introduction to aai - switch.ch · - one representative of the universities pascal jacot-guillarmod...
TRANSCRIPT
2004 © SWITCH 2AAI & IIS Workshop, 20.10.2004, Ueli Kienholz
University A
Library B
University C
Without AAI
Student Admin
Web Mail
e-Learning
Literature DB
e-Learning
Research DB
AuthorizationUser Administration
AuthenticationResource Credentials
Tedious user registrationat all resources
Unreliable and outdateduser data at resources
Different login processes
Many different passwords
Many resources notprotected due to difficulties
Often IP-basedauthorization
Costly implementation ofinter-institutional access
e-Journals
2004 © SWITCH 3AAI & IIS Workshop, 20.10.2004, Ueli Kienholz
University A
Library B
University C
AAI
With AAI
Student Admin
Web Mail
e-Learning
Literature DB
e-Learning
Research DB
AuthorizationUser Administration
AuthenticationResource Credentials
No user registration anduser data maintenance atresource needed
Single login process forthe users
Many new resourcesavailable for the users
Enlarged usercommunities for resources
Authorization independentof location
Efficient implementation ofinter-institutional access
e-Journals
2004 © SWITCH 4AAI & IIS Workshop, 20.10.2004, Ueli Kienholz
SWITCHaai Project Planning
2001 2002 2003 2004 2005 2006 2007
Impl.V1.0
PilotOperation
V1.0Impl.V2.0
Operation V2.0
Impl. V3.0
Operation V3.0
Study
ArchitectureEvaluation
-> Shibboleth
2004 © SWITCH 5AAI & IIS Workshop, 20.10.2004, Ueli Kienholz
Demo
http://www.switch.ch/aai
-> Demo
-> Try it yourself
(https://kohala.switch.ch/secure)
2004 © SWITCH 6AAI & IIS Workshop, 20.10.2004, Ueli Kienholz
Shibboleth Process: The Details R
esou
rce
User’s Home OrgResource Owner
HS Handle Server
Handle
Handle
7
AA Attribute Authority
SHAR Shibboleth AttributeRequestor
WAYF ‘Where Are You From’-Server
SHIRE Shibboleth IndexicalReference Establisher
ARP AAP
HS SHIRE
3
2
RM11
Attributes 8
8
RM Resource Manager
6Handle
6
4
5Credentials
5
9
Attributes
10
User Dir
Authen-tication
Shibboleth AAI Components
AA
WAYF
SHAR
1
2004 © SWITCH 7AAI & IIS Workshop, 20.10.2004, Ueli Kienholz
WAYF
Single Sign On
DemoResource
13
26
4
5Credentials
Home Org
8
9 wayf1.switch.ch kohala.switch.ch
E-LearningResource
7
http://aaidemo.alzheimerlearn.net/
aaidemo.alzheimerlearn.net
10
2004 © SWITCH 8AAI & IIS Workshop, 20.10.2004, Ueli Kienholz
SWITCHaai Status - Home Organizations
UniL
Operational AAI Home Organization
ETHZ
UniZH
UniBE
VHO
SWITCH
UniGE 110’000 users of the SwissHigher Education Systemhave an AAI-Account( = 50% of all users)
AAI Home Organization getting ready
ZHWIN
USZ
UniFR
2004 © SWITCH 9AAI & IIS Workshop, 20.10.2004, Ueli Kienholz
Showcase 1: DOIT
ETHZUniZH
SWITCH
UniL
AAI Home Organization
UniGE
UniBE
VHO
AAI Resource
DOIT: Dermatology Online with Interactive Technology
500 users
Access Rule:
HomeOrg = UniZH | UniBE | UniLAffiliation = StudentStudyBranch = MedicineStudyLevel = 15
2004 © SWITCH 10AAI & IIS Workshop, 20.10.2004, Ueli Kienholz
Showcase 2: VITELS
ETHZUniZH
SWITCH
UniL
UniGE
UniBE
VHO
AAI Home Organization
AAI Resource
VITELS: Virtual Internet and Telecommunications Laboratory of Switzerland
200 users
2004 © SWITCH 11AAI & IIS Workshop, 20.10.2004, Ueli Kienholz
AAI Status Resourcen
ETHZ UniZH
SWITCH
UniL
Home Organisations
UniGE
UniBE
AAI-enabled RessourcesA
DOIT
VITELS
ERL
AD Learn
Nano-World
CustomX
OLAT NET
VConf
jobs.BWL Edutech
Bio-Med
2004 © SWITCH 12AAI & IIS Workshop, 20.10.2004, Ueli Kienholz
The Vision
UniZH
SWITCH
AAI Home Organization
AAI Resource
2004 © SWITCH 13AAI & IIS Workshop, 20.10.2004, Ueli Kienholz
SWITCHaai Federation
SWITCH acts as federation service provider
Federation membership based on signed service agreements
2004 © SWITCH 14AAI & IIS Workshop, 20.10.2004, Ueli Kienholz
Advisory Committee
Members: - one representative of the universities Pascal Jacot-Guillarmod - one representative of the universities of applied sciences Niklaus Lang - one representative of SWITCH Thomas Brunner | Martin Sutter - one representative of CRUS Raymond Werlen - one to three representatives of important Resource Owners (e.g. Library
Consortium, SVC)Andreas Kirstein (ETH Bibliothek)Gabrielle von Roten (Bibliothekskonsortium)Marc-Alain Steinemann (VITELS)
- one jurist familiar with AAI-related legal issues Thomas Jordan
2004 © SWITCH 15AAI & IIS Workshop, 20.10.2004, Ueli Kienholz
Federal and Cantonal Law (e.g. Data Protection Law)
SWITCH
Legal Framework
AAI PolicyService Agreement
Org ...
User Regulations
Org ...
User Regulations
Org ...
User Regulations
Org ...
User Regulations
2004 © SWITCH 16AAI & IIS Workshop, 20.10.2004, Ueli Kienholz
Central AAI-Services
Strategy & Marketing
International Contacts
Support, Consulting, Training
Providing Federation-specific Files and Configuration Guides
Operating WAYF (Where Are You From Server)
Test-HomeOrg and Test-Resource
Tools (AAIportal, AAIproxy)
Virtual Home Organization
Jump Start Service
2004 © SWITCH 17AAI & IIS Workshop, 20.10.2004, Ueli Kienholz
Funding
0
500
1000
1500
2000
2500
3000
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010
funding / costsin KCHF
pilot project project operationalservice
funded by SWITCH funded by subsidies funded by tariffs
2004 © SWITCH 18AAI & IIS Workshop, 20.10.2004, Ueli Kienholz
Further Information
Shibboleth:http://shibboleth.internet2.edu/
Shibboleth Demo:http://www.switch.ch/aai/demo
Pilot Results Report:http://www.switch.ch/aai/docs/AAI_Pilot_Results.pdf
Attribute Specification:http://www.switch.ch/aai/docs/AAI_Attr_Specs.pdf
2004 © SWITCH 19AAI & IIS Workshop, 20.10.2004, Ueli Kienholz
Questions ?
Q & A
http://www.switch.ch/aai