Background

Background

This website aims to provide initial points and facilities to stimulate discussion, not to carry out a complete survey of all related issues. It contains the following sections: • A broad statement of the issues being addressed. • An overview of the current approach to Federated Access Management (FAM) in the UK HE environment. • A set of brief scenarios describing different aspects of FAM in digital repository environments. ...more »

Submitted by (@neiljacobs)
1 comment

Voting

0 votes
Active

Scenarios

Scenario 1: Open Access

Much work on digital repositories has focused on issues surrounding Open Access to research outputs (generally pre- or post-prints). If access to an object is truly open, then it may seem that access management is not an issue. However, we may distinguish 2 cases:  The SP has no interest in who is accessing a resource.  Access to resources is open, but the SP is still interested in capturing information about usage. ...more »

Submitted by (@neiljacobs)
5 comments

Voting

-2 votes
Active

Scenarios

Scenario 2A: Restrictions imposed by publishers

A resource may be published and widely available yet still subject to access restrictions within a digital repository (SHERPA/RoMEO maintains an extensive database of the copyright and self-archiving policies of publishers). For example, a publisher may place restrictions on accessing a post-print in an institutional repository to subscribers to the journal in which it was included . This is analogous to a library allowing ...more »

Submitted by (@neiljacobs)
4 comments

Voting

-3 votes
Active

Scenarios

Scenario 2B: Agreements required by resources owners

A similar use case to 2A is where a resource’s owner has attached additional conditions around accessing/using a resource, and individual users must agree to a licence before they are granted access. For example, users may be obliged to agree to use a resource only for educational or non-profit purposes, or to observe copyright This can be implemented using eduPersonTargetedID; that is, this attribute can be used to ...more »

Submitted by (@neiljacobs)
4 comments

Voting

3 votes
Active

Scenarios

Scenario 3: Updates to repository

Some repository access will involve changes to the content of the repository, for example:  deposit of an object;  editorial activities such as modification of an object’s metadata  annotation of an object;  administrative and maintenance activities. The question arises: in such a case, is it important for repository managers to be able to determine who carried out the action at a later date? This would place requirements ...more »

Submitted by (@neiljacobs)
4 comments

Voting

3 votes
Active

Scenarios

Scenario 4: Curation/preservation

Many of the digital objects in a repository will continue to exist over the long term, possibly with modifications relating to preservation requirements. It is essential from a preservation point of view that provenance/audit information is preserved about these objects (who did what, when and how); otherwise the authenticity of the objects and the trust placed in the repository cannot be guaranteed. These scenarios also ...more »

Submitted by (@neiljacobs)
3 comments

Voting

1 vote
Active

Scenarios

Scenario 5: Personal identity management

Note: this case is not itself a scenario, but rather a common theme extracted from the scenarios above. The previous two examples consideration raise the issue of identity management, which is intimately connected with the FAM requirements for some of the use cases, in particular those that involve a long duration in some way. The current approach in the UK federation addresses identity only for relatively short durations, ...more »

Submitted by (@neiljacobs)
3 comments

Voting

5 votes
Active

Scenarios

Scenario 6: Access to “non-published” material

By “non-published” material in the repository, we mean material that is only accessible to an individual or to an identified group of people. Examples are: (i) “work in progress”, where the author may only wish a small group of users to have access; (ii) research data that is stored in a repository while it is still being worked with, and where access is restricted to the members of the research group; (iii) research ...more »

Submitted by (@neiljacobs)
5 comments

Voting

2 votes
Active

Scenarios

Scenario 7: Access to users not in federation

This scenario covers two cases: (a) users at institutions that are not in the federation (or which do not possess an IdP); (b) users that are not affiliated with an institution at all. Different solutions may be appropriate for these cases An example of (a) is provided by academic research groups that cross over into non-academic environments. A case worth highlighting is in medical research, where a group needing access ...more »

Submitted by (@neiljacobs)
6 comments

Voting

1 vote
Active

Scenarios

Scenario 8: International access

Related but more problematic scenarios occur where access crosses national jurisdictions. Again, we should identify separate cases that may require different treatment: (a) access within an HE institution that has international campuses (b) access between different institutions, whether this is a matter of long-term cooperation between institutions, or shorter-term international research projects that require cross-border ...more »

Submitted by (@neiljacobs)
2 comments

Voting

2 votes
Active

Scenarios

Scenario 9: Non-browser access

Not all access to repositories will involve a researcher sitting at a web browser. Other possibilities include the following, neither of which is currently handled easily by Shibboleth: (a) Access from a desktop client, which may allow updates in some form (e.g. a metadata editor, a client performing multiple inserts). Examples of relevant projects and approaches include: HERMES (see below); SWITCH (the Swiss access ...more »

Submitted by (@neiljacobs)
3 comments

Voting

1 vote
Active

Scenarios

Scenario 10: Social/”Organic” access management

Organic access management, where the resource owner is directly involved in determining who has access to resources under their control. The central idea here is that people are willing to share in self-selected communities. This scenario is likely to be most applicable to more informal resources (e.g. presentations, videos) in “social” repositories (e.g. Yahoo groups, MyFlickr). This is not to say that they are any less ...more »

Submitted by (@neiljacobs)
1 comment

Voting

-1 votes
Active