Swiss edu-ID Update Event 2017

Save the date: Thursday 29 June 2017

The focus is put this year on an update about the project Swiss edu-ID and the service SWITCH edu-ID, whose deployment starts in 2017.
Note that no SWITCHaai specific topics are foreseen.

The event will take place June 29 , 11:00 – 16:15, in Berne at UniS, Schanzeneckstrasse 1, room A-126.

Preliminary Programme:

11:00 – 12:00   SWITCH edu-ID for beginners (for people not already familiar with SWITCH edu-ID)

12:00 – 13:15   Arrival for afternoon participants and Lunch
(afternoon participants are warmly welcome to take lunch with us)

13:15 – 14:30   Pilots and current project status

14:30 – 14:55  Coffee break

14:55 – 16:15    Status Migration Strategies, roadmap and next steps

16:15                 End of event


Update 2016-06-01: Registration site with updated agenda

Swiss edu-ID Deployment 2017 – 2020

Project for Deployment Step 1 in 2017 submitted

Meanwhile SWITCH has submitted – together with 7 institutions – a project proposal for the deployment of Swiss edu-ID during 2017 to swissuniversities. The participating universities EPFL, FHNW, UNIFR, UNIGE, UNIL, UNISG and ZHAW intend to analyse their options in order to generate optimal benefit by the use of Swiss edu-ID and for choosing an appropriate way for the integration within their systems and processes.

Planned deployment steps 2017-2020 with entry points for universities

Develop an individual migration plan first

The migration is a required step for all organizations served by SWITCHaai to unleash the full potential of Swiss edu-ID. Swiss edu-ID offers more interfaces to and from the systems of the Swiss edu-ID participants. Therefore a cooperative identity management approach might deliver additional value by being more efficient and covering additional identity management use cases, e.g., by triggering specific identity management workflows at connected sites. Such opportunities have to be evaluated by institutions relating to their general system development and the migration plans.
But planning is only the first step for an organisation. SWITCH intends to submit follow-up projects in the upcoming years (2017-2020). This approach allows universities to find a suitable entry point to start preparation and afterwards the migration to Swiss edu-ID.

Project plan 2017 (simplified)

SWITCH will provide generalised findings of all migration plans from this project to ease individual migration planning steps for organizations following later.

Improve functionality continuously

Whereas organisational “Migration Strategy” work packages are foreseen for the planning of future organisational migrations to Swiss edu-ID, the “Functional Upgrade” work packages extend the features of the Swiss edu-ID in line with stakeholder requirements. They deal with identifying or piloting measures to deliver additional benefits carried out by a subset of the partners and with the implementation of prioritized features requiring additional effort to be deployed for organisational migrations. Thoas work packages are:

  • Support for usage of AHVN13: Analysis of current usage, legal implications and technical approaches, description of solution (FHNW & SWITCH)
  • Privacy and Data Security: Analysis of restrictions for storage and exchange, of technical methods, and description of processes to grant data economy and legal accuracy (EPFL & SWITCH)
  • Uniqueness: Implementation of duplicate prevention (on the fly and in batch mode) and resolution process involving end users
  • Credential Management: Comparison of password policies, implementation of harmonization framework, user workflows for password selection and second factor
  • 3rd Party Vetting: Implementation of vetting mechanisms for increasing quality of name attributes and passport number by 3rd parties
  • Group Management: Allow management of arbitrary flat groups defined by end users (with Grouper), delivery of an affiliation attribute and integration with an attribute provider mechanism

Further components as well as organisational migrations should be included in subsequent applications for the following deployment steps in 2018-2020.

Swiss edu-ID 2017 – 2020

SWITCH intends to fully deploy the Swiss edu-ID by the end of 2020, with almost all organisations migrated from SWITCHaai to Swiss edu-ID.
To this end, several organisations have already started, or will start migration strategy projects jointly with SWITCH. The aim of these projects is to plan the migration locally at the respective organisation as a first step.
An organisation which decides to start such a project should choose their most convenient time from a couple of possible dates (one starting point every year between now and 2020). steps_2017-2020
(details presented at update event in June)

This kind of projects might get funded by the program PgB5, which is organized by swissuniversities. The deadline for the next submission of projects is approaching (August 14, 2016).
Seven universities have already decided to start with the first step – the development of their own migration strategy by

  • analysing the specific system landscape and services at their organisation with respect to identity management,
  • evaluating additional benefits of a higher integration depth with the Swiss edu-ID (“migrated” or “integrated”),
  • choosing an appropriate migration scenario and planning of migration steps,
  • estimating the resource requirements of the migration, and
  • drafting their organisational Swiss edu-ID migration project plan.

The desired output of those migration strategy projects will be migration plans – or drafts thereof – for each participating organisation. Such a plan can then be proposed to the management of the organisation. If the university management agrees, a subsequent migration project (step 2), possibly funded again by PgB5, can then be submitted, targeting at actually adapting the existing infrastructure to the Swiss edu-ID service.

