Therefore, security-conscious network administrators must secure and control access to library resources. This is done through a process called "access control." Although we may not be aware of it, access control is a common part of our lives. We are constantly required to prove who we are before we are allowed to access valuable resources—from our bank accounts to our to our email.
When to Use Access Control
Controlling access to resources depending on who wants to access them is called "user-level security." This kind of security can be used to regulate access to networked or stand-alone systems. Reasons a library may need to implement user-level security are:
- There are resources on your network for both library staff and patrons; however, patrons should have access only to specific, limited resources.
- A library needs to provide unfiltered Internet access to staff but only filtered Internet access to patrons.
- A database with a limited number of licenses needs to have regulated access.
- A public access computer reservation system needs to authenticate users before it makes a reservation.
It is important to understand that user-level security and ease of access are inversely related: the more security required to protect a resource, the more difficult it becomes for patrons to access that resource. If your library wants to make specific resources easy for patrons to use, such as the online public access catalogs, then avoid requiring user-level security.
Implementing User Level Security
Access control is a three-step process that involves identification, authentication, and authorization.
Before accessing a resource, a user must first identify him or herself. User identification is the process of establishing the user's identity and usually requires very little interaction on the user's part.
User identification can serve multiple purposes:
- Once a user has identified him or herself, a system can check whether that person has previously registered and is in fact allowed to use the system (providing that they prove their identification as described in the following section).
- A system may need an identity to establish a username for future access. This happens if a user has not previously registered his or her identity on a system.
- A system may simply want to identify users so that it can keep a tracking log of people who have accessed a system or simply record the number of times people have accessed a system. Anonymous FTP is an example of this kind of identification.
There are two popular methods of user identification in libraries. Library cards with magnetic strips or bar codes allow patrons to carry their identification with them in a physical form. Devices such as copiers and automated checkout systems often require such identification. This form can also conveniently keep track of monetary credit. The other popular method of identification is a username. This method requires the user to remember their identification; this is used primarily when logging in to a computer.
In most cases, a user must first register her or his identification. Obtaining a library card is the most common way of registering an identity. Once a patron's or staff's identity is registered, the library can then determine what resources that user can access. Registration can require a lot of administrative overhead. Large libraries may implement some kind of automated or self registration process. Smaller libraries may register patron and staff accounts on the same network operating system and thus avoid implementing complicated user authentication databases. A common practice is to register a generic user account that is available to all patrons. This practice is beneficial when a user is accessing a resource that is not sensitive. In this case, all patrons have the same identity and authentication is avoided.
Authentication is the process of a user proving that s/he is actually the person who s/he claims. There are three basic ways to do this:
- By providing information the system or network is expecting, such as a password or Personal Identification Number (PIN)
- By providing a card, such as a library card or ID card
- By providing some physical attribute which the system or network can verify, such as fingerprints or retinal pattern
Each of these authentication methods has drawbacks. Password or PIN authentication is easy and inexpensive, but it requires that the user commit something to memory (which is often easy to forget). Passwords can also be susceptible to compromise, depending on their length and what kinds of characters are used. See Network Passwords.
Library cards or smart cards can store and track a lot of useful information, but unless they are password protected, a stolen card can be easily compromised. Card readers are more costly than password and PIN authentication. See Smart Cards.
Biometrics literally means "life measure." It is a method for automatically identifying users based upon their unique physical characteristics, such as their retinal pattern or their fingerprints. They are useful for providing security for sensitive data. It is very hard to compromise this kind of security. However, biometrics can be highly cost prohibitive. Retinal scanners are still somewhat of an emerging technology, but fingerprint scanners are available now and cost less than retinal scanners (from $100 and up per device). However, when the fingerprint scanner cost is mupltiplied by the number of computers you have, biometrics ends up being considerably more costly than smart cards or passwords. For more on biometrics, see Biometrics, as a New Technology and Biometrics, a list of links to biometrics information and vendors.
Authorization is the final process in user-level security. It is the process of determining what resources a user can access after successful identification and authentication.
Different users have different authorization to library resources. For example, a patron should only have authorization to read from a card catalog system, but a staff user should have authorization to make changes to references in the system, and an administrator should have full control to change anything—including what kind of authorization other users have. Another example is Internet filtering. Administrators and staff should have unlimited access to the Internet; however, patrons should only be authorized to view filtered content.
It is up to the library automation staff to implement authorization. Certain systems are configured with default authorization for different users and groups. However, when implementing network security great care should be taken in determining what resources users are authorized to access. Security is as strong as the weakest link. If a system has a strong identification and authentication process but a weak authorization process, security may be easily compromised.
Next: Network Passwords