6 - 8 March, 2019
Birchwood Hotel and OR Tambo Conference Centre, Johannesburg
Identity Management and Federation Workshop 2019
Concepts and Practical Implementations of Identity, Authentication & Federation in Higher Education
Find Out More

About the Identity Management & Federation Workshop

  • What is IMF-2019 About?

    Many institutions are already doing some form of identity management, but often the staff involved in this have no formal understanding of the underlying concepts and theory. This workshop is aimed at institutional identity management staff or directory administrators -- those people responsible for provisioning user accounts. We will start by providing a solid understanding of digital identity and the identity management lifecycle in a vendor-neutral way. This serves as an introduction for those who may be unfamiliar with IdM whilst simultaneously solidifying the theoretical concepts for staff already working in this space. Building on this knowledge, we go on to introduce the concepts of federated identity generically, explore why federation is important to research and education, and look at eduroam and SAFIRE as a specific examples that are relevant in South Africa.

  • Who Should Attend?

    IMF 2019 is targeted at institutional identity management staff or directory administrators - those people responsible for provisioning user accounts at public universities in South Africa.

    In order to benefit fully, attendees should bring their own laptop, and ideally should have some familiarity with LAMP (Linux, Apache, MySQL, PHP) installations.

  • Who is organizing IMF 2019?

    The workshop is funded by the Rural Campuses Connection Project II (RCCPII). The event is co-organised by representatives from the SAFIRE (Guy Halse) and the RCCPII Capacity Development Initiative (Anelda van der Walt).

  • When and where will it be held?

    IMF 2019 will be held from 6 - 8 March, 2019 at Birchwood Hotel and OR Tambo Conference Centre, Johannesburg, South Africa.

  • Who are the Presenters?

    Presenters include Guy Halse (SAFIRE), Donald Coetzee (SAFIRE), and Alex Mwotil (RENU). For more information see the Presenters section.

  • Contact us

    Please get in touch with your questions and suggestions by emailing us.

  • Join
    Us There!

IMF Workshop Format

Presentations

The workshop will include theory of fundamental concepts of identity, authentication, and federation. Examples of where and how federation is currently impacting and benefiting higher education around the world and in South Africa will also be discussed.

Discussions & Hands-on Activities

There will be plenty of opportunity for hands-on practice. Time will be made available to discuss challenges, solutions, and opportunities with colleagues in small groups as well as the bigger group. We also hope to define some terms of reference for keeping the conversations going and for further developing a community of practice after this event.

Networking Opportunities

Funding through RCCPII allows the opportunity to invite one nominated individual from each public university in South Africa to stay stay over at the Birchwood Hotel during the workshop. We encourage you to make use of the opportunity to meet others and build your own network.

Our Facilitators

We are excited to announce our facilitators for the upcoming Identity Management and Federation Workshop:

Facilitators

Name About
Guy Halse Guy Halse is Director: Trust & Identity at TENET, where he manages a suite of trust & identity related services including the South African eduroam national roaming operator, the South African Identity Federation (SAFIRE), and the South African ORCID consortium.
Donald Coetzee Donald Coetzee is a Senior Systems Administrator at TENET, and heavily involved with trust & identity services. He serves as one of SAFIRE's representatives on the eduGAIN steering group.
Alex Mwotil Alex Mwotil is a Senior Systems Engineer at Research and Education Network for Uganda (RENU) and the technical contact for RENU Identity Federation (RIF). He is one of the engineers tasked with setting up RIF and has helped in bootstrapping a couple of institutions to the federation. His other areas of expertise include cloud computing and threat analysis using open source intelligence.

Our Sponsors

We would like to acknowledge the very generous support of the following initiatives, who are helping to make the Identity Management and Federation Workshop 2019 possible:

Rural Campuses Connection Project II The Rural Campuses Connection Project is funded by the South African Department of Higher Education and Training (DHET). The project is managed by Universities South Africa (USAF) and implemented by the Tertiary and Education Research Network (TENET).
SAFIRE: South African Identity Federation The South African Identity Federation (SAFIRE) is the academic trust federation for South Africa.

Identity Management and Federation Workshop Programme

Please note that this is a draft programme and will be updated as we refine the curriculum and facilitators, and may change even during the course of the event. If you have specific questions about the programme, please contact the organisers directly.

Day 1: Identity …

Day Time Description Facilitator
Wednesday 09:00–10:00 Registration & coffee -
Wednesday 10:00–10:15 Opening & welcome

The obligatory housekeeping session: we'll introduce the facilitators and explain how the event will work.

 Guy
Wednesday 10:15–11:00 Session 1: Introductions

We'll go through the room giving each participant an opportunity to tell us who you are, where you come from, what you do, and what your institution is currently doing with (federated) identity. The aim of this icebreaker is to help you get to know each other, and helps the facilitators understand the audience they're presenting to.

