CREN - Resource Pointers

Exploring Access to External Content Providers with Digital Certificates � CREN/Mellon Project � December 1, 2001

The following reading list is intended to provide:

An introduction to digital certificates and their applications, especially in remote authentication.
Background and information on the organizations and content providers that may participate in pilot projects.

1. White Paper on Authentication and Access

An overview of the background issues and concerns facing institutions and policy makers regarding the secure management of networked information resources.

https://www.cni.org/projects/authentication/authentication-wp.html

2. CREN FAQ Series

2.1 Public Key Infrastructure

This is a basic introduction to digital certificates, what they are, what they do and how to implement. This was developed in 1999 and is good for a basic introduction to public key concepts and infrastructure.

2.2 Institutional Directories and Repositories

This is an overview of the role of centralized directories and databases that help in supporting campus-wide services. Both can be accessed from the CREN website:

Go to: https://www.cren.net/ca/faqs.html

Go to FAQ: Institutional Directories and Repositories
Select �here�
When prompted enter the member name: �Member�
Enter the password: �info!�

3. Private Vendor Web Sites

3.1 Sites with Introductory PKI Reading

Baltimore Technologies
https://www.baltimore.com/solutionsplus/pki/index.html

Entrust
https://www.entrust.com/resources/whitepapers.htm

RSA Security
https://www.rsa.com/index.html

3.2 Sites for two vendors who sell Hardware Security Modules (HSMs)

Chrysalis-ITS
https://www.chrysalis-its.com/

Cipher
https://www.ncipher.com/

4. Sites for Content Providers participating in this meeting/project

JSTOR
www.jstor.org

HighWire Press
www.highwire.org

OCLC Online Computer Library Center, Inc.
www.oclc.org

5. Sites providing information about the organizations sponsoring the pilot and on development work related to digital certificates, directories, PKI and internet2.

Site for Coalition for Networked Information (CNI) , an organization dedicated to supporting the transformative promise of networked information technology for the advancement of scholarly communication and the enrichment of intellectual productivity.

Learn more about Digital Library Federation (DLF) is a consortium of libraries and related agencies that are pioneering in the use of electronic-information technologies to extend their collections and services.

Contains the minutes and work of various committees for HEPKI-TAG (the Higher Education Public Key Infrastructure-Technical Advisory Group) and HEPKI-PAG (the Higher Education Public Key Infrastructure-Policy Advisory Group)

Presentations from the PKI Summit at Snowmass on August 9-10, 2001. Note the presentation by Bill Weems at the U of Texas/Houston about a campus deployment story.

Overall site for the Higher Education PKI Technical Activities Group Cites group charter, reference documents, recommendations and works in progress.

General interest article on PKI policies.Very readable.List of resources included.

6. Books

Secrets and Lies: Digital Security in a Networked World . Schneier, Bruce. John Wiley & Sons, Inc., New York, NY 2001. Pp. 412.

This is a good introduction to a range of security technologies and applications for the general reader. It takes reader from the rudimentary beginnings to the present.