Part of the discussion over dinner tonight with other members of the Educause 2010 Programme Committee was on access and identity management. There are challenges making the business case for moving to federated access here in the States, partly because there is no real incentive for the publishers to “Shibbolize” their offerings and partly because many institutions are content to use IP authentication as the way of restricting access to resources. The lack of adoption of federated access by publishers suggests that they accept that a certain amount of unlicensed use of their resources will take place. The lack of movement by institutions suggests that there are currently no additional services which require federated access.
In the UK we have the Access Management Federation but I don’t believe that implementation of federated access is as advanced as the number of members of the Federation might suggest. This is perhaps borne out by Access/Identity management featuring as a UCISA top concern a couple of years ago but only featuring as a rising concern now. This suggests that institutions have implemented temporary solutions to see them through the next few years whilst they look to address their identity management issues ahead of moving to a federated access solution that encompasses both internal and external resources. It may be that access to external resources delivered by managed services or in the cloud provide the real driver to the move to federated access. With more and more resources provided in an increasing number of ways, the increasing cost of maintaining a single sign-on solution may mean the business case is easier to make.