Federated access management – (federated Single-SignOn)

This short video explains in a simple way “federated access management (FAM)” (aka single sign-on). The UK version is called “The UK Access Management Federation” and as a federations is based upon trust between institutions in the issuing and administering of accounts according to agreed protocols. Shiboleth is one such technology that makes all this possible.

Arguably the video negative in tone, it starts off by identifying the obvious problem of multiple, unconnected identities for different services but then plays the ‘fear card’ of reducing identity theft and unauthorised change of identity as being key advantages.

This point may well be correct, although arguably rather than relatively minor matter of having one identity stolen, it raises the possibility of someone being able to access a whole host of personal data on a wide range of services.

Many other countries such as NZ are also developing their own versions of FAM and ultimately a worldwide super federation could be envisaged.

I think there is a fundamental point to be made here about control and how such initiatives link to the Personal Learning Environment agenda. Authentication at any point in time is through the issuing institution which controls access that can be modified or removed totally as the institution wishes. Attributes (e.g., learner, teacher, course registration, etc.) define an identities permission to share particular resources.

Within the federation, information about a user is only held at the institution/organisation to which the user is affiliated. Presumably, this “single central point of identity management” could hold an educational career from primary school through to PhD level study providing all institutions were affiliated to the federation.

So what happens when I am no longer affiliated to an institution, presumably no more access to my e-portfolio, assessments, learning resources, etc. Surely this can’t be what the Dfes, Becat, Jisc really want of the “The UK Access Management Federation”?

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s