Presentation is loading. Please wait.

Presentation is loading. Please wait.

ESTABLISHING SUGGESTED PRACTICES REGARDING SINGLE SIGN ON UPDATE Heather Ruland Staines Charleston, November 2011.

Published byMicah Parkes Modified over 10 years ago

Similar presentations

Presentation on theme: "ESTABLISHING SUGGESTED PRACTICES REGARDING SINGLE SIGN ON UPDATE Heather Ruland Staines Charleston, November 2011."— Presentation transcript:

1 ESTABLISHING SUGGESTED PRACTICES REGARDING SINGLE SIGN ON UPDATE Heather Ruland Staines Charleston, November 2011

2 ESPReSSO Timeline  In 2009, NISO launched a new Chair's Initiative—a project of the chair of NISO’s Board of Directors, focusing on perfecting a seamless, item-level linking through single sign-on authentication technologies in a networked information environment.  Fall 2009: Working Group meetings begin.  2010: Sub-groups meet. Feedback collected from publishers.  May 24, 2011: Draft posted for 30 day public comment.  Summer 2011: Working group addressed comments.  October 27, 2011: Publication of Suggested Practice

3 The Challenges Authentication has become complex for several reasons:  Users now have more options as to how and where to enter a publisher’s site. This makes a consistent, coherent user experience more difficult.  Users may experience multiple authentication mechanisms. The user’s physical location could affect the browser flows and authentication mechanisms they see. Within the publisher site, the user might navigate from a public page to a protected page, triggering authentication.  Publishers must present and support multiple authentication mechanisms, necessitating a usable authentication GUI interface that combines multiple methods and that can be used successfully by people with a low familiarity with technical concepts.  Campuses have deployed various approaches to authentication, some requiring users to be able to use, handle, and manipulate proxy-prefixed URLs that are incomprehensible to the average person.

4 Goal of the Recommendations:  The recommendations specifically address:  typical browser flows  the sequence of pages presented to users  page layout, what information to include in each of those pages  consistent GUI elements  additional features and functionality to provide users with added value.  Provide users with a consistent experience across a multitude of sites and situations.  Reduce user confusion and aborted sessions during the discovery/login process by using a consistent set of visual elements  Be straightforward and easy to implement for both IdP (Identity Providers) and SP (Service Provider) sites.

5 The Team Last, FirstCompany Carmody, StevenBrown University Cervone, FrankPurdue University Calumet Chandler, AdamCornell University Library Ciuffetti, PeteCredoReference Dale, AndyOCLC Online Computer Library Center Ferry, KristineUniversity of California, Irvine Ingham, AndyUniversity of North Carolina Chapel Hill Libraries Kaplanian, HarrySerials Solutions, Inc. Kennedy, DavidJohns Hopkins University Library Koppel, TedAuto-Graphics, Inc. Lengwenat, Ms. UlrikeSpringer Noerr, PeterMuse Global, Inc. Norris, LynEduserv Patel, KishorProQuest Pesch, OliverEBSCO Information Services Staines, HeatherSpringer van Lierop, PieterInfor Library and Information Solutions Walsh, RobertEnvisionWare, Inc. Zhang, FosterJohns Hopkins University Library

6 Accomplishments  Include input from publishers and providers:  Springer (MetaPress)  Elsevier  Nature Publishing Group  Wiley  Oxford University Press  Cambridge University Press  IEEE  AIP  Ithaka/JSTOR  EBSCO  H.W. Wilson  Semantico  High Wire  IOP

7 Recommendations for Service Providers (SPs), Licensee Organizations (LO), and Identity Providers (IdPs)  SPs continue to support multiple authentication options during this time of transition.  SPs and LOs move quickly to reduce reliance on IP- based access control. There are many security issues with this approach and it is no longer adequate in today’s rapidly ubiquitous computing environment.  SPs and LOs move quickly to deprecate userids/passwords validated at the service provider site.  SPs and LOs move quickly to implement and use standards-based federated authentication.

8 Recommendations for Service Providers (SPs), Licensee Organizations (LO), and Identity Providers (IdPs) (con’t)  SPs adopt standard placement/wording of the login link on all the public pages on their site.  SPs present a standard approach (discovery) for guiding the user to the desired authentication method.  IdPs create a consistent experience as the user moves from SP to IdP to SP.  SP and IdP web designers insert branding at appropriate places in the flow to provide visual feedback that the flow is progressing as expected.  SPs offer a single url point of access for IP authentication and Federated Login.

9 Example of SP recommendations:

10 Example of IdP Recommendations:

11 Questions and More Information  SSO website: www.niso.org/workrooms/sso  SSO Interest Group list: www.niso.org/lists/ssoinfo  SSO Charge: www.niso.org/workrooms/sso/charge  Heather Staines  Heather.Staines@springer.com

Download ppt "ESTABLISHING SUGGESTED PRACTICES REGARDING SINGLE SIGN ON UPDATE Heather Ruland Staines Charleston, November 2011."

