1 / 27

Shibboleth federations: A Publisher’s Perspective

Learn about the impact of belonging to multiple federations from a vendor's perspective, specifically focusing on ScienceDirect, Elsevier's online platform for full-text content. Explore the history, benefits, challenges, and future of Shibboleth authentication in ScienceDirect.

carder
Télécharger la présentation

Shibboleth federations: A Publisher’s Perspective

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Shibboleth federations: A Publisher’s Perspective Terena EuroCAMP Malaga, October 18-19, 2006 Ale de Vries Product Manager ScienceDirect Elsevier

  2. About me • Ale: “Aah-luh”. Nothing to do with beer. Really. • Product Manager for ScienceDirect, a.o. authentication, interoperability, library integration • Service Provider • Not a techie

  3. Agenda The impact of belonging to multiple federations from a vendor’s perspective • ScienceDirect background • Our thoughts on authentication • History of Shib@SD • Business and policy issues • Challenges and the future

  4. Elsevier’s primary online platform for full-text content • Originally only locally hosted content (1994 onwards) • 1999: commercial launch of online platform: www.sciencedirect.com Some facts: • >2,000 journals, >160 Book Series, 50 reference works • Advanced browse and search, personalized alerts, history • Extensive article and entity linking, federated searching • Supports institutional subscriptions and individual article purchases

  5. ScienceDirect background

  6. Our imperative No matter what, we will always provide...: • anonymous blanket access • optional personalized services in exchange of basic registration ... using whatever methods are common practice with our customers

  7. Shib benefits as we see them • Replacement for IP authentication for on-site access • Remote access! and personalization using local credentials (no more post-its) • Bottom line:helps us provide the broadest possible access to our customers’ user communities

  8. Shib & SD history: ramp-up… • April 2002: Attended DLF/CNI workshop at NYU • Held workshops with to involve customers and Internet 2 in the design process: • Findings: • Anonymous non-personalized access a must • Provide option to personalize if an opaque, unique user identifier supplied (targeted ID) via normal end-user registration • Needed support for deep linking • May 2004: Initial Shib release • Support for a single Federation …initially InQueue • Based on Shib v1.1 software

  9. Shib & SD history: … testing… • May-Dec 2004: Pilot test • Participants: Dartmouth; Georgetown; NYU; UCSD; Penn State • Pilot aims: • To determine what it takes to get campuses up and running with authentication via Shibboleth. • To determine what end-user issues arise form the Shibboleth implementation on ScienceDirect. • No major problems getting up and running • Some issues with attributes, release policies, firewalls • None of the pilot participants rolled out access to broad user community

  10. Shib & SD history: … production! • Feb 2005: Moved in InCommon (US Production Federation) • First vendor to use InCommon in production • July 2005: Multi-federation support released • Held more design workshops - findings: • Need flexibility in which attribute assertions to request, according to Federation rules • Main issue is branding and IdP discovery in a multi-federation world • We have to know which WAYF to send user to…

  11. The business side of things • Policies • Legal framework • User flow with multiple federations

  12. Our policy (>90% of our licenses): All authorized users can use ScienceDirect under a site license

  13. Authorized users: Full-time and part-time students, faculty, staff, researchers, and independent contractors of the Subscriber affiliated with the Subscriber’s locations, and individuals using computer terminals within the library facilities at the Sites permitted by the Subscriber to access the Licensed Products through the Subscriber’s secure network. = pretty much anyone that the customer trusts

  14. Policies Where are you from? = All we need to know urn:mace:dir:entitlement:common-lib-terms

  15. Legal stuff • Trust relationship between Elsevier and IdP: covered by SD license • Trust relationship between Elsevier and user: covered by Terms & Conditions and Privacy Policy • Trust relationship between Elsevier and Federation: ?

  16. Legal stuff What’s to be trusted? • Safe end user data • Stable infrastructure • Up-to-date metadata • Good performance • No abuse • Intellectual property • Nobody backs out Not much to protect under current model Not really an issue with small-scale federations (pilots)

  17. Legal stuff Our approach: • Small-scale federations and pilots: no formal agreement (keep the lawyers out ;-) ) • Production-strength, full-scale federations: have at least SOME form of documented agreement covering the essentials

  18. Multiple federations

  19. The WAYF issue • WAYF page: from what institution are you? • Normally operated by federation • Multi-federation support means: from what federation are you? • No-one runs a WAYF of WAYFs End users don’t understand the federation concept  … but federations are geographically oriented! • Elsevier’s solution: implement WAYF-functionality inside ScienceDirect • Label federations geographically

  20. Confederating = Inter-federating ? (...because it’s simplest?)

  21. Driving Adoption What can federations do: • Standardisation across federations is needed to ease SP implementation, especially • Attribute syntax and semantics (good progress recently!) • Certificates • Metadata distribution policy • IdP granularity • Advice: do what’s been done before, don’t reinvent the wheel

  22. Driving Adoption What should publishers do: • Act now! • Get in touch with your customers and the community • Understand the concepts and architecture • Understand the benefits • Added value for users • Business models • Operational efficiencies • Piracy

  23. Final thoughts • Technology complex and still evolving • Federations still getting their feet wet • Need to make implementation easier for smaller customers and vendors • Elsevier will stick to this • What will make this fly?

  24. Thank you – Any Questions!Further information:Technology: Chris Shillum (c.shillum@elsevier.com)Product Manager: Ale de Vries (ale@elsevier.com)

  25. End of presentation…

More Related