Introduction to eduroam - the origins of eduroam

Download as PDFDownload as PDF

Updated: 18/10/2023

eduroam is a 'federated service' resulting from a great many participating organisations co-operating to provide a consistent service. It is not a turnkey service, rather member organisations adapt their existing infrastructure(*) and deploy eduroam as an overlay to their existing networks and user authentication systems. It is grown significantly over the past 15 years and is now supported in many countries across the world. It was collaboratively developed(**) by a number of European research and education network organisations, which provide government funded networks connecting academic and research organisations, with resulting security and access control requirements. Typically only authenticated registered users are permitted access to national network services. In the UK this has resulted in Janet-connected organisations in the most part only allowing network access to users with valid usernames and passwords.

Increasing mobility of users resulting from growing collaboration on research and teaching and the development of smart network capable devices, led to the need to reduce the inconvenience and lost time for users in getting guest accounts and to reduce the administrative burden and security risks inherent in managing guest network access accounts for the host organisation.  

eduroam was designed to meet this need and provides a solution by authenticating network users, registered at one organisation who roam to other organisations in the course of their work and travels, using the same profile, username and password as used at their home organisations. This provides the user with seamless connectivity at visited sites and is achieved by using RADIUS technology to enable the authentication decision to in fact be made at the user's home organisation no matter where the user actual is. By avoiding the necessity of using guest accounts there are huge convenience gains for users and reduced administration effort for host organisations. 

Facilitating roaming network access and creating the perception of a universal homogeneous network for the research teaching and learning community are the primary benefits of eduroam, however there are key further advantages. Being built on 802.1X, eduroam has several additional benefits - Wi-Fi and authentication security, simplification of SSID and tailoring of network environments though dynamic VLAN assignment. Furthermore, since eduroam provision is based on each participating member organisation providing the service using their own infrastructures, diverse as these are, a rigorous technical specification has been developed. The aim of this is to ensure that users experience a consistent, professional quality network service - the complexity of delivering which, most users are completely unaware.

(*) There are options for smaller organisations that lack the network infrastructure of our mainstream members.

(**) Specifically the work of the inter-NREN roaming work carried out under the TERENA TF-Mobility ‘Task Force’ Jan 2003 – June 2004.