New SWITCH story “Exercising caution when processing personal data”

Swiss edu-ID is widely based on SWITCHaai, but there are some fundamental differences to take into account since a Swiss edu-ID is a persistent and user-centered identity. What impact this has on data protection and processing issues is discussed in this new article.

You  find Legal and Data Protection Questions also answered in our FAQ section.

New SWITCH story “Who is liable for the Swiss edu-ID?”

What happens if a Swiss edu-ID account is misused? And if the information used to verify a person’s authorisation proves to have been wrong who is then liable – the service operator, the user or the source of the attribute? Where is the Code of Obligations applicable? Read more about these legal questions in this new SWITCH story.

eID for Switzerland is on the road

Imagine you get a Swiss electronic identity. What should it look like?
Fedpol
asked the Swiss edu-ID team to comment on their concept of a federal eID.

A starting point
In Sweden more than 50% of citizens already have an eID – an identity originally issued by the private sector (as banks) and developed further towards a standardised identity assertion and a more federated approach. Meanwhile, in Switzerland the foundation for a federal electronic identity will now be laid by presenting an eID concept to the Federal Council and then by starting the process to implement it in law.

As e-identities are widely used in Switzerland and also issued by several organisations (SuisseID, MobileID, Swiss edu-ID etc.), in May 2015 the Federal Office of Police (fedpol) started a consultation about the proposed eID concept. SWITCH provided our statement among a group of 68 companies and institutions with expertise in Identity Management. Now the interpretation of the answers and conclusions are available.

Continue reading “eID for Switzerland is on the road”

New SWITCH story: “Empowering Swiss research”

The Swiss edu-ID project is partly funded through the funding programme P-2 of swissuniversities. The project manager of P-2, Roland Dietlicher, shares his views on the achievements and challenges of the funding programme P-2 in the latest SWITCH story. In doing that, he also covers the importance of the academic identity Swiss edu-ID to the success of the P-2 programme.

Less hassle, less effort

The Swiss edu-ID can help with a range of problems. The latest SWITCH story highlights two examples:

  • Swissbib allows to search most of the Swiss libraries and repositories at once. Users can specify favourite libraries, save reading lists, view their search history and much more besides. Since Swiss edu-ID users can keep their account for an unlimited time, they no longer lose account data when their employment or student status changes as is the case with SWITCHaai.
  • Roberto Mazzoni, Head of User Services in the Central IT Department at the University of Zurich, points out specific advantages of the Swiss edu-ID with respect to the current situation with SWITCHaai: It simplifies identity management processes and reduces the risk to create duplications.

Please follow this link to access the SWITCH story.

Could ORCID iD replace the Swiss edu-ID?

Before I bluntly say ‘no!’, let me try to explain why the question arises at all (and why it is reasonable to ask it).

The term ORCID ID actually refers to many things. Technically, it is 1) a unique identifier, 2) a login with a username and password and 3) personal attributes associated with the unique identifier. While I initially thought that the ORCID iD was only an identifier, it turned out that the ORCID community has built an extensive set of additional services over the last few years. Continue reading “Could ORCID iD replace the Swiss edu-ID?”

Testing Alternatives to Shibboleth

The technical functions of a Swiss edu-ID service consist of two main building blocks: access management (AM) and identity management (IdM). Within the SWITCHaai federation, the core of the AM functionalities are provided by Shibboleth, while the IdM-processes are implemented at the universities with a variety of products.

While it is clear that the Swiss edu-ID has to be compatible with SWITCHaai, it is basically an open question on what product stack it should be based. Between November 2014 and January 2015 SWITCH conducted a request for information (RFI) to get an overview of the current AM (and partly IdM) products on the market. In the RFI it turned out, that both Shibboleth and Forgerock/OpenAM are valid candidates to build the AM functions of the Swiss edu-ID framework. Continue reading “Testing Alternatives to Shibboleth”

How to get the Organisation Display Name of an AAI User as “Free” Attribute

Have you ever wanted to show the organisation name of an authenticated AAI user in the web application protected by a Shibboleth Service Provider? For example on an event registration web page in order to see from which organisations users registered or – like in the screenshot below – to show the authenticated user himself with which – of potentially many – AAI account he has logged in?

