Joining the UK Federation

Jane writes:

In this podcast interview, Mark Williams from the JISC Access Management Outreach Team talks to Philip Pothen about the importance of federated access management and how this will enable better collaboration and sharing of common resources between institutions. Mark talks about the choices and challenges for institutions but also the opportunities federated access management can bring in the way of access to online resources and collaborative projects. He also highlights the support available to institutions through case studies, the business case toolkit and other materials on the JISC and UK federation websites, Netskills upskilling workshops and support available through 3rd party providers.

To listen to the full podcast interview please visit:

www.jisc.ac.uk/news/stories/2007/10/podcast15markwilliams

Mark writes:

JISC has just issued an ITT for third parties experienced in access management to bid to provide support to institutions who want to deploy a IdP. You might say that such support is already there, and to a degree much of it is. Particulary if you are an Institution employing an IT staff with the correct skill set, have an organised directory service, a significant subscription to JISC Collections resources and the strategic ambition to move forward on access management. However, and it is a big HOWEVER, its clear that there are enough institutions who can use the business case toolkit to determine that they want access management (and I mean the 100% proof type, not devolved outsourcing to a delegated authority), but who have also determined that its currently financially / technically out of reach. It is that group of institutions, which the successfull respondent to the ITT will be working with. The time will come for such institutions to submit applications for the help that the project will provide, but for the present – if you are a third party provider of access management support, with a desire to spend long hours setting up IdPs in grateful institutions all over the country – we want YOUR interest. And remember we encourage questions……

Thirty JISC services attended an internal briefing event on 28^th September to learn more about the UK’s plans for federated access management. During the day service managers were asked to consider joining the UK federation and to adopt new standards-based access management technology to ensure consistency across JISC services for users and to enhance current and future service provision. For example, JISC Services (even those that provide free, unrestricted access to their service) could personalise their service eg. ‘my saved searches’, ‘my favourites’ and email alerts by using federated access management software through the use of attributes. They could also use the same software to provide authorisation for other services such as for their website content management system, wikis, blogs and other social software. Two JISC Services, JISCmail and EDINA, demonstrated how they had already implemented federated access management software.

JISC itself is soon to go out to tender for a directory service that will enable JISC staff to use single sign-on for its own internal services. The directory service will act as an Identity Provider (IdP) using federated access management software. JISC Collections and Regional Support Centres (RSCs) staff will be provided with a new username and password via this service for demonstration purposes, replacing the Athens ID they use at the moment.

Services staff also learned about changes to the JISC model licence which now requires publishers to join the UK federation and adopt federated access management technology and about recent JISC development projects in the area of identity and access management.

Attendees welcomed the fairly non-technical content of the presentations and the opportunity to ask questions during the panel sessions. Feedback from the day has been very positive – one attendee said “I got more out of it than I was expecting and made useful contacts for future work.”

Presentations from the day will be up on the JISC website soon at:

The following institutions are deemed as ‘aware but not quite there’ in terms of joining the UK federation. This means that we think the institutions listed are well aware of the introduction of the UK Access Management Federation, but are currently hitting barriers preventing them from taking forward the application to join. If you work at one of these institutions and can give us any more information, we would love to hear from you – particularly to discuss what those barriers might be.

Aston University
Bishop Grosseteste University College
Bournemouth University
Buckinghamshire Chilterns University College
Canterbury Christchurch University College
City University
Cranfield University
Dartington College of Arts
Edinburgh College of Art
Harper Adams University College, Newport
Institute of Education
Liverpool Hope University College
Newman College
North East Wales Institute
Norwich School of Art & Design
Oxford Brookes University
Ravensbourne College of Design and Communication
Roehampton University
Rose Bruford College
St Marys College
Swansea Institute of HE
The University of Northampton
University of Bedfordshire
University of Lancaster
University of St Andrews
University of Teeside
University of Wales College, Newport
University of Wales, Bangor
University of Winchester
York St John University

The following HE institutions are deemed as ‘nearly there’ in terms of joining the UK federation, i.e. we are fairly sure that we will see a membership request popping up fairly time soon. If you work at one of these institutions and can give us any more information, we would love to hear from you!

