What is Federated Access Management (FAM)? In a nutshell!
Who? A national body called the UK Access Management Federation looks after things, and requires you sign up to a strict contract that assures you are trustworthy, have your organisations approval at a high level and are a recognised educational institution. You can sign up as either an Identity Provider or a Service Provider ... or both. Identity Providers (IdP's) have a directory of users who want access to resources, Service Providers (SP's) have a catalogue of resources and services they want to sell or protect from copyright or intellectual property theft. Trust between the Identity Provider and Service Provider is key and Kent LA is a fully signed up member as an Identity Provider!
Why? Federated Access Management (FAM) allows an organisation managing a directory of users (called an Identity Provider or IdP) to access any copyright protected resources from another organisation (called a Service Provider or SP) without having to remember lots of different logins and passwords. This requires a Service Provider to be able to trust the Identity of a user and their organisation, and that they will manage their users properly, ie deleting users when they leave. Importantly, the system does not pass personal data to the Service Provider because it doesn't need to know; it just needs to know that the user is from an organisation that has paid for a resource or is allowed to access it... although it can if needed!
What? - Its a collection of Open Source SAML compliant software (usually Shibboleth), so its free and very well supported by a UK educational community, BUT setting it up needs some expertise. Setting up an Identity Provider is easier than setting up as a Service Provider. The free software (Shibboleth) is available from Internet2 so play with it!. (SAML Security Assertion Mark-up Language is a secure way of securely moving data around).
How? User logs on to their school's VLE / portal - finds a resource link, e.g. Encyclopedia Britannica - clicks on it - goes to resource without entering another username and password. Without FAM, User logs on to their school's VLE / portal - finds a resource link, e.g. Encyclopedia Brittanica - clicks on it - goes to a login page and enters a different username and password - forgotten password - has to ask teacher for a new password - waits two weeks - gets bored - doesn't learn!
Where? Maintained schools are expected to use the Identity Provider of their Local Authority. Academies and Federations can do it themselves OR use the LA Identity Provider.Any educational institution or organisation in the UK.
When? Available now (free software), but you do have to sign up to some stringent trust requirements.
Links
Great animation explaining it all.
Shibboleth software (Internet2)
UK Access Management Federation