Académique Documents
Professionnel Documents
Culture Documents
1. Document Identification
2. Background
The past few years have seen an explosion in the demand for access to Corporate
Applications. Up until now it has been possible to limit the accessibility of this data to
staff based at the University. This has been achieved through a combination of
firewall and other access restrictions based on the IP address of the requesting user.
Under this regime access to Corporate Applications from off campus can only be
achieved by using the University Dial In Service to ‘incorporate’ the external user
into the Edinburgh domain. Effectively there are no Internet accessible Corporate
Applications.
Over the next 18 months it is anticipated that this policy will come under pressure
with increasing demands for business functionality and data to be delivered beyond
the bounds of the EdLAN. These initiatives include:
Edinburgh Student Portal (ESP) – delivering information to students both on and off
campus.
Satisfying these increasing demands whilst retaining the security and integrity of the
University’s critical business data will be a key challenge over the next few years.
3. Objectives
In May 2001 MIS, with support from EUCS FMD Unix, commissioned external
consultants IS Integration Ltd to assist in the creation of a skeleton network
infrastructure to permit various University departments to securely host internet-
enabled service provision and conduct e-commerce transactions from within the
existing University network.
This project seeks to build on this work to complete the implementation of the secure
network infrastructure and establish a platform for the secure conduct of eCommerce.
4. Benefit Statement
eCommerce and the use of the Internet offer exciting business opportunities for the
University however it is vital that proper safeguards are put in place to maximise
these whilst protecting the University’s software, hardware and data assets from
unauthorised access and exploitation. The reputation of the University could be at
stake if proper safeguards are not in place. This project seeks to deliver a robust,
secure, scalable platform to enable the University to obtain maximum benefit from the
Corporate Application portfolio.
5. Scope
This project seeks to build on this work to complete the implementation of the secure
network infrastructure and establish a platform for the secure conduct of eCommerce.
It does not address the requirements for off EdLAN access to existing Corporate
Applications.
6. Deliverables
The project assumes that no production eCommerce systems that require this
infrastructure will be implemented before September 2002. If this assumption is
incorrect it may be necessary to review priorities and bring forward spending to the
current financial year.
SSL implementation will use the Edinburgh University Root Certificate established
and managed by EUCS.
Proposed hardware spending aims to meet the needs of current known projects, in
particular Internet Payment Gateway related projects such as eReceipting. It is likely
that additional hardware will require to be procured during 2003-2004 if demand for
eCommerce solutions increases significantly.
Removal of web services from database servers is dependent on the completion of the
migration of web based Corporate Applications to Brodie during the remainder of
2001/2002. This project is currently in progress.
9. Costs
Staff
MIS DSG -Dev Pool 10 Resource Days
MIS DSG - TS 50 Resource Days
MIS BSG – 10 Resource Days
MIS CSG - 5 Resource Days
EUCS FMD Unix – 50 Resource Days
Business Partners – 10 Resources Days (For Testing)
Consultancy
Nil.
Hardware
Allow £30,000 for Database And Application Servers – More Detailed Estimate To
Follow
Software
£5000 for Application Server Software
10. Approved/Rejected