Book contents
- Frontmatter
- Contents
- Foreword
- Acknowledgements
- Note to readers
- Glossary
- 1 What is access management, and why do libraries do it?
- 2 Electronic resources: public and not so public
- 3 Principles and definitions of identity and access management
- 4 Current access management technologies
- 5 Authentication technologies
- 6 Authorization based on physical location: how does the internet know where I am?
- 7 Authorization based on user identity or affiliation with a library: who you are? Or what you do?
- 8 Federated access: history, current position and future developments
- 9 How to choose access management and identity management products and services
- 10 Internet access provided by (or in) libraries
- 11 Library statistics
- 12 The business case for libraries
- Afterword
- Appendix 1 Case studies
- Appendix 2 A White Paper on Authentication and Access Management Issues in Cross-organizational Use of Networked Information Resources
- Index
9 - How to choose access management and identity management products and services
Published online by Cambridge University Press: 10 September 2022
- Frontmatter
- Contents
- Foreword
- Acknowledgements
- Note to readers
- Glossary
- 1 What is access management, and why do libraries do it?
- 2 Electronic resources: public and not so public
- 3 Principles and definitions of identity and access management
- 4 Current access management technologies
- 5 Authentication technologies
- 6 Authorization based on physical location: how does the internet know where I am?
- 7 Authorization based on user identity or affiliation with a library: who you are? Or what you do?
- 8 Federated access: history, current position and future developments
- 9 How to choose access management and identity management products and services
- 10 Internet access provided by (or in) libraries
- 11 Library statistics
- 12 The business case for libraries
- Afterword
- Appendix 1 Case studies
- Appendix 2 A White Paper on Authentication and Access Management Issues in Cross-organizational Use of Networked Information Resources
- Index
Summary
This chapter gives an overview of the proprietary access management and identity management system procurement process. It also looks at some of the proprietary technologies available.
Introduction
Once an organization has developed a programme of identity and access management work, and has constructed a realistic roadmap for the work, it may wish to procure some identity and access management systems and/or services. Any identity and access management implementation is likely to involve a range of different products, technologies and services in order to fulfil the organization's specific requirements. Therefore, the products chosen may vary widely from organization to organization, based on the organization's individual needs.
It is possible that a complete solution will be required or it may be that only some of the components need to be procured from commercial sources, while others can be obtained from open-source providers or developed in-house. Some organizations may choose to outsource their identity and/or access management to a third party. From a library's point of view, it is important that any identity and/or access management systems procured by the library fit in with the wider organization's procurement plan and the general IT infrastructure.
This chapter is designed to help libraries understand the procurement process for identity and access management systems, and provide an introduction to some of the more popular commercial solutions currently on the market. It draws heavily on Chapter 10 of the Identity Management Toolkit produced by the UK Joint Information Systems Committee (JISC, 2012), ‘Selecting supplier solutions for Identity Management’. The original Toolkit was written, tested and produced by four UK partners: Kidderminster College, the London School of Economics and Political Science, the University of Cardiff and the University of Bristol, and gives an excellent introduction to the identity and access management system procurement process. The Toolkit was updated by the same project staff, some still working at the above institutions and some (including the authors of this book) engaged as independent consultants.
The identity management roadmap should inform several aspects of the process of choosing an appropriate solution for the organization. It should:
• indicate whether the preferred identity management architecture involves a central identity management system or working to integrate existing systems which handle parts of the identity management requirements of the institution (such as the software used by HR and the finance department, and the mechanisms used to create accounts on various systems)
- Type
- Chapter
- Information
- Access and Identity Management for LibrariesControlling Access to Online Information, pp. 99 - 112Publisher: FacetPrint publication year: 2014