Uncategorized

Anyone who has worked with federations will be familiar with the term WAYF – Where are You From? This is the question you are asked so a service provider can identity which institution you are affiliated with. As a term it’s not so accurate – am I really ‘from’ King’s College? – but as a concept it has helped explain the process in relatively simple terms to non-technical people. The keen eyed among you will have seen a generally tendency to refer to the WAYF as the ‘Discovery Service’ these days, a refinement of terms that always happens as services mature.

However, what happens if I *really* want to know where you are, not where you are from, but where you actually are at this minute? We’ve tended to rely on IP address checking to make this possible, but it has many problems. It means that Service Providers have to maintain and update a list of IP addresses for organisations – JSTOR recently told me that they have up to 3 change requests for IP ranges per day for their services (globally, not from the UK). It’s something that you have to remember to do if your IP range changes, and that depends on the right people being told that changes are occurring. We know it is prone to inaccuracies and human error – a certain provider was for a period of time convinced that the JISC IP range belonged to Bournemouth University. Finally, IP address doesn’t actually give you any interaction with an individual as it applies access indiscriminately to the machine and not to the user, so personalisation, customisation and other identity management features are not possible.

These problems are magnified in the schools sector, where any Service Provider may be dealing with literally thousands of schools customers. There are also even more reasons within the school sector as to why it’s important to know that a logged in student is actually within a specific IP range in terms of serving content to children.

A short while ago, the schools representatives on the UK federation Technical Advisory Group approached the federation staff and asked if it would be possible to include a location assertion in the assertions made by an IdP to support the use cases where geographical location was important. The technical team and EDINA got to work and I’m pleased to say that the UK federation will be commissioning development of a location assertion to meet these use cases. As well as supporting many use-cases within the schools sector we can see places where this could be more broadly used, such as to support walk-in access.

For those interested in learning more, Ian Young recently presented his findings to the TAG and the slides from this talk are below or from slideshare directly. Development work will start shortly, so keep an eye out for further information and updates. If you would like further information on the work, drop a line to the UK federation helpdesk.

*Updated:*

…and here are some useful slides from Owen Stephens on this topic from way back at #FAM09.

This is one of those posts that could be a response to someone else’s post but got so long, it’s here. It’s my thoughts on a long chain of people thinking, which are most effectively summarised by Amber.

I’m not going to rehash the conversations – the people that have gone before me have done it so much better – but I wanted to have a look at this purely from an identity management perspective. These are the thoughts that I thought:

• Much of this is, of course, all about identity and how your identity is big business to the services around you. David Kernohan mentioned the ‘user data bubble’ and this is exactly the sort of scenario that IDM folks such as UMA are trying to tackle with their approach to the personal data ecosystem (still makes me shudder as a phrase). I’ve always been impressed with UMA as a technology but sceptical about user take-up and the amount of ‘friction’ involved in having to manage your own personal data to get effective sharing and information filtering the way you want it.
• If we want to see frictionless sharing, it is likely that we are probably compromising on personal data security and what we call PII (personally identifiable information) release somewhere. This is a fact that is difficult to escape.
• I think company behaviour and patterns are interesting in this case. Even though Google and Facebook (and hotmail and everyone else) are doing the same thing, the approach taken to ‘personalising’ or ‘filtering’ or ‘advertising’ information to us has been different with each, and that changes perception. Facebook started on paper as a walled garden, an authenticated environment, and we kind of expect the tailored environment of advertising within that space – especially when it’s free. Google on the otherhand is perceived by many as an open environment, even though people are often not aware that they are permanently signed in to Google….so when they start pushing Google+ links or showing too much awareness of our behaviour, it causes concern.
• I wonder what effect, if any, the changes to cookie regulations will have on the way information is filtered through to us without our awareness? It is exactly the sort of monitoring behaviour the law is designed to prevent, but it is exactly the sort of behaviour the law is badly placed to stop.
• A lot of the filtering does actually hit the mark – for example Amber really did want to know about Scottish Castles – and even though it can be annoying it’s not something we want gone, perhaps just more under our control. The space accurate filtering of web content is not working out in is the more traditional academic space – the Google Scholar approach is just not taking off. This is something I talked about at the FAM11 event.

