SECURE CONFERENCING

University College London

University College London was founded in 1826, the only other Universities in England at the time being those of Oxford and Cambridge. Currently, there are more than 16,000 students, including over 4,000 graduate students. The Department of Computer Science is one of the leading research and teaching departments in the country being heavily involved in numerous international collaborations with many academic and commercial organisations.

Secure Conferencing

A vital part of secure conferencing on the Internet is the ability to keep communications confidential and authenticate participants. We have provided a web-based system for the storage and access of multicast conference information in a secure way. Once a user has installed the necessary components, namely the video-conferencing Mbone tools VIC (video), RAT (audio) and NTE (text), and obtained a connection to the multicast network they are ready to use secure conferencing.

The user must obtain a certificate from a trusted CA. This is a CA which is either part of the ICE-CAR hierarchy (i.e. one of the secure Trustfactories) or one that is specifically trusted by our secure conference store (e.g. Verisign). The trusted CAs perform verification of the user before issuing them with a certificate. Once such a certificate has been obtained the user simply accesses the secure conference store at:

https://www-secure.cs.ucl.ac.uk/

Upon first connecting to the store their certificate is checked and a username is created from the information contained within it. This username is then added to the list of registered participants.

Users can create Conference Groups and so become Group Managers. These groups may be for a particular project such as ICE-CAR. Group Managers can add, or remove, any registered participants to the Access Control list (ACL) of any groups they manage. In addition, if the issuing CA revokes the user's certificate, they will no longer have access to the conference store (NOTE: Only minimal revocation is currently implemented).

Details of conferences created within certain groups can only be accessed by members of that group. Once a user sees a conference he is interested in joining he simply clicks on the conference and all the secure Mbone tools are started automatically. This is done by the UCL SPAR (Sdp PARser) Java applet which is platform independent and needs no browser configuration. Any web browser supporting HTTP-S can access the secure server. Joining conferences using the SPAR Java applet requires either Netscape's Communicator or Microsoft's Internet Explorer 4/5. If Microsoft Internet Explorer is used, IPv6 is supported.