Eduroam Romania

The Home of Eduroam project in Romania
 Home / About Eduroam
About Eduroam

General information about Eduroam


What is eduroam?
In the network world roam means that you with only one set of user name and password can get network access - no matter where you are. Eduroam provides network access in the educational sector. In the following emphasis will be on wireless networks even though normal wired networks will also work within the realm of eduroam.

The goal is that everybody should get wireless access to the Internet easily and securely no matter where he or she is. All you will be required to remember is your username and password. You can of course also use eduroam on a daily basis when your institution is part of eduroam.

Being a student from the Technical University of Cluj Napoca or in Malaga, Spain, you will always get network access using the same credentials as you would at home.

Who runs Eduroam?
Eduroam in Romania is developed in the RoEduNet network and coordinated by the Communication Centre from Technical University of Cluj Napoca. In general each countrys NREN host the national radius proxy server.

How do you use it.
As soon as you connect to the wireless network you're asked to type in your credentials. These credentials are then encrypted and sent to your home institution to check wether you are indeed registered as active user. If the answer is yes, you will be allowed to connect to the Internet. For a more detailed description, look under the menu item User's guide.

The eduroam connection is secure.
From the moment you have been authenticated via eduroam, using the 802.1x protocol, your wireless connection will be encrypted to ensure that nobody can sniff your traffic in the air (between your machine and the wireless access point). This will be true for as long as you keep the connection alive, but only if you use 802.1x. If you authenticate using a webpage, this will not be true. For this reason, and other security related arguments, the weblogin method is being phased out and should not be trusted.

Behave, please.
Being guest you should always behave. This also holds true when roaming about on other peoples networks. You should therefore always abide to the acceptable use policy (AUP) of both your home institution and the site you visit. All eduroam institutions make information available about their particular AUP. You can find the institutions web sites at www.eduroam.ro and www.eduroam.org

How much does it cost?
Your institution takes part in eduroam to make it easier for you to get secure access to the net, no matter where you go. The price is that people from other eduroam-institutions can visit you and get the same service. Give and take - but no money is involved.

How does eduroam work?
eduroam is used to confirm that you are really who you pretend to be (authentication). Your home institution will always be asked - no matter where you are placed physically.

The system finds a route over the Internet and asks directly your home institution for credentials so you don't have to bother getting a guest account and release information about yourself.

eduroam is a hierarchical structure. Every eduroam-institution has an eduroam-server which is connected to the national eduroam-server in that particular country. All national servers are in turn connected to the two international top level eduroam-servers. If one goes down the other should work. They are placed in Holland and Denmark. You will always connect to an institution eduroam-server which will directly authenticate, if that is your home instituion, or proxy your request to your home eduroam-server, if you are roaming.

Your email adress is your user name
Your eduroam user name is your email adress.The advantage is that it is easily remembered and that the eduroam system will know where you are from, reading that. The domain part (@department.utcluj.ro) is used to direct your credentials to your home institution to check wether you are a valid user there.

First, the authentication request is sent to the local eduroam server at the local (home or away) site. If the local site happens to be you home institution you are directly authenticated. If you are not a known user locally the server sends your request to the international top level eduroam-server. From here it is directed to a national server that holds a list of all eduroam institutions in that country. Again the request is send to the right institution to ask. Simple and elegant!

Bullet proof suitcase loaded with credentials
The first part of your email address (your user name) will in combination with your password usually give access to different systems at home. It is therefore of the greatest importance that you do NOT hand over your credentials to others. Your email adress is of course not secret, but your password must be!

Because of this others should never be able to read your credentials with later misuse in mind. This is the reason why encryption is used when sending your authentication request back home. To put if roughly your credentials are packed in a bulletproof suitcase that gets sent home with a label on it: your email address.

Content taken and adapted from http://www.forskningsnettet.dk/eduroameng/abouteduroam (Danish Eduroam)