Download
1 / 18
180 likes | 248 Views
An Update on Digital Library Access Methods. David Millman Columbia University June 2002. Survey: Some Access Mgmt Methods. One Collection, multiple organizations Fragmented collections More private Federated collections Removing central administration. Single Collection. simple
E N D
An Update on Digital Library Access Methods David Millman Columbia University June 2002
Survey: Some Access Mgmt Methods • One Collection, multiple organizations • Fragmented collections • More private • Federated collections • Removing central administration
Single Collection • simple • low security • low privacy • poor scaling Org Org Org admin Collection
One Collection, multiple organizations • Fragmented collections • More private • Federated collections • Removing central administration
Fragmented Collections • central admin • optional distributed admin • flexible service packages / licensing • scaling? Org Org Org { adm { { adm C C C C C
One Collection, multiple organizations • Fragmented collections • More private • Federated collections • Removing central administration
Organizational Authentication • locally authenticated • credentials do not leave org admin • higher security & privacy • e.g., WebISO (I2), pubcookie (UWash), CAS (Yale), WIND (Columbia) Org adm AuthN AuthZ ? C
One Collection, multiple organizations • Fragmented collections • More private • Federated collections • Removing central administration
Federated Collections(e.g., NSDL?) • independent collections • central admin • + mandatory distributed admin • moderate scaling • higher security • moderate privacy (central portal interface & profile services) Org Org Org adm adm adm adm portal profiles C C C C
One Collection, multiple organizations • Fragmented collections • More private • Federated collections • Removing central administration
Federated w/o Central Architecture(e.g., NSDL) • no central technology (or only a bit) • central policy • good scaling • good privacy & security Org Org Org adm adm adm (policy) portal profiles C C C C
Federated w/o Central Architecture(e.g., NSDL) • no central technology (or only a bit) • central policy • good scaling • good privacy & security Org Org Org adm adm adm (policy) Shibboleth portal profiles C C C C
NSDL Architecture (abbreviated) • ~ 80 collections (most unrestricted) • ~ 20 services • core technical infrastructure • metadata repository • search • access management • portal
Shibboleth Dependencies • SAML (oasis-open.org) • architecture (middleware.internet2.edu) • policy specification (perhaps per community of use)
Shibboleth Requirements • organization authentication infrastructure • community authorization infrastructure • target service software add-on • “where-are-you-from?” service • community policy framework
NSDL Access Mgmt Policy Goals • specify • communities of use (for subscribers) • conditions of use (for collections/publishers) • subscribers: requirements for participation, e.g., character of local authentication (enforcement roles and methods), conformance to definitions of community membership • publishers: practices re identity aggregation, discovery, disclosure • clarify technology vs legal/administrative policy
Access Architecture Next Steps • relationship to interfaces • Learning Management Systems • portals generally • relationship to collections • as “repositories” (citation mgmt, versioning, archival concerns, license repurpose)
