IP and OpenAthens authenticationNovember 1st, 2011Tom Edmonds - OpenAthens Product ManagerDavid Orrell – OpenAthens Soluti...
Agenda•   Eduserv – Identity and Access Management•   What problem does OpenAthens solve?•   Library developments…•   Open...
About Eduserv•   NfP organisation, registered charity•   Based in Bath, UK•   Worldwide customer base•   Provider of OpenA...
About Eduserv       1988            1994            1999            2000          2003           2008           2009• Firs...
Eduserv operations    Identity and access management (OpenAthens)    Licence negotiation (CHEST agreements)    Web develop...
Identity & Access Management - markets                                     PublicAcademic   Healthcare   Publishing   Sect...
Major customers•   55% UK FE and HE sector•   NHS England: 700 organizations•   Saudi Arabia Ministry of Education: 18 Uni...
What is OpenAthens?• Access management system with SSO   “Athens was the first implementation of federated login”      US ...
How do we reach these customers?International partners:• EBSCO Australia, USA, Spain, Netherlands and ROTW• IIN   Middle E...
What problem does OpenAthens solve?                               www.eduserv.org.uk
Typical organisational today...Local web resources                         External web resources                      Own...
...and tomorrow – organizational single sign-onLocal web resources                            External web resources      ...
What does OpenAthens enable?• Manage users identity and entitlement to both internal  and external resources• Enable secur...
Library developments…                        www.eduserv.org.uk
Library developments…• Books and journals on shelves   • e.g. Academic research journals – BMJ, New England     Journal of...
Libraries today…• Libraries purchase subscriptions to journals & books   • For their entire organization   • Hundreds of j...
Journals and books online• Publishers protect their content/web sites• Have to identify your subscription to gain access  ...
How do publishers identify subscribers?• IP Authentication:   • Your network’s identity   • Requires your network to match...
OpenAthens products and services                                   www.eduserv.org.uk
OpenAthens products and servicesFor Libraries (or Identity Providers)•   OpenAthens Managed Directory (MD)•   OpenAthens L...
OpenAthens products and servicesFor Publishers and organizations (libraries) wanting SSOto internal resources• OpenAthens ...
OpenAthens MD (Managed Directory)•   Cloud based username password system•   Tools for librarians to create and manage use...
OpenAthens MD: presents a user login                                       www.eduserv.org.uk
OpenAthens LA (Local Authentication)• Locally installed identity provider• Uses same username and password as the  organiz...
OpenAthens for Libraries (identity providers)      OpenAthens Managed Directory   OpenAthens Local Authentication        E...
OpenAthens SP (Service Provider)• Enables the publisher to provide personalization• Provides secure management of access t...
Managing proxied resources                             www.eduserv.org.uk
U http://www...                                                         DJ site.org                                       ...
Conclusion•   SSO can be achieved•   Easy to implement, whatever flavour (hosted v local)•   Deliver efficiencies and savi...
Thank you for listening – questions?Resources:• eduserv.org.uk• docs.openathens.nettom.edmonds@eduserv.org.ukopenathens@ed...
Upcoming OpenAthens events in 20118 Nov    Edusev Service Provider conference, London - 12:30-17:009 Nov    FAM11, London ...
Upcoming SlideShare
Loading in …5
×

IP and OpenAthens authentication

2,491 views

Published on

This presentation focuses on IP & OpenAthens authentication.

It is ideal for people with an interest in Identity and Access Management, whether Librarians and IT Managers who are responsible for managing secure access to online resources or a publisher that provides online resources.

Published in: Technology, Education
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,491
On SlideShare
0
From Embeds
0
Number of Embeds
97
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • Healthcare:UK – NHS x3Intl: SAH, State of Victoria, VA, NAVMISSA (Navy Medicine Information Systems Support Activity)Academic: UK - >50% UK marketIntl. Middle East, EuropeCommercialShell, BT, Philips, AkzoNobelService providers>130 global publishers – Science Direct, Ovid, Nature etc.>200 small
  • Academic: University of Iran, OU, Bar Ilan University, KAUSTHealthcare:Servro Ochoa Hospital, SA Health , NAVMISSA (Navy Medicine Information Systems Support Activity), NHS, Saskatoon Health, MOH IranPublishingMark Allan Group, Nature publishing, T&F, Elseveier, Publishing Technologies & Science DirectPublic SectorVA, NHS, NAVMISSA (Navy Medicine Information Systems Support Activity), Commercial Shell, BT, Philips, AkzoNobel
  • OPAC – online public access catalogue
  • IP and OpenAthens authentication