I often talk about the phrase ‘if you’re not the customer, you’re the service’ and its boring to keep on trotting on a hackneyed phrase, but it’s that attitude that things like UMA are trying to address. UMA says I may be using your service for free, but you are not buying me, you are not buying my data, and I know what it is worth to you.

So where does this leave us? I’m not sure, but as Amber’s post suggests maybe there is a group of people, the twittering classes, who might be willing and able to embrace the personal data ecosystem and use it to make their filtered, frictionless world a place where they are more comfortable? We’ll just have to wait and see.

A lot of people have asked me why you can’t sue Unicorns. Here is the back story. Names have been changed to protect the guilty.

———————————————–

One cold wintry day, two federati are talking about people making unreasonable demands as to what should be included in a policy statement:

Federati1: I want federation operators to supply me with a white horse, pony or donkey so that I can dress it up for my “federations powered by Unicorns” campaign (but I don’t think it will happen).

But it is as useful as all the other suggestions.

Federati2: Now unicorns i’m all for investing in.

Federati1: The Purple Federation would probably find the budget for a pony.

Federati2: we can glue on a horn.

Federati1: That was my plan. It’s only marketing after all. Although they’ve probably got the budget for a real Unicorn.

Federati2: I’m in. As long as I can dress up in a conical hat.

Federati1: Clearly only princes and princesses can ride unicorns. It’s not like you’d let the policy say more than that!

Federati2: no [rude word] way.

Policywonk1: [interrupts] It only says that Princes and Princesses SHOULD ride unicorns. I should be allowed to as well.

Policywonk2.: You have to sign the insurance waiver form in English. It says that it SHOULD be in English – but I think it should be changed to MUST be in English.

Federati1: “Unicorns can’t read – they just want to frolick through the air. It doesn’t matter what language the insurance waiver is in. YOU CAN’T SUE UNICORNS.

Policywonk3: “Because Welsh law still recognises the original KJV of the Bible – unicorns can be sued in Wales”

Federati2: So no one objects if I ride my unicorn-pony dressed as a princess as long as I don’t do it Wales? ???

……
LESSON1: Don’t ride Unicorns in Wales.

LESSON2: Never engage in a battle of wits with someone who writes policy….or Sicilians.

This is the entire transcript of my FAM11 presentation that some of you have been mad enough to ask for. I hope you enjoy or ignore as appropriate! The slides are here if you would like to follow along.

How can we create an identity economy for research and education?

When I was asked to take on the role of UK Access Management Focus, one of the things I was asked to examine was the general state of access and identity management within the UK Research and Education environment. After a year in this job, I find myself asking a simple question:

Do we have an environment in which identity plays a role?

I’m not sure we do as yet.

Many of our conversations around identity at the moment involve the institutional role in provisioning identity vs uptake of social networking identifiers, or to put it more bluntly…should we give students .ac.uk emails if they are already using gmail.com?

However, before we start worrying too much about where a user’s identity is coming from I think we need to start creating an identity economy in research and education. To do this, I think we need to look at 3 different steps:

1. Legitimise the web as a place for scholarly activity.
2. Fix the right problems.
3. Shift from constructing spaces to supporting actions.

I’m going to take a short time today to argue around each of these points, predominantly from the student perspective, and argue that we need to transition ourselves more fully in to the open web before we can start to build a proper identity economy for education.

1. LEGITIMISE THE WEB AS A PLACE FOR SCHOLARLY RESEARCH

– SPACE IS NOT THE FINAL FRONTIER

The problem with the web is that for too long people have not considered it a legitimate space for scholarly research. Its’ not safe, it’s not defined, it’s just not scholarly – I mean ANYONE can write a blog. So we tend to build spaces where we feel more comfortable and that discounts a large amount of the information overload we are faced with. I’d argue that there are 2 ways of achieving this – creating silos or filtering information – and that we tend to pursue the first as a typical approach to education.

