Error!

Spaces has been migrated to the cloud. Please go to https://ucla-confluence.atlassian.net to update your space/s.

IT Services has migrated the content of spaces.ais.ucla.edu to Atlassian Confluence Cloud. Please visit https://ucla-confluence.atlassian.net to update your space/s. Spaces.ais.ucla.edu is now in read-only mode through July 31st, 2024
UCTrust Workgroup
Child pages
  • UCTrust Wireless Project
14 more child pages

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

UCTrust Wireless Project

This wiki space is for internal communication among the participants in UC's project to federate authentication to its campus wireless networks.

Background

As an outcome of the February, 2010 ITLC meeting, the Communications Planning Group (CPG) was asked to work with the UCTrust Work Group to prepare a recommendation report to evaluate the viability, risks, and  cost at an institutional level for a common Wireless authentication  and access methodology to allow any member of the UC community to use  the wireless networks of any other UC entity without need to creation  of guest or visitor account status.     Suggestion is to specifically  investigate the use of InCommon/UC Trust and or Eduroam as an  authentication mechanism.   This would be in addition to, no  necessarily as a replacement of, current authorization services.   Objective would be to have a minimum of four participating UC entities  by fall 2010.

This project was discussed in the CPG's May, 2010 meeting, and it was agreed to take the following approach:

  • We observed that most (all?) campuses have two wireless networks.  One is encrypted and authenticates with 802.1x, and the other is not encrypted and authenticates via a web portal.  Guests might use either, but generally would use the unencrypted network.
  • UCTrust currently supports Shibboleth for implementing federated access to services.  While there has been a little work in using Shibboleth for non-web applications, it is primarily designed for web applications.
  • There is a project called eduRoam in Europe that federates 802.1x access, and that is starting to expand into the US.
  • We agreed that federating our web portals with Shibboleth is the best first step.  We will track eduRoam progress in the US and plan to federate access to our encrypted networks when it seems appropriate to do so.  UCD, UCLA, UCB, UCR, and UCSC agreed to be the initial campuses to do this.

Meetings

  • Tuesday, June 22, 2010, conference call [Agenda]

Membership

  • Robert Cartelli, UCSC
  • Dedra Chamberlin, UCB
  • Bob Grant, UCR
  • Russ Harvey, UCR
  • Stephen Hock, UCR
  • Erik Klavon, UCLA
  • Gabe Lawrence, UCSD
  • ken lindahl, UCB
  • Dave Parsons, UCLA
  • Mark Redican, UCD
  • Andrew Tristan, UCR
  • Mike Van Norman, UCLA
  • David Walker, UCD, convener
  • Albert Wu, UCLA
  • No labels