Tuesday, 8 April 2014

Which Identity?

I'm in London today and tomorrow for a couple of JISC meetings. Today was the Identity Management Task Force, set up as part of the co-design process last year to look at the polices, processes and people issues around identity management. Not technical ones!

Some interesting discussion around what we mean by Identity Management. Does anyone really understand the phrase other than IT people and Librarians? Is it any wonder we can't get anyone else in our institutions to be interested in it if they don't know what it means? The simplest definition we could come up with is "access to stuff". Stuff that you need to do your job, or be a student. It could be an IT service, an electronic journal, a building, an email account, the Finance system, the VLE......

Part of the discussion was where we want to take the project now. We have lots of outputs from phase 1 although not necessarily disseminated yet to the wider community but that's another story....

One area we're already looking at in Sheffield which seemed to get a lot of support, was the whole question of identity. For example, students come to us with an identity, or multiple ones, and we give them another. Why not trust one of their other identities and let them use their Facebook authentication for example to get access to our services? I get access to many web based services using my google account, or my Facebook account, or another account, and we need to be looking at how we make things as easy as possible for our users. The world has changed since students came to us without even an email address and were hugely excited when we gave them one, and we need to change with it.

Tomorrow I'm at a workshop looking at what sort of innovative ideas JISC ought to be funding over the next year or two. I'm open to suggestions!




- Posted using BlogPress from my iPad

2 comments:

Simon Geller said...

Every project I do runs into an Identity Management problem. We really need to sort it out! We need a system that recognises that one person can have different roles - our current system doesn't allow for that.

Masud said...

Exactly the same sentiment here. Every project we do has similar identity related issues. Things have moved on a lot. We are still bound to the traditional model of "we own student data" whereas in reality, students own their data. We need to make it easier for them to access services. The end user doesn't care about OpenAthens or Shibboleth or OAuth, all they care about is a choice of familiar, easy to use services for authentication and authorisation.