Monday 4 August 2008

Shibboleth

Being an old fashioned kind of guy, I haven't really followed the withdrawal of funding by JISC from Athens in favour of the 'UK Access Management Federation' and 'Shibboleth' technology. But now that my institution has withdrawn Athens compliance, I can tell you that it is just like Athens only it works about 1/10th as well.

Currently I'm working outside the university network (you'd hope within a university network with relevant IP addresses anyone would be able to figure out how to organise access management) but under the new system instead of being able to sign in to Athens once and then access all journal articles via links in commonly used search engines like pubmed, or via links in journal articles, now I have to search the university database of subscribed journals, then enter the citation, then wait while it chugs along at about one mile per hour to finally serve up the paper. If I'm lucky the journal may have got around to adding the 'UK Access Management Federation' to its long list of alternative logins, and then if I find it, and select the relevant UK university from the long list, I may be able to get it to recognise that I've already signed in (saving me the time to type in my login and password, but little else).

So why change? Apparently 'federated access management' (where they ask your institution if you're signed in there, rather than having you sign in directly) is the bees knees, according to JISC:
"Users will have a single sign-on using an institutional ID and password for a wide range of resources, as well as the assurance that their personal data will not be disclosed to third parties.
Librarians will be free of the burden of user name and password administration, and will have new tools for managing licenses and service subscriptions.
IT managers will have more control of the access management process through enhancements to enterprise directories, although this will require additional institutional effort in the short term.
Institutions will have a single service to meet the requirements of e-learning, e-research and library-managed resources. Simplification of the authentication process has also proven to lead to increased use of subscribed services."
It is good to know that in order to allow a single sign-on username and password and to free up a little bit of time for librarians (the rest of that stuff is pie in the sky techno-wank) access to online journals has regressed ten years in terms of useability, speed of access. Am I missing something or is this another example of management idiots fucking it up again? The potential benefits seem minimal and the implmentation is woeful.

5 comments:

Anonymous said...

I'm a mild-mannered person with no history of violence but in the past 10 days I would happily have embarked on burning buildings if it would force a re-think of this unbelievably stupid, clunky, inconvenient, badly-designed innovation.
[/flamethrower]

On the other hand, the problem may be with the implementation, not the system itself. However, polling myself, there is currently a 100% disapproval rating, maintained across several days so I should go with the wisdom of my crowd of one here. (I had a reference for this and I've lost it. Basically, you poll yourself for your opinon on a topic over several days - a crowdsource of one, if you will.)

Political Scientist said...

Can your IT department equip you with a Virtual Private Network (VPN)? As I understand it, this means you can get journal access as if your IP address were from the institution.

pj said...

Oh, I have access to VPN at home - the problem is that I often need to access journal articles via various NHS workstations at different locations so I can't use VPN.

Anonymous said...

I don't get it.

Oh. Wait. You mean people actually still read closed access journals? ;)

pj said...

Sadly we don't get the option to ignore people's research because they publish in closed access journals.