Technologies
The ACOnet Identity Federation utilizes the following technologies, as further specified in the corresponding technology profiles:
eduID
eduID is an Authentication and Authorization Infrastructure (AAI), based on SAML 2.0. For details see the "SAML WebSSO Technology Profile":
A federation allows service providers (such as libraries, databases, etc.) to grant users from other "federated" organizations access to their services, without having to manage user-IDs, usernames and associated passwords locally. Enabling access is based on a formal contractual relationship. The necessary access credentials are exchanged within a cryptographically protected environment.
eduroam
eduroam is an Authentication and Authorization Infrastructure (AAI) based on RADIUS or RadSEC. For details see the "eduroam Technology Profile":
This infrastructure allows users from participating institutions access to the network (usually WiFi) at the locations of other participating organizations, using their home organisation's credentials. The administrative overhead required for this capability is minimal. Depending on local policies at the visited institution, eduroam participants may also have additional resources at their disposal.
Further information may be found at our eduroam webpage.
Technical Details
The eduID.at Wiki provides additional documentation, background information and experiences with federated Identity Management; in particular regarding Shibboleth and Web Single Sign-on (WebSSO). Furthermore, you are invited to subscribe the eduid-discuss mailing list.
More information describing the ACOnet Identity Federation, and also the federations of other NRENs, can be found on the REFEDS website.