establishing suggested practices regarding single sign on update
Download
Skip this Video
Download Presentation
Establishing suggested practices regarding Single sign on Update

Loading in 2 Seconds...

play fullscreen
1 / 11

Establishing suggested practices regarding Single sign on Update - PowerPoint PPT Presentation


  • 93 Views
  • Uploaded on

Establishing suggested practices regarding Single sign on Update. Heather Ruland Staines Charleston, November 2011. ESPReSSO Timeline.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Establishing suggested practices regarding Single sign on Update' - faunus


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
establishing suggested practices regarding single sign on update

Establishing suggested practices regarding Single sign on Update

Heather Ruland Staines

Charleston, November 2011

espresso timeline
ESPReSSO Timeline
  • In 2009, NISO launched a new Chair's Initiative—a project of the chair of NISO’s Board of Directors, focusing on perfecting a seamless, item-level linking through single sign-on authentication technologies in a networked information environment.
  • Fall 2009: Working Group meetings begin.
  • 2010: Sub-groups meet. Feedback collected from publishers.
  • May 24, 2011: Draft posted for 30 day public comment.
  • Summer 2011: Working group addressed comments.
  • October 27, 2011: Publication of Suggested Practice
the challenges
The Challenges

Authentication has become complex for several reasons:

  • Users now have more options as to how and where to enter a publisher’s site. This makes a consistent, coherent user experience more difficult.
  • Users may experience multiple authentication mechanisms. The user’s physical location could affect the browser flows and authentication mechanisms they see. Within the publisher site, the user might navigate from a public page to a protected page, triggering authentication.
  • Publishers must present and support multiple authentication mechanisms, necessitating a usable authentication GUI interface that combines multiple methods and that can be used successfully by people with a low familiarity with technical concepts.
  • Campuses have deployed various approaches to authentication, some requiring users to be able to use, handle, and manipulate proxy-prefixed URLs that are incomprehensible to the average person.
goal of the recommendations
Goal of the Recommendations:
  • The recommendations specifically address:
    • typical browser flows
    • the sequence of pages presented to users
    • page layout, what information to include in each of those pages
    • consistent GUI elements
    • additional features and functionality to provide users with added value.
  • Provide users with a consistent experience across a multitude of sites and situations.
  • Reduce user confusion and aborted sessions during the discovery/login process by using a consistent set of visual elements
  • Be straightforward and easy to implement for both IdP (Identity Providers) and SP (Service Provider) sites.
accomplishments
Accomplishments
  • Include input from publishers and providers:
    • Springer (MetaPress)
    • Elsevier
    • Nature Publishing Group
    • Wiley
    • Oxford University Press
    • Cambridge University Press
    • IEEE
    • AIP
    • Ithaka/JSTOR
    • EBSCO
    • H.W. Wilson
    • Semantico
    • High Wire
    • IOP
recommendations for service providers sps licensee organizations lo and identity providers idps
Recommendations for Service Providers (SPs), Licensee Organizations (LO), and Identity Providers (IdPs)
  • SPs continue to support multiple authentication options during this time of transition.
  • SPs and LOs move quickly to reduce reliance on IP-based access control. There are many security issues with this approach and it is no longer adequate in today’s rapidly ubiquitous computing environment.
  • SPs and LOs move quickly to deprecate userids/passwords validated at the service provider site.
  • SPs and LOs move quickly to implement and use standards-based federated authentication.
slide8
Recommendations for Service Providers (SPs), Licensee Organizations (LO), and Identity Providers (IdPs) (con’t)
  • SPs adopt standard placement/wording of the login link on all the public pages on their site.
  • SPs present a standard approach (discovery) for guiding the user to the desired authentication method.
  • IdPs create a consistent experience as the user moves from SP to IdP to SP.
  • SP and IdP web designers insert branding at appropriate places in the flow to provide visual feedback that the flow is progressing as expected.
  • SPs offer a single url point of access for IP authentication and Federated Login.
questions and more information
Questions and More Information
  • SSO website: www.niso.org/workrooms/sso
  • SSO Interest Group list: www.niso.org/lists/ssoinfo
  • SSO Charge: www.niso.org/workrooms/sso/charge
  • Heather Staines
  • [email protected]
ad