Professional Documents
Culture Documents
Textbook Access To Online Resources Kristina Botyriute Ebook All Chapter PDF
Textbook Access To Online Resources Kristina Botyriute Ebook All Chapter PDF
Textbook Access To Online Resources Kristina Botyriute Ebook All Chapter PDF
Botyriute
Visit to download the full and correct content document:
https://textbookfull.com/product/access-to-online-resources-kristina-botyriute/
More products digital (pdf, epub, mobi) instant
download maybe you interests ...
https://textbookfull.com/product/longman-academic-writing-
series-3-paragraphs-to-essays-with-essential-online-
resources-4th-edition-alice-oshima/
https://textbookfull.com/product/ise-ebook-online-access-for-
fundamentals-of-investments-10th-edition-bradford-jordan/
https://textbookfull.com/product/principles-of-business-
management-print-purchase-includes-free-online-access-richard-l-
wilson/
https://textbookfull.com/product/longman-academic-writing-
series-1-sb-with-online-resources-2nd-edition-linda-butler/
Longman Academic Writing Series 2 Paragraphs with
Essential Online Resources 3rd Edition Ann Hogue
https://textbookfull.com/product/longman-academic-writing-
series-2-paragraphs-with-essential-online-resources-3rd-edition-
ann-hogue/
https://textbookfull.com/product/longman-academic-writing-
series-4-essays-with-essential-online-resources-5th-edition-
alice-oshima/
https://textbookfull.com/product/inclusive-access-and-open-
educational-resources-e-text-programs-in-higher-education-tracy-
a-hurley/
https://textbookfull.com/product/open-source-intelligence-
techniques-resources-for-searching-and-analyzing-online-
information-6th-edition-michael-bazzell/
https://textbookfull.com/product/open-source-intelligence-
techniques-resources-for-searching-and-analyzing-online-
information-7th-edition-michael-bazzell/
Kristina Botyriute
Access to
Online Resources
A Guide for
the Modern Librarian
Access to Online Resources
Kristina Botyriute
Photographs by Danielle Mac Innes, Edward Borton, Phil Coffman, Kristina Botyriute, Kai Oberhäuser, Pavan Trikutam, Angelika Levshakova, Philipp Berndt,
Antonina Bukowska, Riciardus, Jakob Owens, Margarida C Silva, Clem Onojeghuo, Michał Parzuchowski, Daria Nepriakhina, Anastasia Petrova, Antonio Lapa,
Tim Gouw, Marc Wieland, rawpixel.com, Jessica Furtney, David Marcu and Hand drawn illustrations by leva Botyriute
© The Editor(s) (if applicable) and The Author(s) 2018. This book is an open access publication.
Open Access This book is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits
use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to
the Creative Commons license and indicate if changes were made.
The images or other third party material in this book are included in the book’s Creative Commons license, unless indicated otherwise in a credit line to the material. If material is
not included in the book’s Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain
permission directly from the copyright holder.
The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such
names are exempt from the relevant protective laws and regulations and therefore free for general use.
The publisher, the authors and the editors are safe to assume that the advice and information in this book are believed to be true and accurate at the date of publication. Neither the
publisher nor the authors or the editors give a warranty, express or implied, with respect to the material contained herein or for any errors or omissions that may have been made.
The publisher remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Cover Illustration: Front cover photograph by Ashley Batz: Back cover photograph by Jill Heyer
This Springer imprint is published by the registered company Springer International Publishing AG part of Springer Nature.
The registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland
Helping you get the most
out oflifeby helping you
get the most out of
technology.
Eduserv
Introduction IP address recognition
01 04 On and offsite
Remote access: local build s
v
cloud based
Secu rityconsiderations
Key concepts
02 Authenticationand Authorisation
How itworks
Before we start
... You ...
... and Them
Federation
Key concepts
OpeniD Connect
06 Open Authorisation2.0
VII
© The Editor(s) (if applicable) and The Author(s) 2018 1
K. Botyriute, Access to Online Resources, https://doi.org/10.1007/978-3-319-73990-8_1
"Access management is a v e ry comp licated beast", Some publisherscharge forevery single user, in which case you willwant to
concluded one ofmy customers at the end ofa lengthy supportcall. make sure you have an up-to-date listofindividuals who need thisresource
This might indeed renect how many librariansfeelthese days but it as well as ensure appropriatepermissions are in place. This is particularly
doesn' t need to be! Afterreading thisbook, you willbe able to skillfully relevant to small librarieswhere the budget is lim ited.
navigate the maze ofonline access management technologiesand
decide what serves your library' sneeds best. As an internationaltechnicalpre-sales consultantforOpe nAthens. I
n s from allover the world. The shee r number of
frequentlyspeak to libraria
According to Gartner ITGlossary(2012), "identityand access techno logies a typical librarian deals with on a dailybasis is astonishing.
management (lAM) is the securitydiscipline thatenabled the right Often they are expected to learn-on - the-job, w h ich can be stressful
in a
individuals to access the rightresources at the righttimes forthe right busy env i ronment especiallyifcommunication between the libraryand IT
reasons ." Simply put, itis making sure your users are who they say they department is poor.
are and on ly have access to what you want them to have access to. In
addition to prev e nting u na u thorised partiesfrom exploitingyour The followingchaptersare writtenforkn ow ledge workers who are inv o lved
organ isation ' s resources, lAM technologies can h elpmanage w ith managing access to digital content online and cannot affordthe time
subscriptionsto online resources where cost is based on the number to read book afterbook oftechnicalmaterialto make sense ofallthe nuts
and boltsthatmake up the lAM. I have covered allthe main concepts in this
ofusers accessing protectedcontent.
book.
