Tag: Identity Management

It’s not an Open and Shut case

Just returned from the JISC Innovations forum – taken aback by the huge quantities of positivity and enthusiasm from delegates – despite these straitened times.

The word that one seemed to hear every few seconds was open.  Open data, open source, open knowledge. It got me thinking about what we mean by open.  Lots of people try to qualify it – ‘open does not mean free’ was one phrase I heard. Not sure I agree with this. Is something still open if you start to attach conditions to it which may exclude some from being able to use it? It is still open to some – those who can afford or wish to pay for it – but it is no longer open to all. The definition of  open knowledge given by the Open Knowledge foundation is:

A piece of knowledge is open if you are free to use, reuse, and redistribute it — subject only, at most, to the requirement to attribute and share-alike.”. (c) Open Knowledge Foundation

Which explicitly says it must be free.

This leads me to thoughts about another use of the word : OpenID . Part of the Logins for Life project is looking at the possible use of technologies like Open ID and Facebook Connect as acceptable credentials for access to HE on-line resources. 

Is going this open wise?

I should say from the outset that no-one is proposing we let just anyone with an OpenID roam at will through the entire online resources of  a University or College.  But it could be a useful tool all the same.

OpenID would allow those applying for a  prospectus or even just browsing the web site to easily establish a digital identity with the provider – no forms to fill in, usernames to invent, email verification etc. The vast majority of users will already have an OpenID – though it is probably still true that many won’t realise this – through previous registration with Google, Yahoo, Flickr, MySpace and many other popular websites.

There are obvious advantages –

  • interested parties immedately gain a sense of ‘belonging’ or ‘membership’.
  • the host organisation has the opportunity for email contact with these potential students or staff.
  • the user does not end up with one more  username/password combination to remember.

But are there disadvantages too?

If these prospects do join the university then it would be possible to link their OpenIDs with their Kent log on credentials and allow access to at least some online resources.  A liberating open attitude or the on-line equivalent of leaving the key in the door?

Anyone out there already using OpenID within the Higher Education world? Or planning to?

A Day in the Logins for Life

Members of the project team met yesterday in the Templeman Library Hub to spend the whole day revising the work packages. This turned out to be a very useful exercise and left us all feeling ‘revitalised’.  We listed the milestones and firmed up our plans and schedule for the management of the Logins for Life project.

The discussions were wide ranging and although we didn’t have all the answers – yet – we did feel we at least knew what most of the questions were.

Logins for Life is exploring not only how HE organisations can maintain and manage a life long relationship, through a digital identity, with those who come in to contact with the organisation.  It is also about how access to on-line resources can be facilitated and simplified through the use of existing technologies such as social networking and account linking services. Obviously this raises many concerns including, but not limited to, safeguarding data, protecting privacy, security of systems and deciding on and implementing appropriate levels of assurance for different classes of user.  These are complex issues.

Logins for Life will engage with many stakeholders to help determine how to tackle these complex issues.

We compiled a list of departments, offices, facilities, partners etc and from there a list of known systems within the University and tried to rank them in order of how much Logins for Life could potentially affect them.   This led on to who we would need to talk to about each system and were there others out there that we had missed?

We  looked at what we hoped to gain from interviewing different classes of stakeholder and from there made a start on the questions we would ask. Although there will be some questions relevant to all interviewees there will also be questions specific to users and others specific to system owners. But which should come first ?- questions to the users or questions to the system owners as the former may feed in to the latter – or vice-versa.  We agreed that seeking help from the experts in the field, with framing the final questions would be a very good idea.

From these interviews we will develop use cases.

We listed existing authorisation technologies which would need to be evaluated eg OpenID, OAuth, MS Cardspace.

We talked about what a life long email facility would need to offer if users were going to continue to use it beyond their time as a student at Kent.

There were some big issues up for discussion too

  • do the users actually want what Logins for Life is offering?
  • what if the users want something that goes beyond what  system managers have hitherto been willing to offer?
  • how do we deal with users with multiple concurrent identities eg a student who is also on the staff

A good and productive day with an excellent view across East Kent from the Hub’s windows on a sunny but slightly hazy day   –  and doughnuts too!

Logins for Life workshop

With all members of the team now in place we held a workshop to share views on our understanding of the broad issues around identity management and how it is and should be implemented in higher education establishments and more particularly at the University of Kent.

Probably the most obvious insight to come out of this workshop was the need to schedule weekly workshops for the next month or so. While obviously extremely useful , this sort of forum does highlight just how  many issues need to be considered by the project team.

Areas discussed today included:

  • compiling a full list of categories of user who may come in to contact with Kent and whose needs should be considered.
  • sub-categories of users whose needs may be different eg academic and non-academic staff
  • HE establishment pre-requisites for adoption of Logins for Life
  • accepted current perception of the concept of identity and and how this could be improved
  • Incorporation of unique identifiers eg HUSID number, Unique Learner Number and etc
  • Linking identities and roles.

The workshop agreed that the JISC Identity Management Toolkit was a useful framework for the project.

Hmm hard to believe I used to be a photographer…..