1 / 42

Directories

Learn about X.500 Directory Specification, a global purpose directory system created jointly by ISO/IEC and ITU-T. Explore the structure, editions, and extensions of X.500.

eday
Download Presentation

Directories

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Directories Erik Andersen Consultant, Andersen's L-Service

  2. What is a directory? A repository for information about objects of particular interest! Examples: • white pages paper telephone directory • yellow pages paper telephone directory • price list • department store catalogue • e-mail directory • other electronic directories • etc. ITU-T SG17 Tutorial - Geneva, 7 March 2002

  3. Existing Recommendations • The X.500 series:The OSI Directory • F.500:International public directory services • E.115: Computerized directory assistance • F.510:Automated directory assistance,white page service definition ITU-T SG17 Tutorial - Geneva, 7 March 2002

  4. Work in progress • X.500 extensions • F.511:Directory Profile for the support of the ITU-T F.510 Requirements • F.515:Unified Directory SpecificationE.115 replacement ITU-T SG17 Tutorial - Geneva, 7 March 2002

  5. The X.500 Directory Specification • An X.500 Directory is a general purpose directory • Gives a set of specifications for: • how objects are represented by entries in the Directory • how objects represented in the Directory are named • how information about objects is created, organised, interrogated, updated and deleted ITU-T SG17 Tutorial - Geneva, 7 March 2002

  6. The X.500 Directory Specification (cont.) • An X.500 Directory is distributed allowing: • the establishment of a global Directory • information to be maintained by the owner of information • a separation between public and private domains • possibility for replication of information ITU-T SG17 Tutorial - Geneva, 7 March 2002

  7. The X.500 Directory Specification (cont.) • Developed jointly by ISO/IEC and ITU-T as • ISO/IEC 9594 multi-part International Standard • ITU-T X.500 Series of Recommendations ITU-T SG17 Tutorial - Geneva, 7 March 2002

  8. The X.500 Directory Specification (cont.) • Available in several editions: • 1988: ISO/IEC 9594 : 1990 CCITT Rec. X.500 (1988) • 1993: ISO/IEC 9594 : 1995 ITU-T Rec. X.500 (1993) • 1997: ISO/IEC 9594 : 1998 ITU-T Rec. X.500 (1997) • 2001: ISO/IEC 9594 : 2001 ITU-T Rec. X.500 (2001) ITU-T SG17 Tutorial - Geneva, 7 March 2002

  9. X.500 Document Structure ISO/IEC 9594-1 | X.500 Overview of Concepts, Models, and Services ISO/IEC 9594-2 | X.501 Models ISO/IEC 9594-3 | X.511 Abstract Service Definition ISO/IEC 9594-4 | X.518 Procedures for Distributed Operation ISO/IEC 9594-5 | X.519 Protocol Specifications ISO/IEC 9594-6 | X.520 Selected Attribute Types ISO/IEC 9594-7 | X.521 Selected Object Classes ISO/IEC 9594-8 | X.509 Public-Key and Attribute Certificate Frameworks ISO/IEC 9594-9 | X.525 Replication (post-1988) ISO/IEC 9594-10 | X.530 Use of Systems Management for Administration of the Directory (post-1993) ITU-T SG17 Tutorial - Geneva, 7 March 2002

  10. Root Entry representing an object c=GB c=DK o=ALS o=Fallit A/S o=Broke Ltd ou= Udvikling ou=Salg cn=Ole Jensen cn=Per Yde cn=Ole Jensen Name = < cn=Ole Jensen, ou=Salg, o=Fallit A/S, c=DK > Directory Information Tree - DIT ITU-T SG17 Tutorial - Geneva, 7 March 2002

  11. X.500 extension work • Support of Distributed Paged Results within ITU-T Rec. X.500 | ISO/IEC 9594 • Support of Friend Attributes within ITU-T Rec. X.500 | ISO/IEC 9594 • Enhancements to Public-key and Attribute Certificates • LDAP Alignment • Related Entries in the Directory ITU-T SG17 Tutorial - Geneva, 7 March 2002

  12. X.509 A success story • Public-Key and Attribute Certificate Frameworks • Directory as important component of Public-Key Infrastructure ITU-T SG17 Tutorial - Geneva, 7 March 2002

  13. Basis for most security work • The Public-Key Infrastructure (X.509) (PKIX) • The European Electronic Signature Standardization Initiative (EESSI) • S-MIME • Secure Socket Layer (SSL) • Etc. ITU-T SG17 Tutorial - Geneva, 7 March 2002

  14. Directory in PKI • Registration of subscriber information • Certificate generation • Certificate dissemination • Certificate revocation management • Certificate revocation status provision ITU-T SG17 Tutorial - Geneva, 7 March 2002

  15. Other ITU-T SG17/Q9 activities

  16. F.500 - International public directory services • Developed based on the 1988 edition of X.500 • Service description for a global directory infrastructure • Was never materialised ITU-T SG17 Tutorial - Geneva, 7 March 2002

  17. E.115 - Computerized directory assistance User International server E.115 protocol Operator Local server ITU-T SG17 Tutorial - Geneva, 7 March 2002

  18. E.115 - Computerized directory assistance • Very simple protocol based on OSI • Very efficient databases behind • Have had little publicity • Widely implemented • Limited to a single application • Does not specify a naming structure • Difficult to extend to meet future requirements ITU-T SG17 Tutorial - Geneva, 7 March 2002

