Presentation is loading. Please wait.

Presentation is loading. Please wait.

CNRI Handle System and its Applications

Published byJulianna Hodges Modified over 9 years ago

Similar presentations

Presentation on theme: "CNRI Handle System and its Applications"— Presentation transcript:

1 CNRI Handle System and its Applications
Sam X. Sun CNRI

2 CNRI Handle System and its Applications
Handle System and its Background Handle System Features Handle System Data & Service Model Handle System Applications Handle System and IDF Handle System and Identity Management

3 Handle System A global name service that provides unique identifier for digital objects over the Internet Maintains persistent identifier that can be persistent over location and attribute change An infrastructure service that promotes interoperability for identity management & digital rights management,

4 Background R. Kahn, & R. Wilensky, "A Framework for Distributed Digital Object Services", 1995 Information Layer Infrastructure: - General-purpose global identifier service - Repository for digital objects - Access control & content management Research project sponsored by DARPA over the past eight years.

5 Handle System Features
Secured name resolution and data delivery, with standard mechanism for credential validation Distributed administration via handle system authentication protocol Ownership defined per handle, access control defined per handle value – essential for privacy protection International support via UTF-8 encoding Distributed service model that is both scalable and extendable

6 Handle Namespace Syntax Definition: Examples: cnri.dlib/july95-arms
<handle> ::= <NA> / <Local-Name> <NA> ::= *(<na_seg> ) <na segment> <na_seg> ::= Any Unicode 2.0 character encoded in UTF , except ‘/’ and ‘.’ <Local-Name> ::= Any Unicode 2.0 character Naming authority (NA) Examples: 10.123/456 cnri.dlib/july95-arms Local-Name under NA

7 Handle System Data Model

8 Handle Administrator Record
defines handle administrator (e.g. for handle “0.NA/10”)

9 Example: Handle and Handle Values
Index Data Type Handle data 10.123/456 2 URL 3 URL 100 adm. 10.123/admin 50 md 20

10 Handle System Service Architecture
Client Handle System is a collection of handle services, GHS LHS each of which con- sists of one or more replicated sites, Site 3 Site 2 Site n Site 1 ... each of which may have one or more servers. #1 #2 #n #4 #3 doi .org/..... /123456 URL 1 2 meta .

11 Handle System Protocol: Message Structure

12 Handle System Protocol: Message Structure (continued)
Envelop Header …<message body>… Credential

13 Handle System Documentations:
Handle System Overview Handle System Namespace and Service Definition Handle System Protocol Specification The Digital Object Identifier

14 Handle System Applications:
International DOI Foundation ( US Library of Congress and University libraries US Learning Object Network Web-in-the-Box Project for US Navy Content ID Forum, Japan KPA/KDC, Korea Inventory management, ENPIA, Korea

15 Handle System Applications (cont.)
DARPA/NSF Secure Digital Information System for secured information sharing among different agencies AAMVA Driver Record Information Verification System (DRIVerS) Financial Service Technical Consortium (FSTC) MPEG-21 Standard Process IETF/IRTF Internet Digital Rights Management

16 DOI and IDF (http://www.doi.org):
International DOI Foundation: founded 1998 following demonstration of prototype in 1997 Not-for-profit; paid membership support similar principles to World Wide Web Consortium(W3C) Open to all interested parties Democratic: board elected from members Full time staff (Director) 40+ organisations and growing

17 DOI and IDF: Establish a way of identifying content in the digital environment via actionable identifier (e.g. handles in the Handle System). Use that as the basis for digital rights management in the future. Aim to maximise value of digital objects (e.g. reduce copy infringement, increase accessibility, help in content management). Facilitate mass production and mass customisation via terms and conditions associated with digital objects.

18 DOI and IDF and the Handle System:
DOI registration and resolution service fully implemented over the Handle System. Applications are being built on top of DOI (e.g. CrossRef and Metadata registration). Commercial deployment: DOI registration agencies (e.g. CrossRef and others). E-Book endorsement and DOI-EB prototype (see

19 Identity and Identity Management:
Identity: Identity Reference + Set of Attributes Examples: Driver’s License Public Key Certificate Handle + Handle Attribute Different ways of identity reference determines how identities are used or managed. Identity management is essential for all kinds of security services, especially in areas such as authentication/authorization, data confidentiality, as well as service non-repudiation.

