Non-profit, member-based IT support for research & educational institutions


Exploring Access to External Content Providers with Digital Certificates

Authentication: the verification of the identify of an entity

Authorization: the process by which an entity is allowed given to a network

Browser: any program for the World Wide Web that allows users to read hypertext documents and navigates between them

Content Provider: any organization that packages and delivers information, data or resources; for the purpose of this pilot, the data is delivered digitally.

Database: Related information stored in one location in a digital format. Dependant upon the software used to manage a database, minimally, information can be added to, retrieved from and sorted.

Digital Certificate: digital files that certify the identity of an individual or institution seeking access to computer-based information

Digital Library: library that encodes journals, books and information into a digital format

Digital Signature: a coded message added to a document or data that verifies the identity of the sender

Directory Service: a specialized database that combines hardware and software with institutional policies and procedures and interconnects with many computer networks and information sources.

EduPerson: an LDAP object class that includes widely used person attributes in the higher education community

Hepki: Higher Education Public Key Infrastructure

Hepki-Pag: Higher Education Public Key Infrastructure- Policy Advisory Group

Hepki-Tag: Higher Education Public Key Infrastructure – Technical Advisory Group

Kerberos: An authentication system developed at the Massachusetts Institute of Technology (MIT). Kerberos is designed to enable two parties to exchange private information across an otherwise open network. It works by assigning a unique key, called a ticket, to each user that logs on to the network. The ticket is then embedded in messages to identify the sender of the message.

LDAP: Lightweight Directory Access Protocol . This protocol provides access for management and browser applications that provide read/write interactive access to the X.500 Directory (the CCITT and ISO Standard for electronic directory services.)

Middleware: Software that connects two otherwise separate applications OR separate products that serve as the glue between two applications. It is, therefore, distinct from import and export features that may be built into one of the applications. Middleware is sometimes called plumbing because it connects two sides of an application and passes data between them. (For example, there are a number of middleware products that link a database system to a Web server. This allows users to request data from the database using forms displayed on a Web browser, and it enables the Web server to return dynamic Web pages based on the user's requests and profile.)

PKI: Public Key Infrastructure.The combination of standards, protocols and software that support digital certificates.

Repository: a generic term used to denote any logically centralized database capable of storing information and disseminating that information when requested to do so

Root Certificate: a top level certificate that comes from a certification authority service and is issued to organizational certificate authorities to establish a basis for trust among institutional participants.

Shibboleth: an internet2 project to investigate technology to support inter-institutional authentication and authorization for access to web pages.


CREN: a non-profit member organization of over 220 universities, colleges and research organizations whose mission is to support higher education and research organizations with strategic IT knowledge services and communication tools.

Educause: a non-profit association of more than 1,800 colleges, universities and education organizations whose mission is to advance higher education by promoting the intelligent use of information technology.

Inernet2: a consortium being led by over 180 universities working in partnership with industry and government to develop and deploy advanced network applications and technologies, accelerating the creation of tomorrow’s internet.


For additional glossary assistance, please refer to the following site: