SlideShare ist ein Scribd-Unternehmen logo
1 von 27
Downloaden Sie, um offline zu lesen
www.openathens.org
Authentication technology update: OpenAthens
Phil Leahy
Service Relationship Manager
phil.leahy@eduserv.org.uk
www.openathens.org
Coming up
• The access management toolkit
• Security, privacy and personalisation
• What opportunities are new technologies bringing?
• How OpenAthens helps organisations and their content
provider suppliers
www.openathens.org
Helping over 2,200 organisations
in 48 countries, enable access to
hundreds of thousands of journals,
databases and ebooks for over
4 million end users.
www.openathens.org
The access management toolkit
• Vendor-supplied credentials
• Referral URLs
• IP recognition
• Peer-to-peer SAML connections
• Federated access management
www.openathens.org
www.openathens.org
Changing user requirements
• Mobile access
is key
• Personalisation is
expected
• Multiple devices are
used
www.openathens.org
Changing librarian requirements
• More tech services to manage
• Multiple tech services must integrate
• Monitor e-library engagement
www.openathens.org
What is local authentication?
• Uses existing usernames and passwords, typically held
in Active Directory
• Same account used for ‘local’ and external systems
• VLE
• Google Apps / Office 365
• OpenAthens
• Reduces administration
• Reduces user queries
www.openathens.org
Security is paramount
• Authentication within Federations uses SAML
• Data encryption comes as standard
• Individual level accountability
• Permission setting features – easier to comply with
restricted content licences
• Authentication servers monitored for misuse
www.openathens.org
Directory integrations
CAS (Client Access Server)
www.openathens.org
Build against an API
• Log your users into the system based on credentials
stored in any system you can gain programmatic access
to
• Great when you cannot use other connection types
www.openathens.org
Connecting to SAML applications
• OpenAthens can interact with many Apps
• Better overall experience for end users
• ‘True’ single sign-on
www.openathens.org
Integration with SAML applications
www.openathens.org
Is user privacy at risk?
• SAML encrypts data by default…
• …but is that sufficient?
• personalisation requires that content providers know
something about a user…
• …what is acceptable?
3l3dfaspfr96k36vcsj6bjl6r8
https://twitter.com/lisalibrarian/status/927534622799548416
www.openathens.org
Attribute release in OpenAthens
www.openathens.org
• Benefit from SAML without installing it
• OpenAthens Cloud offers the same benefits
• OpenID Connect is the hook…
• …but what is OpenID Connect?
OpenAthens Cloud
www.openathens.org
Federation standards
OpenID Connect
• Web-scale
• Modern, developer-
friendly
• Only implicit trust
SAML
• Enterprise
• Mid-2000s tech, hard to
adopt
• Scalable trust-network
www.openathens.org
OpenAthens Cloud
www.openathens.org
www.openathens.org
OpenAthens Wayfinder:
helping content providers help users
www.openathens.org
New technologies = new opportunities?
www.openathens.org
Google Scholar CASA
“CASA builds on Google Scholar’s Subscriber Links program which
provides direct links in the search interface to subscribed collections for on-
campus users. With CASA, a researcher can start a literature survey on
campus and resume where she left off once she is home, or travelling, with
no hoops to jump through. Her subscribed collections are highlighted in
Google Scholar searches and she is able to access articles in exactly the
same way as on campus.”
Users must access on-campus at least every 30 days to maintain off-
campus access.
https://home.heinonline.org/blog/2017/09/casa-en-nuestra-casa-casa-in-our-house/
www.openathens.org
BeyondCorp at Google
• Principles
• Connecting from a particular network must not determine
which services you can access.
• Access to services is granted based on what we know about
you and your device.
• All access to services must be authenticated, authorized and
encrypted.
https://cloud.google.com/beyondcorp/
www.openathens.org
Federation standards
OpenID Connect
• Web-scale
• Modern, developer-
friendly
• Only implicit trust
SAML
• Enterprise
• Mid-2000s tech, hard to
adopt
• Scalable trust-network
Convergence?
www.openathens.org
More information
What does it take to run an access management
federation?
http://bit.ly/2AWSUUz
OpenAthens Cloud uses OpenID Connect
http://bit.ly/2y3pZz6
www.openathens.org
Phil Leahy
OpenAthens Service Relationship Manager
phil.leahy@eduserv.org.uk
+44 (0)1225 474302
Any questions?
What does it take to run an access management
federation?
http://bit.ly/2AWSUUz
OpenAthens Cloud uses OpenID Connect
http://bit.ly/2y3pZz6
Contacts
Josh Howlett, Head of trust and identity, Jisc
Josh.Howlett@jisc.ac.uk
Phil Leahy, OpenAthens Service Relationship Manager
phil.leahy@eduserv.org.uk
Tasha Mellins-Cohen, Director of Publishing, Microbiology Society
t.mellins-cohen@microbiologysociety.org
Feel free to e-mail your questions and look out for the slides on
uksg.org/webinars/authentication

Weitere ähnliche Inhalte

Was ist angesagt?

