Inside CDL
Inside CDL | CDL Home | Search | Contact the CDL
Collection Development Process
Collections
Projects, Programs & Services
Committees & Groups
Digital Library Building Blocks
Instructional Materials
Assessment
News & Events
Report a Problem
Contact the CDL
News and Events > CDLINFO Newsletter
CDLINFO-L LISTSERV, June 24, 1998; Vol. 1, No. 9

CONTENTS

  1. The UC Common Authentication Project
  2. Ellen Dunn to Serve as MSO for the CDL
  3. Updates on the Melvyl System and Abstracting and Indexing Databases
  4. OCLC's SocAbstracts Database Available from the Melvyl Web System
  5. CDL Milestones
  6. Contacts for Questions or Problems
  7. Information about the CDLINFO-L Listserv

1. The UC Common Authentication Project (Terry Ryan, Associate University Librarian for Systems, UCLA, with CDL staff)

Systems that offer access to confidential or proprietary information require methods of identifying users and permitting them to use the resources for which they are authorized. Traditional computer systems have required a user to enter an ID and "secret" password to obtain access, but this method does not offer a high level of security and is not easily scalable in a networked environment. Institutions like UC, with its large community, and its multiple applications and platforms, need a strong, scalable system that separates user identification and authorization. The UC Common Authentication Project, which began in 1997, seeks to meet those needs for UC.

Permitting access to confidential or proprietary information actually involves three processes: authentication, verification of a user's roles and attributes, and authorization. Authentication is identification of an individual -- in other words, it answers the question, Who is this person and how can that identity be confirmed? Verification of users' attributes and roles is done via a directory entry, where more information about the user is stored. Authorization allows the identified user to use certain resources or perform certain actions, based on their confirmed roles or attributes -- for example, to see his or her own personal benefits information or search a database that UC Irvine has licensed only for its faculty.

A full authentication service has the potential to simplify the use of various abstracting and indexing and full text databases. Passwords eventually can be phased out, the cumbersome process of maintaining a list of IP addresses for verification may be eliminated, and processes to extend services and privileges will become more efficient. Several "self-service" goals for CDL systems and services, such as patron-initiated requests and status checking, would be streamlined by stronger systemwide authentication. Negotiations for commercial information resources have included discussion about the vendors' ability to support emerging authentication methods.

Background
In July 1997, the Joint Operations Group (JOG), a planning group that advises AVP M. Stuart Lynn, of Information Resources and Communications, on information technology, resource allocation, standards, and issues, endorsed a proposal for a UC Common Authentication Project (UCCAP), with a multi-campus Authentication Working Group. The aim of UCCAP is to produce a UC Common Authentication System (UCCAS), which will "provide UC-wide strong authentication which will eventually support a broad range of applications and services." This goal "envisions providing a 'network passport' for every UC faculty, student, and staff" that would be recognized by other campuses and could be used "for access control, digital signatures, and other uses."

The Authentication Working Group has investigated two access control options: Kerberos and Public Key Infrastructure (PKI), based on Public Key Certificates (PKCs). Kerberos, developed by MIT in the 1980s, is intended for a closed community with a central administrator. Although it provides some advantages over PKC technology, it is more vulnerable (since a single database holds all the keys), does not support digital signatures, does not scale well, and, for the most part, cannot be used by unaffiliated systems. Public Key Certificates, on the other hand, are designed for general commerce without a central administration, can support millions of users, separate the authentication and authorization functions, can support digital signatures, are supported in major web servers and browsers, and can be used by unaffiliated systems. Recommendations now integrated into the project include the following:

  • UC-wide authentication should be based on PKC technology rather than Kerberos-based systems.
  • UCOP should take the lead in developing standards and practices for a PKI and related directory services.
  • Campuses should be responsible for campus-specific deployment of the standards.
Current Work
Project team members are currently developing a prototype authentication system at UCOP that incorporates all three parts of access control (authentication, directory, and authorization). The prototype will include a UC Certificate Authority, a University Directory that identifies user attributes and roles, and authorized access to sample applications, including the Melvyl Web system and BENCOM, an employee self-service system that allows a user access to his or her benefits information. At the campus level, four campuses (UC Davis, UC Irvine, UCLA, and UC San Diego) have certificate servers available and are ready to work with UCOP to test access to the Melvyl Web system and BENCOM.