The alt tag for this reads: the most exciting new frontier is charting what is already here.

Dave White has been interested in this area for some time, and has been pulling themes of legitimacy in to his work on Visitors and Residents. For those not familiar, Dave uses the terms visitor and resident to refer to the different ways people interact with the web – with visitors dipping in and out of services, and residents more akin to what we consider a digitial native – those that immerse ourselves online.

The Visitors and Residents project is currently undertaking work to look at a student’s motivation for being involved with resources online. It makes some interesting observations that cross over in to the identity space, as shown in this diagram:

Image Scott Room – David White – CC attribution license.

GWR = Google > Wikipedia > References. It’s an approach often adopted by students but one that they feel is illegitimate as a study approach. This can lead to a tension between using the source but not referencing the source due to its illegitimacy: hence creating the learning black market. In other words, it is not in the legitimate learning SPACE.

– THE COMFORT BLANKET

People often gravitate towards a known ‘space’ on the web, it’s a great comfort blanket and one we often use in R&E: if it’s in this portal, behind this wall, on this list it is ok. Anything else by default is not – it’s part of the learning black market. The urge to define your own perpetuates every discipline, everyone who works in technology will recognise this approach to defining standards:

By creating your own space on the web, you are asserting control and a structure. What do I mean by space? I mean anywhere where I have to learn to visit a certain point to start my scholarly process rather than just opening a web browser. This could be a variety of things – a library portal, channeling through a proxy server, reading lists in a VLE, even a publisher website. I’m not saying any of these approaches are necessarily wrong, but that they should not be the only solutions we explore to enrich the user experience.

We learnt a long time ago that structure is perhaps not the most important part of how we approach our interaction with the web. We began by using HTML as the language of the web, a language that focuses almost entirely on structure – bold, header, italic, paragraph. The limitations of such an approach were soon realized, and XML was developed to help us describe features and content – a more semantically rich approach. This is exactly what we use in the UK federation….it would be pointless for us to send information to another party saying ‘this element is bold’, they need to know which part of the information we are sending is the entityID for any given member of the UK federation:

JISC Monitoring UnitRestricted access to JISC Monitoring Unit datahttps://www.jiscmu.ac.uk/static/images/shib/jiscmu-logo-350×64.png

I think when we are approaching discovery of scholarly resources, we need to see a similar shift as we have seen from HTML to XML. Because we have complete control over the spaces, we can focus on a structured approach to the way we think about those spaces. Anyone who has worked in the JISC space over the last 10 years or so will be familiar with the concept of ‘discovery verbs’ – i.e. search, find, use. I’d like to see these enhanced by some identity verbs, and I’d argue that the only way to use identity verbs effectively is in a completely open web context, and not in a siloed space. More on that later.

2. FIX THE RIGHT PROBLEMS

One thing we do really really well within education is find workarounds to problems.

My absolute favourite example of this happened when I first started working for JISC. Our host institution was very suspicious of us as individuals and would not allow us to have admin rights to our laptops. When we campaigned to be allowed rights for a 24 hour period so we could add the printer drivers for our home printers, we were refused. Instead our host BOUGHT US ALL NEW PRINTERS FOR HOME AND INSTALLED THE DRIVERS FOR THESE PRINTERS THEMSELVES. We were also only allowed to put work issued printer cartridges in them…I can’t imagine how much this particular workaround actually ended up costing.

A more recent and relevant example was a request from an institution to help with a provisioning problem. The institution in question was taking a long time to properly register students and provision them with accounts, so there was a gap when students did not have the credentials to access online resources. I was asked if there was a way to create ‘guest accounts’ with Shibboleth to get around this problem.

