Link ORCID iD to Swiss edu-ID

Owners of a Swiss edu-ID can now link their ORCID iD (Open Researcher and Contributor ID) to their Swiss edu-ID profile. Go to your Swiss edu-ID profile and link your ORCID iD now.

The ORCID iD is imported to the Swiss edu-ID profile in a secure way making sure that only the owner of the ORCID iD can import it, and that the iD can’t be tampered with.

Linked-identities

 

Individuals who do not yet have an ORCID iD can create one on the fly and link it to their Swiss edu-ID.

Once the ORCID iD is linked to a Swiss edu-ID account, it is available to services in the attribute eduPersonOrcid. This greatly helps services to include the ORCID iD in their business workflows and likewise enhances the benefit for scientific authors.

About ORCID: ORCID (Open Researcher and Contributor ID) is a nonproprietary code to uniquely identify scientific and academic authors. It is operated by the non profit organization orcid.org. Individuals can include their ORCID identifier on their web page, in their publications, when they apply for grants, and in any research workflow to ensure they get credit for their work.

See also Swiss edu-ID ORCID working group report.

Swiss edu-ID 1.0 Launch

SWITCH is happy to announce the start of the productive phase of Swiss edu-ID Version 1.0.
The user interface is available here and allows individuals to create their Swiss edu-ID identity from scratch or to build one based on a SWITCHaai account.

The Swiss edu-ID Identity Provider is ready for pilots and productive services that wants to connect their resources.
This will allow such services to open up new groups of users as:

  • former university members no longer having an AAI account (–> services for Alumni)
  • guests without relationship to a Swiss Higher Education Institution (–> provision of WLAN access etc.)
  • regular users without strong relationship to a Swiss Higher Education Institution (–> national services open to a larger public)

The Swiss edu-ID IdP is part of the SWITCHaai federation and therefore rules of this framework apply.

Several pilot projects and resources are already foreseen to connect to Swiss edu-ID in 2015, but we welcome other services that want to profit by the possible larger user base and verified core attributes to discuss implementation options (contact swisseduid@switch.ch).

Final Report of the ORCID Working Group is Available

The first Swiss edu-ID working group has completed its report. The aims were to determine the relevance of the ORCID identifier for libraries, unversities and publishers and to identify pilot applications for the Swiss edu-ID.

Chapter 1 summarizes the relevance of ORCID for the institutions who participated in the working group (ETHZ, MDPI, SNF, UniBE, UniGE, UZH, ZB) while chapter 2 describes ORCID in more detail and compares it with other relevant identifiers. Chapter 3 describes in detail the ORCID-related plans and thoughts of the participating institutions. Chapter 3 will not be publicly available and is only distributed to members of the SWITCH community on request.

We can briefly summarize the outcome of the WG as follows:

  • ORCID is percieved as a promising initiative with broad support from academic institutions, libraries and publishers world-wide
  • Only a small fraction of researchers and authors actively use their ORCIDs in publications, and it is estimated that ORCID will be accepted only slowly.
  • About one third of the WG participant’s institutions have concrete plans to use ORCID in their systems, about one third have made their first steps and the last third does not have plans to use ORCID.
  • A verified ORCID attribute is estimated to be a valuable addition to the Swiss edu-ID attribute set.

The public version of the ORCID report is available for download in the documents section.

CUS P-2 Follow-up Project Submitted

Today, SWITCH hast submitted a follow-up project (phase II) to the current Swiss edu-ID project which is running until end of July 2015. The aims of phase II are

  • successful operation of Swiss edu-ID v1.0 and its use cases from phase I
  • implementing the Swiss edu-ID v2.0 service with the main new features
    • connecting the Swiss edu-ID platform to institutions to enable attribute exchange
    • support for authentication protocols beyond SAML that allow for mobile integration
  • continue the successful involvement of the community in working groups and through information events

The project proposal is now under review at swissuniversities. A decision of the program committee is expected in July 2015.

Project Abstract

New national services being developed within the frame of the CUS P-2 project will in almost all cases require reliable identity and access management (IAM). The Swiss edu-ID addresses that need, by providing a comprehensive IAM service framework to all relevant players: universities, individuals and service providers.

