Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Simple Trusted Access Anywhere Anytime on any Device

98 visualizaciones

Publicado el

This presentation was provided by Tim Lloyd of Liblynx and Todd Carpenter of NISO during the RA21 session held on Sunday, June 23 during ALA in Washington DC.

Publicado en: Educación
  • Sé el primero en comentar

  • Sé el primero en recomendar esto

Simple Trusted Access Anywhere Anytime on any Device

  1. 1. 23 June 2019 SIMPLE, TRUSTED ACCESS – ANYWHERE, ANYTIME, ON ANY DEVICE Todd Carpenter, Executive Director, NISO, RA21 Governance Committee Tim Lloyd, CEO, LibLynx, Co-Chair, RA21 Outreach Committee ALAAnnual Conference Session – Washington, DC 1
  2. 2. Community calls for change are growing “…our shared systems for authentication are out of step in today’s information economy and reinvented access controls are in immediate need of our collective attention.” “I counted more than a dozen talks on link resolvers, RA21, open access and other sales models. While proxy services and IP-based certification still rules the day, the buzz of the conference was pointing to a brave new future in access controls.” 2 “Every researcher is entitled to focus on their work and not be impeded by needless obstacles nor required to understand anything about the FIM infrastructure enabling their access to research services. The recommendations … highlight well- established practices … whose widespread adoption would represent a huge boost to usability of federated access mechanisms by users engaged in collaborative research activities.” final-draft-20180611.pdf proxies-the-buzz-about-access-at-erl-2019/
  3. 3. No comprehensive solution exists 3 • Robust marketplace for “Access Brokers” has emerged in recent years. Campus Activated Subscriber Access (CASA) • But these are all imperfect solutions: – Often have to be paid for as add-on services – Must be installed or configured by end users prior to starting a research discovery journey. Must be installed on all devices under the user’s control. – Not based on industry standard authentication technologies – Typically require creation of individual user accounts, potentially compromising privacy. – May capture and store a copy of the user’s institutional credentials, potentially creating a security risk.
  4. 4. Surely there is a better way… Access to scholarly content, especially off-network, needs to be fixed • Federated authentication using SAML (“Shibboleth”) solves most of the problem – Multilateral trust – Mature technology – Widely deployed and supported by scholarly information providers – Widely adopted and deployed by academic institutions – Widely deployed by corporate customers 4
  5. 5. AmyBob How does Federated Identity Management (e.g. SAML/Shibboleth) work?
  6. 6. I’d like a book please Bob’s Book Booth Amy
  7. 7. Sure! Are you from a subscribing institution? Bob’s Book Booth Amy
  8. 8. Bob’s Book Booth Amy Yes, I’m a student at ABC College
  9. 9. Bob’s Book Booth Amy ABC College: Call Carol at XXXXX
  10. 10. Bob’s Book Booth Amy Carol Bob: Is this a student from ABC College?
  11. 11. Bob’s Book Booth Amy Carol Carol: Please pass the phone to the student
  12. 12. Bob’s Book Booth Amy Carol Carol confirms Amy’s identity with her
  13. 13. Bob’s Book Booth Amy Carol Carol: I can confirm she’s one of our students
  14. 14. Bob’s Book Booth Amy Carol Bob: Can you confirm her name?
  15. 15. Bob’s Book Booth Amy Carol Carol: Sorry, that’s not our policy
  16. 16. Bob’s Book Booth Amy Carol Bob: No problem, thanks Carol!
  17. 17. Bob’s Book Booth Amy Here’s your book Here’s a badge so other booths don’t need to ask the name of your college
  18. 18. Bob Amy Carol
  19. 19. Bob Carol Service Provider Amy
  20. 20. Bob Carol Federation Amy Service Provider • InCommon • UK Access Mgt Federation
  21. 21. Bob Carol Identity Provider Federation Service Provider Amy • InCommon • UK Access Mgt Federation
  22. 22. Bob Carol Identity Provider Service Provider Amy RA21 Federation • InCommon • UK Access Mgt Federation
  23. 23. But Poor User Experience = Low Adoption Even though Shibboleth has been supported by most publishers for off-network access for years, uptake is very low because the user experience is quite poor. RA21 will dramatically improve that user experience. 23
  24. 24. Implementation 24 Service Provider (publisher) User’s Web Browser
  25. 25. Implementation 25 Service Provider (publisher) User’s Web Browser Publisher decides where to place the “button” and leaves space for it. Publisher references a JavaScript from in this location. JavaScript has a few parameters: 1) Location of publisher’s institution search page 2) Target after authentication 3) Color of button (under consideration)
  26. 26. Implementation 26 Service Provider (publisher) User’s Web Browser Publisher’s page is rendered in the user’s browser, which calls the JavaScript. JavaScript checks user’s local browser storage for any saved IdP info.
  27. 27. Implementation 27 Service Provider (publisher) User’s Web Browser If local browser storage is empty, JavaScript returns “Access through your institution” button
  28. 28. Implementation 28 Service Provider (publisher) User’s Web Browser Clicking on “Access through your institution” goes to the publisher’s institution search page User’s IdP choice is sent back through the JavaScript to be stored in local browser storage.
  29. 29. Implementation 29 Service Provider (publisher) User’s Web Browser