2
3
j a ne and Ben
Monday morning. Electronicresources librarianj a ne makes herselfa Ben is a chemistrystudent who has found an interestingarticleon
cup ofcoffee.sitsdown at her desk and types in her use rna me and ScienceDirect(scienced irect.com). In order to read fullarticle,Ben must
passwo rd into the login screen. Instantly.
the computer sends these sign into the website. He knows h is university has access to content on
credentialsto a centralplace- the directory,where allorganisational thiswebsite and selectsthe ' Sign in iv a your Institution'option.
accoun ts are listed. The most popu lar ofthese is Microsoft' sActive The followingsequence ofevents may sound like a long intricate
Directorybut on a rare occasion you may be dealing with alternat
ives process but in realityitgets executed in a splitsecond:
such as OpenLDAP, Univ e ntions (UCS), ApacheDS or even the futuristic
concep t ofDirectory-as-a-Service. First. a form forcredentialsis displayed and as soon as Ben enters h is
So what happens when j a ne ' s credentials reach the directory? The server details.his organisation authenticates him as a valid user.
checks ifj a ne is a registeredu ser and ifthe password is correct. Ifso,
she is authenticatedinto the system. Then. Ben s
' institutionpasses a small set ofinformationto
ScienceDirect.This set includes detailsabout Ben as well as his
j a ne ope ns the shared drive to find some reports but accidentallyclicks univ e r sityand is used by the publisherto carryout au thentication
on the ' HR ' icon, causing a warning messag e to appear adv i s ing she does againstthe listofsubscribing organisations.We can think of itas a
not have permission to access to thisfolder.She then clickson the second roun d ofthe same process, only now on prov i der ' s end.
' Reports' as initiallyintended and itopens. This is an authorisation
decision in fluenced by a v a riety ofsecuritypolicies in j ane's organisation. Lastly.university is ver ified to have a valid subscription and
determining specificpermissions for each user or user group. authentication is successful,howev e r the articleofinterestis published
in a j o urnal his institu
tion has not yet bought the access to and the
In the contextofaccessing digitalresources online. authentication and authorisationfails
.
authorisationmay occur a number of times before users are presented
with the content they are tryingto access. Ben sets offto h is un iv e r sity'slibraryto discuss his options...
PO INTS
Authenticat
ion v alidates user' s ide ntity.Who are you? Authorisationchecks what permissions the user has. What can you access?
4
Before we go ahead, we need to make friends with one concept. Essentially.a protocol is a set ofrulesdes igned to make ou r life
A PRO TOCOL is a big scaryword, often used by ITguys to scare easier. The sequence ofevents may vary in length and execution
pe ople offso they do n' t hav e to wor k as much (I am j o king. of depen ding on who is doing the shopping b u t the ruleso fthe protocol
course). My personal. ifsomew h atgeeky. opin ion is that enable a clear goal. path and outcome.
everything bo ilsdown to a protocol.Iwi llexplain.
What about online shopping? Well, thiswou ld be ASP 2.0
A Shopping Protocol. ASP. Importantthing to note though is thata higher version ofsomething
doe s not always guarantee an improv e ment- somet imes it is j ust
another way ofachieving the same result.
One must walk into a shop. collectitems into a trolley or a
shopping basket and either self-checkoutor go to the till to pay.
With thatin mind, let's go ahead and explore the mos t common
v riation in customers' choice ofitems'
Wh ilstthere may be a
authenticationand authorisationmethods thatprotectthe
container and the method o fcheckou t. ultim atelythe
digitalcontent online today.
procedu re is to collect items, pay and leave. Any other way to
obtain goods from the shop is non-standard and usually
unsupported by law.
5
7
What is HTTP?
HTIP stands for Hyper Text Transf
e r Protocol. Web based authenticationhas ma ny flavo u rs and what we know
Itis a set ofrules oftransferring files on the World Wide Web. as 'username an d password' uses three ofthem:
When you open your b rowser and typein an add ress, you are
' ET me thisweb page!'. Collaborating w ith a
reallysaying: G
number ofother protocols,HTIPfetchesyou the page and
G
HTTP BASIC
serves itup on the screen. AVTHENTlCATION
POST https·ttwww.any_internet_store.com/Logi n > There is a lot more to this sim ple me thod than meets the eye and
we willdelve rightinto what happe ns behind the scenes.
8
HTTP Basic Authentication
HTIP Basic Auth entication is the oldest username an d password Need lessto say. due to it's age HTIP Basic Authen ticationhas maj o r
authentication method there is. Itdates back to 1989, when Sir Tim securityflaws. As you have alreadynoticed, the example links on the left
Berners-Lee invented the World Wide We b . Itworks like this:a user are passin g the username and password in cleartext.
typesin credentialsand from then on theymust be passed to the This au the n ticationmethod su pportsbase64 encod ing too b u t it doesn' t
website each time the user' s actions resultin a req uest forany new make itmo re secure as the textcan be decoded in seconds using online
content to be d isplayed. Remembe r GET? This is it! When content is tools. Can you guess w hat is encoded in th is link?
