Back to News Center

The Role of Intermediaries in ISO 18626 Networks

1. Introduction: ISO 18626 in a Consolidating Ecosystem

ISO 18626 was developed to provide a standards-based mechanism for interoperability between resource sharing systems, without prescribing a particular network topology or governance model. Its intent was to enable communication between heterogeneous systems while allowing institutions and consortia to determine how those communications are organised, governed, and evolved over time.

In recent years, however, ISO 18626 has increasingly been deployed within environments characterised by service consolidation and centralised coordination. In this context, particular architectural patterns—most notably hub-and-spoke or star topologies—are sometimes presented as the natural or even inevitable way to realise ISO 18626 in practice. These patterns are often described in terms of operational simplicity, reduced integration effort, or streamlined coordination.

This technical note argues that such architectural assumptions deserve closer scrutiny. Network topology is not a neutral implementation detail: it has direct implications for institutional agency, governance, accountability, and the long-term flexibility of resource sharing networks. When a single architectural model is presented as the way to implement a standard, important design choices risk being obscured or foreclosed.

A further concern arises from the fact that ISO 18626 deliberately removed the explicit intermediary role that existed in earlier interlibrary loan standards. While this simplification reduced protocol complexity, it also left the semantics of mediation, delegation, and coordination largely undefined. In a landscape where intermediary services are re-emerging in practice—often with significant operational and governance influence—this ambiguity is no longer merely theoretical.

The purpose of this note is therefore not to argue for or against intermediaries, but to examine the architectural consequences of different network models under ISO 18626, and to question whether hub-centric designs should be treated as defaults rather than as choices. In doing so, it seeks to re-open space for alternative topologies, including loosely coupled and mesh-based models, and to emphasise the importance of preserving institutional choice in how resource sharing networks are formed and operated.

2. From Explicit Intermediaries to Silent Assumptions

Earlier interlibrary loan standards, most notably ISO 10160 and ISO 10161, explicitly recognised the existence of intermediaries within resource sharing networks. These standards modelled mediation as a first-class concept: an intermediary could receive a request, modify or re-route it, manage state transitions, and assume defined responsibilities in relation to both requesting and supplying institutions. While this added complexity, it also made the role of mediation visible, constrained, and subject to shared interpretation.

ISO 18626 represents a deliberate departure from this approach. In simplifying the protocol and focusing on direct communication between requesting and supplying institutions, the standard removed the explicit intermediary role from its conceptual model. This decision reduced the surface area of the protocol and avoided entanglement with specific organisational or workflow assumptions. In doing so, ISO 18626 preserved architectural neutrality and enabled a wide range of interoperable implementations.

However, the removal of explicit intermediary semantics did not eliminate intermediaries from resource sharing systems in practice. Instead, it displaced them from the protocol layer into the architectural and operational layers of deployed systems. Mediation, delegation, and coordination have re-emerged through gateways, hubs, aggregation services, and shared infrastructure components that sit between ISO-capable systems while remaining largely invisible to the protocol itself.

This shift has important consequences. Where ISO 10160 and ISO 10161 constrained intermediary behaviour through shared semantics, ISO 18626 leaves such behaviour undefined. As a result, intermediaries can now exercise substantial influence over routing, policy enforcement, partner selection, and transaction handling without a common vocabulary or agreed limits on their role. The standard neither endorses nor constrains these patterns, but its silence creates space for architectural assumptions to be presented as natural extensions of the protocol.

In contemporary deployments, this ambiguity is increasingly significant. Intermediary services are often introduced as convenience layers—simplifying integration, consolidating coordination, or providing network-wide services. Yet because their role is not explicitly modeled, it can be difficult for participating institutions to distinguish between what is required by the standard, what is imposed by architecture, and what is the result of policy or commercial choice.

The risk is not that intermediaries exist, but that they exist without clear definition. When mediation is implicit rather than explicit, it becomes harder to reason about responsibility, accountability, and agency within the network. Architectural decisions that embed intermediaries as structural constants can, over time, reshape network behaviour and governance in ways that are difficult to reverse.

