Workshop on Joining eduroam and Identity Federation
Posted on: 16 Jun, 2015
Introduction
The Arab States Research and Education Network in cooperation with German Jordanian University, MAGIC Project and EUMEDCONENCT3 Project conducted a workshop dedicated for staff of National Research and Education Networks (NRENs) and Universities on:
- eduroam: is the secure, world-wide roaming access service that allows any user from an eduroam participating site to get network access at any institution connected to eduroam.
- Federated Access: effective and secure management of authentication and identity information to build a trusted environment where users can be identified electronically using a single identity to login and access variety of available resources and applications worldwide.
- eduGAIN: is a service that interconnects identity federations around the world, simplifying access to content, services and resources for the global research and education community.
1.eduroam description
- From federation-level RADIUS server operator point of view
- From institution point of view
2. eduroam deployment
- FreeRADIUS server
- Radsecproxy
- Federation-level RADIUS server
- Institutional RADIUS server
Second day: Identity Federations
1. understand how identity federation works
- From federation operator point of view
- From institution point of view
2. Federation operator
- Metadata mgmt
3. Identity provider deployment
- Shibboleth v3 IdP
- Metadata
- Connecting to the federation
4. eduGAIN
- Benefits
- How to connect
Third day: Policies
1. eduroam
- Brief description
- eduroam complience statement
- European eduroam Confederation Policy Declaration
2. Identity Federation
- Brief description
- Identity Federation Policy
- Metadata Registration Practice Statement (MRPS)
3. eduGAIN
- Brief description
- eduGAIN Policy Framework Constitution
- eduGAIN Policy Framework Policy Declaration
Out Comes of The Workshop
Participants had a working RADIUS and a Shibboleth server. They were taught how to technically connect NREN and institution to the eduroam infrastructure. They were also taught how to connect institutional identity provider to the national identity federation and to eduGAIN.
Participants had an overview of eduroam, identity federations and eduGAIN. They were able to prepare policies and agreements which will be signed with GEANT representatives. Agreements were signed and announced during ASREN's annual conference e-AGE 2015 in Morocco 7-8 December 2015.
Prerequisite
- knowledge of local legislation concerning privacy issues
- skills in OS administration (Windows/Linux)
- basic knowledge of PKI (Public Key Infrastructure)
Required Equipment
- Machine with public IP and DNS hostname located at the institution and root/administrator privileges for that machine
- Valid and trusted X.509 certificate for the machine (will be used for SSL connections)
- Notebook
- VirtualBox installed on the notebook for those who will not have machine at institution ready
Trainers
Comments (0)
Post Your Comment