[Fim4l] LexisNexis Advance

Mon Mar 15 16:46:10 CET 2021

Hi,

IMHO there are users who wish to have anonymous access and there are also
users
who wish to have a profile, use personalisation. So a solution there could
be let users
decide about releasing pairwise-id (eduPersonTargetedID) using CAR.

Best
                 Jiri

On Mon, Mar 15, 2021 at 4:18 PM Jos Westerbeke <jos.westerbeke at eur.nl>
wrote:

> Hi Jiri, Bernd et al,
>
> thank you for this discussion. This is very meaningful for downplaying the
> FIM4L recommendations 4.A and 4.B to a more simple level.
>
> We now have two recommendations which you have to (unfortunately) choose:
>
> 4.A. Transitory Access - eduPersonTargetedID as optional would be fine for
> this.
> 4.B. Personalized Access - eduPersonTargetedID required.
> - And for 4.B the recommendation is to let it be for the SP side to offer
> a profile, voluntarily to configure by users. So that in any way IdP's do
> not have to release PII.
> (https://www.fim4l.org/?page_id=257)
>
> What would we actually recommend for librarians? Wouldn't it be nice to
> have just one option? I think it is too difficult for librarians to choose
> here.
>
> Reading the discussion, we can say that we cannot recommend going just for
> 4.B. And if librarians consider switching form IP to SAML they are very
> suspicious about privacy.
>
> Can we recommend for both IdP's and SP's to go for 4.A?
>
> What about recommending 4.A and have the option for 4.B when there is an
> agreement between IdP and SP about creating profiles, anchored in a
> contract?
>
> Should we recommend a contract clausula alongside 4.B?
>
> As far as I understand, I'm aware of what Meshna says: If you opt for 4.A
> then it is simply not possible to have a profile, which is very annoying if
> not impossible for our patrons.
>
> Best,
> Jos
>
>
>
> ------------------------------
> *From:* FIM4L <fim4l-bounces at lists.daasi.de> on behalf of Jiri Pavlik <
> jiri.pavlik at techlib.cz>
> *Sent:* 15 March 2021 14:58
> *To:* Koren, Meshna (ELS-AMS) <M.Koren at elsevier.com>
> *Cc:* fim4l at lists.daasi.de <fim4l at lists.daasi.de>
> *Subject:* Re: [Fim4l] LexisNexis Advance
>
> Hi Meshna,
>
> thanks a lot for the comments.
>
> At Elsevier SP metadata [1] I can see:
>  eduPersonEntitlement (required)
>  eduPersonTargetedID (optional)
> in DFN-AAI, IDEM or Australian Access Federation.
>
> At the SP metadata in eduGAIN / UK Federation there are no requested
> attributes.
> At the SP metadata in eduID.at, SWITCHaai, InCommon, RENATER I can see:
>    eduPersonEntitlement (required)
>    eduPersonTargetedID (required)
>
> It illustrates different approaches around the world how to express
> optional ePTID release
> in SP metadata and a challenge for one appropriate SP metadata in eduGAIN
> serving globally.
> To me
>     eduPersonEntitlement (required)
>     eduPersonTargetedID (optional)
> seems as the most appropriate.
>
> Cheers
>                   Jiri
>
>
> 1.
> https://met.refeds.org/met/entity/https%253A%252F%252Fsdauth.sciencedirect.com%252F/
> <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmet.refeds.org%2Fmet%2Fentity%2Fhttps%25253A%25252F%25252Fsdauth.sciencedirect.com%25252F%2F&data=04%7C01%7Cjos.westerbeke%40eur.nl%7C79db2eedf41a41cdeec208d8e7ba85c2%7C715902d6f63e4b8d929b4bb170bad492%7C0%7C0%7C637514136761630378%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=HmuCXxy9%2F1bQBVkGnsrbBcRmNJP9DsiETfB4g6uP0L4%3D&reserved=0>
>
>
>
> On Mon, Mar 15, 2021 at 12:01 PM Koren, Meshna (ELS-AMS) <
> M.Koren at elsevier.com> wrote:
>
> Please allow me to add something to this discussion.
>
>
>
> "The university students and staff are free to use personalisation at
> Lexis Nexis,
> Elsevier, EBSCO, ProQuest services if they want to so
>   eduPersonScopedAffiliation (required)
>   eduPersonEntitlement  (required)
>   eduPersonTargetedID (optional)..."
>
> The students and staff can only use personalization when the IdP releases
> ePTID (or pairwiseID), otherwise they can't. I am not sure that this is
> clear from the metadata nor that the labels we use to describe the required
> attributes are very clear on what 'optional' means.
>
>
>
> For example, when a student accesses ScienceDirect they can read
> subscribed articles whether or not ePTID has been released for them, but if
> they want to 'create account' because they would like to save searches,
> alerts or their search history, they can only do that if the IdP has
> released a persistent identifier for them. Otherwise they can't, because
> there's nothing in their SAML assertions that allows us to recognize the
> returning individual. So we are working towards requiring a persistent ID.
> The personalization remains optional for the user.
>
>
>
> That may not be the same for other SPs, but it is valid for Elsevier.
>
>
>
> Kind regards,
