X 500LDAP as OID and URN resolver Erik
- Slides: 36
X. 500/LDAP as OID and URN resolver Erik Andersen’s L-Service era@x 500. eu
Hierarchical idendities • Object Identifiers (OIDs) uniquely identifies object by recognising the hierarchical structure of objects • Uniform Resource Names (RDNs) uniquely identifies object by recognising the hierarchical structure of objects • Directory Distinguished Names uniquely identifies object by recognising the hierarchical structure of objects According, these identifiers can be mapped into each other However - - -
Mapping to the DIT The Directory Distinguished Name is not only a hierarchical identity scheme The Directory Information Tree information model is tightly related to Directory Distinguished Names Information may be associated with each component of a Distinguished Name by being stored in the corresponding entry of the Directory Information Tree
Information types Q: What kind information can you store? A: Any type! Text; photos; speech; certificates; and what ever may be represented in a digital form
Possible DIT subtree representing object identifier components Root of Directory Information Tree (DIT) ”oid. C 1 obj” (itu-t) oid. C 1 -attr=0 ”oid. C 1 obj” (joint-iso-itu-t) oid. C 1 -attr=2 ”oid. C 1 obj” (iso) oid. C 1 -attr=1 ”oid. C 2 obj” oid. C 2 -attr=0 ”oid. Cobj” oid. C-attr= 10891 ”oid. Cobj” oid. C-attr= 15459 ”oid. C 2 obj” oid. C 2 -attr=27 ”oid. Cobj” oid. C-attr= 15961 ”oid. Cobj” oid. C-attr=8 ”oid. Cobj” oid. C-attr=1 ”oid. Cobj” oid. C-attr=4 ”Object class (type of entry)” ”oid. Cobj” oid. C-attr=9 ”oid. Cobj” oid. C-attr=n 1 ”oid. Cobj” oid. C-attr=12 ”oid. Cobj” oid. C-attr=5 Attribute with value (entry content) ”oid. Cobj” oid. C-attr=n 2 ”oid. Cobj” oid. C-attr=n 3
DIT subtree of OIDs defined as URNs Root of Directory Information Tree (DIT) ”urn. C 1 obj” urn. C 1="oid" ”urn. Cobj” urn. C="0" ”urn. Cobj” urn. C="15459" ”urn. Cobj” urn. C="5" ”urn. Cobj” urn. C="4" ”urn. Cobj” urn. C="5" ”urn. Cobj” ”urn. Cobj” urn. C="1" urn. C="2" urn. C="3" urn. C="4" urn. C="5" urn. C="6" urn. C="7" ”Object class (type of entry)” Attribute with value (entry content)
Representing URNs in LDAP/X. 500 Root of Directory Information Tree (DIT) ”urn. Cobj” urn. C="iso" ”urn. C 1 obj” urn. C 1="epc" ”urn. C 2 obj” urn. C 2="std" ”urn. C 2 obj” urn. C 2="id" ”urn. Cobj” urn. C="iec" ”urn. Cobj” urn. C="9594" ”urn. Cobj” urn. C="-1" ”urn. C 1 obj” urn. C 1="iso" ”urn. Cobj” urn. C="-2" ”urn. Cobj” urn. C="iso-iec" ”urn. Cobj” urn. C="8824" ”urn. Cobj” urn. C="-3" ”urn. Cobj” urn. C="15459" ”urn. Cobj” urn. C="-4" ”urn. Cobj” urn. C="-5" ”urn. Cobj” urn. C="sgtin" ”urn. Cobj” urn. C="grai" ”urn. Cobj” urn. C="sscc" ”urn. Cobj” urn. C="-6" ”urn. Cobj” urn. C="gsrn" ”urn. Cobj” urn. C="giai" ”urn. Cobj” urn. C="gdti"
X. 500/LDAP directory support for Tag-based applications Erik Andersen’s L-Service era@x 500. eu
RFID Information Acquisition 1. Some kind of object has an Radio Frequency Identification (RFID) tag attached 2. The RFID ID-tag is read by tag reader (ID terminal) 3. Information associated with the object is retrieved from some information provider using the RFID tag information as key X. 500/LDAP as the information provider
Use of Directory technology Directory infrastructure AIDC media ID terminal AIDC client system DUA or LDAP client
LDAP/X. 500 advantages • • • By use of off-the-shelf software. Use of well known technology. In some cases: – – • • a single access allows retrieval of the information associated with an RFID tag or it allows retrieving a URL for the associated information. it is not necessary to convert the UII to URN format. Relevant pieces of information may be represented by directory attributes Has extensive search and filter capabilities. Possibility for return of diverse and complex data structures. Extensive security functions (important in many situations, e. g. For military applications).
