Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

FAM - a triumph of technology over usability - Andy Powell


Published on

Published in: Technology, Design
  • Be the first to comment

  • Be the first to like this

FAM - a triumph of technology over usability - Andy Powell

  1. 1. Federated Access Management a triumph of technology over usability? Andy Powell @andypowe11
  2. 2. Usability 101 “the study of the ease with whichpeople can employ a particular tool orother human-made object in order toachieve a particular goal” (Wikipedia)
  3. 3. A framework for usability• learnability: how easy is it for users to accomplish basic tasks the first time they encounter the design?• efficiency: once users have learned the design, how quickly can they perform tasks?• memorability: when users return to the design after a period of not using it, how easily can they re establish proficiency?• errors: how many errors do users make, how severe are these errors, and how easily can they recover from the errors?• satisfaction: how pleasant is it to use the design?
  4. 4. Improving privacy and security• usability not just about „ease of use‟• poor usability may lead to poor security and/or loss of privacy (where user is confused about which server they are interacting with)
  5. 5. Discovery, access and use• with federated access management, “usability” covers a lot of ground• from discovery (Google search vs. institutional portal)• …thru access… (the publisher‟s website)• to use (having the thing on your desktop)
  6. 6. Even „access‟ spans multiple players• the publisher‟s website• the federation WAYF service (in some cases)• the institutional identity provider (IdP)
  7. 7. From perspective of the user• (and the user‟s institution)• the institutional IdP is always the same• but every publisher website has different look and feel (for login) – some use the WAYF, some don‟t• not easy for the institution to provide „help‟ documentation that covers all cases
  8. 8. From perspective of the publisher• every user sees the same website• but each user has different IdP (and possibly WAYF)• not easy for the publisher to provide „help‟ documentation that covers everyone
  9. 9. And… wider context• need for global publishers to accommodate multiple „academic‟ federations• need for publishers to handle non-academic audiences (local usernames/passwords, pay-per-view, etc.)• need for publishers to handle social media (Facebook, Google, Twitter, etc.)
  10. 10. 3 examples…• of current practice
  11. 11. Browser interaction• much of the functionality we‟ve just seen needs browser support – cookies – Javascript – password retention• how much of this is consistent across multiple sites?• what implications does the new EU cookie directive have?
  12. 12. „Ongoing‟ work…• the usability of federated access management is an evolving area…• back in 2009, JISC commissioned a “Publisher Interface Study” by Rhys Smith at Cardiff – improved WAYF – embedded discovery module for Shibboleth (by Rod Widdowson, Steading System Software)• Kantara Universal Login Experience (ULX) Working Group• NISO ESPReSSO group – recommendations just out• Google
  13. 13. Conclusions• usability across federated login is hard• in distributed systems, usability often has to emerge over time – we still seem to be waiting!• variety of practice by today‟s publishers• variety of exploratory work in progress• no longer just an „academic‟ problem (c.f. Google work)• at Eduserv, we are watching this space
  14. 14. Recommendations• „Athens‟ is a loaded term and we need to agree how/if/when it should be used• „Shibboleth‟ and „OpenAthens‟ refer to technologies and probably should NOT be used in user-facing text• we‟d make some simple progress by all agreeing consistent use of terminology – „login‟, „institutional account‟, …