TASI/LTSS Workshop
Total Page:16
File Type:pdf, Size:1020Kb
Issue 5 - To have authentication, etc, in order to access the material.
In your small group read through the quotes and suggested questions—these should be used to help start discussion off. Record any notes that you think are appropriate in the spaces provided.
Try to develop your ideas into a list of possible strategies that might improve ways of managing access to/authentication for electronic information resources. The ‘report back’ form could be used as an aid to focus your ideas, ready to present to the rest of the groups.
1. Quotes from other librarians and users
Librarians and users from other developing countries have made the following comments about authentication, passwords etc:
"at the moment the licenses that we're signing for databases and online journals limit use to UCT staff and students…some of the databases do have that very strict line about who can use it and some are very flexible and walk-in users of the library are allowed to use the things. But how, you know the librarians out there, how do they, somebody sits down, they use something they’re allowed to use, an outsider, sits down is using something that is free to everybody, what's to prevent them signing on to something that is restricted to UCT staff and students?"
"I'm using journals, Law journals. So because of the IP address I cannot access them from here, I have to go to the Law library, and that's the only place I can access them."
"…usually I use EBSCO, and then I use Sabinet as well, yah, these are the two main ones that I normally use. And then the other ones which need the password, those ones I go to the permanent staff, like the librarians."
"We subscribe to their Web site, but you click on a link and it goes straight to something that, to a page that requires a password and a user ID and stuff like that. When you click on anything involving IOP and it, because its all just through the university cache, you don't go, you know machine by machine, it all goes via cache, and that permission is there, they know where you're coming from, they know what your password is, they know what your ID number is and you know, what your user ID is."
"…you can sign up for specific workstations, and as I understand it the access to those workstations is then going to be IP authenticated. Um, but now, with our set up on campus, we all go through a proxy server so the computer at the other end is looking at our proxy server's IP and not the individual PCs IPs. So, my understanding might be incorrect here, but if we want to set up specific workstation access to those titles, we basically have to dedicate PCs…to do that because then they have to go to the Internet through a different route to the normal traffic so you know, I'm debating whether its worth paying however few dollars it was to get online access to Science for one workstation. You know the cost of actually dedicating one PC to that."
sfg/Phil Hobbs08baa143b1ba4ec2c89d8c2c5c9fed0a.doc Electronic Journals and Electronic Resources Library Management · 31 Jan 03 · Page 1 2. Suggested Questions
1. In what ways do library users and staff get authentication to access material at the moment?
2. Is there a need to improve the way in which authentication of users is done?
3. What resources are available to help (e.g. information/support from publishers, IT staff)?
4. What constraints there are on your ability to do this (examples of the sort of constraints that may apply are given in section 3)?
5. How can you manage these constraints?
6. Do different groups of people (e.g., library staff, academics, researchers, students, others) have different needs with regard to authentication? Give details.
sfg/Phil Hobbs08baa143b1ba4ec2c89d8c2c5c9fed0a.doc Electronic Journals and Electronic Resources Library Management · 31 Jan 03 · Page 2 7. What support, if any, might the different groups need?
8. What further information could we gather to support our decisions (suggestions of sources of further information are given in section 3)?
9. What strategies could we use to improve access and authentication management within our institution (strategies suggested in other workshops are given in section 3)?
10. What would the implications of implementing these strategies be for library staff and management (e.g. more expense/time/training needed)?
11. Any other thoughts?
sfg/Phil Hobbs08baa143b1ba4ec2c89d8c2c5c9fed0a.doc Electronic Journals and Electronic Resources Library Management · 31 Jan 03 · Page 3 3. Suggestions
The kind of constraints that may be applicable to question 4 are:
. Financial constraints—what are the real financial constraints that exist in your organisation? . Time constraints—what kind of timescales are we dealing with? How much time and effort will undertaking these activities take? Will this influence which activities are undertaken? . Skills shortages—are there any? Can they be addressed with training and staff development? What are the realities of this? . Staff shortages—what skills and staff are in short supply? Can this be addressed? How might this be done? . User resistance—what kinds of (if any) resistance might come from users? What implications may this have and how can it best be addressed? . Legal requirements—do these exist and, if so, what are they?
Possible sources of further information applicable to question 8 might include:
. Library users: finding out needs and opinions via questionnaires, feedback sessions, focus groups, meetings between library and academic staff, . Publishers and other vendors: may provide training, usage statistics, . Not-for-profit groups: for example, elib, OCLC, JSTOR, Andrew Mellon Foundation, UNESCO, CLIR . Other libraries: what can be learnt from others' policy statements, catalogues, web pages, etc? . Conferences: either through attendance and reporting back, or reading proceedings . Online discussion groups or conferences: specialist discussion groups cover most topics . Internet: free journals (e.g. Journal Electronic Publishing, PACS Review), conference reports, and a multitude of other resources
Possible strategies applicable to question 9 might include:
. Passwords--can become complicated with users needing to remember a great many of them to access a range of titles. . IP authentication--is simpler for the users providing they are on a recognised computer but can again be complicated by needs of remote users and multiple sites. Also create work for librarians/IT staff as they need to keep publishers informed of changes in IP addresses.
Other possible considerations on this issue might include:
. Ensuring that access is easily available to authorised users but that the terms of the licensing agreement for each resource are not broken. . Users who require remote access, for example when working from home or on remote campuses . Maintaining system security . Preventing misuse of resources
sfg/Phil Hobbs08baa143b1ba4ec2c89d8c2c5c9fed0a.doc Electronic Journals and Electronic Resources Library Management · 31 Jan 03 · Page 4