Inter Lab 2006 Open Process Web Design Through W I K I
Inter Lab 2006    Open Process Web Design Through  W I K IInter Lab 2006    Open Process Web Design Through  W I K I
Inter Lab 2006 Open Process Web Design Through W I K Iguestd43c7f
 
Suguk Southampton CodePlex - March 2014
Suguk Southampton   CodePlex - March 2014Suguk Southampton   CodePlex - March 2014
Suguk Southampton CodePlex - March 2014Steven Andrews
 
SIS integration with Moodle using Learning Information Services (LIS)
SIS integration with Moodle using Learning Information Services (LIS)SIS integration with Moodle using Learning Information Services (LIS)
SIS integration with Moodle using Learning Information Services (LIS)Psydev
 
Integrating SAIP with Moodle using LIS - HEUG EMEA 2013
Integrating SAIP with Moodle using LIS - HEUG EMEA 2013Integrating SAIP with Moodle using LIS - HEUG EMEA 2013
Integrating SAIP with Moodle using LIS - HEUG EMEA 2013Psydev
 
Tips for Driving Learning Success with Moodle LMS Reporting
Tips for Driving Learning Success with Moodle LMS ReportingTips for Driving Learning Success with Moodle LMS Reporting
Tips for Driving Learning Success with Moodle LMS ReportingLambda Solutions
 
Digital Doha Summit - ICT Qatar and Open Source
Digital Doha Summit - ICT Qatar and Open SourceDigital Doha Summit - ICT Qatar and Open Source
Digital Doha Summit - ICT Qatar and Open SourceForum One
 
Ministry in a digital age
Ministry in a digital ageMinistry in a digital age
Ministry in a digital agemargaret_ronald
 
SharePoint Migration Series: Success Takes Three Actions
SharePoint Migration Series: Success Takes Three ActionsSharePoint Migration Series: Success Takes Three Actions
SharePoint Migration Series: Success Takes Three ActionsAdam Levithan
 
Open public 1.0 drupal Government Days
Open public 1.0   drupal Government DaysOpen public 1.0   drupal Government Days
Open public 1.0 drupal Government DaysPhase2
 
BrightGen's Summer 16 Release Webinar
BrightGen's Summer 16 Release WebinarBrightGen's Summer 16 Release Webinar
BrightGen's Summer 16 Release Webinarbrightgenss
 
Tips and Tricks to Optimize your Digital Resources
Tips and Tricks to Optimize your Digital ResourcesTips and Tricks to Optimize your Digital Resources
Tips and Tricks to Optimize your Digital ResourcesHeather Greer Klein
 
Hybrid Dilemma: Dividing Content Between Azure, Office 365 & SharePoint 2016
Hybrid Dilemma: Dividing Content Between Azure, Office 365 & SharePoint 2016Hybrid Dilemma: Dividing Content Between Azure, Office 365 & SharePoint 2016
Hybrid Dilemma: Dividing Content Between Azure, Office 365 & SharePoint 2016Adam Levithan
 
USG Summit - September 2014 - Web Management using Drupal
USG Summit - September 2014 - Web Management using DrupalUSG Summit - September 2014 - Web Management using Drupal
USG Summit - September 2014 - Web Management using DrupalEric Sembrat
 
Enterprise Level Tools and solutions for Accessibility - WorldSpace, Amaze an...
Enterprise Level Tools and solutions for Accessibility - WorldSpace, Amaze an...Enterprise Level Tools and solutions for Accessibility - WorldSpace, Amaze an...
Enterprise Level Tools and solutions for Accessibility - WorldSpace, Amaze an...Srinivasu Chakravarthula
 

Was ist angesagt? (16)

Inter Lab 2006 Open Process Web Design Through W I K I
Inter Lab 2006    Open Process Web Design Through  W I K IInter Lab 2006    Open Process Web Design Through  W I K I
Inter Lab 2006 Open Process Web Design Through W I K I
 
Suguk Southampton CodePlex - March 2014
Suguk Southampton   CodePlex - March 2014Suguk Southampton   CodePlex - March 2014
Suguk Southampton CodePlex - March 2014
 
SIS integration with Moodle using Learning Information Services (LIS)
SIS integration with Moodle using Learning Information Services (LIS)SIS integration with Moodle using Learning Information Services (LIS)
SIS integration with Moodle using Learning Information Services (LIS)
 
Integrating SAIP with Moodle using LIS - HEUG EMEA 2013
Integrating SAIP with Moodle using LIS - HEUG EMEA 2013Integrating SAIP with Moodle using LIS - HEUG EMEA 2013
Integrating SAIP with Moodle using LIS - HEUG EMEA 2013
 
Tips for Driving Learning Success with Moodle LMS Reporting
Tips for Driving Learning Success with Moodle LMS ReportingTips for Driving Learning Success with Moodle LMS Reporting
Tips for Driving Learning Success with Moodle LMS Reporting
 
Digital Doha Summit - ICT Qatar and Open Source
Digital Doha Summit - ICT Qatar and Open SourceDigital Doha Summit - ICT Qatar and Open Source
Digital Doha Summit - ICT Qatar and Open Source
 
Looking tofuture
Looking tofutureLooking tofuture
Looking tofuture
 
Ministry in a digital age
Ministry in a digital ageMinistry in a digital age
Ministry in a digital age
 
SharePoint Migration Series: Success Takes Three Actions
SharePoint Migration Series: Success Takes Three ActionsSharePoint Migration Series: Success Takes Three Actions
SharePoint Migration Series: Success Takes Three Actions
 
Open public 1.0 drupal Government Days
Open public 1.0   drupal Government DaysOpen public 1.0   drupal Government Days
Open public 1.0 drupal Government Days
 
BrightGen's Summer 16 Release Webinar
BrightGen's Summer 16 Release WebinarBrightGen's Summer 16 Release Webinar
BrightGen's Summer 16 Release Webinar
 
Tips and Tricks to Optimize your Digital Resources
Tips and Tricks to Optimize your Digital ResourcesTips and Tricks to Optimize your Digital Resources
Tips and Tricks to Optimize your Digital Resources
 
Hybrid Dilemma: Dividing Content Between Azure, Office 365 & SharePoint 2016
Hybrid Dilemma: Dividing Content Between Azure, Office 365 & SharePoint 2016Hybrid Dilemma: Dividing Content Between Azure, Office 365 & SharePoint 2016
Hybrid Dilemma: Dividing Content Between Azure, Office 365 & SharePoint 2016
 
USG Summit - September 2014 - Web Management using Drupal
USG Summit - September 2014 - Web Management using DrupalUSG Summit - September 2014 - Web Management using Drupal
USG Summit - September 2014 - Web Management using Drupal
 
Enterprise Level Tools and solutions for Accessibility - WorldSpace, Amaze an...
Enterprise Level Tools and solutions for Accessibility - WorldSpace, Amaze an...Enterprise Level Tools and solutions for Accessibility - WorldSpace, Amaze an...
Enterprise Level Tools and solutions for Accessibility - WorldSpace, Amaze an...
 
