1308029
doi
10.5281/zenodo.1308029
oai:zenodo.org:1308029
user-liber2018
Gietz, Peter
AARC/DAASI International
Monticine, Barbara
Consortium GARR
Pavlik, Jiri
Moravian Library
E-resource Interoperability: Libraries moving to Federated Single Sign-On
Westerbeke, Jos
Erasmus University Rotterdam
info:eu-repo/semantics/openAccess
Creative Commons Attribution 4.0 International
https://creativecommons.org/licenses/by/4.0/legalcode
<p>Publishers more and more argue libraries for use of SSO to access their resources, instead of the widely used IP-based authentication. Still, many libraries hesitate to move away from IP-based authentication towards SSO with Federated Identity Management, although they could profit in terms of user satisfaction and cost efficiency. Researchers today work from many different locations, increasingly use research services and databases of many kinds. By deploying established standards, interoperability between libraries and user satisfaction will increase.</p>
<p>To summarize the benefits of SSO:</p>
<p>Libraries and publishers:</p>
<ul>
<li>better tailored contracts</li>
<li>better statistics</li>
<li>better way to lock and unlock persons when abuse occurs</li>
</ul>
<p>Researchers and students:</p>
<ul>
<li>personalisation of services</li>
<li>better control over personal data sent to providers</li>
<li>easy and fast access avoiding to create a new account for each service</li>
</ul>
<p>What is to be expected: Libraries are even pushed to use SSO. Several companies, as there are Gartner and Financial Times, are not allowing IP authentication anymore. This is trending and the world’s greatest publishers are working to improve SSO user experience (project RA21.org) in order to be able to implement it. Publishers like to ask personal information for the personification of their users on their websites. This is a great challenge for libraries because they want to protect their patrons and like to provide them anonymous access in the first place, which might be enriched afterwards with personal information by the user himself. Libraries need each other for making a policy such as a ‘minimal disclosure’ principle of exchanging personal information which should be compliant with the GDPR.</p>
<p>What has been done on the way to SSO:</p>
<p>The EC-funded AARC project reached out to the library community with three pilots:</p>
<ol>
<li>Pilot demonstrating specific configuration of EZproxy which allows to bring library resources without native support of SSO into SSO environment. The pilot is in production in Moravian Library and works seamlessly with EBSCOhost, ProQuest Central, SpringerLink.</li>
<li>Pilot addressing the use case of library walkin users that generally do not use personal authentication, but public computers in the library’s network. Using the open source solution Shibboleth, a library can now handle IP-rangebased and more focused contracts with the same technology stack.</li>
<li>The second pilot was then enhanced in such a way that IP ranges and respective entitlements can be managed by the library or by a group of libraries via a dedicated web interface.</li>
</ol>
<p>Another solution developed outside of AARC and in production at a German state library provides for enriching the user attributes it asserts to service providers with certain additional entitlements that depend on the network segment of the user’s client PC. This contribution will introduce in SSO and privacy and security, and describe the solutions mentioned in terms of use cases and advantages for libraries and their users.</p>
Zenodo
2018-07-09
info:eu-repo/semantics/lecture
1308028
user-liber2018
1579542057.278968
2060755
md5:4b6d51635df056b4dfaab7460b158b84
https://zenodo.org/records/1308029/files/LIBER2018-jwpgjppg.pdf
public
10.5281/zenodo.1308028
isVersionOf
doi