InCommon Library Services

[Dean Woodbeck <>]

Please send any corrections/comments to Dean at

***

InCommon Library Services Working Group
Draft Minutes
July 13, 2007
 
Steven Carmody, Brown University (chair)\
Lisa German, Penn State University
Lynn Garrison, Penn State University
Renee Shuey, Penn State University
Adam Chandler, Cornell University
Tom Barton, University of Chicago
Dave Kennedy, University of Maryland
Laura Ruble, University of Maryland
Declan Fleming, University of California-San Diego
Matt Elder, University of California-San Diego
Dean Woodeck, Internet2 (scribe)
 
**Action Items**
 
[AI] {Steve Carmody} will communicate with Chris Zagar about the new version of EZProxy and the availability for testing.
 
[AI] {Steve Carmody} will follow-up with Bob Morgan about this use-case: how a person with UWash credentials overrides the “guest” access on a public library terminal.
 
[AI] {Steve Carmody} will send an updated list of Shib-enabled library vendors, drawing from the UK federation.
 
[AI] {Steve Carmody} will outline the flow, from the perspective of a user accessing a resource, in several situations:

• User is on-campus
• User is at a public terminal in the library
• User is working at home
• User is accessing resources while in a different country
• User is an instructor, perhaps within a course management system, who wants to add a link to a resource that will work for a student regardless of the student’s location.

[AI] {Penn State} will provide a document concerning the benefits to libraries of knowing who is accessing their systems and resources.
 
[AI] {Steve} will contact Luc at UCSD concerning testing of the University of Washington walk-up authentication system and whether he or someone at UCSD would be willing to speak at the Internet2 Member Meeting in October.
 
[AI] {Dave Kennedy and Tom Barton} will test the EZProxy update and the SessionInitiator with EBSCO, as well as the University of Washington walk-up model.
 
[AI] {Steve Carmody} will follow-up on the prospect of a three-way conversation between this working group, the Shib team and Google Scholar.
 
**Update**
 
Steve Carmody reported that EBSCO is taking the new version of Shibboleth into production July 17. EBSCO has added the SessionInitiator, but this data has to be exchanged outside of the federation metadata. Steve is exploring the mechanics of how vendors and the federation might work through the mechanics of implementing the SessionInitiator more widely.
 
**Walk-Up Library User/EZProxy  Update**
 
There was a question about the next version of EZProxy and testing planned at the University of Chicago. [AI] {Steve Carmody} will communicate with Chris Zagar about the new version of EZProxy and the availability for testing.
 
There was a discussion about the proposed solutions for authenticating walk-up patrons and EZProxy. Would those solutions still require the use of Shibboleth and maintenance of IP tables, as well?
 
The University of Washington solution, discussed in the minutes of June 15, 2007, involves the university maintaining a set of local IP addresses that identify the walk-up terminals at the library. Someone accessing resources through these terminals are identified as a guest and the university has corresponding entries in their LDAP. The service provider, then, receives the appropriate values through Shibboleth. One concern is whether a user with University of Washington credentials can override the “guest” log-in. [AI] {Steve Carmody} will follow-up with Bob Morgan about this use-case: how a person with University of Washington credentials overrides the “guest” access on a public library terminal.
 
There was a discussion about rolling out resource access to remote users. Steve suggested that, initially, the experience for on-campus users will remain at status quo. Most libraries will likely phase-in the use of Shibboleth for authentication of off-campus users first. At some point, libraries should see enough added value (TargetedID, for example) to begin switching on-campus authentication to Shib. At some point, users will start asking why they’ve lost value when working from the campus.
 
A question was raised whether this would mean an additional log-in for campus users. Will a Shib log-in be necessary for the user to access both library-related and other Shib-enabled non-library vendor resources? There was a discussion about whether an additional log-in would be of concern – would this be considered a significant degradation of the existing user experience? It was suggested that user testing would point out issues that may need to be resolved before such a system went into production.
 
One benefit of authentication would be the additional information available for libraries. The IdP logs that Shib produces, for example, would show the number of people using Science Direct and who those people are (students, faculty, staff, etc.). Library staffs would have more detailed information about who is using the systems and resources. [AI] {Penn State} will provide a document concerning the benefits to libraries of knowing who is accessing their systems and resources.
 
**Next Steps**
 
Steve asked about the next steps for the working group. One suggestion was to summarize activity thus far in a report that would receive wider distribution. The group agreed that this would be valuable, but should wait until after some of the proposed solutions are tested with vendors.
 
Tom Barton suggested developing improvements on solutions already aired:

• Modification of EZProxy,
• University of Washington location-based authentication model

We need to show that these solutions will work, but that should happen reasonably soon. We will also need to develop documentation and outreach. One opportunity for outreach is the fall Internet2 Member Meeting (October 8-11 in San Diego). It would be helpful is someone from the library side would do a presentation on what has been accomplished thus far. [AI] {Steve} will contact Luc at UCSD concerning testing of the University of Washington walk-up authentication system and whether he or someone at UCSD would be willing to speak at the Internet2 Member Meeting in October.
 
Before making a commitment, several working group members suggested developing a summary of what might be presented – perhaps a flow chart that would demonstrate the user experience/impact in a variety of use-cases. It was suggested that such use-cases be as non-technical as possible to have the widest impact. Situations covered might include:
 

• On-campus in an office
• At a public terminal in the library
• Working at home or from another off-campus location
• Accessing resources from a different country
• Implementation from within a course management system.

[AI] {Steve Carmody} will take a first cut at outlining these use-cases and either post to the email list or on the wiki.
 
There was some interest among working group members in testing the EZProxy and University of Washington walk-up model. Dave Kennedy from the University of Maryland said he would be in a position to test the EZProxy update and the SessionInitiator with EBSCO. He also would test the University of Washington model. Tom Barton said the University of Chicago would also be able to do some testing. Steve Carmody will talk with Luc at UCSD about testing the walk-up option.
 
**Additional Shib-Enabled Vendors**
 
Steve reported that several vendors are in the process of Shib-enabling their resources. Most are joining the UK federation. [AI} {Steve} will contact Jane Charlton of the UK federation for an updated list of Shib-enabled vendors. He reported, for example, that WestLaw has recently joined the UK federation. Steve pointed out that, once these vendors join one federation, it is a relatively easy process for them to join InCommon.
 
**Google Scholar**
 
There was a discussion about the Google Scholar initiative and a potential partnership. Adam reported that Google uses IP addresses to identify where a user is coming from. An on-campus user searching Google, and finding a match with a licensed resource, will be sent to a log-in page, since Google Scholar maintains a list of IP ranges. In addition, an off-campus user can indicate, in Google Scholar preferences, that they are affiliated with a campus. This seems to have significant potential for a Shibboleth implementation.
 
Steve said he, Bob Morgan and Ken Klingenstein had a conversation with Google Scholar and the Shib team has been working with the Google Apps for Education project team. He also knows of a west coast campus doing some testing with Google. He suggested a three-way conversation with this working group, the Shib team and Google Scholar. [AI} {Steve} will follow-up.
 
**Next Call is Friday,  July 27, 12:30 pm (EDT)**