>
> Meshna
>
>
>
>
>
>
>
> *Meshna Koren*
>
>
> *Product Manager II*
>
> *Product Management - Identity and Access** - **Research Products*
>
>
>
> *Elsevier BV*
>
> *Radarweg 29, Amsterdam 1043 NX, The Netherlands*
>
> *m.koren at elsevier.com <m.koren at elsevier.com>*
>
>
>
> *Federated Access - SAML, Shibboleth, Corporate SSO, OpenAthens,
> Institutional Login*
>
>
>
> *Elsevier Access Support Center:
> https://service.elsevier.com/app/answers/list/c/10543/supporthub/elsevieraccess/
> <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fservice.elsevier.com%2Fapp%2Fanswers%2Flist%2Fc%2F10543%2Fsupporthub%2Felsevieraccess%2F&data=04%7C01%7Cjos.westerbeke%40eur.nl%7C79db2eedf41a41cdeec208d8e7ba85c2%7C715902d6f63e4b8d929b4bb170bad492%7C0%7C0%7C637514136761640371%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=s2nQIh1Mocby%2Fnr0uG61jf%2Fg%2FWgqr%2FfHj6MhuH5sHHs%3D&reserved=0>*
>
> *for your questions about which access methods does Elsevier support, how
> to set them up, how do they work for users...*
>
>
>
>
>
>
>
>
>
>
>
>
>
> *From:* FIM4L <fim4l-bounces at lists.daasi.de> *On Behalf Of *Jiri Pavlik
> *Sent:* Sunday, March 14, 2021 15:28
> *To:* Bernd Oberknapp <bo at ub.uni-freiburg.de>
> *Cc:* fim4l at lists.daasi.de
> *Subject:* Re: [Fim4l] LexisNexis Advance
>
>
>
> **** External email: use caution ****
>
>
>
> Hi Bernd,
>
> I see,
>   eduPersonScopedAffiliation (required)
>   eduPersonEntitlement  (required)
> is working for Freiburg University and
>   eduPersonScopedAffiliation (required)
>   eduPersonEntitlement  (required)
>   eduPersonTargetedID (required)
> is not.
>
> The university students and staff are free to use personalisation at Lexis
> Nexis,
> Elsevier, EBSCO, ProQuest services if they want to so
>   eduPersonScopedAffiliation (required)
>   eduPersonEntitlement  (required)
>   eduPersonTargetedID (optional)
> is working for the University as well.
>
> Is it correct?
>
> All the best
>
>           Jiri
>
>
>
>
>
> On Sat, Mar 13, 2021 at 2:40 PM Bernd Oberknapp <bo at ub.uni-freiburg.de>
> wrote:
>
> Hi Jiri,
>
> On 13.03.21 09:15, Jiri Pavlik wrote:
>
>  > When checking ProQuest SP for ProQuest Central in DFN-AAI metadata [1]
>  > I can see both eduPersonEntitlement and eduPersonTargetedID as required
>  > attributes.
>
> I assume you mean the SP
> https://shibboleth-sp.prod.proquest.com/shibboleth
> <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fshibboleth-sp.prod.proquest.com%2Fshibboleth&data=04%7C01%7Cjos.westerbeke%40eur.nl%7C79db2eedf41a41cdeec208d8e7ba85c2%7C715902d6f63e4b8d929b4bb170bad492%7C0%7C0%7C637514136761640371%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=bosxymzT3WPyXBdeX0NnT5AvLDmTecE%2BEbZe6krDBwk%3D&reserved=0>?
> That's obviously
> wrong, both eduPersonScopedAffiliation and eduPersonEntitlement are
> supported for authorization, but as far as I can tell you don't have to
> use them, and eduPersonTargetedID isn't required.
>
>  > Is it safe to assume that if there is personalisation capability at a
>  > library service then all German universities, libraries are fine with
>  > releasing eduPersonTargetedID for recognising returning users and
>  > eduPersonEntitlement, eduPersonScopedAffiliation for authorisation?
>
> No. I can't speak for other IdPs, but in my opinion that approach would
> be wrong, users by default should be able to use services anonymously,
> without being recognized as a returning user. Based on what I can see in
> the admin tools, only a very small percentage of our users actually uses
> the personalization features, so releasing eduPersonTargetedID by
> default just for personalization isn't an option. If publishers would
> force us to send an eduPersonTargetedID just for personalization I would
> consider dropping Shibboleth for those publishers and using our EZproxy
> instead.
>
> Best regards,
> Bernd
>
> --
> Bernd Oberknapp
> Gesamtleitung ReDI
>
> Albert-Ludwigs-Universität Freiburg
> Universitätsbibliothek
> Platz der Universität 2 | Postfach 1629
> D-79098 Freiburg        | D-79016 Freiburg
>
> Telefon:  +49 761 203-3852
> Telefax:  +49 761 203-3987
> E-Mail:   bo at ub.uni-freiburg.de
> Internet: www.ub.uni-freiburg.de
> <https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.ub.uni-freiburg.de%2F&data=04%7C01%7Cjos.westerbeke%40eur.nl%7C79db2eedf41a41cdeec208d8e7ba85c2%7C715902d6f63e4b8d929b4bb170bad492%7C0%7C0%7C637514136761650360%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=eLOZmpzI51ttj9vd4uSNyCcFAAxIPZKUWoSATsoVq1k%3D&reserved=0>
>
>
> ------------------------------
>
> Elsevier B.V. Registered Office: Radarweg 29, 1043 NX Amsterdam, The
> Netherlands, Registration No. 33158992, Registered in The Netherlands.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.daasi.de/pipermail/fim4l/attachments/20210315/b80ee274/attachment-0001.html>