My response was as follows:

• It’s up to an institution whether or not they want to create guest accounts within their system, but generally it is bad practice;
  It should take the same time to provision a guest account as to provision a guest account, if not, the IDM system is broken;
• If a student is not formally registered and provisioned in your system, they aren’t ‘eligible users’ and shouldn’t be using resources;
• The provisioning process needs fixing, you don’t need to find a library workaround.

My response was not well received – this was not the answer they wanted to hear.

I think it is far to say that because the IT requirements within different areas of an institution are often poorly articulated, there is a ‘no’ culture towards departmental requests for new or changed processes. I also think it is fair to say that there is a tradition of friction between IT departments and libraries in many institutions. This often leads to departments seeking a work around just to make things work for users. I have a lot of sympathy with that.

However, it is clear that if it is taking several weeks to provision a user in to your systems, your process is broken. A recent CSO-Online article sets Average time it takes to provision or de-provision a user as one of the key metrics for a successful IDM system. The full list is interesting and includes things like number of accounts per user and time it takes to approve a change. Have a look at the list and if these things aren’t working for you, you need to fix your IDM system, not try and work around them.

3. SHIFT FROM CONSTRUCTING SPACES TO A SUPPORTING ACTIONS

We all know the words associated with spaces. Of course it is always going to be important that we feel we understand, and it some sense have influence over, the spaces in which we are learning and teaching. There is however another way of looking at it.

This is what I meant by the identity verbs I mentioned earlier.

Follow, Share, Tweet, Check-In…and most importantly – LIKE.

With the LIKE button, Facebook realized that it had more power and reach outside of www.facebook.com , but needed to take its meme and apply it as a metric or filter on the open web. They may not do it in a way that makes them very popular, but it has undoubtedly been a successful approach.

The ‘like’ approach is about Facebook trying to filter its brand through open web searching to support user interaction with resources. At a very different scale, the recent changes to discovery within the UK Access Management Federation try to achieve a similar vision, although not with the brand of the federation. MDUI allows you to have both the institutional brand and the service provider brand at the right points in the login flow so that a user does not get lost when they get sent to an external service provider. I’d encourage Identity Providers in the room to look at using the new Discovery Service code that means you can include automagically include the SP logo that the user is logging in to on your login page, as per the following examples. I’d also obviously really encourage Service Providers to give us the MDUI information – Service Providers have the most to gain from making use of this feature.

One of the most important lessons we can learn is how we position ourselves in relation to the Internet. Recently, I asked a group of people to draw me a picture of ‘how the see the Internet’. I didn’t tell them why I was asking or what I wanted to do with the information, I just wanted their interpretation of HOW THEY SEE the Internet. These were all information professionals that I would consider to be Residents in Dave White’s definition.

I think it is interesting to compare the first two images with the second two, purely from the perspective of inclusion of self in the picture. It is only in the second of these four images that we see someone who places themselves at the heart of the Internet and how it is working for him.

In a recent Guardian article, Dr Abhay Adhikari argues strongly for an identity driven approach to digital literacy, and says that Universities must rethink their approach to student digital literacy.

“We need to stop digital literacy training that uses the internet and social media to achieve pre-defined outcomes.”

Instead we should teach students to use the internet as a communication tool, noting that:

“Reflection + Internet = Digital Identity”

This is about getting beyond the mechanics of ‘find’ and ‘use’ the tools, but about using the environment to have conversations and to both research and evaluate resources and discussions online. This is the journey towards becoming a resident and towards becoming a mature researcher capable of managing the open web. If we can get to that point, we start to have an identity economy for R&E, and can then evaluate our provisioning role within that environment.

– VALUE WITHIN THE ECONOMY.

Of course, if we are talking about an economy, we have to add value in that space. What value does an institutional persona hold to me?

Getting access to services I would otherwise be locked out of is quite a negative use of a powerful tool. Citing affiliation is a much more powerful approach. Give me more because I have affiliation.
The UK federation is already beginning to show the power of being able to express ‘studentyness’ to gain access to services. We have student union services, student discount services and student housing services all making use of the assertion of ‘student’ within the UK federation – a more positive use of federated identity that perhaps we are used to seeing.

