Presentation is loading. Please wait.

Presentation is loading. Please wait.

Baltic IT&T, Riga 2007 Identity Management within the educational sector in Norway Senior Adviser Jan Peter Strømsheim, Norwegian ministry of Education.

Published byLoraine Harrell Modified over 9 years ago

Similar presentations

Presentation on theme: "Baltic IT&T, Riga 2007 Identity Management within the educational sector in Norway Senior Adviser Jan Peter Strømsheim, Norwegian ministry of Education."— Presentation transcript:

1 Baltic IT&T, Riga 2007 Identity Management within the educational sector in Norway Senior Adviser Jan Peter Strømsheim, Norwegian ministry of Education and Research jps@kd.dep.no

2 2 Norwegian Ministry of Education and Research jps/20070419 Identity Management (IdM) Identity management is a broad administrative area that deals with –identifying individuals in a system (such as a country, a network, or an enterprise) and –controlling their access to resources within that system by associating user rights and restrictions with the established identity.

3 3 Norwegian Ministry of Education and Research jps/20070419

4 4 ICT trends: Usage in education All Norwegian universities and colleges are online since 1992 Currently all students in higher education use e- learning –Tracking learning, tracking teaching –Personalization requires stronger central ICT systems Traffic grows exponentially Above 95% of all primary and secondary schools are on-line Upper secondary schools – 55 students pr 100 PC –LMS and digital learning resources Compulsory education – 21 students pr 100 PC

5 5 Norwegian Ministry of Education and Research jps/20070419 New National Curriculum in Primary & Secondary Education from 2006 Basic skills as basis for all learning and development. The ability to –express oneself orally –read –express oneself in writing –do arithmetic –use information and communication technology ICT is integrated in all subject areas being part of the curriculum Report No. 17 (2006–2007) to the Storting: An Information Society for All Three preconditions in particular form the basis for the government’s commitment to digital inclusion: –Digital access, –Universal design and –Digital skills. Provisions must be made for identity management for primary and secondary education based on the Feide project.

6 6 Norwegian Ministry of Education and Research jps/20070419 FEIDE – Federated Electronic Identity for Norwegian Education FEIDE is a non-commercial identity management federation for people in education FEIDE is technology and plattform agnostic FEIDE offers guidelines and policy for campus identity management FEIDE-names are valid for all education services, and may be used internally, for community services and with educational related services

7 7 Norwegian Ministry of Education and Research jps/20070419 Why federate? Users and home organizations and service providers need to exchange information Trust establishment Information exchange Policy Technology Federations: authenticate enforce information flow policy privacy control security trust establishment

8 8 Norwegian Ministry of Education and Research jps/20070419 Business drivers for Feide End user: one username, one password Each educational institution benefits from –Local dataflow clean-up –Overview and control of services –Common guidelines, requirements and best practice for identity management University, college or school as Service Provider benefits –Easy integration of non-local users –Data protection contracts and guidelines Common shared services benefit from –Integrated user space –Data protection contracts and guidelines

9 9 Norwegian Ministry of Education and Research jps/20070419

10 10 Norwegian Ministry of Education and Research jps/20070419

11 11 Norwegian Ministry of Education and Research jps/20070419 Feide login User tries to access service Service transfer user to Feide login Authentication is done at campus –Local authentication point –Local control over information Authentication is confirmed with the service, possibly with attribute release –Attribute release controlled by user, governed by contract

12 12 Norwegian Ministry of Education and Research jps/20070419 “Hei! I am Maia – a freshman student” (Identity) “…this is my FEIDE name and password to prove it (Electronic identity) (Authentication: is this the right person?) “I want to delete a file in my Virtual Learning Environment” (Authorization : Maia can use the services she is supposed to have access to) “And I would like to change my midterm exam B into A” (Authorization  : Stop Maia from using a service she is not supposed to have access to ) Studying today…

13 13 Norwegian Ministry of Education and Research jps/20070419 CleanIT, the User Management System (BAS) process Identify key data Identify who is reponsible for –Initial data –Data updates –Data removal Organizational process –Move data maintenance out of the IT department –Enable Human Resource and Student Management staff to do their jobs better Student registry: FS or MSTAS HR/payroll system: rolling in SAP, currently shared systems across several institutions

14 14 Norwegian Ministry of Education and Research jps/20070419 Benefits: Campus/Institution Identity Provider Authoritative quality for all affiliated users Control of information flow for all affiliated users Enhanced user management simplifies and automates business processes Federated login provides access to services One contract with Feide eliminates bi-lateral contracts with all service providers Service Provider Access for all Feide users No local administration of user database Feide handles login and gives high quality data about users One contract with Feide eliminates bi-lateral contracts with all identity providers User One username One password (or other credential) Do not need to register information at each service, automatic updates from campus information Informed consent for personal data transfer Familiar log-in page may increase security

15 15 Norwegian Ministry of Education and Research jps/20070419 Identity management for education Feide since 2000 (initially higher education) –Operational login service since 2003 –Universities and university colleges: 2003 - 2006(7) Schools and Feide –Participation decided by Ministry of Education early 2006 –Identity management should be available by 2008 for all schools Strong campus identity management efforts –Universities and colleges develop and deploy IdM software –Organizational process: identify responsibilities and enforce routines for processing personal information –Supporting the Personal Data Act Operational service providers (current: 23)

