This document discusses how publisher access policies can break library workflows by being incompatible with how libraries authenticate users and link to resources. It provides three case studies of libraries that face "broken access" due to publishers not supporting the libraries' preferred authentication methods like Shibboleth single sign-on or not allowing the use of proxies needed for remote access. The document advocates that libraries plan their access strategies considering how readers, library technology, and external discovery services integrate with publisher access policies and authentication options.
1. Broken Access Publishing
OR
How to make your site incompatible
with library-intermediated workflows
Simon Inger, September 2013
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License
2. Discovery and Delivery
Library Web Pages
Resource Discovery,
e.g. Primo, Summon, EDS
Link Server/Resolver,
e.g. SFX, Serials 360, EDS
Target
3. Library Technology Components
• Library web pages
– Direct readers to the most appropriate place to
start their content discovery
• Resource Discovery Services (RDS)
– (Primo, Summon, EDS, a.k.a. web scale
discovery)
– A&I are indexes of content and usually library-
recommended
– Libraries invested much in multi-subject RDS
• Link server/resolver
– Manages multiple incarnations of content
8. Case study 1 – UK university
• Preferred sign-in method for library is Shibboleth
• Publisher supports Shibboleth
• Publisher offers free alumni access if it can be monitored
– Publisher does not support Shibboleth attributes (which
would report alumni)
– Publisher requires separate IP address
• Library needs readers to use IP address access instead
• Link server can only record one URL for each target, so on-
site and off-site users have to use proxy
– (Proxy is in another country or cloud based and invalidates publisher’s
Google analytics)
• Library finds it cannot get 2 IP addresses from proxy
provider
• Broken Access
9. Case study 2 – university in Oman
• Entire country uses single IP gateway because of
government censorship, so institutions indistinguishable
• Preferred sign-in method for library is Shibboleth
• Publisher supports Shibboleth
• Resource Discovery Service does not support Shibboleth
• Library needs readers to use IP address access instead, via
a proxy
• Publisher does not support proxies
• Broken Access
10. Case 3 – hospital in South Africa
• Whole regions of the medical sector in South Africa share IP
addresses, so institutions indistinguishable
• Many remote workers, often out in the field
• Library not advanced enough for Shibboleth
• Publisher supports off-site access and proxies, but licence
demands that only off-site users use the proxy
• Library’s only option anyway is to provide access for its
patrons via a proxy
– Library either breaches licence or doesn’t buy product
• Broken Access
15. Proxy and IP Access
Reader
•Unauth‐
enticated
•External SSO
•OpenID
•Facebook
•Google
•Yahoo
Library technology
•Library web
pages
•SSO
•Proxy
Externaldiscovery
•Google
•A&I
Publisher
•WAYF
•WAYFless
•IP
•Content
16. Proxy via local SSO
Reader
•Unauth‐
enticated
•External SSO
•OpenID
•Facebook
•Google
•Yahoo
Library technology
•Library web
pages
•SSO
•Proxy
Externaldiscovery
•Google
•A&I
Publisher
•WAYF
•WAYFless
•IP
•Content
17. Open Access
• This must all favour Open Access
publishing, right?
• Yes and No.
• If, in an Open Access future, libraries stay
intermediated, they are going to want to
measure the utility of each title they link
to, which means they will want usage
statistics, which means the OA publisher
will need to authenticate
• BUT – authentication can be much lighter
and is more likely to be compatible
18. Think How You Fit In, and Plan!
Library Web Pages
Resource Discovery,
e.g. Primo, Summon, EDS
Link Server/Resolver,
e.g. SFX, Serials 360, EDS
Target