    1. 1. IP and OpenAthens authenticationNovember 1st, 2011Tom Edmonds - OpenAthens Product ManagerDavid Orrell – OpenAthens Solution Architect
    2. 2. Agenda• Eduserv – Identity and Access Management• What problem does OpenAthens solve?• Library developments…• OpenAthens products and services• Proxied resources – the solution. www.eduserv.org.uk
    3. 3. About Eduserv• NfP organisation, registered charity• Based in Bath, UK• Worldwide customer base• Provider of OpenAthens to UK HE since 1996
    4. 4. About Eduserv 1988 1994 1999 2000 2003 2008 2009• First licences • Athens • Eduserv • Athens • Major web • Athens • 2009 state-of- negotiated, developed & established adopted by development became the-art Data saves money first web as NHS in the projects OpenAthens Centre built for UK HE & service independent UK delivered FE launched organisation
    5. 5. Eduserv operations Identity and access management (OpenAthens) Licence negotiation (CHEST agreements) Web development Managed hosting Research
    6. 6. Identity & Access Management - markets PublicAcademic Healthcare Publishing Sector Commercial
    7. 7. Major customers• 55% UK FE and HE sector• NHS England: 700 organizations• Saudi Arabia Ministry of Education: 18 Universities• Iran Ministry of Health: 40 Medical Universities• US Department of Veterans Affairs: 240 hospitals. www.eduserv.org.uk
    8. 8. What is OpenAthens?• Access management system with SSO “Athens was the first implementation of federated login” US NISO (National Information Standards Organization): Establishing suggested practices regarding single sign-on.• Manages >4 million users worldwide. www.eduserv.org.uk
    9. 9. How do we reach these customers?International partners:• EBSCO Australia, USA, Spain, Netherlands and ROTW• IIN Middle East• TDNet Israel & USA. www.eduserv.org.uk
    10. 10. What problem does OpenAthens solve? www.eduserv.org.uk
    11. 11. Typical organisational today...Local web resources External web resources Own password Password for Databases Portal & journals system each vendor Own password VLE system Password system Proxy for proxy OPAC Own password system www.eduserv.org.uk
    12. 12. ...and tomorrow – organizational single sign-onLocal web resources External web resources Databases Portal Local authentication & journals System Username & Password VLE OpenAthens Journals User attributes & permissions OPAC Names, emails, roles... SAML (Security Assertion Markup Language) protocol www.eduserv.org.uk
    13. 13. What does OpenAthens enable?• Manage users identity and entitlement to both internal and external resources• Enable secure, easy access to electronic resources through a single username and password (single sign- on). www.eduserv.org.uk
    14. 14. Library developments… www.eduserv.org.uk
    15. 15. Library developments…• Books and journals on shelves • e.g. Academic research journals – BMJ, New England Journal of Medicine.• Books and journals on the web • No space limitations • Always available, with all the pages! • Searchable. www.eduserv.org.uk Photograph: creative Commons license babblingdweeb & Library Development @ Washington State Librarys photostream
    16. 16. Libraries today…• Libraries purchase subscriptions to journals & books • For their entire organization • Hundreds of journals & books • From many publishers. www.eduserv.org.uk
    17. 17. Journals and books online• Publishers protect their content/web sites• Have to identify your subscription to gain access • What content has your organization purchased on your behalf?• Not just research now clinical materials: • drug databases • mobile devices and iPhone Apps. www.eduserv.org.uk Photograph: creative Commons license babblingdweeb
    18. 18. How do publishers identify subscribers?• IP Authentication: • Your network’s identity • Requires your network to match the subscriber• Username and password • Good for off-site access (network not necessary) • Libraries hand out usernames & passwords. www.eduserv.org.uk
    19. 19. OpenAthens products and services www.eduserv.org.uk
    20. 20. OpenAthens products and servicesFor Libraries (or Identity Providers)• OpenAthens Managed Directory (MD)• OpenAthens Local Authentication (LA)• Self-registration• OpenAthens managed proxy service. www.eduserv.org.uk
    21. 21. OpenAthens products and servicesFor Publishers and organizations (libraries) wanting SSOto internal resources• OpenAthens Service Provider (SP) www.eduserv.org.uk
    22. 22. OpenAthens MD (Managed Directory)• Cloud based username password system• Tools for librarians to create and manage usernames• One username for all subscribed resources• Recognized by over 300 library resources• Resource owner can identify the subscriber associated with the username. www.eduserv.org.uk
    23. 23. OpenAthens MD: presents a user login www.eduserv.org.uk
    24. 24. OpenAthens LA (Local Authentication)• Locally installed identity provider• Uses same username and password as the organization’s Active Directory (or LDAP database)• Can use network login username/password• Integrates with local applications and web services www.eduserv.org.uk
    25. 25. OpenAthens for Libraries (identity providers) OpenAthens Managed Directory OpenAthens Local Authentication Electronic resource access Electronic resource access Bulk user upload Integrated local user authentication Managed service Locally installed Fully supported Fully supported Statistics Statistics Self-registration Customisable Diagnostics Auditing Extensible Protect internal resources SSO to Google Apps … www.eduserv.org.uk
    26. 26. OpenAthens SP (Service Provider)• Enables the publisher to provide personalization• Provides secure management of access to resources• Based on open standards such as SAML2• Supports multiple authentication types (Athens & SAML/Shibboleth)• Support multiple access management federations• Easy to implement. www.eduserv.org.uk
    27. 27. Managing proxied resources www.eduserv.org.uk
    28. 28. U http://www... DJ site.org DJ othersite.org H http://www… …. Sites feed OpenAthens LA SAML ezProxy OpenAthens LA Integrated Proxy OpenAthens GatewayFederated (SAML) Federated (Athens) IP restricted/ Local user www.eduserv.org.uk
    29. 29. Conclusion• SSO can be achieved• Easy to implement, whatever flavour (hosted v local)• Deliver efficiencies and savings• Improve user experience• Support for multiple authentication protocols• Fully supported and maintained software platforms• Improved ROI for your subscriptions www.eduserv.org.uk
    30. 30. Thank you for listening – questions?Resources:• eduserv.org.uk• docs.openathens.nettom.edmonds@eduserv.org.ukopenathens@eduserv.org.uk www.eduserv.org.uk
    31. 31. Upcoming OpenAthens events in 20118 Nov Edusev Service Provider conference, London - 12:30-17:009 Nov FAM11, London - 10:00-16:3023 Nov OpenAthens Surgery webinar – 14:00-15:0013 Dec OpenAthens Overview webinar - 14:00-15:00tom.edmonds@eduserv.org.ukopenathens@eduserv.org.uk All times are in UK time www.eduserv.org.uk

    ×