2006 © SWITCH 10The SWITCHaai Framework
Interoperation
Interoperation
Interoperation requires agreement on technical details such as• Standards• SAML 1.1
• Software versions used• Shibboleth 1.3 for Identity Providers (IdP)• Shibboleth 1.2.1 or 1.3 for Service Providers (SP)
• Attributes possible to exchange• Attribute specification – swissEduPerson
• Metadata• Accepted Certification Authorities• SWITCHpki and Thawte, Trustcenter, VeriSign
2006 © SWITCH 11The SWITCHaai Framework
Identity Providers in SWITCHaai
IdentityProviders
Operational
Getting ready
Coverage January 2006:125’000 Users (~ 2/3 of all)in Swiss Higher Education
ETH Zürich
UniversitätZürich
SWITCH
Université deGenève
Zürcher HochschuleWinterthur
University HospitalZürich
UniversitätLuzern
Université deFribourg
Universität Bern
Université deLausanne
Université deNeuchâtel
EPFL
SUPSI USI
UniversitätSt. GallenUniversität
Basel
2006 © SWITCH 12The SWITCHaai Framework
Types of Service Providers
e-learning libraries
other web applications
DOITDOITVITELSVITELS
WebCT WebCT VistaVista
AD Learn & CoAD Learn & Co
eConf-PortaleConf-Portal
Web-SMSWeb-SMS
EzproxyEzproxy
commercial
ScienceDirectScienceDirectWebCT WebCT CECE
OLATOLAT
MoodleMoodle
BlackboardBlackboard
SwissLexSwissLex
IS-AcademiaIS-Academia
ILIASILIAS
TwikiTwiki eShopseShops
……
CompiCampusCompiCampus
dokeosdokeos
CablecomCablecom
Federal Court DecisionsFederal Court Decisions
ServiceProviders16’000 Active Users
72 Resources
2006 © SWITCH 13The SWITCHaai Framework
Summary
SWITCHaai is well taken up
• Already 125‘000 users able to use SWITCHaai2/3 of all in Swiss higher education
• 16’000 use SWITCHaai frequently
• Increasing number of AAI enabled resources, many in e-learning
• No more ‘lost password’-problems for resource administrators
• User privacy is better protected
Shibboleth – a good choice!
2006 © SWITCH 14The SWITCHaai Framework
Questions?
Q & Ahttp://www.switch.ch/aai
Try out the public Shibboleth Demo yourself!http://www.switch.ch/aai/demo
2006 © SWITCH 15The SWITCHaai Framework
University A
Library B
University C
Without AAI
Student Admin
Web Mail
e-Learning
Literature DB
e-Learning
Research DB
AuthorizationUser AdministrationAuthentication Resource Credentials
e-Journals
Tedious user registration atall resources
Unreliable and outdateduser data at resources
Different login processes
Many different passwords
Many resources notprotected due to difficulties
Often IP-basedauthorization
Costly implementation ofinter-institutional access
2006 © SWITCH 16The SWITCHaai Framework
University A
Library B
University C
AAI
With AAI
Student Admin
Web Mail
e-Learning
Literature DB
e-Learning
Research DB
AuthorizationUser AdministrationAuthentication Resource Credentials
e-Journals
No user registration anduser data maintenance atresource needed
Single login process for theusers
Many new resourcesavailable for the users
Enlarged user communitiesfor resources
Authorization independentof location
Efficient implementation ofinter-institutional access