UKUUG home UKUUG Winter Conference 2003

Authentication beyond ATHENS

David Holdsworth

JISC circular 06/02 (http://www.jisc.ac.uk/pub02/c06_02.html) looked to user management beyond ATHENS (http://www.athens.ac.uk/), and envisaged a split between the authentication of a user and the authorisation of a user to access specific facilities. By authentication we mean having confidence that an on-line user is the legitimate person. By authorisation we mean confirming that an on-line user is entitled to use the resource in the way that is requested. This is further explained in Alan Robiette's report to JISC (http://www.jisc.ac.uk/pub00/sparta_disc.html). Especially paragraph 10.

Our part in this at Leeds concerns authentication using X.509 digital certificates. The requirement is to be able to issue certificates to the correct person with minimal extra bureaucratic load on the university/college. We take this to mean that for students there will be no extra bureaucracy, and that for staff any extra bureaucracy will be very small. We already have our own certificate authority operating at Leeds University, which we use for accrediting the IT reps within departments.

Our work involves re-engineering of our existing implementation to rely on an institution's existing registration system(s).


Programme Timetable Speakers
Location Accommodation Booking Form


For more information please contact UKUUG Problems? e-mail webmaster
© Copyright 2002-2003 UKUUG Ltd