Presentation is loading. Please wait.

Presentation is loading. Please wait.

Educause 2006, Dallas TX What does a University need from Access Management? John Paschoud InfoSystems Engineer, LSE Library London School of Economics.

Published byAbigayle Gregory Modified over 9 years ago

Similar presentations

Presentation on theme: "Educause 2006, Dallas TX What does a University need from Access Management? John Paschoud InfoSystems Engineer, LSE Library London School of Economics."— Presentation transcript:

1 Educause 2006, Dallas TX What does a University need from Access Management? John Paschoud InfoSystems Engineer, LSE Library London School of Economics & Political Science, UK J.Paschoud@LSE.ac.uk Copyright John Paschoud 2006. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statements appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.

2 Educause 2006, Dallas TX | | Slide 2 Our Situation We’re a world-class university, teaching & researching in a specialised field (Social Sciences) Our staff & students frequently work off-campus - but they still want access to all the services & information sources we provide Our Library (possibly the world’s largest specialising in the Social Sciences) is also used by researchers from many other universities, governments, and other organisations

3 Educause 2006, Dallas TX | | Slide 3 What do Our Users Want? Single Sign-On (as far as possible) –to our own services, and to all the resources we subscribe on their behalf –no need to remember so many passwords for different services Access from Anywhere –from home, travelling, or working at other institutions or libraries Improved privacy –of personal information, and of research being pursued

4 Educause 2006, Dallas TX | | Slide 4 What do We want? Improved security for licensed resources, so publishers we deal with are happy (and generous!) Good privacy-protection for users, to meet our legal obligations Low-hassle support for our on-campus and mobile users Opportunity for ‘fine-grain’ authorization control, so we can know (and manage) Who-Has-Access-to-What Access for visiting users to whatever they are entitled –by their home institutions –…which we don’t need to know about!

5 Educause 2006, Dallas TX | | Slide 5 Costs and Benefits of Shibboleth? Costs: Institution’s directory must be in good shape and set up to support a Shibboleth Identity Provider (IdP) Shibboleth middleware needs installing and maintaining Benefits: Reduced overheads in password support No difference in on-campus and off-campus access More flexible access control – e.g. different categories of users to different levels of access (or none) to a resource Access control maintenance for internal services (most with role-based access) is eliminated!

6 Educause 2006, Dallas TX | | Slide 6 Appropriate Division of Labo(u)r With Shibboleth, Access Management functions are carried out by appropriate parties: –Identity Provider (a university) does Authentication (of it’s own registered users) –Service Provider (a publisher) does Authorization ideally based on role (“student”) and affiliation (“lse.ac.uk”)

7 Educause 2006, Dallas TX | | Slide 7 The University as Service Provider (too) We can share resources in collaborations within the academic community –providing controlled access to users from other institutions, without needing to administer usernames/passwords for them –as LSE and Columbia (NY) did for a collaborative Anthropology teaching project (DART) We can set up our repository, e-learning or any other service as a Service Provider –as LSE has done for Exam Papers and other ‘members only’ collections

8 Educause 2006, Dallas TX | | Slide 8 (LSE internal Exam Papers collection)

9 Educause 2006, Dallas TX | | Slide 9 So… What does Shibboleth access look like, to end-users? A user can go direct to the URL she knows for a resource –then select LSE as her Identity Provider –then login to the resource, via Shibboleth

10 Educause 2006, Dallas TX | | Slide 10

11 Educause 2006, Dallas TX | | Slide 11

12 Educause 2006, Dallas TX | | Slide 12

13 Educause 2006, Dallas TX | | Slide 13

14 Educause 2006, Dallas TX | | Slide 14

15 Educause 2006, Dallas TX | | Slide 15

16 Educause 2006, Dallas TX | | Slide 16 So… What does Shibboleth access look like, to end-users? A user can go direct to the URL she knows for a resource –then select LSE as her Identity Provider –then login to the resource, via Shibboleth Or… Our Library can provide links embedding all of this, so that the access process is (almost) transparent (we use Endeavor’s Encompass library portal, but links in a static web page of library resources can do this just as well)

17 Educause 2006, Dallas TX | | Slide 17

18 Educause 2006, Dallas TX | | Slide 18

19 Educause 2006, Dallas TX | | Slide 19 What to tell the Users? As little as possible! There are no new usernames and passwords to distribute (and remind of when forgotten or lost) One strand of the change management will be to remove references to former (Athens) passwords from user guides etc The changeover can’t be done instantly, so… LSE now tells users that “your LSE Login” is the default access for everything

20 Educause 2006, Dallas TX | | Slide 20 Many LSE electronic resources can also be accessed off-campus via your LSE login (network username and password).

21 Educause 2006, Dallas TX | | Slide 21 What to tell the Users? As little as possible! There are no new usernames and passwords to distribute (and remind of when forgotten or lost) One strand of the change management will be to remove references to former (Athens) passwords from user guides etc The changeover can’t be done instantly, so… LSE now tells users that “your LSE Login” is the default access for everything …and provides online help with the diminishing number of exceptions

22 Educause 2006, Dallas TX | | Slide 22

23 Educause 2006, Dallas TX | | Slide 23 What to tell the Users? As little as possible! There are no new usernames and passwords to distribute (and remind of when forgotten or lost) One strand of the change management will be to remove references to former (Athens) passwords from user guides etc The changeover can’t be done instantly, so… LSE now tells users that “your LSE Login” is the default access for everything …and provides help with the diminishing number of exceptions There’s no reason to explain Shibboleth or how it works (and most users don’t care) …but links to information is provided for the curious (or we’d just be answering lots of Freedom of Information requests from conspiracy theorists!)

