Introducing Jisc's new managed identity provider service
1. Birds of a feather:
Introducing Liberate
Josh Howlett, Head of trust and identity, Jisc
Simon Cooper,Trust and identity services group manager, Jisc
2. Goals
»Explain what the service is
»Describe the tariff
»Timelines
»Q&A and discussion
13/04/2017 Introducing Liberate
3. Background
» Today Jisc offers three access
management solutions
› UKAccess Management Federation
– Web-based content and services
› eduroam (UK)
– Wi-Fi networks
› Assent
– Research e-Infrastructure and other
non-web services
13/04/2017 Introducing Liberate
4. Background
» Today, institutions must integrate their
systems with these services separately
» This integration can
› Require a significant amount of
staff effort
› Cost money, if buying a solution
› Add to the overall complexity of delivery
13/04/2017 Introducing Liberate
5. Liberate: as easy as…
1. Liberate reduces the cost and
complexity of adopting and using
these services
2. Liberate provides institutions with a
single point to
› Integrate these services with their
identity management systems
› Configure and manage their use of
these services
› Monitor and report on service use
3. Liberate is a cloud-based platform,
developed and operated by Jisc
13/04/2017 Introducing Liberate
7. Five steps to adopting the service
»Tell us which components you want to subscribe to
»Deploy the providedVPNVM image; or your own OpenVPN
endpoint if you prefer (support available)
»Connect Liberate to yourActive Directory, or other LDAP directory,
using the Service Portal (support available)
»Configure attribute definitions and authorisation policies using the
Service Portal (support available)
»Enjoy! If you have any issues, support is available
13/04/2017 Introducing Liberate
8. Features, advantages, and benefits
13/04/2017 Introducing Liberate
Feature Advantage Benefit
A competitive tariff Reduce the cost of provision Drive organisational cost efficiencies
SupportsAMF, eduroam,
andAssent
A single solution for provisioning access
to these services
Lowers the barrier to adopting these
services
Simple integration with
MicrosoftActive Directory
and other LDAP directories
Allows use of an organisation’s existing
identity management system
Avoids duplication of configuration and
management effort
An end-to-end solution No complex integration issues Quick and easy to adopt and start using
Connected to Jisc’s network,
Janet, and hosted on AWS
Scalable and secure Peace of mind
Extended office hours’
technical support
Help from the experts when you need it Ensure a reliable service for your users
Designed and operated by
the world-leaders
The service has the capabilities and
reliability that you and your users need
Fit for purpose, today and tomorrow
10. Timeline
13/04/2017 Introducing Liberate
1.Today
» On-going Pilot with nine
UK Public Libraries active
2. From now until July
» Development and testing continuing
» Solicit interest from institutions in
participating in the Pilot and Beta
3. From early July
» Launch of Beta service
» UKAMF and Proxy
components only
» Available at no cost
4. Early September
» Launch of Production service
» Tariff applicable
» eduroam and Assent components
available towards end of Q3
11. Q&A and discussion
»Is it an attractive offer?
»What barriers do you see to adoption?
»How can we improve it?
› MFA, Kerberos, OIDC, etc.
»Would you like to see a demo?
»Any questions, or want to join the Pilot or Beta?
› liberate@jisc.ac.uk
13/04/2017 Introducing Liberate
12. jisc.ac.uk
Thank you for your attention
Josh Howlett
Head, trust and identity
Josh.Howlett@Jisc.ac.uk
13/04/2017 Introducing Liberate