SWITCH Identity Blog

The Identity Blog puts the spotlight on identity management, digital identities, identifiers, attributes, authentication and access management.


Swiss edu-ID Update Event 2017

Save the date: Thursday 29 June 2017

The focus is put this year on an update about the project Swiss edu-ID and the service SWITCH edu-ID, whose deployment starts in 2017.
Note that no SWITCHaai specific topics are foreseen.

The event will take place June 29 , 11:00 – 16:15, in Berne at UniS, Schanzeneckstrasse 1, room A-126.

Preliminary Programme:

11:00 – 12:00   SWITCH edu-ID for beginners (for people not already familiar with SWITCH edu-ID)

12:00 – 13:15   Arrival for afternoon participants and Lunch
(afternoon participants are warmly welcome to take lunch with us)

13:15 – 14:30   Pilots and current project status

14:30 – 14:55  Coffee break

14:55 – 16:15    Status Migration Strategies, roadmap and next steps

16:15                 End of event

 

Update 2016-06-01: Registration site with updated agenda


Swiss edu-ID Deployment 2017 – 2020

Project for Deployment Step 1 in 2017 submitted

Meanwhile SWITCH has submitted – together with 7 institutions – a project proposal for the deployment of Swiss edu-ID during 2017 to swissuniversities. The participating universities EPFL, FHNW, UNIFR, UNIGE, UNIL, UNISG and ZHAW intend to analyse their options in order to generate optimal benefit by the use of Swiss edu-ID and for choosing an appropriate way for the integration within their systems and processes.

plan_2017-2020.jpg

Planned deployment steps 2017-2020 with entry points for universities

Develop an individual migration plan first

The migration is a required step for all organizations served by SWITCHaai to unleash the full potential of Swiss edu-ID. Swiss edu-ID offers more interfaces to and from the systems of the Swiss edu-ID participants. Therefore a cooperative identity management approach might deliver additional value by being more efficient and covering additional identity management use cases, e.g., by triggering specific identity management workflows at connected sites. Such opportunities have to be evaluated by institutions relating to their general system development and the migration plans.
But planning is only the first step for an organisation. SWITCH intends to submit follow-up projects in the upcoming years (2017-2020). This approach allows universities to find a suitable entry point to start preparation and afterwards the migration to Swiss edu-ID.

plan_2017

Project plan 2017 (simplified)

SWITCH will provide generalised findings of all migration plans from this project to ease individual migration planning steps for organizations following later.

Improve functionality continuously

Whereas organisational “Migration Strategy” work packages are foreseen for the planning of future organisational migrations to Swiss edu-ID, the “Functional Upgrade” work packages extend the features of the Swiss edu-ID in line with stakeholder requirements. They deal with identifying or piloting measures to deliver additional benefits carried out by a subset of the partners and with the implementation of prioritized features requiring additional effort to be deployed for organisational migrations. Thoas work packages are:

  • Support for usage of AHVN13: Analysis of current usage, legal implications and technical approaches, description of solution (FHNW & SWITCH)
  • Privacy and Data Security: Analysis of restrictions for storage and exchange, of technical methods, and description of processes to grant data economy and legal accuracy (EPFL & SWITCH)
  • Uniqueness: Implementation of duplicate prevention (on the fly and in batch mode) and resolution process involving end users
  • Credential Management: Comparison of password policies, implementation of harmonization framework, user workflows for password selection and second factor
  • 3rd Party Vetting: Implementation of vetting mechanisms for increasing quality of name attributes and passport number by 3rd parties
  • Group Management: Allow management of arbitrary flat groups defined by end users (with Grouper), delivery of an affiliation attribute and integration with an attribute provider mechanism

Further components as well as organisational migrations should be included in subsequent applications for the following deployment steps in 2018-2020.


Swiss edu-ID 2017 – 2020

SWITCH intends to fully deploy the Swiss edu-ID by the end of 2020, with almost all organisations migrated from SWITCHaai to Swiss edu-ID.
To this end, several organisations have already started, or will start migration strategy projects jointly with SWITCH. The aim of these projects is to plan the migration locally at the respective organisation as a first step.
An organisation which decides to start such a project should choose their most convenient time from a couple of possible dates (one starting point every year between now and 2020). steps_2017-2020
(details presented at update event in June)

This kind of projects might get funded by the program PgB5, which is organized by swissuniversities. The deadline for the next submission of projects is approaching (August 14, 2016).
Seven universities have already decided to start with the first step – the development of their own migration strategy by

  • analysing the specific system landscape and services at their organisation with respect to identity management,
  • evaluating additional benefits of a higher integration depth with the Swiss edu-ID (“migrated” or “integrated”),
  • choosing an appropriate migration scenario and planning of migration steps,
  • estimating the resource requirements of the migration, and
  • drafting their organisational Swiss edu-ID migration project plan.

The desired output of those migration strategy projects will be migration plans – or drafts thereof – for each participating organisation. Such a plan can then be proposed to the management of the organisation. If the university management agrees, a subsequent migration project (step 2), possibly funded again by PgB5, can then be submitted, targeting at actually adapting the existing infrastructure to the Swiss edu-ID service.


1 Comment

RFI on Swiss edu-ID IdM open

As announced the phase of the survey conduction has started and the RFI documents have been sent to interested participants 4th of May.
The RFI documents are published on the Swiss edu-ID website.

Deadline for RFI answers is May 22nd, 2016.

By June 1st the most promising participants will be determined and invited to a presentation workshop.
Workshops will take place from June 6th until 10th.


RFI on Swiss edu-ID IdM

With a Request for Information (RFI), SWITCH wants to gain an overview of Identity Management solutions, including Open Source, on the market today that may fit Swiss edu-ID requirements.

Today potential providers of an IdM solution for Swiss edu-ID have been invited to participate in the Request for Information. The invitation and additional information on the Swiss edu-ID environmental fit are published on the Swiss edu-ID website.

Companies should express their interest explicitly to eduid.rfi@temet.ch no later than May 3rd, 2016, and provide the E-Mail address of the intended RFI recipient.
The RFI will be distributed no later than May 5th, 2016, and answers to the RFI are expected no later than May 22nd, 2016.


AAI & Swiss edu-ID Update Event 2016

Thursday 30 June 2016, Berne

Details & Registration

Would you like to know more about the

  • current status of AAI and interfederation
  • OpenID Connect
  • Multi-Factor Authentication
  • Single logout with IdPv3

or more about the

  • Swiss edu-ID architecture
  • new pilots and use cases
  • integration and follow-up project plans ?

Then we would like to invite you to this event with an AAI Update in the morning (10:15 – 12:00)
followed by a Swiss edu-ID Update in the afternoon (13:15 – 16:15).