- 31st Oct 2013
Access and Identity Management for Libraries: Controlling access to online information
Practical guidance to ensuring that your users can access and personalise the online resources they are entitled to use with the minimum of fuss.
With the rapid increase in the use of electronic resources in libraries, managing access to online information is an area many librarians struggle with. Managers of online information wish to implement policies about who can access the information and under what terms and conditions but often they need further guidance.
Written by experts in the field, this practical book is the first to explain the principles behind access management, the available technologies and how they work. This includes an overview of federated access management technologies, such as Shibboleth, that have gained increasing international recognition in recent years. This book provides detailed case studies describing how access management is being implemented at organizational and national levels in the UK, USA and Europe, and gives a practical guide to the resources available to help plan, implement and operate access management in libraries.
Key topics include:
- what is access management and why do libraries do it?
- electronic resources: public and not so public
- principles and definitions of identity and access management
- current access management technologies
- authentication technologies
- authorization based on physical location
- authorization based on user identity or affiliation
- federated access: history, current position and future developments
- internet access provided by (or in) libraries
- library statistics
- the business case for libraries.
Readership: This is essential reading for all who need to understand the principles behind access management or implement a working system in their library.
Foreword - Clifford Lynch
1. What is access management and why do libraries do it?
- Historical role of libraries in managing access to information
- The role of libraries in the 21st century
- The history of access management of online information resources
- The role of e-commerce in library access management
- The 'birth' of access management principles – Clifford Lynch's white paper
2. Electronic resources: public and not so public
- Managing access to electronic collections
- How and where users may want to access e-resources
- What needs to be protected, and why
- Commercially produced resources that need to be protected
- Publicly available information that may also require access management
- Publishers and licensing issues
- Library management of licences
3. Principles and definitions of identity and access management
- Managing access? . . . or identities? . . . or both?
- The business relationships
- The processes of identity and access management
- Identifying the person using a resource – or not
- Obligations to protect personal data about users
4. Current access management technologies
- IP address
- Barcode patterns
- Proxy servers
- Shared passwords
- User registration with publishers
- Federated access
5. Authentication technologies
- 'Something you know, something you have, or something you are'
- Authentication technologies overview
- Authentication by third parties
- Choosing an authentication system
6. Authorization based on physical location: how does the internet know where I am?
- Domains and domain names
- (How) is all this governed?
- IP addresses
- IP spoofing
- Benefits and problems of using IP address-based licensing
7. Authorization based on user identity or affiliation with a library: who you are? or what you do?
- Basing access on identity, or on affiliation with a library
- Role-based authorization
- Matching roles against licence conditions
- Benefits of role-based authorization
8. Federated access: history, current position and future developments
- Single sign-on and the origins of federated access management
- The development of standards
- Federated access in academia
- Future of federated access
9. How to choose access management and identity management products and services
- Identity management and access management solution capabilities
- Establishing requirements with suppliers
- Asserting library requirements in a wider-scale system procurement
- Implementation options
- The range of access and identity management products
10. Internet access provided by (or in) libraries
- Wired access
- Wireless access
- Public access issues
11. Library statistics
- Why libraries collect electronic resource usage statistics
- Challenges in collecting electronic resource usage data
- How libraries collect usage data
- Concluding thoughts
12. The business case for libraries
- Key benefits of quality identity management
- Designing an IdM project
- Putting together a business case
- References and further reading
Appendix 1: Case studies
- Extending access management to business and community engagement activities at Kidderminster College, UK
- Moving from Athens to Shibboleth at University College London, UK
- Online reciprocal borrowing registration for Western Australian University Libraries
- Library and IT collaboration: driving strategic improvements to identity and access management practices and capabilities
- Managing affiliated users with federated identity management at UNC-Chapel Hill, USA
- Tilburg University and the SURFfederatie, the Netherlands
- Delivering access to resources in a joint academic and public library building
- Single sign-on across the USMAI Consortium, USA
Appendix 2: A White Paper on Authentication and Access Management Issues in Cross-organizational Use of Networked Information Resources
Masha Garibyan began her involvement in access management in 2004 when she joined the London School of Economics Library Projects Team. She has been involved in several access management projects. She also worked as part of the JISC Access Management Team for two years, helping UK education institutions and service providers adopt federated access. She is currently working at the University of Worcester as part of the Library Academic Services Team.
Simon McLeish is Resource Discovery Architect at the Bodleian Libraries, University of Oxford, and previously worked at the London School of Economics and Political Science (LSE) and as an independent IT professional, specializing in Identity and Access Management.
John Paschoud has been an IT professional since 1972. As Projects Manager at the LSE Library he led a series of projects which identified and established the technologies for federated access that are now most widely used by academic libraries. As a consulting information systems engineer he now specializes mainly in government and education fields, and is a member of the Technical Advisory Group to the UK Access Management Federation for Education and Research.
"...provides an excellent, well-organized overview of the structures, protocols, and skills necessary for controlling online access to proprietary information resources. The book, including introduction, glossary, appendices, and index, is just slightly over 250 pages long and presents the topic in a logical manner with an appropriate level of detail and useful, real-world examples."
Journal of Access Services
"The combination of theoretical explanation and analysis, real-world case studies, and historical background in the form of the Lynch paper lends variety and interest to a fairly dry topic. Chapters are concise and to the point, and a glossary of terms proves helpful in navigating the myriad acronyms involved. Of some surprise is a lack of discussion of LDAP (Lightweight Directory Access Protocol), which is mentioned only in passing. On the whole, however, the book is exhaustive in its treatment of the subject, and it is recommended for readers who wish to better understand access and identity management and implement associated technologies in their libraries."
Journal of Electronic Resources Librarianship"...very useful to librarians, publishers and information technologists trying to gain insight into the complexities surrounding access to licensed networked information resources in settings such as universities or public libraries." - Clifford Lynch