The SWITCHaai is a well-established IAM solution for the Swiss universities that places identity management under the responsibility of the participating universities and allows for effective resource sharing across organisational borders. However, this approach has several drawbacks:

  • University members with multiple roles or jobs are assigned multiple electronic identities, which need to be managed individually.
  • Individuals lose their electronic identity when they change role or affiliation and are unable to recover the same identity if it is needed at a later date.
  • Individuals collaborating with universities, but without a strong affiliation with one of those universities are not issued such an organisation-centric identity. Almost all resources need to manage this potentially large user group without SWITCHaai support.
  • The existing SWITCHaai service is not perceived to support mobile and other non-web environments adequately.

The Swiss edu-ID is addressing those shortcomings. It does it by building on the very successful SWITCHaai, but changing/extending it in several ways. In the predecessor project “Swiss edu-ID” the basis for a successful continuation was set by completing the Swiss edu-ID high-level architecture, by implementing Swiss edu-ID V0.5 with a new set attributes, and by conducting a market overview of access management platforms. The first important change is delivered by the Swiss edu-ID v1.0 service:

  • All individuals collaborating with our community can get a Swiss edu-ID identity, regardless of whether a user is currently affiliated with an organisation in our community or not.

The project „Swiss edu-ID Phase II“ described in this proposal will implement the Swiss edu-ID v2.0 service with those two additional features:

  • The Swiss edu-ID will carry up to date information about roles and affiliations within the academic community. This information will be provided by those member organisations themselves.
  • The Swiss edu-ID will support the most promising protocols for mobile integration.

Services wishing to make use of the functions offered by the “Swiss edu-ID” will receive consultancy services from the project, get access to the Swiss edu-ID service and the project will seek ways to support use cases needing adaptations or extensions to the existing services. Specific integration work at the user side, however, is not within scope and should be provided by the respective user service. Project management will take appropriate steps to evaluate requests for functional extensions within the governance structures.

RFI Results

In November 2014 SWITCH has carried out a Request for Information (RFI) to gain a market overview of IAM frameworks that match the requirements of the Swiss edu-ID project. A total of 11 companies have handed in one or two solution proposals. Five companies were invited in Dec ’14 to personally present their proposal.

The principal findings of the RFI are:

  1. The building blocks access management (AM) and identity management (IdM) have to be evaluated seperately. It is advisable for the Swiss edu-ID project to first select the appropriate AM framework.
  2. For the AM framework the two most promising alternatives are
    • Build the Swiss edu-ID on the current (SWITCHaai) Shibboleth infrastructure, and extend Shibboleth to support new AM-protocols. On this natural evolution path, it is easier to provide compatibility with SWITCHaai.
    • Build the Swiss edu-ID on the commercial open-source product ForgeRock. This ia a disruptive approach with would allow to take advantage from a bunch of new funcionalities of a new product.

The details of the RFI results are documented in the following reports, which can also be found in the documents section:

  • RFI procedure and results: of the Swiss edu-ID project team. This is the public version without details about the participating vendors and their products. A confidential full version is available for SWITCH community members on request.
  • Swiss edu-ID with Shibboleth: a comparison of Prof. Gerhard Hassenstein of Sibboleth and commercial AM solutions

The next steps are to pilot the two alternative AM approaches (Shibboleth vs. ForgeRock) and choose one of them until summer this year. Once the AM platform has been chosen, SWITCH plans to conduct a RFP for a complete IAM solution that includes the AM and IdM building blocks.

RFI Responses and Next Steps

We were positively surprised about the impressive amount of reponses to our RFI of November 2014.

  • A total of 11 vendors, integrators and producers have submitted a response to our RFI
  • A total of 9 products or product suites for identity and/or access management were presented in the RFI answers

During the month of December we have invited five vendors to present their solution to SWITCH and interested parties of the SWITCH community. As a first result it was interesting to see that access management seems to be a hot topic for producers who released many new products and updates in recent times. They follow different design philosophies and cover a vast range of architectures in IAM. In most cases, the vendors give access to their source code, although the license is not always “pure” open source.

SWITCH will now summarize and evaluate all the collected information. The aim is to assess the presented solutions with respect to the requirements for the Swiss edu-ID. The findings will be published in January 2015.

Request for Information on Identity Management Solutions (RFI)

The community of Swiss higher education wants to bring federated identity management to the next level. Therefore SWITCH is working on a new centralized and user-centric identity management solution, available to higher education and third-party service providers, across organizational boundaries.

To clarify strategic design options and the best way to go forward, SWITCH initiates a Request for Information (RFI) today. Interested vendors or integrators find here the RFI document which also includes important administrative information.

