One of the lawful uses of in-copyright works HathiTrust has been pursuing is to provide access on an institutional basis to works that fall under United States Copyright Law Section 108 conditions: works in HathiTrust that are not available on the market at a fair price, and for which print copies owned by HathiTrust member institutions are damaged, deteriorating, lost or stolen. As a part of becoming a member, institutions are required to submit information about their print holdings for fee calculation purposes. We have also been requesting information about the holdings status and condition of works, to facilitate uses of works where permissible by law (specifications for HathiTrust holdings data are available at http://www.hathitrust.org/print_holdings).
This is a preview of Interesting Shibboleth Use Case: Enforcing Geographic Restrictions. Read the full post (898 words, 3:36 minutes estimated reading time)
One of the great things about the Shibboleth inter-institution single sign-on software package is the ability for the Identity Provider to limit how much a Service Provider knows about a user’s request for service. (Not familiar with those capitalized terms? Read on for definitions.) But with this capability comes great flexibility, and with the flexibility can come lots of management overhead. So I was intrigued to see the announcement for an online webinar from the InCommon Shibboleth Federation with the title “The Challenges of User Consent” covering the issues of managing who gets access to what information about users.
This is a preview of “The Challenges of User Consent” — Handling Shibboleth User Attributes. Read the full post (626 words, 2:30 minutes estimated reading time)
Building on the shoulders of others — isn’t that how that quote goes? There has been a stack of printouts on my desk for a while now for various access management and service provisioning technologies. Rather than keep the paper, I’m putting the list here so I know how to get back to them if/when I need to. (Of course, along the way if you’d like to comment on them or suggest others to look at, please feel free to do so in the comments.) Note, too, that by listing them here I’m not proposing, or even sure if, all of these pieces come together to a coherent structure.
This is a preview of Access Management and Provisioning Technology. Read the full post (549 words, 2:12 minutes estimated reading time)
Mike Teets of OCLC and I teamed up to write an article on Metasearch Authentication and Access Management for this month’s D-Lib Magazine. The first part of the article is a bit of a primer on access management techniques followed by a survey and analysis of access management schemes in use last year. The key part, I think, is the “Recommendations” (access restrictions by IP address plus authenticated proxy servers is the best one can hope for right now) and “Next Steps” (Shibboleth is superior to other access control mechanisms beyond IP/proxy that one might consider, but there is lots of work to be done).
This is a preview of Authentication and Access in a Metasearch Environment. Read the full post (282 words, 1:08 minutes estimated reading time)
OhioLINK is seeking candidates to fill a newly-created position: Systems Engineer – Access Manager. This position will work with other OhioLINK staff in providing support of daily operations and will serve a primary role as Access Manager. As Access Manager, this position will support users who are experiencing access issues to OhioLINK’s databases and services including IP management, remote authentication, Shibboleth implementation, and analyzing networking issues.
This is a preview of OhioLINK is seeking to fill a Systems Engineer position. Interested?. Read the full post (201 words, 48 seconds estimated reading time)