1 / 13

Exploring Access to External Content Providers with Digital Certificates

Exploring Access to External Content Providers with Digital Certificates. University of Chicago Team Charles Blair James Mouw. The University of Chicago Team. Charles Blair Co-Director, Digital Library Development Center chas@uchicago.edu 773 702-8459 James Mouw

adamma
Download Presentation

Exploring Access to External Content Providers with Digital Certificates

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Exploring Access to External Content Providers with Digital Certificates University of Chicago Team Charles Blair James Mouw

  2. The University of Chicago Team • Charles Blair • Co-Director, Digital Library Development Center • chas@uchicago.edu • 773 702-8459 • James Mouw • Acquisitions Librarian and Electronic Resources Officer • mouw@midway.uchicago.edu • 773 702-8732

  3. Database management • · How are you managing the databases for your community members? • · What hardware/software systems do you have in place for managing identification and authorization? • The campus is in the process of building the infrastructure to support a single point of management for identification and authorization.

  4. Database Management (cont) • If you are already issuing certificates, what attributes are you storing about the identity of the individuals receiving certificates? • · If you don’t issue certificates, how do you manage access to electronic resources? • We do not issue certificates. Our current primary mode of access is via IP authentication. In a small number of cases we have written scripts to provide userid/password on the fly.

  5. Database Management (cont) • · Has the institution implemented an organization wide directory/repository/database? • Not for user authentication. The campus has implemented a CNet ID.

  6. Database Management (cont) • · What classification(s) are identified and maintained for individual members? • There are three primary feeds: academic appointment (provost), student (registrar), staff (Univ Human Resources). The situation is complicated by the Hospital/Clinical appointments and Research Appointments.

  7. Database Management (cont) • How do your systems manage authorization subsets, such as access to resources, and library privileges? • The Chicago Card centralizes much of this information. • · Who manages your database/directory/repository? • Campus networking services

  8. Database Management (cont) • How many databases/directories/repositories do you have on campus? • · What types of directory implementations are you using on your campus? (examples:  LDAP, ph, x.500, Novell, Active Directory, others) • at least two, one of which is PH.

  9. Current linked applications • What current applications do you have linked into your data base/directory/repository, if any? Examples might include: • Remote access authentication and authorization for library users, • Remote access authentication and authorization generally, email services, telephone directories, account/billing, others • email services linked to PH

  10. Initial uses for certificates • What are some of your planned initial uses for certificates, such as • remote access for: • · campus network services • · remote content services • we might like to pilot the use of certificates for use with remote content services, but need to understand more about the benefits and costs (user and implementation).

  11. State of PKI deployment • · What is your institution's current state of PKI certificate deployment? Which groups, departments, colleges? • · What vendor or local software system are you using, or planning on using for your certificate authority, including version number? (Examples: IPlanet Certificate Management System 4.2, Open CA, CDSA, VeriSign, DST, Entrust, Baltimore, others) • · What hardware is being used or planned?  (Examples: Sun Solaris, Dell Windows 2000, others) • no activity at present

  12. Content providers • Who are the content providers most widely used by members of your institution? How do you currently ensure secure access to these resources? What is working well? What could be better? • We provide content from virtually all of the major providers. Our normal mode of authentication is IP address, with ability for remote users to come in through a proxy server. This is working well, although keeping the proxy server list is sync with current content availability is a pain.

  13. Readiness to set up certificates • How ready are you to set up and provide campus-issued certificates to a select group of 200 faculty/staff? What are your next steps, if you know them? • This would require discussion with campus networking services and would depend on other current campus projects and priorities

More Related