130 likes | 220 Views
Exploring Access to External Content Providers with Digital Certificates. University of Chicago Team Charles Blair James Mouw. The University of Chicago Team. Charles Blair Co-Director, Digital Library Development Center chas@uchicago.edu 773 702-8459 James Mouw
E N D
Exploring Access to External Content Providers with Digital Certificates University of Chicago Team Charles Blair James Mouw
The University of Chicago Team • Charles Blair • Co-Director, Digital Library Development Center • chas@uchicago.edu • 773 702-8459 • James Mouw • Acquisitions Librarian and Electronic Resources Officer • mouw@midway.uchicago.edu • 773 702-8732
Database management • · How are you managing the databases for your community members? • · What hardware/software systems do you have in place for managing identification and authorization? • The campus is in the process of building the infrastructure to support a single point of management for identification and authorization.
Database Management (cont) • If you are already issuing certificates, what attributes are you storing about the identity of the individuals receiving certificates? • · If you don’t issue certificates, how do you manage access to electronic resources? • We do not issue certificates. Our current primary mode of access is via IP authentication. In a small number of cases we have written scripts to provide userid/password on the fly.
Database Management (cont) • · Has the institution implemented an organization wide directory/repository/database? • Not for user authentication. The campus has implemented a CNet ID.
Database Management (cont) • · What classification(s) are identified and maintained for individual members? • There are three primary feeds: academic appointment (provost), student (registrar), staff (Univ Human Resources). The situation is complicated by the Hospital/Clinical appointments and Research Appointments.
Database Management (cont) • How do your systems manage authorization subsets, such as access to resources, and library privileges? • The Chicago Card centralizes much of this information. • · Who manages your database/directory/repository? • Campus networking services
Database Management (cont) • How many databases/directories/repositories do you have on campus? • · What types of directory implementations are you using on your campus? (examples: LDAP, ph, x.500, Novell, Active Directory, others) • at least two, one of which is PH.
Current linked applications • What current applications do you have linked into your data base/directory/repository, if any? Examples might include: • Remote access authentication and authorization for library users, • Remote access authentication and authorization generally, email services, telephone directories, account/billing, others • email services linked to PH
Initial uses for certificates • What are some of your planned initial uses for certificates, such as • remote access for: • · campus network services • · remote content services • we might like to pilot the use of certificates for use with remote content services, but need to understand more about the benefits and costs (user and implementation).
State of PKI deployment • · What is your institution's current state of PKI certificate deployment? Which groups, departments, colleges? • · What vendor or local software system are you using, or planning on using for your certificate authority, including version number? (Examples: IPlanet Certificate Management System 4.2, Open CA, CDSA, VeriSign, DST, Entrust, Baltimore, others) • · What hardware is being used or planned? (Examples: Sun Solaris, Dell Windows 2000, others) • no activity at present
Content providers • Who are the content providers most widely used by members of your institution? How do you currently ensure secure access to these resources? What is working well? What could be better? • We provide content from virtually all of the major providers. Our normal mode of authentication is IP address, with ability for remote users to come in through a proxy server. This is working well, although keeping the proxy server list is sync with current content availability is a pain.
Readiness to set up certificates • How ready are you to set up and provide campus-issued certificates to a select group of 200 faculty/staff? What are your next steps, if you know them? • This would require discussion with campus networking services and would depend on other current campus projects and priorities