Access and Identity Management for Libraries

Masha Garibyan began her involvement in access management in 2004 when she joined the London School of Economics Library Projects Team. She has been involved in several access management projects. She also worked as part of the JISC Access Management Team for two years, helping UK education institutions and service providers adopt federated access. She is currently working at the University of Worcester as part of the Library Academic Services Team. Simon McLeish is Resource Discovery Architect at the Bodleian Libraries, University of Oxford, and previously worked at the London School of Economics and Political Science (LSE) and as an independent IT professional, specializing in Identity and Access Management. John Paschoud has been an IT professional since 1972. As Projects Manager at the LSE Library he led a series of projects which identified and established the technologies for federated access that are now most widely used by academic libraries. As a consulting information systems engineer he now specializes mainly in government and education fields, and is a member of the Technical Advisory Group to the UK Access Management Federation for Education and Research.

• Foreword - Clifford Lynch1. What is access management and why do libraries do it?Historical role of libraries in managing access to informationThe role of libraries in the 21st centuryThe history of access management of online information resourcesThe role of e-commerce in library access managementThe ‘birth’ of access management principles – Clifford Lynch’s white paper 2. Electronic resources: public and not so publicManaging access to electronic collectionsHow and where users may want to access e-resourcesWhat needs to be protected, and whyCommercially produced resources that need to be protectedPublicly available information that may also require access managementPublishers and licensing issuesLibrary management of licencesSummaryReferences 3. Principles and definitions of identity and access managementIntroductionManaging access? . . . or identities? . . . or both?The business relationshipsThe processes of identity and access managementIdentifying the person using a resource – or notObligations to protect personal data about usersSummaryReferences 4. Current access management technologiesIP addressBarcode patternsProxy serversShared passwordsUser registration with publishersFederated accessSummary5. Authentication technologies‘Something you know, something you have, or something you are’Authentication technologies overviewAuthentication by third partiesChoosing an authentication system6. Authorization based on physical location: how does the internet know where I am?IntroductionDomains and domain names(How) is all this governed?IP addressesIP spoofingBenefits and problems of using IP address-based licensingSummaryReferences 7. Authorization based on user identity or affiliation with a library: who you are? or what you do?Basing access on identity, or on affiliation with a libraryRole-based authorizationMatching roles against licence conditionsBenefits of role-based authorizationSummaryReferences 8. Federated access: history, current position and future developmentsSingle sign-on and the origins of federated access managementThe development of standardsFederated access in academiaFuture of federated accessReferences 9. How to choose access management and identity management products and servicesIntroductionIdentity management and access management solution capabilitiesEstablishing requirements with suppliersAsserting library requirements in a wider-scale system procurementImplementation optionsThe range of access and identity management productsConclusionReferences 10. Internet access provided by (or in) librariesIntroductionWired accessWireless accessPublic access issuesSummaryReferences 11. Library statisticsWhy libraries collect electronic resource usage statisticsChallenges in collecting electronic resource usage dataHow libraries collect usage dataConcluding thoughtsReferences 12. The business case for librariesIntroductionKey benefits of quality identity managementDesigning an IdM projectPutting together a business caseConclusionReferences and further reading AfterwordReferences Appendix 1: Case studiesExtending access management to business and community engagement activities at Kidderminster College, UKMoving from Athens to Shibboleth at University College London, UKOnline reciprocal borrowing registration for Western Australian University LibrariesLibrary and IT collaboration: driving strategic improvements to identity and access management practices and capabilitiesManaging affiliated users with federated identity management at UNC-Chapel Hill, USATilburg University and the SURFfederatie, the NetherlandsDelivering access to resources in a joint academic and public library buildingSingle sign-on across the USMAI Consortium, USA Appendix 2: A White Paper on Authentication and Access Management Issues in Cross-organizational Use of Networked Information Resources

"...provides an excellent, well-organized overview of the structures, protocols, and skills necessary for controlling online access to proprietary information resources. The book, including introduction, glossary, appendices, and index, is just slightly over 250 pages long and presents the topic in a logical manner with an appropriate level of detail and useful, real-world examples."