Something related to this discussion.
We are currently developing a Managed Learning Environmnet that will require
students and staff to be authenticated so that the resources they access can be
allocated and submissions of work can be clearly identified as coming from a
particular individual.
It has been suggested that we need to use PKI to provide the level of security
that we are looking for.
Has any institution implemented PKI and if so for what services is it
protecting/providing access?
Has any institution implemented any other form of authentication which might
enable single sign on?
Ricky
Chris Tilbury wrote:
> | We could put password protection around University only data, but then
> | access is restricted to members of the University registed with
> | the Computer Centre, plus users have the inconvenience of another
> | authentication per session.
> |
> | If we knew that non-members were restricted to certain systems (and I'm
> | not sure that we do), we could refine the access control to block access
> | to those systems, but that could be an ever lengthening list of systems.
> |
> | Have other institutions considered this issue?
>
> We have a working party/steering group/call it what you want which is
> deliberating the whole issue of University "membership" here at Warwick at
> the moment (started off as a simple project just to replace University ID
> Card but quickly ballooned!).
>
> We face similar issues although from a different angle - namely that of how
> do we deal with people who are not University members currently (ie, who
> don't feature in either the payroll or student records systems) but who need
> access to the growing number of facilities to which control is mediated
> through computer systems fed with that data (building access control, car
> parks, computer facilities, sports centre, etc).
>
> The biggest initial problem they are having to deal with is identifying who
> all these people are!
>
> Ultimately, I believe we hope to arrive at a system which incorporates all
> these individuals and which is capable either itself, or (more likely)
> through links to other systems, of giving them not merely a piece of plastic
> with a picture on the front, but a digital identify which represents them
> wherever necessary.
>
> Cheers,
>
> Chris
>
> --
> Chris Tilbury, UNIX Systems Administrator
> IT Services, University of Warwick, Coventry, UK
> PHONE: 024 7652 3365 / FAX: 024 7652 3267
> MAIL : [log in to unmask]
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|