Citation
Cheng, R. (2001), "Public Key Infrastructure in Higher Education", Library Hi Tech News, Vol. 18 No. 1. https://doi.org/10.1108/lhtn.2001.23918aac.010
Publisher
:Emerald Group Publishing Limited
Copyright © 2001, MCB UP Limited
Public Key Infrastructure in Higher Education
Rachel Cheng
Public Key Infrastructure in Higher Education
This was a non-technical seminar to give attendees a working knowledge of components within a Public Key Infrastructure (PKI) and how such an infrastructure might be used in higher education.
Casey Lide of the Digital Signature Trust Company, in a little over an hour, managed to provide information that gave a clear overall picture of the PKI. He began the session by reviewing the four basic components of the Public Key Infrastructure: Key pairs, digital signatures, encryption, and digital certificates. By using the pair of public and private keys, a person can create a digital signature for authentication purposes and encrypt messages to ensure confidentiality and data integrity.
A digital certificate is used to bind the identity of a person or entity to the public key to make sure that the key does indeed belong to that user. Lide touched briefly on the structure of the digital certificate and X.509 as well as the actual process of issuing and certifying a digital certificate. To verify an applicant's identity, one must go to a Registration Authority (RA). The Certificate Authority (CA), acting as Trusted Third Party (TTP), then generates and sends the private key and digital certificate back to the requesting party, and stores the public key and a copy of the certificate in a publicly accessible certificate repository. Based on the "level of assurance" on the identifying and authenticating techniques, a CA will issue different types of digital certificates. "Pseudonymous" certificate may be of particular interest to libraries for patron checkout records.
Lide followed up by discussing the general roles and responsibilities of PKI, the relationship between subscriber and relying party, and a CA's duty as the Certificate Manufacturing Authority (CMA) and the Registration Authority (RA) as agents of a CA and the sponsoring organization. It was at this point that one began to have a sense of bewilderment with the dizzying array of acronyms, as well as the realization of the legal implications and the vast amount of policies and regulations required with PKI.
What are the practical roles of an institution of higher education in implementing PKI? The Electronic Signatures in Global and National Commerce Act (E-SIGN) was passed in June 2000, and signed electronically by President Clinton. We need to think about the roles and responsibilities our institution will be required to play, and to what extent we should be involved as CA, RA, relying party, subscriber, and sponsoring organization.
Clair Goldsmith, Vice President for Information Technology from University of Alabama at Birmingham, spoke on the subject of the Net@edu PKI working group and the issues discussed in Snowmass 1999 on financial analysis, interoperability, and liability. He also described the November 1999 Fed/Ed meeting that highlighted the need for cooperation, the role of US government regarding PKI, and the adoption of x.509v3 and LDAPv3 as open standards. Brief summaries of the following meetings were also discussed: Net@EDU Tempe Conference in February 2000, the development of eduPerson at Spring Internet2 DC meeting, the second FED/ED meeting in June 2000, and the PKI@Smowmass conference in August 2000. The next milestones will be the Higher Education Bridge Certification Authority (HEBCA) meeting in Washington, DC, and the third Fed/ED meeting that will take place later in the year.
Michael Gettes, Lead Application Systems Inegrator from Georgetown University, followed with a case study of Georgetown University's approach to implement PKI. He explained the reasons for building and using the Lightweight Directory Access Protocol (LDAP) Directory as the basis of PKI, and how Georgetown handles the digital certificates within LDAP. Gettes touched on the differences between Domain Component (DC) and X.509 naming scheme as well as eduPerson. He also discussed the concept of a Directory Information Tree (DIT), LDAP recipe, directory of directories, institutions of higher education promotion of eduPerson, good directory design, and unity within higher education's approach to implement PKI. He further reiterated the complexities and the great effort needed to coordinate policies and the critical role LDAP played to manage users' access to digital materials on campus.
William Weems, Director of Academic Computing from University of Texas Health Science Center at Houston, discussed Phase I implementation of PKI in the University of Texas system, and their reasons for going with a commercial CA. He spoke of the overall functions of PKI, access management, and their implementation of digital certificate. He also spent some time on LDAP and its role as the linchpin of middleware services to provide general-purpose directory services. He offered practical advice on issues we must consider, what we should be doing now, and the need to keep it simple for the users. He made the final point that "It is virtually impossible to predict what will emerge from (this) extremely complex system; however, PKIs/Middleware will drastically alter the way we learn, work, and play in cyberspace".
