Handle System Namespace and Service Definition Sam X

Handle System Namespace and Service Definition Sam X. Sun ssun@cnri. reston. va. us http: //www. handle. net

Agenda • • Design Objective Namespace Definition Data Model Service Model Protocol Model Handle System and DNS Handle System and X. 500/LDAP

HS Design Objective • • • Uniqueness, Persistence, Extendable Scalable, Distributed Service Model Secured Name Service International Support Distributed Administration Service Efficient Resolution Service

HS Namespace • Handle Syntax <naming authority> / <local name> where each NA represent a local namespace. • Example: 10. 1045/january 99 -bearman cnri. test/my-test-handle

HS Data Model Each handle can be assigned with a set of value records, at least one of them defines its administrator. For example, cnri. test/my-test-handle

Handle Value Record Index type data TTL permission timestamp reference identifies the value record a UTF-8 string, registered as handle data, preceded by its length relative/absolute public read/write, admin read/write for administration/caching purpose list of handle value references (for added credential)

Handle Admin Record - HS_ADMIN admin. Ref refer to another handle value record admin. Permission - add/delete naming authority - add/delete handle - add/delete/modify handle value - add/delete/modify administrator

Handle System Service Architecture

HS Service Delegation Local Handle Service Global Handle Registry Local Handle Service (e. g. CNRI) Local Handle Service …. . . (e. g. ETSI) (e. g. DOI) • Global Service manages namespace registration in terms Naming Authority (NA). • Local Service manages names under registered NAs.

HS Service Distribution A Handle Service (Global/Local) configuration example: NT 1 NT 2 Sparc 1 Sparc 2 NT 3 NT 4 Site 2 Site 1 M a i n F r a i m Site 3 • Service sites replicate each other for load balancing. • Add more servers per site to support ever growing namespace.

Service Definition: HS_SITE Record version identifies HS_SITE info format serial. No identifies its data version primary. Mask primary/secondary/multi-primary hash. Option by handle/local name/NA attribute. List description, . . . Server. List { list each server at the site} <server. ID, address, public key, transmission protocol, port number> …. . .

Handle Protocol Model Envelop + Header + Body + [ Signature ] where envelop - defines version and other options header/body - requests/response data signature - covers header/body only

Handle Protocol Model (cont. ) • Client queries the Global Handle Registry for responsible local handle service • Global Handle Registry returns the service information, signed if required • Client sends service request to the local handle service • Local handle service sends response to client, performs authentication if necessary

HS Authentication Protocol • Client sends service request • Server issues challenge if authentication is required • Client returns response to the challenge plus the administrator reference • Server perform request upon successful authentication

Handle System and DNS • Different Naming Structure. (URL like) • More scalable service model in terms of multiple servers for any service site. • Access control model that allow distributed administration. • Namespace I 18 N. • Independent Name Service that will not conflict to network address translation.

Handle System and X. 500/LDAP • Simple data model at any service site v. s. hierarchical data model used by X. 500/LDAP. • Simple/quick resolution service v. s. complicated search/query. • May work together to compliment each other.

References • Handle System home page: – http: //www. handle. net • Digital Object Identifier (DOI) – http: //www. doi. org • IETF drafts – draft-sun-handle-system-03. txt – draft-sun-handle-system-def-01. txt