9
This is a more secure v e rsion ofHTIP Basic Authentication. From user's Upon a (hopefullybrief) encounter with DigestAuthentication. my best
perspective ev e ryth ing looks the same (real life examp le ofBA. as advice is to note what the creatorsthemselves said about the method:
promised):
"The DigestAccess Authenticationscheme is not intended to be a
Authenbc.abon Requwed X
httpc/friowtb.MwSbink.com is requtSCing 'f04If uscrntmt 1nd p1uword. The site wyt; •NfWSS.-nk
complete answer to the need forsecurityin the World Wide Web. This
wowtb·
scheme prov ides no encryption ofmessag e content. The intentis simply
to create an access authenticationmethod thatav o ids the most serious
C•ncd
flawsofBasic Authentication." (Leach et al., 1999)
MDS (Message Digest 5) is the default algorithmused forHTIP Digest base64 can be decoded using tools freelyavailable on line
10
HTTP(S) Forms Authentication
This method submits user name and password to the server by power Username and Password do not match.
ofPOST. (Think ofan enve lope with a letterinside). It does so in clear The result is an error message, as expected. Shou ld my cre d entialsh ave
text.howev e r itis most common ly used with HTIPS foradded security. matched the records on publisher's end, the code on the we bs ite would have
(Think ofan envelope with a magic seal on top). changed to contain my username and password in the login form. This would
What is HTIPS? Hyper Text TransferProtocolSecure. You know it's in then be used to redirectme to the post-login screen, print ' Hello, Test' and
use when you see this: potentially load my personal profile forthiswebsite.
Forms authenticationis incrediblypopularand is the most widely HTIPS forms authenticationis a much betterway to co nne ctind ivid u al users
adopted v a riant ofusername and password authentication. to protected co ntentthan Basic or DigestAuthentication.For one, the login
POST as a method is more secure than GET: itwillnever pass data in form willlook an d behave as d esired by the creatorwhi lstthe other two
the address ba r, itwillnot be cached or remain in the browse r history. leave u s stuckwith a pop·up box an d an uglyerror401 when thingsgo
Still,itcan be read ifinterceptedun less used in conj u nction with south. Many publishers supportforms auth enticationas an option for
HTIPS. To illustrate
the process, Iwillattemptto access MAG Online indivi du alsubscriberswh ilst institut
ional users are oftenen couraged to use
Library. POST to: https:/ / w ww.magonlinelibrary.com/ a ction/ d ologin federated access, covered late r in this book.
11
Cookies!
"By continuing to use thissiteyou consent to the use ofcook ies on your dev i ce as described in
our cookie policy unless you hav e disabled them . You can change you r cookie settingsat an y
tim e but partsofour sitewilln ot functioncorrectly
without them" ( ft.com)
Also known as HTIP entityauthentication,cookies are differentfrom Sess ion cookies will 'go out ofdate' as soon as the browser is closed
username and password driven recognition. Much like real cookies, or the session time is up. This means thatifmy aunt Marywas
digitalones also enhance the qualityoflife·or in particular,user shopping forgroceries forher Sunday roastand had a cartfullof
expe rience on the web. As I'm sure you willagree, we would struggle goodies, one unfortunate clickon th e red X at the top ofthe browser
to finda website thatdoes no t make use ofcookies in thisday and would render her cartempty when she nav igates back to the site.
age. So, what is thiscookie? Such an event wou ld likelycause her some griefand perhaps this is
one ofthe reasons why session cookies are not overly popular
A cookie is a small piece oftextthatstoresinformation about your amongst online retailers.What ifthe browser was set to purposely
interactionwith a website. Ifyou clicked on the cook ie policyhyperlink deny session cookies? My au nt Marywould not be able to add any
displayed at the top ofthispage, you wou ld have
in the notification potatoes to her cartatall!Websites do not have a memory oftheir
been taken to one ofthe nicestcookie policyexplanation pages I've own and so she would be treatedas a new v i sitor every time she
come across so far.Not allpublishersgo into troub le ofexplaining opened a differentpage.
themselves in such detailand thereforeitis worth familiarising
with
how cookies work. According to Wr ight Freedman and Liu (2008) "in Persistentcookies are eitherstored in "jars" o n your browser or on
contradictionto the claim thatno information is sent from your your device, in the hard drive. Being plainstrings oftexttheycannot
computer to anybody outside your system, the maj o rity ofcookies are do anything on their own but are detectable by websites and serve as
interactive (thatis, the information is no t only writtento them but also reminders ofthe vis itor' s lang uage preference, bookmarks or theme
read from them by the web servers you connect to)." selection. On rare occasions cookies would store user's credentials
which cou ld resultin auto-login although from a securityperspective
thisis not something thatshould be endorsed.
12
More about cookies ...
When a cookie is initially set, several very importantparameters are As you willhave alread y noticed, there is no session identifier.This
specified: coo kie' s name. expirydate. doma in, session identifier and path. means the coo kie we' v e j u st analysed is not a session one. To check,
simplyclose the browser and re-open again - did you see the cookie
message appear at the top? j ust forfun, I checked what else was set
NAME: Chocolate Chip Cook ie on my browser as soon as I got to th e website. The listturned out to
EXPIRY DATE: 03/2020 be quite exten sive, containing bo th session and persistent cookies
BRAND: Cook ie Company (yes, allof those folde rs, not j ust nature.com):
SESS ION: firstshopping today
PATH: 3rd isle from the left Sci•
POST
cookies: accepced
Set- Cookie: euCoo ki eNo cice=accepced; domain=ww-w . nacu re . cam; (@=> KEY POINTS
pach-/ ; 0 2 Jul 2 01 8 16 : 31 : 07 - 0000 ;
Cookies can significan tly enhance user ex perience and some use of
Looks technical? Here's what itallmeans.
them is essential.Presenting users w ith a message thatsign ifies
acceptance o fallcookies on the siteis requ ired by law in many
euCookieNotice=accepted : acknowledges my acceptance ofcookies countries.
doma in=www .nature.com; means the cook ie will on ly be av lid here
Ifnature.com had an y sub- d oma ins, such as ' x y z.nature.com' then a Clear your cache and cook ies ifbothered by unsolicited ads (or
separate cookie wou ld have to be set for those installan adv e rt blocking extension).
