Eduroam: free roaming in Wi-Fi networks

As part of the implementation of the plan of measures to expand the range of services for the education and science of Russia, provided on the basis of the infrastructure of the federal universities' computer network RUNNet, FGAU GNII ITT "Informika" provides for educational organizations the eduroam service.

Eduroam (education roaming) is a service of a safe and free international roaming in Wi-Fi networks for the scientific and educational community, developed by the all-European network consortium GÉANT. Students, teachers and scientists receive free access to the Internet and the resources of scientific and educational networks at universities in Russia and abroad at the campuses of organizations participating in the project eduroam. From portable and mobile devices (having a Wi-Fi module), access is provided by the credentials (login and password) given to the user by his "home" organization.

The service means that the authentication of the user is always made with a RADIUS server of user's "home" organization whichever segment of the distributed eduroam network the user is in. The RADIUS server of the organization that provides Wi-Fi access (in terms of the service it's SP), receives the encrypted request from the user's device and passes it through the hierarchy of RADIUS proxy servers to the RADIUS server of the "home" user organization (in terms of the service it is - IdP), which verifies the correctness of the data provided and decides whether to authenticate the user.

The full user name (login) in accordance with the rules of the service eduroam has the form of <username> @ <domain>. Query routing in the hierarchy of RADIUS servers is performed based on the part of the full user name following the @ symbol (in terms of the service this part is called realm and usually equals to the FQDN of the organization).

At the top of the national hierarchy of the eduroam project is a national level RADIUS server (NLRS) that contains information about all connected organizations and their roles. The Russian NLRS supports the Interdepartmental Supercomputer Center of the Russian Academy of Sciences - a branch of the FSI of the Federal Scientific Center of the Russian Academy of Sciences. Partner of MSC RAS for connecting to the service of educational organizations of the country is FGAU GNII ITT "Informika". To connect users, "Informika" deploys its own federation-level RADIUS server (FLRS).

The eduroam service operates in more than 80 countries around the world, supporting the processes of scientific cooperation, educational mobility and the exchange of more than 15,000 scientific and educational organizations only in Europe. Deployment and use of eduroam on the campus of its university is not only a matter of the prestige of the organization, but also a contribution to the growth of the rating indicators.

Specialists of FGMA SNI ITT "Informika" carried out a complex of technical works on the deployment of the proving ground of the project infrastructure eduroam in the interests of Russian higher education. The accumulated scope of competencies allows specialists to consult and provide technical support to representatives of organizations on the widest range of issues related to the deployment of the eduroam service.

Vasiliy Porkhachev, +7(812) 670-2010 (#2219), This email address is being protected from spambots. You need JavaScript enabled to view it.
Ilya Vasiliev, +7(812) 670-2010 (#2209), This email address is being protected from spambots. You need JavaScript enabled to view it.