InCommon Library Services

[Steven Carmody <>]

NISO describes itself as

NISO is where content publishers, libraries, and software developers turn for information industry standards that allow them to work together. Through NISO, all of these communities are able to collaborate on mutually accepted standards — solutions that enhance their operations today and form a foundation for the future.

They've had a working group developing "recommended practices" for publishers and campuses on improving the user experience when authenticating to publisher sites. The working group included lots of representatives from publishers, as well as some campus representatives. The report strongly recommends the adoption of standards-based Web SSO (eg SAML), as well as recommendations on web page content in order to improve the user experience.

A draft version of the group's report has now been made available for public comment. I'd strongly recommend that anyone interested in this space take some time to review the draft report and provide comments and feedback. The public comment period ends on June 22. Its quite possible that publishers will be using these recommendations for the next several years; this is your opportunity to help shape those recommendations.


NISO Recommended Practice on Single Sign-On Authentication Available for Public Comment

Identifies Needed Improvements for Users Authenticating to Licensed Electronic Resources

 

NISO announces the availability of ESPReSSO: Establishing Suggested Practices Regarding Single Sign-On (NISO RP-11-201x) for a thirty day public comment period ending on June 22, 2011. ESPReSSO identifies practical solutions for improving the use of single sign-on authentication technologies to ensure a seamless experience for the user.

 

Currently a hybrid environment of authentication practices exists, including older methods of userid/password, IP authentication, or proxy servers along with newer federated authentication protocols such as Athens and Shibboleth. This recommended practice identifies changes that can be made immediately to improve the authentication experience for the user, even in a hybrid situation, while encouraging both publishers/service providers and libraries to transition to the newer Security Assertion Markup Language (SAML)-based authentication, such as Shibboleth.

 

“With the growing use of mobile devices and remote access, the older authentication methods are not manageable for either the content provider or the library,” explains Steve Carmody, IT Architect, Computing and Information Services, at Brown University and co-chair of the NISO ESPReSSO Working Group. “The ESPReSSO recommendations will help bridge the transition to more robust authentication methods that better match the needs of today’s users and eliminate the need for multiple identities.”

 

“Libraries are very concerned about protecting the privacy of their patrons,” states Harry Kaplanian, Director of Technology, Serials Solutions, Inc., and co-chair of the NISO ESPReSSO Working Group. “These recommendations identify methods that can be used to maintain privacy while still offering users advanced functionality, such as saving searches between sessions.”

 

“NISO is testing various methods for identifying issues in our community where NISO can provide leadership in developing solutions,” states Todd Carpenter, Managing Director of NISO. “The ESPReSSO recommended practice is the first outcome of a Chair’s Initiative project, where the NISO Board of Directors Chair (then Oliver Pesch from EBSCO Information Services) identifies a specific issue that would benefit from study and the development of a recommended practice or standard.”

 

The draft Recommended Practice and an online comment form are available at: www.niso.org/workrooms/sso/. Publishers and distributors of licensed content as well as licensing organizations, such as libraries, are all encouraged to review and comment on the document.