24 - eduroam IdP as a Service -benefits and operational experiences-

Hideaki Goto, Tomo Niizuma, Hideaki Sone (Tohoku University), Motonori Nakamura (NII)

The poster presents the benefits and operational experiences of our unique centralized eduroam IdP system in Japan together with its recent extensions for service improvements and higher availability. The core system, called “Delegate Authentication System (DEAS),” was put into service in 2008, and we have recently found some new benefits including the guest account support for academic meetings. This presentation is intended to provoke discussions on further improvements, possible new services, and the global rules for guest accounts. (a) Cloud-based Centralized eduroam IdP eduroam JP has grown as a community of 109 institutions. This growth has been assisted by a distinguishing feature of eduroam JP, the Delegate Authentication System (DEAS). About 31% of the members are using the DEAS today, and we have found the system is effective especially for small institutions. We are operating two geographically-separated servers, and the service is tolerant against natural disasters, power blackout, etc. (b) Online sign-up system One operational burden of the DEAS existed in the manual distribution of the accounts. We have developed online sign-up system which can deliver the account directly to each user. The user’s email account is used for the user verification process. (c) Client certificate issuing system for EAP-TLS We have added client certificate issuing system to the DEAS. The end-users can create and download the client certificates on the web. The system is also intended to be used for our disruption-tolerant roaming system (TF-MNM 31). (d) Guest account service eduroam JP has started a pilot service of eduroam guest account support for various academic meetings. The centralized IdP service has been used effectively for providing guest accounts to the participants, especially to non-academic people. To establish eduroam account services world-wide, we need global discussions and consensus on the rules.

