EduGAIN

eduGAIN
PurposeInternational interfederation service
Region served
Worldwide
Websitewww.edugain.org/technical/

eduGAIN is an international interfederation service interconnecting research and education identity federations. It enables the secure exchange of information related to identity, authentication and authorization between participating federations. The service is managed by a team led by TERENA. eduGAIN® is a registered trademark of DANTE.

Service description

The eduGAIN service enables participating federations, which primarily serve the authentication and authorisation interests of research and education sectors, to interfederate. eduGAIN provides an infrastructure for establishing trusted communications between identity providers and service providers in different participating federations. End-users authenticate at identity providers and obtain access to service providers. Technically, eduGAIN is managed by aggregating and distributing signed SAML 2.0 metadata files.

To join eduGAIN, the parent organisation of a federation must sign the eduGAIN policy declaration[1] and submit it to the TERENA Secretariat for the attention of the eduGAIN Operations Team. The Operations Team deals with daily technical issues in the eduGAIN service provision, receives enquiries about eduGAIN and forwards them to the appropriate body, receives and processes applications from federations to join the service, prepares and publishes a federation operational practice statement for the eduGAIN interfederation service, and prepares an audit plan for the eduGAIN operational practices on the request of the eduGAIN Steering Group.

History

The eduGAIN initiative started as a research activity in the project GN2[2] (2004-2009) co-funded by the European Union, which also provided the funding for the GÉANT network. The eduGAIN service activity[3][4] that was started in the successor project GN3[5] (2009-2013), built upon the eduGAIN that was developed in the GN2 project, but was different.[6] On 1 April 2011, eduGAIN became an operational service.[7][8]

In 2012, the eduGAIN service started to reach beyond Europe, with the Canadian and Brazilian federations joining the service.[9] In the same year TERENA took up the leadership of the eduGAIN service activity. From April 2013, funding of the service was continued as part of the GN3plus project.[10]

Governance

The eduGAIN Steering Group consists of one representative and one deputy representative of each of the federations participating in the service.[11] The Steering Group approves the profiles and documents in the eduGAIN policy framework and their updates, decides about peering relationships, approves the participation of new federations, decides about the disqualification or temporary suspension of participating federations in case of violation of the policy framework, accepts or amends the plan for audits of eduGAIN operations, appoints the Steering Group chair and non-voting invited observers to the Steering Group, and appoints the Operational Team.

Certain decisions of the Steering Group need to be ratified by the eduGAIN Executive Committee, namely changes to the eduGAIN policy framework constitution, the adoption of new technical profiles and other documents in the policy framework that may exclude participating federations from participation in the eduGAIN service, and the approval of major updates to the profiles and documents in the eduGAIN policy framework that are likely to affect any participating federation’s participation in the eduGAIN service.[11] The role of the eduGAIN Executive Committee has been entrusted to the Executive Board of the GN3plus project (April 2013–March 2015).[10]

Geographical deployment

Thirty national research and education federations have been officially admitted as participants in eduGAIN. The corresponding countries are listed below, with the name of their federation and its parent organisation.

