Educause 2006, Dallas TX What does a University need from Access Management? John Paschoud InfoSystems Engineer, LSE Library London School of Economics.

Slides:

Advertisements

Similar presentations

PERSEUS : Portal-enabled Resources via Shibbolized End-user Security 16 May 2005JISC Core Middleware Programme Meeting, Loughborough 1 PERSEUS Project.

Advertisements

Glenn Johnson John A. Dutton e-Education Institute Project Manager, Penn States e-Portfolio Initiative Glenn Johnson John A. Dutton e-Education Institute.

“Build It and They Will Come," But Will They? A Poster Presentation by Abdul Shibli Harvard Graduate School of Education Cambridge, Massachusetts

What Does the Net Generation Expect From Us? SAC August 8, 2005 SAC August 8, 2005 Copyright © 2005, Joel L. Hartman. This work is the intellectual property.

KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.

DSpace: the MIT Libraries Institutional Repository MacKenzie Smith, MIT EDUCAUSE 2003, November 5 th Copyright MacKenzie Smith, This work is the.

While You Were Out: How Students are Transforming Information and What it Means for Publishing Kate Wittenberg The Electronic Publishing Initiative at.

The Academic Computing Assessment Data Repository: A New (Free) Tool for Program Assessment Heather Stewart, Director, Institute for Technology Development,

Copyright Tom Parker, Ron DiNapoli, Andrea Beesing, Joy Veronneau This work is the intellectual property of the authors. Permission is granted for.

Copyright Ellen C. Ramsey and Ryan P. Looney This work is the intellectual property of the author. Permission is granted for this material to be.

Supporting and Hosting Web- Based Learning Systems Educause 2001 Charlene Douglas – Director Kathryn Gomm - Training Manager Sharon McCarrager – Accessibility.

PERSEU S : Portal-enabled Resources via Shibbolized End-user Security 17 March 2005IAMSECT Dissemination Event, Newcastle 1 Access to library resources:

Seeing the Forest and the Acorns in the Decision Tree Sandy Burke Computing Center HelpDesk Manager Copyright Sandy Burke, This work is the intellectual.

Copyright (Diana Stuart Sinton, 2005). This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,

Cascade-Case based learning, presentation Educause 2003 Anaheim.

The Homegrown Single Sign On (SSO) Project at UM – St. Louis.

Copyright 2008, Elizabeth A. Evans. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,

ERP Security Checklist ENT 2007 Joy R. Hughes VPIT and CIO George Mason University Co-chair STF.

Foundations of Excellence: Support Services for Online Learning Midwest Regional Conference, 2005 Chicago, Illinois Presenters: Diane Dates Casey Jan Engle.

Copyright Shanna Smith & Tom Bohman (2003). This work is the intellectual property of the authors. Permission is granted for this material to be shared.

Turning Information Into Action: Enterprise Reporting at Columbia University Maria E. Mosca, Director Student Information Systems Columbia University in.

Moving Your Paperwork Online Western Washington University E-Sign Web Forms Copyright Western Washington University, This work is the intellectual.

Open Your Eyes: Open Architecture, Open Source, Open Projects Mid-Atlantic Educause January 12, 2005 Copyright Patricia Gertz This work is the intellectual.

CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,

EDUCAUSE April 25, 2006Enforcing Compliance with Security Policies … Enforcing Compliance of Campus Security Policies Through a Secure Identity Management.

UNC’s Digital Library Project: Current Initiatives, Future Plans Megan Winget Academic Technology Specialist Office of Arts & Sciences Information Services.

The Influence of Intellectual Property Rights Over Distance Education Jonathan Alger University of Michigan April 17, 2002 Copyright Jonathan Alger, 2002.

Sharing Information and Controlling Content: Continuing Challenges for Higher Education Susanna Frederick Fischer Assistant Professor Columbus School of.

Beyond the Campus Gates: Bringing Alumni, Parents, and Prospects into the Campus Portal William P. Wilson Mark R. Albert John C. Duffy Gettysburg College.

Please Note: Copyright –David L. Snellman This work is the intellectual property of the author. Permission is granted for this material to be shared.

HOSPITAL COPYRIGHT TOOLKIT A Guide to the Canadian Copyright Act A Presentation prepared by Jan Figurski, MLS Mary McDiarmid, MISt, AHIP c2007.

Managing Intellectual Property for Distance Learning Liz Johnson Project Manager Advanced Learning Technologies Board of Regents of the University System.

Issues Associated with ePortfolios in Small Colleges EDUCAUSE Mid-Atlantic Regional Conference 2006 Ed Barboni, Senior Advisor, Council of Independent.

Office of Information Technology Balancing Technology and Privacy – the Directory Conundrum January 2007 Copyright Barbara Hope and Lori Kasamatsu 2007.

