Ameritech Library Services

Remote Patron Authentication

ALS is presently testing its remote patron authentication application which they hope to release in October 1999.  ALS has permitted LION to access the demonstration website.   In order to login use "5656" as the barcode number and "guardian" as the PIN.  Click on the button labelled "Finished" when you wish to terminate your session.

The following is a description of Ameritech Library Services' Remote Patron Authentication Joint Application Development project.

Remote Patron Authentication or RPA is intended to mediate connections to Web-based databases to 1) authenticate patrons dynamically and 2) pass certified requests to a Web-based database provider. JAD participants will be asked to review specifications and prototypes, as well as being potential beta test sites for RPA.

Status: In Process with 34 client participants

Participants:  South Central Library System (WI), Austin Peay State University (TN), Reading Consortium (PA), Vancouver Public Library (BC-Canada), Salt Lake County (UT), Central Piedmont Community College (NC), Wichita Public (KS), Hickory Public (NC), Chemeketa Community College (OR), University of South Australia (SA-Australia), City University of New York, University of Michigan (MI), LOUIS Consortium (LA), Columbia University (NY), Central Library Consortium (OH), University of Chicago, FALCON (MI), Gwinnett County Public (GA), Orange County Public (CA), Cape May County (NJ), Harris County Public (TX), Grant MacEwan College (AB-Canada), Philadelphia College of Textiles and Science (PA), University of Adelaide (SA-Australia), Great River Regional Library (MN), Prince William Public (MD), Pioneer Library Systems (OK), Bank Street College (NY), Richland County Public (SC), Howard County (MD), GMILCS (NH).

There is additional information on the RPA JAD project.

The following appears in the 1999 Dynix Product Plan.

Patron Authentication for Web Database Providers

Remote Patron Authentication (RPA)

Authenticating patrons who are accessing restricted library resources is an increasing concern for libraries and online database providers. Online database providers have responded by requiring various authentication methodologies, but leaving the logistics of authentication to the library to resolve. Ameritech Library Services will release an authentication product for purchase in April 1999, along with an authentication identifier protocol. Remote Patron Authentication (RPA) works in conjunction with popular Web browser software to authenticate patrons accessing restricted resources through the library’s Web site from home, or even from within the library. Authentication occurs dynamically with both Dynix and Horizon systems, and allows the library to determine which licensed online resources the patron may access.

The RPA workflow is outlined as follows.

  1. Remote patron clicks on hyperlink to select from the library’s restricted resources.
  2. RPA prompts the patron to enter a library barcode number and, optionally, a PIN.
  3. RPA authenticates the remote user with the library’s Dynix or Horizon database.
  4. RPA presents a dynamic Web page of restricted resources to the authenticated patron.
  5. The patron selects a restricted resource.
  6. A unique identifier is generated, according to the authentication identifier protocol specifications, and attached to the Internet request for the restricted resource.
  7. The Internet request is sent to the online database provider for the resource.
  8. The online database provider processes the unique identifier, recognizes the request as valid, and allows access to the restricted resource.

ALS is designing, in conjunction with database providers, an authentication identifier protocol for creating valid, authenticated access requests from remote library patrons to online content and database providers. With an accepted, standard authentication identifier protocol, libraries gain ease of administration, online database providers gain assurance of licensing compliance, and ALS gains a single protocol to support for our customers. We believe that the adoption of this protocol will be a big step forward in delivering more comprehensive library services to remote patrons in an authenticated and secure manner.

We encourage all ALS customers to support the authentication identifier protocol and its adoption by their online database providers. We plan to publish the authentication identifier protocol early in 1999 and make it available to all library vendors and database providers.  Technical specifications will be available for review in the support areas of the ALS Web site.  Library vendors or database providers can request a developer’s toolkit for the authentication identifier protocol by sending an e-mail request Ameritech Library Services.

Below you will find examples from the demonstration website.

wpe2.jpg (70803 bytes)

wpe3.jpg (47356 bytes)

wpe4.jpg (60136 bytes)

Return to Ameritech Library Services

Updated August 27, 1999