outline - cni: coalition for networked information€¦ · • mobile and remote access • ... –...
TRANSCRIPT
Outline
• Background–thejourneyfromprinttodigital• ResourceAccess:theuserexperiencetoday• RA21Problemstatement• Howdoweproposetofixthis• JointprojectSTM-NISO-URA• RA21Pilotprogram2017• CalltoacOon–wanttojoin?
Late 20th Century: from Print to Digital
2
• Institution to purchase from the publisher • Institution to lend to its users • Single point of entry • Simple transaction • Library cards • Lock the doors at night • Must return after use • Prohibitively expensive to make copies of entire
collections
• Imitate print experience • Optimize for ease of implementation • IP Authentication
21st Century: digital and remote
3
• Technology evolved • Multiple entry points • Mobile and remote access • Cumbersome user experience • Easy to download an entire library
RA21ProblemStatement• AccesstoSTMcontentandresourcesistradiOonallymanagedviaIPaddress
recogniOon.• Forthepast20years,thishasprovidedseamlessaccessforuserswhenon
campus• However,withmodernexpectaOonsoftheconsumerweb,thisapproachis
increasinglyproblemaOc:– Userswantseamlessaccessfromanydevice,fromanylocaOon– Usersincreasinglystarttheirsearcheson3rdpartysites(e.g.Google,PubMed)rather
thanpublisherpla^ormsorlibraryportalsandrunintoaccessbarriers– ApatchworkofsoluOonsexisttoprovideoff-campusaccess:proxyservers,VPNs,
Shibboleth,howevertheuserexperienceisinconsistentandconfusing– Publishersarefacinganincreasingvolumeofillegaldownloadsandpiracy,andfraud
isdifficulttotrackandtracebecauseofinsufficientinformaOonabouttheenduser– Thelackofuserdataalsoimpedesthedevelopmentofmoreuser-focused,
personalizedservicesbypublishers.– TheincreaseinprivacyandfraudalsoposesasignificantrisktocampusinformaOon
security
12
Fundamental Expectations of the Community – Researchers
• Seamlessaccesstosubscribedresources,fromanydevice,fromanylocaOon,fromanystarOngpoint
• Aconsistent,intuiOveuserexperienceacrossresources
• Increasedprivacyofpersonaldata• Streamlinedtextanddatamining
13
Fundamental Expectations of the Community – Resource Providers
• AbilitytoprovideindividualizedanddifferenOatedaccessforbecerreporOngtogoverningbodiesandcustomers
• Abilitytoofferpersonalizedservicestoaccelerateinsightanddiscovery
• AbilitytoensuretheintegrityofcontentonbothinsOtuOonalandcommercialpla^orms
Fundamental Expectations of the Community – Customers
• MinimizaOonofadministraOveburdenofprovidingaccesstoauthorizedusercommuniOes
• MaximizaOontheuseoftheresourcespurchased• ProtecOonoftheprivacyofusercommuniOesandadvocacyfortheirsecurity
RA21 Guiding Principles 1. Theuserexperienceforresearcherswillbeasseamlessaspossible,intuiOveand
consistentacrossvariedsystems,andmeetevolvingexpectaOons.2. ThesoluOonwillworkeffecOvelyregardlessoftheresearcher’sstarOngpoint,physical
locaOon,andpreferreddevice.3. ThesoluOonwillbeconsistentwithemergingprivacyregulaOons,willavoidrequiring
researcherstocreateyetanotherID,andwillachieveanopOmalbalancebetweensecurityandusability.
4. Thesystemwillachieveend-to-endtraceability,providingarobust,widelyadoptedmechanismfordetecOngfraudthatoccursatinsOtuOons,vendorsystems,andpublishingpla^orms.
5. ThecustomerwillnotbeburdenedwithadministraOveworkorexpensesrelatedtoimplementaOonandmaintenance.
6. TheimplementaOonplanshouldallowforgradualtransiOonandaccountfordifferentlevelsoftechnicalandorganizaOonalmaturityinparOcipaOnginsOtuOons.
