1 / 11

Authentication in Hybrid Library: Overview of Requirements

This presentation provides an overview of the requirements for authentication in Hybrid Library systems. It discusses the challenges faced by different stakeholders and highlights the need for a flexible and robust authentication model. The goal is to ensure seamless access while maintaining control and protecting user privacy.

drobin
Download Presentation

Authentication in Hybrid Library: Overview of Requirements

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Project HeadLine Authentication - an overview of Hybrid Library requirements Jonathan Eaton eLib Concertation Day - Authentication 10th March 1999

  2. Presentation Overview • Why access control is problematic for all electronic information ‘stakeholders’ • Understanding different access needs • Criteria for authentication initiatives • Towards an authentication model • Authentication requirements summary

  3. Common Hybrid Library goals • Hybrid Library systems typically comprise • a user centred, Web-based “managed environment” • aim to provide single access point to diverse resources in range of media formats • extend management controls; minimise access discontinuities for users

  4. Electronic Access Issues... • do we have barriers or controls? • Internet promises seamless access • fragmented & weak control mechanisms • “password proliferation” a curse • IP filtering excludes valid (remote) users! • “islands” of user attributes data • a new “inter-organisational” era (Lynch) • supersedes older password model...

  5. A Continuum of Access Needs • Different stakeholder perspectives • user wants unrestricted access • librarian wants managed access • vendor wants validated access • access rights derive from community membership(s) • range of physical and virtual locations • a “single (secure) sign-on” entry point

  6. Authentication & Authorisation • Authentication defines who you are • Authorisation determines what you can do or what you can access, once authenticated • Hybrid Library systems will demand • interoperation AND separation between user attributes and resource metadata databases • finer controls to model increasingly complex relationships

  7. Authentication issues… • Single sign-on goal further complicates authentication issues • User identities and access rights typically fragmented on service-by-service basis • access scenario complexities • personal AND generic identities • personal, customised use of services • multiple “identities” in single session • where is locus of control?

  8. Some evaluation criteria • national authentication infrastructure (e.g. ATHENS) should • integrate academic & commercial sources • supply local & central management controls • offer bridge to future standards/protocols • flexibly incorporate user attributes & resources metadata • use architecture that permits levels of resource access granularity

  9. Towards an authentication model • access control must be flexible; managed • must reflect degrees of indirection in real-world contractual relationships, e.g. • publisher <=> content aggregator • content aggregator <=> library • library <=> user • resource compendium and user attributes database are key components

  10. Authentication needs: conclusion • Future access controls must • be appropriate, robust, flexible, scaleable, simple: “user-proof” • enforce control but maximise access • enact (indirect) contractual relationships • reflect new inter-organisational world • avoid current fragmentation • embody needs of all ‘stakeholders’

  11. Further Details Further details are available on the HEADLINE Website at: www.headline.ac.uk including outline Project Workplan and project Working Papers as published March 1999

More Related