Upload
others
View
9
Download
0
Embed Size (px)
Citation preview
TheDigitalObjectArchitectureandthee-APP
10thInterna+onalForumone-AppTheHague,November1st
ChristopheBlanchiDONAFounda+on
Mo8va8onsfortheDigitalObjectArchitecture
• TheInternetisaboutsharinginforma+onrepresentedindigitalform.
• Informa+onismorethanpackets.• Informa+onneedstobea“FirstClassCi+zen”intheInternet.
– Informa+oniscomplex,ithascontext,uses,monetaryvalue,etc…– Informa+onneedstobelocatable.– Informa+onneedstobeunderstandableandreusable.– Informa+onneedstobeprotected,secured,authen+cated,andtrusted.– Informa+onneedstobeabletooriginatefrommanydifferenttypesof
sourcesandsystems.– Informa+onneedstopersistover+me.
• TheWebenabledwideraccesstoinforma+onintheInternet,buttherearemanyissuesthatremainwhendealingwithinforma+onmanagement.– HeterogeneousdataandsystemssuchasBigDataandIoT.
DigitalObjectArchitectureOverview
TheDigitalObjectArchitectureaddressesthefollowingdigitalinforma+onmanagementissues:
– Uniformandinteroperableaccesstoheterogeneousinforma+onandservices.• Iden+fica+on• Descrip+on,searchandretrieval• Typingofdataandservices
– Interoperabilityacrossheterogeneousinforma+onsystems.• Independentofthespecificunderlyingtechnologiesthathostandprovidethe
informa+on.• Abilitytodealwithinforma+onthatisnotdigitalinnature.
– Integratedsecurity.– Verylargelevelofscalability.
• Distributedarchitecture• Openarchitectureframework• Standardprotocolsandprocedures
DigitalObjectArchitecture:Informa8onManagementonNetworks
Identi'ierResolutionService
Client
ResourceDiscovery
SearchEngines,MetadataDatabases,Catalogues,Registries,etc.
Repositories
TheHandleSystem™
• Abasiciden+fier/resolu+onsystemfortheInternet.• Resolvesadigitalobject’siden+fiertothatobject’scurrentstateinforma+on• Iden+fierpersistswhenloca+onandotheraXributesoftheobjectchanges.
• Logicallyasinglesystem,butphysicallyandorganiza+onallydistributed.
• Highlyscalable.• Associatesoneormoretypedvalues,e.g.,IPaddress,publickey,URL,
metadata,toeachiden+fier.• Secureresolu+onandadministra+on.• Op+mizedforspeedandreliability.• Open,well-definedprotocolanddatamodel,IPRfree.• Providesinfrastructureforawideapplica+ondomain,e.g.,digital
libraries&publishing,e-research,idmgmt,andIoT,etc...
TheHandleSystemSecurityFeatures
• Authen+ca+on• Usinganop+onalPKIcapability.• Handleserverandclientauthen+ca+on.
• Authoriza+on• Handlesandassociatedhandlerecordsareadministeredby
authen+catedandauthorizeddigitalen++essuchasahandleserviceproviders.
• Ahandleservicecanrestrictaccesstoanyofitsvaluesinahandlerecord.
• Confiden+ality• Allhandlerequestsandresponsescanbeencrypted.
• Non-Repudia+onandIntegrity• Handlerecordresponsesmaybesignedbythehos+ngserver• Handlerecordsmaybesignedbyanyauthorizedadministrator.
• Auditlogs• AllHandleserverslogallaccesses.
• Handlesaregloballyuniqueandresolvable• PrefixesarealloXedtolocalhandleserviceproviders
andmostprefixhandlerecordsarecurrentlystoredinthe“GlobalHandleRegistry”(GHR).
• AhandleprefixistypicallyresolvablebytheGHRtoanIPaddressforahandleresolu+onservicesuchasaLocalHandleService.
• Thefullhandleisresolvablebythehandleresolu8onserviceintoahandlerecord.
• CharacterSet:Unicode2.0• Encoding:UTF-8• Prefix:Currentlyalloca+ngonlynumericvalues.
• Suffix:Norestric+ons.
35.1234/12345678
WhatisaHandle?
