Book contents
- Frontmatter
- Contents
- Foreword
- Acknowledgements
- Note to readers
- Glossary
- 1 What is access management, and why do libraries do it?
- 2 Electronic resources: public and not so public
- 3 Principles and definitions of identity and access management
- 4 Current access management technologies
- 5 Authentication technologies
- 6 Authorization based on physical location: how does the internet know where I am?
- 7 Authorization based on user identity or affiliation with a library: who you are? Or what you do?
- 8 Federated access: history, current position and future developments
- 9 How to choose access management and identity management products and services
- 10 Internet access provided by (or in) libraries
- 11 Library statistics
- 12 The business case for libraries
- Afterword
- Appendix 1 Case studies
- Appendix 2 A White Paper on Authentication and Access Management Issues in Cross-organizational Use of Networked Information Resources
- Index
3 - Principles and definitions of identity and access management
Published online by Cambridge University Press: 10 September 2022
- Frontmatter
- Contents
- Foreword
- Acknowledgements
- Note to readers
- Glossary
- 1 What is access management, and why do libraries do it?
- 2 Electronic resources: public and not so public
- 3 Principles and definitions of identity and access management
- 4 Current access management technologies
- 5 Authentication technologies
- 6 Authorization based on physical location: how does the internet know where I am?
- 7 Authorization based on user identity or affiliation with a library: who you are? Or what you do?
- 8 Federated access: history, current position and future developments
- 9 How to choose access management and identity management products and services
- 10 Internet access provided by (or in) libraries
- 11 Library statistics
- 12 The business case for libraries
- Afterword
- Appendix 1 Case studies
- Appendix 2 A White Paper on Authentication and Access Management Issues in Cross-organizational Use of Networked Information Resources
- Index
Summary
In order to understand the principles behind access management, it is useful to examine what constitutes an effective access management system. Clifford Lynch of the Coalition for Networked Information (Lynch, 1998) in his white paper on authentication and access management defined the key conceptual requirements and business relationships between publishers, libraries and users. This chapter also provides an overview of the key processes involved in access management: registration, authentication, authorization and accounting.
Introduction
Management of user access to online resources is something that most libraries need to do, in ways that strike a balance between three sometimes conflicting external pressures:
1 User demand Users want to access an information resource, as quickly and easily as possible. (If they don’t, why is the library providing it? Measuring the demand for and use of particular resources is the subject of Chapter 12).
2 Legal restrictions Usually imposed in the form of conditions attached to the licence or other contract between each resource owner or host and the library. Usually with the objective (from the suppliers’ point of view) of ensuring that their provision of a resource to users of the library is financially viable, bearing in mind whatever payment is involved. (There may also be restrictions on who can access some resources, not necessarily financial and not necessarily imposed by the supplier.)
3 Technical feasibility (and cost) Limiting access, rather than making a resource completely open, will inevitably generate costs for the library and probably the supplier too. Both will ultimately have to make decisions on technical solutions that are commensurate with the value of the resource.
We assume that in general the primary aim of any library is to satisfy the collective needs of its community of users, and to do so within the limits of its own finite budget and other resources; and entirely within the letter and spirit of any applicable laws. The main practical aim of this book is to support libraries and library managers in making well informed decisions about appropriate technical solutions, whilst not attempting to delve deeply into the reasons for user demand, nor the reasons why resource suppliers or owners may impose particular licence restrictions.
- Type
- Chapter
- Information
- Access and Identity Management for LibrariesControlling Access to Online Information, pp. 21 - 30Publisher: FacetPrint publication year: 2014