TechTalks Event
Digital Certificates and Identification of Users on Campuses
with guest expert David Wasley
February 11, 1999
Audio
• Streaming
MP3
• Download
MP3 (Download
Tips)
Campuses are looking to Public Key Certificates and the associated PKI services to help manage access to sensitive or licensed resources, and to aid in developing appropriate business practices that make use of the network. As noted in two of CREN's related Fall 1998 TechTalks—on 10/98 and 11/98—the Public Key Certificate (PKC) provides a fairly secure credential that can be associated with a known individual. It does not, however, assert an identity for that individual. The main focus of this session will be to discuss ways of using a PKC to determine identity as part of an overall strategy to manage authorization on our campuses.
Among the questions you may ask and our guest expert may answer:
- What is "identity?"
- How can a PKC lead to understanding of "identity?"
- How does "identity" support authorization to use resources or to validate business transactions?
- What is the role of a Certificate Authority in this?
- Are there potential liabilities to running a CA?
- What about anonymity, where appropriate?
Guest Expert
Our
guest expert for this session, David Wasley, is engaged in
strategic planning for information technology/communications technology
for the University of California System. He was manager of the campus
network program at UC Berkeley from its inception in 1984 through
its 20,000th network connection at the end of 1995. David has been
active nationally in developing technology strategy for the Internet2
initiative. Within California he has a lead role in planning and
implementing CalREN-2, the California statewide network that will
become part of Internet2.
Background Resources
One of the best background resources you can read is the CNI document by Clifford Lynch entitled A White Paper on Authentication and Access Management Issues in Cross-organizational Use of Networked Information Resources. The Common Authentication Project at UCOP has a useful meta-site of related hyperlinks.
Two recent, related CREN TechTalks are archived online—audio files and transcripts: Authenticating Users? What are the issues? with Greg Jackson and Certificate Authority Services with Jeff Schiller.
If you want to go the book route, here are a few relatively recent possibilities:
- Secure Electronic Commerce: Building the Infrastructure for Digital Signatures and Encryption by Warwick Ford and Michael S. Baum;
- Understanding Digital Signatures: Establishing Trust Over the Internet and Other Networks by Gail L. Grant;
- Web Security and Commerce by Simson Garfinkel with Gene Spafford.