  30. 30. Implementation 30 Service Provider (publisher) User’s Web Browser User visits a different participating publisher’s site.
  31. 31. Implementation 31 Service Provider (publisher) User’s Web Browser When the new publisher’s site is loaded in the user’s browser, the JavaScript is called. It looks at the browser’s local storage, and returns a button with University of Oxford.
  32. 32. Repositioning “Access” • Common criticism of RA21 (esp. academic library community) is that Open Access makes RA21 irrelevant • Making a purposeful shift in our messaging: – Away from RA21 as sustaining publisher paywalls – Toward RA21 as providing seamless access to institutionally-provided resources of all kinds – Meeting researcher demands to remove access hassles (FIM4R whitepaper) RA21 can confirm “access” to institutional discounts for paying APCs RA21 could even facilitate “access” to Apple’s student discounts RA21 can facilitate “access” to research infrastructure 32
  33. 33. Minor UI change following branding study Moving from lock-and-key metaphor to open-door metaphor 33
  34. 34. Key UX Recommendations: Implement a standardized “Access through your institution” button 34
  35. 35. Key UX Recommendations: Implement a standardized Identity Provider Discovery flow 35
  36. 36. Understanding the World of SAML and Attributes Tim Lloyd CEO, LibLynx
  37. 37. What are ‘Attributes’ • Used in Federated Identity Management to pass extra data about an authenticated user • Shared by the Identity Provider (IdP) with a Service Provider (SP) • Format depends on the underlying technology e.g. SAML, OpenID Connect
  38. 38. What are ‘Attributes’ Anonymous token ● Unique for every visit ● Real identity unknown (anonymous) ● No personalization Pseudonymous ID ● Unique ID for every person ● Real identity unknown (pseudonymous) ● Personalization possible Organizational ● Home organization, Entitlements, Role, Department, Location etc Personal ● Name, email address
  39. 39. Why are Attributes important? Attributes give both sides greater control: Access control e.g. only allow users who are full-time staff Cost control e.g. only allow users with a certain role, or from a certain department Risk control e.g. avoid the need for (i) users to separately register a username /password and (ii) 3rd parties to store credentials
  40. 40. How does Attribute Release work? • An IdP can opt to share an Attribute Statement with an SP after a user is authenticated • Attribute release is configured by the IdP for each category of SP (or at the individual SP level) • research; vendors; library resources • Any special needs must be agreed with the IdP in advance
  41. 41. Publishing Use Cases Scenario Attributes Users access full-text articles with no options for personalization ● Anonymous token Users get content recommendations in UI based on prior history ● Pseudonymous ID Faculty have the ability to purchase ebooks using library funds ● Pseudonymous ID ● User role Clinicians receive email confirmation of Continuing Education credits received ● Pseudonymous ID ● User email address (with user consent)
  42. 42. What does RA21 Recommend? GENERAL PRINCIPLES • Only request the least-intrusive set of attributes; what you need, not what you want • Don’t retain anything extra that you receive • Don’t use attributes for non-access purposes without prior consent • Delete or anonymize all attributes when no longer needed for service access
  43. 43. What does RA21 Recommend? SPECIFIC GUIDANCE • Anonymous access or use of Pseudonymous IDs only without specific requirement and contractual agreement for more personal data. • Additional attributes, such as user-class demographic data (e.g., student, faculty, etc.) can be used to support more granular usage-reporting or chargebacks
  44. 44. The Library Expectations for RA21 Todd Carpenter Executive Director, NISO
  45. 45. RA21 – What about Privacy?
  46. 46. Library expectations of privacy Librarians have an ethical, and sometimes a legal duty to protect the privacy of the users that they serve, regardless of whether that user cares about it • Data gathering should be minimal, and as anonymous as possible. • Informed consent, if done appropriately, can mitigate these issues • GDPR has only expanded awareness of privacy Preference for current solutions is often based on organizational rather than technical concerns • Controlling the proxy, means controlling the data and the services. Passing that to IT could be scary. • Integration of RA21 into existing technology services stack will help.
  47. 47. SAML: Privacy Protecting or Not? • Proxy servers protect the user’s identity by masking the underlying authentication mechanism behind a unique network address It is NOT the case that the proxy doesn’t know who the user is. – The proxy user logs contain information about who is doing what • SAML can do the same thing, through different means – the use of entitlement attributes, and, if desired, psuedononymous IDs • SAML is flexible and has a variety of use cases: We need to develop a SAML profile (norm) for the use case of access to library information resources and meets the privacy expectations of librarians and researchers
