D'oh... note to self for future, don't post a private message to a public
mailing list.
Luckily nothing particularly private (or in fact decided for definite,
just initial thinking)! In fact, maybe a good thing to be public to get
some discussion going? I would be interested in anyone else's thoughts to
see if we're on the same page as everyone else...
R.
--
----------------------------------------------------------------------
Rhys Smith e: [log in to unmask]
Engineering Consultant: Identity & Access Management (GPG:0xDE2F024C)
Information Services,
Cardiff University, t: +44 (0) 29 2087 0126
39-41 Park Place, Cardiff, f: +44 (0) 29 2087 4285
CF10 3BB, United Kingdom. m: +44 (0) 7968 087 821
----------------------------------------------------------------------
From:
Rhys Smith <[log in to unmask]>
To:
[log in to unmask]
Date:
27/06/2009 11:03
Subject:
Re: [JISC-SHIBBOLETH] additional authorised users: commercial purposes
Nicole,
A response from Cardiff about your question. Please note this info is for
your info only - if you want to cite any of this as coming from us please
let me know and I'll find out for you what we're happy to be released
publicly and what we'd like kept private...
Our MCE (membership, categories and entitlements) has added the JISC
additional authorised users category of users. We haven't had any
instances of it yet, but it's there in case we need it. A comment from
someone on the MCE group = "Although never stated explicitly, I suspect
the underlying assumption was / is that we would offer institutional (i.e.
CU) credentials to such individuals from commercial organisations."
I think that would be the obvious way to enable this. Relying on their own
credentials, but being able for them to sign in via federated means as a
part of cardiff university, would involve hooking up our idm system / idp
up to their credential store - not a small amount of work for a small
benefit (there are other ways but they're a bit messy - letting them join
the federation and registering that that entity is covered under a cardiff
license?). Just giving them CU credentials that enabled them to do nothing
but use e-resources (i.e. no email, network login, blackboard access, etc
etc) would be the best way to do it I think. (note that this is just
initial thinking...)
Hope that's useful...
R.
--
----------------------------------------------------------------------
Rhys Smith e: [log in to unmask]
Engineering Consultant: Identity & Access Management (GPG:0xDE2F024C)
Information Services,
Cardiff University, t: +44 (0) 29 2087 0126
39-41 Park Place, Cardiff, f: +44 (0) 29 2087 4285
CF10 3BB, United Kingdom. m: +44 (0) 7968 087 821
----------------------------------------------------------------------
From:
Nicole Harris <[log in to unmask]>
To:
[log in to unmask]
Date:
18/06/2009 09:11
Subject:
[JISC-SHIBBOLETH] additional authorised users: commercial purposes
*Apologies for cross-posting*
Dear All
I am just in the process of finalising recommendations for attribute usage
for the JISC Collections Additional Authorised User Initiative, and would
like some advice from your collective knowledge about providing
credentials to SMEs funded by or affiliated to an institution. Would you
normally offer institutional credentials to such organisations, or expect
them to have their own identity management system?
Any experience you have would be gratefully received!
Many thanks
Nicole
--
---------------
JISC Executive
JISC London office
1st Floor, Brettenham House South
5 Lancaster Place
London WC2N 7EN
tel: +44 (0)20 3006 6035
mobile: +44 (0)7734 058308
fax: +44 (0)20 7240 5377
|