By Tanu Sood on Jan 25, 2013
Contributed by: Ben Bulpett, aurionPro SENA
Virgin Media is the UK’s first combined provider of broadband, TV, mobile and home phone services. In preparation for the 2012 London Olympics, Virgin Media worked with their partner, aurionPro SENA, to enable free secure WiFi services to London Underground using Oracle Identity Management solutions. Yes, the secure WiFi on London Tube today is enabled using identity management! And, as an Olympic 2012 legacy, the Oracle architecture will form a platform to be consumed by other Virgin Media services. Check out this video:
This post and an upcoming webcast will examine how Identity Management specifically Oracle Virtual Directory (OVD) and Oracle Entitlements Server (OES) have enabled Virgin Media to offer services leveraging back end legacy systems that were never designed to be externalized.
Challenges abound for this massive undertaking. The initial scope of the project targeted 72 London Underground stations within Zone 1. With 2 or more platforms per station and potentially hundreds of people in the station, the service had to be able to support 115,000 sessions every 2 minutes. And of course, customer experience was key. That meant high availability even at peak times while offering a seamless experience to the users.
The current systems, databases and directories that hold their customer data resides in a plethora of legacy architectures, none of which were designed to be externalized. Working with aurionPro SENA, Virgin Media was able to provide an abstract layer using Oracle Virtual Directory to build a carrier class directory which provided views of the customer data, which integrated with Oracle Entitlements server provides the rules based entitlements service determining if a customer is eligible for the free customer wifi service.
Virgin Media were successful in securing the service to provide a free WIFI service to the London Underground, which had to be implemented before the 2012 London Olympics (Metro WIFI). According to Virgin Media, WiFi on London Underground has been an incredible success with over 700,000 people already online and a remarkable million sessions every day.
However, they wanted to extend the use of the service after the games as an additional value add service to all its customers, as well as a platform to wholesale to other providers.
As there was no existing Virgin Media service that provided the same sort of end-to-end functionality as Metro WiFi, rather than build the whole service from scratch Virgin Media wanted to try and reuse some components that already exist within their environment. Because they intended to make this new service available to existing Virgin Media Broadband and certain Virgin Media Mobile customers these existing components are chiefly around the backend user authentication and authorization piece; RADIUS, Central LDAP and the Virgin Mobile user systems.
However, the links between these systems to enable Virgin Media WiFi Service did not yet exist, so in essence the solution consists of taking these pre-existing components and adding new links between them to provide an integrated solution with as few newer parts as possible.
The solution is based upon three Oracle Software components, sitting on an Oracle Hardware platform:
OES has been integrated into OVD, to provide an authorization context to standard LDAP lookups. This is to allow Steel Belted Radius to authenticate and authorize users in disparate user repositories to a public WiFi service by using the standard LDAP interface, whilst leveraging centrally managed authorization policies provided by OES.
The solution works by OVD adding a number of virtual attributes to the LDAP requests containing the results of authorization calls made to OES. Steel Belted Radius then takes these virtual attributes and enforces the authorization by allowing or denying connections to the WiFi Service.
The London Underground WiFi service will be enabled for all of Virgin Media’s broadband and contract mobile user base (Virgin Media and Virgin Mobile).
If you would like to know more about the solution then look out for the forth coming webinar from Virgin Media, where Perry Banton one of Virgin Media’s architects will discuss the solution with their partner aurionPro SENA is greater detail.
Media Takes Identity Management Underground
Thursday, March 28, 2013
10 a.m. PDT/ 1 p.m. EDT
About the Writer:
Ben Bulpett is Alliance and Enterprise Accounts Director at aurionPro SENA in the UK. He is responsible for the relationship between aurionPro SENA and Oracle UK as well as managing a number of key strategic accounts.
Ben has been with aurionPro SENA for over 3 years and was instrumental in developing the relationship with Oracle and leading aurionPro SENA to become Oracle UK and EMEA Partner of the Year. He also led the team that delivered the Oracle components for the Metro WIFI solution at Virgin Media. Ben has over 25 years’ experience and knowledge of the Computer industry. Before joining aurionPro SENA, he held various sales and management roles including Director Security Sales at CA, UK Sales Director with Novell and was responsible for key enterprise customers and partners with Mindjet UK Limited. He is married with 6 children