Ok, let's take them one at a time:
> how does Eduserv Athens provide user accountability?
This has been part of Athens, and now OpenAthens, since its inception -
it is achieved by generating a unique identifier for each user that can
be read by the resource and tied back to the user by the organisation.
As with any method, there is a responsibility on the organisation to be
able to tie those accounts back to the users and in the case of devolved
authentication sites (DA, iChain, Shibboleth, etc) there is a further
responsibility on the organisation to provide unique identifiers for
their users.
> which other SAML-based federations have you tested Athens with?
The fundamental premise of the SAML standard and the adoption of
Shibboleth for the UK Access Management Federation is the standardized
nature of the software. We expect service providers to lead in terms of
needing to access multiple international federations, and while we are
working with them closely, it is clear that this is still yet to take
shape. Whilst many countries have federations, the extent of their
adoption in each country is very small at present. We hope and expect
that their adoption of SAML standards and our intimate knowledge these
would enable us to be leading providers of federation interoperability
(building on the Athens UK Access Management Federation
interoperability). Working with both service providers and institutions
on their emerging needs for multiple federation support is something we
are tracking very closely, but we always welcome input from any source
on needs both perceived and actual.
> is the roadmap for future developments available for public view?
The needs of the community are core here. While the detail of a roadmap
requires constant revision to reflect emerging demand we can be clear in
the principles that will guide future developments. First amongst these
is our mission as a not-for-profit organisation which is to support
learners and researchers through ICT. This will drive our commitment to
the educational community, and will reflect the community's commitment
to ICT standards.
> Also, I had one other question to add to the other four - has
OpenAthens been tested within the UK federation?
Although both service providers, and institutions using local
authentication, using the Athens services are required to undergo formal
testing with us, there is no equivalent for the UK Access Management
Federation. This creates some level of uncertainty with both service
providers and institutions, however, given that access to and from the
UK Access Management Federation from Athens has been running since the
beginning of the UK Access Management Federation, and is used by the
widest number of institutions, OpenAthens is arguably the most proven of
the available implementations.
Andy
AJ Anderson
Eduserv Athens
access and identity management
[log in to unmask]
tel: +44 (0)1225 474303
fax: +44 (0)1225 474301
http://www.eduserv.org.uk/athens/
-----Original Message-----
From: Discussion list for Shibboleth developments
[mailto:[log in to unmask]] On Behalf Of Jane CHARLTON
Sent: 06 March 2008 19:51
To: [log in to unmask]
Subject: LA (Re: LA (Third party providers of FAM solutions - new
briefing paper))
Hi Andy
Thanks for your email. I wondered if you could provide further detail on
some of these, for example how does Eduserv Athens provide user
accountability, which other SAML-based federations have you tested
Athens with and is the roadmap for future developments available for
public view?
Also, I had one other question to add to the other four - has OpenAthens
been tested within the UK federation?
Kind regards,
Jane
------------------------------------
Jane Charlton
Access Management Outreach Co-ordinator, JISC
<mailto:[log in to unmask]>
* [log in to unmask] <mailto:[log in to unmask]>
( +44 (0)20 3006 6041
M: +44 (0)776 017 3223
F: +44 (0)117 954 5078
: www.jisc.ac.uk
________________________________
From: Discussion list for Shibboleth developments on behalf of Andrew
Anderson
Sent: Thu 06/03/2008 12:25
To: [log in to unmask]
Subject: Re: LA (Third party providers of FAM solutions - new briefing
paper)
To save some time, here are the answers to the 4 questions they suggest
asking:
* Will you commit to remaining compliant with the UK federation for
the duration
of my contract?
* Does your solution work with other SAML-based federations
internationally?
* Can you provide user accountability?
* Do you have a roadmap for future developments (ie Shibboleth 2.0,
provision
of embedded certificates etc)?
Eduserv's answer to all four is: Yes.
Andy
AJ Anderson
Eduserv Athens
access and identity management
[log in to unmask]
tel: +44 (0)1225 474303
fax: +44 (0)1225 474301
http://www.eduserv.org.uk/athens/
-----Original Message-----
From: Discussion list for Shibboleth developments
[mailto:[log in to unmask]] On Behalf Of Masha Garibyan
Sent: 06 March 2008 12:06
To: [log in to unmask]
Subject: LA (Third party providers of FAM solutions - new briefing
paper)
*Apologies for cross-postings*
Dear all,
Just to let you know that JISC has produced a briefing paper titled
'Third Party Providers of Federated Access Management Solutions: Guide
for Institutions'.
The briefing paper is aimed at UK higher (HE) and further (FE) education
institutions that wish to adopt federated access management and join the
UK Access Management Federation, either by using paid-for support or by
subscribing to an 'outsourced Identity Provider'.
The briefing is available at
http://www.jisc.ac.uk/publications/publications/identityprovidersbpv1.as
px
Please note that the paper contains a large table, so if you have
trouble reading the online version, please try either the PDF or Word
version at the bottom of the page.
Kind regards,
Masha Garibyan
LSE Library Projects Team/ JISC Access Management Team
www.angel.ac.uk <http://www.angel.ac.uk/>
www.jisc.ac.uk/federation
[log in to unmask]
Please access the attached hyperlink for an important electronic
communications disclaimer:
http://www.lse.ac.uk/collections/secretariat/legal/disclaimer.htm
----------------------------------------------------------------------
Anything in this message which does not clearly relate to the official
work of the sender's organisation shall be understood as neither given
nor endorsed by that organisation.
----------------------------------------------------------------------
|