Understanding this historical shift—from explicit intermediary modeling to silent architectural assumptions—is essential to evaluating current proposals for ISO 18626 network design. Without such scrutiny, there is a danger that the absence of defined intermediary semantics will be interpreted not as a deliberate omission, but as a license to reintroduce centralised mediation without constraint.

3. Why the Hub Model Feels Inevitable

To understand why hub-centric architectures are increasingly presented as the default realisation of ISO 18626, it is necessary to look beyond protocol design and consider the organisational environments in which resource sharing systems are procured, deployed, and operated.

A well-established principle of system design—often summarised as Conway’s Law—observes that system architectures tend to mirror the communication structures and power relationships of the organisations that produce them. In the context of library resource sharing, this effect is amplified by the presence of consortial bodies, shared service providers, and centralised operational units that act on behalf of multiple institutions.

From an operational perspective, the appeal of the hub model is easy to understand. In a hub-and-spoke topology, each participating institution integrates with a single counterparty rather than maintaining multiple peer relationships. Coordination, routing, retries, and exception handling are centralised. From the perspective of onboarding and day-to-day operations, this can appear simpler, more predictable, and easier to manage—particularly in environments where technical capacity is uneven or constrained.

Organisational incentives further reinforce this pattern. Central service providers and coordinating bodies are naturally inclined toward architectures that maximise visibility, control, and standardisation across the network. Such architectures align well with procurement models, reporting requirements, economies of scale, and the desire to present a coherent, unified service.

These incentives are not new. Similar arguments have historically accompanied earlier waves of consolidation in library infrastructure, where centralised coordination promised efficiency, reach, and reduced local burden. In many cases, those promises were initially realised. Over time, however, the same architectures also concentrated power, narrowed choice, and made exit increasingly difficult—transforming coordination mechanisms into structural dependencies.

The risk in the present moment is not that hub-centric designs offer no benefits, but that their benefits are sufficiently familiar, and sufficiently appealing, that their long-term consequences are insufficiently examined. When architectural patterns that once appeared benign have later become sources of constraint, repeating them without renewed scrutiny risks mistaking precedent for progress.

In this sense, the growing assumption that hub-based mediation is the natural or inevitable realisation of ISO 18626 echoes earlier cycles of consolidation in the library ecosystem. The lesson from those cycles is not that coordination is undesirable, but that architectures which centralise control tend, over time, to redefine the boundaries of agency within the networks they serve.

4. What Value Does a Hub Add Between Two ISO-Capable Systems?

If two systems are capable of communicating using ISO 18626, the introduction of an intermediary raises an obvious architectural question: what additional value is created by placing a hub between them? This question is not rhetorical. It is foundational to evaluating whether hub-based designs are warranted, optional, or excessive in a given context.

At a purely technical level, ISO 18626 already provides a mechanism for request, response, and status exchange between peers. The protocol does not require a central coordinator in order to function, nor does it privilege any particular routing or aggregation strategy. From this perspective, the presence of a hub cannot be justified by protocol necessity alone.

Proponents of hub-centric architectures typically point to a range of additional functions performed by the intermediary. These may include partner discovery, request routing, retry and fallback logic, aggregation of status or statistics, enforcement of network-level policies, or mediation between heterogeneous implementations. Each of these functions can provide genuine operational benefits, particularly in large or diverse networks.

However, it is important to distinguish between coordination and intermediation. Coordination refers to mechanisms that help participants find one another, exchange capabilities, or optimise interactions while preserving the autonomy of the participating systems. Intermediation, by contrast, involves inserting a third party into the transaction path itself, with the ability to observe, modify, delay, or veto interactions between peers.

Many hub architectures conflate these two roles. Services that begin as coordination layers—facilitating discovery or simplifying onboarding—often evolve into intermediaries that actively control request flow and policy enforcement. When this happens, the hub ceases to be an optional facilitator and becomes a required participant in every transaction, regardless of whether the underlying systems are capable of interacting directly.

Shared Indexes, Discovery, and the Quiet Fixing of Topology

One of the most powerful—and least examined—drivers of hub-centric architectures is the role of shared indexes and consortial discovery systems. Historically, a significant source of friction in resource sharing lay in the interpretation of citations: librarians were required to assess often incomplete or ambiguous references, search local and remote catalogues, and determine whether a potential supplier both held and could lend a suitable item.

