From LIBER (Association of European Research Libraries):
Access to online library resources can be quite complex. Patrons normally have easy access when signed on to a campus network but when working from other locations — as modern work patterns often demand — the same patrons are increasingly asked to ‘log in to their institution’. This process can release identifying information.
Known as federated authentication, delivering Single Sign On (SSO), this process, if not configured correctly, is at odds with the responsibility of libraries to protect their patrons’ privacy.
In order to preserve patron privacy, while also making the configuration and management of federated SSO connections easier for both libraries and publishers, LIBER’s FIM4L Working Group has drafted 10 Implementation Principles for SSO.
The principles drafted by the group are now open for public comment.
n the guidelines, we refer to three parties typically involved in SSO access to online library resources:
- The patron – the person seeking access to content
- The service provider – the organization granting access
- An identity provider – the patron’s home organisation, which authenticates their identity and releases attributes to the service provider to check if the patron is genuinely allowed access.
Learn More, Read the Complete Recommendations Document, Submit Comments