  48. 48. Attribute Release and Privacy Recommendations 48 Establish attribute release profile for library information resources • Assert that the user is a member of the institution’s authorized user community for the resources being accessed using an anonymous attribute. • Enable SSO to any personalized features the resource may offer using institutional credentials via a pseudonymous pairwise user identifier. Institutions control data attribute release. Adopt GÉANT Data Protection Code of Conduct Developed by identity management community and institutional representatives. Enshrines principles of • Legal compliance • Purpose limitation • Legal compliance ion-code-of-conduct/V1/Pages/default.aspx 1 2
  49. 49. The IT reality for most libraries! • In academia, IT and identity management is not run out of the library and doesn’t often report through the same structures • IT may establish attribute release policies and other norms that are not always in keeping with library values, especially privacy. Often, they rely on default settings that provide more data then is necessary for library services Libraries need to have detailed conversations about which attributes to release and—critically—what NOT to release.
  50. 50. Moving RA21 into Production Todd Carpenter Executive Director, NISO
  51. 51. NISO Recommended Practice – Comments Process • Comments received between April 17th and May 17th were reviewed by the Committee. • >220 comments were received. • Comment disposition meeting held on May 28-29. • RP was significantly edited in response to the public comments. • A disposition of comments has been shared via the NISO and RA21 websites. 51
  52. 52. Main Comments Topics • Comments fell into four main themes/topics – 1) Participation by librarians in the project – 2) UX process queries – 3) Technical criticisms – 3) Questions about attribute release policies and privacy – Mix of other comments 52
  53. 53. NISO Recommended Practice – Ratification Process • Final Draft Recommendation was discussed by Steering Committee then reviewed by the NISO Information Policy and Analysis Topic Committee on June 18th • Recommended Practice published on June 22nd. 53
  54. 54. Building a coalition to take the project forward (Early Discussions) 54
  55. 55. Proposal: Coalition will jointly take project forward under a lightweight structure • Coalition Partners to sign lightweight MoU • Avoids overhead of creating a new single-purpose non-profit entity 55 Organization Role STM Secretariat Publisher Outreach Further UX Development NISO Library Outreach GEANT/Internet2 (via SUNET) Technical Development 24x7 Operations ORCID Community engagement IFLA tbd (early discussions)
  56. 56. Coalition for Seamless Access: Draft mission/purpose statement The Coalition for Seamless Access exists to foster a seamless experience when using scholarly collaboration tools, information resources, and shared research infrastructure. The Coalition promotes digital authentication leveraging an existing single-sign-on infrastructure through one’s home institution, while maintain an environment that protects personal data and privacy. The Coalition aims to enable simple, trusted use of scholarly resources and services anytime, anywhere, and on any device. 56
  57. 57. RA21/Seamless Access: Roadmap and Timeline 57 Through Q2 2019 • NISO RP Publication • Establish governance structure for coalition Second half 2019 • Enable the service; launch Beta Phase • Early adopters begin to deploy RA21 recommended practices Mid-late 2020 • Transition towards Post Beta - expand participation (SPs, IdPs, Fed Ops) • Expand applications beyond scholarly resources
  58. 58. Seamless Access Beta Phase • Commencing mid-2019, duration 9-12 months • Goals: – Test feasibility and strength of the coalition as governance structure. – Implement production-quality, production-scale services • Including review of technology, scalability, security, and privacy – Encourage broad adoption of NISO Recommended Practices • Early adopters across multiple use cases • Implementation testing and reporting against success criteria • End-user testing via coordination from libraries and publishers – Research to: • Confirm value to users and adopters • Identify risks (if any) to adopters • Identify areas where the RP needs to be tweaked or adjusted. 58
  59. 59. Beta Implementation: Central Infrastructure and Services • SUNET (via funding from GEANT) has been identified as the home for identity provider persistence service and a central discovery service for the Beta Phase 59 Criteria • Perceived as neutral by publishers, librarians, federation operators, etc. • Capable of supporting 24/7 infrastructure • Experienced running high availability critical infrastructure • Willing and able to support a global model • Financially sustainable long-term
  60. 60. Expectations of Beta Implementors Implement the Access Button and IdP persistence service on publisher sites per the RP guidelines OR Encouragement of publishing platform providers to do so Beta participants should be prepared to share aggregate data about success metrics (being developed), e.g. – Access success rates – User satisfaction with access processes – Reduction in support tickets 1 2
  61. 61. Roll-out Strategy • Initial focus will be on adopting RA21 recommendations as broadly as possible as a supplement to IP for remote access (off campus) • Also suggested as the primary/only access method for organizations that can’t use IP (e.g. corporate customers using cloud ISPs such as zScaler) • This will allow us to monitor and measure success rates and build a case for RA21 as the primary access method for all customers 61
  62. 62. QUESTIONS? 62