16
Progressin2017• FormalapprovalfromSTMBoardandNISOTopicCommiceeto
moveforwardasajointiniOaOve• IniOalfundingprovidedbyparOcipaOngpublishers• Twodedicatedstaffbroughtonboardtodrivepilots:
JuliaWallace• ProgramDirector• [email protected]
HeatherFlanagan• ProjectCoordinator• [email protected]
Pilot program • PilotprogramthroughQ42017
– Broadspectrumofstakeholders– Addressavarietyofusecases– Includesbothacademicandcorporateefforts
• Selforganized,registeredandtrackedunderthelargerumbrellaofRA21
• Feedbackandresultssharedwiththecommunity
• UlOmategoals– MoveawayfromIPauthenOcaOon–lackofscale– Balancewiththeconceptofprivacy(GeneralDataProtecOonRegulaOon2018)– CreateasetofbestpracOcerecommendaOonsforidenOtydiscovery
Importanttohavemul/plepilotssowecanaddresstheproblemfrommul/pleangles
18
• URApilotparOcipants– PharmaDocumentaOonRing(P-D-R)membercompanies– Scholarlypublishers– IAMvendors
• URApilotgoals– ValidaOonofSAML-basedfederatedauthenOcaOoninlieuofIP-based
authenOcaOonforaccesstoscholarlyresources.– DemonstraOonofaconsistentandstreamlineduserexperiencefor
userauthenOcaOonacrossmulOpleSTMpublishersites;regardlessoftheuser’slocaOonanddeviceused.
– PotenOaluseofcustomizedidenOtyacributestofacilitategranularusagereporOng.
Underway: Corporate Pilot – URA
ThreePilotGroupsbeingformed:1. P3W–PrivacyPreservingPersistentWAYF
Pilot2. TheAcademicShared‘Whereareyou
from’(WAYF)Pilot3. Client-basedWAYFPilot
• AllseektoaddresstheUserExperienceforoff-campusaccess
Academic Pilots – RA21
• ImprovecurrentIdenOtyProviderselecOonprocessprocessby– Improvingsign-inUXflow– UsingaddiOonal‘WAYFhints’fromfederaOonmetadata
• Enablecross-providerpersistenceofWAYFchoiceusingbrowserlocalstorage(avoidingprivacyproblems)
MoredetailsatPrivacyPreservingPersistentWAYF
P3WPilotObjecCves
• Provideseamlessaccessacrosscontentproviders
• Createauniversalsessionstatestoredinacentral“sharedWAYF”service
• ProvideeasyintegraOonpoints–formaximumparOcipaOon
• LooktoformapotenOalindustrystandardforuserbasedauthenOcaOon
MoredetailsatSharedWAYF
SharedWAYFPilotObjecCves
• ImproveIdenOtyProvider(IdP)discoveryprocesses– UseashareddiscoveryservicethatusesbothbrowserinformaOonandsharedmetadatahintstonarrowdownIdPopOonsfortheuser
• DeterminethebestwaytopopulatethemetadataregistrywithhintsfromtheServiceProvidersregardingwhatIdPsarelikelytoworkinanauthorizaOonscenario
MoredetailsatClient-basedWAYF
Client-basedWAYFObjecCves
• AnumberofpublishersandinsOtuOonshavesigneduptoparOcipate
• Currentlyatearly-stagesofformaOon,butlookingtoprogressswitly
• LibrariesarecriOcaltoengagingtheuserandcollecOngfeedback
• PublisherswillneedtobepreparedtoimplementPoCsorprototypes
• CampusesandidenOtyfederaOonswillneedtobepreparedtoprovideinputandexperOse
AcademicPilots – Progress
Wanttojoinus?
• Visit:www.RA21.organdhcp://www.stm-assoc.org/standards-technology/ra21-resource-access-21st-century/
• RegisteryourinterestinparOcipaOonbyemailing:[email protected]@RA21.org
25