Federation
Higher Education and Science IT Shared Service Centre (VPC) acts as an operator of the federation LAIFE (Latvian academic identity federation) – enforces the federation policy and coordinates all the activity, manages member registration, provides support and resolves security incidents.
Federation members are organizations, which have been completed the registration process. Member organizations may run one or more components which release user information or provide services. Dependent on the purpose, there are two types of federation components:
- identity provider – connected to the organization’s user management system, provides authentication and user information
- service provider – provides online services or access to online resources
- User access to multiple applications using just one password – single sign-on.
- Service provider administrators do not have to preserve user’s credentials and implement authentication.
- User authentication is always performed at the home organization, user credenitals are not revealed to the service providers.
- The federation infrastructure implements easy, standards-compliant and secure methods for exchange of user information.
What is eduGAIN
eduGAIN provides an efficient, flexible way for participating federations, and their affiliated users and services, to interconnect
Today, online services are crucial for research and education. Students, teachers, researchers and institution staff rely on them for collaboration through many web services. This can be for e-learning, teaching and conferencing, analyzing and sharing data, accessing journals and libraries, etc. Enabling easy and convenient access to users is a key part of delivering a service. Service providers do not want the headaches associated with issuing passwords to users, and the user does not want yet another password.
With just one trusted identity provided by the user’s institution as part of an identity federation participating in eduGAIN, users can access services from other participating federations. Even better, it works with single sign-on (SSO), so that the user needs to login only once during a browser session.
R&E identity federations are typically deployed on a national level and use different architectures, systems and policies. eduGAIN enables identity federations to interconnect, so that participating institutions and services can collaborate without the need to establish individual bilateral connections.