![[CNI Fall '97 Icon]](/tfms/1997b.fall/Images/cniF97-logosm.JPG)
A National Authentication Service for Higher Education - Progress in the United Kingdom
| Norman Wiseman JISC Head of Programmes |
|
+44 (0) 115 951 4799 N.Wiseman@ncs.nerc.ac.uk |
Background
The mission of the Joint Information Systems Committee (JISC) of the higher education funding councils of the United Kingdom is :
-
'To stimulate and enable cost effective exploitation of information systems and to provide a high quality national network infrastructure for the UK higher education and research councils communities'
In support of the mission the JISC runs the UK national network, JANET, linking all institutions in higher education and many collaborating organisations, and the international network links to the rest of Europe and to North America. The JISC also funds a number of national data centres and electronic services to UK HE and several programmes which investigate the implementation of new technologies in support of teaching and research. Notable among these is the Electronic Libraries programme, eLib.
Initiating the Projects
The JISC recognised in 1996 that further development of electronic services for the community would require authorisation, authentication and privacy services and commissioned several studies to investigate.
The reports are available at the JISC web pages http://www.jisc.ac.uk/pub/
These evaluated the current state of the technology and explored different models for service delivery. In 1997 the decision was taken to proceed on three different paths.
Firstly a weak authentication system would be developed from an existing product and implemented at the national data centres. Secondly a study of the real needs of the HE community for security and privacy services would be commissioned, and would inform the thinking on the model for a security infrastructure for HE. Thirdly, a partner would be sought to provide commercial expertise, to match the communityÕs expertise in data management, with the aim of providing a common resource for institutions to market their substantial data assets across the Internet.
ATHENS
The ATHENS system enables controlled access to services via Web and Telnet interfaces. A single username and password combination controls access for a user to any service registered with ATHENS. Although the user database is stored centrally on the network, control over the administration of access accounts and passwords is managed locally. Automatic replication of databases around the network, a key feature of the underlying database software, ensures even network loading and maximum resilience.
The system has been designed with the needs of the user, system administrators and the service providers in mind and their input has been incorporated at all stages of development. This has significantly enhanced the take up and acceptance of the new system.
Now that the system is running it is delivering a number of windfall benefits; these were not anticipated during the planning but have significantly enhanced the usefulness of the service.
Information on ATHENS is available at http://www.niss.ac.uk/authentication/
User Needs Study
JISC recognises that institutions will want better security for internal traffic when more of their business runs on the local network. Installing and maintaining the necessary systems and procedures is potentially expensive, so a User Needs study has been commissioned. This aims to identify what are the most appropriate levels of security needed for each of HEÕs activities. It will also indicate if there is a need for a security infrastructure and identify issues which require more information. JISC expects to run a number of pilots to examine these and the information gained from all this work will be disseminated widely to the community.
Commercial Activities
Many UK HE and Research Council institutions have valuable data resources which they already market to other research and commercial organisations. There is scope for a community wide solution for commercial activities on the Internet which institutions could buy into, rather than attempting to develop their own systems. These solutions will come from commercial suppliers since HE is unlikely to find it cost-effective to develop a system of its own, so JISC is active in searching out suitable partners who have this expertise.
Further Information
The results of the study and any further developments will be placed on the JISC web pages
-
http://www.jisc.ac.uk/
![[Send Us Mail: <webmgr@cni.org>]](/Images/mailbox.gif)
webmgr@cni.org![[Backward]](/Images/larrw.gif)
![[To Index]](/Images/index.gif)
![[CNI Home Page]](/Images/home.gif)