An observation all the presenters pointed out was that the technology itself was simple to implement. The complexity arises from the fact that PKI is policy-intensive and it requires a vast amount of coordination within the campus. Because of legal and business implications, we also require the cooperation and recognition of outside entities if PKI will be used beyond internal access control. This point was driven home by a question raised regarding the fact that Georgetown University was not a publicly recognized CA and RA. At this point in time, Georgetown's digital certificate and public key could not be verified or used outside of the campus.
Although this was not a technical session the presentations were packed with technical jargon and legal terms that one needed to understand before the discussion could take place on the interdependencies and the complicated roles the institution must consider before implementing PKI. I came away from this seminar with a clear understanding that PKI is an unavoidable task we all need to face sooner or later. My suspicion is that one clearly needs to pass some kind of memory test in order to work on the campus PKI project because of the incredible number of acronyms and policies involved in this endeavor.
Further references
Information about PKI in higher education is available at http://www.educause.edu/netatedu/groups/pki/
Information on eduPerson is available at http://www.educause.edu/eduperson/
Phase I Implementation of the University Texas System Public Key Infrastructure is available at http://www.uth.tmc.edu/xorgs/utspki
Information on LDAP recipe is available at: http://www.georgetown.edu/giia/internet2/ldap-recipe/
Beyond Access Management: The Role of Authentication and PKI in Information Retrieval and Management
It has become clear that, beyond access management, public key infrastructure (PKI) will play a major role in areas such as description of materials, verification of authenticity, and the archiving of digital content. Clifford Lynch, Director of the Coalition for Networked Information, with his usual thought-provoking style, focused his discussion on the future when PKI is in place.
When we have PKI, we will have the means to establish digital identities for access management and authentication, and there will be a need for mutual trust among different issuing organizations. Will we be able to believe an identity that is associated with a name? If we do not have a single ID card for all, should we be able to expect to have a single digital identification with PKI, which is the same idea complicated by technology and policies.
Until now, most discussion on the subject of digital signature has centered on its commercial and legal implications. What other issues will we face when the use of digital signature is broadened to include the authentication of digital publications? Who signed the document, and is that signature genuine? To what standards do we hold digital publications? How do we deal with materials published under pseudonyms? How would we associate a digital identity with such a document? Should an author, editor, publisher, graphic designer, or all of them sign off on the documents? Who should be responsible for authorizing the digital identification? Who passes out the ID? If it is a collaborative work, should the group apply for a group ID? What are we, in fact, signing? Do we look at the contents merely as a string of bits? What would we be authenticating when the "bag of bits" approaches included garbage when a file was saved? What about the codes embedded within XML documents, but irrelevant to the contents?
With the democratization of Web publishing, what should be read and how we should allocate our time and attention have become matters of concern. Should we trust a reviewer, a friend, a colleague, or filtering systems? What are the roles of user reviews from Internet sites such as Amazon or eBay? How should we deal with anonymous reviews? What happens to those documents that were created with the purpose of confusing the search engines? Should we trust the metadata and whose metadata should we trust? Assuming that we trust the metadata constructed by librarians, who passed out the signature for the librarians? A 20-page algorithm for XML to compare the essence of documents would not work in all cases since XML built on unicode is different than the one built with non-unicode.
Ideas of trust, reputation management, digital identity, authorship, and authenticity must be dealt with in a serious way. There is a big gap between the metaphor of digital signature and its reality. Lynch's presentation was, from his point of view, a bit of "fun speculation" to provoke people to think beyond the immediate future. I came away from his presentation with an understanding that, beyond the legalese and technology, the problems we must address are also social and human issues. PKI implementation will force us to address and re-address the old issues of identity and trust over and over again.
Questions were asked about the archiving of digital information. Should we undertake to copy bit by bit, reformatting documents periodically to accommodate new software? Should the changes in format affect the authentication of the contents? How would we authenticate a 100-year old digital archive? Should authentication be done document by document? There is no answer yet. Some information is available. CLIR publishes a document in both digital and print format entitled Authenticity in a Digital Environment. The digital version is available at http://www.clir.org/pubs/reports/pub92/contents.html A White Paper on Authentication and Access Management Issues in Cross-Organizational Use of Networked Information Resources, published by CNI, is available at http://www.cni.org/projects/authentication/
Rachel Cheng is Associate University Librarian at Wesleyan University, Middletown, Connecticut. jcheng@mail.wesleyan.edu