16 16 Norwegian Ministry of Education and Research jps/20070419 Feide operates with –One Identity Provider (central login service) –Many Authentication points (one at each educational insitution) Attribute release is important –Feide-name valid only in organizational context –What school, affiliation, group, address, NIN, unit? –Provisioning: started PIFU standardization effort Cross-federations needed (imply IdP chaining) –National: MyID for public sector –Nordic: Kalmar Union for higher education and research –International: eduGAIN, InCommon? Service Oriented Architecture –Services talk on behalf of user to mediate content delivery

17 17 Norwegian Ministry of Education and Research jps/20070419 The way ahead -technical Consolidating BAS (user management system) for user management –Technical solutions Policy and regulations –Giving access to someone I do not control? Interfaces –XML definitions for import/export –LDAP based on eduPerson/noredu* Available software is improving

18 18 Norwegian Ministry of Education and Research jps/20070419 7 universities, 46 university colleges (210 842 persons) –+70% of students/others use FEIDE Primary, Lower and Upper Secondary Schools –865 000 pupils, teachers + pluss parents –454 upper secondary schools owned by 19 regions –Around 3100 schools owned by 430 municipalities

19 19 Norwegian Ministry of Education and Research jps/20070419 The way ahead -organizational Higher Education – FEIDE is on track The challenge: Primary and Secondary Education We need the important stakeholders onboard –the Business Associations of Norwegian knowledge- and technology based enterprises, –the Union of Education, –The Norwegian Association of Local and Regional Authorities, –The National Parents ’ Committee for Primary and Lower Secondary Education Political and financial backing –FEIDE is recognized by the Government as the IdM for Education in Norway –Funding is allocated on an annual basis

20 20 Norwegian Ministry of Education and Research jps/20070419 More information Information from Feide, including deployment status –http://www.feide.no/index.en.htmlhttp://www.feide.no/index.en.html Email for Feide: –administrasjon@feide.noadministrasjon@feide.no Questions for Jan Peter or Ingrid Melve (leader of the Feide Project) jps@kd.dep.no ingrid.melve@uninett.nojps@kd.dep.noingrid.melve@uninett.no

Download ppt "Baltic IT&T, Riga 2007 Identity Management within the educational sector in Norway Senior Adviser Jan Peter Strømsheim, Norwegian ministry of Education."

Similar presentations

Federation management A mess? 9.4.2008 Nordunet Conference Mikael Linden CSC, the Finnish IT Center for Science.

Federation management A mess? Nordunet Conference Mikael Linden CSC, the Finnish IT Center for Science.
© State Services Commission, 2006 Authentication to access government services What might the future hold? Laurence Millar Deputy Commissioner Information.

© State Services Commission, 2006 Authentication to access government services What might the future hold? Laurence Millar Deputy Commissioner Information.
Promoting Knowledge. 2 Norwegian Ministry of Education and Research Administrative levels. Counties (19) Ministry of Education and Research Municipalities.

Promoting Knowledge. 2 Norwegian Ministry of Education and Research Administrative levels. Counties (19) Ministry of Education and Research Municipalities.
Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
ELAG Trondheim 2004 1 Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.

ELAG Trondheim Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.
Study visit to Karmøy / Haugesund (Norway, 2012) Dilys Vyncke Flanders, Belgium.

Study visit to Karmøy / Haugesund (Norway, 2012) Dilys Vyncke Flanders, Belgium.
Standards Certification Education & Training Publishing Conferences & Exhibits Using Outbound IP Connections for Remote Access EXPO 2005 Chicago, IL.

Standards Certification Education & Training Publishing Conferences & Exhibits Using Outbound IP Connections for Remote Access EXPO 2005 Chicago, IL.
Outsourcing IAM in North Carolina

Outsourcing IAM in North Carolina
Digital Identities for Networks and Convergence Joao Girao, Amardeo Sarma.

Digital Identities for Networks and Convergence Joao Girao, Amardeo Sarma.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST 24-27 May 2005, Edinburgh.

1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.

1 eAuthentication in Higher Education Tim Bornholtz Session #47.
Information Technology Current Work in System Architecture November 2003 Tom Board Director, NUIT Information Systems Architecture.

Information Technology Current Work in System Architecture November 2003 Tom Board Director, NUIT Information Systems Architecture.
Information Resources and Communications University of California, Office of the President Current Identity Management Initiatives at UC & Beyond: UCTrust.

Information Resources and Communications University of California, Office of the President Current Identity Management Initiatives at UC & Beyond: UCTrust.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.

Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
Peter Deutsch Director, I&IT Systems July 12, 2005

Peter Deutsch Director, I&IT Systems July 12, 2005
Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.

Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.
Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –

Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –
Education in Norway. 2 Norwegian Ministry of Education and Research The system - Responsibilities Ministry of Education (MoE) - policy, legislation, budget.

Education in Norway. 2 Norwegian Ministry of Education and Research The system - Responsibilities Ministry of Education (MoE) - policy, legislation, budget.
Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.

Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.
Identity and Access Management Business Ready Security Solutions.

Identity and Access Management Business Ready Security Solutions.

Similar presentations

Ads by Google