Tuesday 16th August 2016
Please note: opinions expressed are the individual’s own, and may not reflect those of Jisc or OpenAthens.
What role do you see the technology around trust and identity management playing in the user journey? What do you feel is the ideal scenario for end-users?
User discovery is implemented in a pretty variable way – there’s a lack of consistency across the industry. A seamless experience for users is the ideal I think we’re all working towards, but the way technology has been implemented means that it’s not very intuitive for users to navigate.
Consistency is key here; we’ve long been advocating for a similar user experience across publisher sites, because if the sign-in process isn’t intuitive in and of itself, then consistency and familiarity – having the same terminology and steps along the way regardless of which content the user’s trying to access – are second-best. This was one of the main drivers behind the Jisc Identity Management toolkit we developed, to provide a guide to best practice in the IAM space.
Are there any particular end-user expectations or requests that have fed into your development priorities around identity and access management?
The UK federation that Jisc manages has over 1000 members, and is used by every HE institution, and around four-fifths of FE institutions, in the country. Off-network access is an implicit driver of the federation, and it’s only becoming more important – we’re hearing a lot about the need for a mobile-first experience, as users move more towards working when and where it suits them.
There are also implications from a global perspective, particularly around supporting how resources are deployed. When you’re working at a national level, lines of support are easier to identify. But when you’re working with an access federation that includes multiple countries around the world, who does the end-user or their librarian turn to if there’s a problem?
Where do you see IAM headed in future?
It can be difficult to demonstrate the value of a truly well-implemented IAM system, as budget-holders don’t always understand the value. The standard approach is to look for an off-the-shelf solution, but even the most comprehensive package needs extensive customisation work if it’s to be adapted to a publisher or institution’s business practices, rather than the other way around.
More broadly, there’s a question around how social identity fits with institutional identity. As an example, universities have always handled IAM for their employees and students, but now they’re looking increasingly at the full lifecycle – from initial application through to alumni programmes that provide former students with access to their institution’s library resources for an annual subscription.
This also ties into the Verify service from the Cabinet Office in the UK – it’s their SAML-based web federation for accessing government services which is replacing the older gov.uk gateway. Third parties like the Post Office are offering identity management services for citizens to do things like manage their council tax payments online, so we see IAM concepts creeping into everyday life. There are some challenges and opportunities around integration there, too.
Check out the other interviews in the series here: https://openathens.org/tag/industry-voices/
Share this article