24 Educause 2006, Dallas TX | | Slide 24

25 Educause 2006, Dallas TX | | Slide 25 Links LSE Library: library.lse.ac.uklibrary.lse.ac.uk Shibboleth@LSE: www.angel.ac.uk/ShibbolethAtLSE/www.angel.ac.uk/ShibbolethAtLSE/ Shibboleth: shibboleth.internet2.edushibboleth.internet2.edu J.Paschoud@LSE.ac.uk

Download ppt "Educause 2006, Dallas TX What does a University need from Access Management? John Paschoud InfoSystems Engineer, LSE Library London School of Economics."

Similar presentations

PERSEUS : Portal-enabled Resources via Shibbolized End-user Security 16 May 2005JISC Core Middleware Programme Meeting, Loughborough 1 PERSEUS Project.

PERSEUS : Portal-enabled Resources via Shibbolized End-user Security 16 May 2005JISC Core Middleware Programme Meeting, Loughborough 1 PERSEUS Project.
Glenn Johnson John A. Dutton e-Education Institute Project Manager, Penn States e-Portfolio Initiative Glenn Johnson John A. Dutton e-Education Institute.

Glenn Johnson John A. Dutton e-Education Institute Project Manager, Penn States e-Portfolio Initiative Glenn Johnson John A. Dutton e-Education Institute.
“Build It and They Will Come, But Will They? A Poster Presentation by Abdul Shibli Harvard Graduate School of Education Cambridge, Massachusetts

“Build It and They Will Come," But Will They? A Poster Presentation by Abdul Shibli Harvard Graduate School of Education Cambridge, Massachusetts
What Does the Net Generation Expect From Us? SAC August 8, 2005 SAC August 8, 2005 Copyright © 2005, Joel L. Hartman. This work is the intellectual property.

What Does the Net Generation Expect From Us? SAC August 8, 2005 SAC August 8, 2005 Copyright © 2005, Joel L. Hartman. This work is the intellectual property.
KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.

KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.
DSpace: the MIT Libraries Institutional Repository MacKenzie Smith, MIT EDUCAUSE 2003, November 5 th Copyright MacKenzie Smith, 2003. This work is the.

DSpace: the MIT Libraries Institutional Repository MacKenzie Smith, MIT EDUCAUSE 2003, November 5 th Copyright MacKenzie Smith, This work is the.
While You Were Out: How Students are Transforming Information and What it Means for Publishing Kate Wittenberg The Electronic Publishing Initiative at.

While You Were Out: How Students are Transforming Information and What it Means for Publishing Kate Wittenberg The Electronic Publishing Initiative at.
The Academic Computing Assessment Data Repository: A New (Free) Tool for Program Assessment Heather Stewart, Director, Institute for Technology Development,

The Academic Computing Assessment Data Repository: A New (Free) Tool for Program Assessment Heather Stewart, Director, Institute for Technology Development,
Copyright Tom Parker, Ron DiNapoli, Andrea Beesing, Joy Veronneau 2004. This work is the intellectual property of the authors. Permission is granted for.

Copyright Tom Parker, Ron DiNapoli, Andrea Beesing, Joy Veronneau This work is the intellectual property of the authors. Permission is granted for.
Copyright Ellen C. Ramsey and Ryan P. Looney 2005. This work is the intellectual property of the author. Permission is granted for this material to be.

Copyright Ellen C. Ramsey and Ryan P. Looney This work is the intellectual property of the author. Permission is granted for this material to be.
Supporting and Hosting Web- Based Learning Systems Educause 2001 Charlene Douglas – Director Kathryn Gomm - Training Manager Sharon McCarrager – Accessibility.

Supporting and Hosting Web- Based Learning Systems Educause 2001 Charlene Douglas – Director Kathryn Gomm - Training Manager Sharon McCarrager – Accessibility.
PERSEU S : Portal-enabled Resources via Shibbolized End-user Security 17 March 2005IAMSECT Dissemination Event, Newcastle 1 Access to library resources:

PERSEU S : Portal-enabled Resources via Shibbolized End-user Security 17 March 2005IAMSECT Dissemination Event, Newcastle 1 Access to library resources:
Seeing the Forest and the Acorns in the Decision Tree Sandy Burke Computing Center HelpDesk Manager Copyright Sandy Burke, 2003. This work is the intellectual.

Seeing the Forest and the Acorns in the Decision Tree Sandy Burke Computing Center HelpDesk Manager Copyright Sandy Burke, This work is the intellectual.
Copyright (Diana Stuart Sinton, 2005). This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,

Copyright (Diana Stuart Sinton, 2005). This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
Cascade-Case based learning, presentation Educause 2003 Anaheim.

Cascade-Case based learning, presentation Educause 2003 Anaheim.
The Homegrown Single Sign On (SSO) Project at UM – St. Louis.

The Homegrown Single Sign On (SSO) Project at UM – St. Louis.
Copyright 2008, Elizabeth A. Evans. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,

Copyright 2008, Elizabeth A. Evans. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
ERP Security Checklist ENT 2007 Joy R. Hughes VPIT and CIO George Mason University Co-chair STF.

ERP Security Checklist ENT 2007 Joy R. Hughes VPIT and CIO George Mason University Co-chair STF.
Foundations of Excellence: Support Services for Online Learning Midwest Regional Conference, 2005 Chicago, Illinois Presenters: Diane Dates Casey Jan Engle.

Foundations of Excellence: Support Services for Online Learning Midwest Regional Conference, 2005 Chicago, Illinois Presenters: Diane Dates Casey Jan Engle.
Copyright Shanna Smith & Tom Bohman (2003). This work is the intellectual property of the authors. Permission is granted for this material to be shared.

Copyright Shanna Smith & Tom Bohman (2003). This work is the intellectual property of the authors. Permission is granted for this material to be shared.

Similar presentations

Ads by Google