How wo uld we set a coo kie to includ e allsub -doma ins? ' .n ature. co m'
path=/ ; m ea ns the cookie willapply to allpages on thisdomain, not j ust Check the cookie policy ifnot presented w ith informational
thisparticular one message - itisgood fun and good practiceto know who is
expires= Mon, 02J u l 20 18 16 :31 :07 -0000 ; sets cook ie' s lifetime to a year interested in you r activityonline
13
I am yetto see an online content publisherwho would insiston this The King is now sufficiently
assured ofthe authenticity
ofthisletterand
form o fauthentication.Itis usefulto know nev e rthe lessas you may be proceeds to read it.
using certificates
to access Office365, protectconnection to your work
network over the VPN or even j u st log in to the portalwhere allofyour Suppose the bishop has been demoted · he would then be added to the
digitalresources are listed.Certificate
authenticationcan replace user revocation list and the archbishop would advise the King to not trustany
credentials or be used in conj u nction forincreased security. Winnard correspondence sealed with the demoted bishop's stamp.
et al. (2016) defined the concept in the followingway: "one partyuses a The same would applyifthe bishop's reign in the region has come to an
certificateto identifyitself,the other partymust valida te it.This process end (thiswould unfortunatelymean the bishop has passed away) · the
is referred to as a handshake." archbishop would notifythe King the official
seal has exp ired and shou ld
Atthe risk ofsounding medieva lwhen explaining modern technology, I not be trusted.
willcompare a d igital certificateto an official
seal. confirming to the
King the letteris from the bishop. The b ishop willhav e used his ring to When you are a King. here is how your browser would declare it:
stamp it. then ordered his trusted messenger to deliv e r the letterto the
King. This letteris ofhigh importance and the King needs to be certain 0 There is a problem with this website's S«Urity certificate.
thatthe seal is not forged. What ifsomeone has stolen the bishop' s ring
and went on stamping about? H e refersthe matter to the archbishop
Se<vr,ry certt6c1t• prob1tms a.y M Mttmpt to lool )'OU Of entttctpl .,., datJ you Hnd lO lht
Authority)·a highlyrespected and trustedindividua lwho is
(Certificate .........
in cha rge ofand regularlykeeps in touch with allthe bishops. The
archbishop inspectsthe seal and confirmsit' s validity. He also informs 0 C5d< ....... - .... wobt»go.
O eon>-to th c _ , . ( l > o t . _
the King the sender is alive and we ll. as he has only recentlyattended a
dinner partywith him.
14
Key concepts
HITP
data exchange on the www.
Facilitates
Uses GET to fetchinformation and
POST to send It
0 0 0 0
CERTIFICATES
Helps confirm
authenticityand
trustworthinessof
digitalentities
15
17
IP address recognition. oftenreferred to as a "tradit
iona l For each incom ing IP is likely to be monitored For security
The traffic
authenticationmethod", is very o ld. It pre-dates the HTIP Basic reasons and to measure usage wh ich may influence the costwhen it
Authentication d iscussed earlier on and goes as farback as 1970s • comes to renewal. The setup itself
though is exceptionallystraightforward.
the time before the World Wide Web as we know it.Why d id I callit But how do we use th e same method to enable access foruse rs off-site?
recognition. no t authentication? Because the elements required to
identifyan individual are missing. Itdeals with authorisation The reigning king ofIP-based remote access technologies is a proxy
known location.For examp le: Ray wants to access the International The deadline is fast approaching and Helen needs to access annals.org
j o urnal ofMetrologyand QualityEngineering. His institution from home to complete her assignment. She logs into the libraryportal
subscribes to itand Ray is accessing from an on-campus computer . where linksto var ious on line resources are listedand clicks on ' Annals of
InternalMedicine' linkwh ich is configured to route the request iv a her
Upon detecting a new connection , metrology-j o urnal.org che cks
university's proxy server. The proxy changes Helen ' s IP address into one
Ray's IP add ress againstthe lis tofauthorised IP addresses and
thathas been pre-agreed to represen t thisinstitutio
n and the publisher
grantsaccess to the content.
authorises access based on the proxy IP instead of He len ' s real one .
IP recogn ition is w ithout a doubt the most wide ly used method for
institutionalloginsin the o nline publishing industry.This is a v e ry
convenient option thatrequires min imal effort
to set up- a simple
network firewallcan do the j o b. Here is another common scenario: a Lln.k1; to
18
Some organisationsliketo keep itallin-house. in particularthose Hosted proxy services take a lotofstressaway as the prov i der takes care of
benefiting from a largeITteam or those thatdo not believe in cloud allthe upgrades, maintenance and guarantees a high uptime ofthe service.
technologies. A proxy server is eitherinstalledas a stand-alone entity As with everything. migration from a localinstallation
to hos ted serv ice
on the localnetwo rk or may come as an add-on featureofanother lAM requires carefulplanning. Lynne Edgar from Tex as Tech University (TTU)
technology. such as OpenAthens LA. In such a setup, the organisation libraries(2015) has shared the experience ofmigration in the j o u rnal of
takes fullresponsibilityforthe maintenance ofit's own proxy serv e r· ElectronicResources Librarianship, making the followingrecommendation:
patching.upgrades. resilientarchitecture.everything. When strict "Isuggest other librariesthoroughlyunde rstand theirauthentication process
securitypoliciesmust be adhered to but the institutionstill
wishes to < ... > w hen implementing a hosted service. < ... > Be sure to ascertainthe
u tilise IP recognition forremote access thisis oftena good cho ice. process used to access resources via mobile devices when moving to hosted
Some providers charge per traffic
v o lume or limitnumber of EZProxy. Ensure tablets and phones willbe able to access allofyour
concurrent sessions. In response to that,some IT teams feelthathaving electron ic resources formatswhether users are on or offcampus".