The Authentication Working Group continues to explore technical and policy issues. Those with the most potential impact on libraries are the following:

  • Portability of certificates among platforms. Certificates are "happiest" when tied to one machine for one user. The Working Group is investigating options for using certificates in library public workstations and computer labs.
  • Management of certificates, including revocation in case of compromise.
  • Strong client support and user training. The use of certificates is not transparent, and users will need documentation and troubleshooting help.
  • Possible need for different kinds of certificates (e.g., to access library systems vs. personnel information) requiring different levels of identity verification (e.g., issued over the network vs. issued only after display of a picture ID with Social Security number).
  • Certificates for non-UC library patrons. The UCCAP is focused on UC faculty, staff, and students. Support for non-UC users may require departmental issuance of certificates.
  • Confidentiality of user information. Certificates are a pointer to directory information about certificate holders. Privacy and confidentiality concerns may affect the content of certificates UC supports.

CDL is represented on the UCCAP planning groups since authentication decisions could have significant impact on libraries as we grapple with how to control access to our digital collections and services. Several UC library staff are also participating in parallel campus authentication initiatives, and many more could become involved in answering questions and solving user problems if the prototype system evolves into a production system. To monitor UCCAP issues and progress, check their web site: http://www.ucop.edu/~authuser/cap/

2. Ellen Dunn to Serve as MSO for the CDL

Starting July 1, Ellen Dunn will join the CDL as the Management Services Officer (II), providing financial, personnel, and administrative functions for the CDL. She will plan and manage the budget (currently over $5.5 million), including short- and long-term financial planning and analysis, oversee the allocation of financial resources, and set fiscal policies and guidelines. She will also review and monitor contracts, grants, and outsourced services. In addition to her financial and oversight duties, she will manage personnel issues as well as the work of the administrative staff. She reports directly to Richard Lucier, Executive Director and University Librarian of the CDL.

Ellen has worked nine years with the University, most recently as a Management Services Officer I for New Standards at the Office of the President, where she managed an $8 million budget, prepared budgets and other materials for grant submissions, prepared personnel and consultant contracts, and supervised the administrative staff. She has also worked with the California Mathematics Project and the New Standards Mathematics Advisory Committee at UC, and served as an administrative assistant at the University of Arizona College of Medicine in Tucson.

3. Updates on the Melvyl System and Abstracting and Indexing Databases

Updates and news on the Melvyl system and abstracting and indexing databases will now appear in this listserv on a regular basis. The CDL will also continue to send announcements to relevant library groups such as the User Services Group (USG).

CDL Technologies is currently adding several OCLC and RLG databases already accessible from the Melvyl Telnet interface to the Melvyl Web interface. The notes below show the status and the priority order for the addition of these databases, according to USG recommendations.

Currently available via the MELVYL system Web interface:
ArtAbstracts (ART)
MLA Bibliography (MLA)
SocAbstracts (SOC -- see the next news item)

In the final stages of review on the Melvyl Web test system and due out in early July:
Chicano Database (CHI)
Anthropological Literature (ANTH)

Work has begun on:
Avery Index to Architectural Periodicals (ARCH)
RLIN Bibliographic Database (RCAT)

The next databases scheduled (in priority order) are:
WorldCat (WCAT)
RILM Abstracts of Music Literature Database (RILM)
PAIS International Database (PAIS)
ERIC Database (EDUC)
ArticleFirst Database (JRNL)
History of Science & Technology Database (HSCI)
English Short Title Catalogue (ESTC)

Priorities have not yet been set for the following:
Books in Print (available via USE FIRSTSEARCH)
ContentsFirst (JRNLT)
FRANCIS (will be added to Eureka July 1st -- will be available via USE EUREKA on the Telnet interface and via Eureka from the Internet Resource page on the web interface)
Index to Foreign Legal Periodicals (FLEG)
GPO Monthly Catalog (GDOC)
PapersFirst (PAPR)
ProceedingsFirst (PROC)
World Law Index--Hispanic Legislation (HLEG)

USG has recommended that the CDL provide access from the MELVYL Web interface to the vendors' web interfaces for Eureka and FirstSearch. A preliminary investigation shows this should be possible. Special programming will be required to pass the campus ID to FirstSearch both to support the message that OCLC generates to indicate campus ownership of an item and to support the campuses that have turned on the ILL feature for OCLC's FirstSearch system. This feature may be ready by Fall 1998.

For questions about these databases, please call the Melvyl System Helpline at (510) 987-0555 or send an e-mail message to melvyl@www.melvyl.ucop.edu.

