Why TIGERfed Identity Federation?

TIGERfed is being set-up as a centralized organization to coordinate with member institutions in the process of implementation of user authentication and access management distributed across participating institutions using standardized rules and metadata for exchanging attributes.

The TIGERfed federation (TIGERfed) manages the trust between all the member institutions including identity providers and service providers as well as publishers and other institutions. TIGERfed can host servers for their member institutions BdREN data Centre in case member colleges or universities do not have their own identity provider service. As such, when a user wants to access a subscribed resource, he / she is directed to log-in on to the Identity Provider Service (IDP) at the TIGERfed. The IDP at the TIGERfed, in turn, authenticate the users and pass requisite attributes about him / her to the Service Provider using associated user's database of institutions.Then, the Service Provider receives all necessary user attributes from the TIGERfed’s Identity Provider Service which it trusts. Attributes passed on by the IDP determines level of access a user gets from the Service Provider.

Major role of the federation includes the improvement of federation, attending community, provide support to member institutions in the process of creation and maintenance of their identity management system, and to manage their identity, processing of participant metadata, overseeing operations of Shibboleth Service platforms.

Shibboleth access management model is actually designed to run in a federated mode where individual participating institutions are required to run their own Identity Provider Services for users. A formal federation is required as trusted interface between the institutions as Identity provider (IdP) and publishers as service providers to ensure use of uniform standards and protocols.