Suffix Prefix
hXp://www.caliber.net/abs/35.1525/2009.59.5.9URL
<loca+onschooseby="locaX,country,weighted"><loca+onid="1"cr_type="MR-LIST"href="hXp://www.acme.org/iPage?doi=35.1525%2Fbio.20.5.9"weight="1"/><loca+onid="2"cr_src="unca"label="SECONDARY_BIOONE"cr_type="MR-LIST"href="hXp://www.bioone.org/doi/full/35.1525/bio.2009.59.5.9"weight="0"/></loca+ons>
10320/loc
HandleRecord
35.1525/b.2009.59.5.9 handle=0.na/35.1525;index=200;[deletehdl,addval,readval,modifyval,deladmin,addadmin,list]
HS_ADMIN
Handle DataType HandleData
0000000B4453415F5055425F4B4559000000000015009760508F15230B….HS_PUBKEY
eyJhbGciOiJSUzI1NiJ9.eyJkaWdlc3RzIjp7ImFsZyI6IlNIQS0yNTYiLCJkaWdlc….HS_SIGNATURE
DataTypesarealsoresolvablehandlesandcanbespecificto:• TheHandleSystem(*)
• HS_ADMIN• HS_PUBKEY• HS_SIGNATURE• URLetc…
• Anapplica+onorservice• 10320/loc
• Agroup/community• AdevicetypeTypesshouldbeiden+fiedwithahandleandresolvetoatypedescrip+on.(*)HandleSystemtypesareregisteredashandlesstar+ngwiththe“0.TYPE/”prefix.(URL->0.TYPE/URL)
35.TYPE/DEVICE 35.1/1.2.3
HandleResolu8on-Overview
Resolvinganyhandlesuchas35.152/59.5isatwostepprocess:1) FindtheHandleServiceassociatedwiththehandleprefix
35.152• AccessthehandleservicesprovidedbyoneoftheGHR
serviceproviders.• Resolve0.NA/35.152intoitsserviceinforma+on.
2)Resolvethe35.152/59.5handleintoitsrespec+vevalues• Accessthehandleservicesforthatpar+cularhandleat
thatpar+cularHandleServiceprovider.• Resolve35.152/59.5intoitshandlerecord.
HandleResolu8on-OverviewGSP11
MPA22
MPA10
MPA21
MPA86
MPA20DONA
Authorita8veService
MirrorService1
…... MirrorServicen
HandleService0.NA/10.152
Authorita8veService
HandleService0.NA/35.1
Authorita8veService
HandleService0.NA/86.1
Resolve0.NA/10.152HandleSystem™
`SVR#1
SVR #2
SVR#n
SVR#4
SVR#3
Authorita8veServicefor0.NA/10.152
...
SVR#1
SVR#2
GlobalHandleRegistry
SVR#1
hXp://www.acme.com/URL10.1525/59.5 4
eyJhbGciOiJSUzI1NiJ9…..HS_SIG 20
HandleService0.NA/20.123.1
HandleService0.NA/10.152
HandleService0.NA/35.1
HandleService0.NA/86.1
Resolve10.152/59.5
HandleServicefor0.NA/10.152
Resolve10.152/59.5
SVR#1
SVR#1
SVR#2
HandleResolu8on-ServiceInfoRequest
GlobalHandleRegistry
Request:Resolve10.152/59.5 1. ClientrequestsaspecificGSPintheGHRtoresolvetheprefixhandle0.NA/10.152
SecurityFeatures:o Privacy:Encryptedclientrequesto Authen8ca8on:
o Cryptographicauthen+ca+onofthetargetGSPservice
o Cryptographicauthen+ca+onoftheresolvingclient
o Audittrail:GSPlogsthefullclientrequest
HandleResolu8on-ServiceInfoRequest
GlobalHandleRegistry
ClientreceivestheServiceInforma+onforthe10.152Service.
2.ThetargetedGSPRespondswiththeServiceInforma+onforthe10.152service.
HandleServiceInforma+on
xcccxv xc xc xc xc xc xc xc xc xc xc xc xc xc
xc xc
xc xc xc
xc xc xc
xc xc xc
..
..
.. xc xc xc
..
..
.. xc xc xc
..
..
..
... xcccxv
xccx xccx
xcccxv xccx xccx
xcccxv xccx xccx
SecurityFeatureso Privacy:Encryptedclientrequesto Authen8ca8on:
o CryptographicAuthen+ca+onofthetargetGSPservice
o CryptographicAuthen+ca+onoftheresolvingclient
o Audittrail:GSPlogsthefullclientrequest
o Privacy:ResponsefromGSPisencryptedo Authoriza8on:Responseonlyprovideswhat
theauthen+catedclientisallowedtoseeo Non-repudia8on:Serviceinforma+onissigned
bytheGSPserviceanditisverifiedbytheclient.
HandleServiceInforma8onxcccxv xc xc xc
xc xc xc xc xc xc xc xc xc xc
xc xc
xc xc xc
xc xc xc xc
xc xc ..
..
.. xc xc xc ..
..
.. xc xc xc ..
..
..