Shared indexes addressed this problem decisively. By aggregating holdings into a common discovery layer and allowing users to select a specific item by identifier, they dramatically reduced staff effort and improved request accuracy. From the perspective of efficiency, this represented a genuine advance.

However, the architectural consequences of this shift are rarely examined. When discovery is centralised, requesting workflows tend to become identifier-driven rather than citation-driven. Requests are no longer addressed to a peer institution in general terms, but to a specific item as represented within a shared index. In this mode, discovery and requesting become tightly coupled, and the network topology begins to resemble a star even if the underlying protocol remains peer-oriented.

This coupling has several important effects. First, it privileges sources that are visible within the shared index, while marginalising or excluding materials that are not easily aggregated—such as special collections, unique items, or resources described outside mainstream bibliographic pipelines. Second, it shifts the centre of gravity from institutional negotiation to index-mediated coordination. The question subtly changes from “who might be able to supply this?” to “which indexed node should receive this request?”

A further consequence is that identifier-centric requesting significantly constrains interactions beyond the boundary of the consortium itself. Identifiers derived from a shared index have meaning only within the context of that index. External institutions, operating outside the consortium, cannot interpret or act upon such identifiers without first integrating with the same discovery infrastructure. In practice, this makes requesting beyond the consortium difficult or impossible, even when external peers are fully capable of participating in standards-based resource sharing.

In such environments, the hub appears to add indispensable value—not because it is required by the protocol, but because it sits at the intersection of discovery, routing, and coordination. The primacy of the hub is therefore less a consequence of ISO 18626 itself than of the architectural decision to bind discovery and requesting together under a single coordinating system.

Recognising this distinction matters. Shared indexes can be powerful coordination tools without becoming transaction intermediaries, just as discovery services need not dictate network topology. When these roles are conflated, centralisation emerges not as a deliberate design choice, but as a side effect—one that quietly narrows the network’s ability to engage with the wider ecosystem.

5. Loss of Agency as an Architectural Side-Effect

When hub-centric architectures are adopted as defaults rather than as deliberate choices, their most significant impact is not technical but institutional. The introduction of a mandatory intermediary reshapes who can act, who can decide, and who can form relationships within a resource sharing network. These effects often emerge gradually, as a by-product of convenience and efficiency, rather than as the result of explicit policy decisions.

In a loosely coupled, peer-oriented network, institutions retain the ability to determine how and with whom they interact. They can choose to participate in multiple networks simultaneously, form situational or temporary coalitions, and negotiate terms directly with partners when circumstances require. ISO 18626, as a protocol, is compatible with this model: it enables communication without prescribing governance.

By contrast, hub-centric architectures tend to transform participation from a matter of relationship into a matter of membership. Access to the network becomes mediated by acceptance of a shared infrastructure, shared policies, and shared operational assumptions. Decisions about routing, eligibility, and prioritisation are increasingly made at the network level rather than by the institutions directly involved in a transaction.

This shift has several consequences. Institutions may lose the ability to reach beyond the boundaries of the consortium, even when external peers are technically capable of participating in standards-based resource sharing. Identifier-centric workflows, centralised discovery, and enforced mediation can make direct engagement impractical or impossible, effectively redefining the network’s horizon of cooperation.

Agency is also diminished in more subtle ways. When a hub mediates all transactions, institutions no longer exercise full control over how their policies are interpreted or applied in practice. Local exceptions, contextual judgement, and negotiated agreements give way to standardised handling designed to serve the network as a whole. While such standardisation can improve throughput, it also reduces the space for institutional discretion.

Over time, these effects accumulate. What begins as a coordination convenience becomes an architectural constraint. The ability to experiment with new partnerships, adopt alternative workflows, or respond flexibly to novel resource-sharing scenarios is constrained not by the protocol, but by the topology of the network itself. Exiting or bypassing the hub becomes costly, both technically and organisationally.

The critical point is that this loss of agency is rarely framed as a trade-off. It is seldom presented as a conscious exchange of autonomy for efficiency. Instead, it emerges indirectly, as institutions adapt their practices to fit the assumptions embedded in the architecture they are given. Once established, these assumptions can be difficult to challenge, because they are perceived as properties of the standard rather than of a particular implementation.

