SWAMID - WAYF

Concrete initiatives in identity federations – case: the Nordic Countries

Overview

• Who are we?

• Why are we here?

• WAYF/SWAMID

• Kalmar2

• eduGAIN

• Summary

• Question and comments

Who are we?

• Valter Nordh, IT Coordinator, eduGAIN, SUNET and University of Gothenburg.

• Jacob-Steen Madsen, Head of Secretariat, WAYF Secretariat, Copenhagen

Why are we here?

• Electronic id-federations gives you:– Cost savings of maintaining logins– Economics of scale (cloud services!)– Reusability of logins– User convenience – provides Single Sign On– Enabling collaboration

WAYF

• Research network Service– Funding: 3 ministeries, the electronic research library

& research network (3,5 million DKK/year)– 6 years old – In production since march 2008– Basic infrastructure

WAYF

• Demographics– 5.534.738 citizens– 4.319.228 adults– 1.188.796 under education

• 3 public identity federations in Denmark– NemLog-in (3.500.000 vetted users)– UNI-Login (500.000 vetted users)– WAYF (>4.500.000 vetted users)

WAYF

• Mission statement:– To facilitate exchange of identity information between

users and services at both a national and internationally in a safe way.

WAYF

Strategy– To support an open market for federated services– To enhance the digital life for the federations end

users– To be preferred choice of partner for advice on service

creation amongst members– To ensure a very high level on competence on privacy

related issues

WAYF

7. Jun 27. Jun 17. Jul 6. Aug 26. Aug15. Sep 5. Oct 25. Oct 14. Nov 4. Dec 24. Dec 13. Jan 2. Feb 22. Feb14. Mar 3. Apr 23. Apr13. May0

5000

10000

15000

20000

25000

30000

35000

Series1

WAYF

Goals for 2011-2012– 3.000.000 logins (2010-2011) -> 10.000.000 logins

(2011 – 2012)– A reuse rate > 2 pr. login medio 2012– 50% more services connected to WAYF ultimo 2011

compared to ultimo 2010

WAYF

1 4 7 10 13 16 19 22 25 28 31 34 37 40 43 46 49 52 55 58 61 64 67 70 73 76 79 82 85 88 91 94 97 1001030

100000

200000

300000

400000

500000

600000

700000

800000

Series1

WAYF

SWAMID

• History– Started as a collaboration between universities around

2005/2006– eduroam was initially a driving factor– Funded by participating universities and SUNET– Governed by SUNET with universities represented

SWAMID

• Growth and use of SWAMID– Two use cases that draw adoption:

NyA and the SUNET Video Conferencing service

– NyA (National admission system)NyA issues logins to applying usersUniversities reuse those, thereby reducing costs

– More details in the presentation from EUNIS 2008 at Aarhus University:http://eunis.dk/papers/p17.pdf

SWAMID

• Growth and use of SWAMID (cont)– The SUNET Video Conferencing service:

Potential # of users: 350.000 students + employees– Cost of maintaining logins? Helpdesk?

– Demonstration of SWAMID:https://connect.sunet.se/swamix

SWAMID

• Technical model of SWAMID– So called mesh-structure:

everyone can talk to everybody– Lightweight central infrastructure– No (?) single points of failure– Flexible architecture for participating universities– Requires competence from participants

SWAMID

• Governance and policy of SWAMID– A new policy for SWAMID as of 2011, SWAMID 2.0– Governed and financed by SUNET– SWAMID target Universities and University Colleges– Approx. 2 FTE for running and maintaining SWAMID

SWAMID

• Future of SWAMID!– SWAMID is used as a reference model for the new e-

id from the Swedish government– SWAMID is actively participating in international

collaborations– Working with municipals in extending federations

outside of higher education– International standards are emerging around

electronic identities, SWAMID aims to comply with these

SWAMID

• Future of SWAMID!– Working together with universities in developing

practices around managing user identities– New use cases are emerging – for example foreign

students admitted through NyA– SWAMID provides the infrastructure for connecting

AND to transfer information securely

– What can SWAMID do for you?

HAKA + FEIDE

• Finland: Has a federation called Haka

• Norway: Has a federation called Feide

• Some differences BUT in essence alike

• Kalmar2!

Kalmar2

Kalmar2

Kalmar2

Kalmar2

• Characteristics– One common standard between contries– IdM requirements– Service Purpose– Attribute proportionality– Consent

eduGAIN

• Enable collaboration outside of the Nordic countries!

• eduGAIN is intended to simplify the movement of people and data between participant federations

• FP7 funded project from the EC (within GEANT)• Offered as a service, still growing from pilot

eduGAIN today

eduGAIN

eduGAIN

• Challenges!Personal number? Legal issues!To be solved!

• We have a service to build upon• Most countries/federations in EU has indicated

that they will join• More information on www.edugain.org

A brief summary

– Login within a Nordic service:HAKA - checkFEIDE - checkSWAMID - checkWAYF - check

– Login between Nordic services:Kalmar2 – check

– Login between international services:eduGAIN – ”check”

• Questions and comments