Full Description
Practical guidance to ensuring that your users can access and personalise the online resources they are entitled to use with the minimum of fuss.
With the rapid increase in the use of electronic resources in libraries, managing access to online information is an area many librarians struggle with. Managers of online information wish to implement policies about who can access the information and under what terms and conditions but often they need further guidance.
Written by experts in the field, this practical book is the first to explain the principles behind access management, the available technologies and how they work. This includes an overview of federated access management technologies, such as Shibboleth, that have gained increasing international recognition in recent years. This book provides detailed case studies describing how access management is being implemented at organizational and national levels in the UK, USA and Europe, and gives a practical guide to the resources available to help plan, implement and operate access management in libraries.
Key topics include:
what is access management and why do libraries do it?
electronic resources: public and not so public
principles and definitions of identity and access management
current access management technologies
authentication technologies
authorization based on physical location
authorization based on user identity or affiliation
federated access: history, current position and future developments
internet access provided by (or in) libraries
library statistics
the business case for libraries.
Readership: This is essential reading for all who need to understand the principles behind access management or implement a working system in their library.
Contents
Foreword - Clifford Lynch
1. What is access management and why do libraries do it?
Historical role of libraries in managing access to information
The role of libraries in the 21st century
The history of access management of online information resources
The role of e-commerce in library access management
The 'birth' of access management principles - Clifford Lynch's white paper
2. Electronic resources: public and not so public
Managing access to electronic collections
How and where users may want to access e-resources
What needs to be protected, and why
Commercially produced resources that need to be protected
Publicly available information that may also require access management
Publishers and licensing issues
Library management of licences
Summary
References
3. Principles and definitions of identity and access management
Introduction
Managing access? . . . or identities? . . . or both?
The business relationships
The processes of identity and access management
Identifying the person using a resource - or not
Obligations to protect personal data about users
Summary
References
4. Current access management technologies
IP address
Barcode patterns
Proxy servers
Shared passwords
User registration with publishers
Federated access
Summary
5. Authentication technologies
'Something you know, something you have, or something you are'
Authentication technologies overview
Authentication by third parties
Choosing an authentication system
6. Authorization based on physical location: how does the internet know where I am?
Introduction
Domains and domain names
(How) is all this governed?
IP addresses
IP spoofing
Benefits and problems of using IP address-based licensing
Summary
References
7. Authorization based on user identity or affiliation with a library: who you are? or what you do?
Basing access on identity, or on affiliation with a library
Role-based authorization
Matching roles against licence conditions
Benefits of role-based authorization
Summary
References
8. Federated access: history, current position and future developments
Single sign-on and the origins of federated access management
The development of standards
Federated access in academia
Future of federated access
References
9. How to choose access management and identity management products and services
Introduction
Identity management and access management solution capabilities
Establishing requirements with suppliers
Asserting library requirements in a wider-scale system procurement
Implementation options
The range of access and identity management products
Conclusion
References
10. Internet access provided by (or in) libraries
Introduction
Wired access
Wireless access
Public access issues
Summary
References
11. Library statistics
Why libraries collect electronic resource usage statistics
Challenges in collecting electronic resource usage data
How libraries collect usage data
Concluding thoughts
References
12. The business case for libraries
Introduction
Key benefits of quality identity management
Designing an IdM project
Putting together a business case
Conclusion
References and further reading
Afterword
References
Appendix 1: Case studies
Extending access management to business and community engagement activities at Kidderminster College, UK
Moving from Athens to Shibboleth at University College London, UK
Online reciprocal borrowing registration for Western Australian University Libraries
Library and IT collaboration: driving strategic improvements to identity and access management practices and capabilities
Managing affiliated users with federated identity management at UNC-Chapel Hill, USA
Tilburg University and the SURFfederatie, the Netherlands
Delivering access to resources in a joint academic and public library building
Single sign-on across the USMAI Consortium, USA
Appendix 2: A White Paper on Authentication and Access Management Issues in Cross-organizational Use of Networked Information Resources
