Categories
Federated Services T&I Consultancy UK Access Management Federation

The Shibboleth IdP v5 Upgrade is Here

Striving to be a better version of yourself?   The Shibboleth Identity Provider (IdP) has certainly achieved this, now at version 5, surpassing its predecessor, version 4, which will see the end of support from the Shibboleth project in September 2024. Which version are you currently using?   Maintaining an up-to-date Shibboleth IdP is a crucial component […]

Categories
Federated Services Trust, Identity and Access Blogs UK Access Management Federation Uncategorized

FedCM Update January 2024

Introduction Since the Research and Education (R&E) hackathon in February last year, the Federated Credential Management API (FedCM) API has moved to the point where its basic functionality has been included in Google Chrome and most Chromium-based web browsers such as Microsoft Edge. It’s become clearer that the main consumer of FedCM is Google themselves, specifically […]

Categories
Federated Services Trust, Identity and Access Blogs UK Access Management Federation

Federated Credential Manager (FedCM)

  User tracking for digital marketing can violate user privacy on the web. Now that browser vendors are looking to implement methods to stop user tracking, we must ensure these methods do not clobber other frameworks which protect privacy such as Single SignOn through the UK federation, SAML and OpenID Connect.  Problems and mitigations  Digital […]

Categories
Trust, Identity and Access Blogs UK Access Management Federation

Federated SSO: Monopolies for good?

Bear with me while we have a little history lesson. As anyone who has ever used an Inertial Navigation System knows, you can only get to where you want to be, by knowing where you are coming from… Coming of age in the 80’s, I had a few certainties. Liverpool FC always won, C15 blank […]

Categories
Federated Services Trust, Identity and Access Blogs

Federated access: why do I need it?

One of the many impacts of the post-COVID 19 pandemic in the library space was the increase in demand for remote access to electronic resources. This, however, is not enough. For libraries to get better engagement and more resource usage from their patrons, there is also the need for a high-quality user experience, where resources […]

Categories
T&I Consultancy Trust, Identity and Access Blogs

Learning and collaboration depend on trust

Providing seamless access to digital services is a critical part of the IT team’s role in higher education (HE) and further education (FE). When a lecturer struggles to access wifi on a remote campus, or a student can’t work out how to access digital course materials quickly, the result is a barrier to learning and […]

Categories
Trust, Identity and Access Blogs UK Access Management Federation

IdPs move to MDQ

IdP operators: consider using MDQ (metadata query) Configuring your self-hosted IdP to use MDQ (metadata query) has three key benefits: a reduced memory footprint mitigation against a class of disruptive errors as the size of metadata increases robustness against problematic metadata. Half of the IdPs in the UK federation use MDQ already. The UK federation […]

Categories
OpenAthens Trust, Identity and Access Blogs

Student Voice: 8 lessons from the 20/21 digital experience survey

Have you got a stake in online learning at your institution? Looking for ways to develop your students’ digital experiences in 2022? Then look no further!   Here lies a handy wrap-up of Jisc’s Higher Education (HE) and Further Education (FE) student digital insights surveys. Looking at the good, the bad, and the downright ugly.  Survey […]

Categories
T&I Consultancy Trust, Identity and Access Blogs UK Access Management Federation

Cyber Essentials: why keeping your Shibboleth IdP up to date is crucial

A core aspect of Cyber Essentials is keeping your systems up to date. This is true both for operating systems and any installed apps or software, and these must always be kept updated.   Applying these updates is one of the most important things you can do to improve security. It ensures that devices and software are not vulnerable to known […]

Categories
Trust, Identity and Access Blogs UK Access Management Federation

I’m not a number, I’m a pseudonymous identifier…

“Are THEY listening to us?” “Who’s they?” “You know, the phones, the laptops?” And so goes the conversation that I sometimes have with my wife. Perhaps after we’ve had a chat about hiking poles, when every ad on our social media feed then shows hiking poles, despite neither of us having directly Googled them. (Although […]