eduroam® is a global service that provides secure roaming connectivity to users at hundreds of participating institutions across Europe, including universities, libraries and research institutes.
With authentication handled by the home institution and authorisation by the visited institution, eduroam also allows academics and researchers from participating institutions to go to any other participating institution and access the network without reconfiguring their laptop or requesting new passwords.
Pioneered by the European Research and Education networking community, eduroam supports European Research and Education by providing:
eduroam for campuses and institutions
eduroam provides a single solution that accommodates the mobile connectivity requirements of institutions, supporting:
The service removes the requirement for visitor accounts, so reducing the administrative and support burden imposed by the ever-growing movement of students and researchers between institutions
eduroam for researchers
For individual students, researchers, visiting specialists and others, eduroam enables:
GÉANT and eduroam in Europe
The European eduroam service is a large-scale collaboration between hundreds of institutions, the majority of which own and operate the service’s infrastructure. The national and international coordination of this infrastructure is undertaken by the National Roaming Operators and a central eduroam Operational Team that is funded by the GÉANT project.
How eduroam works
eduroam allows users from participating institutions secure Internet access at any eduroam-enabled institution. The architecture that enables this is based on a number of technologies and agreements, which together provide the eduroam user experience: "open your laptop and be online".
The basic principle underpinning the security of eduroam is that the authentication of a user is carried out at their home institution using their specific authentication method. The authorisation required to allow access to local network resources is carried out by the visited network, the owner of the resource, based on the authentication response received from the home institution.
A confederated service
To provide this facility, the European eduroam service is a confederated service, built hierarchically. At the top level sits the confederation level service, and this primarily provides the confederation infrastructure required to grant network access to all participating members of the eduroam service at any time. This confederation service is built upon the national roaming services, operated by the national roaming operators (NROs) (in most cases NRENs). National roaming services make use of other entities, for example campuses and regional facilities.
A hierarchical system of RADIUS servers is used to transport the authentication request of a user from the visited institution to their home institution, and the authentication response back. Typically, every institution deploys a RADIUS server, which in turn is connected to a local identity provider. This RADIUS server is connected to a central national RADIUS server, which in turn is connected to a European (or global) RADIUS server.
Currently about 30 European national roaming federations are connected to the eduroam infrastructure. eduroam is also available in Canada, Australia, China, Japan, Taiwan, Hong Kong and New Zealand.
Why will eduroam be so beneficial to the user?
The potential for enhancing education and research is immense. By taking away the logistical hassle of connecting to foreign networks and dealing with unfamiliar systems, eduroam and eduGAIN allow academics to do what they do best – research and educate. The savings in time alone will be immense, but the possibilities for active and enduring academic collaboration between countries and institutions will be invaluable.
Visit the eduroam website for more information about the service and how to get eduroam at your campus or on your laptop.