AIM – a transatlantic perspective

Part of the discussion over dinner tonight with other members of the Educause 2010 Programme Committee was on access and identity management. There are challenges making the business case for moving to federated access here in the States, partly because there is no real incentive for the publishers to “Shibbolize” their offerings and partly because many institutions are content to use IP authentication as the way of restricting access to resources. The lack of adoption of federated access by publishers suggests that they accept that a certain amount of unlicensed use of their resources will take place. The lack of movement by institutions suggests that there are currently no additional services which require federated access.

In the UK we have the Access Management Federation but I don’t believe that implementation of federated access is as advanced as the number of members of the Federation might suggest. This is perhaps borne out by Access/Identity management featuring as a UCISA top concern a couple of years ago but only featuring as a rising concern now. This suggests that institutions have implemented temporary solutions to see them through the next few years whilst they look to address their identity management issues ahead of moving to a federated access solution that encompasses both internal and external resources. It may be that access to external resources delivered by managed services or in the cloud provide the real driver to the move to federated access. With more and more resources provided in an increasing number of ways, the increasing cost of maintaining a single sign-on solution may mean the business case is easier to make.

Tags: ,

5 Responses to “AIM – a transatlantic perspective”

  1. David Harrison Says:

    Some relevant points made here Peter – particularly the ones related to “added-value” from FAM. Unless there’s a strategic driver to do it – it won’t happen. Currently the situation is that we have a state of denial in place in some institutions with abrogation of responsibility rife. Identity is an Institutional matter, not one for the IT or Library Director(s).

    What is more the increase in person-centric identity (ie OpenID, with students landing at our institutions with their digital identity that they want to use and keep), and we have to find ways of working institution with the individual. Shib will provide a gateway from OpenID at sometime. We’ve found that implementing SSO has been a huge plus for our users and FAM helps in that deliverable.

    UK leads the world in FAM. We need now to cement progress and work on the “strategic business case” for more widespread adoption.

  2. Nicole Harris Says:

    here’s a useful summary of why libraries should not be content to use IP address or Proxy, from the mouth of a publisher: I really don’t see an lack of adoption of federated access from publishers in the UK – the main issue from publishers is development leadtimes for platforms are very lengthy.

    It’s worth remembering that in the US, SAML is primarily being adopted as a solution to internal access management first and foremost so there has not as yet been a real drive for publisher access. The UK has worked the other way around. Luckily, the US can now benefit from our work with publishers and we can benefit from their work on other applications. That’s what is great about using the same standards internationally 🙂

  3. petertinson Says:

    The summary is useful – and I do understand the publishers’ view. The use of Shib for internal use in the US is something that could be a real business driver here IMHO – perhaps there is scope for producing case studies on some of the best practise from there and also those institutions that have made progress here. I know the work done to encourage publishers to use FAM is envied, particularly from our European colleagues. I suspect that they may be asking for some hints and tips at the EUNIS conference next week….

  4. petertinson Says:

    Agreed – the business drivers are key which is why I think we need to get some good case studies out there quickly. Perhaps a two pronged attack – something aimed at V-Cs (who will be funding it) and a varient for IT/IS directors and librarians (who will have to implement it…)?

  5. David Harrison Says:

    I’m looking at the idea of case Studies and I think JISC will fund the production of write-ups of good examples. I’d like to get a message out to UCISA-Directors over the next few weeks and ask them to contact me if they’ve got a good story to tell.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: