federated access implementation: experience of auca library - kyrgyzstan 4 th -7 th june, 2008,...

Federated Access implementation:

experience of AUCA Library -

Kyrgyzstan

4th -7th June, 2008,

Aberdeen, Scotland

Sania Battalova,EIFL Country and FOSS Coordinator,

Kyrgyzstan

EIFL General Assembly 2011Minsk, Belarus

Belarus National LibraryJune 26 - 28, 2011

AUCA Background Information

• Former American University in Kyrgyzstan - Founded in 1993 – privet Liberal Arts University

• 11 Degree programs and MBA

• 1,200 students (40% men and 60% women) – undergraduates and graduate from 15 countries

• 125 full-time faculty

• Merged Library/IT Structure

University Library Electronic Resources and Databases – off-campus access

• Electronic books - Ebrary - Subscribed collection of 35,000 titles of electronic books

• Electronic periodicals – more then 15,000 titles at 13 databases

• AUCA digital Library – Open Electronic Repository and the University Documents Archive



University On-line Services:• Off-campus access to AUCA Library Databases

and Archives • Library patrons authentication System • E-course System (Moodle)• E-portfolio System (Mahara)• On-line Registration and Students’ Portal• On-line Evaluation• Students Career Service• Alumni Service System• Discussion Forum (for local needs)



AUCA User’s Authentication System

• Primary authentication source - Active Directory. Every user is assigned an Active Directory account that they must use to

access University services Based on organization units distributed roles for students, employees, guests and administrators.

• RADIUS (Remote Authentication Dial-in-User Service) - allows authentication realization, authorization and registration, by means of using remote access policies (RAP).

• LDAP (Lightweight Directory Access Protocol) - application protocol

for reading and editing directories over IP network - uses for Off-campus access (EZProxy, ePortfolio authentication and for Federal Access).



Why Federated Access in AUCA?

• For our users – only ‘single window’ for authentication to access to all services

• Single Point of access – one Username and Password to access all on-line services

• Once accessed you don’t need to login to all different services

• The services and data may be located outside the University.

• Future Cooperation



University level (AUCA): • For federated authentication and authorization

infrastructure internally

Consortium level (KLIC):• In getting a pilot in Kyrgyzstan Identity

Federation started, • Library consortium resource providers to use

federated authentication and authorization infrastructure

Federated Access: from University to Country level



Federated Access – University Level – AUCA Experience

• Selection of SP (Service Provider ) and IdP (Identity Provider) software

• Selection criteria: MS Windows/Linux, Java/PHP, Shibboleth/simpleSAMLphp

• University IT staff qualification



simpleSAMLphp (http://simplesamlphp.org/) as IdP and SP for AUCA

• Set up simpleSAMLphp (IdP and SP)

• http://login.auca.kg/idp/ - AUCA authorization page created

• For security reasons SSL certificate has been registered - www.startssl.com - free of charge

• Connection between created IdP and AUCA Active Directory

• AUCA Idp and SP connection



http://simplesamlphp.org/

http://login.auca.kg/idp/










http://www.startssl.com/

AUCA authorization web-page (AUCA IdP)



Challenges• New software, no experience

• Time consuming

• Coordination between IT offices – IdP and SP set up and local databases, and the University Authentication rules



Benefits and the Future Plans

• Work experience (Shibboleth and simpleSAMLphp) and trained IT staff

• Promotion Federated Access in AUCA – easy access to on-line service

• Promotion Federated Access among Kyrgyz Libraries Information Consortium (training sessions for IT staff and librarians) – new way of Kyrgyz libraries cooperation

• CAREN



Thank you!

Contact information:

Sania Battalova – [email protected]



mailto:[email protected]

federated access implementation: experience of auca library - kyrgyzstan 4 th -7 th june, 2008,...

Documents

auca library databases

auca easy access

auca active directory

federated authentication

university services

federal access

university online services

eifl country