skip to content

IT Help and Support

University Information Services
 

Raven, the University’s authentication service, enables account holders to authenticate themselves to a wide range of websites. The Raven service was initially developed for use with websites operated by the University of Cambridge and its members. More recently Raven has been extended to work with interoperability protocols such as SAML2 and OAuth. These enable account holders to easily authenticate to websites which use these, removing the need for individual users to separately register for individual accounts by making available a set of attributes about individual account holders which are derived from data held in central University administrative systems. Transfer of information is fundamental to the operation of Raven and its underlying protocols. In some cases attributes transmitted by Raven will include personal data within the meaning of the General Data Protection Regulation (GDPR). This policy outlines the circumstances under which such information will be released, in compliance with GDPR, and should be read in conjunction with the University’s IT Facilities and Services Privacy Notice.

The Policy

  1. Raven currently provides authentication services to the following: ​​
     
    • Websites and Services fully owned and operated by the University of Cambridge. These will normally use an address ending in cam.ac.uk e.g. www.admin.cam.ac.uk
       
    • Websites and Services operated by third parties under contract to the University of Cambridge. Note that these may use an address ending in cam.ac.uk or may operate under their own brand name.
       
    • Websites and Services operated by third parties which are not under contract to the University which offer you the option of authenticating with your institutional ID. These will not have an address ending in cam.ac.uk
       
  2. The first two groups are directly or contractually under University control and are classified as Internal Service Providers. Raven releases only those attributes which are necessary for the delivery for each services. Each site must be registered with the metadata registration application. Each service has been designed or commissioned by University staff with data protection considerations in mind. Such attributes will usually include your CRSid and your name to enable the creation and personalisation of your account on the host service and may include information indicating whether you are a member of University staff or a current student where this is necessary, for example to enable the University to comply with licencing conditions. You will not have an option to opt-out of such attribute releases.
     
  3. In the case of third party websites not under contract to the University you should be aware that the University has not negotiated any contractual relationship with these service providers. Consequently, the information Raven makes available to them is more limited as no due diligence has been performed in relation to their data handling or their compliance with GDPR.

    In this case Raven will normally release your identity (in the form of an 'eduPersonPrincipalName'), your status within the University ('member', 'staff', 'student', etc.) and an 'Anonymous Identifier' which is unique to you and the site you are visiting. Raven may release additional information, but only when doing so is necessary to enable the access to which you are entitled. The decision to proceed with authentication and the creation of accounts on such sites is made solely by the account holder. On first authentication you will be presented with an attribute release screen which identifies which attributes will be released and to which you must consent for authentication to proceed.

  4. A full list of attributes that may be transmitted by Raven along with their definition is maintained in the technical documentation.

University Library Resources

Access to electronic resources through the University library relies on being included or excluded from the membership of specific groups within the University’s Lookup directory. Group membership IDs are made available as Raven attributes. The relevant memberships and exclusions are:

  • People entitled to access the general University Library electronic resource collection consist of anyone who is not a member of lookup group 100925, and who has a misStatus in lookup of 'staff' or 'student' or who is a member of lookup group 100981 (staff) or 100982 (students).
     
  • University Library electronic resources that are restricted to staff can be accessed by anyone who is not members of lookup group 100925, and who has a misStatus in lookup of 'staff' or who is in lookup group 100981.
     
  • University Library electronic resources that are 'medically restricted' can be accessed by anyone who is not members of lookup group 100925 and who is a member of lookup group 100927.

 

​​​​​​​Anyone who experiences problems with access to University Library electronic resources should contact lib-raven@lists.cam.ac.uk

UIS Service Desk

Phone padded  Service status line: (01223 7)67999
Website  Sign up for SMS/email status alerts
Website  Read major IT incident reports

UIS bITe-size bulletin

A regular newsletter aimed at the University's IT community, highlighting service and project news from UIS.

Sign up >

You can read previous editions of bITe-size.

Latest news

Delivering network connectivity for the Cambridge Half Marathon

9 March 2023

Richard Davies from the Granta Backbone Network (GBN) team and Craig Faux from the Networks team, worked together to help deliver network connectivity for the Cambridge Half Marathon that took place this past weekend. The University has been assisting the Council with delivering network connectivity for the Cambridge Half...

Changes to Google Workspace accounts from March

23 February 2023

15 February 2023 We are preparing to delete UIS managed Google Workspace accounts for users that have left the University to maintain system performance and security and reclaim file space ahead of Google introducing file space quotas. When a user leaves the University, their account is flagged as cancelled in Lookup and...

Wireless Service maintenance in March and April 2023

21 February 2023

We’ll be carrying out essential maintenance on the University Wireless Service in March and April 2023 to pave the way for its continued growth. Three phases of work in March and April 1. Tuesday 21 March, 8:00 to 9:00 You might experience interruptions to the UniOfCam-IoT service during the maintenance period. You might...