Irma,
Do you know how does this DNS protocol relate to SAML? I am asking
because I am aware of the Shibboleth, an open source software package
for web single sign-on across organisational password authenticated
resources which " implements widely used federated identity standards,
principally OASIS' Security Assertion Markup Language (SAML), to provide
a federated single sign-on and attribute exchange framework. " - this is
what they say on their About page at:
http://shibboleth.internet2.edu/about.html

This is all pretty new for me and am not sure about the relevant
standards we should be considering at the library end. So if you or
anyone else have more information please post the relevant links on this
list.

I would also be interested in hearing from libraries that are using
Shibboleth or any other single sign-on software. Issues? Benefits?
Thanks,

Renata Dyer
Systems Librarian
Information Services
The Treasury
Langton Crescent, Parkes ACT 2600 Australia
(p) 02 6263 2736
(f) 02 6263 2738
(e) renata.dyer@treasury.gov.au

-----Original Message-----
From: SERIALST: Serials in Libraries Discussion Forum
[mailto:SERIALST@list.uvm.edu] On Behalf Of Irma Nicola
Sent: Wednesday, 5 November 2008 3:56 AM
To: SERIALST@LIST.UVM.EDU
Subject: [SERIALST] DNS authentication protocol?

Hi Serialst,

As I was having a very informed and interesting talk with several
colleagues the other day it came up in the conversation regarding
fulltext access control that a secure access standardization was
something that everyone in the room could benefit from. Literally
everyone stands to profit, providers and users, fantastic.

1. Requirements for 2 click methodology control, the end user should
ideally be asked to click through 2x for content.

2. Comparative studies between 2 methods should determine the choice of
one over the other.

3. DNS authentication protocol should be explored as a protocol as it
provides an easily mitigated and secure solution to security.  The
security problem is solved so that lay people can administrate on the
front end and that IT can support on the back end.

The point is that this is the best of both worlds as I understand it,
because the double door of security provides the access security
redundancy needed for control.  Picture this it is as if at a convention
all the invited guest pass through many entrances, meaning distance
access, and authentication by server recognition lets them access to
content.

This division on security is much like a buffet line that one can join
at any point in place and time.

I am tossing this out as I pondered the problem of the learning curve
for paraprofessionals trying to administrate and navigate the ip
protocol model which due to key stroke entry is really fraught with
error laden potential.
When I became aware that there was another model for authentication I
became very interested as the implementation of the DNS was so much
simpler.

Please comment...need third party opinion to establish theory

Blessings,

Irma

------------------------------------
Azusa Pacific University
Irma H. Nicola
Serials Coordinator
inicola@apu.edu
Darling Library Technical Services
PO Box 7000
Azusa, California 91702-7000
tel: 626-815-6000 ext. 5258
fax: 626-815-5064
*************************************************************

**********************************************************************
Please Note: The information contained in this e-mail message
and any attached files may be confidential information and
may also be the subject of legal professional privilege.  If you are
not the intended recipient, any use, disclosure or copying of this
e-mail is unauthorised.  If you have received this e-mail by error
please notify the sender immediately by reply e-mail and delete all
copies of this transmission together with any attachments.
**********************************************************************