Скачать презентацию The Handle System ITU Focus Group on Identity
9474319a5d749d949f37b961812d4447.ppt
- Количество слайдов: 22
The Handle System ITU Focus Group on Identity Management Geneva, February 2007 Norman Paskin Corporation for National Research Initiatives http: //www. cnri. reston. va. us/
The Handle System and Identity Management • Norman Paskin n. paskin@tertius. ltd. uk – Corporation for National Research Initiatives – Member of Handle System Advisory Committee – I manage one implementation of the Handle System (DOI) • Handle System: a practical tool, in use today, deployed in several content sectors to deal with managing information on digital networks Outline of the presentation: • Relevance to the ITU FG • Background • Handle System overview • Applications • Some projects • Usage statistics • Topics relevant to identity management: security, granularity • Relation to the Domain Name System • Management and standards
The Handle System and Identity Management • The Handle System is “a general purpose distributed information system that provides efficient, extensible, and secure identifier and resolution services for use on networks such as the Internet. ” • Fits ITU FG scope: “management of. . . attributes of an entity” • “The network level and in general lower layers have not been addressed sufficiently with regard to digital identity, and this remains a weak point in standardization and research” – ITU Workshop on Digital Identity for Next Generation Networks, Dec 06 • A non-commercial, openly available protocol and reference implementation • Can utilise existing or new numbering schemes • Developed at Corporation for National Research Initiatives (US) • www. handle. net
The Handle System and Identity Management • “Digital information needs to be a first class citizen in the networked environment” • First class = one that has an identity independent of any other item • Current internet less than optimal for security, privacy, mobility. • Original Internet design conflated addresses to serve two purposes: an indication of the location of the end point, and an indication of its identity – now recognised as a limitation (see e. g. New. Arch*, FIND**) *Future generation Internet architecture http: //www. isi. edu/newarch/ **Future internet network design http: //find. isi. edu/ • The fundamental characteristic of digital information is that it is processable data, enabling re-use and hence new forms of electronic commerce, creativity and social benefit. • Managing these units of digital information, the “citizens” in the network, requires that they have unique names (or “identifiers”) denoting a specific referent, and the ability to manage their attributes • Objects (“citizens”) may be representations of content, people, parties, resources, licences, avatars, sensors, etc.
Part of Digital Object Architecture • Handle System is part of a wider architecture (but entirely separable and usable alone) • Managing information in the Net over very long periods of time – e. g. centuries or more • Dealing with very large amounts of information in the Net over time • When information, its location(s) and even the underlying systems may change dramatically over time • Respecting and protecting rights, interests and value • Robert Kahn/Robert Wilensky “A framework for distributed digital object services” 1995 – http: //www. cnri. reston. va. us/k-w. html
Terms • Identifier: unique persistent string (“number”, “name”, “identifier”) assigned to a referent – Unique: one to many: an identifier specifies one and only one referent (but a referent may have more than one identifier) – Persistent: once assigned, does not change referent • Resolution: process by which an identifier is input to a network service which returns some information • Referent: the object to which the identifier is assigned, whether or not resolution returns that object. – may be abstract, physical or digital, since all these forms of object are of relevance in identifier management (e. g. creations, resources, agreements, people, organisations) – classical ontology issues – Digital object: an instance of an abstract data type
Handle System overview • • • Basic Internet resolution system: identify objects, not servers. Optimized for speed, reliability, scaling Open defined protocol and data model (IETF RFC 3650, 1, 2) – free protocol; service at low cost (non-profit); – freely available to be used as engine underneath other named identifiers. • Separation of control of the handle and who runs the servers – distributed administration, granularity at the handle level • Any Unicode character set – internationalisation • All transactions can be secure and certified – Both registration and resolution • • Not all data public: individual values within a handle can be private. No semantics in the identifier Logically centralized, physically distributed and highly scalable Does not need DNS, but can work with DNS: – deployed via tools e. g http proxies, client plug-ins, server software, etc
Handle syntax • A Handle consists of a prefix and suffix e. g. 123/4567 • Prefix and suffix may be any length e. g. 256. 1234/456 -mydoc-456584893489 • Suffix may incorporate another identifier numbering scheme e. g. 10. 1234/ISBN 0 -7894 -7764 -5 Thereby adds functionality to that numbering scheme Shorter prefixes (1 -3 digits) reserved for major projects, countries, etc.