Europe

  • Albania - ALBANIAN ACADEMIC NETWORK (RASH)
  • Austria - ACOnet Identity Federation (University of Vienna/ACOnet)
  • Belgium - Belnet R&E Federation (Belnet)
  • Croatia - AAI@EduHr (University of Zagreb - University Computing Centre)
  • Czech Republic - eduID.cz (CESNET)
  • Denmark - Where Are You From WAYF (DeIC)
  • Estonia - Eesti haridus- ja teadusasutustevahelise autentimise ja autoriseerimise taristu TAAT (EENet)
  • Finland - Haka Federation (CSC)
  • France - Fédération Éducation-Recherche (RENATER)
  • Germany - DFN-AAI (DFN)
  • Greece - GRNET Federation Authentication and authorization infrastructure (GRNET)
  • Hungary - eduID.hu (NIIFI)
  • Ireland - Edugate (HEAnet)
  • Italy - IDEM GARR AAI (GARR)
  • Latvia - Latvian Academic Identity Federation LAIFE (LAIFE)
  • Lithuania - Litnet FEDI (Litnet)
  • Moldova, Republic of - LEAF (RENAM)
  • Netherlands - SURFconext (SURFnet)
  • Norway - Felles Elektronisk Identitet Feide (UNINETT)
  • Poland - Polish Identity Federation PIONIER.Id (PSNC)
  • Romania - Agenţia de Administrare a Reţelei Naţionale pentru Educaţie şi Cercetare RoEduNetID (RoEduNet)
  • Portugal - RCTSaai (FCCN)
  • Slovenia - ArnesAAI (ARNES)
  • Spain - Servidor de Identidad de RedIRIS SIR (RedIRIS)
  • Sweden - Swedish Academic Identity SWAMID (SUNET)
  • Switzerland - SWITCHaai (SWITCH)
  • Turkey - YETKİM (ULAKBIM)
  • United Kingdom - UK Access Management Federation for Education and Research (Janet)

Asia-Pacific

  • Australia - Australian Access Federation AAF (Australian Access Federation Inc.)
  • China Mainland - CERNET Authentication and Resource Sharing Infrastructure (CARSI)
  • China Mainland - China Science & Technology Cloud
  • Hong Kong - Hong Kong Access Federation HKAF (Joint Universities Computer Centre Ltd.)
  • Japan - Japanese Academic Access Management Federation GakuNin (GakuNin)
  • Korea - Korean Access Federation KAFE (KAFE)
  • Malaysia - SIFULAN Malaysian Access Federation (SIFULAN)
  • New Zealand - Tuakiri, New Zealand Access Federation (Tuakiri, New Zealand Access Federation, Inc.)
  • Oman - Oman Research and Education Network (OMREN)

North America

Latin America

  • Brazil - Comunidade Acadêmica Federada CAFe (RNP)
  • Chile - Comunidad Federada REUNA COFRe (REUNA)

Africa

  • South Africa - South African Identity Federation SAFIRE (TENET)

References

  1. ^ Mikael Linden; Andrew Cormack; Shannon Milsom; Brook Schofield (2013). eduGAIN Policy Framework Policy Declaration (PDF). DANTE. Archived from the original (PDF) on 2 December 2013. Retrieved 16 November 2013.
  2. ^ "Multi-gigabit European academic network (GN2)". 1 September 2004. Archived from the original on 27 September 2013. Retrieved 12 November 2013.
  3. ^ Carol de Groot; Laura Durnford; Karel Vietsch (2010). TERENA Annual Report 2009 (PDF). TERENA. p. 30.
  4. ^ Laura Durnford; Karel Vietsch (2011). TERENA Annual Report 2010 (PDF). TERENA. p. 35.
  5. ^ "Multi-gigabit european research and education network and associated services (GN3)". 1 April 2009. Archived from the original on 17 April 2012. Retrieved 20 November 2013.
  6. ^ Valter Nordh (2011). Introduction to eduGAIN. Presentation at eduGAIN Federation Operator Training in Vienna (PDF). TERENA. Retrieved 20 November 2013.
  7. ^ Lukas Hämmerle (2011). Trimming your AAI Federation fit for eduGAIN… technically. Presentation at TERENA Networking Conference 2011 in Prague. SWITCH. Retrieved 20 November 2013.
  8. ^ Laura Durnford and Karel Vietsch (2012). TERENA Annual Report 2011 (PDF). TERENA. p. 37.
  9. ^ "eduGAIN - enabling easier access to resources". Connect Magazine. 10: 10. 2013. Retrieved 15 November 2013.
  10. ^ a b "Multi-Gigabit European Research and Education Network and Associated Services (GN3PLUS)". 1 April 2013. Retrieved 15 November 2013.
  11. ^ a b Mikael Linden; Brook Schofield; Shannon Milsom (2013). eduGAIN Policy Framework Constitution (PDF). DANTE. pp. 6–7. Archived from the original (PDF) on 2 December 2013. Retrieved 15 November 2013.