The DOI System The DOI System

The DOI System The DOI System
Resolution Resolution Resolution DOI SYSTEM: RESOLUTION Workshop on the DOI System International DOI Foundation 1

Resolution Resolution Resolution doi> Outline / Key concepts in this section Internet resolution The Handle System® Implementation tools: Web browsers, proxies, plug-ins Appropriate resolution Data typing Multiple resolution Handle System developments 2

Resolution Resolution Resolution doi> Further reading on key concepts in this section DOI Handbook Chapter 3, “Resolution Numbering” “DOI System and the Handle System” Factsheet: 3

Resolution Resolution Resolution 4

Resolution Resolution Resolution doi> DOI Resolution Resolution: the process of submitting a DOI name to a network service and receiving in return one or more pieces of current information related to the identified object. e.g., a location (URL) of the object or metadata. DNS is the best known type of resolution: resolve the IP address to route to a computer location This may involve one or more intermediate mapping operations. The resolution may or may not return an instance of the object. Multiple resolution is the simultaneous return as output of multiple pieces of current information related to the object, in defined data structures. The DOI System uses the Handle System to provide resolution See handle.net for detail e.g. advantages over DNS 5

Resolution Resolution Resolution doi> The Handle System The Handle System is “a general purpose distributed information system that provides efficient, extensible, and secure identifier and resolution services for use on networks such as the Internet.” A non-commercial, openly available protocol and reference implementation. Met the needs of DOI System development aim: do not re-invent the wheel. Can utilise existing or new schemes, many advantages that map to DOI System needs. Developed at Corporation for National Research Initiatives (US) by Robert Kahn, one of the “fathers of the Internet” (TCP/IP). 6

Resolution Resolution Resolution doi> The Handle System: rationale “Digital information needs to be a first class citizen in the networked environment” First class = one that has an identity independent of any other item Current Internet less than optimal for security, privacy, mobility. Original Internet design conflated addresses to serve two purposes: an indication of the location of the end point, and an indication of its identity – now recognised as a limitation (see e.g. NewArch*, FIND**) *Future generation Internet architecture **Future Internet network design The fundamental characteristic of digital information is that it is processable data, enabling re-use and hence new forms of electronic commerce, creativity and social benefit. Managing these units of digital information, the “citizens” in the network, requires that they have unique names (or “identifiers”) denoting a specific referent, and the ability to manage their attributes. Objects (“citizens”) may be representations of content, people, parties, resources, licences, avatars, sensors, etc. 7

Resolution Resolution Resolution doi> Part of Digital Object Architecture Handle System is part of a wider architecture (but entirely separable and usable alone): focus on objects not packets. Managing information on the Net over very long periods of time – e.g. centuries or more. Dealing with very large amounts of information on the Net over time. When information, its location(s) and even the underlying systems may change dramatically over time. Respecting and protecting rights, interests and value. Robert Kahn/Robert Wilensky “A Framework for Distributed Digital Object Services”, 1995. 8

Resolution Resolution Resolution doi> Terminology Identifier: unique persistent string (“number”, “name”, “identifier”) assigned to a referent Unique: one to many: an identifier specifies one and only one referent (but a referent may have more than one identifier) Persistent: once assigned, does not change referent Resolution: process by which an identifier is input to a network service which returns some information Referent: the object to which the identifier is assigned, whether or not resolution returns that object. may be abstract, physical or digital, since all these forms of object are of relevance in identifier management (e.g. creations, resources, agreements, people, organisations) – classical ontology issues Digital object: an instance of an abstract data type (Objects are often compound and contain several referents) 9

Handle System overview Resolution Resolution Resolution doi> Basic Internet resolution system: identify objects, not servers. Optimized for speed, reliability, scaling Open defined protocol and data model (IETF RFC 3650,1,2) free protocol; service at low cost (non-profit); freely available to be used as engine underneath other named identifiers. Separation of control of the handle and who runs the servers distributed administration, granularity at the handle level Any Unicode character set internationalisation All transactions can be secure and certified Both registration and resolution Not all data public: individual values within a handle can be private No semantics necessary in the identifier Logically centralized, physically distributed and highly scalable Does not need DNS, but can work with DNS: deployed via tools e.g http proxies, client plug-ins, server software, etc 10