Handles resolve to typed data Schematic (simplified) representation of a handle record Handle Data type 10. 123/456 Handle value(s) Data value Index Suffix 1 http: //acme. com/…. URL Prefix URL 2 http: //a-books. com/…. DLS 3 acme/repository HS_ADMIN XYZ 100 12 acme. admin/jsmith 10011110 One or more Handle values (type: value) Resolution can return all values, or all values of one type
Handles resolve to typed data Fuller representation of a handle record: e. g. the handle "10. 1045/may 99 -payette" has a set of three handle values:
Handle System: typing • A handle has a set of values assigned to it = a record that consists of a group of fields. •
Handle System usage (1) • • http: //www. handle. net/apps. html Provides infrastructure for application domains, e. g. digital libraries & publishing, network management, id management. . . • International DOI Foundation – Federation of several independent applications including e. g. • • • Cross. Ref (scholarly journal consortium: covers 90+% of literature) Office of Publications of the European Community (EC documents) MEDRA (Multilingual European DOI Registration Agency) Nielsen Book. Data, R. R. Bowker, et al (bibliographic data - ISBN) German Nat. Lib. Science and Technology (science data) – adds a layer of social infrastructure (and specific rules) • Defense Virtual Information Architecture – Defense Technical Information Center (DTIC), DARPA, CNRI – context sensitive distribution of data and metadata: resolution result depends on who you are. . • GRID computing – Shared computing resources – Handle System - Globus Toolkit Integration Project
Handle System usage (2) • DSpace - Digital Repository System – MIT Libraries/Hewlett-Packard – stable, long-term storage of intellectual output of faculty, researchers, centers and labs. • National Digital Library Program (NDLP) – Library of Congress. Collections of historic materials converted to digital formats. Lo. C use handles to identify material in the library's own collections. • Los Alamos National Labs – internal doc management (600 m+) • Several Digital Library projects – e. g. ARROW http: //arrow. monash. edu. au/ • Others who may adopt RFCs: – e. g. Fedmark: independent commercial implementation of Handle protocols for digital rights system http: //www. fedmark. com/
Handle System projects • Some others of particular relevance to identity management. . . • Transient Network Architecture – Pervasive transient mobile network in which all communications occur between persistently identified entities. – CNRI/Univ New Mexico, under NSF’s FIND (Future Internet Network Design) project – http: //hdl. handle. net/2118/tna; http: //find. isi. edu/ • Using PKI capability for persistent trustworthy identity, separating: – Transport trustworthy (name/attribute is binding) – Administration trustworthy (attribute is issued by attribute holder) – Attribute credential (attribute value is true) • Representing Value as Digital Objects: Transferability and Anonymity – Deeds of trust, mortgages, bills of lading, digital cash etc. – “Transferable records" structured as digital objects – http: //www. dlib. org/dlib/may 01/kahn/05 kahn. html • Possible Application of Handles to licences and parties – See separate talk on content industry identifiers
Handle System statistics • Assigned namespaces – DOI – D-Space – Others • (“prefix”) 2500+ 700+ Individual “Handles” (identifiers within each namespace) – DOI 25+ M – Other: 600? ? millions • total per namespace known only to namespace manager; e. g. LANL adding 600 M but privately • Global Handle System – Core three service sites (added locations being considered) – c. 60 million direct resolutions per month – c. 50 million proxy server resolutions
Handle System: security • Integrity of the Global Handle Registry service • Protected service information and public key pair used to sign global service information. • Handle protocol allows handle servers to authenticate their clients and to provide data integrity service on client request. • Handle servers can be explicitly asked to generate or return a digital signature for every service response (but normally don’t) • Public key and/or secret key cryptography may be used. • Server authentication may be used to prevent eavesdroppers from forging client requests or tampering with server responses. • Client applications can (if wished) only accept information from the authoritative Global Handle Registry (not any mirrors) and check its integrity on each update.
Handle System and DNS (1) • • See http: //www. handle. net/overviews/dns. html Similarities and differences in both the design and intended use. • Naming – DNS naming hierarchy reflects a control hierarchy, Handle system need not. – Handle separates control of handle (id) from control of server (location) • Distributed Administration – Handle administrators can add/delete identifier and identifier values securely over the public Internet. • Proxies – Technical advantages regarding resolution work behind SOCKS or HTTP proxies, both supported in Handle client library (whereas DNS resolution from behind proxies is difficult/impossible). • Unicode – Handle full native Unicode is supported. There are hacks to make DNS support 8 -bit character sets, but they are not widely implemented. • Replication – In DNS, if a single record is updated all records must be copied to mirror servers. The Handle System has finer granularity: if a single record is updated, the server will copy only that record to the mirror servers.
Handle System and DNS (2) • Certification – DNS has to be fast, especially at the root. Not very good for alternative uses, e. g. certificates. Handle System has more flexible and robust certification support. • Access Control – Handle System has support for access control and authentication. DNS does not • Record Size – Technical advantages regarding UDP and TCP handling: more efficient request handling; much larger storage in a record (DNS 64 KB, Handle System 4 GB). • Examples of integration with DNS: – CNNIC Handle implementation offers secured DNS resolution via a Handle protocol interface. Further work will package the Handle-DNS software for public release; deploy the Handle-DNS server in “. cn” TLD registry and its subsidiaries; and establish an ENUM service and client software based on the Handle-DNS interface. – Client library and proxies for use with http etc.
Handle System and granularity • Functional Granularity: “it should be possible to identify an entity whenever it • • • needs to be distinguished” First class naming: “Digital objects should have first class names” DNS naming hierarchy reflects a control hierarchy – DNS: who runs acme. com controls who runs branch. acme. com – Handle separates control of handle (id) from control of server (location) Handles are first class names : – URLs: grouped by domain name and then by some sort of hierarchical structure, originally based on file trees – Handles: each name stands on its own, unconnected to any DNS or other hierarchy. Can avoid broken URLs when control changes Ownership: In DNS, the system administrator is considered the owner of the data, in the Handle System the prefix administrator is considered the owner. – Each Handle identifier and prefix can have its own set of administrators independent from the system administrator. Relationships between objects can be expressed: – If you want to build a hierarchy you can – but on any basis – Handles can refer to other handles (some applications have introduced a detailed data model to allow this – e. g DOI)
Handle System management and standards • Specification – RFC 3650: Overview – RFC 3651: Namespace and Service Definition – RFC 3652: Protocol • Do. D Instruction 1322 – Mandates Handle System use as part of Advanced Distributed Learning • ISO standards track for DOI – A Handle application for the content sector – ISO TC 46/SC 9 (home of ISBN etc) • Governance: HSAC - Handle System Advisory Committee – Approx 15 members representing big users – Goal: evolve to oversee the system, autonomous (IETF etc) – Currently by invitation; interest welcomed
Handle System home page www. handle. net
The Handle System ITU Focus Group on Identity Management Geneva, February 2007 Norman Paskin n. paskin@tertius. ltd. uk TERTIUS Ltd