The need to be able to effectively identity yourself as a researcher is a large-scale problem being investigated by organisations such as NISO, ORCID and VIVO. VIVO in particular shows the importance of being able to openly share institutionally created profiles of authors. These initiatives in turn are starting to feed the use of search engines such as Microsoft Academic Research and Google Scholar.

Neither of the mentioned search approaches from Microsoft or Google have been particularly successful or adopted as a mainstream approach by institutions, hence the adoption of closed discovery services to tackle the academic discovery problem. However if we perhaps put some more time and effort in to the identity side of research and education, could we perhaps help solve this problem?

Conclusion:

In this talk I’ve argued for a proper scholarly layer to the internet, filtering information appropriately, supporting affiliation within the search engine and controlled and directed by the identity transactions of our users. We aren’t there yet – Google Scholar has failed to fill this niche effectively – but there are behaviours we can adopt, stop and change to get us closer to this vision.

References:

All links available from this Google Bookmark list:

Adhikari, Adhay. Universities must rethink their approach to student digital literacy. <http://www.guardian.co.uk/higher-education-network/higher-education-network-blog/2011/oct/10/digital-literacy-collaboration?CMP=twt_gu>. Accessed 10th October 2011.

Villavicencio, Frank. Identity Metrics that Matter. <http://www.csoonline.com/article/690704/10-identity-management-metrics-that-matter?page=1>

White, David. “The Learning Black Market”: <http://tallblog.conted.ox.ac.uk/index.php/2011/09/30/the-learning-black-market/>. Accessed 10th October 2011.

It’s been a while since I wrote a blog piece – sorry, I’ve not had all that much to say of late! So I thought I would have a bit of a friday afternoon think and see if there was something loitering around in my brain. Lately work has been very process driven – the process of establishing a new Operator for the Shibboleth Consortium, the process of establishing new Operational Plans for the UK federation, and the very processy process of marking JISC bids.

Amongst all of this process, I managed to have a little bit of a chuckle the other day when David Flanders described asking for new access management methods as akin to asking for a new method of torture OK people, I hear you. It can be bad.

A lot of people only think about the access part of the access management story – that we access folks just want to try and put barriers in the way of you getting to free stuff. We also do it really badly, which is really annoying for the users. Can’t we just go away? To let you in on a little secret, it’s never us that defines the license that restricts access and rarely us that designs the torturous interfaces for access…although we are trying to make it better (please listen to people like Rod and Andreas).

I log-in because I want to do something positive, not prevent something negative.

It becomes slightly less torturous when you think about why you are logging in. I rarely log-in to prove I have some magical right to access a resource I secretly think should be openly available, I log-in to say hey guys, its me! I couldn’t use twitter without access management, or this blog, or shop on amazon…you know this access stuff can be a bit of an enabler…

The power that ‘hey, it’s me’ adds to any platform, or any piece of information, is somewhat amazing. It transforms something static in to something that has life and a story to tell and a conversation to have. Suddenly your resource is a different resource, and a different resource every day as more people drop by to say ‘hey’.

So when thinking about an OER or an open access don’t just think, yay – no more access management torture. Have a think about what maintaining an identity layer to your resource can add to what you are trying to do, and embrace the hey!

I’ts been a pretty stressful time for me recently as I deal with an unexpected house move, so it takes something really interesting to grab my attention away from boxes and clutter at the weekends. This weekend, DevXS managed to do exactly that.

DevXS was a simple but lovely idea – what would happen if you brought together a bunch of students from across the UK and asked them to code for 24 hours? The answer is, quite a bit! For more on what the students were up to, take a look at the DevXS wiki.

My first reaction as I watched the tweets was – if only I had known! I would have chucked in some sponsorship for access and identity management type developments. My second hot the heels reaction was not to be silly – why would anyone be interested in that? It’s not cool or particularly interesting…it’s backend stuff. Access Management is typically something that is tacked on at the end of developing a service, normally just using the local authentication method in a poorly supported way. Cue depressed look about how we can change the general attitude towards access and identity management.