RFI on Swiss edu-ID IdM open

As announced the phase of the survey conduction has started and the RFI documents have been sent to interested participants 4th of May.
The RFI documents are published on the Swiss edu-ID website.

Deadline for RFI answers is May 22nd, 2016.

By June 1st the most promising participants will be determined and invited to a presentation workshop.
Workshops will take place from June 6th until 10th.

RFI on Swiss edu-ID IdM

With a Request for Information (RFI), SWITCH wants to gain an overview of Identity Management solutions, including Open Source, on the market today that may fit Swiss edu-ID requirements.

Today potential providers of an IdM solution for Swiss edu-ID have been invited to participate in the Request for Information. The invitation and additional information on the Swiss edu-ID environmental fit are published on the Swiss edu-ID website.

Companies should express their interest explicitly to no later than May 3rd, 2016, and provide the E-Mail address of the intended RFI recipient.
The RFI will be distributed no later than May 5th, 2016, and answers to the RFI are expected no later than May 22nd, 2016.

AAI & Swiss edu-ID Update Event 2016

Thursday 30 June 2016, Berne

Details & Registration

Would you like to know more about the

  • current status of AAI and interfederation
  • OpenID Connect
  • Multi-Factor Authentication
  • Single logout with IdPv3

or more about the

  • Swiss edu-ID architecture
  • new pilots and use cases
  • integration and follow-up project plans ?

Then we would like to invite you to this event with an AAI Update in the morning (10:15 – 12:00)
followed by a Swiss edu-ID Update in the afternoon (13:15 – 16:15).


Are you aware of other eID initiatives?

This is one of the questions we answer quite often – and the answer is “yes”. Of course we do observe initiatives within Switzerland (mainly eGovernment related) and abroad, and including international projects with common tasks and possible synergies. In addition to simply monitor what others do, we build relationships, exchange know-how, evaluate eID initiatives of other National research and education networks (NRENs), provide advice for groups who only yet start with federation projects, and SWITCH is active in international projects as GEANT.
Hereafter you find some examples of initiatives and projects, their goals and concepts, common activities (if any), and some ideas about common interests or possible synergies.

Continue reading “Are you aware of other eID initiatives?”

AAI & Swiss edu-ID Update 2016

Save the Date: Thursday 30 June 2016

This year the joint update event of SWITCHaai & Swiss edu-ID will take place for the third time – this year a little bit earlier – already dated June 30, as ever in Berne.

Note the date in your agenda for this all-day event where you will get up-to-date information about SWITCHaai, Swiss edu-ID version 2.0  and migration scenarios, as well as having opportunities for exchange with IdM/IAM specialists and service responsibles of other institutions.

Registration information follows later in this blog, AAI mailinglists and the Swiss edu-ID newsletter (

Bye-bye Guest IdP – Welcome Swiss edu-ID

Since February 2012, SWITCH has operated the Guest Login Identity Provider (Guest IdP), which allowed users without a regular AAI account to access certain services. The Guest IdP has also allowed what was otherwise not possible with SWITCHaai: a quick and easy self-registration to access AAI services.

Continue reading “Bye-bye Guest IdP – Welcome Swiss edu-ID”

New SWITCH story “Exercising caution when processing personal data”

Swiss edu-ID is widely based on SWITCHaai, but there are some fundamental differences to take into account since a Swiss edu-ID is a persistent and user-centered identity. What impact this has on data protection and processing issues is discussed in this new article.

You  find Legal and Data Protection Questions also answered in our FAQ section.

New SWITCH story “Who is liable for the Swiss edu-ID?”

What happens if a Swiss edu-ID account is misused? And if the information used to verify a person’s authorisation proves to have been wrong who is then liable – the service operator, the user or the source of the attribute? Where is the Code of Obligations applicable? Read more about these legal questions in this new SWITCH story.

eID for Switzerland is on the road

Imagine you get a Swiss electronic identity. What should it look like?
asked the Swiss edu-ID team to comment on their concept of a federal eID.

A starting point
In Sweden more than 50% of citizens already have an eID – an identity originally issued by the private sector (as banks) and developed further towards a standardised identity assertion and a more federated approach. Meanwhile, in Switzerland the foundation for a federal electronic identity will now be laid by presenting an eID concept to the Federal Council and then by starting the process to implement it in law.

As e-identities are widely used in Switzerland and also issued by several organisations (SuisseID, MobileID, Swiss edu-ID etc.), in May 2015 the Federal Office of Police (fedpol) started a consultation about the proposed eID concept. SWITCH provided our statement among a group of 68 companies and institutions with expertise in Identity Management. Now the interpretation of the answers and conclusions are available.

Continue reading “eID for Switzerland is on the road”