a proxy server on -site h elps them mai n taina bettergripon usage
management. EZProxy is an example ofa proxy well-known to Her recommendation to thoroughly understand localauthentication process
academic libraries. It offerstwo options- locally
installedEZProxy is sound and applicablewhichever lAM solution you may be co nsidering. If
server or Online Computer LibraryCenter (OCLC) hosted serv ice. Whilst you know what systems are in placeand what your user j o urney looks like, a
ideas to create an open source alternat
iev are surfacingdue to the good supportteam should be able to assistyou with the rest. In TTU Libraries'
observed continuous rise in prices forthisservice (Sabol, 2016), the case, the process ofmigration has un intentionally stretchedout to seven
on ly real alternatives today are Web Access Management (WAM) proxy months and there was a lossofservice to externalpatrons along the way.
or OpenAthens, where a managed proxy serv ice is partofthe package .
@=' K EY POINTS
A locallyhosted proxy serv e r willhave to be looked after. Proxy in the cloud takes a lotofwork offyour hands and is much more
Organ isations thathave implemented this solution commonly have a conv e nient than a locallyhosted one . U nde rstand ing ofyour institution's
dedicated member ofstaff
who continuo u slyupdates proxy securitypoliciesas well as existing user j o urney willhelp reduce
configurations. disruptionsduring the impleme ntation.
19
"On average, 58% ofthe IP
ranges held by publishersto
authenticatelibrarieswho
license theircontent are
inaccurate"
20
As conv e nient as itmay be, IP recognition has it's Haws. Many In addition to being susceptibleto man-in-the-middle attacks,access by
pub lishers code theirwebsites in such a manner as to aid the IP recognition has been discovered to suffer from general abuse by
researchers in their efforts.
This aid would often take form of subscribers. PublisherSolu tions International. ltd(2017) have recently
personalisationfeatures,such as ab ilit yto save usefularticles or carried out an extensive research and data cleanup exercise where they
advanced search quer ies. compile a listofreferences, share material have come across numerous instancesofmisuse and license abuse ...
w ith fellowresearchers and so on. Allofthisconvenience is This lead to opening ofth e ipregistry.org- a growing repositoryof
unattainable when IPaddress is used forauthorisation.Why? approximately 1.5 billionv a lidated IP addresses from ove r 60,000
Because the IP address does not uniquely identifya user, un less the organisationsworldwide . These addresses are added and upda ted by
user has a staticaddress configured on the device and thatdev ice is subscribin g institutions themselves, howev e r the benefitis thatthey
utilisedexclusive ly by thatone user which is a somewhat unlikely on ly have to do thisonce. Participating
publishersare keeping an eye
scenario. In fact.it is common practiceto only use one o r two IP on thislistand upon detecting changes on theirsubscribers' records,
addresses to identifythe whole site! The most a digitalcontent update theiraccess management systems automatically.
prov ider can achieve is match the incoming IPaddress to the listof
The sitehas j ustgone live but has already been enthusiastically
greeted
subscribersand make a remark ofthissomewhere on the website,
by large pub lishers such as Wiley and Camb ridge Unive rsityPress as
such as "Thisresource is prov i de d to you courtesyofHelen's
well as librarians in the hope they w ill be able to cut down on ma nua l
University".
effort
required to update every prov i der every time one oftheiron-site
Something to cons ider: networking reams rarely discuss theirwork or proxy IP addresses change.
w ith the library(no r would librarians find itinteresting). So whenev e r
institution' sexternaiiPaddress changes, the librarywould be
informed ofthe new one and the old one would be leftto function for £f€r KEY POINT
a while to avoid any disruptions.How oftendo we bother to contact IP recognition is easy to implement and is somet imes perceive d as the
allthe publishersto remove the old IP address? My experience shows key element to guarantee anonymity. Itis also a trade-offbe tween
thisis not a common practice as many subscribersget misrecognized convenience forthe libraryand convenience forthe end user.
every other day and contactour serv ice desk forhelp.
21
Key concepts
IP RECOGNIT ION
Authorisationbased on
the incoming IP address
0 0 0 0
22
23
"While itmay seem like no one is
paying attention,internetusers
are startingto realizetheirdata
has av lue. And it's a av lue that
deserves betterthan a password."
JOHN FONTANA , 2017
24
SecurityAssertion Markup Language- SAML ( sam-el) is a well• Consider the followingpictureillustrating
a similarscenario:
established an d mature open standard, designed for the best
possible use r experience with the added benefitofmaxim um
secu rity
. Praised by informationsecurityprofessionals,itpasses
selective information abou t an indivi dual w ithout ever giv i ng out
6 ScienceOired 5
user's credentials! Betteryet. one ofthe main purposes o fthis
protocolis to aid Single Sign On which takes care ofthe headache
.s:j2.. 4. I do. here's my 10. ' .s:j2..
associated with maintaining passwords. Sounds magical? Let's have a 3. Hi there, do you work lorus? - - - - A
look athow itworks.
Rob Hospital
25
Another random document with
no related content on Scribd:
—Généreux comme un voleur! dit le comte.