Players and documentation GS 1 EPCglobal (http: //www. epcglobalinc. org) GS 1 General Specifications, Version 10 EPCglobal Tag Data Standards, Version 1. 5 ISO/IEC JTC 1/SC 31 ISO/IEC 15418, ISO/IEC 15459 Series, ISO/IEC 15961 Series, ISO/IEC 15962 , ISO/IEC 15963, ISO/IEC 18000 Series, ISO/IEC 19762 Series The list is certainly not complete
Players and documentation (cont. ) ISO TC 122 ISO 17363 to ISO 17367 Common Working Group ISO TC 104 ISO/TS 10891, ISO 10374 ITU-T Q. 12/17 | ISO/IEC JTC 1/SC 6 WG 9 ITU-T X. 668 | ISO/IEC 9834 -9 ITU-T SG 13 ITU-T Y. 2213 The list is certainly not complete
18000 -6 C & 3 m 3, Memory structure Data Objects formatted: ¥ Precursor, [OID], length, Object ¥ Sensors/Battery-assist ¥ See ISO/IEC 15961 and ISO/IEC 15962 Memory Banks 11 [User] 10 TID 01 UII 00 Reserved [ ] = Optional UII = Unique Item Identifier ¥ ¥ [Extended Protocol Control] UII (may be EPC) Protocol Control CRC-16 Access Password Kill Password MDID Part number Serial number Burned in or written and permalocked by IC manufacturer
Memory Bank 01’B Length in words (of 16 bits) Protocol Control Cyclic Redundancy Check (16 bits) Length (5 bits) (Confirms UII memory content) AFI (ISO) Reserved (EPC)$ (8 bits) Toggle bit: 0=EPC/1=ISO AFI = Application Family Identifier EPC = Electronic Product Code UII = Unique Item Identifier UII Zero fill to Word boundary
Relevant tag information for directory support In a RFID based application an ID-terminal reads data from an ID-tag From the point of this presentation, the data that is of most interest is: A toggle switch telling whether the tag content is defined by the GS 1 EPC specifications or by ISO or ISO/IEC International Standards The Unique Item Identifier (UII) – EPC UII or ISO UII An Object Identifier (OID) and/or Application Family Identifier (AFI) for ISO UIIs
Uniqueness of UII EPC: A UII {EPC} is unique within the scope of EPC UII Header Toggle switch EPC application is indicated by first octet (header) of UII ISO: An Object Identifier + UII {ISO} is unique within the scope of ISO OID And/or + UII AFI A particular UII may have two formats: RFID binary format A numeric character or alpha numeric format
GS 1 EPCglobal
EPC Search using the EPC UII in a limited environment Attribute Value Assertions X. 500/LDAP Data base EPC UII AIDC media Filter: epc. Uii ID terminal Entry epc. Uii <content> | content. Url (uii. In. Urn, tag. Location) uii. In. Urn content. Url or <content> tag. Location
Search using the (AFI, UII) tuple Attribute Value Assertions X. 500/LDAP Data base AFI + UII AIDC media Filter: tag. Afi & iso. Uii ID terminal Entry <content> | content. Url [uii. In. Urn, tag. Oid, tag. Location] tag. Oid tag. Afi iso. Uii uii. In. Urn content. Url or <content> tag. Location
SGTIN-96 Partitions (Serialized Global Trade Item Number – 96 bits) Filter Partition 44 bits Header x’ 30’ F 0 Header x’ 30’ F 1 Header x’ 30’ F 2 Header x’ 30’ F 3 Company Prefix Header x’ 30’ F 4 Company Prefix 38 bits Company Prefix Header x’ 30’ F 5 Header x’ 30’ F 6 Company Prefix Serial Number Item Reference Company Prefix Item Reference Serial Number Serial Number
Retrieving EPC UII format information Attribute Value Assertions X. 500/LDAP Data base EPC UII AIDC media Filter: (epc. Header & epc. Partition) ID terminal UII type entry epc. Header epc. Partition uii. Format <Misc. Info> uii. Format
