CNRI Handle System and its Applications

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

The Corporation for National Research Initiatives The Handle System Persistent, Secure, Reliable Identifier Resolution.
ADL Registry (Plus a Little Technological Context) Larry Lannom Corporation for National Research Initiatives
DOI update on progress Norman Paskin DOIs and journal publishing Ed Pentz, CrossRef DOIs and book publishing David Sidman, CDI [DOIs and non-English language.
IDF Patent Policy & Core DOI Specification. DOI Encyclopedia to DOI Core DOI Handbook has been the DOI encyclopedia – main developments of the DOI framework.
Handle System: DOI Technical Infrastructure Corporation for National Research Initiatives Larry Lannom December 10, 1997.
doi> Digital Object Identifier: overview
Corporation For National Research Initiatives DOIs and the Handle System 5 August 1998 Larry Lannom CNRI.
Corporation For National Research Initiatives DOIs and the Handle System 7 May 1998 Larry Lannom CNRI.
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Digital Object Architecture
A Unified Approach to Combat Counterfeiting: Use of the Digital Object Architecture and ITU-T Recommendation X.1255 Robert E. Kahn President & CEO CNRI,
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
C2001 Endeavor Information Systems, Inc. 1 Linking & CrossRef Harry E. Samuels Digital Library Projects Coordinator Endeavor Information Systems Inc.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
SMUCSE 5349/7349 Public-Key Infrastructure (PKI).
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E 36th RIPE Meeting Budapest 2000 APNIC Certificate Authority Status Report.
Handle System Overview Larry Lannom 18 May 2004 Corporation for National Research Initiatives Copyright©
Handle System Namespace and Service Definition Sam X. Sun
The Digital Object Identifier: A Tool for E-Commerce and Rights Management doi> Glen Secor 26 Nov 01.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Middleware for P2P architecture Jikai Yin, Shuai Zhang, Ziwen Zhang.
CORDRA Philip V.W. Dodds March The “Problem Space” The SCORM framework specifies how to develop and deploy content objects that can be shared and.
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
Chapter 3 Mohammad Fozlul Haque Bhuiyan Assistant Professor CITI Jahangirnagar University.
Resolving Unique and Persistent Identifiers for Digital Objects Why Worry About Identifiers? Individuals and organizations, including governments and businesses,
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Digital Object Identifier Charles Ellis: Chairman, International DOI Foundation Norman Paskin: Director, International DOI Foundation Steve Stone: Director,
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Cardea Requirements, Authorization Model, Standards and Approach Globus World Security Workshop January 23, 2004 Rebekah Lepro Metz
Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY
WSIS Forum 2011 May 19, 2011 Presentation by Robert E. Kahn
Digital Object Architecture
An XMPP (Extensible Message and Presence Protocol) based implementation for NHIN Direct 1.
Ten Minute Handle System Overview July 2012 Larry Lannom Corporation for National Research Initiatives
The DOI Standard Nettie Lagace NISO Associate Director for Programs CEAL Workshop on Electronic Resources Standards and Best Practices March.
XMPP Concrete Implementation Updates: 1. Why XMPP 2 »XMPP protocol provides capabilities that allows realization of the NHIN Direct. Simple – Built on.
1 DOI for eBooks: What are we identifying? Steve Mooney Sophia-Antipolis, France 22 JAN 01.
Corporation for National Research Initiatives DOI API IDF Members Meeting 22 June 2004 Larry Lannom CNRI.
Secure Messaging Workshop The Open Group Messaging Forum February 6, 2003.
Attaching Rights to Content Larry Lannom Corporation for National Research Initiatives Copyright ©
XML Web Services Architecture Siddharth Ruchandani CS 6362 – SW Architecture & Design Summer /11/05.
Managing Digital Objects on the Net by Robert E. Kahn Corporation for National Research Initiatives Reston, Virginia National Online 2001 New York City.
Integrating security services with the automatic processing of content TERENA 2001 Antalya, May 2001 Francesco Gennai, Marina Buzzi Istituto.
1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.
The Many Facets of Metadata Exchange Between Publishers and the Research Community: The Role that A&I Services and DOIs Play in Providing Access to Electronic.
Alternative Architecture for Information in Digital Libraries Onno W. Purbo
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
GRID Overview Internet2 Member Meeting Spring 2003 Sandra Redman Information Technology and Systems Center and Information Technology Research Center National.
Cryptography and Network Security Chapter 14 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
Corporation For National Research Initiatives Technical Issues in Electronic Publishing Corporation for National Research Initiatives William Y. Arms.
Persistent Identifiers (PIDs) & Digital Objects (DOs) Christine Staiger & Robert Verkerk SURFsara.
Digital Object Identifier doi> Norman Paskin The International DOI Foundation W3C DRM workshop January 22/
Task Force CoRD Meeting / XML Security for Statistical Data Exchange Gregory Farmakis Agilis SA.
1 Active Directory Service in Windows 2000 Li Yang SID: November 2000.
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
1 CS 502: Computing Methods for Digital Libraries Guest Lecture William Y. Arms Identifiers: URNs, Handles, PURLs, DOIs and more.
Building Preservation Environments with Data Grid Technology Reagan W. Moore Presenter: Praveen Namburi.
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
Digital Object Architecture (DOA) Information session
Digital Object Architecture Tutorial
Issues need harmonization
Corporation for National Research Initiatives
Security in ebXML Messaging
Appropriate Access InCommon Identity Assurance Profiles
Presentation transcript:

CNRI Handle System and its Applications Sam X. Sun CNRI ssun@cnri.reston.va.us

CNRI Handle System and its Applications Handle System and its Background Handle System Features Handle System Data & Service Model Handle System Applications Handle System and IDF Handle System and Identity Management

Handle System A global name service that provides unique identifier for digital objects over the Internet Maintains persistent identifier that can be persistent over location and attribute change An infrastructure service that promotes interoperability for identity management & digital rights management,

Background R. Kahn, & R. Wilensky, "A Framework for Distributed Digital Object Services", 1995 Information Layer Infrastructure: - General-purpose global identifier service - Repository for digital objects - Access control & content management Research project sponsored by DARPA over the past eight years.

Handle System Features Secured name resolution and data delivery, with standard mechanism for credential validation Distributed administration via handle system authentication protocol Ownership defined per handle, access control defined per handle value – essential for privacy protection International support via UTF-8 encoding Distributed service model that is both scalable and extendable

Handle Namespace Syntax Definition: Examples: cnri.dlib/july95-arms <handle> ::= <NA> / <Local-Name> <NA> ::= *(<na_seg> ) <na segment> <na_seg> ::= Any Unicode 2.0 character encoded in UTF- 8, except ‘/’ and ‘.’ <Local-Name> ::= Any Unicode 2.0 character Naming authority (NA) Examples: 10.123/456 cnri.dlib/july95-arms Local-Name under NA

Handle System Data Model

Handle Administrator Record defines handle administrator (e.g. for handle “0.NA/10”)

Example: Handle and Handle Values Index Data Type Handle data 10.123/456 2 URL http:/srv1.pub.com/... 3 URL http:/srv2.pub.com/... 100 adm. 10.123/admin 50 md http:/meta.pub.com/... 20 email Info@pub.com

Handle System Service Architecture Client Handle System is a collection of handle services, GHS LHS each of which con- sists of one or more replicated sites, Site 3 Site 2 Site n Site 1 ... each of which may have one or more servers. #1 #2 #n #4 #3 http://www. doi .org/..... 10.1000/123456 URL 1 2 http:// meta .

Handle System Protocol: Message Structure

Handle System Protocol: Message Structure (continued) Envelop Header …<message body>… Credential

Handle System Documentations: Handle System Overview http://www.handle.net/overview-current.html Handle System Namespace and Service Definition http://www.handle.net/namespace-current.html Handle System Protocol Specification http://www.handle.net/protocol-spec-current.html The Digital Object Identifier http://www.doi.org

Handle System Applications: International DOI Foundation (http://www.doi.org) US Library of Congress and University libraries US Learning Object Network Web-in-the-Box Project for US Navy Content ID Forum, Japan KPA/KDC, Korea Inventory management, ENPIA, Korea

Handle System Applications (cont.) DARPA/NSF Secure Digital Information System for secured information sharing among different agencies AAMVA Driver Record Information Verification System (DRIVerS) Financial Service Technical Consortium (FSTC) MPEG-21 Standard Process IETF/IRTF Internet Digital Rights Management

DOI and IDF (http://www.doi.org): International DOI Foundation: founded 1998 following demonstration of prototype in 1997 Not-for-profit; paid membership support similar principles to World Wide Web Consortium(W3C) Open to all interested parties Democratic: board elected from members Full time staff (Director) 40+ organisations and growing

DOI and IDF: Establish a way of identifying content in the digital environment via actionable identifier (e.g. handles in the Handle System). Use that as the basis for digital rights management in the future. Aim to maximise value of digital objects (e.g. reduce copy infringement, increase accessibility, help in content management). Facilitate mass production and mass customisation via terms and conditions associated with digital objects.

DOI and IDF and the Handle System: DOI registration and resolution service fully implemented over the Handle System. Applications are being built on top of DOI (e.g. CrossRef and Metadata registration). Commercial deployment: DOI registration agencies (e.g. CrossRef and others). E-Book endorsement and DOI-EB prototype (see http://www.doi.org).

Identity and Identity Management: Identity: Identity Reference + Set of Attributes Examples: Driver’s License Public Key Certificate Handle + Handle Attribute Different ways of identity reference determines how identities are used or managed. Identity management is essential for all kinds of security services, especially in areas such as authentication/authorization, data confidentiality, as well as service non-repudiation.

Identity Management using Handle System Persistent identity reference, separating identity reference from any of its attributes. Separates transport security from credential validation. Simplifies the authentication process. Automation of credential validation, such that no intermediate Certificate Authority (CA) is necessary, making identity validation process more liable upon legal challenge.

Identity Management using Handle System (cont) Real time identity validation can be carried out via authorization agencies, thus avoiding difficulties surrounding certificate revocation process and making it more trustworthy Ownership of identity attributes are delegated to identity subjects and authorization agencies, so that changes can be made in a timely fashion without dependency on third party Privacy and access control can be managed by individual identity subject, protecting against impersonation and/or identity theft

Handle System Goal… An infrastructure service that promotes inter-operability among various information systems, regardless of the computing platform. Enabling technology for better resource sharing, with distributed administration/ownership defined per named digital object, and secured data binding over public network.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.