Mobile Authentication Threats & Issues
Time 10/05/15 07:00AM-08:00AM
Room Room 12
The increasing development of device specific apps by publishers combined with the large uptake in mobile devices being used to access academic publisher content threatens to circumvent existing methods of federated access, including shibboleth.
Many such apps rely on a signal authentication code, often only obtained via IP login /ezy proxy login, and frequently used for periods of 90 days or more. This effectively authenticates the device, not the user and leads to a scenario of 'zero sign on' access to many academic resources and thus making federated access redundant in many cases.
Clearly proper web design on mobile optomised sites in HTML5 and appropriate integration of federated access is one alternative to this, but it is not one being followed by many publishers and service providers.
The BoF will look at a selection of top Jisc (UK) licensed resources and examine usage trends in order to determine the publisher tendency to favour device specific apps as their mobile content solutions and extrapolate the future trend in device specific app v mobile optomised sites. The BoF will ask the group to discuss the strategies and technologies that can be employed with service providers to ensure that federated access does not become sidelined as the default means of accessing publisher content because of an emerging dominance of mobile app use.
Please get your breakfast from the buffet located closest to the meeting room.
Primary track Trust and Identity