Description Overview
Access to campus Internet resources is controlled by Distauth in order to protect copyright agreements, software
licensing and distribution agreements, intellectual property, and student privacy rights. The Melvyl
database, other specialized databases, class-related Web pages, site-licensed software, restricted
departmental services, and UCD newsgroups are some examples of services that were once inaccessible
via a commercial Internet Service Provider.
Authentication
Simply stated, authentication proves your identity, just as logging in to your campus computer account with
your user name and password verifies your identity to a particular computer system. In this case,
authentication refers to providing your identity to the campus Kerberos server. (Kerberos was conceived at
Massachusetts Institute of Technology as a secure way to allow users and services to authenticate themselves
to each other.) The name and password required in this case are your UCD LoginID
and your UCD Kerberos password.
Improved Security
Distributed authentication service can support more restricted levels of access (which is
particularly useful whenever security concerns are high) and can be tailored to departmental needs.
Web site managers on campus and at the UCD Medical Center may install Distauth on
their local Web servers, configuring each server to restrict access to a specific set of files and directories.
This service takes advantage of elements of the distributed computing infrastructure already in place on campus, including:
- The certificate service on the campus‘ high security Web server, the AFS file server (used with the Banner and DaFIS administrative applications);
- The Kerberos server; and
- The SSL (secure socket layer) encryption capabilities provided by modern Web browsers and servers.
Accessing Internet Resources with Distauth
In order to read restricted Web pages or news services, you must first prove your association with the campus by entering your UCD LoginID and Kerberos password. Once you have proven your affiliation, you will be able to read any Web page secured within the ucdavis.edu domain for the duration of your browser session.