Simplifying Access

Simplifying Access to Electronic Resources: The changing model of information provision

It is easy to forget how rapid the transition from a paper-based to a web-based world has been. In much less than a decade a critical mass of teaching and learning material has been moved on-line while the great majority of new material is created electronically and only published on paper as a secondary consideration. Even that short space of time has seen new technologies evolve and largely decay. Key subscription databases are now web-based. This allows them to be rapidly updated and they require only a browser to be installed on the user’s machine. To a large extent gone are the days when vast numbers of CD-ROM applications had to be installed on client machines or on CD-ROM networking solutions. While web-based applications look set to remain a dominant force, the very speed of their spread leaves many user needs to be addressed and many organisational issues to be resolved. The technology may be ripe, but its support is still undernourished and providing high quality access to web-based information has produced new challenges for both the user and the organisation. One of the most taxing of these has been authentication.

Many disparate methods of authentication exist, ranging through organisational usernames and passwords, ATHENS, IP protection and heavily JavaScripted or SSL-enabled authentication systems. The difficult challenge for progressive information managers is to give simple access to a rich range of appropriate but multiply sourced web-based resources. Many colleges and universities have attempted to embrace this challenge by collating a list of electronic resources in a web page that may feed off a searchable database running on a web server. The user then clicks on a link to that resource. If the resource is ATHENS protected the user is forced to logon using their ATHENS credentials. This seemed an optimal solution but has proved to be only a partial answer. While it is very satisfactory if all the available resources are ATHENS enabled, it becomes much less convenient if the user intends to move through a variety of resources.

Unfortunately not all publishers employ ATHENS authentication. Many provide access via organisational username and password combinations. These credentials may be shared internally on some form of password list. But this scenario then creates an additional obstacle to accessing these password-protected resources, which adds a layer of frustration to the user’s desire to navigate simply through a set of resources, frustration usually vented on service managers who appear unable to resolve this apparently trivial issue.

Organisations that are unable to participate in the use of ATHENS, or equivalent services, might alternatively decide to implement a proxy-based solution and seek to solely subscribe to IP-protected resources. This approach certainly has the benefit that on campus or onsite access is straightforward. However, when offsite the user may have to amend their browser settings or rely on the energy and ingenuity of the proxy server’s administrator in ensuring that any necessary scripting and maintenance are all up to date. Given the dynamic and almost volatile nature of most university populations this is a seriously non-trivial issue. And even the best maintained proxy server is not an absolute guarantee that offsite users can access all of an organisation’s IP-protected web resources, especially given that not all publishers provide IP-based access. Rewriteable proxy servers may overcome the need to amend browser settings, but fail when accessing JavaScript or SSL enabled web sites. This is a significant issue in this new era in which growing numbers of students pursue part-time courses, growing numbers of staff are engaged in inter-institutional research with its associated conferences while the spread of home computers and the growth of laptop based ubiquitous computing thanks to the spread of wireless networks has encouraged a huge growth in off-campus working.

Subscription content is not the only area of concern if one’s key objective is simplifying access to electronic information. As well as the obvious free but password controlled resources, other resources may include intranet resident applications such as content management solutions, e-learning packages such as WebCT or Blackboard, web-based e-mail systems or cross-searching applications such as MetaLib. To compound this situation further there is a growing range of specialised niche information resources, computer based training courses (CBTs) and content from developing areas of the globe which still frequently resides on CD-ROM. It seems probable that there are some CD-ROM networks like IRIS where an appropriate and robust solution must be assumed to keep working on into the future and which will therefore have to be accommodated by authentication solutions.

At this point in time it is possible for some organisations and their information managers to argue that ATHENS or their existing proxy-based solution works for the organisation. However, such existing arrangements are in reality compromises rather than genuine solutions and perhaps reflect the limited nature of institutional provision rather reflect the broad range of institutional and personal need. As more and more material reaches the web from ever more disparate organisations and in an ever growing range of media and formats there is a growing need for a complete solution. This would have to globally meet the challenges posed by disparate authentication methods, resource locations (internet or intranet) and media types (web-based or GUI applications

The situation in Public Libraries has also dramatically changed in recent years. In the UK the Peoples’ Network, funded by the National Lottery New Opportunities Fund has seen a vast expansion of IT services and resource usage across libraries in the United Kingdom, while several tens of millions have been pumped in to content creation through the Heritage Lottery Fund. The People’s Network project has mainly focused on the installation of new public access machines with Internet access and many authorities have implemented PC Booking systems to manage these machines. However, the key focus has been expanded public access to the Internet from library sites. This progressive project reflects the general trend of widened Internet usage in this new millennium. Where public authorities have addressed the issue of accessing electronic information most have sought subscription content from publishers that allow access based on IP address. This has provided incredibly straightforward access whilst in the library. However, this strategy has often been combined with the closure of branch libraries, a concentration of service points and an inability to deliver services to the home, thus failing to deal with the requirements of groups as varied as housebound users who may never be able to come to the library or community members whose lifestyles or work requirements mitigate against physical attendance at a library. We must expect that a solution that allows library members to securely access library resources and recommended content from home will increasingly become the norm and if it is not provided by the public sector it most assuredly will be by the private sector. As public libraries have chosen to compete as much in the leisure as the education market (lending videos and cd’s for example) they will face competition from companies providing such services as video on demand to the home.

There is one interesting development which addresses the issues raised above. The Onelog service from Info Technology Supply Ltd. (ITS) offers many of the components that a genuine solution requires. It has the ability to log users on to any ATHENS-protected resource once the service has been informed of the user’s ATHENS credentials, either by the user or by the organisation. As the user moves from ATHENS resource to ATHENS resource they are automatically logged on with the same details, greatly simplifying and speeding up any prolonged session of web-based research.

The Onelog service also features highly advanced IP parsing for offsite access that does not require the user to make any changes to their browser. This ensures that offsite users are not required to have the IT skills needed to modify their browser settings. This task may seem elementary to some, but whether from ignorance or indolence must users in further and higher education do not want to spend time on trivial technical matters which are seen as a barrier to what they are really trying to do, rather than an interesting sub-task. Unlike rewriteable proxy solutions Onelog has the ability to provide access to both SSL and JavaScripted resources. With the increased use of JavaScript and the low cost of purchasing and implementing SSL certificates publishers are increasingly using authentication methods that existing proxy solutions will not be able to process. If current mechanisms are kept in place the percentage of online databases that the remote user can access will steadily decrease.

Online resources that require access via an institutional username and password are also supported by the Onelog service. The administrator is simply required to specify the organisational logon details. When a user accesses the resource the Onelog service takes control, completes the logon process and when authenticated passes control back to the user. This entire process is hidden from the user so that username and password “leakage” is not possible. This functionality totally removes the need for users to access password lists, destroying another layer that hinders simple access to electronic information.

Onelog’s ability to authenticate users to password-protected resources is not restricted to those protected by ATHENS or institutional logon credentials. Onelog has the ability to authenticate to anything that is browser-based. Therefore it can be deployed to simplify access to intranet-based resources such as WebCT, Blackboard and MetaLib. Onelog can also be integrated with ITS’ IRIS CD/DVD-ROM networking solution allowing seamless access to both web-based content and CD-ROM or other Windows applications. Onelog also has the ability to generate comprehensive usage statistics on all resources that it controls. Reports include Application Peak Usage, Application Usage Count, and Application Usage Time. These are represented in a clear comprehensive straightforward fashion unlike the data provided by proxy server solutions.

The Onelog service is maintained by ITS (which has worked in this field and with education based products for many years) and only requires the institutional subscriber/information manager to create menus or application links and specify organisational usernames and passwords. All web-resource scripting is undertaken by ITS as part of the service, thus giving the benison of removing some administrative overheads from the organisation.

The basic Onelog service features its own menu-driven interface, which has the comforting familiarity of a basic portal. The Onelog interface allows users to logon once and then access all electronic information from a simple menu system that can be customised by the user to include their favourite or most frequently used applications. At the moment Onelog supports both the English and Spanish languages for its interface but there is an obvious market for expansion into other major languages. The continuing growth in overseas student numbers in the UK and the parallel growth in courses delivered overseas in local languages would make this a welcome development for information managers. Discussions with ITS suggest that this is not a technical issue but one that will simply be market driven and this is very reassuring since three seems little doubt that the non-English language market is indeed a growth area.

Access to the Onelog menu can be via one simple logon that an organisation can bulk upload for all its users. It is possible to bulk upload all users’ ATHENS credentials and allow access to Onelog via ATHENS username and password. There is an optional ClickConnect module that makes Onelog trust the user’s local logon. For example if a user has successfully authenticated on to their network via Active Directory, Novell or even a PC Booking system they then become trusted users of Onelog. If they do not have an account in the Onelog database it is automatically created for them. For many smaller organisations or those with restricted IT budgets or personnel the basic Onelog service with its native interface is an immediate solution to the issues discussed previously.

However, many organisations will be impressed by the enormous functionality of Onelog but may not wish to use its native menu system for access to their electronic resources. Years of access to electronic information from an institutional web page may lead to the desire to integrate Onelog technology into existing web sites and institutional portals. In October 2003 ITS have announced that they will be launching the Onelog Portal Integration Kit, which will allows direct links to Onelog applications to be “plugged in” to existing secure web sites or Web Portals such as uPortal or Campus Pipeline. The Portal Integration Kit will also allow users to access Onelog enabled applications from other web-based applications. For example a user could logon to the institutional portal then be seamlessly logged on to Blackboard from where they can access Onelog enabled resources from their own personal reading list. This approach will dramatically simplify resource access for all users regardless of their IT knowledge and skills.

The problem of integrating disparate resources so that they are readily available to the user is both growing and pressing. Users often have their personal range of resources which are acquired over the network and/or intranet rather than through the Library or Information Centre. Onelog used in conjunction with the Portal Kit Integration Kit appears to be most complete solution for accessing electronic resources that this author has seen. It deserves its growing success in those major institutions across the UK and Europe, who understand that the key to the new information world is the ready provision of access to resources rather than the provision of a set of resources