Rank12

Idea#6

Active
Scenarios »

Scenario 10: Social/”Organic” access management

Organic access management, where the resource owner is directly involved in determining who has access to resources under their control. The central idea here is that people are willing to share in self-selected communities. This scenario is likely to be most applicable to more informal resources (e.g. presentations, videos) in “social” repositories (e.g. Yahoo groups, MyFlickr). This is not to say that they are any less serious from an academic perspective – for example, the repositories of scientific workflows facilitated by the myExperiment project . Similar approaches have been taken up in the arts and humanities, where small, informal communities are using (e.g.) a wiki or blog as a “repository” and annotation environment, with access control managed locally by the administrator – examples are arts-humanities.net and The Digital Classicist . It would be useful to be able to trust people and to provide an ad hoc and lightweight mechanism for delegating the ability to grant access for particular resources.

If researchers are doing things for themselves, not via their home institutions, then this may fall outside the scope of what JISC needs to support. In any case there may be sustainability risks incurred by material being ‘out there’ on Google Docs, wikis, etc. If researchers are working through their institutional IdPs, this scenario is covered elsewhere, e.g. the group management work described in in Scenario 6 – although more lightweight mechanisms are desirable.

Projects relevant to this issue include Grouper , GFIVO , the SWITCH (Swiss access management federation) group management tool, and OAuth .

Proposed action:

It may be a useful exercise to: (i) document these requirements in more detail, and (ii) determine how much such systems are used in HE. However, this is not of high priority for JISC as the scenario is for the moment sufficiently well covered outside the federation and in other scenarios.

Submitted by Neil Jacobs 5 years ago

Comments [1]

  1. A relevant JISC project is FLAME, which is studying user reactions to these tools (Delegated Access Management is the technical term). It developed its own solution, because Signet and Grouper had issues which made their use difficult in context (see https://gabriel.lse.ac.uk/twiki/bin/view/Projects/Flame/GrouperSignetLdappcProblems for details on this).

    5 years ago

Vote Activity [ 1 ] [+]