Horizonau2008:Seamless Logon Integration
Time-to-Adoption Horizon: One Year or Less
Time-to-Adoption Horizon: Two to Three Years
Time-to-Adoption Horizon: Four to Five Years
The concept of seamless logon integration, or digital identity management, focuses on the creation of a single digital identity that could be used in any place where a login is required to access a website or service. It is not a single technology, but a group of related technologies and ideas; it is also characterized as representing a different way to think about relationships and services. Rather than allowing many different content or service providers to each “own” a separate set of digital credentials, one’s credentials would exist outside of any system and would simply be recognized by whatever systems we wanted to interact with.
A number of approaches to seamless logon integration are in early development. While all these approaches have the same broad purpose of creating a sign-on system that is convenient and secure and belongs to an individual rather than to a company or organization, ideas about what precisely defines seamless logon integration and how that would be implemented are still widely varied. There is very little indication that this group of technologies is currently developed to any significant level, and it is very difficult to establish a direct link to teaching, learning, or creative expression.
Relevance for Teaching, Learning & Creative Expression
The relevance of seamless logon integration to teaching and learning is, at best, indirect. Single sign-on would certainly be a convenience, but is an enabling technology rather than something that is likely to improve teaching and learning.
- OAuth is an open protocol for developers of single sign-on systems: http://oauth.net/
- The Australian Access Federation (AAF) Project seeks to facilitate electronic communications among higher education and research institutions in Australia and around the world: http://www.aaf.edu.au/project
- OpenID is a shared authentication scheme that simulates single sign-on for participating websites and services: http://openid.net/
For Further Reading
At a Crossroads: “Personhood” and Digital Identity in the Information Society
(Mary Rundle et al., STI Working Paper 2007/7, 29 February 2008.) This paper discusses digital identity management in the information society and recommends further investigation.
Managing Privacy in a Web 2.0 World
(C G Lynch, CIO, 31 March 2008.) This article describes an effort by IBM and partners to develop PrimeLife, a system to allow users to manage their identity across social networks and online communities.
(Wikipedia.) This entry discusses the benefits and criticisms of single sign-on, differentiates shared authentication schemes from single sign-on, and discusses configuration issues.
Sandbox Discussion (July-August 2008)
Seamless logon integration, or digital identity management, allows the creation of a single digital identity that can be used in any place where a user must log in to a site or service. This is not simply a technology, but is also characterized as being about relationships and services. Single signon services recognize the shift that is occurring in the way we perceive our relationship with online systems; rather than allowing many different content or service providers to each “own” our digital credentials, those credentials exist outside of any system and are simply recognized by whatever systems with which we wish to interact. A number of approaches are in early development; while they all have the same broad purpose of creating a sign-on system that is convenient and secure for an individual rather than for a company or organization, ideas about what precisely defines seamless logon integration and how that would be implemented are still widely varied.
Why is this topic relevant to teaching, learning or creative expression?
- Rather than a long list of user name and password needed to access services and information, individuals would have a single method of authenticating themselves (against a highly trusted service) where they thus manage which sites can use this information to grant access. This not only simplifies the access for individuals, but lets them control hw much if their identity is used externally.
- One of the barriers to uptake by teachers is the complexity of managing multiple identities across many online services.
- E-portfolios and Digital Identity "http://www.epforum.eu/" - See also Life Portfolios (PM)
- Will concerns around identity theft affect uptake??? (RJ)
- add your ideas here [LJ]
Please list links to local or international projects that are experimenting with or implementing this technology.
- OAuth An open protocol to allow secure API authentication in a simple and standard method from desktop and web applications. http://oauth.net/
- Higgins "Higgins is a framework that enables users and applications to integrate identity, profile, and relationship information across multiple data sources and protocols. End-users can experience Higgins through the UI metaphor of Information Cards." http://www.eclipse.org/higgins/
- ''The Australasian Council of University IT Directors http://www.caudit.edu.au/ is working on the Access Federation http://www.aaf.edu.au/project which aims to give all sign on across institutionsItalic text [Atho]
- The University of New South Wales (UNSW) have decided to open up their university wireless network to allow students single sign on and unrestricted download (no doubt within reason). An ITS video creation at http://www.youtube.com/watch?v=_kU-m9VHs5U " [Atho]
- Australian Access Federation http://www.aaf.edu.au/ This project is aimed at providing a federated trust system for participants in higher education to access services across institutions. Further information can also be found at MAMS site http://www.federation.org.au/FedManager/jsp/index.jsp
Please provide links to any local or international reports, papers, or articles that either help define the topic, or that provide detailed information about it.
- Managing Privacy in a Web 2.0 World(CIO Australia) "Working with 14 partners in Europe, IBM will work on the three-year project, called PrimeLife, from its lab in Zurich. Privacy experts say the program will focus on individuals managing their identity across social networks and other online communities " http://www.cio.com.au/index.php/id;1453094165
- At a Crossroads: "Personhood" and the Digital Identity in the Information Society (STI Working Paper 2007/7) "This paper discusses the relationship between the development of digital identity management and the concept of personhood, and the broader links to trust in the information sciety. It concludes that more investigation is needed to address gaps in international data protection in light of the emergent identity infrastructure."http://www.oecd.org/LongAbstract/0,3425,en_2649_34223_40207007_1_1_1_1,00.html
- add your resource link here [LJ]
Please add any other information that may be helpful to the staff as they write up this topic.
- Blackboard (and similar) already allow many sites/ applications/ databases to be reached with the one login
- add your idea or information here [LJ]