USC
University of Southern California
USC Authentication & Authorization

   

Welcome to USC Authentication & Authorization for Electronic Resources

USC is proud to be in the forefront of applying current developments in the field of electronic authentication and authorization to the services that are provided by the Information Services Division.

USC's commitment to excellence in the area of networks and electronic Resources is apparent in ISD's ongoing support of the National Middleware Initiative, sponsored by Internet2 and the National Science Foundation.

Authentication

Authentication is the process that is used to prove that you are who you say you are.

An example of a well-known and accepted offline authentication method is presenting your driver's license as proof of identity when making a credit card purchase.

An example of a well-known and accepted electronic authentication method is entering a password when using a secure Internet site to make a purchase at a retailer on the Web.

USC uses several methods for electronic authentication. The foremost among these is PubCookie, a Web Initial Sign-On (WebISO) method that allows people with USC Unix login IDs to authenticate once, then subsequently use any PubCookie-enabled service available without having to authenticate to each service individually.

If you would like to learn more about PubCookie at USC, please click on the link to authX:Services in the navigation bar on the left.

If you would like to use PKI authentication and need a host or persistent-service certificate signed by the USC PKI Lite CA, please click on the link to authx:USC CA in the navigation bar on the left.

Authorization

Authorization is the process that verifies what you're allowed to do, once you've already proven that you are who you say you are. That is, once you have authenticated, you will need to be authorized to gain access to restricted data or services.

USC has recently successfully implemented a Shibboleth origin, and ISD strongly encourages anyone who needs both authentication and authorization for web-based applications within the usc.edu domain to install a Shibboleth target that uses the USC Shibboleth origin for these services.

If you would like to learn more about Shibboleth at USC, please click on the link to authX:Services in the navigation bar on the left.


Last modified 01 September 2004 by shelley