AAI stands for Authentication and Authorization Infrastructure. It allows students, professors and administrative staff from Swiss Higher Education organizations to access web resources in other Universities with their usual Login. For the Institute this will be the IHEID IT Login. In AAI vocabulary, the Institute is your Home Organization.
In summary, AAI simplifies inter-organizational access to web resources such as eLearning. For example, this allows a student from the University of Geneva to register to a course on the Insitute Moodle using his UniGE IT Login.
The AAI Indentity Federation is managed by SWITCH (Networking of Swiss Academia). More details about AAI
I cannot login / I forgot my password. Who can help me?
What about privacy and data protection?
All the organisations (Federation Members and Partners) participating in the AAI have signed the SWITCHaai Service Agreement contract: by signing this contract, they commit themselves to the secure handling of user data according to the Swiss data protection laws.
Security has also been technologically implemented. The AAI is based on the open-source software Shibboleth, which was designed with a tight security concept in mind. Shibboleth uses the Security Assertion Markup Language (SAML) and all exchanged user data is encrypted using secure SSL connections.
Which web resources can I access with my AAI-enabled account?
What do I have to do to get an AAI account?
The Institute being member of the AAI Federation, you are automatically registered as an AAI user. User name and password are the same as for your IHEID IT Login.
This page guides you to the appropriate AAI helpdesk or support contact, in case you have a problem connecting to a service via AAI.
“Home Organization” designates the organization where you are administratively based and in which you are a registered user.
Where can I get help?
If you are a registered user at the Institute
If you are a registered user from another organization
- If you have login problems, lost your password or if you want to change it, contact your Home Organization helpdesk (see list of helpdesks);
- If you experience problems after successfully signing in, contact email@example.com (telephone).
List of all Home Organizations and public Resources
If a Resource or Home Organization you accessed could not be found, you should find the appropriate AAI Helpdesk in one of the following lists:
How your personal information is used within AAI
Your Home Organization stores personal data about you. Some of it, the so-called Authorization Attributes, is used within the AAI to control your access to protected resources of SWITCHaai participants. The use of these Authorization Attributes is subject to certain rules and regulations:
- The AAI bases on legal regulations already in force like the applicable data protection law. Participants in the AAI can only act within these boundaries.
- Moreover, all Home Organizations and Resource Owners have agreed to a common set of guidelines - the AAI Policy - which describes the rules of good conduct and lists the legal regulations already in force.
- Each SWITCHaai participant ensures that appropriate technical and organizational measures are taken against unauthorized or unlawful processing of your data. They also take precautions against its accidental loss or destruction.
- Home Organizations release attributes only to SWITCHaai participants; and only those attributes requested by a particular Resource Owner.
- Resource Owners may only request attributes that are relevant to their application.
- Home Organizations are responsible to keep your personal data accurate.
- The transfer of personal data from the Home Organization to the resource is encrypted.
- In its function as the provider of central AAI Services, SWITCH neither receives, decrypts nor stores any of your personal data. In the role as owner of an AAI-protected resource, SWITCH underlies the same rules as any other resource owner.
- The AAI does not store any personal data as cookies in your browser.
According to the data protection acts you have rights regarding your personal data. Contact firstname.lastname@example.org
IT - Contact email / 265 - MCS, DOL - v1.00 / 06.04.2020