Skip to main content

NISO Publishes Recommended Practice on Single Sign-on Authentication

Identifies Needed Improvements for Users Authenticating to Licensed Electronic Resources

Baltimore, MD, November 7, 2011 - The National Information Standards Organization (NISO) announces the publication of a new Recommended Practice, ESPReSSO: Establishing Suggested Practices Regarding Single Sign-On (NISO RP-11-2011), that identifies practical solutions for improving the use of single sign-on authentication technologies to ensure a seamless experience for the user. This recommended practice is the result of the NISO Chair's Initiative-a project of the chair of NISO's Board of Directors, focusing on a specific issue that would benefit from study and the development of a recommended practice or standard. Oliver Pesch, Chief Strategist for E-Resource Access and Management Services at EBSCO Information Services and the 2008-2009 Chair of NISO's Board of Directors, chose the issue of standardizing seamless, item-level linking through single sign-on (SSO) authentication technologies in a networked information environment, which resulted in the formation of the ESPReSSO Working Group.
Currently a hybrid environment of authentication practices exists, including older methods of userid/password, IP authentication, and/or proxy servers along with newer federated authentication protocols such as Athens and Shibboleth. The ESPReSSO recommended practice identifies changes that can be made immediately to improve the authentication experience for the user, even in a hybrid situation, while encouraging both publishers/service providers and libraries to transition to the newer Security Assertion Markup Language (SAML)-based authentication, such as Shibboleth.

"With the growing use of mobile devices and remote access, the older authentication methods are not manageable for either the content provider or the library," explains Steve Carmody, IT Architect, Computing and Information Services, at Brown University and co-chair of the NISO ESPReSSO Working Group. "The ESPReSSO recommendations will help bridge the transition to more robust authentication methods that better match the needs of today's users and eliminate the need for multiple identities."

"The growing use of web discovery services over the older federated search method have only increased the need for single sign-on authentication and consistency of access and context for the user," states Harry Kaplanian, Director of Technology, Serials Solutions, Inc., and co-chair of the NISO ESPReSSO Working Group. "With a discovery service portal, users are often unaware that they will ultimately be accessing resources across a broad spectrum of platforms and providers, and the multiple back-end logins that occur can be both confusing and frustrating. In addition to addressing this situation, the ESPReSSO recommendations also identify methods that can be used to maintain users' privacy while still offering them advanced functionality, such as saving searches between sessions."

"The ESPReSSO Working Group has produced a very forward-looking document," states Todd Carpenter, Managing Director of NISO. "It provides recommendations that can be implemented immediately in today's hybrid environment and will also transition the community towards the preferred single sign-on methodology."

The ESPReSSO Recommended Practice is available for free download from the NISO website at: www.niso.org/publications/rp.

About the National Information Standards Organization (NISO)
NISO fosters the development and maintenance of standards that facilitate the creation, persistent management, and effective interchange of information so that it can be trusted for use in research and learning. To fulfill this mission, NISO engages libraries, publishers, information aggregators, and other organizations that support learning, research, and scholarship through the creation, organization, management, and curation of knowledge. NISO works with intersecting communities of interest and across the entire lifecycle of an information standard. NISO is a not-for-profit association accredited by the American National Standards Institute (ANSI). More information about NISO is available on its website: www.niso.org.

Contact(s)