ACS CAP IT Security team
January 24, 2011
Attendees: James King (chair) and Jonathan Morgan (ACS)
The entire group was not able to attend so Jonathan Morgan and James King met by phone to discuss the committee charge.
Jonathan noted that he has access to information and best practices for access and authentication into the ACS network so when we're ready for that part of the report, he'll be able to help with that. We agreed that we'd have the team start without a knowledge of what ACS is already doing so that we're not influenced or limited in our research. Jonathan may also be able to help provide best practices that he knows from other publishers.
We discussed the overall charge and agreed that we will focus on authentication (verifying who the user is) and access (what they have rights to), including monitoring for abuse.
Regarding access, Jonathan suggested that we may want to look at ResearcherID (http://www.researcherid.com) and ORCID (http://www.orcid.org) as a possible authentication model. We also found this article in C&EN that discusses identity:
http://pubs.acs.org/cen/science/88/8821sci2.html
James suggested that one very probable disruptive change to authentication and access will be mobile computing. ACS and NIH are both struggling with answers to this since it breaks the long-standing IP-based access model.
We agreed that we need to come up with a list of publishers to approach and details of what we should gather from them.
