Common Authentication Project Team Publishes Recommendations

In early 2002, Vice Provost Bruno initiated an advanced technology project (ATP) to develop an authentication strategy for the campus? distributed computing environment and in support of the New Business Architecture (NBA) vision of Web-based single sign-on authentication. During the spring and fall of 2002, the project team met with technology specialists throughout the UC Davis community and with leading vendors of authentication technology. The discussions focused on the identification of common authentication requirements for UC Davis and approaches to meeting these requirements. In December, the team released its report to the campus, making the following recommendations: ? Continue to expand ?Distauth? services, the current campus Web authentication system based on Kerberos. ? Expand Distauth to support authentication levels within a Web-based single sign-on environment. ? Integrate Distauth with the eventual product replacement for the Cybersafe Kerberos service. ? Evaluate the advantages and disadvantages of expanding campus authentication services to accept federated \tauthentication services. Finally, the report recommends that the ?Distauth? development team participate in the system-wide PKI project and higher education efforts to develop Web-based single sign-on systems. The report is available at http://vpiet.ucdavis.edu/advancedprojects/AATPFinal%20Report.pdf.