DAMe: Deploying Authorization Mechanisms for Federated Services in the eduroam Architecture. DAMe is a project that builds upon previous TERENA, GN2, Internet2 and University of Murcia work:

  • eduroam, a result of TERENA Mobility Task Force, which defines an inter-NREN roaming architecture.
  • eduGAIN, the AAI interoperation infrastructure designed by GN2 JRA5.
  • Shibboleth, a widely deployed federation mechanism developed by Internet2 and the NSF Middleware Initiative.
  • NAS-SAML, a network access control approach for AAA environments, developed by the University of Murcia, based on the SAML and XACML standards.

This project is motivated by the emergence of federated approaches to resource sharing to provide access to shared resources whith a single identity. Some examples of these approaches are the establishment of academic federations worldwide and the concepts around Grid Computing. Some aspects generally related with integral indentity management are still open, especially those related to user authorization. That is, only allowed users are able to perform the set of allowed actions over each resource.

More Information at http://dame.inf.um.es/