LIBER’s FIM4L (Federated Identity Management For Libraries) Working Group Invites Comments on Recommendations for SSO Connections with Publishers
Access to online library resources can be quite complex. Patrons normally have easy access when signed on to a campus network but when working from other locations — as modern work patterns often demand — the same patrons are increasingly asked to ‘log in to their institution’. This process can release identifying information.
Known as federated authentication, delivering Single Sign On (SSO), this process, if not configured correctly, is at odds with the responsibility of libraries to protect their patrons’ privacy.
In order to preserve patron privacy, while also making the configuration and management of federated SSO connections easier for both libraries and publishers, LIBER’s FIM4L Working Group has drafted 10 Implementation Principles for SSO.
The principles drafted by the group are now open for public comment.
n the guidelines, we refer to three parties typically involved in SSO access to online library resources:
- The patron – the person seeking access to content
- The service provider – the organization granting access
- An identity provider – the patron’s home organisation, which authenticates their identity and releases attributes to the service provider to check if the patron is genuinely allowed access.
About Gary Price
Gary Price (firstname.lastname@example.org) is a librarian, writer, consultant, and frequent conference speaker based in the Washington D.C. metro area. He earned his MLIS degree from Wayne State University in Detroit. Price has won several awards including the SLA Innovations in Technology Award and Alumnus of the Year from the Wayne St. University Library and Information Science Program. From 2006-2009 he was Director of Online Information Services at Ask.com. Gary is also the co-founder of infoDJ an innovation research consultancy supporting corporate product and business model teams with just-in-time fact and insight finding.