eduroam Review

​

Sara Jeanes

Brett Bieber

February 3rd, 2025

internet2.edu

1. Level set
2. Who is the eduroam Advisory Committee?
3. What we’re paying attention to today
4. What we’re paying attention to in 2025+

[ 2 ]

Current state of eduroam US

[ 3 ]

What is eduroam?

​

• Federated authentication service for global wireless access for the research and education community

​

• Participating institutions provide access to their wireless networks to users from other eduroam connected institutions.

​

• Users are authenticated by their home institutions.

[ 4 ]

What is eduroam?

• Created by and for education community
• Over 106 nations are part of the global eduroam community
• National Roaming Operators (NROs) manage the service in their country, cooperate internationally
• NROs ensure eduroam is secure and effective at home and across the world. Internet2 is the NRO for the US
• eduroam globally is overseen by the Global eduroam Governance Committee (GeGC), homed out of GEANT

[ 5 ]

eduroam service Portfolio - our two services

​

(2) K12, Museums, and Libraries

​

• Delivered by state-based eduroam Support Organizations (eSO)
• Internet2 supports the eSOs in their deployments

1. Higher Education & Research [classic]

​

• Delivered directly by InCommon Team at Internet2

Internet2/InCommon provides the underlying trust, security, and routing for both services

| 6

Current subscribers to eduroam Higher education and Research [classic] and eduroam Support Organization [K12] services

• 1,174 direct subscribers

​

• 349 K12s, libraries, museums, and hotspots via the eduroam Support Organization Program

​

• 3,453 service locations in the US (second highest in the world)

​

[ 7 ]

eduroam Support Organization subscribers

2020

2021

2022

2023

2024

| 8

eduroam is Growing! - overall growth on national infrastructure

• Increasing number of devices being deployed, driving increase in authentications

​

• More hotspots = fewer local authentications, more load on national infrastructure

​

• eduroam Support Organizations driving the largest increases in traffic

[ 9 ]

eduroam is Growing! - projecting the rapid expansion generated from eSO subscribers’ K12 locations and user devices

• In 2020, the eduroam team scaled ‘for the next 1000 subscribers’. This round of growth is activating the next phase of scaling eduroam.�
• eSOs subscribers are driving more traffic onto national infrastructure
• Practice of deploying central IdP with schools acting as hotspots. Little local authentication, lots of traffic sent to the national level
• Heavy HE use of eSO hotspots as well

​

• Under current model, by 2030 eSO subscribers are projected to make up 75% of all authentications (but only account for 33% of all users)

​

SJ last slide

[ 10 ]

Who is the eduroam Advisory Committee?

BB first slide

[ 11 ]

Current State of eduroam - eduroam Advisory Committee—est. 2019

Representation:

• Higher Ed, K12, eduroam Support Organizations
• Private industry and international NRENS
• Vice-Chair Jeff Egly to retire in March 2025

​

Four Working Groups:

• Cloud Infrastructure working group
• eduroam Baseline Expectations working group
• “From the Desk of the eAC” working group
• Mobility Day 2024 planning group (on hiatus)

Artifacts:

• eAC Charter
• eAC Minutes

Chair & Vice-Chair

Brett Bieber - University of Nebraska [eSO]

Jeff Egly - UETN (Utah Education and Telehealth Network) [eSO]

​

Members:

Kendra Ard - California State University Office of the Chancellor

Dion Baird - University IT, Oregon State University

John Buysse - University of Notre Dame

Amel Caldwell - University of Washington [eSO]

Mike Dickson - University of Massachusetts Amherst

Derek Eiler - Nevada System of Higher Education [eSO]

Nadim El-Khoury - Springfield College

Rob Gorrell - University of North Carolina at Chapel Hill

Michael Hacker - University Heights Charter School District

Saira Hasnain - University of Florida

Jeremy Livingston - Stevens Institute of Technology

​

Subject Matter Experts (non-voting):

Tim Cappalli - Okta

Josh Howlett - Federated Solutions

Tom Rixom - SecureW2

Stefan Winter - Restena and Network Security Proliferation UG

​

13�members

4

SMEs

[ 12 ]

This is what we are paying attention to today

[ 13 ]

Consideration - rapid expansion of K12 locations and user devices

• Increasing number of devices being deployed

​

• More hotspots = fewer local authentications, more load on national infrastructure

​

• eduroam Support Organizations driving the largest increases in traffic

[ 14 ]

Addressed eduroam scaling considerations - 2024

• Community Consultations
• Engage with populations that are driving the most growth, identify opportunities to reduce infrastructure load
• eduroam Support Organizations
• Large hotspot deployments (ISPs, municipalities, other consortia)

​

• Infrastructure Improvements
• Increasing traffic capacity of top level RADIUS servers (TLRS)
• Optimize internal routing of authentication traffic
• Improve rate limiting and load balancing

​

• Scalability Testbed
• Test and validate proposed improvements at scale before deployment

​

• Logging and Reporting Enhancements
• Additional detail in Log Viewer
• Overhaul reporting engine

​

​

[ 15 ]

[ 16 ]

This is what we are paying attention to into 2025 and beyond

[ 17 ]

Service Portfolio Themes driving work - 2025

1. Service Resilience
1. Baseline Expectations
2. Security enhancements
3. Terms of Service update permitting Rate Limiting

​

• Service Ease of Use
• Reporting refresh

​

• Attracting New Market Segments to eduroam Higher Ed and Research (eduroam classic)
• Web presence refresh
• Cloud Infrastructure aaS working group�
• Growing Existing Markets
• eduroam Support Organization - Call for Interest 2025

​

​

[ 18 ]

1. Cloud Infrastructure
2. Baseline Expectations
3. From the Desk of…
4. Mobility Day (on hiatus)

eAC Working Groups

[ 19 ]

Problem: Constituents want simpler radius solutions, ideally in the cloud

​

Approach:

• Identify challenges of multi-tenant cloud hosting
• Discuss possible solutions with vendors, provide recommendations
• Examples:
• How could we enable multi-tenant cloud-based providers to integrate their authentication services with eduroam without the need for on-prem appliances or servers?
• How would the eduroam-US management infrastructure need to change to allow it?
• What about RadSec?

​

Output:

• Recommendations and guidance for vendors, catalyst partners, InCommon NRO

eAC Cloud Infrastructure Working Group

Artifacts:

• WG Minutes
• Requirements Outline

eduroam Baseline Expectations Working Group

Problem: Inconsistent user experience, need to elevate security, �strive towards performance and operational excellence

​

Approach:

• Following in the footsteps of the “other federation” Baseline Expectations (2018-19)
• Areas of focus:
• User Experience
• Security/Privacy
• Performance and Operational Excellence
• Start conversation with the community at TechEx 2024, continue throughout 2025
• Long, 2+ year timeline for implementation

​

Output:

• Set of high-level statements as guiding principles for eduroam deployments
• Community engagement through communication

Artifacts:

• WG Minutes
• DRAFT Baseline Expectations for eduroam

Problem: No well-established communication channels from eAC to community, many topics require more context

​

Approach:

• Members of the eAC author short informative pieces
• Expound upon eAC discussion topics to add nuance and context
• Establish and exercise communication channels with the community
• Build awareness of the eAC

​

Output:

• Publish quarterly short informative pieces

​

​

“From the desk of the eAC” Working Group

Artifacts:

• WG Minutes
• First Article: Cellular Offloading from Saira

Questions

[ 23 ]