Exploring Access to External Content Providers with Digital Certificates University of Chicago Team Charles Blair James Mouw.

Slides:



Advertisements
Similar presentations
Digital Certificate Operation in a Complex Environment Matthew J. Dovey Oxford University Computing Services.
Advertisements

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.
ELAG Trondheim Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.
The University of Illinois at Urbana-Champaign. The Team Ed Krol – Asst Dir. Computing & Communications Bill Mischo – Engineering Librarian Mike Grady.
NELLI, The Finnish National Electronic Library Interface Ari Rouvari ELAG 2004 Trondheim.
Princeton University The Cast Dan Oberst, Director of OIT Enterprise Services…………Big Hat: No Cattle Donna Tatro, Manager of Collaboration Services………….Makes.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
CREN-Mellon conference, December 1, 2001 University of Texas PKI Status.
Technical Framework Charl Roberts University of the Witwatersrand Source: Repositories Support Project (JISC)
CNI Fall 1998 Access Management Requirements and Approaches Joan Gargano California Digital Library
UCB Enterprise Directory Services. Directory Services – Project History  Requirements defined  Project commission & goals articulated  Project teams.
The PKI Lab at Dartmouth. Dartmouth PKI Lab R&D to make PKI a practical component of a campus network Multi-campus collaboration sponsored by the Mellon.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
Understanding Active Directory
UC Irvine’s Pre-Shib Attribute Setup PH / QI Directory Provides Authoritative Attribute Store –Had both Faculty / Staff and Student Information UCI’s Campus.
Abdelilah Essiari Gary Hoo Keith Jackson William Johnston Srilekha Mudumbai Mary Thompson Akenti - Certificate-based Access Control for Widely Distributed.
Infrastructure Mark Rosenberg UCCSC. UCCSC – August 9, 2005 What is LBNL? A Department of Energy National Laboratory, operated by the University.
University of California, Davis1 Draft Wireless Network Policy Administrative Computing Coordinating Council September 10, 2001.
June 1, 2001 Enterprise Directory Service at College Park David Henry Office of Information Technology University of Maryland College Park
UCB Enterprise Directory Services. Directory Services – Project History  Requirements defined  Project commission & goals articulated  Project teams.
Filling the Gap Between Vendor & User Practice Denise Troll Covey Associate University Librarian, Carnegie Mellon DLF Forum, November 2002.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
Deploying a Certification Authority for Networks Security Prof. Dr. VICTOR-VALERIU PATRICIU Cdor.Prof. Dr. AUREL SERB Computer Engineering Department Military.
Unified Student-Centric Authentication and Authorization Nathan Wilder Special Assistant - Technology Office of the CIO.
F. Guilleux, O. Salaün - CRU Middleware activities in French Higher Education.
ID Management in University ID Management in University Kenzi Watanabe Saga University, Japan
Gary Brown, Senior Systems Developer, Portal Development Team Identity Management Toolkit a JISC sponsored project.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
Deploying PKI Inside Microsoft The experience of Microsoft in deploying its own corporate PKI Published: December 2003.
Chapter 9: Novell NetWare
Portal Strategies and Issues at Georgetown Common Solutions Group Winter Meeting Duke University January 10, 2001.
Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.
E-Business Activities at the University of California, Berkeley Barbara H. Morgan Director, Strategic Technology Planning Common Solutions Group Tucson,
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.
Identity in the Virtual World: Creating Virtual Certainty David L. Wasley Information Resources & Communications UC Office of the President.
Dartmouth PKI Update Robert Brentrup Internet2 Member Meeting April 21, 2004.
Frank Grewe Office of Information Technology University of Minnesota.
PKI Activities at Virginia September 2000 Jim Jokl
Update on PKI Activities in the Spanish Academic Network PKI-COORD November 26, Amsterdam.
John Douglass, Developer Ron Hutchins, Dir. Engineering Herbert Baines, Dir. InfoSec.
/ 8 FEIDHE Electronic Identification in Finnish Higher Education Janne Kanner FEIDHE Electronic Identification in Finnish Higher Education.
Microsoft Virtual Academy Preparing for the Windows 8.1 MCSA Module 5: Managing Devices & Resource Access.
2003 © SWITCH Authentication and Authorisation Infrastructure - AAI Christoph Graf Project Leader AAI SWITCH.
Development of the West Virginia University Electronic Theses & Dissertations System Presented By Haritha Garapati at ETD the 7 th International.
Copyright Statement Copyright Robert J. Brentrup This work is the intellectual property of the author. Permission is granted for this material to.
Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.
Jakob Gadegaard Bendixen, Shibboleth protected proxy servers a case study from the Danish library sector.
Certificate-based Authentication to JSTOR Spencer W. Thomas Dec 1, 2001.
Shibboleth at USMAI David Kennedy Spring 2006 Internet2 Member Meeting, April 24-26, 2006 – Arlington, VA.
Shibboleth for Middle Schools James Burger -
Building Preservation Environments with Data Grid Technology Reagan W. Moore Presenter: Praveen Namburi.
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
Virtual Directory Services and Directory Synchronization May 13 th, 2008 Bill Claycomb Computer Systems Analyst Infrastructure Computing Systems Department.
Digital Certificates Presented by: Matt Weaver. What is a digital certificate? Trusted ID cards in electronic format that bind to a public key; ex. Drivers.
Information Technology Proprietary and Confidential © Copyright 2007 – Peralta Community College District.
Stop Those Prying Eyes Getting to Your Data
Contents Software components All users in one location:
Federated Identity Management at Virginia Tech
IS4550 Security Policies and Implementation
Unit 27: Network Operating Systems
Dartmouth College Status Report
INFORMATION TECHNOLOGY NEW USER ORIENTATION
INFORMATION TECHNOLOGY NEW USER ORIENTATION
Install AD Certificate Services
Presentation transcript:

Exploring Access to External Content Providers with Digital Certificates University of Chicago Team Charles Blair James Mouw

The University of Chicago Team Charles Blair –Co-Director, Digital Library Development Center – James Mouw –Acquisitions Librarian and Electronic Resources Officer –

Database management  How are you managing the databases for your community members?  What hardware/software systems do you have in place for managing identification and authorization? –The campus is in the process of building the infrastructure to support a single point of management for identification and authorization.

Database Management (cont) If you are already issuing certificates, what attributes are you storing about the identity of the individuals receiving certificates? –  If you don’t issue certificates, how do you manage access to electronic resources? –We do not issue certificates. Our current primary mode of access is via IP authentication. In a small number of cases we have written scripts to provide userid/password on the fly.

Database Management (cont)  Has the institution implemented an organization wide directory/repository/database? –Not for user authentication. The campus has implemented a CNet ID.

Database Management (cont)  What classification(s) are identified and maintained for individual members? –There are three primary feeds: academic appointment (provost), student (registrar), staff (Univ Human Resources). The situation is complicated by the Hospital/Clinical appointments and Research Appointments.

Database Management (cont) How do your systems manage authorization subsets, such as access to resources, and library privileges? –The Chicago Card centralizes much of this information.  Who manages your database/directory/repository? –Campus networking services

Database Management (cont) How many databases/directories/repositories do you have on campus? –  What types of directory implementations are you using on your campus? (examples: LDAP, ph, x.500, Novell, Active Directory, others) at least two, one of which is PH.

Current linked applications What current applications do you have linked into your data base/directory/repository, if any? Examples might include:  Remote access authentication and authorization for library users,  Remote access authentication and authorization generally, services, telephone directories, account/billing, others  services linked to PH

Initial uses for certificates What are some of your planned initial uses for certificates, such as remote access for:  campus network services  remote content services –we might like to pilot the use of certificates for use with remote content services, but need to understand more about the benefits and costs (user and implementation).

State of PKI deployment  What is your institution's current state of PKI certificate deployment? Which groups, departments, colleges?  What vendor or local software system are you using, or planning on using for your certificate authority, including version number? (Examples: IPlanet Certificate Management System 4.2, Open CA, CDSA, VeriSign, DST, Entrust, Baltimore, others)  What hardware is being used or planned? (Examples: Sun Solaris, Dell Windows 2000, others) –no activity at present

Content providers Who are the content providers most widely used by members of your institution? How do you currently ensure secure access to these resources? What is working well? What could be better? –We provide content from virtually all of the major providers. Our normal mode of authentication is IP address, with ability for remote users to come in through a proxy server. This is working well, although keeping the proxy server list is sync with current content availability is a pain.

Readiness to set up certificates How ready are you to set up and provide campus-issued certificates to a select group of 200 faculty/staff? What are your next steps, if you know them? –This would require discussion with campus networking services and would depend on other current campus projects and priorities

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.