Data harmony update 2021
Data harmony update 2021 Data harmony update 2021
Data harmony update 2021
 

Ähnlich wie UKSG webinar: Authentication technology update: RA21 and OpenAthens with Josh Howlett, Jisc and Phil Leahy, Eduserv

Quick wins for an easier user journey
Quick wins for an easier user journeyQuick wins for an easier user journey
Quick wins for an easier user journeyOpenAthens
 
OpenAthens Conference 2018 - Adam Snook - Quick wins for an easier user journ...
OpenAthens Conference 2018 - Adam Snook - Quick wins for an easier user journ...OpenAthens Conference 2018 - Adam Snook - Quick wins for an easier user journ...
OpenAthens Conference 2018 - Adam Snook - Quick wins for an easier user journ...OpenAthens
 
Are you giving your users the best online experience - Webinar
Are you giving your users the best online experience - WebinarAre you giving your users the best online experience - Webinar
Are you giving your users the best online experience - WebinarOpenAthens
 
OpenAthens Cloud - Global access to your digital content
OpenAthens Cloud - Global access to your digital contentOpenAthens Cloud - Global access to your digital content
OpenAthens Cloud - Global access to your digital contentOpenAthens
 
Open source systems
Open source systemsOpen source systems
Open source systemsRYAN T.
 
Help your users to discover your content with OpenAthens and Link Resolvers
Help your users to discover your content with OpenAthens and Link ResolversHelp your users to discover your content with OpenAthens and Link Resolvers
Help your users to discover your content with OpenAthens and Link ResolversEduserv
 
OER Authoring and Delivery Platforms
OER Authoring and Delivery PlatformsOER Authoring and Delivery Platforms
OER Authoring and Delivery PlatformsUna Daly
 
Online Journal Management using Open Journal Systems (OJS)
Online Journal Management using Open Journal Systems (OJS)Online Journal Management using Open Journal Systems (OJS)
Online Journal Management using Open Journal Systems (OJS)Ina Smith
 
ufsojs-161024084446 (1).pdf
ufsojs-161024084446 (1).pdfufsojs-161024084446 (1).pdf
ufsojs-161024084446 (1).pdfTeshome Oljira
 
Geek out : Adding Coding Skills to Your Professional Repertoire
Geek out: Adding Coding Skills to Your Professional RepertoireGeek out: Adding Coding Skills to Your Professional Repertoire
Geek out : Adding Coding Skills to Your Professional RepertoireBohyun Kim
 
Use of "NewGenLib" Open Source Software for Library Automation, Digital Libra...
Use of "NewGenLib" Open Source Software for Library Automation, Digital Libra...Use of "NewGenLib" Open Source Software for Library Automation, Digital Libra...
Use of "NewGenLib" Open Source Software for Library Automation, Digital Libra...Emmanuel E C
 
Social networks: technical issues
Social networks: technical issuesSocial networks: technical issues
Social networks: technical issuesMorgan Magnin
 

Ähnlich wie UKSG webinar: Authentication technology update: RA21 and OpenAthens with Josh Howlett, Jisc and Phil Leahy, Eduserv (20)

Quick wins for an easier user journey
Quick wins for an easier user journeyQuick wins for an easier user journey
Quick wins for an easier user journey
 
OpenAthens Conference 2018 - Adam Snook - Quick wins for an easier user journ...
OpenAthens Conference 2018 - Adam Snook - Quick wins for an easier user journ...OpenAthens Conference 2018 - Adam Snook - Quick wins for an easier user journ...
OpenAthens Conference 2018 - Adam Snook - Quick wins for an easier user journ...
 
Are you giving your users the best online experience - Webinar
Are you giving your users the best online experience - WebinarAre you giving your users the best online experience - Webinar
Are you giving your users the best online experience - Webinar
 
OpenAthens Cloud - Global access to your digital content
OpenAthens Cloud - Global access to your digital contentOpenAthens Cloud - Global access to your digital content
OpenAthens Cloud - Global access to your digital content
 
Today's forecast for your campus: BLUEcloud
 Today's forecast for your campus: BLUEcloud Today's forecast for your campus: BLUEcloud
Today's forecast for your campus: BLUEcloud
 
Remote xs
Remote xsRemote xs
Remote xs
 
Open Source & Libraries
Open Source & LibrariesOpen Source & Libraries
Open Source & Libraries
 
Open source systems
Open source systemsOpen source systems
Open source systems
 
Help your users to discover your content with OpenAthens and Link Resolvers
Help your users to discover your content with OpenAthens and Link ResolversHelp your users to discover your content with OpenAthens and Link Resolvers
Help your users to discover your content with OpenAthens and Link Resolvers
 
OER Authoring and Delivery Platforms
OER Authoring and Delivery PlatformsOER Authoring and Delivery Platforms
OER Authoring and Delivery Platforms
 
Online Journal Management using Open Journal Systems (OJS)
Online Journal Management using Open Journal Systems (OJS)Online Journal Management using Open Journal Systems (OJS)
Online Journal Management using Open Journal Systems (OJS)
 
ufsojs-161024084446 (1).pdf
ufsojs-161024084446 (1).pdfufsojs-161024084446 (1).pdf
ufsojs-161024084446 (1).pdf
 
Geek out : Adding Coding Skills to Your Professional Repertoire
Geek out: Adding Coding Skills to Your Professional RepertoireGeek out: Adding Coding Skills to Your Professional Repertoire
Geek out : Adding Coding Skills to Your Professional Repertoire
 
Open Access Tools
Open Access ToolsOpen Access Tools
Open Access Tools
 
Use of "NewGenLib" Open Source Software for Library Automation, Digital Libra...
Use of "NewGenLib" Open Source Software for Library Automation, Digital Libra...Use of "NewGenLib" Open Source Software for Library Automation, Digital Libra...
Use of "NewGenLib" Open Source Software for Library Automation, Digital Libra...
 