Glasgow Caledonian University
London Metropolitan University
Manchester Metropolitan University
Open University
RHUL
University of Birmingham
University of Brighton
University of Hertfordshire
University of Reading
University of Sheffield
University of Ulster

For Category 2 institutions, please see the next post.

Encouraging institutions to join the UK Access Management Federation, regardless of the technology choice made, is the priority for my team at the moment. We will shortly be writing to all Vice Chancellors and Principals to highlight both the importance and the ease of joining the UK federation, and to support this I was asked to categorise all HE institutions in to groups according to their current readiness to make this move.

It seems silly not to generally share this information for a variety of reasons – but most importantly to make sure that we have a good understanding of the status and position of each HE institution. All of the information we have compiled in based on previous contacts and discussions, but might not reflect the true status of an institution. The following posts summarise the position that we think institutions have reached – and we are incredibly keen to hear from each and every HE institution in the UK to make sure that we have got this right!

Two final points:

• many thanks to the 56 HE institutions that have already made the move and joined the UK federation – you can relax.
• we haven’t forgotten FE, and will shortly be announcing some new measures to support uptake for FE institutions.

We all know the trick to getting the best fastest piece of IT kit for your buck. -Locating the speed bottle neck. Its no use buying a hyper fast graphics card, if the speed of onboard memory is too slow, or having a fast shooting Digital SLR Camera if the compact flash card has a slow write speed. Well its the same with access management. So much of what we do in improving access to content depends on every link in the chain. One element which we tend to look at least (maybe because it doesn’t have a technical standard linked to it?) is licensing.

24/7, remote, finely grained access to content only happens when the license permits it too.

Lets not forget we need 21st century licenses for 21st century technology.

Tags: jisc-serv-am-briefing

It is great news that Becta is the latest of the 106 members of the UK federation.

JISC faces the problems of several services in our community in that we are not a legal entity and so cannot join the federation ourselves. As such, we will be members when HEFCE join up to the federation.

The process of persuading the powers that be to adopt was started sometime ago, but we haven’t yet managed to become members. Despite the fact that joining the UK federation is a simple process that is not related to the technology choices each organisation makes, explaining the process to the person who needs to sign the appropriate paperwork is often extremely complex.

Not much more to say, except we understand the challenges faced!

Just watched the Australian Federation (Introduction to AAF federated access management) remake of the JISC Introduction to Federated Access Management animation.

Glad to say that it seemed more like a shot by shot remake, in the same way that Gus Van Sant remade Psycho, rather than the “re-envisioning” of Planet of the Apes that Tim Burton did.

There is a serious point though, a major rational for Federating around the SAML standard – is interoperability. The Oz remake (the country, not one featuring CGI flying monkeys), proves that we face similar problems and that we would seem to be on the right track with similar solutions.

Certainly makes the sentence, “an international standard”, far more meaningful….

Saw some numbers concerning Federation membership being bandied around in an IWR article. Once the reader has got past some of the inconsistencies of the piece (such as the headline writer making the mistake of considering the Federation and Shibboleth as synonymous), the message that perhaps should be drawn out of the piece is one of JISC commitment to technical open standards, and general “openness”.

One of the benefits of a JISC approach combined with an open standards approach is that all of the information concerning the Federation is public and open – This includes TWO Institutional preparedness studies which are now available in full on the web (which incidentally cover a much larger sample than the survey sited in the IWR piece) and details of membership of the federation (Institutions and Service Providers) are freely available for all to see on the Federation website. UK HE / FE is a very complex and heterogeneous environment- where “one solution” certainly does not fit all. Different strokes for different folks means the future of access management is certainly not a zero-sum game, where there can only be one choice or winner, but one of an eclectic range of provision and solutions.

JISC championing of an open standards approach, public availability of surveys and development of the Athens Shibboleth Gateways demonstrates an awareness of the need for institutions to have real choices regarding access management, based on their own individual circumstances.