Building a National Access Management Infrastructure Kieran Loftus Director of Computer Services, NUI, Galway November 2007 Kieran Loftus HEAnet Conference November 2007

Agenda What do we need and why? Benefits & side effects Where we stand Next steps Kieran Loftus HEAnet Conference November 2007

What do we need? “Sustainable World-Class Research” Support for collaboration, mobility, resource sharing Effective, secure, simple Provide an attractive environment for research Flexible Teaching & Learning Academic Mobility Collaborative programmes Student mobility between institutions Personal Mobility Work anywhere International effectiveness Research collaboration, Erasmus, non-EU students Kieran Loftus HEAnet Conference November 2007

Immediate drivers Access to licensed resources Publisher expectations won’t be IP based Growth of shared resources (IREL, NDLR) Need a simple authentication solution Emergence of collaborative academic programmes Collaborations Cork, Galway, Limerick Registration issues Student mobility in Dublin Research expectations Multiple collaborations Rapid and flexible collaboration Protection of shared outputs International & Marketplace developments Suppliers can offer solutions Shibboleth in UK, US, Mainland Europe Kieran Loftus HEAnet Conference November 2007

What does this mean in practice? Home Away Access provided on the basis of data maintained & provided by home institution Definitive Source of Identification Data Resource Kieran Loftus HEAnet Conference November 2007

What does this mean in practice? Business rules to support collaboration Who can access resources? Who should control access? How can we trust and be trusted? What standards must procedures meet? Good Local Identity & Access Management Based on good campus-wide procedures Needs to meet agreed (inter)national standards Need for an “others” database May all lead to significant local benefits Technical solution on a national scale International compatibility Kieran Loftus HEAnet Conference November 2007

Local Benefits of Local IAM Service improvements, Cost savings Eliminate Multiple id Databases Drive local process improvements Better management of joiners & leavers Better tracking of “others” Library resource access IT Provisioning & simplified sign-on Security Management Campus resource access Kieran Loftus HEAnet Conference November 2007

Towards a Sustainable Solution Two main ideas: Option One: Do what others have done Create an “Irish Access Management Federation” Is Shibboleth the only sensible option? Option Two: One big national academic directory Ireland is smaller Most students are CAO registered The products can support it Could we possibly deliver it? Kieran Loftus HEAnet Conference November 2007

Solution Issues Federation Centralised solution Replicates working solutions elsewhere Needs central leadership (or strong coordination) Requires Local IAM Solutions Extensible internationally – may not be easy Centralised solution May be appropriate to Irish scale Definitely requires shared central management How to deliver it? May relieve local resources Still need to provide international solution Potentially significant national benefits Potential political issues Kieran Loftus HEAnet Conference November 2007

Current Status eInis consortium, PRTLI funded SIF Cycle 2 Universities proposal Aim: to make sure that users are given simple and secure access to the resources which they need from any location Assumptions: Will extend to entire third level sector Central role of HEAnet Limited local deployments already Kieran Loftus HEAnet Conference November 2007

What should we do next? SIF Cycle 2 Outcome December 07 Then (assuming funding available): Mobilise project partners Legal & Governance Framework Architectural study & decision Full project definition Pilots Kieran Loftus HEAnet Conference November 2007

Thank You Kieran Loftus HEAnet Conference November 2007