Library portal by Gaurav Boudh
Library portal by Gaurav BoudhLibrary portal by Gaurav Boudh
Library portal by Gaurav Boudh
 
Brou
BrouBrou
Brou
 
Sreedevi.v.s
Sreedevi.v.sSreedevi.v.s
Sreedevi.v.s
 
Resource discovery tools
Resource discovery toolsResource discovery tools
Resource discovery tools
 
Social networks: technical issues
Social networks: technical issuesSocial networks: technical issues
Social networks: technical issues
 

Mehr von UKSG: connecting the knowledge community

UKSG 2023 - A TDM journey: understanding user needs and developing library su...
UKSG 2023 - A TDM journey: understanding user needs and developing library su...UKSG 2023 - A TDM journey: understanding user needs and developing library su...
UKSG 2023 - A TDM journey: understanding user needs and developing library su...UKSG: connecting the knowledge community
 
UKSG 2023 - Cold comfort or hot potato: who’s responsible for publication eth...
UKSG 2023 - Cold comfort or hot potato: who’s responsible for publication eth...UKSG 2023 - Cold comfort or hot potato: who’s responsible for publication eth...
UKSG 2023 - Cold comfort or hot potato: who’s responsible for publication eth...UKSG: connecting the knowledge community
 
UKSG 2023 - UN Sustainable Development Goals (SDGs): Mapping Institutional Re...
UKSG 2023 - UN Sustainable Development Goals (SDGs): Mapping Institutional Re...UKSG 2023 - UN Sustainable Development Goals (SDGs): Mapping Institutional Re...
UKSG 2023 - UN Sustainable Development Goals (SDGs): Mapping Institutional Re...UKSG: connecting the knowledge community
 
UKSG 2023 - Supporting AfricArXiv and broadening our universities’ research a...
UKSG 2023 - Supporting AfricArXiv and broadening our universities’ research a...UKSG 2023 - Supporting AfricArXiv and broadening our universities’ research a...
UKSG 2023 - Supporting AfricArXiv and broadening our universities’ research a...UKSG: connecting the knowledge community
 
UKSG 2023 - Gender and ethnicity productivity patterns in the scientific lite...
UKSG 2023 - Gender and ethnicity productivity patterns in the scientific lite...UKSG 2023 - Gender and ethnicity productivity patterns in the scientific lite...
UKSG 2023 - Gender and ethnicity productivity patterns in the scientific lite...UKSG: connecting the knowledge community
 
UKSG 2023 - Innovation vs Onboarding for the Future of Academic Publishing: S...
UKSG 2023 - Innovation vs Onboarding for the Future of Academic Publishing: S...UKSG 2023 - Innovation vs Onboarding for the Future of Academic Publishing: S...
UKSG 2023 - Innovation vs Onboarding for the Future of Academic Publishing: S...UKSG: connecting the knowledge community
 
UKSG 2023 - Increasing Collections Engagement at UoB – identifying and promot...
UKSG 2023 - Increasing Collections Engagement at UoB – identifying and promot...UKSG 2023 - Increasing Collections Engagement at UoB – identifying and promot...
UKSG 2023 - Increasing Collections Engagement at UoB – identifying and promot...UKSG: connecting the knowledge community
 
UKSG 2023 - A new role for COUNTER usage data in open access agreements.pdf
UKSG 2023 - A new role for COUNTER usage data in open access agreements.pdfUKSG 2023 - A new role for COUNTER usage data in open access agreements.pdf
UKSG 2023 - A new role for COUNTER usage data in open access agreements.pdfUKSG: connecting the knowledge community
 
UKSG 2023 - Will artificial intelligence change how readers use the research ...
UKSG 2023 - Will artificial intelligence change how readers use the research ...UKSG 2023 - Will artificial intelligence change how readers use the research ...
UKSG 2023 - Will artificial intelligence change how readers use the research ...UKSG: connecting the knowledge community
 
UKSG 2023 - Early career scientists. Their attitudes to and practices in scho...
UKSG 2023 - Early career scientists. Their attitudes to and practices in scho...UKSG 2023 - Early career scientists. Their attitudes to and practices in scho...
UKSG 2023 - Early career scientists. Their attitudes to and practices in scho...UKSG: connecting the knowledge community
 
UKSG 2023 - Old prices are old: New evaluation methods and price redistributi...
UKSG 2023 - Old prices are old: New evaluation methods and price redistributi...UKSG 2023 - Old prices are old: New evaluation methods and price redistributi...
UKSG 2023 - Old prices are old: New evaluation methods and price redistributi...UKSG: connecting the knowledge community
 
UKSG 2023 - Rights Retention for Open Research - the experience at Sheffield ...
UKSG 2023 - Rights Retention for Open Research - the experience at Sheffield ...UKSG 2023 - Rights Retention for Open Research - the experience at Sheffield ...
UKSG 2023 - Rights Retention for Open Research - the experience at Sheffield ...UKSG: connecting the knowledge community
 
