Seamless Access Update - NISO Annual Meeting 2020
Seamless Access Update - NISO Annual Meeting 2020
https://asa1cadmoremedia.blob.core.windows.net/asset-7df01a4d-5f55-4ee5-9bf7-87b2665fd368/NISO Annual Meeting Seamless Access Update.m4v
JASON GRIFFEY: Hi, everyone. This is Jason Griffey, Director of Strategic Initiatives at NISO. Thank you so much for coming back and being interested in the SeamlessAccess project. This SeamlessAccess update was supposed to be a part of the live NISO Annual Meeting 2020 that happened earlier today and, unfortunately, got bumped because of timing. But what I'm going to do is spend just a few minutes here, very quickly going through some of the news that I think is particularly exciting from the SeamlessAccess project that NISO is a part of.
JASON GRIFFEY: There were three things that I wanted to focus on as part of this update-- one, implementations, because those are new for this year. We have some very exciting implementations, both already happened and happening. Entity category work-- this is particularly of interest to our library community, where the patron privacy is obviously a primary concern, and so the entity category work that SeamlessAccess has been doing is fundamental to being able to protect patron privacy moving forward in this-- in the world of federated authentication.
JASON GRIFFEY: And then, I'm going to finish with outreach and education because we're going to-- we both have interesting things, and we will have more things coming that I think will be very interesting for people to be able to keep up with projects. So, very quickly, we have now live implementations. We-- a year ago, we were still working towards them. And, at this point, we have multiple publishers up and running with SeamlessAccess-- the first of those was Springer Nature.
JASON GRIFFEY: And they launched earlier this year-- late winter, early spring. And, you can see on their little circle there, Access Through Your Institution, with a little SeamlessAccess logo. That is now a live option for people who wish to access journal articles in Nature. They can use the federated authentication through SeamlessAccess to get there.
JASON GRIFFEY: The second implementer of this was ACS. ACS is now live with SeamlessAccess, and you can see an example of what their little button looks like for federated authentication through SeamlessAccess. The ACS story is particularly interesting for a couple of reasons-- one, they fast-tracked their implementation because of the COVID-19 concern around the world, where researchers were having particularly difficult times getting to the research that they needed because they were stuck at home.
JASON GRIFFEY: They were under quarantine and weren't on campus-- didn't have access to a VPN, couldn't get through via traditional sort of IP mechanisms. And so they fast-tracked their implementation in order to make sure that researchers could get to the work that they needed. It was particularly interesting because, while ACS had a federated authentication mechanism up before, it wasn't through SeamlessAccess.
JASON GRIFFEY: It was more traditional federation-- federated systems. And when they launched SeamlessAccess as their-- as a federated authentication option, in March, they had a 26 times increase-- that's 2,600% increase in federated authentications to the ACS publication website. And then, in April, that actually doubled to 52 times.
JASON GRIFFEY: They had 5,200% increase in federated authentication after implementing the SeamlessAccess button. So it just shows that when you reduce friction to research, it really does drive usage. It's a really fantastic success story coming out of ACS. So those two are live. We have many more coming before the end of the year. Three of the big ones-- Wiley, Digital Science, and Elsevier-- are all planning to launch SeamlessAccess federated authentication through their sites before the end of the year.
JASON GRIFFEY: So it's a big swath of science publishers in the world that will hopefully be live by the end of the year via SeamlessAccess. So it's very exciting. So it's in use. We have great evidence that people are excited to be using it, and we have more coming on board over the course of the next few months. So second piece that I wanted to talk about in-- what we've been doing over the last year is around entity categories and attribute release.
JASON GRIFFEY: And if you're not familiar with federated authentication, these may be somewhat fuzzy concepts, but attribute release just means the things that are shared between a service provider and an identity provider when authentication is asked for, right? So, what do they share? Do they share a name? Do they share a university?
JASON GRIFFEY: Do they share-- what are the things that are being released? And then-- and the entity category is sort of the definition-- what things ought to be released. That's the sort of standard for that communication mechanism. And so, currently, there's only really one entity category that's recognized in the world of federated authentication-- that's Research and Scholarship.
JASON GRIFFEY: R&S is what it's usually called. And, in that, there's actually a lot of information that gets shared. It's a really robust entity category-- lots of information being shared back and forth. This is not actually appropriate to a lot of libraries-- is where-- what libraries are going to be interested in. It's a far more private set of authentication mechanisms, where things are not being shared-- you know, the name of the patron, that sort of thing, isn't being shared.