... xcccxv
xccx xccx xcccxv
xccx xccx xcccxv
xccx xccx
HandleServices IPAddresses PortNumber PublicKey …
Authorita+veServiceService1Service2
12.34.45.6712.34.56.68
26412641
5ec6f944…55fa26ca…
……
MirrorService1Service1Service2Service3
12.45.67.7112.45.67.7212.45.67.73
264126412641
C77ee70…22d81f1…43a7a1f….
………
MirrorService2Service1Service2
32.23.23.1232.23.23.13
26412641
A80b56…b56757…
HandleResolu8on–HandleServiceRequest
HandleServicefor10.152
GlobalHandleRegistry
SVC#1
SVC#2
Authorita8veService
MirrorService1
SVC#1
SVC#2
SVC#3
MirrorService2
SVC#1
SVC#2
3.ClientqueriesServer#2inMirrorService1toresolve10.152/59.5
SecurityFeatureso Privacy:Encryptedclientrequesto Authen8ca8on:
o CryptographicAuthen+ca+onofthetargetLHSservice
o CryptographicAuthen+ca+onoftheresolvingclient
o Audittrail:LHSlogsthefullclientrequest
AcmeLocalHandleService
GlobalHandleRegistry
hXp://www.acme.com/URL10.152/59.5.9 4
eyJhbGciOiJSUzI1NiJ9…..HS_SIG 20
HandleServicefor10.152
SVC#1
SVC#2
Authorita8veService
MirrorService1
SVC#1
SVC#2
SVC#3
MirrorService2
SVC#1
SVC#2
4.Serverrespondswiththe10.152/59.5.9handlerecord
HandleResolu8on–HandleServiceRequest
SecurityFeatureso Privacy:Encryptedclientrequest.o Authen8ca8on:
o CryptographicAuthen+ca+onofthetargetLHSservice.
o CryptographicAuthen+ca+onoftheresolvingclient.
o Audittrail:LHSlogsthefullclientrequest.
o Privacy:ResponsefromMirrorisencrypted.o Authoriza8on:Responseonlyprovidesthe
valuesthattheauthen+catedclientisallowedtosee.
o Non-repudia8on:HandlerecordissignedbytheMirrorServiceandcanbeverifiedbytheclient.
Handleande-APPSynergy
• Theneedforauthen+ca+ngdigitalresourcesisabasicrequirementinmanydifferentinforma+onindustries.• Journalar+cles,medicaltaxonomies,assetsregistries.• InternetofThings,BigData.
• Thepoliciesandworkflowsthatresultinthesigningandcer+fyingofdigitalresourcesmaydifferbuttheintentsandprocessforverifyingsignature(s)andthesigner(s)aresimilar.
• TheHandleSystemprovidesanopensolu+onthatoffers• Security,scalability.• Interoperability.• Digitalsovereignty.• Signeriden+fica+onusinghandles.
DocumentRegistra8on
RegisterHandle
20.500.123/doc-10 Title:”Dra~Agenda”Summary:e-APPAgendaAdobeSignatureLanguage:English
PDF_DATA
hXp://ds5.cnri.net/Dra~.pdfURLDocumentloca+oneyJhbGciOiJSUzI1NiJ9…..HS_SIGDocumentEndorsement
SignusingAdobeReader
20.500.123/doc-11 Title:”FinalAgenda”Summary:e-APPAgendaAdobeSignature:Language:EnglishRelatedDocuments:• PreviousVersion:20.500.123/doc-10
PDF_DATA
hXp://ds5.cnri.net/Final.pdfURLDocumentloca+oneyJhbGciOiJSUzI1NiJ9…..HS_SIGDocumentEndorsement#1iJSI1NiJUecfGihOz54…..HS_SIGDocumentEndorsement#2
Updatedocument
RegisterHandle
SignUsingAdobeReader
UpdatedDocumentRegistra8on
hXp://ds5.cnri.net/Final-FD.pdfURL
20.500.123/doc-12 +tle:”OrdreduJour”Summary:e-APPAdobeSignature:Language:FrenchRelatedDocuments:• English:20.500.123/doc-11
PDF_DATA
Documentloca+on
iJSI1NiJUecfGihOz54…..HS_SIG
eyJhbGciOiJSUzI1NiJ9…..HS_SIGDocumentEndorsement#1DocumentEndorsement#2
TranslateDocument
RegisterHandle
SignUsingAdobeReader
TranslatedDocumentRegistra8on
Rela8onshipsBetweenDocuments
20.500.123/doc-10
20.500.123/doc-11
NextVersion
PreviousVersion
20.500.123/doc-13
SpanishVersion
20.500.123/doc-12
EnglishVersion
FrenchVersion
HandleEnhancedDocumentValida8on1. Resolvesthedocument’sHandlefromPDF
metadata2. Extractsthedocument’shandlemetadata.3. VerifiesthePDF’sandHandle’ssignature:
• Correlatesthedocumenttothehandle.• Confirmstheintegrityofthedocument.
