Open Athens
Search OpenAthens Open Athens

Industry voices on IAM: Rhys Smith, Jisc

Jon BentleyBy Jon Bentley
Category - Blog

Tuesday 16th August 2016

In the latest of our series of interviews with representatives across the publishing industry on the intricacies of identity and access management, we talked with Rhys Smith, Chief Technical Architect of Trust & Identity at Jisc. Other posts in the series can be found here.

Please note: opinions expressed are the individual’s own, and may not reflect those of Jisc or OpenAthens.

What role do you see the technology around trust and identity management playing in the user journey? What do you feel is the ideal scenario for end-users?

User discovery is implemented in a pretty variable way – there’s a lack of consistency across the industry. A seamless experience for users is the ideal I think we’re all working towards, but the way technology has been implemented means that it’s not very intuitive for users to navigate.

Consistency is key here; we’ve long been advocating for a similar user experience across publisher sites, because if the sign-in process isn’t intuitive in and of itself, then consistency and familiarity – having the same terminology and steps along the way regardless of which content the user’s trying to access – are second-best. This was one of the main drivers behind the Jisc Identity Management toolkit we developed, to provide a guide to best practice in the IAM space.

Are there any particular end-user expectations or requests that have fed into your development priorities around identity and access management?

The UK federation that Jisc manages has over 1000 members, and is used by every HE institution, and around four-fifths of FE institutions, in the country. Off-network access is an implicit driver of the federation, and it’s only becoming more important – we’re hearing a lot about the need for a mobile-first experience, as users move more towards working when and where it suits them.

There are also implications from a global perspective, particularly around supporting how resources are deployed. When you’re working at a national level, lines of support are easier to identify. But when you’re working with an access federation that includes multiple countries around the world, who does the end-user or their librarian turn to if there’s a problem?

Where do you see IAM headed in future?

It can be difficult to demonstrate the value of a truly well-implemented IAM system, as budget-holders don’t always understand the value. The standard approach is to look for an off-the-shelf solution, but even the most comprehensive package needs extensive customisation work if it’s to be adapted to a publisher or institution’s business practices, rather than the other way around.

More broadly, there’s a question around how social identity fits with institutional identity. As an example, universities have always handled IAM for their employees and students, but now they’re looking increasingly at the full lifecycle – from initial application through to alumni programmes that provide former students with access to their institution’s library resources for an annual subscription.

This also ties into the Verify service from the Cabinet Office in the UK – it’s their SAML-based web federation for accessing government services which is replacing the older gateway. Third parties like the Post Office are offering identity management services for citizens to do things like manage their council tax payments online, so we see IAM concepts creeping into everyday life. There are some challenges and opportunities around integration there, too.

Check out the other interviews in the series here:

Share this article