Service-Oriented Federated Authorization

The focus of this project pertains to meeting the challenges associated with authorization in distributed contexts.  In many academic organisations there is often a need to integrate centralised systems with other systems based in departments or other administrative units.  While issues of technology mismatches and data heterogeneity may be overcome via the application of open standards, there may still be issues of interoperability to overcome with respect to authorization: different access control approaches may be used throughout the institution—making it virtually impossible to construct a global view of “who can see what”.

We are building upon previous experience to develop a system that allows institutions not only to aggregate data from disparate data sources in a secure fashion, but also to link such sources without a reliance on a single authorization mechanism.  Specifically, we will extend the sif (service-oriented interoperability framework) middleware framework, which was developed within the TSB-funded GIMI (Generic Infrastructure for Medical Informatics) project.  While the short-term beneficiaries of the work will be administrators associated with the University of Oxford, in the medium-term others within the JISC community stand to benefit from the work of this project.