The problems of securing Internet access to electronic documents …and a solution!
| Published date | 01 March 1998 |
| Pages | 16-21 |
| DOI | https://doi.org/10.1108/eb040690 |
| Date | 01 March 1998 |
| Author | John Paschoud |
| Subject Matter | Information & knowledge management |
The problems of
securing Internet
access to electronic
documents
...and a solution!
by John Paschoud, British Library of
Political & Economic Science, London
School of Economics
Many full-text online document resources are
currently secured by shared or individual
usernames and passwords, or they are
completely unprotected from unlicensed
access by anyone on the Internet. The
Document server model that was developed
for the EC DECOMATE project offers an
alternative way to secure access and ensure
compliance with copyright and licence
conditions, without requiring the owner of the
resources to know about all the individual
authorised users - and the software to
implement it is free!
Where are the electronic
documents? Where will they
be? ...and who's looking after
them?
The 'hybrid of holdings' library model
A rapidly increasing number of sources of full-text
copyright (or otherwise 'valued content') docu-
ments are becoming available online, deliverable
directly to the desktop workstations of users.
These sources may be hosted and managed by
academic libraries, 'traditional' publishers and
newer types of publishing intermediaries, or the
document authors (corporate or individual) them-
selves. In the 'hybrid library' of the near future,
with library policies and available resources
leading towards a new balance between holdings
and access, this diversity of holding agencies is
only likely to become even wider and more complex.
Where the use of these resources is covered by
licences or other agreements, a technical means is
needed to ensure that only individuals authorised
by a licence (such as "bona fide students and
academic staff of...") have access to the materials.
In most cases the licence, and therefore the legal
responsibility, is between the publisher and a
library, but those who benefit from it are an
identifiable community of individual users of
that library. Typical conditions and definitions
of
the
particular users (and other conditions of use)
authorised by such licences vary widely at present.
I am not aware of any significant relevant legal
action taken to date over an alleged breach of
such licence conditions, but the vagueness of
many of them promises to greatly enrich many of
m'learned friends when this does eventually
happen.
Common ways of securing online document
content
Technical methods of access restriction are there-
fore either applied directly by content owners to
protect their property (where the content owner
also manages the online server), or by a licensee
(such as a library) to comply with its' promise to
restrict access to the (albeit vaguely) defined group
of licensed users. At present, four approaches are
in common use:
• Furtiveness
Keeping the content at a generally
unpublicised URL, and hoping this will only
become known to authorised users.
• Internet geography
Restricting access to requests from Internet
clients (i.e. Web browsers) at a limited range
of Internet domains (such as "*.lse.ac.uk",
or "*.*.ac.uk") or IP addresses (the numeric
version of the domain).
• Group identity verification
Issuing a single name/password combination
to each licensee (library), which can be
disclosed to all the authorised users covered
by the license.
• Individual user identity verification
Individually registering each authorised user
covered by any license, and issuing them
each with an individual name/password
combination.
16 — VINE 112
To continue reading
Request your trial