Deadlines:

  • Questions about the RFI must be sent by e-mail to swisseduid@switch.ch until Tuesday, 11 November 2014
  • Clarifications will then be sent in an anonymised form to all RFI participants by 14 November 2014
  • Participating companies are kindly asked to hand in their answers by e-mail to swisseduid@switch.ch until Friday, 28 November 2014

Based on the insight gained from the RFI responses, SWITCH may hand in a project request to actually be able to acquire and build the new system.

Swiss edu-ID High Level Architecture

One of the first important steps towards Swiss edu-ID is the High Level Architecture. The document builds the general frame for the future system design.

The High Level Architecture describes the envisaged future identity management solution of the SWITCH Community (see also summary/flyer). Both documents are available in our document section.
A group of nine IdM specialists out of the Swiss HEI’s contributed to the description of

  • goals
  • basic concepts
  • trust, privacy and security principles
  • stakeholders and roles
  • Identity Management service for Swiss Higher Educationand and
  • the Swiss edu-ID Architecture

It is well understood, that collaboration does not stop at national borders. Special care is taken to stay open to future developments to scale internationally and not to introduce incompatibilities with emerging trends and solutions elsewhere.

Open Badges as Academic Certificates?

In the context of the work package Long-term Storage of Forgery-Proof Certificates we have been taking a closer look at the Mozilla Open Badges initiative.

The main aims of open badges are to provide a framework and tools that help any person to

  • show the personal skills and achievements
  • build prestige
  • help finding a job

To illustrate the usage and scope let us have a look at a typical scenario:

Alice runs the non-profit website fotolovers with hints for amateur photographers. In the forum, users can ask questions and help each other. One user, Bob, has already spent a lot of time helping others with useful tips. Whis his unfailing help and high quality contributions Bob is a highly respected member of the community. Alice decides to express the community’s gratitude to Bob by issuing him the Open Badge “fotolovers Guru”. Bob, being proud of this award puts the badge on his personal website. Eventually, his capabilities are recognized by a local photographers association, and they invite Bob to give a talk on their next assembly.

Formally, the approach works as follows

  1. An individual person has earned a skill or learned something that is worth mentioning to the public, communities or employers.
  2. Another person or organization – the issuer – is ready to approve that the skill has really been acheived. This is done by issuing a digital badge that is handed over to the owner.
  3. The owner can display the badge on websites or social media platforms. The authenticity of a badge can be verified by anyone.

Basically,hackasaurus a bagde is a common digital image in PNG format like the image on the right. In the metadata part of the image there is a link that points to a description of the achievement and a description of the issuer. Both descriptions are hosted on the web site of the issuer – that would be the photo amateurs website in our example above.

In practice, a user usually does not collect bagdes on the local computer. Badges are to be shown to the public, so they should be on the web. Although a badge can be directly embedded in any web page they are usually displayed on specialized sites, that also perform the verification of the badges. A popular site to store and display badges is Mozilla Backpack. Issuers can optionally directly send bagdes to Backpack, so that the user never gets in touch with his/her badges.

The intriguing aspect of Open Badges is its simplicity and openness. They have been designed with “smaller” skills in mind in a more informal context. But why not using Open Badges in academic institutions too? Would it make sense to award badges for exam results, for term papers or even fully-fledged bachelor and master degrees? And could badges replace paper-based diplomas?

We are trying to answer these questions – and will keep you up to date on this channel

For more information about open badges go to http://openbadges.org.

Keep the Key (Video)

The TERENA Networking Conference (TNC) is the largest European research networking conference. In his presentation Identity Management for Lifelong Learners Christoph Graf presented an overview of what SWITCH wants to achieve with an e-identity infrastructure.

At the beginning of the talk stands the promise of AAI: You as a student get one key, and with that you get access to all necessary resources and web services. However, due to the organization-centric nature of identity management in AAI there are two problems:

  1. the student gets more than one key if he/she is affiliated with more than one university, and
  2. the student has to give back the key when he/she leaves the university

The aim is a more user-centric infrastructure that allows a student to do everything with one key – a key that you can keep for a lifetime.

Watch and enjoy the video recording of Christoph’s presentation at https://tnc2013.terena.org/web/media/archive/4D (starting at minute 66).

Launch of SWITCHportfolio pilot phase

SWITCH is happy to announce the start of the SWITCHportfolio pilot service: https://portfolio.switch.ch

The service SWITCHportfolio which is based on the open source product Mahara is offered to members (students, teachers, staff) of Swiss higher education institutions.