But, well, why *wouldn’t* a bunch of students developing services for students want to use federated access? Tools like SimpleSAMLPhP in particularly are designed to offer such functionality to lightweight service in a very accessible way. Further more, once implemented it would mean that ANY STUDENT in the UK (or indeed in many different countries worldwide) would be able to use the service without needing to be provisioned, using their local institutional username and password. That’s handing you the entire student population on a plate. Finally, you wouldn’t even need to administrate these accounts or have overhead for forgotten passwords / usernames as this is all done elsewhere. Again, this is very in-keeping with lightweight service developments.

I really wish we could stop making access and identity the last thing we ever think about when developing a service – particularly as it is often the thing that can most affect the experience of a service when done badly. So maybe next year we could challenge some of the developers to use a tool like simpleSAML as they develop. Remember, fairly swift access to the ENTIRE student population for your service…how can that be a bad thing?

I’ve been following Dave White’s Visitors and Residents work for a while as it fits in well with the discussions around identity provisioning that we’ve had endless debates about in REFEDS and Shibboleth circles. I was really pleased to see his latest piece on the Learning Black Market as it highlighted concerns I have had for some time about the way we are presenting resources to students and expecting them to discover and use them.

I know that finding stuff out there on the scary interweb is a hard hard thing, but isn’t part of a student about embracing the wide wide knowledge of the world and navigating an intelligent way through it? I’m fairly certain that scholars in the Library of Alexandria didn’t ask to be directed to a small subset of the vast knowledge contained within and they had much harder job as Google had not digitised the scrolls for them.

What we are now continually doing is instead trying to contain the internet in to chunks of knowledge, which we then wall and say ‘here good, there bad’. We are defining anything not within that area as illegitimate, and as Dave points out in his article any engagement of this becomes the learning black market. As a person who quoted the lyrics from ‘Kill the Beast‘ in Disney’s Beauty and the Beast in her dissertation this worries me.

I think there are 3 main behaviours at fault here: the reading list problem, library discovery services and access via proxies. Dave has covered the influence of the academics on this, I’d like to talk about the influence of the libraries.

Discovery systems are very popular at the moment and they quite frankly bewilder me – why would anyone want to repeat what Google already does so well in an inevitably smaller and contained way? Yes I know all the arguments about ease for users etc. etc., but I remain concerned. I’m often told that statistics show that use of resource x increases tremendously when a discovery service is used, but I think that is a false metric. If a supermarket decides only to sell oranges as the only fruit, sales of oranges will inevitably increase. This doesn’t mean people don’t want to eat apples or pears, it just means it is the only option you were presenting them with. During periods of rationing during World War II sales of delicacies such as Spam also went up. I’m pretty sure this was not because people preferred it to roast beef, but because this was the only sustenance that was being fed to them. As a process it is both spoon-feeding and walling. I’m really hoping that things like the new JISC Collections KB+ work will address ways to look at how libraries can do more to filter information to aid to discovery and not wall it. It’s looking promising, but will face massive cultural change issues to work.

The next problem is proxies – obviously something quite close to my heart! Proxies route all access to paid for resources to again, one walled place and say the best way to access them is to pretend to be somewhere you are not. Again I hear the arguments ‘its easier this way’ but easier for whom? I fear that their use is often about a need to catalogue and maintain links to things rather than facilitate access on the open web, which is more natural user behaviour. If someone tells me that I have to read an article on Fruit Spot on Jamaican Bananas in Transactions of the British Mycological Society, I am far more likely to Google some combination of those words than think – I’ll go and login to my institutional ezproxy!

I’m just wondering what would happen if we put a bit more time and effort in to supporting discovery on the open web rather than trying to wall and contain knowledge as a subset of ‘legitimate’ resources? Things like the recently announced MDUI work from the uk federation could certainly use a bit more support and championing by librarians in particular, and really does significantly improve the discovery process out there in the scary open world. I’m also concerned that legitimate in this context is simply another word for ‘paid for’ – the self perpetuating story that if a lot of institutional money has been spent on a resource effort must be expended to increase use to justify said expense.

