Re: DNS authentication protocol? [SEC=UNCLASSIFIED] Dyer, Renata 04 Nov 2008 23:14 UTC
Irma, Do you know how does this DNS protocol relate to SAML? I am asking because I am aware of the Shibboleth, an open source software package for web single sign-on across organisational password authenticated resources which " implements widely used federated identity standards, principally OASIS' Security Assertion Markup Language (SAML), to provide a federated single sign-on and attribute exchange framework. " - this is what they say on their About page at: http://shibboleth.internet2.edu/about.html This is all pretty new for me and am not sure about the relevant standards we should be considering at the library end. So if you or anyone else have more information please post the relevant links on this list. I would also be interested in hearing from libraries that are using Shibboleth or any other single sign-on software. Issues? Benefits? Thanks, Renata Dyer Systems Librarian Information Services The Treasury Langton Crescent, Parkes ACT 2600 Australia (p) 02 6263 2736 (f) 02 6263 2738 (e) renata.dyer@treasury.gov.au -----Original Message----- From: SERIALST: Serials in Libraries Discussion Forum [mailto:SERIALST@list.uvm.edu] On Behalf Of Irma Nicola Sent: Wednesday, 5 November 2008 3:56 AM To: SERIALST@LIST.UVM.EDU Subject: [SERIALST] DNS authentication protocol? Hi Serialst, As I was having a very informed and interesting talk with several colleagues the other day it came up in the conversation regarding fulltext access control that a secure access standardization was something that everyone in the room could benefit from. Literally everyone stands to profit, providers and users, fantastic. 1. Requirements for 2 click methodology control, the end user should ideally be asked to click through 2x for content. 2. Comparative studies between 2 methods should determine the choice of one over the other. 3. DNS authentication protocol should be explored as a protocol as it provides an easily mitigated and secure solution to security. The security problem is solved so that lay people can administrate on the front end and that IT can support on the back end. The point is that this is the best of both worlds as I understand it, because the double door of security provides the access security redundancy needed for control. Picture this it is as if at a convention all the invited guest pass through many entrances, meaning distance access, and authentication by server recognition lets them access to content. This division on security is much like a buffet line that one can join at any point in place and time. I am tossing this out as I pondered the problem of the learning curve for paraprofessionals trying to administrate and navigate the ip protocol model which due to key stroke entry is really fraught with error laden potential. When I became aware that there was another model for authentication I became very interested as the implementation of the DNS was so much simpler. Please comment...need third party opinion to establish theory Blessings, Irma ------------------------------------ Azusa Pacific University Irma H. Nicola Serials Coordinator inicola@apu.edu Darling Library Technical Services PO Box 7000 Azusa, California 91702-7000 tel: 626-815-6000 ext. 5258 fax: 626-815-5064 ************************************************************* ********************************************************************** Please Note: The information contained in this e-mail message and any attached files may be confidential information and may also be the subject of legal professional privilege. If you are not the intended recipient, any use, disclosure or copying of this e-mail is unauthorised. If you have received this e-mail by error please notify the sender immediately by reply e-mail and delete all copies of this transmission together with any attachments. **********************************************************************