Recognising loss of agency as an architectural side-effect rather than an operational inconvenience is essential. Without this recognition, network designs risk narrowing the scope of cooperation precisely at a time when libraries face increasing pressure to collaborate across institutional, consortial, and national boundaries.

6. The ORS-Appliance Directory Model: Enabling Topology Without Enforcing It

The preceding sections have focused on how particular architectural choices can narrow agency and fix network topology by default. This section turns to a constructive alternative: an approach that enables coordination at scale without requiring intermediation to become structurally mandatory.

At the centre of this approach is the directory—not as a simple list of endpoints, but as a shared, evolving description of who participates, under what conditions, and in what roles. In the ORS-Appliance model, the directory is the primary mechanism for coordination, while transaction execution remains at the edge between participating systems.

This distinction matters. By separating coordination from intermediation, the directory allows institutions to discover peers, understand their capabilities, and evaluate policy compatibility without surrendering control of individual transactions. Participation in a network does not require routing all requests through a single intermediary, nor does it preclude doing so where that is appropriate.

Consortia as Certificate

Within this model, consortial membership functions less as a structural boundary and more as a contextual attribute—a badge or certificate that accompanies a request rather than a gateway that constrains it. An institution can signal that a request is made under the terms of a particular consortium, allowing the receiving institution to apply the relevant policies, expectations, or trust assumptions.

In this sense, consortia act as policy frameworks, not as exclusive transport layers. An institution might participate in multiple consortia simultaneously, selecting which context applies on a per-request basis. This reflects how many consortia already operate in practice, supporting a range of shared services beyond resource sharing alone, including reciprocal access and shared identity arrangements.

Identity as a First-Class Resource Sharing Service

Modern resource sharing increasingly depends on identity as much as on discovery. Shared indexes reduce friction in locating materials, whereas identity services reduce friction in trusting transactions—establishing who a requester is, what they are entitled to do, and under what conditions a request should be honoured. With the location of materials being separated out into its own category. 

Treating identity as a first-class service allows networks to support interactions that go beyond traditional interlibrary loan, including reciprocal access, digital delivery, and emerging lending models. Crucially, it also allows identity to be asserted and verified without requiring a single authoritative intermediary. Identity claims can be contextual, federated, and scoped to particular interactions, rather than embedded permanently in a central system.

Supporting Multiple Topologies Deliberately

The ORS-Appliance directory does not mandate a mesh topology, nor does it prohibit hub-based coordination. Instead, it makes topology a choice. Institutions can elect to participate in tightly coordinated, high-volume networks where mediation is appropriate, while retaining the ability to form looser peer-to-peer relationships for specialised or exceptional cases.

Automation plays an important role here. Intermediary behaviour can be implemented as an explicit, declared automation—handling certain classes of requests on behalf of institutions under agreed conditions—without becoming an unavoidable structural feature of the network. This allows intermediation to be applied where it adds value, and avoided where it does not.

7. Explicit Intermediary Roles, Identity, and Automation

As resource sharing expands beyond traditional print lending into areas such as controlled digital lending (CDL), electronic delivery, and cross-institutional access to licensed or restricted materials, questions of identity, trust, and non-repudiation become increasingly central. In these contexts, the identity of the borrower and the authority of the supplier must often be established in ways that are verifiable, auditable, and resistant to misuse.

This has important architectural implications. Cryptographic identity assertions, whether expressed through certificates, signed tokens, or verifiable credentials, rely on clearly defined trust relationships. Introducing an intermediary into such exchanges complicates these relationships, particularly where that intermediary is able to observe, modify, or replay assertions. As protections for privacy and intellectual property become stronger, the role of any “man in the middle” demands tighter scrutiny than has traditionally been applied in interlibrary loan systems.

Identity as a Signed Relationship, Not an Implied One

In a directory-driven model, institutional and consortial relationships can be made explicit rather than assumed. Membership of a consortium can be represented as a signed assertion: the institution asserts its membership, and the consortium attests to it. This certificate-like relationship can then accompany a request as verifiable context, allowing the receiving institution to determine which policies, trust assumptions, or lending conditions apply.