UKSG 2023 - Amplifying hidden voices in primary source collections - Disrupti...
UKSG 2023 - Amplifying hidden voices in primary source collections - Disrupti...UKSG 2023 - Amplifying hidden voices in primary source collections - Disrupti...
UKSG 2023 - Amplifying hidden voices in primary source collections - Disrupti...UKSG: connecting the knowledge community
 
UKSG 2023 - What role should journal publications play in research evaluation
UKSG 2023 - What role should journal publications play in research evaluationUKSG 2023 - What role should journal publications play in research evaluation
UKSG 2023 - What role should journal publications play in research evaluationUKSG: connecting the knowledge community
 
UKSG 2023 - Challenges of moving to new publishing models - James Rice - Part 3
UKSG 2023 - Challenges of moving to new publishing models - James Rice - Part 3UKSG 2023 - Challenges of moving to new publishing models - James Rice - Part 3
UKSG 2023 - Challenges of moving to new publishing models - James Rice - Part 3UKSG: connecting the knowledge community
 
UKSG 2023 - Minimising environmental impact and improving sustainability, Cam...
UKSG 2023 - Minimising environmental impact and improving sustainability, Cam...UKSG 2023 - Minimising environmental impact and improving sustainability, Cam...
UKSG 2023 - Minimising environmental impact and improving sustainability, Cam...UKSG: connecting the knowledge community
 
UKSG 2023 - Certain in our uncertainty: Acknowledging, addressing and achievi...
UKSG 2023 - Certain in our uncertainty: Acknowledging, addressing and achievi...UKSG 2023 - Certain in our uncertainty: Acknowledging, addressing and achievi...
UKSG 2023 - Certain in our uncertainty: Acknowledging, addressing and achievi...UKSG: connecting the knowledge community
 
UKSG 2023 - Cybersecurity 101: What every librarian needs to know about prot...
UKSG 2023 - Cybersecurity 101:  What every librarian needs to know about prot...UKSG 2023 - Cybersecurity 101:  What every librarian needs to know about prot...
UKSG 2023 - Cybersecurity 101: What every librarian needs to know about prot...UKSG: connecting the knowledge community
 

Mehr von UKSG: connecting the knowledge community (20)

UKSG 2023 - A TDM journey: understanding user needs and developing library su...
UKSG 2023 - A TDM journey: understanding user needs and developing library su...UKSG 2023 - A TDM journey: understanding user needs and developing library su...
UKSG 2023 - A TDM journey: understanding user needs and developing library su...
 
UKSG 2023 - Cold comfort or hot potato: who’s responsible for publication eth...
UKSG 2023 - Cold comfort or hot potato: who’s responsible for publication eth...UKSG 2023 - Cold comfort or hot potato: who’s responsible for publication eth...
UKSG 2023 - Cold comfort or hot potato: who’s responsible for publication eth...
 
UKSG 2023 - UN Sustainable Development Goals (SDGs): Mapping Institutional Re...
UKSG 2023 - UN Sustainable Development Goals (SDGs): Mapping Institutional Re...UKSG 2023 - UN Sustainable Development Goals (SDGs): Mapping Institutional Re...
UKSG 2023 - UN Sustainable Development Goals (SDGs): Mapping Institutional Re...
 
UKSG 2023 - Supporting AfricArXiv and broadening our universities’ research a...
UKSG 2023 - Supporting AfricArXiv and broadening our universities’ research a...UKSG 2023 - Supporting AfricArXiv and broadening our universities’ research a...
UKSG 2023 - Supporting AfricArXiv and broadening our universities’ research a...
 
UKSG 2023 - Gender and ethnicity productivity patterns in the scientific lite...
UKSG 2023 - Gender and ethnicity productivity patterns in the scientific lite...UKSG 2023 - Gender and ethnicity productivity patterns in the scientific lite...
UKSG 2023 - Gender and ethnicity productivity patterns in the scientific lite...
 
UKSG 2023 - Innovation vs Onboarding for the Future of Academic Publishing: S...
UKSG 2023 - Innovation vs Onboarding for the Future of Academic Publishing: S...UKSG 2023 - Innovation vs Onboarding for the Future of Academic Publishing: S...
UKSG 2023 - Innovation vs Onboarding for the Future of Academic Publishing: S...
 
UKSG 2023 - Increasing Collections Engagement at UoB – identifying and promot...
UKSG 2023 - Increasing Collections Engagement at UoB – identifying and promot...UKSG 2023 - Increasing Collections Engagement at UoB – identifying and promot...
UKSG 2023 - Increasing Collections Engagement at UoB – identifying and promot...
 
UKSG 2023 - A new role for COUNTER usage data in open access agreements.pdf
UKSG 2023 - A new role for COUNTER usage data in open access agreements.pdfUKSG 2023 - A new role for COUNTER usage data in open access agreements.pdf
UKSG 2023 - A new role for COUNTER usage data in open access agreements.pdf
 
UKSG 2023 - Libraries as hubs for innovation and co-creation
UKSG 2023 - Libraries as hubs for innovation and co-creationUKSG 2023 - Libraries as hubs for innovation and co-creation
UKSG 2023 - Libraries as hubs for innovation and co-creation
 
UKSG 2023 - The development of a Staff Accessibility Network
UKSG 2023 - The development of a Staff Accessibility NetworkUKSG 2023 - The development of a Staff Accessibility Network
UKSG 2023 - The development of a Staff Accessibility Network
 
UKSG 2023 - Will artificial intelligence change how readers use the research ...
UKSG 2023 - Will artificial intelligence change how readers use the research ...UKSG 2023 - Will artificial intelligence change how readers use the research ...
UKSG 2023 - Will artificial intelligence change how readers use the research ...
 
