Is the way #library #systems #authenticate users a #privacy #disaster? (#SIP2)

I am thinking specifically of where libraries use SIP2, a standard developed by 3M which dates back nearly two decades

If you work in a library and are concerned about protecting the privacy of your users, ask yourself:

          Do we use SIP2 for authentication of external services

          If so, is it encrypted

          And if it is encrypted, how is it encrypted

As information professionals I think it is important that we are aware of the limits of our knowledge and expertise. Indeed, CILIP’s code of professional practice for library and information professionals (October 2012) says that information professionals should “Claim expertise in areas of library and information work or in other disciplines only where their skills and knowledge are adequate“.

How many of us can claim to be IT specialists? So shouldn’t we steer clear of worrying about standards used in integrated library systems if we don’t have the requisite expertise? Well, there’s a difference between claiming to be an IT expert and asking important questions of those within our own organisations and within the external vendors that we use who should know and who do have the requisite knowledge. If we don’t ask questions about how our library systems work we are potentially -and unnecessarily – putting the privacy of our users at risk. And it is for this reason that I wanted to write this blog post.

My intention is not to identify all of the institutions who are doing things poorly. On the contrary, my aim is to try and understand what would represent good practice; and to highlight why it is important, and doing so by raising awareness of the issues and risks of not adopting that best practice.

Marshall Breeding says that “SIP2 is inherently an insecure protocol, and with very few exceptions, typically is not operated in a secure fashion. However, these services can be secured with the addition of a VPN or SSH tunnel to the service endpoints” Source: Smart Libraries Newsletter, v35 n1 January 2015.

So, the message is that yes there’s a problem, but that there is also a solution.

Standard interchange protocol (SIP2) is acknowledged by a number of practitioners as being a privacy disaster. This is what most external systems (such as self-serve units, journals databases, ebook platforms) use to communicate with library databases.

SIP2 is completely plain-text and can’t be encrypted per-se. It is, in effect, the same as if all the communications/traffic were running over http with no encryption.

Originally developed by 3M in the late 1990’s to support connection of their self-check systems to library backends

Typically a SIP2 responder is connected using basic sockets, sending and receiving fixed width text messages with control character prefixes and suffixes

SIP2 was never intended to be a web backend

Communication between the integrated library system ILS) and other applications is widely unprotected with the SIP2 standard

SIP2 does allow for encryption between host and client BUT

          It is up to the ILS vendor to provide this capability

          It is then up to individual libraries to implement this capability

What some vendors do is to run SIP2 through a stunnel (

In order to encrypt the traffic, consider sending all your requests from the web server to the SIP2 server through an SSH or VPN tunnel

I don’t claim to be an expert in this field, my main interest in the topic is to understand how the privacy of library users is protected.  So if I have misunderstood the issues involved, please do tell me.