—Voyons, voyons, ce n’est pas répondre, repartit Max en se
levant à son tour. Veux-tu de la femme ou n’en veux-tu pas?
—Je n’en veux pas.
—Alors je la prends.
—Un instant! s’écria Henri en étendant la main; il me semble que
je suis bien quelqu’un ou quelque chose ici, et que j’ai des droits
comme un autre. Qui est-ce qui a tué le mari?
—Au fait, c’est un antécédent, dit en riant le comte.
Un gémissement se fit entendre à ce mot. Je tournai les yeux du
côté où il venait: une femme était étendue sur un lit à colonnes, les
bras et les jambes liés aux quatre supports du baldaquin. Mon
attention avait été tellement absorbée sur un seul point, que je ne
l’avais pas aperçue d’abord.
—Oui, continua Max; mais qui les a attendus au Havre? qui est
accouru ici à franc étrier pour vous avertir?
—Diable! fit le comte, voilà qui devient embarrassant, et il
faudrait être le roi Salomon en personne pour décider qui a le plus
de droits, de l’espion ou de l’assassin.
—Il faut pourtant que cela se décide, dit Max. Tu m’y as fait
penser, à cette femme, et voilà que j’en suis amoureux maintenant.
—Et moi de même, dit Henri. Ainsi, puisque tu ne t’en soucies
pas, toi, donne-la à celui de nous deux que tu voudras.
—Pour que l’autre m’aille dénoncer à la suite de quelque orgie
où, comme aujourd’hui, il ne saura plus ce qu’il fait, n’est-ce pas?
Oh! que non, messieurs. Vous êtes beaux, vous êtes jeunes, vous
êtes riches, vous avez dix minutes pour lui faire la cour. Allez, mes
don Juan.
—A la cour près, ce que tu viens de dire est une idée, répondit
Henri. Qu’elle choisisse elle-même celui qui lui conviendra le mieux.
—Allons, soit, répondit Max; mais qu’elle se dépêche. Explique-
lui cela, toi qui parles toutes les langues.
—Volontiers, dit Horace. Puis, se tournant vers la malheureuse
femme:—Milady, lui dit-il dans l’anglais le plus pur, voici deux
brigands de mes amis, tous deux de bonne famille, au reste, ce dont
on peut vous donner la preuve sur parchemin, si vous le désirez, qui,
élevés dans les principes de la secte platonique, c’est-à-dire du
partage des biens, ont commencé par manger les leurs; puis,
trouvant alors que tout était mal arrangé dans la société, ont eu la
vertueuse idée de s’embusquer sur les grandes routes où elle
passe, pour corriger ses injustices, rectifier ses erreurs et équilibrer
ses inégalités. Depuis cinq ans, à la plus grande gloire de la
philosophie et de la police, ils s’occupent religieusement de cette
mission, qui leur donne de quoi figurer de la manière la plus
honorable dans les salons de Paris, et qui les conduira, comme cela
est arrivé pour moi, à quelque bon mariage qui les dispensera de
continuer de faire les Karl Moor et les Jean Sbogar. En attendant,
comme il n’y a dans ce château que ma femme, et que je ne veux
pas la leur donner, ils vous supplient bien humblement de choisir,
entre eux deux, celui qui vous conviendra le plus; faute de quoi, ils
vous prendront tous les deux. Ai-je parlé en bon anglais, madame, et
m’avez-vous compris?...
—Oh! si vous avez quelque pitié dans le cœur, s’écria la pauvre
femme, tuez-moi! tuez-moi!
—Que répond-elle? murmura Max.
—Elle répond que c’est infâme, voilà tout, dit Horace; et j’avoue
que je suis un peu de son avis.
—Alors..... dirent ensemble Max et Henri en se levant.
—Alors, faites comme vous voudrez, répondit Horace; et il se
rassit, se versa un verre de vin de Champagne et but.
—Oh! tuez-moi donc! tuez-moi donc! s’écria de nouveau la
femme en voyant les deux jeunes gens prêts à s’avancer vers elle.
En ce moment, ce qu’il était facile de prévoir arriva: Max et Henri,
échauffés par le vin, se trouvèrent face à face, et, poussés par le
même désir, se regardèrent avec colère.
—Tu ne veux donc pas me la céder? dit Max.
—Non! répondit Henri.
—Eh bien! alors, je la prendrai.
—C’est ce qu’il faudra voir.
—Henri! Henri! dit Max en grinçant des dents, je te jure sur mon
honneur que cette femme m’appartiendra!
—Et moi, je te promets sur ma vie qu’elle sera à moi; et je tiens
plus à ma vie, je crois, que tu ne tiens à ton honneur.
Alors ils firent chacun un pas en arrière, tirèrent leurs couteaux
de chasse et revinrent l’un contre l’autre.
—Mais, par grâce, par pitié, au nom du ciel, tuez-moi donc! cria
pour la troisième fois la femme couchée.
—Qu’est-ce que vous venez de dire? s’écria Horace toujours
assis, s’adressant aux deux jeunes gens d’un ton de maître.
—J’ai dit, répondit Max en portant un coup à Henri, que ce serait
moi qui aurais cette femme.
—Et moi, reprit Henri, pressant à son tour son adversaire, j’ai dit
que ce serait non pas lui, mais moi; et je maintiens ce que j’ai dit.
—Eh bien! murmura Horace, vous en avez menti tous les deux;
vous ne l’aurez ni l’un ni l’autre.
