Digital Certificate Operation in a Complex Environment
navigation search
search query:

PKI Primer and Project Background

11. What this DCOCE project set out to investigate

11.1. Our aim

Formally, the main aim of the Digital Certificate Operation in a Complex Environment (DCOCE) project was to provide a detailed implementation and evaluation report of 'real world' digital certificate services at the University of Oxford.

11.1.1. Some objectives

Within the above general aim, there were some individual objectives to be achieved:

  • Development for, and implementation of, a public key infrastructure using digital certificates that would form a pilot project involving a selection of users within the University of Oxford.
  • Evaluations, both technical and user-oriented of a wide variety of aspects surrounding the implementation of PKI at higher education establishments within the UK. The evaluations were to be collated into a final report.
  • Dissemination of a series of reports - via web pages, email lists and at real 'events' - of the progress of the project, documenting successes and failures and points of difficulty. These and the final report were to be disseminated in a form that proved useful to others considering PKI within the higher and further education sector in the UK.

11.1.2. There were also some further aims

The project should:

  • attempt to learn from the experience of other implementations in this area (note that although this was an overall aim, a full review of existing methodologies and technologies was not anticipated);
  • work in partnership with organisations involved in devolved authentication and/or interested in using certificates themselves;
  • work in partnership with organisations having an interest in promoting the use of digital certificates and public key infrastructure. Objectives arising from these aims:

  1. The project should demonstrate successful authentication for access to external resources protected by the Athens Access Management System.
  2. Similarly, integration should be achieved with the Zetoc (Z39.50-compliant access to the British Library's Electronic Table of Contents) resource managed by Manchester Information and Associated Services (MIMAS).
  3. The project should work closely with (and be advised by) the national e-Science Grid via the Oxford e-Science Centre. It is hoped that the findings of the project will be of use to the e-Science Grid and all endeavours will be made to ensure that this is so.
  4. The project should conduct a brief review of a few public key infrastructure implementations. This is to inform the choice of methodologies and technologies to be piloted. Publication and evaluation in this area will be limited.

11.2. And finally...

This is the end of our background primer to PKI and (a retrospective) introduction to the project.

Mark Norman, August 2003 (updated October 2006)

Up: Contents Previous: 10. Practical challenges for PKI Next: Appendix A More on trust

Oxford University Computing Services Mimas Athens access management services Oxfore e-Science Centre Systems and Electronic Resources Service Joint Information Systems Committee