UKSG 2023 - Early career scientists. Their attitudes to and practices in scho...
UKSG 2023 - Early career scientists. Their attitudes to and practices in scho...UKSG 2023 - Early career scientists. Their attitudes to and practices in scho...
UKSG 2023 - Early career scientists. Their attitudes to and practices in scho...
 
UKSG 2023 - Old prices are old: New evaluation methods and price redistributi...
UKSG 2023 - Old prices are old: New evaluation methods and price redistributi...UKSG 2023 - Old prices are old: New evaluation methods and price redistributi...
UKSG 2023 - Old prices are old: New evaluation methods and price redistributi...
 
UKSG 2023 - Rights Retention for Open Research - the experience at Sheffield ...
UKSG 2023 - Rights Retention for Open Research - the experience at Sheffield ...UKSG 2023 - Rights Retention for Open Research - the experience at Sheffield ...
UKSG 2023 - Rights Retention for Open Research - the experience at Sheffield ...
 
UKSG 2023 - Amplifying hidden voices in primary source collections - Disrupti...
UKSG 2023 - Amplifying hidden voices in primary source collections - Disrupti...UKSG 2023 - Amplifying hidden voices in primary source collections - Disrupti...
UKSG 2023 - Amplifying hidden voices in primary source collections - Disrupti...
 
UKSG 2023 - What role should journal publications play in research evaluation
UKSG 2023 - What role should journal publications play in research evaluationUKSG 2023 - What role should journal publications play in research evaluation
UKSG 2023 - What role should journal publications play in research evaluation
 
UKSG 2023 - Challenges of moving to new publishing models - James Rice - Part 3
UKSG 2023 - Challenges of moving to new publishing models - James Rice - Part 3UKSG 2023 - Challenges of moving to new publishing models - James Rice - Part 3
UKSG 2023 - Challenges of moving to new publishing models - James Rice - Part 3
 
UKSG 2023 - Minimising environmental impact and improving sustainability, Cam...
UKSG 2023 - Minimising environmental impact and improving sustainability, Cam...UKSG 2023 - Minimising environmental impact and improving sustainability, Cam...
UKSG 2023 - Minimising environmental impact and improving sustainability, Cam...
 
UKSG 2023 - Certain in our uncertainty: Acknowledging, addressing and achievi...
UKSG 2023 - Certain in our uncertainty: Acknowledging, addressing and achievi...UKSG 2023 - Certain in our uncertainty: Acknowledging, addressing and achievi...
UKSG 2023 - Certain in our uncertainty: Acknowledging, addressing and achievi...
 
UKSG 2023 - Cybersecurity 101: What every librarian needs to know about prot...
UKSG 2023 - Cybersecurity 101:  What every librarian needs to know about prot...UKSG 2023 - Cybersecurity 101:  What every librarian needs to know about prot...
UKSG 2023 - Cybersecurity 101: What every librarian needs to know about prot...
 

Kürzlich hochgeladen

What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?TechSoup
 
EBUS5423 Data Analytics and Reporting Bl
EBUS5423 Data Analytics and Reporting BlEBUS5423 Data Analytics and Reporting Bl
EBUS5423 Data Analytics and Reporting BlDr. Bruce A. Johnson
 
The basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxThe basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxheathfieldcps1
 
Ultra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptxUltra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptxDr. Asif Anas
 
3.21.24 The Origins of Black Power.pptx
3.21.24  The Origins of Black Power.pptx3.21.24  The Origins of Black Power.pptx
3.21.24 The Origins of Black Power.pptxmary850239
 
How to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 SalesHow to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 SalesCeline George
 
HED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfHED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfMohonDas
 
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRADUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRATanmoy Mishra
 
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptxClinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptxraviapr7
 
Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...
Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...
Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...Dr. Asif Anas
 
Over the counter (OTC)- Sale, rational use.pptx
Over the counter (OTC)- Sale, rational use.pptxOver the counter (OTC)- Sale, rational use.pptx
Over the counter (OTC)- Sale, rational use.pptxraviapr7
 
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptxSandy Millin
 
Riddhi Kevadiya. WILLIAM SHAKESPEARE....
Riddhi Kevadiya. WILLIAM SHAKESPEARE....Riddhi Kevadiya. WILLIAM SHAKESPEARE....
Riddhi Kevadiya. WILLIAM SHAKESPEARE....Riddhi Kevadiya
 
KARNAADA.pptx made by - saransh dwivedi ( SD ) - SHALAKYA TANTRA - ENT - 4...
KARNAADA.pptx  made by -  saransh dwivedi ( SD ) -  SHALAKYA TANTRA - ENT - 4...KARNAADA.pptx  made by -  saransh dwivedi ( SD ) -  SHALAKYA TANTRA - ENT - 4...
KARNAADA.pptx made by - saransh dwivedi ( SD ) - SHALAKYA TANTRA - ENT - 4...M56BOOKSTORE PRODUCT/SERVICE
 
Drug Information Services- DIC and Sources.
Drug Information Services- DIC and Sources.Drug Information Services- DIC and Sources.
Drug Information Services- DIC and Sources.raviapr7
 
Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...raviapr7
 
Slides CapTechTalks Webinar March 2024 Joshua Sinai.pptx
Slides CapTechTalks Webinar March 2024 Joshua Sinai.pptxSlides CapTechTalks Webinar March 2024 Joshua Sinai.pptx
Slides CapTechTalks Webinar March 2024 Joshua Sinai.pptxCapitolTechU
 
In - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptxIn - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptxAditiChauhan701637
 

Kürzlich hochgeladen (20)

What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?
 
