This story is from the category Corporate and the dossier Identity Management

Less hassle, less effort

The Swiss edu-ID can help with a range of problems. Here are two examples.

Text: Rolf BruggerChristoph Graf, published on 18.09.2015

Swissbib: an ID for the peripatetic

Students and researchers looking for academic publications tend to start at their university’s central library or the library federation to which they belong. If they fail to find what they are looking for there, things can get complicated. Which of Switzerland’s many library federations should they choose to continue their search?

Swissbib has the answer. It allows them to search most of the Swiss libraries and repositories at once. Swissbib is continually expanding its catalogue and getting ever closer to its goal of offering search functionality for every library in Switzerland.

It can be used anonymously, but registered users benefit from additional features that have proven popular. They can specify favourite libraries, save reading lists, view their search history and much more besides. SWITCHaai can be used to register, and this is how most users do it.

It works well as long as you are a member of a university, although e-mails sent to swissbib by users reveal the difficulties they face. Mr K, for instance, has left his university: "I registered with my university account and saved some reading lists. Obviously, my account expired when my course finished. Now I can’t log in any more. How can I access my reading lists?"

Mrs W, meanwhile, switches frequently between universities and is occasionally "homeless": "My situation is probably similar to that of many post-docs, who only have a teaching post at a uni from time to time. We only have contact with the uni for a limited time."

Since Swiss edu-ID users can keep their account for an unlimited time, they no longer lose account data when their employment or student status changes.

It would therefore make sense if swissbib users could have a personal account that is not tied to a university. With this in mind, swissbib now wants to offer accounts based on the Swiss edu-ID.

Since Swiss edu-ID users can keep their account for an unlimited time, they no longer lose account data when their employment or student status changes. It will be even more practical for users when all SWITCHaai services are adapted to support the Swiss edu-ID. They will then be able to access all the services they need with their Swiss edu-ID, meaning that they should no longer need their SWITCHaai. This will become a reality quite soon.

Adapting a SWITCHaai service to the Swiss edu-ID is easy because both systems are based on the same technology. That also applies to swissbib.

Central IT, University of Zurich: one identity – no duplication

Roberto Mazzoni is Head of User Services in the Central IT Department at the University of Zurich. He spent a long time thinking about how to get a grip on the confusing mess of login identities at his institution. His problem was that there were different user administration set-ups for different systems, as a result of which people needed various login accounts. This account-based approach to user administration was switched to an identity-based one handled by an Identity Manager back in 2008. This resulted in some people having more than one identity. There are a number of reasons for this, including differences in name due to mistyping or name changes, for instance following marriage. Some people way well have been entered more than once because they have multiple roles, for example when a student is given an assistant position and thus additionally becomes a member of staff.

There is of course already an authentication and authorisation system that acts as a general key to web resources in the academic world, namely SWITCHaai. Why was this not the solution to the identity problem? "Too much authorisation, too little identity. We need to sort that out," says Mazzoni. His team developed their own concept – and then came the Swiss edu-ID, which is similar but casts a wider net.

We’ll never be able to eliminate duplications entirely, but we won’t be creating new ones by mistake any more.

Roberto Mazzoni

"What I like about the Swiss edu-ID is that, in principle, users create it themselves. When assigning roles on a decentralised basis, you can simply ask users for their Swiss edu-ID and then add attributes to it. If, at some point in the future, a user is no longer entitled to a specific attribute, it can be removed. This means that there’s no need to set everything up again from scratch, which saves both time and money," says Mazzoni. He finds it tiresome still having to create a new user identity even for short-term posts. "And this is often the case. Just think about external firms that need temporary access."

Cases similar to those outlined above can also be found at other universities. The Swiss edu-ID is designed to offer a solution for all of them. Its characteristic features are that it is user-centric and centrally managed and that every university can add access attributes as needed.

"We’ll never be able to eliminate duplications entirely, but we won’t be creating new ones by mistake any more," explains Mazzoni, adding with a wink, "Another benefit of being user-centric is that everyone knows how to write their own name."

This article appeared in the SWITCH Journal October 2015.
About the author
Rolf   Brugger

Rolf Brugger

Before joining SWITCH, Rolf Brugger worked as an Advisor and Product Manager at the Swiss Virtual Campus. He is now a member of the Swiss edu-ID project team.

About the author
Christoph   Graf

Christoph Graf

Christoph Graf graduated in Electrical Engineering at the Federal Institute of Technology in Zurich in 1986. He joined SWITCH in 1991. After leaving to work at DANTE in Cambridge, he came back to SWITCH in 1998. He is now in charge of Supporting Operations.

Other articles