When I think about approaches to containing knowledge, I can’t help but think about Jurassic Park. Dr John Hammond wanted to create a safe and managed environment for people to view his dinosaur collections, so he put in place all the walls that he could to make this happen – electric fences, breeding the dinosaurs as all female and breeding them ‘lysine deficient’ so they could not survive without human intervention. All of these precautions fail – the science doesn’t work. As Dr Ian Malcolm so succinctly puts it, in this exchange:

Henry Wu: You’re implying that a group composed entirely of female animals will… breed?
Dr. Ian Malcolm: No, I’m, I’m simply saying that life, uh… finds a way.

I couldn’t live blog Andrew Lyall’s session because it took me a long time to work out what the question was. Basically the ELIXIR project is shifting around huge amount of sensative clinical data and have issues with doing that. At the moment a lot of what they do is associated with anonymised data that can be made openly available (as long as they get this right) but they have one core system that does require authentication.

The problem is the issue of delegated authorisation. Much of the data used is of such sensistivity that the community has established committees who decide whether you are allowed to get access to a resource or not – Data Access Committees. Within a federated infrastructure, this means the authorisation does not come from an IdP or an SP, but from a third-party. A system needs to be put in place that allows this authorisation to be both added and revocated in a trustworthy manner.

This sounds like a typical virtual organisation set-up, but we haven’t seen a lot of adoption of this sort of architecture within the federated landscape. Time for us to revisit these requirements at REFEDS? I think so.

As I mentioned at the beginning I’m not sure I got these requirements right so please let me know if I am barking up the wrong tree with this scenario.

Nanopublications are on the agenda now – the concept that the smallest unit of research data should be publishable, and of course you need to be able to apply identifier information to this. This create a massive noise of data, a massive noise of concepts…and these concepts need to be identifable.

For the first time in the session someone highlights that people and objects are no difference – people are just a concept that can have an identity tag associated with them, as are bits of data. This brings another role in to play – the person who is not just identified as an author but the person who is identified as being most linked to a concept and therefore most likely to be an expert on a subject area. Mons refers to this as a ‘concept profile’.

This approach to nano-publishing creates its own anatomy, that does not necessarily map in to the approaches used in traditional author identifier approaches. Mons then goes on to explain how all of these identifiers canbe used in tweets, blogs, wikis etc…again the first person to move outside the traditional publishing space. Mons believes this can only be done through the VIVO approach, whereas ORCID has more application in sorting out the problem of accurate impact citations in the traditional publishing space.

OK Brian Lowe needs to breathe a couple of times if I am going to have *any* chance of catching what he is saying. He’s talking about VIVO, which is an identifer system primarily funded by the NIH in the US.

VIVO focused on a linked data approach – one URI: public profiles for humans with data for machines. The URIs are assigned by the institution providing the VIVO instance and are structure to served linked data but no semantics are imposed…although it is assumed that it will be some part of an institutional domain space, e.g.: http://vivo.cornell.edu/somestuff.

VIVO assumes there will definitely be multiple URIs for people as we move institutions. This immediately asks the question…why the affiliation approach and what value does this add??

VIVO has a core ontology that focuses on mapping people with organizations using existing frameworks where they exist…e.g. FOAF and BIBO. This can then be extended locally with institution specific semantics. VIVO includes information not only about how stuff is related but also when….assuming that time context is specific and relevant to the author identifier space. They focus on moving beyond the publisher space arguing that publishing is just one instance of the application of an author identifier. Is this all approach the right one? I’m sure the approach will come up for debate. VIVO also relies quite a lot on local systems to populate…which gets back to the consent question and how this should be managed.

Question from the floor on who normally takes the role of supporting the VIVO node – answer is in differs. This is a fairly typical response to IDM approaches and one we are familiar with in the REFEDS space.