A ces mots, il prit sur la table un pistolet, le leva lentement dans
la direction du lit et fit feu: la balle passa entre les combattans et alla
frapper la femme au cœur.
A cette vue, je jetai un cri affreux et je tombai évanouie, et aussi
morte en apparence que celle qui venait d’être frappée.
XIII.
—C’est atroce! m’écriai-je; ô mon Dieu, mon Dieu! que vous avez
dû souffrir!
—Oui. Aussi tout ce qui me resterait à vous raconter ne serait
que mon agonie: ainsi donc...
—N’importe, m’écriai-je en l’interrompant, n’importe, dites-la.
—Je lus cette lettre deux ou trois fois: je ne pouvais pas me
convaincre moi-même de sa réalité. Il y a des choses contre
lesquelles la raison se révolte: on les a devant soi, sous la main,
sous les yeux; on les regarde, on les touche, et l’on n’y croit pas.
J’allai en silence à la grille; elle était fermée; je fis deux ou trois fois
en silence le tour de mon caveau, frappant ses murs humides de
mon poing incrédule; puis je revins m’asseoir en silence dans un
angle de mon tombeau. J’étais bien enfermée; à la lueur de la lampe
je voyais bien la lettre et le poison; cependant je doutais encore; je
disais, comme on se le dit quelquefois en songe: Je dors, je vais
m’éveiller.
Je restai ainsi assise et immobile jusqu’au moment où ma lampe
se mit à pétiller. Alors une idée affreuse, qui ne m’était pas venue
jusque là, me vint tout-à-coup; c’est qu’elle allait s’éteindre. Je jetai
un cri de terreur et m’élançai vers elle: l’huile était presque épuisée.
J’allais faire dans l’obscurité mon apprentissage de la mort.
Oh! que n’aurais-je pas donné pour avoir de l’huile à verser dans
cette lampe. Si j’avais pu l’alimenter de mon sang, je me serais
ouvert les veines avec mes dents. Elle pétillait toujours; à chaque
pétillement, sa lumière était moins vive, et le cercle de ténèbres,
qu’elle avait éloigné lorsqu’elle brillait dans toute sa force, se
rapprochait graduellement de moi. J’étais près d’elle, à genoux, les
mains jointes; je ne pensais pas à prier Dieu, je la priais, elle...
Enfin elle commença de lutter contre l’obscurité, comme j’allais
bientôt moi-même commencer de lutter contre la mort. Peut-être
l’animais-je de mes propres sentimens; mais il me semblait qu’elle
se cramponnait à la vie, et qu’elle tremblait de laisser éteindre ce feu
qui était son âme. Bientôt l’agonie arriva pour elle avec toutes ses
phases: elle eut des lueurs brillantes, comme un moribond a des
retours de force; elle jeta des clartés plus lointaines qu’elle n’avait
jamais fait, comme au milieu de son délire l’esprit fiévreux voit
quelquefois au-delà des limites assignées à la vue humaine; puis la
langueur de l’épuisement leur succéda; la flamme vacilla pareille à
ce dernier souffle qui tremble aux lèvres d’un mourant; enfin elle
s’éteignit, emportant avec elle la clarté, qui est la moitié de la vie.
Je retombai dans l’angle de mon cachot. A compter de ce
moment, je ne doutai plus: car, chose étrange, c’était depuis que
j’avais cessé de voir la lettre et le poison que j’étais bien certaine
qu’ils étaient là.
Tant que j’avais vu clair, je n’avais point fait attention au silence:
dès que la lumière fut éteinte, il pesa sur mon cœur de tout le poids
de l’obscurité. Au reste, il y avait quelque chose de si funèbre et de
si profond, qu’eussé-je eu la chance d’être entendue, j’eusse hésité
peut-être à crier. Oh! c’était bien un de ces silences mortuaires qui
viennent s’asseoir pendant l’éternité sur la pierre des tombes.
Une chose bizarre, c’est que l’approche de la mort m’avait
presque fait oublier celui qui la causait: je pensais à ma situation,
j’étais absorbée dans ma terreur; mais je puis le dire, et Dieu le sait,
si je ne pensai pas à lui pardonner, je ne songeai pas non plus à le
maudire. Bientôt je commençai à souffrir de la faim.
Un temps que je ne pus calculer s’écoula, pendant lequel
probablement le jour s’était éteint et la nuit était venue: car, lorsque
le soleil reparut, un rayon, qui pénétrait par quelque gerçure du sol,
vint éclairer la base d’un pilier. Je jetai un cri de joie, comme si ce
rayon m’apportait un espoir.
Mes yeux se fixèrent sur ce rayon avec tant de persévérance,
que je finis par distinguer parfaitement tous les objets répandus sur
la surface qu’il éclairait: il y avait quelques pierres, un éclat de bois
et une touffe de mousse: en revenant toujours à la même place, il
avait fini par tirer de terre cette pauvre et débile végétation. Oh! que
n’aurais-je pas donné pour être à la place de cette pierre, de cet
éclat de bois et de cette mousse, afin de revoir le ciel encore une
fois à travers cette ride de la terre.
Je commençai à éprouver une soif ardente et à sentir mes idées
se confondre: de temps en temps des nuages sanglans passaient
devant mes yeux, et mes dents se serraient comme dans une crise
nerveuse; cependant j’avais toujours les yeux fixés sur la lumière.
Sans doute elle entrait par une ouverture bien étroite, car lorsque le
soleil cessa de l’éclairer en face, le rayon se ternit et devint à peine
visible. Cette disparition m’enleva ce qui me restait de courage: je
me tordis de rage et je sanglotai convulsivement.
