The eduGAIN service being developed in the GÉANT project, aims to establish a confederation of identity providers, enabling member organisations associated with different federations to seamlessly and securely exchange information as though they were part of the same national identity provider.

There are many different AAI (Authentication and Authorisation Infrastructure) systems in use across Europe, all of which are designed to control access to networks and applications, and ensure the secure movement of information within that network. It is currently necessary for organisations to join one another’s federation in order to establish the relationship necessary to exchange information across these systems.

Federated AAI environments
Different organisations and NRENs use Authentication and Authorisation Infrastructures (AAIs), building a trusted environment where users can be identified electronically using a single identity. These systems usually also contain information about a user's access rights based on attributes characterising their role. Resource owners (Service Providers) advantageously use these federated environments to control access rights of federation participants to the provided resources.

The existence of multiple AAIs makes it technically and administratively difficult for a user to go to a different institution (outside of their own federation) and log on securely. When a user attempts to gain access to protected resources and services from other federations, they must first be successfully authenticated by their home AAI and then authorised by the visited Service Provider.

The aim of eduGAIN (GÉANT Authorisation INfrastructure for the research and education community) is to enable different AAIs to interact seamlessly. The eduGAIN technology involves a translation of protocols between the ones used in local AAIs, as well as a mapping of attributes depending on local definitions. The information needed for locating entities in the different federations is centralised at a "Metadata Service", where it can be dynamically queried and updated.

Why will eduGAIN be so beneficial to the user?
By removing the logistical burden of connecting to foreign networks and dealing with unfamiliar systems, eduroam and eduGAIN allow users to focus on their work, by providing seamless access to the resources they need.