Formatting information The formatting information returned from the directory allows separation of UII into components A printed character representation may be produced A URN representaion of the UII may be generated
The URN DIT Subtree for EPC UIIs ”urn. C 1 obj” urn. C 1="epc" ”urn. C 2 obj” urn. C 2="id" ”urn. Cobj” urn. C="sgtin" Company Prefix level Item Reference level Serial number level ”urn. Cobj” urn. C="sscc" ”urn. Cobj” urn. C="igln" ”urn. Cobj” urn. C="grai" ”urn. Cobj” urn. C="giai" ”urn. Cobj” urn. C="gsrn" ”urn. Cobj” urn. C="793591651" ”urn. Cobj” urn. C="9179" ”urn. Cobj” urn. C="9180" ”urn. Cobj” urn. C="9181" ”urn. Cobj” urn. C="793591651" urn. C="793591652" urn. C="793591653" ”urn. Cobj” urn. C="gdti"
ISO/IEC 15459 Format retrieval ISO/IEC 15459 Series specifies rules for identification of Transport Units A Transport Unit is assigned a so-called license plate (UII) A transport unit is handled by several parties, sender, receiver, carriers, customs authorities, etc. Determination of length of UII components
General ISO/IEC 15459 Data Identifier format DI IAC Company Identification Number (CIN) Issuing Agency Code Serial Number/ Part Number 6 bits character encoding Data Identifier (DI): A specified character (or string of characters) that defines the general category or intended use of the data that follows. Consists of one alphabetic character alone or prefixed by one to three numeric characters Values registered by ANSI MH 10. 8. 2 Examples: 25 S Id of a party identified by IAC and CIN followed by a Serial Number J Unique license plate number – unspecified – max 35 characters 1 J to 6 J Unique license plate number – different type of packeting / EDI data – max 20 or 35 characters 25 P Id of a party identified by IAC and CIN followed by a Part Number 25 B As for 25 S for a returnable transport item
Issuing Agency Codes • A Issuing Agency is an entity for allocating identities to organisations (companies) • An issuing Agency is given a unique Issuing Agency Code (IAC) • The IAC together with the assigned organistion identity is globally unique identification of the organisation. • IACs are allocated by Registration Authority, which currently is Nederlands Normalisatie-instituut List of assigned IACs may be found here: http: //iso 15459. nen. nl
Retrieving ISO UII format information Attribute Value Assertions X. 500/LDAP Data base AFI and ISO UII AIDC media Filter: (tag. Afi & iso. Tag. Di & iso. Tag. Iac) ID terminal UII type entry tag. Oid tag. Afi iso. Tag. Di iso. Tag. Iac uii. Format <Misc. Info>
URN generation • IANA registers URN name spaces, i. e. the first component after the lead urn: component. • Two registration of interest: – epc - to generate a URN from an EPC UII Example: urn: epc: id: sgtin: 0614141. 000024. 400. – iso – to generate a URN from an ISO UII • Proposal for ISO/IEC 15459: – urn: iso: std: iso-iec: 15459. <DI>. <IAC>. <CIN>. <serial/part number> – Example: urn: iso: std: iso-iec: 15459: 25 S. UN. 043325711. MH 803120000001 Data Identifier (DI) Issuing Agency Code (IAC) Company Identification Number (CIN) Serial/part number
