The aim of this project is to provide secure encrypted access to networked educational resources, using smartcards for user authentication.
We have developed a system that uses public key cryptography and standard internet protocols. Users have smartcards with public and private keys and digital certificates, which can be used from within a web browser. The web server can be assured of the identity of the client, and checks every access request against a database of user permissions. A management program enables an administrator to assign users to groups and to control the permissions allowed to each group.
The smartcard system has been adopted by Cambridge University and is being further developed for a number of application areas.
- Team leader: Graham Phillips
- Team members: Kim Whittlestone, Geof Smith [Clinical Intranet Manager]
- Technologies: ISAPI filters [Internet Services Application Programming Interface], ASP [Active Server Pages], SSLv3 [Secure Sockets Layer], public key cryptography, X509 digital certificates
- Funding: Support from the JTAP [JISC Technology Application Programs]
- Start: October 1998