UK Access Management Federation
for Education and Research
The UK federation is operated by Jisc and provides a single solution to accessing online resources and services for education and research. Here is some information on how it works and its benefits.
Eligible organisations are invited to join the current membership.
Latest news
Shibboleth Service Provider Security Advisory 31st August 2020
Posted on Tuesday, 1 September 2020
A security advisory [1] has been released for the Shibboleth Service Provider involving deployments running on Windows and using the "modern" module for Microsoft IIS V7+. This module contains a flaw that can be triggered remotely, resulting in a potential denial of service condition exploitable by an unauthenticated attacker. Also, a service patch for the Windows distribution of the Service Provider software is now available [2]. This update contains a fix for a bug [3] in the IIS module. Other important information can be found in the release notes which should be reviewed when upgrading [4].
UK Federation Town Hall Week
Posted on Monday, 1 June 2020
We’d hoped to do this in person, but obvious reasons mean we are running virtual UK federation "Town Hall" sessions across a whole week of 8th-13th June (at lunch times 1-2pm), using Zoom. We’ll be covering a variety of topics and plan on the sessions being not entirely didactic. So please come armed with questions. If there is anything you would like to see covered, please email me (mark.williams@jisc.ac.uk) in the next week and we’ll see if we can add it in.
Topics
- Baseline in the UK federation
- CoC, R&S, Sirtfi & other attributes
- Shibboleth health check lessons
- Publisher round table: Ask anything
- SSO & aspects of content piracy
- Delegated authentication
- Readiness for Shibboleth v.4
- VerifID: Commercial Student Verification
- About T&I Consultancy