Similar presentations

Suchin Rengan Principal Technical Architect Salesforce.com

Suchin Rengan Principal Technical Architect Salesforce.com
Support.ebsco.com EBSCOadmin Branding Tutorial. Welcome to the EBSCOadmin Skinning and Branding tutorial, where you will learn how to customize EBSCOhost.

Support.ebsco.com EBSCOadmin Branding Tutorial. Welcome to the EBSCOadmin Skinning and Branding tutorial, where you will learn how to customize EBSCOhost.
EBSCOadmin Authentication

EBSCOadmin Authentication
Creating an EDS Search Box Using EBSCO’s Search Box Builder Tool

Creating an EDS Search Box Using EBSCO’s Search Box Builder Tool
Usage Statistics in Context: related standards and tools Oliver Pesch Chief Strategist, E-Resources EBSCO Information Services Usage Statistics and Publishers:

Usage Statistics in Context: related standards and tools Oliver Pesch Chief Strategist, E-Resources EBSCO Information Services Usage Statistics and Publishers:
Supply Models What are publishers offering and how can libraries access electronic journals and scholarly databases?

Supply Models What are publishers offering and how can libraries access electronic journals and scholarly databases?
ESPRESSO (ESTABLISHING SUGGESTED PRACTICES REGARDING SINGLE SIGN ON) UPDATE Heather Ruland Staines Society for Scholarly Publishing, June 2011.

ESPRESSO (ESTABLISHING SUGGESTED PRACTICES REGARDING SINGLE SIGN ON) UPDATE Heather Ruland Staines Society for Scholarly Publishing, June 2011.
Web Page Training Summer 2014 Presented by: Mountain Brook Schools Tech Team.

Web Page Training Summer 2014 Presented by: Mountain Brook Schools Tech Team.
ESPRESSO (ESTABLISHING SUGGESTED PRACTICES REGARDING SINGLE SIGN ON) UPDATE Heather Ruland Staines Electronic Resources & Libraries, March 2011.

ESPRESSO (ESTABLISHING SUGGESTED PRACTICES REGARDING SINGLE SIGN ON) UPDATE Heather Ruland Staines Electronic Resources & Libraries, March 2011.
2/23/2005 1 Enterprise Web Accessibility Standards Version 2.0 WebMASSters Presentation 2/23/2005.

2/23/ Enterprise Web Accessibility Standards Version 2.0 WebMASSters Presentation 2/23/2005.
Redesigning the Graphical Interface of the CreativeEDU Web Application By Ulysses Lamont Cannon & Hínár György Polczer INLS 180 - S ummer 2006.

Redesigning the Graphical Interface of the CreativeEDU Web Application By Ulysses Lamont Cannon & Hínár György Polczer INLS S ummer 2006.
Research databases in a mobile computing environment Ya Wang Electronic Collections Coordinator San Francisco State University San Diego, CA January 9,

Research databases in a mobile computing environment Ya Wang Electronic Collections Coordinator San Francisco State University San Diego, CA January 9,
People Technical AdvisorsAcademic AdvisorFinal Project By Prof. Shlomi Dolev Prof. Ehud Gudes Boaz Hilemsky Dr. Aryeh Kontorovich Moran Cohavi Gil Sadis.

People Technical AdvisorsAcademic AdvisorFinal Project By Prof. Shlomi Dolev Prof. Ehud Gudes Boaz Hilemsky Dr. Aryeh Kontorovich Moran Cohavi Gil Sadis.
Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.

Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.
Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.

Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.
User Centered Web Site Engineering Part 2. Developing Site Structure & Content Content View Addressing content Outlining content Creating a content delivery.

User Centered Web Site Engineering Part 2. Developing Site Structure & Content Content View Addressing content Outlining content Creating a content delivery.
A Guide to Using Partner Publishers’ Resources (module 3)

A Guide to Using Partner Publishers’ Resources (module 3)
Www.eduserv.org.uk/openathens Alumni Authentication… Explained Robert Scaysbrook – OpenAthens UK Account Manager.

Alumni Authentication… Explained Robert Scaysbrook – OpenAthens UK Account Manager.
A GUIDE TO SHAREPOINT 2007 CUSTOMIZATION OPTIONS Heather Solomon, WSS MVP.

A GUIDE TO SHAREPOINT 2007 CUSTOMIZATION OPTIONS Heather Solomon, WSS MVP.
Chapter 9 Collecting Data with Forms. A form on a web page consists of form objects such as text boxes or radio buttons into which users type information.

Chapter 9 Collecting Data with Forms. A form on a web page consists of form objects such as text boxes or radio buttons into which users type information.

Similar presentations

Ads by Google