Search results

Digital certificates promise to provide the next major leap forward in authentication, and are in fact in use today to secure some e‐commerce transactions. The paper describes what digital certificates are, what they can be used for and what the state of this technology is at present; it also discusses the problems hindering wider deployment of certificates and what needs to be done for them to gain wider acceptance.

The papers in this volume look at security from a variety of viewpoints. Behind all the papers is the idea that security is important and that security can and should be improved. The papers ask some fairly fundamental questions and provide considerable food for thought. In this paper I am looking at the landscape and making an assumption that a change in culture as a result of better understanding of technology will result from increasing familiarity with technology and its limitations.

This paper examines three approaches to increasing awareness in an academic setting: a discussion session, a checklist and a web based tutorial. All three are found to be effective in raising motivation and understanding of security because they present the issues in an accessible, interesting way. The research for the paper was funded by the JISC Committee for Awareness, Liaison and Training as part of a project on the human and organisational issues associated with network security. http://litc.sbu.ac.uk/calt/

Library automation systems in use today reflect a very conservative view of the library as a passive repository, and take little account of the user's needs and of the possibility of dynamic interaction. A review from the standpoint of the management of information services more generally, taking account of new resources and of new communications, suggests a number of places where improvements may be made, especially in involving the users more closely in the design and systems investment stages. Specific proposals are made as a basis for discussion, and to stimulate management thinking about personal development and skills transfer as well as the service technology.

To give an overview of the current state and trends in authentication and authorisation in satisfying academic library users' mobility and instant access to digital information resources, and to propose that libraries strongly support efforts to establish a global authentication and authorisation infrastructure.

An overview of some national projects towards such an infrastructure for public institutions, including libraries, is provided.

There are many projects working towards such an infrastructure, but no single widely accepted authentication and authorisation infrastructure exists yet. A global authentication and authorisation infrastructure will enable users to use a single username and a password for all local and remote library services. It will consist of interconnected authentication/authorisation servers, where each institution will be responsible for a local user database.

The list of projects towards global authentication and authorisation infrastructure is not complete. Projects are not described in detail.

Libraries will have to join efforts towards a global authentication and authorisation infrastructure and to integrate this into their applications. That way, they will improve services for their users who are remote from their home institutions, enable users to access new services faster, lessen user frustration with forgotten passwords, reduce time spent on administrative tasks and also reduce the burden of password management and enable security improvements.

This paper fulfils an identified need to speed up the development of a global authentication and authorisation infrastructure.