PERSEU S : Portal-enabled Resources via Shibbolized End-user Security 3 May 05Spring 2005 Internet2 Member meeting 1 News from the ‘misty’ Albion: Shibboleth.

Joint Information Systems Committee 18-Jul-2006 | | Slide 1 Change Management for Libraries Session B, 11: :00 John Paschoud and Peter Spring London.

Title: Developing a Multimedia Tutorial Style Guide to Expand Student Training Author: Suzie Medders, Student Training Coordinator Educational Technology.

Stewardship of the Information Commons: Cultural, Service, and Operational Issues Stephen R. Acker The Ohio State University Copyright Stephen R. Acker,

The National Science Digital Library & Shibboleth.

Using Levels of Assurance Well, at least thinking about it…. MAX (just MAX)

November 7, 2005EDUCAUSE Live1 An Eye to the Future with a Brief Look at the Past Jack McCredie UC Berkeley November 7, 2005 Copyright John W. McCredie.

Integrating the Library into Next-Generation Course Management Systems Steve Acker, Jim Bracken, and Scott Cantor The Ohio State University Copyright Stephen.

University and IT Policies: Match or Mis-match? Marilu Goodyear, Vice Provost for Information Services and CIO Jenny Mehmedovic, Coordinator of IT Policy.

Copyright David A. Cox This work is the intellectual property of the author. Permission is granted for this material to be shared for non- commercial,

Learning & Teaching = Activities Copyright Steve Ehrmann & Nikki Reynolds, This work is the intellectual property of the author. Permission is granted.

EDUCAUSE 2006 Electronic Portfolios, A Perfect Solution to Assessment in an Online English Composition Course Dr. Mary Jane Clerkin Copyright Dr. Mary.

Improving the Social Nature of OnLine Learning Tap into what students are already doing Tap into what students are already doing Educause SWRC07 Copyright.

Portals and Web Standards Lessons Learned and Applied David Cook Copyright The University of Texas at Austin This work is the.

A Cat-Herding Tale Forging a Single Course Management System for a Decentralized Institution Copyright Abdul Shibli, 2004.This work is the intellectual.

1 Effective Incident Response Presented by Greg Hedrick, Manager of Security Services Copyright Purdue University This work is the intellectual property.

1 Top 10 Challenges of the Academic Technology Community John P. Campbell & Dennis A. Trinkle EDUCAUSE Live! Monday, May 21, :00-2:00 PM Copyright.

Legal Issues in the “E-Learning Business” Jonathan Alger University of Michigan October 29, 2001 Copyright Jonathan Alger This work is the intellectual.

KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.

WebISO, Single Sign-On & Authorization General Overview Shelley Henderson Project Manager, Grid Software USC Information Services Copyright.

NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.

Copyright James Kulich This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,

Copyright Michael White and Sylvia Maxwell, This work is the intellectual property of the author. Permission is granted for this material to be shared.

© Scottsdale Community College Leveraging the Power of E-Learning Taking your course to a higher level Presented by Sidne Tate Director, Instructional.

Top 10 Challenges of the Academic Technology Community Veronica Diaz, John Campbell, Dennis Trinkle Wednesday, October 24, :50 p.m. - 4:40 p.m.

NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Mark Luker, EDUCAUSE Copyright Mark Luker, This work is the intellectual.

October 2006 Funded by JISC and ESRC to serve the UK academic and research communities. Voyage of the U.K. JISC Federation: Shibbolizing the U.K.'s Research,

John O’Keefe Director of Academic Technology & Network Services

Federated Identity to Support Collaboration in the CIC

Copyright Notice Copyright Bob Bailey This work is the intellectual property of the author. Permission is granted for this material to be shared.

Project for OnLine Instructional Support (POLIS)

myIS.neu.edu – presentation screen shots accompany:

An App A Day Copyright Tina Oestreich and Brian Yuhnke This work is the intellectual property of the author. Permission is granted for this material.

Managing Enterprise Directories: Operational Issues

Enabling Applications to Use Your IdMS

Presentation transcript:

Educause 2006, Dallas TX What does a University need from Access Management? John Paschoud InfoSystems Engineer, LSE Library London School of Economics & Political Science, UK Copyright John Paschoud This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statements appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.

