e-Science logo Nesc logo
 
 
About NeSC
e-Science Institute
e-Science Hub
TOE
Contacts
e-Science Events
Resources
Newsroom
Presentations & Lectures
Technical Papers
Global Grid Links
Projects
UK e-Science Centres
UK e-Science Teams
Career Opportunities
Bibliographic Database
 

 

Paper ID: 1761

Are personal digital certificates really usable and scalable?
Mark,Norman Christian,Fernau Alun,Edwards

Appeared in: Proceedings of the UK e-Science All Hands Conference 2005 website: http://www.allhands.org.uk/2005/
Page Numbers:
Publisher: Engineering and Physical Sciences Research Council
Year: 2005
ISBN/ISSN: 1-904425-53-4
Contributing Organisation(s):
Field of Science: e-Science

URL: http://www.allhands.org.uk/2005/proceedings/papers/574.pdf

Abstract: This poster outlines the findings of the Digital Certificate Operation in a Complex Environment (DCOCE) project that has recently concluded at the Oxford University. PKI is used as a basis for security of the UK e-Science Grid. It was therefore important to ascertain whether the use of digital certificates in higher and further education is scalable to more than a select number of technical users. The project explored the advantages and disadvantages of end user/client digital certificates as means of on-line authentication in a higher or further education information environment. We conclude that the use of client certificates is feasible and scalable. With usability feedback from over eighty users, with a broad spectrum of technical abilities, the DCOCE project looked further into feasibility issues than most other studies where a common desktop environment does not exist. The DCOCE project developed and tested an alternative model of PKI whereby user data was held largely within the institution at a central Registration Authority (central RA). Certificate requests are held by the central RA and passed on to an external Certification Authority (CA). Thus, user data are kept close to the users and the CA specialises in the high availability service of generating/signing certificates and managing revocation lists. This model should prove far more scalable. Certificates could also be useful to some users as the front-end authentication tokens for single sign on systems and we believe that it is not critical that most users will never fully understand how they work. Making the system of issuing and renewing the certificates as user-friendly as possible appears to be the most critical factor.

Keywords: e-Science, AHM 2005


BIB DOC HTM HTML PDF PPT PS RTF TEX TXT ZIP




 

Last Updated: 22 Jun 12 11:02
This is an archived website, preserved and hosted by the School of Physics and Astronomy at the University of Edinburgh. The School of Physics and Astronomy takes no responsibility for the content, accuracy or freshness of this website. Please email webmaster [at] ph [dot] ed [dot] ac [dot] uk for enquiries about this archive.