Home | Personalisation (Summary)
Full Text: Page 1 | Page 2 | Page 3 | Page 4

Applications of smartcards
Smartcards in libraries are a potential way of providing or controlling access to a range of services without time-consuming staff involvement other than that involved in updating, personalising and issuing the card. They are already used in academic libraries as a way of charging students for photocopying. They could be used remotely so that users with Internet access could access charged services such as online databases from their own homes.

Cards could permit a children to use the Internet and ensure that they only surf certain predetermined sites, coded into the smartcard. The basic list of websites could be provided by the library with the child’s parents able to modify it if they wish.

Of particular relevance to this guideline is that they can also be used to provide access to the personalised choices of the user of a network e.g. show on the screen the services that user has subscribed to and no others, or their favoured fonts, templates and other settings.

They could regulate the time spent by users of certain services such as the Internet, which it is difficult for staff to supervise.

Other applications could include access to photocopiers, payment for internet use, payment for printing from the Internet, possibly even payment for goods and services purchased over the Internet, and use of word-processing facilities if that is a charged service.

As services such as e-books and on-line databases become more commonly available in public libraries, smartcards might be a way of providing these services while ensuring that some of the cost is passed on to the individual user rather than shared by the whole library community.

Portals
Many organisations are now developing portal-type access to their services for their customers. Banks are encouraging their customers to manipulate their own bank accounts on-line and supermarkets are providing automated shopping facilities which have a memory of the customers previous choices. People will soon come to expect the same kind of access to library services. The purpose of the customised portal is to save information for customers, and avoid presenating them with information they do not need a potential solution to the problem of information overload.

A library portal would enable users to create their own information and research environments. This could be particularly useful to people without Internet access at home or at work. (See also resource description)

People with Internet access would be able to have direct access to their chosen library services from home.

Portals could be customised for children or other user groups.

For articles on customised portals in academic settings see the Library and Information Technology Association webpage at
http://www.lita.org/ and
http://hegel.lib.ncsu.edu/development/mylibrary/librarians-guide.shtml

Swipe cards/smartcards combined with portals
For some time librarians have been unsure about how to guide library users as to the best way of making use of the Internet. Library users often ask for help and guidance in finding sites which are of interest to them.

As digital information sources are certain to increase in number in the near future the role of the librarian in guiding readers to high-quality sources of information in digital formats will become more and more important.

The role of the face-to-face interview with the library user will always be important but the process of guiding people to suitable websites and other types of high quality information can be automated by agent technology.

Personalised portals can be offered to library users to help them avoid information overload and search for only those types of information they are really interested in. For examples see MYUW services run by an American academic library. A major study of issues relating to library portals for students in UK academic libraries called Inspiral has just been carried out. This is a survey of software produced commercially for the education market which will combine coursework records, tutorials and interactive material prepared by the tutor. Most of the literature on this subject has been written from the academic standpoint but some of it is adaptable to the public library context. See www.lita.org/ital/1904_html.

See also resource description

User authentication
Authentication is the process by which the electronic identity of a client is asserted to, and validated by, an information system, using a credential issued following a registration process.

It may involve establishing that the client is the true holder of that credential by means of a password or biometric. A biometric authentication involves the identification of fingerprints, facial features, voiceprints or retinal patterns.

The registration process will have involved the production of some real-world identification process such as a driver’s licence, passport, or birth-certificate etc.

There are different levels of authentication; the following are listed in the order of the degree of security they provide:

  • Obscurity is based on the assumption that only authorised users will know the name of a file or database and that the databases are sufficiently protected by this alone.

  • Simple authentication uses shared secrets (passwords) which are exchanged as clear text and which provide very little assurance of the identity of the sender of the message. For example passwords can be lost or stolen; users tend to choose obvious words to be their passwords; they often have to remember a number of them and are tempted to make notes of them, undermining their usefulness as guarantors of identity. A single password may even be shared by a group of people. There exist types of software designed to “sniff” or observe the use or exchange of passwords and intercept them.

  • Protected authentication is similar but the passwords are encrypted.

  • Strong authentication uses an encrypted secret known only to the sender of the message to guarantee his identity. This type of authentication may be needed for purposes of non-repudiation, i.e. the authenticated sender of the message cannot later deny having sent it if e.g. he orders some goods or services.

Technologies to support authentication in Higher Education describes various types of encryption and security systems.

Identification systems can be bought off the peg e.g. the Athens Access Management System. Athens is an access management system controlling access to online databases. It is used by all UK higher education institutions and many further education systems and about half of the National Health Service. Users have varying levels of access to the system, from administrator to personal user. Kerberos is a network authentication protocol designed to provide strong authentication for client server applications by using secret key cryptography, developed by MIT.

Authentication in the near future will probably not be done by libraries themselves but by other local or central government agencies which will issue members of the public with an all-purpose form of identification, probably some kind of smartcard. There already exist private sector organisations which issue such forms of authentication as a service to the growing e-commerce sector e.g. tScheme. (See also legal issues.)

Home | Personalisation (Summary)
Full Text: Page 1 | Page 2 | Page 3 | Page 4


Select a country to view information on public libraries


Digital Guidelines Manuals
Click here to view


The PULMAN
Online Database of Education Resources


Private Section for PULMAN partners only.
Click here to Enter

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Last updated 11/05/2004
Site best viewed with IE 4.0 or above