eduroam policies - PowerPoint PPT Presentation

1 / 12
About This Presentation
Title:

eduroam policies

Description:

A few lines of code in existing RADIUS server ... Clear demarcation lines of responsibility. Defined processes for faults, support, security etc. ... – PowerPoint PPT presentation

Number of Views:103
Avg rating:3.0/5.0
Slides: 13
Provided by: chris781
Category:

less

Transcript and Presenter's Notes

Title: eduroam policies


1
eduroam policies
  • Wireless Roaming for Education and Research

2
contents
  • eduroam overview
  • Why policy is needed?
  • Overview of the policy drafts
  • Feedback received to date
  • Other policy issues to consider
  • Next steps

3
eduroam overview
  • Network of NRENs provisioning secure visitor
    network access on
  • federated authentication
  • remote authorisation
  • Scalable
  • RADIUS hierarchies/national gateways
  • LDAP backend authentication
  • Minimal effort
  • A few lines of code in existing RADIUS server
  • WinXP SP2 MAC OS have clients that support
    eduroam spec

4
Why policy
  • Infrastructure
  • Maximise interoperability (organisation,
    national, international)
  • Minimise risk time to fix faults or security
    incidents.
  • Security
  • To protect trust between participating
    institutions.
  • To securely transfer of user credentials across
    heterogeneous networks.
  • To securely access and make use of authorised
    network access.
  • Production level services for increased take up
  • Eduroam coverage maps
  • Clear demarcation lines of responsibility.
  • Defined processes for faults, support, security
    etc.
  • To develop inter-NREN links via federal or
    bi-lateral technical and policy agreements

5
eduroam coverage portals
6
Overview of the policy drafts
  • Eduroam policy
  • Set of high level principles
  • Operational policies (underpin principles)
  • Base service policy
  • Service implementation requirements.
  • Security Policy
  • Minimum security standards.
  • Inter-organisation access policy
  • Roles, responsibilities, procedures, etc.

7
Feedback
  • User issues
  • State all activity monitored to users (privacy?)
  • State that users are responsible for keeping
    systems patched with up to date anti-virus and
    firewall
  • Recommendations
  • Use Intrusion Detection Systems on eduroam
  • Use Quarantine Virtual LANs to check users
    patches, anti-virus, are up to date before
    granted network access.

8
Feedback (continued)
  • Seek clarification on
  • Access to test accounts?
  • Posting of non-transparent proxy documentation?
  • Specify
  • Eduroam service provider procedures who/how
    undertaken?
  • federation (definition and scope).
  • security for authorised network access.
  • Description of the roles - who is going to
    comply, monitor and enforce (role,
    responsibilities expectations).
  • Better descriptions of best effort, rules
    and service level guidelines, access,
    wireless etc can be simply stated

9
Other policy issues to consider
  • Routing Traffic
  • On net versus Off-net.
  • Charging implications.
  • Service Management Issues
  • Policy compliance monitoring - should be more
    defined.
  • Policy enforcement (institution / country level).
  • Security, fraud abuse handling.
  • Monitoring activities versus user privacy does
    it complies with the NSW Surveillance Act 2005?
  • Age limits on access
  • No filtering exists on authz network access
  • should there be an age limit set by those issuing
    eduroam accounts?

10
Next steps
  • QRNO
  • Identify/appoint an eduroam champion
  • Set up a regional working group (within QRNO
    TAC?) but using the core er-partiicpants and
    er-policy mailing lists
  • Utilise technical support available from Chris
    Myers
  • Develop technical project plan and implement.
  • Develop PR/Marketing to raise eduroam awareness.
  • Implement eduroam policy
  • Encourage eduroam participants to set up eduroam
    web pages so users are able to find eduroam
    coverage areas and local information.
  • eduroam policy
  • Gather feedback from QRNO today and AAC soon
  • Create version 2 policy docs
  • Update policies on www.eduroam.edu.au website for
    comment
  • Present version 2 to CAUDIT
  • CAUDIT to feedback
  • CAUDIT to endorse

11
eduroam Links
  • Eduroam AU Site
  • http//www.eduroam.edu.au
  • Eduroam Global Working Group
  • http//www.eduroam.edu.au/gwg-eduroam
  • Global working group email list
  • gwg-eduroam_at_eduroam.edu.au
  • Email Enquiries
  • enquiries_at_eduroam.edu.au
  • join_at_eduroam.au

12
Joining eduroam
  • Thankyou
  • Please Join eduroam
  • http//www.eduroam.org
  • http//www.eduroam.edu.au
  • Acknowledgments (those who provided feedback)
  • TF-Mobility, CSIRO, Grangenet AARNet
  • TECH chris.myers_at_grangenet.net
  • Policy james.sankar_at_aarnet.edu.au
Write a Comment
User Comments (0)
About PowerShow.com