eduroam is a network access service for research and education users that enables users from 'Identity Provider' institutions to access the wireless network of 'Service Provider' institutions. AARNet Pty Ltd operates eduroam in Australia, referred to as “eduroam AU”.
eduroam national and global infrastructure enables identity providers to remotely authenticate their users when they visit service provider institutions and connect to the visited institution’s “eduroam” network (typically, wireless network broadcasting “eduroam” SSID).
eduroam users log in using their institutional credentials (institutional username and password). However the user's eduroam username is of the form "institutionalUsername@institutionalRealm", where the 'institutionalRealm' part identifies the user's 'home institution', and tells eduroam infrastructure globally where the user authentication request should be sent to.
eduroam is a 'global identity federation', meaning that there is mutual trust between identity providers and services providers. Service providers trust that identity providers perform effective identity management, and so authenticate only authorised users. Service providers also trust that identity providers are able to associate a network access with a real user, and will take action against the user according to the home organisation's network access acceptable use policy (AUP) in the event of a user abusing their network access at the visited institution (e.g. downloading copyright material illegally).
Identity providers trust that service providers comply with global standards for secure eduroam deployment, and provide effective network access service to visitors.