4. OCLC's SocAbstracts Database Available from the Melvyl Web System

OCLC's SocAbstracts database, previously available to UC users only through the Telnet version of the Melvyl system, is now available via the web interface as well. Produced by Sociological Abstracts, the database contains citations from 1963 to the present for articles from over 1,900 journals, books, book chapters, and reviews in the social sciences. Topics covered include anthropology, criminology, demography, education, law, social psychology, sociology, and urban development.

Users can search not only by author, title, and subject, but also by indexes specific to SocAbstracts, including soc identifier, subject category, reviewed author, notes, conference, publisher, and country of publication. As with other databases available from the web interface, users can save lists and email search results. There are no links from subject headings.

Please send questions, comments, or suggestions to melvyl@www.melvyl.ucop.edu.

5. CDL Milestones

Past Accomplishments:

8/96
President Atkinson announces the Library Planning and Action Initiative (LPAI), to create a framework for library development over the next 5-10 years.
12/96
LPAI Advisory Task Force holds its first meeting.
2/97
LPAI web site launched to provide current information about the Initiative and strategic projects to the UC community.
4/97
Project Muse (social sciences and humanities journals) available to UC users.
8/97
Kluwer Online (philosophy, linguistics, computer science, engineering, biosciences, business, and economics) available as a trial to UC users.
10/97
California Digital Library constituted to provide access to shared digital collections that support the University's research and teaching missions and to offer services that facilitate access to those collections.
10/97
Richard Lucier appointed Founding University Librarian and Executive Director of the CDL.
10/97
Academic Press's IDEAL Service available to participating UC campuses. Springer's LINK Service available as a trial service to all UC users. Both cover the sciences.
3/98
GaleNet Encyclopedia of Associations available, providing access to information on national and international associations.
4/98
LPAI Advisory Task Force Final Report issued; Task Force dissolved.
5/98
ACM Digital Library (Association for Computing Machinery journals), SIAM Journals Online (mathematics journals), and STAT-USA (economic, business and trade information produced by the U.S. government) available.
6/98
License negotiated for access to American Chemical Society publications.

Coming:

Summer/98
Content licensing negotiations continue with IEEE, Elsevier, Kluwer Academic Publishers, JSTOR, and Springer-Verlag.
7/98
The CDL will establish a new CDL web page, "About the CDL," to provide general information and progress reports.
7/98
The CDL will establish an interim web site, "Systemwide Planning for Libraries and Scholarly Information," to keep the UC community and public informed about Universitywide library planning activities and initiatives, including the CDL.
7/98
Opening of the LSTA-funded Library of California - CDL Environment Project web site (the next issue of the listserv will describe this project in more detail).
1/99
CDL web site of collections and services due to open.

6. Contacts for Questions or Problems

If you have problems accessing or using the Melvyl system or have questions, including questions about the status of electronic journal collections and Internet resources, you can contact CDL staff in one of the following ways:
  • For immediate assistance, call the Melvyl System Helpline at (510) 987-0555. Callers with TDD equipment, please call 1-800-735-2929 in California for the telephone relay operator.
  • Send an e-mail message to melvyl@www.melvyl.ucop.edu.
  • Click on "News" on the Melvyl Web system () for information about system outages, problems with particular databases, the status of a resource, etc.

For information about whether your UC campus has access to a particular electronic journal or Internet resource, contact your local collection development officer.

7. Information about the CDLINFO-L Listserv

The CDLINFO-L listserv is designed for UC library employees as a first step in CDL efforts to build an active communications program to inform the UC community about progress in creation of the CDL, policy issues under discussion, and newly available electronic resources.

We hope that subscribers from the UC libraries will pass on selected information from the listserv to faculty, staff, and students on their campuses, as appropriate. In the future, we plan to develop a communications program to reach UC faculty, staff, and students, as well as others outside of UC who may be interested in our activities. We are also in the process of designing a CDL web site. In the interim, all interested parties may access the Library Planning and Action Initiative (LPAI) web site at http://www.lpai.ucop.edu/, which holds the planning and policy documents created to date.

Eligible subscribers: UC library employees

To subscribe: Please send the following line to listserv@listserv.ucop.edu 

     SUBSCRIBE CDLINFO-L /your name/

Frequency of publication: Biweekly, generally on the 1st and 15th of each month, or as new information warrants.

Communicating with the listserv: While the CDL Listserv does not accept submissions, subscribers are encouraged to send suggestions, thoughts, and comments on material in the listserv or on related issues to the CDL at cdl@ucop.edu.

Document Owner: Rosalie Lack

Last reviewed: July 9, 2003

URL: http://www.cdlib.org/inside/news/cdlinfo/cdlinfo062498.html

Questions? Comments?

Copyright © 2008 The Regents of the University of California