|
March-April 2002 Home Page
E-Notes Home Page
|
 |
|
"Tomorrow's Internet": A Georgetown Technologist's Advanced Research
page 1, page 2, page 3
One area of applied research in middleware is the use of Public Key Infrastructures (PKIs). In public key systems, each user receives two keys, large blobs of data that humans are not intended to know or remember. Computers, on the other hand, will recognize a key and treat it as a password. A private key is something like electronic DNA—it it is unique to each user. For that reason, it should be guarded closely. Related to a private key is a public key that every computer system in the world can associate with the user. A combination of public and private keys is used to digitally sign documents or e-mail so that an impostor cannot send something that appears to come from you. The keys work in conjunction with a Certificate Authority, a trusted institution such as Georgetown University. A Certificate Authority issues digitally-signed electronic testimony that the keys belong to you and only you. The certificate is intended to be easily accessible using software systems such as online directories.
Gettes and his colleagues on HEPKI, the Higher Education PKI working group are developing just such a system to meet the special needs of colleges and universities. On HEPKI, Gettes has the privilege of working with representatives from the University of Alabama, Birmingham; the University of Wisconsin, Madison; the University of California Office of the President; the University of Texas–Houston Health Science Center; Dartmouth College; EDUCAUSE; Digital Signature Trust Co.; Mitretek Systems; the National Institutes of Health (NIH); the Federal Bridge Certification Authority (FBCA); and the Federal PKI Steering Committee. "Internet2's collaboration with federal agencies has allowed us an 'up close' opportunity to see and understand the new technologies that will be necessary to secure the next internet; these insights will allow Georgetown to make better decisions about the right time to adopt new, emerging technologies," says Georgetown University Chief Information Officer H. David Lambert.
One of EDUCAUSE's and Internet2's goals is to ease inter-institutional collaboration over the Internet. Since different institutions have different needs, they cannot all use the same type of authentication and authorization systems. HEPKI's work has led Gettes and his colleagues to form the EDUCAUSE-sponsored HEBCA, the Higher Education Bridge Certification Authority. Bridge Certificate Authority technology ensures that systems at dissimilar institutions (such as universities and federal government agencies) will be able to communicate, even if the systems use different PKIs.
Next page—The HEBCA, in concert with other developing technologies such as the Internet2 Shibboleth project and the NSF Middleware Initiative combining GRID and University infrastructures, will increase capabilities by, for example, allowing guest-teaching faculty to use their Georgetown logins on other universities' systems.
page 1, page 2, page 3
|
|
