Thanks for visiting Research Information.

You're trying to access an editorial feature that is only available to logged in, registered users of Research Information. Registering is completely free, so why not sign up with us?

By registering, as well as being able to browse all content on the site without further interruption, you'll also have the option to receive our magazine (multiple times a year) and our email newsletters.

Sharing expertise for a successful future

Share this on social media:

Identity and access management is a critical aspect of academic and professional publishing, writes Jon Bentley

Identity and Access Management (IAM) is a critical aspect of academic and professional publishing  – the software that drives IAM solutions is at the core of connecting students, academics, and practicing professionals with the information they need in their studies and work.

Yet despite its fundamental nature, IAM can be difficult for content and identity providers to navigate due to its highly technical and multifaceted nature – while solutions such as OpenAthens cover simple access scenarios ‘out of the box’, every institution or organisation has their own established systems, requirements, and different levels of staff involvement in implementing IAM, meaning that there is no true ‘off the shelf’ solution that will completely cover every possible use case without considerable vendor liaison.

The research we undertook in 2015 into identity providers’ perspectives of IAM1 indicated an overall lack of confidence in, and understanding of, the intricacies and technologies involved; in speaking with content providers, we find a similar issue – there are pockets of knowledge, and some content providers have demonstrated a great understanding of the importance of the user journey, but within scholarly publishing as a whole identity and access management systems are seen as a technological issue to be resolved by development teams2, rather than an essential part of the process that warrants the attention of multiple stakeholders across the business. This can lead to a frustrating user journey, with technical terminology finding its way into user-facing environments, or login prompts appearing at unexpected places throughout the journey from content discovery to access:

Rhys Smith, chief technical architect for trust and identity at Jisc, said: 'We’ve long been advocating for a similar experience across all publisher sites, because even if the sign-in process is not completely intuitive, consistency and familiarity are second-best.'3

This highlights that, while there are standards for identity and access management operating ‘behind the scenes’, their implementation varies wildly from publisher to publisher. There have been moves to establish best practice in the space – for example, the Jisc Identity Management Toolkit4 – but little apparent appetite among platform holders to engage with a standardised user journey (particularly in the case of off-network access, a scenario that is increasingly common, and which presents a set of unique challenges).

Yet it’s the user journey that is at the heart of dissatisfaction and frustration with the reading experience. A complex, ill-defined, or obfuscated journey leads to frustration among users; even those who know how to navigate various login screens and have a deep understanding of the technologies involved can be frustrated to the point of abandoning their attempts to gain access to materials held by their institution. As John Sack, of Highwire, puts it: 'I do enough research in my work to know how bad off-network access can be. Even though I am used to negotiating proxy servers and VPNs – it’s often easier to just click on a free copy [than to negotiate login prompts].'5

Awareness and shared resourcing will be the key to making IAM work better for all involved. There are few established fora for those working in the space to share information and best practice; a situation compounded by knowledge transfer issues within organisations that can set developments back considerably when an individual with in-depth knowledge of a system moves roles. IAM is a fundamental necessity for content providers, and yet knowledge of the space is specialised, and compartmentalised into specific roles or teams, rather than acknowledged as a crucial part of the customer experience – perhaps because resolving the problems does not present a competitive advantage for an individual publisher, and any novel approach that addresses these issues would need widespread adoption to ensure its success.

Vida Damijonaitis, director of worldwide sales at the American Medical Association, said: 'We want to make content as easily available as possible, because the more barriers there are, the easier it is [for readers] to give up… it’s hard to improve things like this in a vacuum. It’s difficult for libraries to adapt to something that only one publisher is doing, even if it’s really good.'6

We strongly believe that the future of identity and access management is collaboration. Publishers are individually listening closely to the needs of institutions, but due to the lack of cross-industry discussions, many people are working in silos to solve the same problems in different ways. Sharing best practice and increasing lines of communication between all those working on the user journey is an important step in ensuring the best experience for our community of readers, regardless of which site or authentication suite they are using.

Jon Bentley is head of product marketing for Eduserv

References:

1. http://www.eduserv.org.uk/insight/reports/IAM-librarian-research

2. Lloyd, T, Access management: the overlooked but critical enabler, Learned Publishing, October 2015 28: 292–297 (http://onlinelibrary.wiley.com/doi/10.1087/20150408/full)

3. Quote from an interview conducted by OpenAthens

4. https://identitymanagementinfokit.pbworks.com/w/page/50989755/Home

5. Quote from an interview conducted by OpenAthens

6. ibid