5. Making Strategies converge

Other players are part of the game, even though their role is not explicitly identified here. First among these are students and the scientific staff of our university, our primary customers. In order to efficiently serve these, in terms of reducing information overload in this case, different actors have to join their forces and make their strategies converge.

This fact may well be illustrated having a look at another problem we intend to tackle in a project currently under preparation and which is concerned with methods for generic user authentication in various application contexts.

Authentication is one of the essential prerequisites for making Digital Library (DL) resources available: both in terms of resource and of user identification and authentication. Before providing access to document resources, any DL application needs to check the identity of the requester and/or his organizational affiliation and eventually match this information with corresponding data stored inside the DL application. Likewise - and especially in the case of electronic resources which are subject to various changes of document status and rapidly proliferating - requesters may wish a proof of document authenticity of the resource they are asking for and which they eventually have to pay for.

Students and academic staff are confronted with multiple (and rapidly proliferating) authentication methods and instances in this respect: not only do they have to identify within their own institutional context, but also authentication is often required anew by external document providers linked to the DL environment. Finally, the scope of the problem is further increased in a hybrid university context with authentication requirements added by typically at least the local library automation system and eventually additional, newly emerging instances (such as campus management systems for administration of students and of exams).

This proliferation of authentication contexts involving differing methods and context specific data (passwords etc.) to be kept in mind, all of these relating to one given individual, is creating a very specific brand of white noise in the area of authentication information and the means to tackle this, once again, is information aggregation, which is the core task of the infrastructure we are setting up for providing uniform authentication services.

The technical solution proposed is based upon the idea of integrating all authentication information pertaining to one given individual person or institution within a single entry for this entity as part of a LDAP based directory service. The directory service models the organizational tree of the university starting from the “root“ organization on top via linked sub-organizations down to the level of individual users.

This directory service can be accessed by duly authorized applications in order to extract the information required to authenticate the entity (person or institution) within this application‘s specific context. The basic, simplified relation between the directory service and two given external application in terms of the underlying data model is sketched in the following diagram (figure 2), where application 1 and 2 share basic identification data contained in the generic LDAP record and further use their respective, specific data segments within this same record

Figure 2

In order for this basic model to work the directory service must provide a query and data transfer interface and make selected information available to the external instances regarding its internal data organization (common elements which can be accessed without restriction vs. application specific elements accessible for instances with specific rights only).

However, this basic model needs substantial enhancements, and be it only for security reasons: LDAP in itself implements a public, open directory infrastructure and has to be complemented with strong security features in order to ensure that only registered client applications may access the service and that these can only access the common elements plus those of specific relevance for them. Public/private key based encryption techniques for communication between the directory service and the client applications will thus be used on top of an SSL transport layer. Furthermore, certification will be required for the directory server and for the client applications, which in turn must require certification for their respective users accessing directory information via these application clients. A certification agency (CA) thus must be added to this infrastructure.

The infrastructure created this way can further be used to implement document authentication procedures, as well. Other examples for content aggregation and filtering strategies could have been supplied, too, such as our ongoing efforts for building a distributed e-publishing environment with an electronic University Press output component coupled with networked methods for peer reviewing and quality control or the collaborative large scale efforts currently made for metadata generation related to quality content in the WWW within the CORC project. In all these cases, in order to successfully build the relevant infrastructure components and subsequently tie these together in operational workflow models, active participation of almost all relevant players within a given academic institution is strictly required and their respective technical and functional strategies must be made to converge to make common use of such components as the directory service mentioned above or to comply to the related security architecture.

More generally thus, structural convergence is not only just an option in the field of information organization and aggregation, but will turn out to be vital. Multi media centers will increasingly be in need of a semantic focus, libraries will be unable to apprehend, leave alone develop, relevant information filtering techniques for electronic content that can no longer be aggregated using pure intellectual/human means and computer centers will be confronted with the need to stretch beyond mere implementation of basic information protocols.

This joint effort for reducing information overload contributing to the building of the “semantic web“ on the one hand will benefit the respective university‘s scientific community that may have more demanding tasks to serve than to deal with white noise from the Internet. But on the other hand it also induces institutional convergence among the players involved and is thus likely to prepare the ground for new institutional models transcending current barriers between information organization agents within universities. This contribution also was meant to illustrate the shapes such future institutions for leveraging, filtering and aggregation of information may take, whatever name they finally may adopt: computer centers, multimedia centers, libraries - or probably some new term yet to be coined.

© This publication and its compilation in form and content is copyrighted. Every realization which is not explicitly allowed by copyright law requires a written agreement. Especially, this holds for reprography and processing / storing by electronic systems.