Many network resources this University puts up must be protected. For example, non-University members are permitted to use the Library catalog, but not licensed bibliographic databases like Medline. Human Resources will put up job notices on the Web starting this fall, but needs to restrict the ability to write such notices to certain department reps and restrict the ability to read such notices to University members. In the case of electronic mail, only the owner of an inbox can read its mail.
As the University makes more resources available through the network, it becomes advantageous to have a more unified way to authenticate access. Right now each service has its own authentication scheme, usually with a separate "userid" and "password". This is confusing for users, and expensive for the University as authentication schemes are re-implemented on each system.
In many cases the implementation of authentication is the single most time consuming component of putting up the software to implement a service. For example, we intend to expand the institutional Web server this spring to allow individual members of the University to put up Web pages--if we didn't have to hand out special UTORinfo userids and passwords this would be a trivial to do. We also intend to offer an electronic directory--with a common authentication scheme we could permit University members to update their own entry. A number of departments have also expressed an interest in using an institutional authentication for access to their departmental machines to save on administration costs.
Unfortunately there are insufficient resources to pursue a common authentication scheme right now. However, this is an important piece of infrastructure that is likely to be addressed soon.
This summer, authentication schemes are being implemented for the dial-in project, UTORmail, UTORlogin, and UTORdist. As a step to a common scheme Management decided in July that a future common userid will be the last eight digits of an individual's Library card bar code number. Every member of the University is eligible for a Library card and hence can get this number. Other numbers are not as universal-- not all University members have a student or staff number, for example. One challenge the eight digit bar code will present is the fact it is all numeric--many services, including UNIX[1], have problems with entirely numeric userids.
A summary of the authentication schemes by service:
Service Account Account Service Service
Creation ID Creation userid password
ID Proof
UTORdial 8 digit SSD 8 digit user set
bar code bar code during
creation
UTORmail 8 digit SSD user set user set
bar code during during
creation[2] creation
UTORlogin n/a n/a 8 digit initially
bar code SSD
changeable
UTORdist[3] n/a n/a n/a n/a
Note the passwords are unrelated for each service.