  19. F.510 - Automated directory assistance, white page service definition • Description of a service to replace the E.115 service • Not an implementation specification • A snapshot of the requirements at the time of development • Basis for considerable extensions to X.500 as provided by edition 4 ITU-T SG17 Tutorial - Geneva, 7 March 2002

  20. F.511 - Directory Profile for the support of the F.510 Requirements • Identified the subset of X.500 required for the support of F.510 • Defines additional information types for the support of F.510 ITU-T SG17 Tutorial - Geneva, 7 March 2002

  21. F.515, Unified Directory Specification (UDS) • Developed for "Association for European Interworking of Directory Inquiry Services" (EIDQ Association) • To become ITU-T Recommendation F.515 • Replacement of E.115 instead of X.500 ITU-T SG17 Tutorial - Geneva, 7 March 2002

  22. Rationale:X.500 seen as being complex • Originally developed for other environment • Resource demanding • Requires skilled personnel • Has many functions not needed • Migration from current E.115 systems difficult ITU-T SG17 Tutorial - Geneva, 7 March 2002

  23. E.115 Approach taken for first draft of F.515 X.500 Cut-down version of X.500 access protocol(“UDAP”) with EIDQ goodies UDS Functions ITU-T SG17 Tutorial - Geneva, 7 March 2002

  24. UDS Characteristics • Uses X.500 model and concepts • Unified Directory Access Protocol (UDAP) encoded in ASN.1 and XML • XML Schema used for the specifications • Imports attribute types from X.500 and F.511 ITU-T SG17 Tutorial - Geneva, 7 March 2002

  25. UDS Characteristics (cont.) • Can be used to access E.115 systems • Is general in nature and usable for other applications (e.g. Electronic Commerce) • Does not require, but supports naming of entries • Extensibility is built into the protocol ITU-T SG17 Tutorial - Geneva, 7 March 2002

  26. Directory activities outside ITU-T

  27. Other directory activities • LDAP within IETF • Universal Description Discovery and Integration (UDDI) • ebXML registry • CEN/ISSS/Electronic Commerce Workshop activity ITU-T SG17 Tutorial - Geneva, 7 March 2002

  28. IETF activity LDAP = Lightweight Directory Access Protocol • Originally developed as simple X.500 access protocol • Solely base on TCP/IP • Text oriented • Maps closely to DAP • Assumes X.500 model • Low cost entry • Has evolved to be a specification of an LDAP server not being X.500 compatible ITU-T SG17 Tutorial - Geneva, 7 March 2002

  29. IETF activity (cont.) LDAP = Lightweight Directory Access Protocol • Several versions: • University of Michigan implementation • RFC-1777 - Version 2 • RFC-2251 - Version 3 • An API has been developed aiding implementations ITU-T SG17 Tutorial - Geneva, 7 March 2002

  30. W3C related activities

  31. Web services WEB servicethe current buss word ITU-T SG17 Tutorial - Geneva, 7 March 2002

  32. Web services technology • Machine-to-machine integration (interoperability is the key word) • Web Services Description Language • Simple Object Access Protocol • HTTP • RPC-style communication ITU-T SG17 Tutorial - Geneva, 7 March 2002

  33. Serviceprovider Publish Bind Servicebroker Servicerequester Find Basic Web service architecture • Service providers deploy and publish services by registering them with the Service broker • Service requesters find services by searching the Service broker's registry of published services • Service requesters bind to the Service provider and consume the available services ITU-T SG17 Tutorial - Geneva, 7 March 2002

  34. Basic Web service architecture (cont.) Publish: Universal Description, Discovery and Integration (UDDI) API Find: Combination of UDDI and the Web Services Description Language (WSDL) Bind: WSDL and the Simple Object Access Protocol (SOAP) ITU-T SG17 Tutorial - Geneva, 7 March 2002

  35. Universal Description Discovery and Integration www.uddi.org ITU-T SG17 Tutorial - Geneva, 7 March 2002

  36. Universal Description Discovery and Integration (UDDI) • Registry (directory) for Business-to-Business (B2B) information • Framework for a registry of companies • A warehouse of companies Web services • Allows companies to find each other • Jointly operated UDDI Business Registry on the Web. • Leverages industry standards such as HTTP, XML, SOAP ITU-T SG17 Tutorial - Geneva, 7 March 2002

  37. ebxml.org ElectronicBusiness XML ITU-T SG17 Tutorial - Geneva, 7 March 2002

  38. Electronic Business XML (ebXML) • ebXML is a XML framework for global e-business • it allows businesses to find each other, and conduct business based on XML messages. • the framework includes specifications for: • Message Service • Collaborative Partner Agreements • Core Components • Business Process Methodology • Registry and Repository • ebXML enables businesses to implement Web services protocols (like WSDL, UDDI, SOAP). ITU-T SG17 Tutorial - Geneva, 7 March 2002

  39. The ebXML Functional Service View ITU-T SG17 Tutorial - Geneva, 7 March 2002

  40. CEN/ISSS/WS/EC activity

  41. Yellow Pages Service • Identify requirements • Sufficient information for establishing business agreement • XML access • Mapping between user perception and directory structure • Develop general Directory model and map current technologies against it: • X.500 • F.515 (UDS) • LDAP • UDDI • ebXML ITU-T SG17 Tutorial - Geneva, 7 March 2002

  42. END ITU-T SG17 Tutorial - Geneva, 7 March 2002

More Related