Ma faim s’était changée en une douleur aiguë à l’estomac. La
bouche me brûlait; j’éprouvais le désir de mordre; je mis une tresse
de mes cheveux entre mes dents, et je la broyai. Bientôt je me sentis
prise d’une fièvre sourde, quoique mon pouls battît à peine. Je
commençai à penser au poison: alors je me mis à genoux et je
joignis les mains pour prier; mais j’avais oublié mes prières:
impossible de me rappeler autre chose que quelques phrases
entrecoupées et sans suite. Les idées les plus opposées se
heurtaient à la fois dans mon cerveau; un motif de musique de la
Gazza bourdonnait incessamment à mes oreilles; je sentais moi-
même que j’étais en proie à un commencement de délire. Je me
laissai tomber tout de mon long et la face contre terre.
Un engourdissement, produit par les émotions et la fatigue que
j’avais éprouvées, s’empara de moi: je m’assoupis, sans que le
sentiment de ma position cessât de veiller en moi. Alors commença
une série de rêves plus incohérens les uns que les autres. Ce
sommeil douloureux, loin de me rendre quelque repos, me brisa. Je
me réveillai avec une faim et une soif dévorantes: alors je pensai
une seconde fois au poison qui était là près de moi, et qui pouvait
me donner une fin douce et rapide. Malgré ma faiblesse, malgré mes
hallucinations, malgré cette fièvre sourde qui frémissait dans mes
artères, je sentais que la mort était encore loin, qu’il me faudrait
l’attendre bien des heures, et que de ces heures les plus cruelles
n’étaient point passées: alors je pris la résolution de revoir une fois
encore ce rayon de jour qui, la veille, était venu me visiter, comme
un consolateur qui se glisse dans le cachot du prisonnier. Je restai
les yeux fixés vers l’endroit où il devait paraître: cette attente et cette
préoccupation calmèrent un peu les souffrances atroces que
j’éprouvais.
Le rayon désiré parut enfin. Je le vis descendre pâle et blafard:
ce jour-là le soleil était voilé sans doute. Alors tout ce qu’il éclairait
sur la terre se représentait à moi: ces arbres ces prairies, cette eau
si belle; Paris, que je ne reverrais plus; ma mère, que j’avais quittée
pour toujours, ma mère, qui déjà peut-être avait reçu la nouvelle de
ma mort et qui pleurait sa fille vivante. A tous ces aspects et à tous
ces souvenirs, mon cœur se gonfla, j’éclatai en sanglots et je fondis
en pleurs: c’était la première fois depuis que j’étais dans ce caveau.
Peu à peu le paroxysme se calma, mes sanglots s’éteignirent, mes
larmes coulèrent silencieuses. Ma résolution était toujours prise de
m’empoisonner; cependant je souffrais moins.
Je restai, comme la veille, les yeux sur ce rayon tant qu’il brilla;
puis, comme la veille, je le vis pâlir et disparaître. Je le saluai de la
main... et je lui dis adieu de la voix, car j’étais décidée à ne pas le
revoir.
Alors je me repliai sur moi-même et me concentrai en quelque
sorte dans mes dernières et suprêmes pensées. Je n’avais pas fait
dans toute ma vie, comme jeune fille ou comme femme, une action
mauvaise: je mourais sans aucun sentiment de haine ni sans aucun
désir de vengeance: Dieu devait donc m’accueillir comme sa fille, la
terre ne pouvait me manquer que pour le ciel. C’était la seule idée
consolante qui me restât; je m’y attachai.
Bientôt il me sembla que cette idée se répandait non-seulement
en moi, mais autour de moi; je commençai d’éprouver cet
enthousiasme saint qui fait le courage des martyrs. Je me levai tout
debout et la tête vers le ciel, et il me sembla que mes yeux perçaient
la voûte, perçaient la terre et arrivaient jusqu’au trône de Dieu. En ce
moment, mes douleurs mêmes étaient comprimées par l’exaltation
religieuse; je marchai vers la pierre où était posé le poison, comme
si je voyais au milieu des ténèbres; je pris le verre, j’écoutai si je
n’entendais aucun bruit, je regardai si je ne voyais aucune lumière;
je relus en souvenir cette lettre qui me disait que depuis vingt ans
personne n’était descendu dans ce souterrain, et qu’avant vingt ans
peut-être personne n’y descendrait encore; je me convainquis bien
dans mon âme de l’impossibilité où j’étais d’échapper aux
souffrances qui me restaient à endurer, je pris le verre de poison, je
le portai à mes lèvres et je le bus, en mêlant ensemble, dans un
dernier murmure de regret et d’espérance, le nom de ma mère, que
j’allais quitter, et celui de Dieu que j’allais voir.
Puis je retombai dans l’angle de mon caveau; ma vision céleste
s’était éteinte, le voile de la mort s’étendait entre elle et moi. Les
douleurs de la faim et de la soif avaient reparu; à ces douleurs
allaient se joindre celles du poison. J’attendais avec anxiété cette
sueur de glace qui devait m’annoncer ma dernière agonie... Tout-à-
coup j’entendis mon nom; je rouvris les yeux et je vis de la lumière:
vous étiez là, debout à la grille de ma tombe!... vous, c’est-à-dire le
jour, la vie, la liberté... Je jetai un cri et je m’élançai vers vous. Vous
savez le reste.
Et maintenant, continua Pauline, je vous rappelle sur votre
honneur le serment que vous m’avez fait de ne rien révéler de ce
terrible drame tant que vivra encore un des trois principaux acteurs
qui y ont joué un rôle.
Je le lui renouvelai.
X I V.