20 Identity Management using Handle System
Persistent identity reference, separating identity reference from any of its attributes. Separates transport security from credential validation. Simplifies the authentication process. Automation of credential validation, such that no intermediate Certificate Authority (CA) is necessary, making identity validation process more liable upon legal challenge.

21 Identity Management using Handle System (cont)
Real time identity validation can be carried out via authorization agencies, thus avoiding difficulties surrounding certificate revocation process and making it more trustworthy Ownership of identity attributes are delegated to identity subjects and authorization agencies, so that changes can be made in a timely fashion without dependency on third party Privacy and access control can be managed by individual identity subject, protecting against impersonation and/or identity theft

22 Handle System Goal… An infrastructure service that promotes inter-operability among various information systems, regardless of the computing platform. Enabling technology for better resource sharing, with distributed administration/ownership defined per named digital object, and secured data binding over public network.

Download ppt "CNRI Handle System and its Applications"

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
The Corporation for National Research Initiatives The Handle System Persistent, Secure, Reliable Identifier Resolution.

The Corporation for National Research Initiatives The Handle System Persistent, Secure, Reliable Identifier Resolution.
ADL Registry (Plus a Little Technological Context) Larry Lannom Corporation for National Research Initiatives http://www.cnri.reston.va.us/ http://www.handle.net/

ADL Registry (Plus a Little Technological Context) Larry Lannom Corporation for National Research Initiatives
DOI update on progress Norman Paskin DOIs and journal publishing Ed Pentz, CrossRef DOIs and book publishing David Sidman, CDI [DOIs and non-English language.

DOI update on progress Norman Paskin DOIs and journal publishing Ed Pentz, CrossRef DOIs and book publishing David Sidman, CDI [DOIs and non-English language.
IDF Patent Policy & Core DOI Specification. DOI Encyclopedia to DOI Core DOI Handbook has been the DOI encyclopedia – main developments of the DOI framework.

IDF Patent Policy & Core DOI Specification. DOI Encyclopedia to DOI Core DOI Handbook has been the DOI encyclopedia – main developments of the DOI framework.
Handle System: DOI Technical Infrastructure Corporation for National Research Initiatives Larry Lannom December 10, 1997.

Handle System: DOI Technical Infrastructure Corporation for National Research Initiatives Larry Lannom December 10, 1997.
doi> Digital Object Identifier: overview

doi> Digital Object Identifier: overview
Corporation For National Research Initiatives DOIs and the Handle System 5 August 1998 Larry Lannom CNRI.

Corporation For National Research Initiatives DOIs and the Handle System 5 August 1998 Larry Lannom CNRI.
Corporation For National Research Initiatives DOIs and the Handle System 7 May 1998 Larry Lannom CNRI.

Corporation For National Research Initiatives DOIs and the Handle System 7 May 1998 Larry Lannom CNRI.
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Digital Object Architecture

Digital Object Architecture
A Unified Approach to Combat Counterfeiting: Use of the Digital Object Architecture and ITU-T Recommendation X.1255 Robert E. Kahn President & CEO CNRI,

A Unified Approach to Combat Counterfeiting: Use of the Digital Object Architecture and ITU-T Recommendation X.1255 Robert E. Kahn President & CEO CNRI,
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
C2001 Endeavor Information Systems, Inc. 1 Linking & CrossRef Harry E. Samuels Digital Library Projects Coordinator Endeavor Information Systems Inc.

C2001 Endeavor Information Systems, Inc. 1 Linking & CrossRef Harry E. Samuels Digital Library Projects Coordinator Endeavor Information Systems Inc.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC513-01 Instructor:Professor Anvari Student ID:106845 Name:Xin Wen Date:11/25/00.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
SMUCSE 5349/7349 Public-Key Infrastructure (PKI).

SMUCSE 5349/7349 Public-Key Infrastructure (PKI).
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E 36th RIPE Meeting Budapest 2000 APNIC Certificate Authority Status Report.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E 36th RIPE Meeting Budapest 2000 APNIC Certificate Authority Status Report.
Handle System Overview Larry Lannom 18 May 2004 Corporation for National Research Initiatives Copyright©

Handle System Overview Larry Lannom 18 May 2004 Corporation for National Research Initiatives Copyright©

Similar presentations

Ads by Google