As scientific activity, data and equipment is enabled by information technology such as high speed networks, video conferencing, grid computing and shared databases, the remoteness of New Zealand is no longer a barrier to participation for New Zealand scientists and students.
As types of scientific experiments performed and information captured become sensitive, the need for verified and managed identity to access then becomes important. Overseas research networks are actively establishing identity federations to address these issues and so are we here in New Zealand with formation of Tuakiri, New Zealand Access Federation.
In the educational and research sectors, the technical infrastructure of these identity federations is based on the SAML standard, and commonly the Shibboleth implementation of this standard. Components of this technology include:
A core driver of federated identity and access management (IAM) in a NZ context is the fact that cross-institutional collaboration is a growing feature of the research sector. Therefore the vision behind the establishment of a New Zealand Access Federation is to allow member organisations’ scientists, students and staff to easily participate within national, Australasian and international activities in a seamless and secure manner.
IAM is concerned with making sure that approved users have appropriate access to online resources. Currently most organisations are moving towards providing their users with a single sign-on service that provides access to organisational resources, using a common authentication service and a set of user attributes for determining the level of access to these resources.
Tuakiri has been developed to allow authentication and passing user attributes across organisational boundaries. This greatly simplifies access for the user and provides an infrastructure that promotes better security of access to the resources.
Instead of having to set up individual access arrangements for each new resource or service, the services and resources are developed with a standard interface. In summary, the goals of Tuakiri are:
Without federated access, the following issues will persist:
If you require or would like assistance with implementing an Identity Provider or Service Provider, then please contact us at firstname.lastname@example.org.
We also have resources that you can access to help progress your own IAM initiatives.