Resolution Resolution Resolution Handle syntax doi> A Handle consists of a prefix and suffix e.g. 123/4567 Prefix and suffix may be any length e.g /456-mydoc Suffix may incorporate another identifier numbering scheme e.g /ISBN Thereby adds functionality to that numbering scheme Shorter prefixes (1-3 digits) reserved for major projects, countries, etc. 11

Handles resolve to typed data Resolution Resolution Resolution doi> Schematic (simplified) representation of a handle record Handle Handle value(s) Data type Index Data value 10.123/456 URL 1 Prefix Suffix URL 2 DLS 3 acme/repository HS_ADMIN 100 acme.admin/jsmith XYZ 12 One or more Handle values (type:value) Resolution can return all values, or all values of one type 12

Resolution Resolution Resolution doi> Handles resolve to typed data Fuller representation of a handle record: e.g. the handle " /may99-payette" has a set of three handle values: <index>: <index>: <type>: HS_ADMIN <data>: acme.admin/jsmith <index>: <type>: URL <data>: <TTL>: {Relative: 24 hours} <permission>: PUBLIC_READ, ADMIN_WRITE <timestamp>: <reference>: {empty} 13

Resolution Resolution Resolution Handles resolve to typed data The Handle System is a collection of handle services, Client GHR LHS each of which consists of one or more replicated sites, Site 1 Site 2 Site 3 …... Site n each of which may have one or more servers. /abc URL 4 8 #1 #2 #n #4 #3 ... 14

Resolution Resolution Resolution Handle clients Request to Client: Resolve hdl: /1 1. Sends request to Global to resolve 0.NA/ (naming authority handle for ) Client Global Handle Registry 15

Resolution Resolution Resolution Handle clients Request to Client: Resolve hdl: /1 Client 2. Global Responds with Service Information for Service Information Acme Local Handle Service xcccxv xc .. ... xccx Global Handle Registry 16

Resolution Resolution Resolution Handle clients Request to Client: Resolve hdl: /1 Client Global Handle Registry 3. Client queries Server 3 in Secondary Site A for /1 #1 Acme Local Handle Service #1 #2 Secondary Site B #2 #1 #3 Primary Site Secondary Site A 17

Resolution Resolution Resolution Handle clients Request to Client: Resolve hdl: /1 Client Global Handle Registry 4. Server responds with handle data #1 Acme Local Handle Service #1 #2 Secondary Site B #2 #1 #3 Primary Site Secondary Site A 18

Resolution Resolution Resolution Handle clients Web Client Handle Administration Client HTTP Redirect HTTP Get Proxy/ Web Server Handle Data Resolve Handle LHS GHR Handle System 19

Resolution Resolution Resolution Handle clients Client Handle Administration Client Client Plug-In Handle Data Resolve Handle Request hdl:/ /abc LHS GHR Handle System 20

Resolution Resolution Resolution Handle clients Web Handle Administration Client HTTP Admin Forms Web Server Handle Admin API LHS GHR Handle System 21

Resolution Resolution Resolution Handle clients Web Handle Administration Client Custom Client LHS GHR Handle System 22

Resolution Resolution Resolution Handle clients Handle Administration embedded in another process Web LHS GHR Handle System 23

Resolution Resolution Resolution Handle clients Handle Resolution embedded in another process Handle Administration embedded in another process LHS GHR Handle System 24

Handle System: typing Resolution Resolution Resolution doi> A handle has a set of values assigned to it = a record that consists of a group of fields <type> field defines the syntax and semantics of a value’s data e.g. URL (resolving to current location) pre-defined set of handle data types for administrative use registered handle data types for non-administrative use (URL, , and DESC): others being added* Types may include: HS_PUBKEY: public key used to authenticate entities in the Handle System HS_SECKEY: secret key password to access some service DESC: UTF8-encoded descriptions of the object identified by the handle Full list at *Handle System Advisory Committee is defining a recommended practice process 25