JASON GRIFFEY: And so, SeamlessAccess has gone through the-- done the work to define three new entity categories-- authentication only, anonymous authorization, and pseudonymous authorization-- which, the three of them, have slightly varying levels of privacy associated with them. All of them are much more privacy focused than R&Ss and will be, I think, incredibly suitable for the sorts of concerns-- will be answers to the sorts of concerns that librarians have about patron privacy in this authentication mechanism.
JASON GRIFFEY: And so, these are-- these been approved internally by the SeamlessAccess Group and are being passed off to REFEDS, in order to pursue them as formal standards. REFEDS is going to be driving that formal standards process with NISO as a cosponsor. The reason that REFEDS is doing the sort of formal standards work there is that they are already the owner of the R&S entity category, and so it makes sense for them to sort of all live together.
JASON GRIFFEY: And so, NISO is going to be operating as a cosponsor and have our own internal process to do some review of the work that's done there. The public comment for these entity categories is going to begin around July 1 and will run through the end of August. So you'll have a couple of months to do public comments relating to these entity categories, as soon as those go live on the REFEDS site, and we have a mechanism that we can share.
JASON GRIFFEY: NISO will be sharing that very broadly. We would love to have as much NISO community input on those standards as possible, so we're definitely going to be doing a lot of outreach relating to that. The other thing that will be coming very soon within the next little bit is a new working group within SeamlessAccess called the Contract Language Working Group.
JASON GRIFFEY: The entity categories are a formal technical definition of the privacy requirements of, primarily, libraries that drive that authentication mechanism. But technical definitions aren't the only thing that can be used to protect privacy. Legal and contract language can be used to do that as well. And so, we're-- we want there to be both the technical protections in place, as well as the contract language protections in place.
JASON GRIFFEY: And so we're going to be putting together a working group that's in process now where we're going to be coming up with some standardized language that libraries can use when in conversation with service providers in order to make sure that the entity categories are being held to effectively, right? So that's very exciting. I'm excited to be able to try to, you know, make sure that libraries get all of the protections that they need in this particular realm.
JASON GRIFFEY: And then the last piece that I wanted to give you an update on is outreach and education. SeamlessAccess.org has grown quite a bit as far as the-- sort of, all of the things that we've been doing over the last year. The website has been thoroughly revamped and is continuing to be revamped. It's a lot more friendly and useful-- lots more information there now.
JASON GRIFFEY: We're actually getting ready to add a-- an entire section of it dedicated just to education and learning. But the piece that I wanted to bring your attention to specifically was if you are interested in this project, make sure you take a look at the blog that is associated with the website because it is getting regular updates. It always gets our monthly newsletter.
JASON GRIFFEY: And anytime we have any sort of specific educational outreach thing that's happened, we make sure and put those up. Couple of those have happened just in the last couple of weeks. One of those is a-- the publication of a summary of findings of a survey that was done regarding SeamlessAccess and federated authentication understanding as it relates to both IT groups and library groups and how those two see and can-- you know, what are the commonalities and uncommon-- and discommonalities of their understanding of federated authentication?
JASON GRIFFEY: And so, that is up and live on the site right now. It's a really great document. Emily Singley from Boston College led that project with Raoul and Rich, as you can see there on the screen helping. So there's a great publication with some data behind it there. We are also in the process of producing an entire series of videos about SeamlessAccess to try and ensure that people sort of understand all the pieces.
JASON GRIFFEY: As I said a little earlier, federated authentication is a fairly technical piece of the work that's being done in scholarship, and so the explaining of it is difficult. We're trying to make it a little easier to do by producing some small, short videos that explain the various pieces and how SeamlessAccess fits in. And so our first two are up and live on our YouTube channel-- "How Federated Authentication Works" and "Privacy, Attributes, and Why They're Important." So if you don't understand what I was talking about earlier with entity categories, and you would like to, hopefully these two videos will help.
JASON GRIFFEY: We have-- again, this is going to be a series we're working on-- further videos. These will be available. As we get them done, we'll be rolling them out. And so, for all of that information on the blog; all of the continuing newsletter information; a link to the YouTube channel; information about how you can volunteer, if you are interested in any of these areas, especially things like the Contract Working Group; to make sure that you're on the mailing list so that if you are interested in the review period for the entity category-- entity categories-- all of that, you can find at SeamlessAccess.org. And there are easy ways for you to sign up to get information to stay in touch with what's going on with this project.
JASON GRIFFEY: So thank you very much. And if you have any questions, again, firstname.lastname@example.org is an email address. You can drop an email there, and one of us will get right back to you. Thank you so much. Bye.