View
219
Download
2
Category
Tags:
Preview:
Citation preview
Federated Access implementation:
experience of AUCA Library -
Kyrgyzstan
4th -7th June, 2008,
Aberdeen, Scotland
Sania Battalova,EIFL Country and FOSS Coordinator,
Kyrgyzstan
EIFL General Assembly 2011Minsk, Belarus
Belarus National LibraryJune 26 - 28, 2011
AUCA Background Information
• Former American University in Kyrgyzstan - Founded in 1993 – privet Liberal Arts University
• 11 Degree programs and MBA
• 1,200 students (40% men and 60% women) – undergraduates and graduate from 15 countries
• 125 full-time faculty
• Merged Library/IT Structure
University Library Electronic Resources and Databases – off-campus access
• Electronic books - Ebrary - Subscribed collection of 35,000 titles of electronic books
• Electronic periodicals – more then 15,000 titles at 13 databases
• AUCA digital Library – Open Electronic Repository and the University Documents Archive
EIFL General Assembly 2011Minsk, Belarus
Belarus National LibraryJune 26 - 28, 2011
University On-line Services:• Off-campus access to AUCA Library Databases
and Archives • Library patrons authentication System • E-course System (Moodle)• E-portfolio System (Mahara)• On-line Registration and Students’ Portal• On-line Evaluation• Students Career Service• Alumni Service System• Discussion Forum (for local needs)
EIFL General Assembly 2011Minsk, Belarus
Belarus National LibraryJune 26 - 28, 2011
AUCA User’s Authentication System
• Primary authentication source - Active Directory. Every user is assigned an Active Directory account that they must use to
access University services Based on organization units distributed roles for students, employees, guests and administrators.
• RADIUS (Remote Authentication Dial-in-User Service) - allows authentication realization, authorization and registration, by means of using remote access policies (RAP).
• LDAP (Lightweight Directory Access Protocol) - application protocol
for reading and editing directories over IP network - uses for Off-campus access (EZProxy, ePortfolio authentication and for Federal Access).
EIFL General Assembly 2011Minsk, Belarus
Belarus National LibraryJune 26 - 28, 2011
Why Federated Access in AUCA?
• For our users – only ‘single window’ for authentication to access to all services
• Single Point of access – one Username and Password to access all on-line services
• Once accessed you don’t need to login to all different services
• The services and data may be located outside the University.
• Future Cooperation
EIFL General Assembly 2011Minsk, Belarus
Belarus National LibraryJune 26 - 28, 2011
University level (AUCA): • For federated authentication and authorization
infrastructure internally
Consortium level (KLIC):• In getting a pilot in Kyrgyzstan Identity
Federation started, • Library consortium resource providers to use
federated authentication and authorization infrastructure
Federated Access: from University to Country level
EIFL General Assembly 2011Minsk, Belarus
Belarus National LibraryJune 26 - 28, 2011
Federated Access – University Level – AUCA Experience
• Selection of SP (Service Provider ) and IdP (Identity Provider) software
• Selection criteria: MS Windows/Linux, Java/PHP, Shibboleth/simpleSAMLphp
• University IT staff qualification
EIFL General Assembly 2011Minsk, Belarus
Belarus National LibraryJune 26 - 28, 2011
simpleSAMLphp (http://simplesamlphp.org/) as IdP and SP for AUCA
• Set up simpleSAMLphp (IdP and SP)
• http://login.auca.kg/idp/ - AUCA authorization page created
• For security reasons SSL certificate has been registered - www.startssl.com - free of charge
• Connection between created IdP and AUCA Active Directory
• AUCA Idp and SP connection
EIFL General Assembly 2011Minsk, Belarus
Belarus National LibraryJune 26 - 28, 2011
AUCA authorization web-page (AUCA IdP)
EIFL General Assembly 2011Minsk, Belarus
Belarus National LibraryJune 26 - 28, 2011
Challenges• New software, no experience
• Time consuming
• Coordination between IT offices – IdP and SP set up and local databases, and the University Authentication rules
EIFL General Assembly 2011Minsk, Belarus
Belarus National LibraryJune 26 - 28, 2011
Benefits and the Future Plans
• Work experience (Shibboleth and simpleSAMLphp) and trained IT staff
• Promotion Federated Access in AUCA – easy access to on-line service
• Promotion Federated Access among Kyrgyz Libraries Information Consortium (training sessions for IT staff and librarians) – new way of Kyrgyz libraries cooperation
• CAREN
EIFL General Assembly 2011Minsk, Belarus
Belarus National LibraryJune 26 - 28, 2011
Thank you!
Contact information:
Sania Battalova – battalovas@mail.auca.kg
EIFL General Assembly 2011Minsk, Belarus
Belarus National LibraryJune 26 - 28, 2011
Recommended