Handle System usage (1) Resolution Resolution Resolution doi> Provides infrastructure for application domains, e.g. digital libraries & publishing, network management, id management ... International DOI Foundation Federation of several independent applications Defense Virtual Information Architecture Defense Technical Information Center (DTIC), DARPA, CNRI context sensitive distribution of data and metadata: resolution result depends on who you are GRID computing Shared computing resources Handle System - Globus Toolkit Integration Project 26

Handle System usage (2) Resolution Resolution Resolution doi> DSpace - Digital Repository System MIT Libraries/Hewlett-Packard stable, long-term storage of intellectual output of faculty, researchers, centers and labs National Digital Library Program (NDLP) Library of Congress. Collections of historic materials converted to digital formats. LoC use handles to identify material in the library's own collections Los Alamos National Labs internal doc management (600m+) Several Digital Library projects e.g. ARROW Others who may adopt RFCs: e.g. Fedmark: independent commercial implementation of Handle protocols for digital rights system 27

Handle System projects Resolution Resolution Resolution doi> Some others of particular relevance to identity management... Transient Network Architecture Pervasive transient mobile network in which all communications occur between persistently identified entities. CNRI/University of New Mexico, under NSF’s FIND (Future Internet Network Design) project Using PKI capability for persistent trustworthy identity, separating: Transport trustworthy (name/attribute is binding) Administration trustworthy (attribute is issued by attribute holder) Attribute credential (attribute value is true) Representing Value as Digital Objects: Transferability and Anonymity Deeds of trust, mortgages, bills of lading, digital cash etc. “Transferable records" structured as digital objects Possible Application of Handles to licences and parties See separate talk on content industry identifiers 28

Handle System statistics Resolution Resolution Resolution doi> Assigned namespaces (“prefix”) DOI D-Space Others Individual “Handles” (identifiers within each namespace) DOI M Other: 600?? millions total per namespace known only to namespace manager; e.g. LANL adding 600M but privately Global Handle System Core three service sites (added locations being considered) c. 60 million direct resolutions per month c. 50 million proxy server resolutions per month 29

Handle System: security Resolution Resolution Resolution doi> Integrity of the Global Handle Registry service. Protected service information and public key pair used to sign global service information. Handle protocol allows handle servers to authenticate their clients and to provide data integrity service on client request. Handle servers can be explicitly asked to generate or return a digital signature for every service response (but normally don’t). Public key and/or secret key cryptography may be used. Server authentication may be used to prevent eavesdroppers from forging client requests or tampering with server responses. Client applications can (if wished) only accept information from the authoritative Global Handle Registry (not any mirrors) and check its integrity on each update. 30

Handle System and DNS (1) Resolution Resolution Resolution doi> Similarities and differences in both the design and intended use. Naming DNS naming hierarchy reflects a control hierarchy, Handle System need not. Handle System separates control of handle (id) from control of server (location). Distributed Administration Handle administrators can add/delete identifier and identifier values securely over the public Internet. Proxies Technical advantages regarding resolution work behind SOCKS or HTTP proxies, both supported in Handle client library (whereas DNS resolution from behind proxies is difficult/impossible). Unicode Full native Unicode is supported by the Handle System. There are hacks to make DNS support 8-bit character sets, but they are not widely implemented. Replication In DNS, if a single record is updated all records must be copied to mirror servers. The Handle System has finer granularity: if a single record is updated, the server will copy only that record to the mirror servers. 31

Handle System and DNS (2) Resolution Resolution Resolution doi> Certification DNS has to be fast, especially at the root. Not very good for alternative uses, e.g. certificates. Handle System has more flexible and robust certification support. Access Control Handle System has support for access control and authentication. DNS does not. Record Size Technical advantages regarding UDP and TCP handling: more efficient request handling; much larger storage in a record (DNS 64KB, Handle System 4GB). Examples of integration with DNS: CNNIC Handle implementation offers secured DNS resolution via a Handle protocol interface. Further work will package the Handle-DNS software for public release; deploy the Handle-DNS server in “.cn” TLD registry and its subsidiaries; and establish an ENUM service and client software based on the Handle-DNS interface. Client library and proxies for use with http etc. 32

