APSR Identifying Researchers Workshop

This is one of the workshops that has been on my to do list to review online but that has taken me a while to get to it.  That’s a shame because there is a lot of useful material in here on identity in general and specifically on reputation management on the web.   Before I get started on describing the workshop, my thanks go to Patty McMillan, who presented at the workshop and mailed me through the link for the presentations and papers.

The workshop was, in its own words, about the issue of managing researcher and author identities:

[This issue] is a significant one that has an impact on a range of situations including, but not limited to, scholarly communications. This is an issue not only for researchers who nowadays interact with multiple identity and security systems but also for scholarly communications where the need to accurately identify authors and describe their scholarly resources is increasing in importance. The purpose of the workshop therefore is to bring together people from these diverse fields, with a view to seeking common ground and coordinating developments in author identity management in Australia. Some of the day will be spent analysing and sharing the experience of people delivering services in the current scholarly communications environment. A discussion of some of the burgeoning solutions for author identity management will also take place.

What was particularly interesting was the diversity of opinions and ways of approaching this. There are very clear ties to identity management on a number of levels:

• Access to systems - how does the researcher securely identify themselves to be able to collaborate with external groups and access systems in the university;
• Reputation management - how does the researcher ensure that they are accurately represented and attributed in a range of systems they may not necessarily control;
• Applied identity - how does identity affect other areas such as scholarly comms;

All of these tie in with what JISC is already working on so it’s of significant interest.  The AMTP Programme to get institutions to join the UK federation is already affecting how users including researchers get access to journals and will soon, with SARoNGS and projects such as GFIVO affect how they interact with other researchers.  They already have some element of managing their identity within systems within projects such as myExperiment and this is likely to increase as virtual research environments (VREs) and eScience simply become part of the toolset researchers use.

Lawrie Phipps and I did a session at the NGE Event this year on reputation management that was raising similar issues about how reliable reporting of a researcher’s output online was becoming increasingly important to how they were perceived.  With the rise of Open Access publishing and new research evaluation frameworks being developed worldwide then I would think that’s only going to be come more important.

Finally, our future work on identity and access management is going to look at consolidating what we have but ensuring that we then apply this within specific areas such as e-learning, e-research, repositories, etc.  It’s only by doing this that we are going to find out whether the pilots and studies we have carried out so far work on a much larger scale.

So, the presentations and papers are definitely worth a look and can be found here.

PRIME Whitepaper

I saw the PRIME Whitepaper today on one of the working groups I am on and it seemed a good, succinct summary of what PRIME (Privacy and Identity Management for Europe) calls privacy enhancing identity management.  The whitepaper also has quite a lot to say that relates to user-centric identity management, which appears to be flavour of the moment. PRIME is one of the EU FP6 projects that is looking at developing  a working prototype of a privacy-enhancing Identity Management System.

The best description of where the whitepaper is coming from is a direct quote from it:

‘Effective management of information privacy requires new tools starting with the minimisation of personal data disclosure. Furthermore, users can be empowered with tools that allow them to negotiate privacy policies with service providers.
This would require systems that enforce agreed policies by technical means, and keep
track of data collection and usage. In addition to user side applications, service providers will be
required to put adequate protection mechanisms in place and align business processes to take
advantage of these mechanisms. ‘

The whitepaper has a useful review of identity concepts and definitions and a use case that I would say pretty much anyone can understand, which to my mind makes it a useful 101 for personal data issues, providing you take the usual dose of salt with it.

If you’re interested in the work that has continued from the PRIME project then have a look at the FP7 projecets PrimeLife (www.primelife.eu) and PICOS (www.picos-project.eu).

It’s all about the Process and Training

If you haven’t read the recent reports on the root causes of government data loss and you deal with personal data at your institution then you really should.  They highlight that whilst the technology was adequate for the job both the training, culture and process were far from adequate.  If you only read one report, though, then this should be it.  The data handling review gives some good pointers on how process, training and cultural adptation are vital to ensure that personal data is handled sensitively and appropriately.  It’s a message we relayed through the Identity Project and as we store more and more personal data about staff and students then we need to have measures in place to ensure that everyone who deals with it knows how they should be handling the data so that the end user gets the experience they deserve and can be secure in the knowledge that their identity is safe.

AOL Adopts Vidoop

Interesting to see that AOL has taken on board Vidoop, the visual authentication system, as part of its OpenID initiative.  Whilst this will help users to sign on to OpenID, exactly what are they going to get to once they have signed on?  AOL is not yet a relying party so AOL users can’t use OpenID to access any AOL services.  As previously said, OpenID needs to start getting some heavier weight service providers on board to be truly useful.  Compare this with the UK federation where we’ve been busily getting service providers on board as well as identity providers…

It’s also good to see AOL adopt Vidoop.  There have been quite a few studies in this area as it has been proven to increase usability, within certain limits (searching for ‘Sasse’ and ‘visual authentication’ gives a good number of links if you want further readable background) .  Vidoop gives us a chance to see what the pros and cons are on a much larger scale.

• Search

  
  

• Recently Written

  • Audiences
  • JISC OpenID Report
  • AHM2008
  • Less of the XML
  • IDM2008
  • NGS Innovation Forum 2008
  • New Research Project: Privacy Value Networks
  • Grant 10/08: Project to Develop an Identity Toolkit
  • 30-5-10
  • TERENA NRENs and Grids Meeting, September 2008

• Categories

  • Access Management
  • eResearch
  • General
  • Identity Management
  • JISC
  • Project Management

• Archives

  • December 2008
  • November 2008
  • October 2008
  • September 2008
  • August 2008
  • July 2008
  • June 2008
  • May 2008

• Blogroll

  • WordPress.com
  • WordPress.org

• Admin

  • Login
  • WordPress
  • XHTML