Introduction to eduroam - the origins of eduroam

Download as PDFDownload as PDF

Page updated: 20/06/2025

What is eduroam? eduroam is a 'federated service' resulting from a great many participating organisations co-operating to provide a consistent service. It is not a turnkey service, rather member organisations adapt their existing infrastructure(*) and deploy eduroam as an overlay to their existing networks and user authentication systems. It is grown significantly since the original 2003 collaborative inter-NREN project(**) which involved 6 European nations including the UK - eduroam is now supported in over 100 countries across the world. See 'The Story of eduroam' (first 45 minutes).

Motivation The motivation for the project was the desire to reduce the difficulties faced by increasingly mobile researchers in gaining access to the tightly controlled academic networks at all organisations connected to the National Research and Education Network (NREN) of the particular country. NRENs provide national government funded private networks connecting academic and research organisations' networks - which themselves are deemed private networks. This has resulting security and access control implications - typically only authenticated registered users and guests visiting for institution-mission related purposes, are permitted access to the organisation's network with NREN connectivity. In the UK, historically, this resulted in Janet-connected organisations in the most part only providing network access to their own users with valid credential (usernames and passwords or device certificate).

Increasing mobility of users resulting from growing collaboration on research and teaching and the development of smart network capable devices, led to an increasing demand for network connectivity whilst at the same time increasing the need to reduce the inconvenience and lost time for users in getting a unique guest account on each visit and to reduce the administrative burden and security risks inherent in managing guest network access accounts for the host organisation.  

Concept eduroam was designed to meet this need (both in the UK and across Europe) and provides a solution by authenticating network users, registered at one organisation who roam to other organisations in the course of their work and travels, using the same profile, username and password or personal certificate as used at their home organisations. This provides the user with seamless connectivity at visited sites and is achieved by using RADIUS technology to enable the authentication decision to in fact be made at the user's home organisation no matter where the user actual is. By avoiding the necessity of using guest accounts there are huge convenience gains for users and reduced administration effort for host organisations. 

Benefits Facilitating roaming network access and creating the perception of a universal homogeneous network for the research teaching and learning community are the primary benefits of eduroam, however there are key further advantages. Being built on 802.1X, eduroam has several additional benefits - Wi-Fi and authentication security, simplification of SSID and tailoring of network environments though dynamic VLAN assignment. Furthermore, since eduroam provision is based on each participating member organisation providing the service using their own infrastructures, diverse as these are, a rigorous technical specification has been developed. The aim of this is to ensure that users experience a consistent, professional quality network service - the complexity of delivering which, most users are completely unaware.

(*) There are options for smaller organisations that lack the network infrastructure of our mainstream members.

(**) Specifically the work of the inter-NREN roaming work carried out under the TERENA TF-Mobility ‘Task Force’ Jan 2003 – June 2004.  http://www.terena.org/activities/tf-mobility/deliverables/delanddoc.html