During the pilot phase we need to get feedback about SWITCHportfolio. Is this the kind of service you (student, teacher etc) expect? Do you have further requirements? Now is the time to shape the service according to your needs! Don’t miss that opportunity.

Before members of a university can use the service, the institution has to subscribe to it. Read the About section or contact us (portfolio-support@switch.ch) to subscribe a new institution.

Please read the About and FAQ section
https://www.switch.ch/portfolio/
with more information about the pilot service, FAQs and participating institutions. This page will be continuously updated during the pilot phase.

thanks for your interest – and don’t hesitate to send us your feedback

Long-term Storage of Forgery-Proof Certificates in User Centric Environments

Although we live in a digital world, students who sucessfully leave the university still get a printed diploma or an academic certificate on shiny, high-quality paper. In order to use these certificates in a meaningful way, they have to be digitized by means of a scanner. The scanned diplomas must then be attached to job applications or enrollments for training courses – all processes which are nowadays entirely happening on the internet.

Hence the need for genuine digital diplomas, which of course should be more tamper-proof than their paper-based counterparts. In the pre-study “Long-term Storage of Forgery-Proof Certificates in Use Centric Environments” this topic will be adressed. In particular, approaches will be developed and discussed, that allow users to manage their digital diplomas in e-portfolio systems for a very long time – ideally during their entire life.

The kick-off meeting of the project took place this week, and it will be finished by December 2013. Participating institutions are the University of Geneva, the University of Lausanne and SWITCH.

Here’s an excerpt of the project application:

The e-portfolio tool allows learners to store various digital artifacts for presentations (CV, etc.) and/or reflections purposes (see UNIGE.10 – WP 9). The nature of these artifacts can take various forms: standard documents (word, pdf), multimedia (video, audio), wiki docs, etc. However, there are some artifacts that are difficult to implement in the current type of e-portfolios. Among them, (digital) certificates and diplomas delivered by higher educational institutions. These difficulties come both from the technical and organizational complexity stemming from the way digital certificates are implemented. In order to implement a workable solution at the Swiss level, a preliminary study on the subject is first needed.

Objective: Understand how forgery-proof academic certificates, signed and issued by universities, can be preserved by individuals in their pre- ferred personal environments. In particular, e-portfolio system should be able to manage and reference those certificates.

Work: Describe tools and organizational structures necessary to issue and manage signed digital certificates. Identify potential issues.

Using the e-Portfolio as Base for a Long-Term Digital Identity

e-portfolios have already gained interest as tools for learning during the studies or to conduct portfolio-based assessments. It seems that the third main application of e-portfolios as presentation tool is less developed so far.

This topic will now be adressed In the project Using the e-Portfolio as Base for a Long-Term Digital Identity funded in the context of the CRUS cooperation and innovation project Learning Infrastructure. The Unversities of Geneva and Lausanne together with SWITCH are going to identify

  • the most important sources of artifacts during the studies
  • the short-term and long-term usage of the artifacts
  • a concept for structuring and presentation of artifacts in the face of long-term usage

The kick-off meeting of the project was last week, and it will be finished by December 2013.

Here is an excerpt of the project description:

Whether reflexive, evaluative or showcasing the individual competencies, e- Portfolio systems store a considerable amount of data related to one’s identity. Research done in a previous the AAA-PLE.UNIGE.9 project made clear that tools integration, long-term preservation and availability of the e-Portfolio are critical factors for its adoption on the long-term. Depending on institutional implementation and scenario of use, e-Portfolio data can take multiple forms and formats. Currently, the typical e-Portfolio data structure does not provide suitable tools for the long-term management of personal digital information.

Objective : Provide the universities with a sound basis for the elabora- tion of their strategy for long-term preservation of e-Portfolio data. Work : Definition of a structural model to support the lifelong exploitation and management of e-Portfolio heterogeneous data and processes.

Visualising and presenting the e-Portfolio content in a lifelong perspective is a challenge in itself. It requires long-term dedication and systematics from the user. The AAA-PLE.UNIGE.9 project provided a first step in making possible the selective importation of reference skils lists into the e-Portfolio. In addition, support to further learning and showcasing one’s skills and knowledge to the professional world should also be facilitated on a lifelong basis.

Objective : Provide the individual learner with a data visualisation system to enhance quality of learning, as well as knowledge and skills awareness. Work : Specification of a data, artifact and processes aggregation system.