 Participants, facilitated by Alex
Wednesday 11:00–11:30 Coffee & networking -
Wednesday 11:30–12:30 Session 2a: Identity & the identity management lifecycle

This session explores identity as a theoretical construct, and introduces the terminology and language we need to understand digital identity.

 Donald
Wednesday 12:30–13:00 Session 2b: Laws of Identity

We'll briefly introduce Kim Cameron's 7 laws.

 Guy
Wednesday 13:00–14:00 Lunch -
Wednesday 14:00–15:30 Session 3: Registries

This session explores the concept of person and group registries, why we need them, and how to implement them. It will take a particular slant towards solutions that can be used both for organisational IdM and for managing virtual collaborations of the type that are increasingly common in inter-institutional research groups.

 Guy
Wednesday 15:30–16:00 Coffee & networking -
Wednesday 16:00–17:00 Session 4: Exercise: Silos v2

Not just places to store grain…

 Guy, Alex & Donald

Day 2: … Federation …

Day Time Description Facilitator
Thursday 07:30–08:30 Breakfast -
Thursday 8:30–10:30 Session 5a: Federation concepts, architectures and role players

Once we've introduced the concept of an identity federation, we'll look at the different ways federations are built, how the federation trust model works, and what makes an academic identity federation.

 Alex & Donald
Thursday 10:30–11:00 Session 5d: eduroam as a federation

We'll explore how eduroam works "under the hood" and use this to reinforce some of the federation concepts introduced earlier in the session.

 Guy
Thursday 10:30–11:00 Coffee & networking -
Thursday 11:00–12:30 Session 6: SAML & SAML federations

Expanding on the morning sessions, we'll deep-dive into SAML and its use in academic federation. In particular, we'll look at the flavour of SAML used by the research and education community, which differs from some commercial implementations (notably ADFS).

 Alex
Thursday 12:30–13:30 Lunch -
Thursday 13:30–14:30 Session 7a: Exercise: SAML traces & debugging

Now you know what SAML is, it'd be really useful to know what to do when it goes wrong ;-)

 Guy
Thursday 14:30–15:00 Session 7b: eduPerson(Scoped)Affiliation

Why affiliation is important in academic federation and what this eduPersonAffiliation thing actually means, and why implementing it right™ is harder than people think.

 Guy
Thursday 15:00–15:30 Coffee & networking -
Thursday 15:30–17:00 Session 8: Exercise: SimpleSAMLphp as an identity provider

Armed with a conceptual background, we'll jump into building our own identity providers using SimpleSAMLphp. NB: Some knowledge of LAMP installations is required for this exercise.

 Donald

Day 3: … in South Africa.

Day Time Description Facilitator
Friday 07:30–08:30 Breakfast -
Friday 08:30–09:15 Session 9a: Joining eduroam; eduroam best practices

The how and what of eduroam in South Africa.

 Guy
Friday 09:15–10:00 Session 9b: Joining SAFIRE; SAFIRE best practices

The how and what of the South African Identity Federation.

 Donald
Friday 10:00–10:30 Session 9c: Exercise: Shibboleth Native SP

We'll have a quick look at the service provider and discovery service installed in the lab environment.

 Guy
Friday 10:30–11:00 Coffee & networking -
Friday 11:00–12:30 Session 10: Panel

An open closing session, where you get a chance to ask us to expand on anything that still doesn't make sense.

 Guy, Alex & Donald
Friday 12:30–13:00 Wrap up

All the loose ends before you go home.

 TBC
Friday 13:00 Packed lunches & departure -

Event Registration

Please register using the links below. Contact the organisers if you are unsure of which category you should register for.

Type What's included Closing date Cost Register
Nominated Participants funded through RCCPII Full registration
  • Access to 2.5-day workshop
  • Refreshments during coffee breaks and light lunch on both days
  • Accommodation on a dinner, bed & breakfast basis at Birchwood Hotel from 5 - 8 March 2019
 8 February 2019 Free (Responsible for own travel costs & No-show fee applies) Register here
Nominated Participants funded through their Institutions Full registration
  • Access to 2.5-day workshop
  • Refreshments during coffee breaks and light lunch on both days
 8 February 2019 Free (Responsible for own travel and accommodation costs & No-show fee applies) Register here

Accommodation Options for IMF 2019

Accommodation has been arranged at a special rate at the Birchwood Hotel which is on the same premises as the workshop venue. Please contact us to assist with your booking should you be responsible for funding your own accommodation.

If you have been nominated by your institution to attend, please indicate this on your registration form. Accommodation for one nominee per institution will be funded by the RCCPII grant. For more information, please get in touch with the organisers.

Birchwood Hotel and OR Tambo Conference Centre

The Birchwood Hotel and OR Tambo Conference Centre is located only minutes from OR Tambo International Airport, within walking distance to a variety of shopping precincts and is close to restaurants and recreational facilities..

Birchwood Hotel and OR Tambo Conference Centre
14 View Point Rd, Bardene, Boksburg, 1456

Contact Us

IMF 2019 Contacts

The following people are the lead organisers and can be contacted directly:

General Inquiries