Shibboleth Development and Support Services (SDSS)

Time Period

1 April 2004 - 31 March 2007

Introduction

The programme outlined in JISC Circular 1/04, Call for Projects in Core Middleware signals major commitment to adopt Shibboleth technology, with its specific focus on inter-institutional authorisation, within the JISC and related Information Environments. In particular it provides a framework in which authentication and authorisation can each be resolved within an appropriate and sufficient infrastructure.

Aims and Objectives

The main aim of the present project is to put in place the essential technical components necessary to sustain an initial Shibboleth infrastructure, and thereby provide an environment which will assist other projects supported by the Core Middleware Development Programmes to progress effectively. A secondary outcome is that the experience gained will feed into the requirements and specification of a service infrastructure implementation.

The SDSS project is aimed principally at providing Programme Support, over its three-year lifetime, to satisfy immediate programme requirements and to provide a minimally-sufficient environment to enable the other projects supported by the Programme to make progress. The support activities identified below are intended to offer projects the national infrastructure, in basic form, required to participate in Shibboleth-based activity, and provide them with a live set of Shibboleth target services in the JISC Information Environment (IE), that require an element of institutional-level authorisation. These support activities will include:

• Implement an initial certificate issuing service for Shibboleth agents created by other Core Middleware projects.
• Implement an initial WAYF service for the UK JISC federation.
• Implement Shibboleth access for two or more of EDINA's JISC-sponsored services to provide live target services for other projects.
• Support to other projects in the use of basic Shibboleth Infrastructure. This will include provision of monitoring and report interactions with Institutional-level projects.
• Investigate inter-federation interoperability.
• Maintain a technology watch, including consideration of attribute profiles, attribute mapping, methods of attribute acquisition from Sources of Authority other than the user+s institution, and trust issues.

Project Methodology

The project has two main strands:

• Technical development: The core components listed above will be implemented. These will support a prototype Shibboleth Federation and provide a development framework for other projects in the Programme.
• Desk research: While the technical components are essential for establishment of a Shibboleth infrastructure, they are only part of the overall problem. Many other policy, organisational and trust factors must also be considered. These will be taken forward as part of technology watch activities.

Implications / Deliverables / Stakeholders

As well as addressing its immediate objectives to provide Programme support, SDSS will act as a focus for the longer-term provision of a service quality Shibboleth infrastructure and for the formal establishment of a JISC Core Middleware Federation which is a key goal of the Core Middleware Programmes.