Project HeadLine Authentication - an overview of Hybrid Library requirements Jonathan Eaton
Download ReportTranscript Project HeadLine Authentication - an overview of Hybrid Library requirements Jonathan Eaton
Project HeadLine Authentication - an overview of Hybrid Library requirements Jonathan Eaton eLib Concertation Day - Authentication 10th March 1999 Presentation Overview Why access control is problematic for all electronic information ‘stakeholders’ Understanding different access needs Criteria for authentication initiatives Towards an authentication model Authentication requirements summary Common Hybrid Library goals Hybrid – Library systems typically comprise a user centred, Web-based “managed environment” aim to provide single access point to diverse resources in range of media formats extend management controls; minimise access discontinuities for users Electronic Access Issues... do we have barriers or controls? Internet promises seamless access fragmented & weak control mechanisms – – – a – “password proliferation” a curse IP filtering excludes valid (remote) users! “islands” of user attributes data new “inter-organisational” era (Lynch) supersedes older password model... A Continuum of Access Needs Different stakeholder perspectives – – – user wants unrestricted access librarian wants managed access vendor wants validated access access rights derive from community membership(s) range of physical and virtual locations a “single (secure) sign-on” entry point Authentication & Authorisation Authentication defines who you are Authorisation determines what you can do or what you can access, once authenticated Hybrid Library systems will demand – – interoperation AND separation between user attributes and resource metadata databases finer controls to model increasingly complex relationships Authentication issues… Single sign-on goal further complicates authentication issues User identities and access rights typically fragmented on service-by-service basis access scenario complexities – – – – personal AND generic identities personal, customised use of services multiple “identities” in single session where is locus of control? Some evaluation criteria national authentication infrastructure (e.g. ATHENS) should – – – – – integrate academic & commercial sources supply local & central management controls offer bridge to future standards/protocols flexibly incorporate user attributes & resources metadata use architecture that permits levels of resource access granularity Towards an authentication model access control must be flexible; managed must reflect degrees of indirection in realworld contractual relationships, e.g. – – – publisher <=> content aggregator content aggregator <=> library library <=> user resource compendium and user attributes database are key components Authentication needs: conclusion Future – – – – – – access controls must be appropriate, robust, flexible, scaleable, simple: “user-proof” enforce control but maximise access enact (indirect) contractual relationships reflect new inter-organisational world avoid current fragmentation embody needs of all ‘stakeholders’ Further Details Further details are available on the HEADLINE Website at: www.headline.ac.uk including outline Project Workplan and project Working Papers as published March 1999