EBUS5423 Data Analytics and Reporting Bl
EBUS5423 Data Analytics and Reporting BlEBUS5423 Data Analytics and Reporting Bl
EBUS5423 Data Analytics and Reporting Bl
 
The basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxThe basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptx
 
Ultra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptxUltra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptx
 
3.21.24 The Origins of Black Power.pptx
3.21.24  The Origins of Black Power.pptx3.21.24  The Origins of Black Power.pptx
3.21.24 The Origins of Black Power.pptx
 
How to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 SalesHow to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 Sales
 
HED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfHED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdf
 
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRADUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
 
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptxClinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
 
Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...
Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...
Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...
 
Over the counter (OTC)- Sale, rational use.pptx
Over the counter (OTC)- Sale, rational use.pptxOver the counter (OTC)- Sale, rational use.pptx
Over the counter (OTC)- Sale, rational use.pptx
 
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
 
Riddhi Kevadiya. WILLIAM SHAKESPEARE....
Riddhi Kevadiya. WILLIAM SHAKESPEARE....Riddhi Kevadiya. WILLIAM SHAKESPEARE....
Riddhi Kevadiya. WILLIAM SHAKESPEARE....
 
KARNAADA.pptx made by - saransh dwivedi ( SD ) - SHALAKYA TANTRA - ENT - 4...
KARNAADA.pptx  made by -  saransh dwivedi ( SD ) -  SHALAKYA TANTRA - ENT - 4...KARNAADA.pptx  made by -  saransh dwivedi ( SD ) -  SHALAKYA TANTRA - ENT - 4...
KARNAADA.pptx made by - saransh dwivedi ( SD ) - SHALAKYA TANTRA - ENT - 4...
 
Personal Resilience in Project Management 2 - TV Edit 1a.pdf
Personal Resilience in Project Management 2 - TV Edit 1a.pdfPersonal Resilience in Project Management 2 - TV Edit 1a.pdf
Personal Resilience in Project Management 2 - TV Edit 1a.pdf
 
Drug Information Services- DIC and Sources.
Drug Information Services- DIC and Sources.Drug Information Services- DIC and Sources.
Drug Information Services- DIC and Sources.
 
Prelims of Kant get Marx 2.0: a general politics quiz
Prelims of Kant get Marx 2.0: a general politics quizPrelims of Kant get Marx 2.0: a general politics quiz
Prelims of Kant get Marx 2.0: a general politics quiz
 
Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...
 
Slides CapTechTalks Webinar March 2024 Joshua Sinai.pptx
Slides CapTechTalks Webinar March 2024 Joshua Sinai.pptxSlides CapTechTalks Webinar March 2024 Joshua Sinai.pptx
Slides CapTechTalks Webinar March 2024 Joshua Sinai.pptx
 
In - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptxIn - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptx
 

UKSG webinar: Authentication technology update: RA21 and OpenAthens with Josh Howlett, Jisc and Phil Leahy, Eduserv

