Infrastructural Network Services
PKI-based Authentication and Access Control

Content

Background
Task
Project Group
Calendar
Milestones

Links

Work Items
Related Work
Products for Access Control

Background

Our IT-systems are becoming more and more integrated and the concept of a User is widening to, in many cases, include all our students and personnel. It is becoming more and more unrealistic to manage users, accounts and access control within each application.

A natural question is therefore: Is it possible, for many of our systems, to use a common, network based, infrastructural Access Control Service (supported by catalogues of persons, roles and resources)? What are in that case the realistic requirements for such a service?

Task

This is the web site for a joint project within swedish universities and university colleges, initiated by HITS (Högskolans IT-säkerhetssamarbete). Its task is to find the answer to the questions above. Or as formulated in our directive: To find technical solutions for PKI-based Authentication and Access Control. It is at this stage a preparatory study.

The result for the preparatory project shall be
- an identification of used and usable mechanisms for Authentication,
- a specification of requirements for an Access Control Service and
- an architecture of a PKI-based Authentication and Access Control Service.

It is the ambition of the members of the project group to continue the cooperation in another project to implement/buy such a service. We envision the service being run locally at the universities.

Project Group

Torbjörn Wiberg, Umeå universitet, project leader
Joakim Björklund, Linköpings Universitet
Leif Johansson, Stockholms Universitet
Hans Nordlöf, Karolinska Institutet
Magnus Persson, Lunds Universitet
Marta Petrides, Göteborgs Universitet
Torbjörn Wictorin, Uppsala Universitet

Calendar

01-08-27 Preparatory meeting
01-09-07 Project start
01-09-19 Definition of the charter of the working group
01-10-16 Modelling workshop
01-11-14 Requirements of an Access Control Service
01-12-05 Meeting at KI 10--16
01-12-18 Discussion of the Requirements
02-01-21 Position Report to HITS
02-03-03 Final Report to HITS
02-03-03 Project ends

Milestones

01-09-07 Project start
01-12-18 ACS - Architecture Parts of Requirement Specification (done)
01-12-31 Position Report to HITS (done)
01-01-31 ACS - Functional Parts of Requirement Specification
01-01-31 PKI-based Authentication Service - Requirement Specification
02-02-28 Requirement Specification
02-02-28 Final Report to HITS (done)
02-02-28 Project ends