10th Anniversary

Posted on Sunday, 4 December 2016

This week we celebrate the tenth anniversary of the UK federation, which has grown from a pilot project between Edinburgh University and Janet to the Service that Jisc provides today, with over a thousand members and reaching users and services in almost 40 countries. On the anniversary it seemed apt to update you on some developments which are occurring with the UK federation.

Self Service Portal

The UK federation has a fully staffed (human!) helpdesk to help you register Identity and Service Provider entities, however many of our customers will benefit from a self-service portal currently being developed which allows knowledgeable administrators to make changes more immediately than at present - though the helpdesk will always be available to make changes for customers who want assistance in doing so. We’ll be looking for people to pilot this portal in the New Year.

Metadata Compression and Distribution improvements

Metadata Compression The federation has recently moved to HTTP compression on its metadata aggregate distribution servers resulting in a significant reduction in the size of UK federation data traffic which will benefit both the resilience of the UK federation and improve loading on UK federation customers.

A New Metadata Distribution Method A more major improvement to the distribution of the UK federation metadata is also ready to be piloted - MDQ is a new method of distributing per-entity metadata in a just-in-time manner that results in significantly reduced system requirements for those running their own systems. We’re looking for people to start piloting this service now.

Research &Scholarship Category

Many of you will have seen the news about the discovery of Gravitational Waves by LIGO http://www.bbc.co.uk/news/science-environment-35523676 which was assisted by multinational Higher Education and research collaboration. Such collaborations depend in part on identity and access management to allow researchers to share their results securely, and the REFEDS Research and Scholarship category https://refeds.org/category/research-and-scholarship is designed for just that.

The R&S category enables researchers in your institution to do their work without your IdP operators having to expend effort in making changes to attribute release rules.

Supporting R&S means an Identity Provider can release attribute information about users to just those services that need it (and who have this verified category tag). If you would like to help your institution support this category and connect to up over two hundred R&S-tagged services available via the UK federation, please get in touch with us.

Sirtfi

Various high value services available through the UK federation (e.g. CERN) have been concerned about the lack of knowledge about the operational security practices of organisations connected through federation. In response to this, The Security Incident Response Trust Framework for Federated Identity (Sirtfi) - https://refeds.org/sirtfi - has been created.

Organisations ‘tagged' as being Sirtfi compliant indicate a security contact, a base level of operational security practices, and a willingness to participate in incident response. Some of these high value services will soon require Sirtfi compliance for federated users (in fact, CERN already does).

The UK federation will shortly be supporting Sirtfi and encourage all entities to look to adopt it as soon as possible.

Service Provider RequestedAttribute elements in metadata

Service Providers (SPs) can add RequestedAttribute elements to their registration to indicate which attributes are needed for authorization decisions. IdP operators can then simply discover which attributes they need to release for your SP. Additionally, if your SP is accessed by researchers and learners in other federations through eduGAIN, then it may mandatory to include these elements.

Less than 10% of Service Providers currently include RequestedAttributes, so if you want to reduce the friction of on boarding IdPs, especially from international customers, please consider adding these elements to your registration. Our documentation is at https://www.ukfederation.org.uk/content/Documents/RequestedAttribute or email the helpdesk at service@ukfederation.org.uk

Public Libraries

The Society of Chief Librarians (SCL) and Jisc are running a pilot focused on enabling English Public libraries to access online resources using the UK federation. It is the hope that this will mean the extension of the Single Sign On (SSO) user experience beyond the current education community to everyone in England.

Members Town Hall Meeting

We will be holding a Town Hall meeting for UK federation members in Birmingham on February 8th 2017. Topics will be free ranging and decided by you. All the UK federations’ technical experts will be on hand and the event (which will be free), will be between 11am and 3.30pm. A sign up form will go out shortly but feel free to reserve a place now by emailing Mark Williams mark.williams@jisc.ac.uk and include any UK federation topics that you would like to see discussed at the meeting.

Any questions?

If you’ve any questions or comments about the content of this email, or the UK federation in general please email us at service@ukfederation.org.uk or mark.williams@jisc.ac.uk

Best regards

Steve, Mark, Alex, Jon and Rhys.

Edited by SteveGlover on 19 January 2018, at 11:21 AM