Hinweis der Redaktion

  1. This is the impact of OpenAthens single sign-on software – across the globe. Publishers can add their content to a user’s existing portfolio instead of existing within its own silo. We’ve got ten years experience of developing Shibboleth and SAML software which is used by some of the world’s largest content providers including Wolters Kluwer Health, New Scientist and the FT. The OpenAthens Federation is the trust authority which allows content providers and their customers to connect to each other without requiring technical setup each time.
  2. Here is a list of the access management tools typically used by organisations subscribing to external content. It’s been pointed out to me that the shortfalls of current authentication technologies were well covered at the UKSG conference earlier this year, but there have already been several questions submitted along those lines so I’m going to try and find the sweet spot between that and current technologies and future opportunities which are more interesting. Easily shared and relies on security through obscurity Easily shared and relies on security through obscurity How long have you got? (“Developments in proxy servers”, “Comparison between OA and Library Proxy”, “How it works and cost comparisons with EZProxy etc”, “Comparison with EZproxy”) Identifies only the organisation Cannot identify offenders who breach license terms No meaningful statistics Have to maintain a list of IP addresses with every supplier Remote access requires VPN or additional proxy Personalisation either non-existent or requires separate registration Expensive to implement and manage, inefficient single-use peer-to-peer connections
  3. This is a typical federated user journey that our software helps deliver. So – we have an end user browsing the web looking for academic or scholarly content And all the time they are hitting barriers and being asked for a username and password They get frustrated But – in comes OpenAthens! With just one username and password, the patron can access an array of online resources – and crucially move between resources on different publisher sites
  4. Patrons become more mobile – fewer ties to the physical library building, study is anywhere and everywhere Personalization is expected – we’re all used to the Amazon or Netflix experience and at least in the UK, there is an expectation that library resources should behave in the same manner – saved searches, recommended favourites etc. Multiple devices are used for study – access to library content needs to be consistent and seamless regardless of the device used
  5. And for librarians… More tech services to manage – VLE, Discovery, Website, Proxy Server Multiple tech services must integrate – single sign-on is key Monitor and report on E-library engagement – who’s accessing our services, how often and from where?
  6. Here’s a typical scenario: when a new user enrols at a university or starts work at a new job, that organisation will have a process which automatically grants access to the internal and external resources they need to participate in their course or do their job. That process applies the appropriate permissions and controls to ensure they can only access what they entitled to and will typically include access to their nearest printer, the network drives for access to the documents they need, a VLE, discovery tools and/or LMS and increasingly, their organisation’s subscription content – all with a single username and password. Most popular choice across all markets. OpenAthens is part of an ecosystem and our docs help organisations integrate different components
  7. Multi-country misuse Audit logs now available in OpenAthens (“How can the usage (not just login) statistics be captured?”)
  8. The options available to subscribing organisations on how to participate in an access management federation are better than ever. “The ability to restrict access to sub-groups within the University” “How is the access by temporary guests handled by OpenAthens?” “Configuring access for overseas/partnership institutions” “Authentication for partnerships - based in the UK and abroad” OpenAthens offers these connection options so whatever your organisation has in place, it’s likely that OpenAthens can help an organisation use Shibboleth or SAML because…
  9. …we also offer tools which allow self-built interfaces. Offers maximum flexibility – but it requires developer effort at the organisation. “What would be the best means of authentication to use for a small institution with limited resources to access eBooks?”
  10. So the fact that… It is the nature of federated access management in general and OpenAthens products in particular to use a standards based approaches wherever possible. This allows true SSO with a number of apps such as…
  11. This shows a number of common apps our customer use OpenAthens to integrate with. OpenAthens plays well with all discovery services “We are moving to Alma Summer of 2018 I wonder which authentication to use, EZ Proxy or Open Athens for the link resolver”
  12. But how can all that happen in a privacy-protecting way? Earlier on I said personalisation is now expected from a range of services such as Amazon or Netflix. There is a view that: without personalisation, none of the benefits of a modern digital service are available, i.e. more engagement, attracting users to return, learning more about their needs and tailoring products accordingly. That level of detail helps everyone. It helps content providers segment their products and direct it at particular users, and by providing greater transparency of how collections are being used, it helps an organisation make more informed purchase decisions. But… “a (happily very vocal) majority who are unwilling to compromise user privacy for the sake of some assessment metrics” Do users now expect that from library services too? Some librarians are concerned about the privacy issues this raises, and they see IP recognition as the better option precisely because it’s anonymous. Take a look at this image sent to me during a dialogue I had over Twitter with a US librarian (although this view is not exclusive to the US). This is a detailed user consent page which explains which attributes about this user were going to be passed to the content provider. [description] If the user did not provide their consent, they were not permitted to see the content.
  13. Would there be more confidence around privacy if IdPs took a closer look at their attribute release policies, and content providers were more circumspect about the attributes they requested? Many users will submit this same level of personal information on a form they’re presented with the first time they access a service. Is that substantially different from a Netflix or Amazon subscription? However, if a content provider receives a narrower set of attributes which has no identifying information but which allows the user to personalise the experience, e.g. via saved searches and alerts, would that be sufficient to satisfy the content provider? This is the functionality OpenAthens makes available to organisations so they can control attribute release quickly and easily. And we’re making similar products available to content providers so they can leverage the benefits of Shibboleth and SAML without having to become experts in that technology, so here’s a brief word about that.
  14. But there is an alternative. It is now possible to derive all the benefits which SAML brings without having to deploy it. As I said earlier, OpenAthens has ten years’ experience of developing SAML software and having seen the issues which I just described for some time, we decided to take a new approach and developed OpenAthens Cloud. The only technology a content provider needs to deploy is OpenID Connect – everything else is managed in our web dashboard. OpenID Connect is supported by key industry players like Symantec and Microsoft. It's a newer technology than SAML but unlike SAML, it's extensible to web-based native apps as well as mobile applications.
  15. SAML is Enterprise – connections between identities and services within a scope Old tech XML, SOAP – mid 2000s Supports ’trusted relationships’ Formation of communities OIDC is Multi-billion user services JWT/ REST, Developer friendly Mobile- native Self-asserted trust
  16. I’m sure many of you will be familiar with seeing Google login options on a number of web services – that process uses OpenID Connect and as you can see, one of the benefits is a consistent login experience.
  17. And anytime you see a PayPal payment option on a website, it is using OpenID Connect to let you login via PayPal. Let me be clear: OpenAthens Cloud alone won't let a content provider add Google and PayPal login options to their products. But if that is on their wishlist, with OpenID Connect as the foundation that task would be easier.
  18. Here’s something else we’ve recently released for content providers, but it’s not something they can buy – any publisher registered in any Shibboleth or SAML access management federation can use it. Wayfinder is the OpenAthens Discovery Service which any publisher can deploy: Uses SAML attributes for scalability Uses domain hints and geolocation – UKFed are already promoting increased adoption of domain hints
  19. CASA = Context-Aware Scalable Authentication. Some big players are participating including HighWire – but based on Google Scholar usage.
  20. BeyondCorp had the stated goal that no Google employee should need to use a VPN. “We infer device trust based on a number of signals, some observed (last security scan, patch level, installed software, etc.) and some prescribed (assigned owner, VLAN, etc.). To handle this complexity, our inventory teams follow an automated provisioning process to ensure that new hire devices are correctly trusted at first login.” Contextual authentication is increasingly being talked about ------------------------- Contextual authentication takes into account the context of a service and deploys appropriate authentication challenge Encompasses multi-factor methods, where appropriate Intelligent IAM systems can change context dynamically (eg. location or suspicious activity) Authentication factors ---------------------- Trusted device Location/network (IP) Username/password SMS, push notification, OTP app, YubiKey Previous activity Reduce friction of authentication --------------------------------- Objective of contextual authentication is to reduce friction Misunderstanding of multi-factor is that is makes authentication more complex – inappropriate deployment No user-interaction unless necessary
  21. SAML is Enterprise – connections between identities and services within a scope Old tech XML, SOAP – mid 2000s Supports ’trusted relationships’ Formation of communities OIDC is Multi-billion user services JWT/ REST, Developer friendly Mobile- native Self-asserted trust Bottom line: with 10-12 years of investment in Shibboleth and SAML by content providers and subscribing organizations around the world, it’s not going anywhere soon. - My impression is that this is still pretty early days. There is a draft specification but it seems to be fairly early to me. There were two camps, one wanted existing OpenID implementations to work pretty much unmodified with the new spec. Others saw the need for more complexity in implementations (though there was recognition that this was a problem). I suspect some compromise will be reached.   - There is definitely a desire to learn from 10 years of SAML federations and make notable improvements, like not shipping around massive blobs of XML. Hopefully the standard will be much simpler and inline with modern APIs.