NISO Releases Draft Recommended Practice on Improved Access to Institutionally-Provided Information Resources for Public Comment

The National Information Standards Organization (NISO) seeks comments on a new Recommended Practice draft for improved access to institutionally-provided information resources. This document details the findings from the Resource Access for the 21st Century (RA21) initiative and provides recommendations for using federated identity as an access model and for improving the federated authentication user experience.

For several years, scholars have expressed increasing frustration with obtaining access to institutionally-provided information resources against a background of changing work habits and the expectation of always-on connectivity from any location, at any time, from any device.

“Given today’s geographically dispersed workforce and variety of online connection options, traditional institutional IP address recognition is no longer a satisfactory means for authorizing access to scholarly information resources,” notes Chris Shillum, Co-Chair of the RA21 Initiative and Vice President, Identity and Platform Strategy, at Elsevier. The difficulties in navigating today’s remote access solutions impede research, frustrate users, and may encourage fully entitled users to resort to illicit, pirate websites. These sites in turn compromise the trustworthiness of the scholarly record and pose broad information security risks to institutions.

The RA21 initiative was launched by STM and NISO in 2016 with the aim of greatly streamlining the user experience for access to scholarly information resources and research collaboration services regardless of the user’s location or device.

RA21 evaluated the remote access capabilities in existence toward the end of 2016, and quickly concluded that SAML-based federated authentication held the most promise to provide a robust, scalable solution for remote access to scholarly content.  However, users find the process for locating their home institution onerous and are often faced with disparate and complex implementations across publisher sites that frequently employ inconsistent terminology and visual elements.  This poor user experience has held back widespread user adoption of this technology.

Since then, RA21 has fostered collaboration among stakeholders from academic institutions, corporations, identity federations, and scholarly publishers to conduct pilot and test prototypes with practicing researchers.

This research has led to the development of recommendations offering guidance to Service Providers (SPs), such as publishers, tools vendors and research infrastructure providers, Identity Providers (IdPs), including libraries and institutional Identity and Access Management systems, and Identity Federation operators.

“By greatly streamlining the user experience with federated Single Sign-On solutions, such as Shibboleth, RA21 will provide convenient one-click access in a wide variety of scenarios, such as access to scholarly content, institutional discounts for payment of APCs for Open Access, and authorization for accessing shared research infrastructure,” explains Ralph Youngen, Co-Chair of the RA21 Initiative and Director, Publishing Systems Integration at the American Chemical Society.

The NISO Recommended Practices for Improved Access to Institutionally-Provided Information Resources is available for public comment between April 17 and May 17, 2019. To download the draft document or to submit comments, visit the NISO Project page at:  All input is welcome and encouraged.
About NISO

NISO, based in Baltimore, MD, fosters the development and maintenance of standards that facilitate the creation, persistent management, and effective interchange of information so that it can be trusted for use in research and learning. To fulfill this mission, NISO engages libraries, publishers, information aggregators, and other organizations that support learning, research, and scholarship through the creation, organization, management, and curation of knowledge. NISO works with intersecting communities of interest and across the entire lifecycle of information standards. NISO is a not-for-profit association accredited by the American National Standards Institute (ANSI). For more information, visit the NISO website.

About  STM

STM is the leading global trade association for academic and professional publishers. It has over 150 members in 21 countries who each year collectively publish nearly 66% of all journal articles and tens of thousands of monographs and reference works. STM members include learned societies, university presses, both subscription and open access publishers, new starts, and established players.  For more information, visit the STM website.

RA21 Corporate Pilot report

The corporate pilot was started in early 2017, which included a survey of P-D-R (Pharma Documentation Ring) companies and confirmed the readiness of P-D-R companies for a federated identity management system.  The three key goals of the corporate pilot were:

* Improved user login experience at the publisher sites
* Provision for granular usage statistics reporting
* Ability to easily set up and maintain Single Sign On with multiple publishers.

Progress on these key areas are reported in this important output from RA21:

RA21 Corporate pilot final report – September 2018 (PDF)

RA21 Academic Pilot Technical Evaluation plus WAYF Cloud and P3W Security & Privacy Recommendations

RA21, the STM and NISO initiative which aims to identify best practices for adopting federated identity in order to streamline the user experience for access to subscribed content outside institutional IP domains,has completed the evaluation of two pilots (the WAYF Cloud and the Privacy Preserving Persistent WAYF(P3W)) offering alternative technical approaches to identity provider persistence.  The evaluation involved a detailed technical evaluation by the architects of both pilots and an in-depth security and privacy analysis by the Security and Privacy team. While both the cloud based and the alternative browser based pilots were successful in testing technical approaches to identity provider persistence, the browser based Privacy Preserving Persistent WAYF (P3W) solution has been selected to take forward and develop into an operational service.

The full evaluation and security review are included below, and serve as the first formal outputs of RA21.

WAYF Cloud and P3W Security & Privacy Recommendations – July 2018

RA21 Academic Pilot Evaluation – July 2018

Feedback and questions on the reports are welcome and can be submitted via our contact form.