Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ted Koppel The Library Corporation

Similar presentations

Presentation on theme: "Ted Koppel The Library Corporation"— Presentation transcript:

1 Ted Koppel The Library Corporation

2 Authentication –Validation of user credentials –Based on individual –Usually local function Authorization –Validation of institutions permissions / contracts –Almost always a remote function –More involved with license constraints

3 We know the players (next slide) but We dont yet know all of their needs We know some of the goals and We know of some options to reach those goals but Not all options meet all needs. In fact, some are inimical to meeting these needs HOWEVER We know what we want to avoid


5 Needs access to information / data Understands need to present credentials ONCE Wants his anonymity but also wants his privileges Carries attributes (Grad Student in Engineering School) that provide Entitlements to certain resources

6 Examines and approves/disapproves credentials Depends on institutional structure –Library Borrower Database –Campus-wide login (university) –State-supported databases (OPLIN, FindItVa) Needs to return a yes or no and send it upstream

7 The entity through which the User derives his entitlements May be the same as the Authenticator Controls the privileges of individuals and groups Various levels: –Department –Library –Campus –Statewide

8 May be the ILS May be a Library or Campus-wide Portal May be the Authenticator and/or the Licensee Has to present authentication screens to users and manage the results and send them upstream Often has to handle multiple authentication schemes

9 Can handle rudimentary authentication itself if required Acts as pass-through for authentication information but Must be able to trust the varying sources of authentication that it receives Has to translate authentication from source to multiple targets

10 Wants to sell data, have it used and respected, while Restricting access to valuable intellectual property and protecting investment Must be able to trust the authentication from all of the downstream sources

11 Contradiction: anonymity versus personalization (the user) Contradiction: wide use and acceptance versus branding (database provider) Contradiction: needs of the academic and public library sectors (wanting identity masking) versus commercial information providers (needing billable accountability)

12 tried and true mechanisms –IP address permission –Referring URL validation –URL-embedded userid/password –Vendor-provided script –Local or SIP2/NCIP password verification Limited and arcane

13 Shibboleth (or similar) –Builds on trust relationships between parties –Allows local authentication by any means –Transmits the fact of approval and attributes of the user but –Preserves personal anonymity through use of –communities and clubs as entities that receive privileges

14 X509 (or other) digital certificates issued by authenticator PAPI = Point of Access to Providers of Information (local authorization, Spain) Athens (single sign-on scheme, UK) And various others

15 Creation of subcommittees to draft mission statements for pre-standards activity Develop use cases to understand all aspects of authentication Examine and evaluate existing work in authentication Determine what approach(es) might be best practices or (at worst) develop a new authentication scheme

16 Certifying the user (or organization) from the Authenticator to the Data Provider, by way of the Metasearch provider, in such a way that the messages can be trusted from the source to the destination, so that the services to which the user is entitled can be delivered.

17 Authentication to Licensed Resources (JSTOR) (discusses JSTORs approaches to authentication) Access Management for Networked Information Resources by Clifford Lynch (overview article) Authorization/Authentication for Patron Remote Access to Electronic Resources (powerpoint by Kerry Bouchard) htm (useful visual introduction to issues relating to authorization) A White Paper on Authentication and Access Management Issues in Cross-organizational Use of Networked Information Resources by Clifford Lynch, editor ( wp.html

18 Ted Koppel The Library Corporation

Download ppt "Ted Koppel The Library Corporation"

Similar presentations

Ads by Google