User Authentication and Software Distribution on the Web

Abstract

The emergence of new Internet based technologies and the WWW in particular, have raised new possibilities for distributing internal information, and performing administrative functions more efficiently. However, use of many of these functions in a "corporate" setting demands an infrastructure which allows users to be authenticated.

This paper discusses several authentication mechanisms, and describes why CSIRO decided to base an authentication system around the PGP implementation of public key cryptography. It then goes on to describe how PGP authentication was integrated with the WWW, and how user keys are generated and verified using WWW and email. The uses to which strong, system wide authentication can be put are discussed, focusing on the issues associated with allowing users to purchase and download commercially licensed software packages and with allowing WWW based access to administrative systems containing sensitive personnel data.

Keywords

WorldWideWeb, software distribution, user authentication, PGP, administrative applications

Pointers to Full Paper and Conference Presentation
Full Paper	Conference Presentation	Interactive Version	Papers & posters in this theme	All Papers & posters	AusWeb96 Home Page

AusWeb96 The Second Australian WorldWideWeb Conference "ausweb96@scu.edu.au"