LoggedInAAIUser

Continue reading “How to get the Organisation Display Name of an AAI User as “Free” Attribute”

Keep your e-portfolio with Swiss edu-ID

An e-portfolio is often a high investment in time and effort. It’s the proof of a students study progress over the years (learning portfolio), a collection of knowledge, files and links, or perhaps a career portfolio containing all information and documents relevant for the CV.

Now it’s possible to keep and further develop an e-portfolio after studies with a Swiss edu-ID. Once the Swiss edu-ID is linked to a valid AAI identity  a user will be able to migrate his/her e-portfolio to SWITCHportfolio (if LEAP2A compatible) and to access it also in the future with his/her Swiss edu-ID.

Read more …

 

How to support Research with AAI

AAI is not only used within Switzerland. As of today there are 44 production and 17 pilot identity federations like AAI known around the world. 34 of the production federations are also part of the interfederation service eduGAIN, which interconnects these federations and allows AAI users of Interfederation-enabled Swiss institutions to access AAI services operated in other eduGAIN federations. Vice versa, AAI services in SWITCHaai (e.g. operated at CERN) now also be easily opened to and accessed by users from other eduGAIN federations.

Using AAI across national borders is in particular useful for research projects whose participants often come from different countries in the world. How research can benefit from eduGAIN and how SWITCH in the context of the GÉANT project is helping research projects to make use of AAI internationally is described in a new SWITCH story called “The recipe for cutting-edge international research“.

AAI & Swiss edu-ID Update Event

Thursday 13 August 2015, Berne

Would you like to know more about the SWITCHaai current state, IdP Clustering, MFA and eduGAIN, or more about how Swiss edu-ID progresses, outcomes, next steps and what pilots are on the way?
Then we would like to invite you to this event with an AAI Update in the morning (10:15 – 12:00)

  • SWITCHaai Status Update
  • IdP Clustering
  • Multi-factor Authentication and Shibboleth IdPv3
  • SP Reverse Proxy Server at ZHAW
  • How the SAMLtrace Firefox add-on can be useful
  • eduGAIN: An Opportunity for Research Collaborations
  • eduGAIN Access Check (also a topic of interest for SWITCHaai?)

followed by a Swiss edu-ID Update in the afternoon (13:15 – 16:15) to inform and discuss about

  • The future of AAI and Swiss edu-ID; Outlook to Swiss edu-ID 2.0
  • Results from the working groups and call for new working groups
  • Swiss edu-ID 1.0: Status
  • Pilot Projects Overview
  • Adoption of OAuth2, OpenID Connect in the Swiss edu-ID.

Details and registration

Business & Governance Model Reports

The final reports of the Business Model and Governance Model Working Groups are available

The Business Model Report describes relevant information and methods to be used for the Business Model as

  • general assumptions
  • IdM market analysis
  • identification of stakeholders
  • general quantity structures
  • description of the value proposition for different stakeholders
  • potential risks
  • outlining of financing options.

Recommendations for the Swiss edu-ID Business Model elaboration and refining:

  • New user groups: increase the user base and number of provided resources are fundamental for success (doubling of user numbers within the next 3 years)
  • Costs: not charge users. A cost-sharing model has to bee agreed with Universities. Third party Service Providers can help to reach a better financing of the service.
  • Transition phase: as early and short as possible in order to limit costs of parallel operation
  • Roadmap: include information about the revenue streams that might shift over the three stages (1: AAI in parallel; 2: AAI replaces; 3: access for additional external services)

Next steps:

  • develop adoption and coinnovation risk maps and a stakeholder risk matrix
  • define appropriate actions and assign to a person or group with a deadline to reduce identified risks
  • describe concrete financing options (including numbers)

The Governance Model Report describes

  • existing governance structure for SWITCH and SWITCHaai
  • new stakeholder groups that may become part of the governance structure
  • how those stakeholder groups could be involved.

Recommendations:

  • use SWITCHaai Governance Model as far as possible and extend it in order to include new stakeholder groups (Continuing Education, University Administration, Alumni-Organisations,  third party Service Providers)
  • involve more topical/stakeholder/working groups (scalability), approach potential stakeholders early and give them a formal “seat” in a committee
  • continue work of Processes working group
  • address business side in continuing education

Next steps:

  • develop joint roadmap for AAI and Swiss edu-ID
  • elaborate communication concept
  • involve new stakeholders in Governance structures