DiepRuR
Keywords:
Hochschule, collaboration, dezentralen Benutzerverwaltung, e-learning, identity management, webbasierte IT-DiensteAbstract
Many Universities already provide a stack of different web-based applications to support their processes in teaching, learning, research and administration. The established authentication and authorization concepts for these services are mostly designed to restrict access to domestic users. To manage the underlying identity date and to increase security and productivity most of these universities operate Identity Management Systems. At the TU Dortmund, as well as at a variety of other universities, the centrally managed identity information is used to gain a university-wide single-signon mechanism across all web-based and non-web-based services and applications for domestic scopes. In addition to the fact that cooperation and collaboration among universities is a favorable and positive trend we also notice a increasing requirement to share domestic services with foreign facilities and their members. The main goal of the DiepRuR project (translated abbreviation for: distributed service portfolio among Universities from Ruhr area) is to share web-based services among foreign facilities and therefore to establish an integrated and federated solution to exchange authentication and authorization information between the participating universities from Ruhr area. In order to reduce the repetitive manual tasks of creating redundant user accounts and to improve the quality of identity information when permitting access for foreign users, web-based services can be federated using the Security Asseration Markup Language (SAML). It offers an extended singlesign-on solution beyond the intranet and is also selected by the German National Research and Education Network (DFN e.V.) as an interoperable non-proprietary technology for their own "Authentication and Authorization Infrastructure" (DFN-AAI). In cooperation with the DFN, the DiepRuR solution is integrated into the DFN-AAI relying on SAML as the backend technology. This solution is therefore an excellent candidate to provide a basis for secured inter-university collaborations in the state of North Rhine-Westphalia, federating web-based services, like learning-management-systems (Moodle), library-management-systems (Aleph by ExLibris, SISIS-Sunrise by OCLC) and so on. One of the major achievement of the project, was to gain an easy access to new and existing webbased services for the members of participating universities from the Ruhr area, using their own local accounts, and to provide an establishment level in form of the DiepRuR federation, which defines a circle of trust for joining Identity and Service Providers. In order to minimize the entry level for new federation members, in the context of deploying required federation software-settings, the DiepRuR solution is designed to support easy applicability for existing components like Service and Identity Providers and offers a wide, open implementation description.Downloads
Published
2014-10-27
Issue
Section
Project reports / Projektberichte