Handle System and granularity Resolution Resolution Resolution doi> Functional Granularity: “it should be possible to identify an entity whenever it needs to be distinguished” First class naming: “Digital objects should have first class names” Naming hierarchy independent of control hierarchy: DNS: who runs acme.com controls who runs branch.acme.com Handle System separates control of handle (id) from control of server (location) Handles are first class names: URLs: grouped by domain name and then by some sort of hierarchical structure, originally based on file trees Handles: each name stands on its own, unconnected to any DNS or other hierarchy Can avoid broken URLs when control changes Ownership. The prefix administrator is considered the owner of the data (whereas in DNS, the system administrator is considered the owner): Each Handle identifier and prefix can have its own set of administrators independent from the system administrator Relationships between objects can be expressed: If you want to build a hierarchy you can – but on any basis Handles can refer to other handles (some applications have introduced a detailed data model to allow this – e.g DOI) 33

Handle System and standards Resolution Resolution Resolution doi> Specification RFC 3650: Overview RFC 3651: Namespace and Service Definition RFC 3652: Protocol Application areas DoD Instruction 1322 Mandates Handle System use as part of Advanced Distributed Learning ISO standards track for DOI System A Handle application for the content sector ISO TC46/SC9 (home of ISBN etc) Governance: HSAC - Handle System Advisory Committee Approx 15 members representing big users or interest groups Goal: evolve to oversee the system, autonomous (cf. IETF etc) Currently by invitation; interest welcomed 34

Handle System home page Resolution Resolution Resolution 35

Resolution Resolution Resolution DOI name appropriate (contextual) resolution doi> Resolve DOI name with some additional information to give results depending on context Open URL: see e.g. Resolve to same content at different location (by user) Full contextual resolution: Handle System can do this (DVIA) Resolve to different content (by user) Of interest re licensing etc Steps in evolution: URLs: not useful for long term management naming and resolution: “get me the right thing” contextual resolution: “get me the thing that is right for me” (e.g. “that I have access rights for”) 36

Resolution Resolution Resolution doi> DOI tools: example (1) Adobe Acrobat plug-in Concept announced and “mock-up” shown 2002 Now fully developed and licensed, available for Acrobat 8.0 Builds on Acrobat SDK Early adopters needed Potential for more work Examples: 1. CrossRef data 2. “New version” functionality 37

Resolution Resolution Resolution doi> DOI tools: example (1) Adobe Acrobat plug-in 2. “New version” functionality 42

Resolution Resolution Resolution doi> DOI tools: example (2) Firefox Handle Extension Displays a toolbar with Handle System features Tool to create additional handles, bookmark handles, etc Bring up a web page and assign a Handle Recent work: possible addition to “Firefox Add-ons” 45

Resolution Resolution Resolution doi> DOI multiple resolution Significant benefit of Handle System: Resolve from one DOI name to several different things One-to-many linkage Resolution request would give: all results, or all results of one type Need a framework to build these applications on: group similar uses so that the results are predictable and can be used across applications DOI Application Profile framework Handle System “data value typing” CrossRef use for e.g. location-dependent resolution Other business cases? Could express relationships (ISTC to ISBNs etc) 48

Resolution Resolution Resolution doi> DOI Application Profiles Referents are identified by DOIs The properties of groups of DOIs are defined as APs APs have one or more Services Services have definitions Entity Application Profile 965 Service Instance Service Definition Entity 876 Entity 456 453 453 784 Service Instance Application Profile Entity Service Definition Application Profile Service Instance Entity 784 Entity 369 908 Service Instance Service Definition Entity APs and services are themselves identified by Handles (DOIs) 49

Other related tools for resolution
The DOI System The DOI System The DOI System Resolution Resolution Resolution doi> NISO = National Information Standards Organization (under ANSI, the US national body of ISO) Open URL NISO standard Z A syntax to create web-transportable packages of metadata and/or identifiers about an information object. Not an identifier, but a complementary technology for appropriate redirection of an identifier resolution. In use with Digital Object Identifiers (DOI names) and handles. e.g. "info" URI Registry IETF RFC 4452: The "info" URI Scheme for Information Assets with Identifiers in Public Namespaces. Turn legacy identifiers into URLs (e.g. info:lccn/ ). DOI and Handle are both registered as info URI schemes. Now formalizing policies for the "info" URI registry. “This identifier and its registry could serve as a focal point for NISO's identifier activity, creating a trusted brand and a starting point for community members doing work that requires identifiers.” (NISO workshop on identifiers 2006) 50