Educause 2006, Dallas TX | | Slide 2 Our Situation We’re a world-class university, teaching & researching in a specialised field (Social Sciences) Our staff & students frequently work off-campus - but they still want access to all the services & information sources we provide Our Library (possibly the world’s largest specialising in the Social Sciences) is also used by researchers from many other universities, governments, and other organisations

Educause 2006, Dallas TX | | Slide 3 What do Our Users Want? Single Sign-On (as far as possible) –to our own services, and to all the resources we subscribe on their behalf –no need to remember so many passwords for different services Access from Anywhere –from home, travelling, or working at other institutions or libraries Improved privacy –of personal information, and of research being pursued

Educause 2006, Dallas TX | | Slide 4 What do We want? Improved security for licensed resources, so publishers we deal with are happy (and generous!) Good privacy-protection for users, to meet our legal obligations Low-hassle support for our on-campus and mobile users Opportunity for ‘fine-grain’ authorization control, so we can know (and manage) Who-Has-Access-to-What Access for visiting users to whatever they are entitled –by their home institutions –…which we don’t need to know about!

Educause 2006, Dallas TX | | Slide 5 Costs and Benefits of Shibboleth? Costs: Institution’s directory must be in good shape and set up to support a Shibboleth Identity Provider (IdP) Shibboleth middleware needs installing and maintaining Benefits: Reduced overheads in password support No difference in on-campus and off-campus access More flexible access control – e.g. different categories of users to different levels of access (or none) to a resource Access control maintenance for internal services (most with role-based access) is eliminated!

Educause 2006, Dallas TX | | Slide 6 Appropriate Division of Labo(u)r With Shibboleth, Access Management functions are carried out by appropriate parties: –Identity Provider (a university) does Authentication (of it’s own registered users) –Service Provider (a publisher) does Authorization ideally based on role (“student”) and affiliation (“lse.ac.uk”)

Educause 2006, Dallas TX | | Slide 7 The University as Service Provider (too) We can share resources in collaborations within the academic community –providing controlled access to users from other institutions, without needing to administer usernames/passwords for them –as LSE and Columbia (NY) did for a collaborative Anthropology teaching project (DART) We can set up our repository, e-learning or any other service as a Service Provider –as LSE has done for Exam Papers and other ‘members only’ collections

Educause 2006, Dallas TX | | Slide 8 (LSE internal Exam Papers collection)

Educause 2006, Dallas TX | | Slide 9 So… What does Shibboleth access look like, to end-users? A user can go direct to the URL she knows for a resource –then select LSE as her Identity Provider –then login to the resource, via Shibboleth

Educause 2006, Dallas TX | | Slide 10

Educause 2006, Dallas TX | | Slide 11

Educause 2006, Dallas TX | | Slide 12

Educause 2006, Dallas TX | | Slide 13

Educause 2006, Dallas TX | | Slide 14

Educause 2006, Dallas TX | | Slide 15

Educause 2006, Dallas TX | | Slide 16 So… What does Shibboleth access look like, to end-users? A user can go direct to the URL she knows for a resource –then select LSE as her Identity Provider –then login to the resource, via Shibboleth Or… Our Library can provide links embedding all of this, so that the access process is (almost) transparent (we use Endeavor’s Encompass library portal, but links in a static web page of library resources can do this just as well)

Educause 2006, Dallas TX | | Slide 17

Educause 2006, Dallas TX | | Slide 18

Educause 2006, Dallas TX | | Slide 19 What to tell the Users? As little as possible! There are no new usernames and passwords to distribute (and remind of when forgotten or lost) One strand of the change management will be to remove references to former (Athens) passwords from user guides etc The changeover can’t be done instantly, so… LSE now tells users that “your LSE Login” is the default access for everything

Educause 2006, Dallas TX | | Slide 20 Many LSE electronic resources can also be accessed off-campus via your LSE login (network username and password).

Educause 2006, Dallas TX | | Slide 21 What to tell the Users? As little as possible! There are no new usernames and passwords to distribute (and remind of when forgotten or lost) One strand of the change management will be to remove references to former (Athens) passwords from user guides etc The changeover can’t be done instantly, so… LSE now tells users that “your LSE Login” is the default access for everything …and provides online help with the diminishing number of exceptions

Educause 2006, Dallas TX | | Slide 22

Educause 2006, Dallas TX | | Slide 23 What to tell the Users? As little as possible! There are no new usernames and passwords to distribute (and remind of when forgotten or lost) One strand of the change management will be to remove references to former (Athens) passwords from user guides etc The changeover can’t be done instantly, so… LSE now tells users that “your LSE Login” is the default access for everything …and provides help with the diminishing number of exceptions There’s no reason to explain Shibboleth or how it works (and most users don’t care) …but links to information is provided for the curious (or we’d just be answering lots of Freedom of Information requests from conspiracy theorists!)

Educause 2006, Dallas TX | | Slide 24

Educause 2006, Dallas TX | | Slide 25 Links LSE Library: library.lse.ac.uklibrary.lse.ac.uk Shibboleth: shibboleth.internet2.edushibboleth.internet2.edu