DK-AAI- a federation in the making

EuroCAMP, Helsinki17th of April 2007

David.Simonsen@uni-c.dk

The founders were...

•Libraries

•Universities

•Research network

2005

Todays' Dish•A SAML based ID-federation for

higher education and research - by 2008

Ingredients•Choose a technology

•Write a policy

•Establish the federations' semantics

•Set up the organisation

Financing•Year II - IV (2007 - 2009): €

360.000/year

Funding bodies

•Ministry of education (further education)

•Ministry of Science (universities)

•Ministry of Culture (Libraries)

Organisation

The landscape•12 universities (fusions underway: soon only 6)

•Further education, many medium size institutions

•Few 'sector research institutions'

•Few/no killer apps (unlike Swizerland, Norway, UK)

•Many (commercial) service providers interested(main driver?)

•Growing understanding of shared services

Status•Test federation (Shib) since mid-

2006

•7 IdP's (one German)

•Ver. 1.0 of DKeduPerson

•Policy underway, first draft ready

•Solid interest from service providers

•Stagnating interest from IdP's

•Corporation on the Kalmar Union

IdM practices/policies

•Define minimal IdM-reqs.

•Institutions sign the policy, including min IdM reqs.

•Informed user consent, important

Policy enforcement

•Initial interview on IdM, before signing

•Institutions must document IdM-practices - when asked to do so

•Inspections might occur

•DS484 (national security standard) reqs. enough (?)

•Existing revision enough (?)

Auth levels

•Minimal reqs. TBD...

•netID - initial authentication via web bank ?(+ self service for password reset (driver))-> pilot project coming

Schema(s)

•dkEduPerson v.1:

• eduPerson

• norEduPerson

• SCHAC schema

Certificates

?

Shibboleth concept

The technology

Shibboleth for real

Federation ?

Federation ?

Federation ?

Federation ?

ElseVier

Norwegian-federation model

Combination?