Representing URNs in LDAP/X. 500 ”urn. C 1 obj” urn. C 1="iso" ”urn. C 2 obj” urn. C 2="std" ”urn. Cobj” urn. C="iso" ”urn. Cobj” urn. C="iso-iec" urn. C="iso-ieee" ”urn. Cobj” urn. C="15459" ”urn. Cobj” Data Identity level urn. C="25 B" urn. C="25 P" urn. C="25 S" ”urn. Cobj” urn. C="J" Issuing Agency Code level ”urn. Cobj” urn. C="J" urn. C="KDK" urn. C="OD" Company Identification Number level ”urn. Cobj” urn. C="123456789" Serial/Part Number level ”urn. Cobj” urn. C="1 J" ”urn. Cobj” urn. C="SI" ”urn. Cobj” urn. C="234567890" ”urn. Cobj” urn. C="MH 803120000001" ”urn. Cobj” urn. C="2 J" ”urn. Cobj” urn. C="3 J" ”urn. Cobj” urn. C="UN" urn. C="VIB" ”urn. Cobj” urn. C="345678901" ”urn. Cobj” urn. C="MH 803120000002" ”urn. Cobj” urn. C="MH 803120000003"
Use of digital signature Attribute Value Assertions X. 500/LDAP Data base Filter: tag. Afi & iso. Uii AFI + UII Signed Info AIDC media Entry ID terminal <content> | content. Url pki. Path [uii. In. Urn, tag. Oid, tag. Location] tag. Oid tag. Afi iso. Uii uii. In. Urn content. Url or <content> tag. Location pki. Path
Distribution of URN subtree ”urn. C 1 obj” urn. C 1="iso" urn. C=123456789 Company site ”urn. C 2 obj” urn. C 2="std" <Misc. Info> ”urn. Cobj” urn. C="iso" ”urn. Cobj” urn. C="iso-iec" urn. C="iso-ieee" ”urn. Cobj” urn. C="15459" ”urn. Cobj” urn. C="25 B" urn. C="25 P" urn. C="25 S" ”urn. Cobj” urn. C="J" ”urn. Cobj” urn. C="J" urn. C="KDK" urn. C="OD" ”urn. Cobj” urn. C="123456789" ”urn. Cobj” urn. C="1 J" ”urn. Cobj” urn. C="SI" ”urn. Cobj” urn. C="234567890" ”urn. Cobj” urn. C="2 J" ”urn. Cobj” urn. C="3 J" ”urn. Cobj” urn. C="UN" urn. C="VIB" ”urn. Cobj” urn. C="345678901"
Directory infrastructure for specific application Master directory X. 500/ LDAP Data base Company directory X. 500/ LDAP Data base
Several independent infrastructures Defence organisation Aviation industry Auto industry Container shipping
ITU-T Y. 2213 support requirements Not affected by a single of failure Location-based service support Forward identifier resolution As shown in examples above Reverse identifier resolution Identification of tag/tag reader from associated information One-to-many association between tag and users Different information associated with tag for different users We have all answer to all that
END
Synesthesia literary device
Urn a contains 2 red and 3 blue marbles
Sample space of a 6 sided die
Article 15
An/urn-25
Ode on a grecian urn literary devices
International arrival urn
Byron shelley and keats mastery test
Ode on a grecian urn paraphrase
Ode on a grecian urn summary
Spectral matching radiography
Tropia suffix
Orfografik malakalarni shakllantirish
Antik davrda ta'lim tarbiya
Ayrisimon bez
Oid france
Hadislarning tarbiyaviy ahamiyati
Nutq texnikasining asosiy tarkibiy qismlari
Abdurahmon jomiy pedagogik qarashlari
Individ atamasi nimani anglatadi
Harakatga doir masalalar
Tarbiyaviy hadislar
Mufradot nima
Muskulning asosiy funksiyasi
Oid hijos la enseñanza de un padre
Oid amadeus
Matematika devoriy gazeta
Avestoda talim tarbiyaga oid fikrlar
Foizlarga doir masalalar
Snmp custom oid
Foizlarga oid masalalar
Object identifier oid
Fazoda tekisliklarning o'zaro joylashuvi
Yarimorollar
Erkin mashqlar
Resuelve los siguiente problema
Resuelve las siguientes preguntas
