Access and Identity Management for Libraries: Controlling Access to Online Information

Masha Garibyan Simon McLeish John Paschoud

Customers outside of North America (USA and Canada) should contact Facet Publishing for purchasing information.

Price:

$86.99

ALA Member

$78.29

Item Number:

978-1-85604-588-9

Published:

2013

Publisher:

Facet Publishing, UK

Pages:

272

Width:

Height:

Format:

Softcover

Description
Table of Contents
About the Authors

With the rapid increase in the use of electronic resources in libraries, managing access to online information is a constant challenge for librarians. Written by experts in the field, this book is the first to explain the principles behind access management, with coverage of the available technologies and how they work. Also included is an overview of federated access management technologies, such as Shibboleth, that have gained increasing international recognition in recent years. This book provides detailed case studies describing how access management is being implemented at organizational and national levels in the UK, USA, and Europe, providing a practical guide to the resources available to help plan, implement and operate access management in libraries. Key topics include:

What is access management and why libraries do it
Electronic resources: public and not so public
Principles and definitions of identity and access management
Current access management technologies
Authentication technologies
Authorization based on physical location
Authorization based on user identity or affiliation
Federated access: history, current position and future developments
Internet access provided by (or in) libraries
Library statistics
The business case for libraries

This is essential reading for all who need to understand the principles behind access management or implement a working system in their library.

Foreword - Clifford Lynch

1. What is access management, and why do libraries do it?

Historical role of libraries in managing access to information

The role of libraries in the 21st century

The history of access management of online information resources

The role of e-commerce in library access management

The ‘birth' of access management principles – Clifford Lynch's white paper

2. Electronic resources: public and not so public

Managing access to electronic collections

How and where users may want to access e-resources

What needs to be protected, and why

Commercially produced resources that need to be protected

Publicly available information that may also require access management

Publishers and licensing issues

Library management of licences

Summary

References

3. Principles and definitions of identity and access management

Introduction

Managing access? . . . or identities? . . . or both?

The business relationships

The processes of identity and access management

Identifying the person using a resource – or not

Obligations to protect personal data about users

Summar

References

4. Current access management technologies

IP address

Barcode patterns

Proxy servers

Shared passwords

User registration with publishers

Federated access

Summary

5. Authentication technologies

‘Something you know, something you have, or something you are'

Authentication technologies overview

Authentication by third parties

Choosing an authentication system

6. Authorization based on physical location: how does the internet know where I am?

Introduction

Domains and domain names

(How) is all this governed?

IP addresses

IP spoofing

Benefits and problems of using IP address-based licensing

Summary

References

7. Authorization based on user identity or affiliation with a library: who you are? or what you do?

Basing access on identity, or on affiliation with a library

Role-based authorization

Matching roles against licence conditions

Benefits of role-based authorization

Summary

References

8. Federated access: history, current position and future developments

Single sign-on and the origins of federated access management

The development of standards

Federated access in academia

Future of federated access

References

9. How to choose access management and identity management products and services

Introduction

Identity management and access management solution capabilities

Establishing requirements with suppliers

Asserting library requirements in a wider-scale system procurement

Implementation options

The range of access and identity management products

Conclusions

References

10. Internet access provided by (or in) libraries

Introduction

Wired access

Wireless access

Public access issues

Summary

References

11. Library statistics

Why libraries collect electronic resource usage statistics

Challenges in collecting electronic resource usage data

How libraries collect usage data

Concluding thoughts

References

12. The business case for libraries

Introduction

Key benefits of quality identity management

Designing an IdM project

Putting together a business case

Conclusion

References and further reading

Afterword

References

Appendix 1: Case studies

Extending access management to business and community engagement

activities at Kidderminster College, UK

Moving from Athens to Shibboleth at University College London, UK

Online reciprocal borrowing registration for Western Australian University Libraries

Library and IT collaboration: driving strategic improvements to identity and access management practices and capabilities

Managing affiliated users with federated identity management at UNC-Chapel Hill, USA

Tilburg University and the SURFfederatie, the Netherlands

Delivering access to resources in a joint academic and public library building

Single sign-on across the USMAI Consortium, USA

Appendix 2: A White Paper on Authentication and Access Management Issues in Cross-organizational Use of Networked Information Resources.

Masha Garibyan

Simon McLeish

Simon McLeish is Resource Discovery Architect at the Bodleian Libraries, University of Oxford, UK, and previously worked at the London School of Economics and Political Science (LSE) and as an independent IT professional, specializing in Identity and Access Management.John Paschoud has been an IT professional since 1972. As Projects Manager at the LSE Library he led a series of projects which identified and established the technologies for federated access that are now most widely used by academic libraries. As a consulting information systems engineer he now specializes mainly in government and education fields, and is a member of the Technical Advisory Group to the UK Access Management Federation for Education and Research.

John Paschoud

John Paschoud has been an IT professional since 1972. As Projects Manager at the LSE Library he led a series of projects which identified and established the technologies for federated access that are now most widely used by academic libraries. As a consulting information systems engineer he now specializes mainly in government and education fields, and is a member of the Technical Advisory Group to the UK Access Management Federation for Education and Research.

Also of Interest:

Image for Resource Discovery for the Twenty-First Century Library: Case Studies and Perspectives on the Role of IT in User Engagement and Empowerment

Resource Discovery for the Twenty-First Century Library: Case Studies and Perspectives on the Role of IT in User Engagement and Empowerment

Delivering Impact with Digital Resources: Planning Strategy in the Attention Economy

Lean Library Management: Eleven Strategies for Reducing Costs and Improving Services

A Guide to Research @ your library®

Running a Small Library, Second Edition: A How-To-Do-It Manual for Librarians

The Library’s Guide to Graphic Novels (An ALCTS Monograph)

The Purpose-Based Library: Finding Your Path to Survival, Success, and Growth—eEditions e-book

Neal-Schuman Library Technology Companion: A Basic Guide for Library Staff, Sixth Edition