[Esip-preserve] Fwd: researcher identification and authorization

Wilson, Bruce E. wilsonbe at ornl.gov
Sat Jul 11 19:52:59 EDT 2009 

Relevant to the provenance discussion.  

I'm wondering whether we should connect with the group that has  
started to organize itself at http://www.gen2phen.org/groups/researcher-identification 
  - there ought to be lots of room for future synergy and shared needs.

============================================================
Bruce E. Wilson (wilsonbe at ornl.gov) 
Environmental Sciences Division 
Oak Ridge National Laboratory 
(office) +1-865-574-6651


Resent-From: public-semweb-lifesci at w3.org
From: "Gudmundur A. Thorisson" <gthorisson at gmail.com>
Date: July 5, 2009 6:13:29 AM EDT
To: Helena Deus <helenadeus at gmail.com>
Cc: marshall at science.uva.nl, shared-names at googlegroups.com, Jonathan  
Rees <jar at creativecommons.org>, Tim Clark <tim_clark at harvard.edu>, W3C  
HCLSIG hcls <public-semweb-lifesci at w3.org>
Subject: Re: Dr. Bunsen's URI and knowledge sharing

Hi all. Our group has done some work to explore the issues surrounding  
online identity for researchers, originally from perspective of  
controlling access to sensitive biomedical data. Some months ago we  
put up a website which may be useful to the discussion, with a primer  
(intended for a non-tech audience) and a collection of background  
materials in the wiki section:

  http://www.gen2phen.org/groups/researcher-identification

Apart from setting up this site as an information resource and  
discussion forum (feel free to join the group!), we recently organized  
a workshop held last May, with attendees from CrossRef, Thomson- 
Reuters, Elsevier and others, including Barend Mons (from WikiPeople,  
which Scott mentioned). Presenter slides from the workshop are  
available here (minutes not yet compiled, apologies):

  http://www.gen2phen.org/event/irbw2009-workshop-may-13-14-toronto

Also, if I may throw in a couple of comments. Firstly, to add to what  
Lena said, OAuth is emerging as a delegated authorization protocol  
supported by many big Web 2.0 players (see e.g. ). OAuth combined  
with  OpenID (http://openid.net) for authentication is sort of like an  
open-source version of Facebook Connect, for single sign-on. OpenID as  
an auth technology may be a 'sweet spot' , i.e. 'secure enough' for  
many practical purposes and extensible, while still being relatively  
easy to use (compared to 'heavyweight' Grid security solutions). The  
technology has support from large swaths of the Web 2.0 social web  -  
Google, Facebook, Yahoo and other major players back it - and there's  
now tens of thousands OpenID-enabled sites, including our own (see [2]  
for more on this).
For this reason, we feel that piggy-backing on this technology for  
scientific application will be key to wide user adoption. Examples of  
existing or upcoming use of OpenID in the scientific domain include  
the International Cancer Genome Consortium which will use OpenID for  
controlled-access data, and MyExperiment.org. We ourselves have  
several smaller pilot projects in the pipeline where OpenID and  
friends will be leveraged in a similar way.

Secondly, whether an OpenID or some other identifier (URI or  
otherwise) is the actual 'person identifier' used in e.g. SemWeb  
documents is an open question (e.g. see discussion here: http://ff.im/GbM8 
  and ref [3]). But for scientists, CrossRef's upcoming CrossReg  
contributor ID service would seem to meet Scott's definition of  
"authoritative and neutral source" (they already run the DOI system),  
and looks poised to become at some stage the primary source of long- 
term, stable identifiers, at least in the context of scholarly  
literature and authorship-related domains.

Hope this was helpful. Best regards,


		Mummi, Leicester

[1] http://www.readwriteweb.com/archives/google_plaxo_openid_oauth_usability.php
[2] http://www.gen2phen.org/researcher-identification-primer/openid-common-authentication-system
[3] Bourne PE, Fink JL (2008) I Am Not a Scientist, I Am a Number.  
PLoS Comput Biol 4(12): e1000247. http://dx.doi.org/doi:10.1371/journal.pcbi.1000247

-----------------------------------------------------------
Gudmundur A. Thorisson, Brookes lab
Department of Genetics
University of Leicester
University Road
Leicester, LE1 7RH, UK
Tel: +44 (0)116 229 7273

On 3 Jul 2009, at 18:38, Helena Deus wrote:

> Hi Scott,
>
> Well said!!
> Regardless of how we chose to identify ourselves, either using a  
> Wikipeople profile, a purl, or a university url to identify both  
> ourselves and our credibility bound to the institution where we  
> work, I agree it will be extremely important to chose the  
> authentication authority wisely.
> The current web 2.0 approach seems to be forcing the users to create  
> a new account everywhere where they want have access to tools or  
> data. But we can already see some web applications, such as  
> sourceforge or google, that delegate the authentication to other  
> authorities - a protocol that describes how such interaction between  
> applications could occur has indeed been proposed, called OAuth (http://oauth.net/ 
> ).
> Web applications using OAuth, instead of asking the user to create a  
> new account by inputting a password, redirects the user to a trusted  
> website, for example google or paypal, and that is where the  
> authentication happens. Once the user is authenticated, google or  
> paypal send the user back to the web application where  
> authentication was required, along  with some token that can be  
> verified with google, which indicates that the user has or has not  
> been authenticated.
>
> Lena
>
>
> On Fri, Jul 3, 2009 at 12:09 PM, M. Scott Marshall <marshall at science.uva.nl 
> > wrote:
> Jonathan Rees wrote:
> > Thanks to Kaitlin Thaney for the following.
> >
> > http://www.flickr.com/photos/kaythaney/3592177513/
>
> Jonathan's post reminds me of an issue that is important to  
> knowledge sharing and has been on my mind lately: Scientists are  
> often just as concerned about *who* said something as they are about  
> *what* was said. The need to unequivocally identify a person is a  
> requirement that comes about when we share knowledge because we need  
> to know who has provided an assertion, and often, under what  
> circumstances (i.e. with what evidence, measurements, etc.). Such  
> 'knowledge provenance' is becoming increasingly important because  
> systems are being developed that would make use of both manually  
> curated facts and those computationally generated or 'mined'. This  
> has been coming up in many different groups and events, including  
> the HCLS Scientific Discourse and BioRDF task forces, myExperiment,  
> HypER http://hyp-er.wik.is/ , and likely Sage[1]. Apparently, this  
> topic also came up at the International Repositories Infrastructure  
> Workshop where Jonathan was present[0].
>
> The similarity between the requirements for shared names, in  
> general, and 'people identifiers', in particular, is readily  
> apparent: we would like unambiguous and permanent URI's to be  
> provided from an authoritative and neutral source. I don't know  
> about you but if Shared Names offered people identifiers, it would  
> be my preferred approach. However, Shared Names has limited the  
> scope to GO dbx records for the moment.
>
> Are there alternatives to the DIY do-it-yourself approach for those  
> who need people identifiers *today*? The only thing that I can think  
> of is WikiPeople[2] (which could create an awkward situation if  
> someone else with the name Michael Scott Marshall creates a page,  
> who wants to be M. Scott Marshall 2?). Oh wait, there's more at a  
> Crossref blog [3], although I don't think that sharing hypothetical  
> information with other scientists shouldn't require you to have an  
> 'author number'.
>
> One thing that I like about WikiPeople is that it puts identity in  
> the hands of the owners of the identity. Unfortunately, I think that  
> a code is required instead of a name to truly scale. Also, I suppose  
> that the most surefire way to ensure that an identity system doesn't  
> get messy is to require authentication e.g. a certificate from a  
> Certificate Authority that has high requirements for authentication  
> such as presenting a passport. Such levels of authentication are  
> currently required for European and Dutch grid certificates  
> (finally, a use for such seemingly exaggerated grid-burocracy!).
>
> -Scott
>
> [0]
> http://maurice.vanderfeesten.name/blog/2009/03/20/international-repositories-infrastructure-workshop-persistent-identifiers/
> [1] http://blogs.bbsrc.ac.uk/index.php/2009/05/sage-has-its-time-a-large-scale-open-access-resource-for-systems-biologists/
> [2] http://proteins.wikiprofessional.org/index.php?title=%20WikiPeople&action=edit
> [3] http://www.crossref.org/crweblog/2009/04/the_buzz_around_people_identif.html
>
> -- 
> M. Scott Marshall  (still have to get a PURL ;) )
> http://staff.science.uva.nl/~marshall
> http://adaptivedisclosure.org
>
>
>
>









-- 
===========================================================
: Hilmar Lapp  -:-  Durham, NC  -:- hlapp at duke dot edu :
===========================================================




_______________________________________________
vdc-twg mailing list
vdc-twg at ecoinformatics.org
http://mercury.nceas.ucsb.edu/ecoinformatics/mailman/listinfo/vdc-twg

More information about the Esip-preserve mailing list