eduroam

eduroam
	EDUcation ROAMing
Formation	2003
Legal status	Confederation
Purpose	International Authentication Infrastructure
Location	Europe;
Region served	Worldwide
Membership	NREN
Official language	English
Parent organization	TERENA
Website	www.eduroam.org

eduroam (education roaming) is a secure international roaming service for users in higher education. The European eduroam confederation (a confederation of autonomous roaming services) is based on a set of defined organisational and technical requirements that each member of the confederation must agree to (by signing the eduroam policy GN2-07-328) and follow.^[1]

History

The eduroam initiative started in 2003 within TERENA's task force TF-Mobility^[2] which demonstrated the feasibility of combining a RADIUS-based infrastructure with IEEE 802.1X technology to provide roaming network access across research and education networks^[3] and was based on the initial federated 802.1X authentication work of the Open1X Group at the University of Utah in 2001.^[4] The initial test was conducted among five institutions located in the Netherlands, Finland, Portugal, Croatia and the UK. Later, other national research and education network organisations in Europe embraced the idea and gradually started joining the infrastructure, which was then called eduroam. Portugal was the first country to have eduroam and national mobility through eduroam available in almost all its institutions when the national government sponsored a project to deploy Wi-Fi networks in early 2003.

It soon gathered consensus outside Europe. The first non-European country to join eduroam was Australia,^[5] in December 2004. eduroam has evolved into a federation of federations (con-federation), where the single federations are run at national level and they all connect to a region. To date there are two confederations: the European and Asia-Pacific (APAN).

Overview

Participating institutions are typically universities and other research and educational organisations. eduroam allows a user belonging to one institution to get network access when visiting another institution. Depending on local policies at the visited institution, the visitor may also have additional resources (for example printers) at their disposal.

The visiting user (to a participating institution) is authenticated using the same credentials (username and password) that they would at their home institution.

RADIUS

eduroam requires participating RADIUS servers to support realms. Within a single institution a user would usually simply be represented by a username and corresponding password for their authentication. By contrast a visitor using eduroam requires a representation of their home institution as 'username@realm', where the 'realm' is usually closely related to the visitor's home DNS name.

The role of the RADIUS hierarchy is to forward a user's credentials to their home institution for authentication. The RADIUS server at a participating institution recognises the '@realm' component and proxies anything non-local to its national top-level RADIUS (NTLR) service, which is normally operated by the National Research and Education Network (NREN) of that country and which has a complete list of the participating eduroam institutions in that country.

For international roaming, a regional top-level RADIUS server is needed in order to roam the users request to the right country.

Not all RADIUS servers are capable of offering the '@realm' eduroam support. For instance, commercial products from some USA-based suppliers, such as Infoblox, lack this capability.

Geographical availability and limitations

Currently eduroam is deployed mainly in Europe^[6] and Asia-Pacific.^[7]

In Europe the top-level RADIUS service (ETLR) is operated by the Dutch NREN (SURFnet) and the Danish NREN (UNI-C).

In Asia-Pacific, the top-level RADIUS service (APTLR) is operated by the Australian NREN (AARNet) and by the University of Hong Kong.

eduroam Europe

The eduroam service in Europe is a confederated service, provided through the collaboration of 36 national-level federations. These involve hundreds of institutions, the majority of which own and operate the service’s infrastructure

Andorra
Armenia
Austria (ACONet)
Belarus (BASNET)
Belgium (BELNET)
Bulgaria (BREN)
Croatia (CARNet)
Cyprus (CYNET)
Czech Republic (CESNET)
Denmark (UNI-C)
Estonia (EENet)
France (RENATER)
Finland (FUNET)
Germany (DFN)
Greece (GRNET)
Hungary (HUNGARNET)
Iceland (RHnet)
Italy (GARR)
Ireland (HEAnet)
Israel (IUCC)
Latvia (LANET)
Lithuania (LITNET)
Luxembourg (RESTENA)
Malta (CSC)
Macedonia (MARNET)
the Netherlands (SURFnet)
Norway (UNINETT)
Poland (PIONIER)
Portugal (FCCN)
Romania (RoEduNet)
Serbia (AMRES)
Slovakia (SANET)
Slovenia (ARNES)
Spain (RedIRIS)
Sweden (SUNET)
Switzerland (SWITCH)
Turkey (ULAKBIM)
UK (JANET(UK))

Federations

Asia-Pacific

Australia (AARNet) - hosts APAN regional eduroam server
China (UESTC)
Hong Kong (Hong Kong Polytechnic University) - hosts APAN regional eduroam server
Japan (NII)
New Zealand
Papua New Guinea
Taiwan (TWAREN)
India (ERNET)

Canada

British Columbia

Alberta

Saskatchewan

University of Saskatchewan

Ontario

Québec

New Brunswick

University of New Brunswick

Newfoundland

Memorial University

USA

Active

Beta

In Progress

Interested

Africa

Work is under way to create an African eduroam confederation. Currently South Africa (under the auspices of TENET) and Kenya (via the Kenya Education Network) are connected to the European root.

References

^ GN2-07-327v2-DS5_1_1-_eduroam_Service_Definition.pdf p5
^ [1]
^ [2]
^ "Utah Geek". Source Forge. Retrieved 2 August 2012.
^ [3]
^ [4]
^ [5]

External links

[1] GN2-07-327v2-DS5_1_1-_eduroam_Service_Definition.pdf p5

[2] [1]

[3] [2]

[4] "Utah Geek". Source Forge. Retrieved 2 August 2012.

[5] [3]

[6] [4]

[7] [5]

[1]