Such a model opens the possibility of virtual consortia—networks defined by shared purpose, discipline, or policy rather than by geography or administrative structure. By treating identity and affiliation as cryptographically verifiable context rather than architectural constraints, such networks become feasible without requiring a central coordinating organisation to sit in the transaction path.

Intermediaries as Declared Roles

None of this precludes the use of intermediaries where they add value. What changes is how that value is expressed. Rather than embedding intermediation permanently into the network topology, intermediary behaviour can be modelled as an explicit role, operating under declared conditions and for defined classes of requests.

Automation plays a critical role here. Many of the functions historically associated with intermediaries—such as request brokering, policy evaluation, or workflow optimisation—can be implemented as automations that act on behalf of institutions, rather than as mandatory transaction brokers. These automations can be selectively enabled, audited, and withdrawn, allowing networks to adapt over time without re-architecting their core communication patterns.

Shared Indexes as Coordination Services, Not Gatekeepers

It is important to note that this model does not reject shared indexes or consortial discovery services. Such systems continue to provide substantial value in reducing search effort and improving request quality. The concern arises only when discovery infrastructure becomes the exclusive gateway to resource sharing, binding identity, routing, and eligibility to a single architectural locus.

By decoupling discovery from intermediation, shared indexes can remain powerful coordination tools without dictating network topology or constraining outward interoperability. Institutions can benefit from aggregated discovery while preserving the ability to engage with partners beyond the index boundary, using standards-based protocols and verifiable identity assertions.

8. Architectural Principles for ISO 18626 Networks in 2026

The preceding sections have examined how intermediary roles, discovery infrastructure, and organisational incentives interact in contemporary ISO 18626 deployments. This section distils those observations into a set of architectural principles intended to guide future implementations.

8.1 Explicit Automation as a Response to the Loss of a Shared State Model

The transition from ISO 10160/10161 to ISO 18626 involved the deliberate removal of an explicit, shared state model. This significantly lowered the barrier to entry for implementers and increased flexibility, but it also shifted responsibility for state management and workflow coordination out of the protocol and into implementations.

In the absence of a shared state model, coordination must be made explicit elsewhere. Automation provides a principled way to do this. Where automation is absent or implicit, systems risk becoming silently profiled—supporting only a narrow set of bilateral interactions shaped by a single dominant counterparty. This risk is particularly acute where requests consist solely of identifiers meaningful only within a shared infrastructure.

8.2 Discovery and Identification Must Not Define the Boundary of Cooperation

Shared indexes and identifier-based requesting have delivered substantial efficiency gains. However, when identifiers known only within a consortium become the primary means of requesting, the boundary of discoverability becomes the boundary of cooperation.

8.3 Intermediation Must Be Optional, Scoped, and Reversible

Intermediaries are not inherently problematic. What matters is whether intermediation is optional, applied selectively, and reversible rather than structural.

8.4 Identity Is a First-Class Coordination Concern

Modern resource sharing increasingly depends on identity. Identity should therefore be treated as a first-class coordination concern, not an implicit property of infrastructure.

8.5 Consortia Need Not Be Spatial or Singular

Increasingly, coordination challenges are thematic, disciplinary, or policy-driven rather than spatial. Architectures should support overlapping, non-spatial consortia without forcing institutions into a single network topology.

8.6 Topology Must Remain a Choice

Mesh, hub, and hybrid models all have legitimate roles to play, but none should be treated as the default or inevitable outcome of adopting ISO 18626.

9. Conclusion: Architecture Is Destiny—Choose Carefully

ISO 18626 was designed to enable interoperability without prescribing how cooperation should be organised. That restraint remains one of its strengths. Yet in an environment shaped by consolidation, shared infrastructure, and growing demands for coordination, architectural choices made around the standard increasingly determine who can participate, how networks evolve, and where authority ultimately resides.

The challenge for 2026 is therefore not to reject hubs, intermediaries, or shared services, but to make their roles explicit, optional, and accountable. Coordination should be enabled without becoming coercive; automation should formalise behaviour without fixing topology; identity should be asserted end-to-end rather than assumed by infrastructure.

Architecture is destiny in distributed systems. Choosing it deliberately—rather than inheriting it by assumption—is the responsibility of everyone designing the next generation of resource sharing networks.