4. Validatestheiden+tyofthedocumentsigner.• Whoendorsedthesigner?• Isthesigner’scer+ficatevalid?• Isthesigners+llrecognized?
5. Providesalistofrelateddocuments:• Next–Previous.• References• Otherlanguagesetc…
6. Listsandverifiesalladdi+onalcryptographicendorsements.
7. Eachendorsementcer+ficatechaincanbeexplored.
Addi8onalBenefitsoftheHandleApproach1. PDFdocumentsenhancedwithahandlebasedverifica+onsolu+oncanbeused
withanytechnologythatcanresolvehandlessuchas:• AnAdobeReaderplugin.• Awebbasedsolu+on.• WithinaDigitalObjectbasedsolu+on.
2. Thehandlebaseddocumentvalida+onsolu+oncanbeusedtoauthen+catedocumentsthatarenotPDFs:• WebPages,Worddocuments,datasets,etc…
3. DocumentsareassignedhandlesthatarestoredinaLocalHandleService(LHS)• TheLHSismanagedlocally.• TheLHSandregistra+oncanfollowrequiredlocalpoliciesandprocedures.• Allhandlesaregloballyresolvableandinteroperable.
4. Handleresolu+onprovidesanefficientsolu+onforinspec+ngcer+ficatechains
• Providesadynamicmechanismforinspec+ngandverifyingcer+ficates.• Resolvesasigner’sIDintoitsassociatedpublickeyandmetadata.• Equallyverifieslocal,regional,andglobalcer+ficates.
Whoisresponsibleforopera8ngtheGHR?
• TheoriginalGHRwasoperatedbyCNRIinRestonVAintheUSsincethemidtolate1990s.
• Un+lrecently,CNRIhadthesolecreden+alandauthoriza+ontocreateallnewprefixes.
• CNRIdecidedfurtherenhanceanddeveloptheGHRarchitecturetoenablemul+pleorganiza+onstocoordinateandadministertheGHRonamul+-primarybasisundertheoveralladministra+onoftheDONAFounda+on.
• ThecurrentGHRmaintainsbackwardscompa+bilitywithalllegacyhandleclients.
ProvidersofGHRServices
• Anorganiza+onthatiscreden+aledandauthorizedbyDONAtocreatederivedprefixesfromitsalloXedcreden+alprefixisknownasaMul+-PrimaryAdministrator(MPA)ormoregenerallyasaGlobalHandleServiceProvider(GSP).
• Eachsuchorganiza+onisalloXedacreden+al(e.g.0.NA/21)byDONAandauthorizedtoprovideGHRservices.
• Eachsuchorganiza+oncancreateanunlimitednumberofderivedprefixesfromitscreden+alprefixandallotthemtoorganiza+onsthatwishtoprovidelocalhandleservices.
• AllGHRServicesverifyandreplicateanyandallvalidprefixescreated/modifiedbyotherfromallotherMPAsandGSPsinaccordancewithDONAFounda+onPoliciesandProcedures.
TheRoleoftheDONAFounda8on• BasedinGenevaSwitzerland.• Maintainstheopera+onsoftheGHR,collabora+velywithallMPAs.• Providecoordina+on,so~ware,andotherstrategicservicesforthe
technicaldevelopment,evolu+on,applica+on,andotherusesinthepublicinterestaroundtheworldoftheDigitalObjectArchitecture(DOA)withamissiontopromoteinteroperabilityacrossheterogeneousinforma+onsystems.
• DONAwillpromotetheX.1255standardandtheuseoftheDOAacrossmanydifferentcountries,domains,andindustries.
• MakethedevelopedDOAstandardsand/orso~wareaccessibletothecommunitytofurthertheirdevelopmentandadop+on.
• Enablesthedevelopmentofrelevantstandards,andso~wareforpurposesofreferencemodelsandinconnec+onwiththeGHR
DONAFounda8on’sGHROpera8ons
• DONAcoordinateswiththeGHRServiceproviderstomaintainthestableandsecureopera+onofthetheGHRinthepublicinterest.
• DONAcreden+alsandauthorizesnewMPAs.• TheDONAFounda+onwillworkincollabora+onwiththeMPAs
toimprovethearchitectural,technical,andperformanceoftheGHR.
• TheMul+-PrimaryGHROpera+onsstartedonthe9thofDecember2015.
Ques8ons?