I spent a very interesting day at the ‘McShib’ event in Edinburgh last Wednesday. ‘McShib’ is a group that has come together to allow people with an interest in the adoption of Shibboleth to have a local (and nothern) focus. The first great thing about this event is that it was brought together because of community demand and through the hard work of Andy Swiffin and the RSC for Scotland North and East, rather than something driven by JISC itself. The second great thing was the enthusiasm at the event and the really practical focus of the presentations on adopting Shibboleth on a very practical basis. The event was initially scoped out for about 15 people and registration closed with over 50 attendees!

One of the key messages from the day was the importance of kicking off the legal part of joining the Federation. To quote Andy Swiffin:

There is no cost involved in doing this and even if you subsequently decide to outsource your identity provision your institution will still need to join. The great benefit in doing this as soon as possible is that when you do want to actively participate all of the paperwork is in place. In addition, if as many institutions as possible join now it sends a very clear message to Service Providers that this is something that the UK academic community is serious about and that its worth their while to put some effort in making their application Shibboleth aware. This in turn benefits us all!

I couldn’t agree more! Thanks to Andy, the RSC and all who took part in a very interesting event!

Andy Powell links to a presentation by Leigh Dodd at the Society for Scholarly Publishing on federated access. After years of struggling to explain federated access management, I realise that the missing component was South Park characters! My only comment is to question the statement that Shibboleth is library-centric. The original vision for Shibboleth was for internal use - such as the deployment at Ohio State which manages more than 70 unique internal Service Providers such as course management systems, portals and business reports systems. I don’t think we have realised the potential for this type of application within the UK as yet, and fear the library-focused moniker may be a legacy of the UK interest in Shibboleth and our focus on library-type resources.

I was also interested in the opening comments within the presentation that refers to the proliferation of identity and access management within web 2.0 applications such as Facebook and Flickr. Given the well documented problems and breaches in identity management within these systems it would be great to see such systems adopting a federated approach…but wonder what the incentive might be to these organisations in giving up the benefits they currently gain from managing their own identity management?