One of the first sessions I attended that I had a chance of being able to participate in at TIP2013 was the eduroam BOF. Although my involvement in eduroam tends to be restricted to enthusiastic user and slight dabbling in issues of usability and policy, I was happy to attend as the European voice in a room of potential deployers from the Internet2 and APAN communities. Whatever your thoughts on eduroam, being able to walk in to a room 7000 miles from home and have your phone and laptop immediately connect to a network before you are even aware that it has happened is impressive.
Listening to the delegates talk, it was pretty much the old story of everything is the same, everything is different. I’ve tried to capture some of main discussion points below.
POLICY AND CONFORMANCE
When rolling services out globally, there are always going to be local variations, issues and quirks associated with culture, history and environment. Within identity federations, that have grown up in a more distributed fashion to eduroam, I have often commented that the differences in our policy documents and approaches reflects more about our different cultures that our technical competences. Over the years, eduroam has seen a variety of different issues relating to non-conformance or areas of development that have evolved differently in different places, which tends to lead to one thing – confused and disenfranchised users. For the ‘magic’ of eduroam to happen, consistency is ultimately important.
This means that eduroam have taken measures to add a central control to the infrastructure, meaning that anyone signing up has to adhere to a certain set of policy and technical requirements. Such a centralized control mechanism, emanating from Europe, can seem uncomfortable to large US institutions looking to sign-up to eduroam-US and presents challenges for the Global eduroam Governance Committee. A significant problem for the US at the moment is the non-hierarchical nature of .edu domain names…unlike the practice for research and education seen elsewhere in the world. These problems are not insurmountable, but do impact on the support requirements for the US.
One of the things that struck me immediately was the focus on being able to trace and track users, and concerns over indemnification clauses that I don’t see so much in Europe. This is because, as one delegate put it, “we all have our laws that are difficult but we just have to comply with”. In the US, this is the DMCA which places a significant burden on US institutions in terms of their responsibility should there be a copyright breach. It was interesting to note that the room then quickly identified privacy laws as the equivalent pesky problem in Europe, presenting challenges at the other end of the trace the user / protect the user conundrum.
THE PROBLEM WITH ANONYMOUS
The DMCA means that US institutions have more of a problem with multiple users arriving as anonymous@domain, which is common in the eduroam set up. This is why there is significant interest in the US in CUI, or Chargeable User Identity, which is a mechanism that allows a user to be identified consistently regardless of the device they use – handy for event organisers to view people like me who are logged on at events on a laptop, tablet and phone and different times. Scott Armitage has recently written about this over on the JANET blog. The participants had an interesting conversation about whether CUI should be required for US participants in eduroam – a familiar conversation across all our work as we look to balance compliance and best practice with coverage and usage.
As eduroam becomes more and more successful, demand has grown for it to be implemented in locations outside of research and education. It is quite common for event organisers to implement eduroam at education events run in hotels at the moment, but this is just the tip of the iceberg.
A common request is for eduroam to be supported for travelling users. eduroam on buses, trains and at airports would be of significant benefits to many people. Airport access and beyond is now a reality in Sweden thanks to an experimental arrangement organized by Sunet in partnership with The Cloud. Delegates at the conference also discussed people signing up to open their home broadband up as eduroam hotspots.
Whilst increasing the number of locations that the research and education community can access eduroam may seem a no-brainer, things get slightly more complex when we start talking about allowing non-educational users to act as Identity Providers. eduroam has typically been offered under a scheme of reciprocity – you act as service provider from my users, I’ll do the same for your users. However, if McDonalds wished to provide eduroam at each of its outlets, would eduroam sites be happy to allow McDonalds employees access? The extent of the growth of roaming patterns for eduroam will be an interesting journey.
Like many initiatives, eduroam US needs to be able to support itself moving forward and has to consider a business model and as usual attaching appropriate costs to eduroam whilst trying to expand the coverage is a different balancing trick. An interesting suggestion from one of the delegates was to simply cost the service at State level, and then work to find an appropriate party within a State who is willing to either a) act as a broker to recoup costs locally or b) accept the costs internally due to the benefits it might bring to the State. This is a model we have seen often in play with the NRENS across Europe supporting TERENA services in different ways. This could see, for example, a State University willingly paying the costs for State-wide eduroam and also supporting local colleges and schools to adopt eduroam due to the added benefit of increased eduroam coverage and decreasing the need to support guests locally at the State University. I think this is a really interesting model and one I hope gets explored.
The discussion around business models got me thinking about the roaming parameters of different individuals and the business case for support the could be built up around that as coverage affects different people in different ways.
If I had ever bothered to map the different locations in which I had accessed eduroam, it would be far-flung and global. I’ve accessed eduroam from an island in the middle of Sydney Harbour to a bus in Malaga through many conference facilities, offices and institutions across Europe. Interestingly enough, my requirements are often event driven and have required local NRENS to work with hotels and venues to facilitate eduroam access at a cost. Is this something I’d be willing to pay an acknowledge premium fee for whilst attending events?
Back home, I use eduroam often in the JISC offices as I worked from my personal laptop more often than not. I don’t travel often in the UK anymore, so my roaming parameters are very different from colleagues in JISC who have taken advantage of the availability of eduroam in educational institutions across the country on site visits. This is perhaps the more traditional eduroam profile, where central funding from the UK NREN and local effort is a good fit.
I often work from home, and when I do will often sit in a coffee shop and work for part of the day to break up the monotony. Luckily, there is good coverage of The Cloud in my village, which I get free access to as part of my home broadband deal so increased local coverage probably would not make much difference to me.
However the roaming parameters of a student at my local College would be very different. Even if they did have free deals with home broadband, these accounts are most likely to be used by parents. eduroam in local coffee shops, the local library, sports venues, as well as the reciprocal arrangements with other local colleges and universities could make a real difference to a user within these roaming parameters and attracts different models for funding and support. The density of access within a 30-mile radius for these users presents a different use case and challenge to my 7000 mile radius to attract an equal number of supported access events.
My thanks to Philippe Hanset for running the session and colleagues from APAN and I2 for a different view on an established service.