Resolution Resolution Resolution New features in recent Handle releases: server side Berkeley DB JE support Increased performance Increased scalability Template resolution, a.k.a. virtual handles All handles that match a given pattern, e.g., 123/456*, will resolve to the same data, e.g., a single URL at which all objects are found Currently a fixed value per pattern, but could be extended to be a function of the handle presented for resolution (think limited regular expressions), e.g., 123/456.abc, resolved by any client, would resolve to the pattern and the server would return 51

Resolution Resolution Resolution New features in recent Handle releases: client side ‘Choose by’ facility - currently being deployed in the proxy service Pack alternatives into a single handle value using XML. Include criteria for selecting among them, to be evaluated by the client. Example: alternatives = geographic locations, criteria = incoming IP, proxy matches incoming IP to IP tables and picks best location, other clients could be configured to select country in some other way. Detail: For some handle, the value of type CNRI.RSRC_LOC <locations chooseby="locatt,country,weighted"> <location id=0 href=“ country="gb” weight=0 /> <location id=1 href=“ weight=1 /> <location id=2 href=“ weight=1 /> </locations> 52

Resolution Resolution Resolution New features in recent Handle releases: client side Extended Handle client library to provide higher level API Creation: handleValue = hsClient.createHandleValue(1,”URL”," hsClient.createHandle(handle, new HandleValue[] {handleValue}); Deletion hsClient.deleteHandle(handle); Resolver.xml Local file containing override or default values for specific handles If override, local client never goes to Handle System for that handle, but just uses the given value If default, local client uses that value if it cannot resolve the handle for whatever reason, e.g., on an airplane Web services interface to Handle System at multiple levels Added to current set of proxies Released as a stand-alone interface that could employed by other organizations as needed Handle plug-in for Acrobat Reader re-released for Reader 8 53

Handles resolve to typed data Resolution Resolution Resolution doi> Handle Data type Index Handle data 10.123/456 URL 1 URL 2 DLS 9 acme/repository HS_ADMIN 100 acme.admin/jsmith XYZ 12 Rules for data type construction: 54

Resolution Resolution Resolution Handles resolve to typed data How to define these types? (not types of referents) Handle Records may be thought of as sets of handle triples: handle:type:value Clients rely on types in order to interpret the values All of this is transparent to HS servers – servers simply store and deliver type:value pairs - type is completely open, no type police A few standard types already exist: Admin types - what the HS itself needs to operate Common types, e.g., URL They are themselves registered as handles, e.g., 0.TYPE/URL Lots of projects using the Handle System invent types for their own purposes Two issues coming to the fore: What can a client do with a type it doesn’t know about ahead of time? What sort of synergies across projects are we missing through wheel re-invention? 55

Resolution Resolution Resolution Proposed Registry of Handle types Keep the 0.TYPE mechanism in place Encourage registration, with low barriers Is it in use? Is it understandable? Is it harmful to the overall HS? Expand the required type/values under the 0.TYPE handle Human-readable description Responsible party Dates of creation and last revision Related handle types Searchable registry in which the type is registered Introduce a searchable Registry of Handle Types Publicly available for searching Searchable version of the complete set of 0.TYPE records Added fields and examples? Issues Ontologies: are two types really the same but using different descriptions or languages? Trial vs accepted types 56

Resolution Resolution Resolution Outline / Key concepts in this section Internet resolution The Handle System Implementation tools: Web browsers, proxies, plug-ins Appropriate resolution Data typing Multiple resolution Handle System developments 57

Resolution Resolution Resolution DOI SYSTEM: RESOLUTION Workshop on the DOI System International DOI Foundation 58

The DOI System The DOI System

Similar presentations

Presentation on theme: "The DOI System The DOI System"— Presentation transcript:

Similar presentations

About project

Feedback

Log in

Auth with social network:

The DOI System The DOI System

Similar presentations

Presentation on theme: "The DOI System The DOI System"— Presentation transcript:

Similar presentations

About project

Feedback