Library Technology Guides

Document Repository

NISO Publishes Recommended Practice on Single Sign-on Authentication

Press Release: NISO [November 7, 2011]

Copyright (c) 2011 NISO

Abstract: The National Information Standards Organization announces the publication of a new Recommended Practice, ESPReSSO: Establishing Suggested Practices Regarding Single Sign-On (NISO RP-11-2011), that identifies practical solutions for improving the use of single sign-on authentication technologies to ensure a seamless experience for the user. This recommended practice is the result of the NISO Chair's Initiative-a project of the chair of NISO's Board of Directors, focusing on a specific issue that would benefit from study and the development of a recommended practice or standard. Oliver Pesch, Chief Strategist for E-Resource Access and Management Services at EBSCO Information Services and the 2008-2009 Chair of NISO's Board of Directors, chose the issue of standardizing seamless, item-level linking through single sign-on (SSO) authentication technologies in a networked information environment, which resulted in the formation of the ESPReSSO Working Group.


Baltimore, MD, November 7, 2011 - The National Information Standards Organization (NISO) announces the publication of a new Recommended Practice, ESPReSSO: Establishing Suggested Practices Regarding Single Sign-On (NISO RP-11-2011), that identifies practical solutions for improving the use of single sign-on authentication technologies to ensure a seamless experience for the user. This recommended practice is the result of the NISO Chair's Initiative-a project of the chair of NISO's Board of Directors, focusing on a specific issue that would benefit from study and the development of a recommended practice or standard. Oliver Pesch, Chief Strategist for E-Resource Access and Management Services at EBSCO Information Services and the 2008-2009 Chair of NISO's Board of Directors, chose the issue of standardizing seamless, item-level linking through single sign-on (SSO) authentication technologies in a networked information environment, which resulted in the formation of the ESPReSSO Working Group.

Currently a hybrid environment of authentication practices exists, including older methods of userid/password, IP authentication, and/or proxy servers along with newer federated authentication protocols such as Athens and Shibboleth. The ESPReSSO recommended practice identifies changes that can be made immediately to improve the authentication experience for the user, even in a hybrid situation, while encouraging both publishers/service providers and libraries to transition to the newer Security Assertion Markup Language (SAML)-based authentication, such as Shibboleth.

"With the growing use of mobile devices and remote access, the older authentication methods are not manageable for either the content provider or the library," explains Steve Carmody, IT Architect, Computing and Information Services, at Brown University and co-chair of the NISO ESPReSSO Working Group. "The ESPReSSO recommendations will help bridge the transition to more robust authentication methods that better match the needs of today's users and eliminate the need for multiple identities."

"The growing use of web discovery services over the older federated search method have only increased the need for single sign-on authentication and consistency of access and context for the user," states Harry Kaplanian, Director of Technology, Serials Solutions, Inc., and co-chair of the NISO ESPReSSO Working Group. "With a discovery service portal, users are often unaware that they will ultimately be accessing resources across a broad spectrum of platforms and providers, and the multiple back-end logins that occur can be both confusing and frustrating. In addition to addressing this situation, the ESPReSSO recommendations also identify methods that can be used to maintain users' privacy while still offering them advanced functionality, such as saving searches between sessions."

"The ESPReSSO Working Group has produced a very forward-looking document," states Todd Carpenter, Managing Director of NISO. "It provides recommendations that can be implemented immediately in today's hybrid environment and will also transition the community towards the preferred single sign-on methodology."

The ESPReSSO Recommended Practice is available for free download from the NISO website at: www.niso.org/publications/rp.

Permalink:
View Citation
Publication Year:2011
Type of Material:Press Release
Language English
Issue:November 7, 2011
Publisher:NISO
Company: NISO
Record Number:16274
Last Update:2012-12-29 14:06:47
Date Created:2011-11-07 10:49:55