The Digital Object Architecture and the e-APP€¦ · The Digital Object Architecture and the e-APP 10th Internaonal Forum on e-App The Hague, November 1st Christophe Blanchi DONA

TheDigitalObjectArchitectureandthee-APP

10thInterna+onalForumone-AppTheHague,November1st

ChristopheBlanchiDONAFounda+on

Mo8va8onsfortheDigitalObjectArchitecture

•  TheInternetisaboutsharinginforma+onrepresentedindigitalform.

•  Informa+onismorethanpackets.•  Informa+onneedstobea“FirstClassCi+zen”intheInternet.

–  Informa+oniscomplex,ithascontext,uses,monetaryvalue,etc…–  Informa+onneedstobelocatable.–  Informa+onneedstobeunderstandableandreusable.–  Informa+onneedstobeprotected,secured,authen+cated,andtrusted.–  Informa+onneedstobeabletooriginatefrommanydifferenttypesof

sourcesandsystems.–  Informa+onneedstopersistover+me.

•  TheWebenabledwideraccesstoinforma+onintheInternet,buttherearemanyissuesthatremainwhendealingwithinforma+onmanagement.–  HeterogeneousdataandsystemssuchasBigDataandIoT.

DigitalObjectArchitectureOverview

TheDigitalObjectArchitectureaddressesthefollowingdigitalinforma+onmanagementissues:

–  Uniformandinteroperableaccesstoheterogeneousinforma+onandservices.•  Iden+fica+on•  Descrip+on,searchandretrieval•  Typingofdataandservices

–  Interoperabilityacrossheterogeneousinforma+onsystems.•  Independentofthespecificunderlyingtechnologiesthathostandprovidethe

informa+on.•  Abilitytodealwithinforma+onthatisnotdigitalinnature.

–  Integratedsecurity.–  Verylargelevelofscalability.

•  Distributedarchitecture•  Openarchitectureframework•  Standardprotocolsandprocedures

DigitalObjectArchitecture:Informa8onManagementonNetworks

Identi'ierResolutionService

Client

ResourceDiscovery

SearchEngines,MetadataDatabases,Catalogues,Registries,etc.

Repositories

TheHandleSystem™

•  Abasiciden+fier/resolu+onsystemfortheInternet.•  Resolvesadigitalobject’siden+fiertothatobject’scurrentstateinforma+on•  Iden+fierpersistswhenloca+onandotheraXributesoftheobjectchanges.

•  Logicallyasinglesystem,butphysicallyandorganiza+onallydistributed.

•  Highlyscalable.•  Associatesoneormoretypedvalues,e.g.,IPaddress,publickey,URL,

metadata,toeachiden+fier.•  Secureresolu+onandadministra+on.•  Op+mizedforspeedandreliability.•  Open,well-definedprotocolanddatamodel,IPRfree.•  Providesinfrastructureforawideapplica+ondomain,e.g.,digital

libraries&publishing,e-research,idmgmt,andIoT,etc...

TheHandleSystemSecurityFeatures

•  Authen+ca+on•  Usinganop+onalPKIcapability.•  Handleserverandclientauthen+ca+on.

•  Authoriza+on•  Handlesandassociatedhandlerecordsareadministeredby

authen+catedandauthorizeddigitalen++essuchasahandleserviceproviders.

•  Ahandleservicecanrestrictaccesstoanyofitsvaluesinahandlerecord.

•  Confiden+ality•  Allhandlerequestsandresponsescanbeencrypted.

•  Non-Repudia+onandIntegrity•  Handlerecordresponsesmaybesignedbythehos+ngserver•  Handlerecordsmaybesignedbyanyauthorizedadministrator.

•  Auditlogs•  AllHandleserverslogallaccesses.

•  Handlesaregloballyuniqueandresolvable•  PrefixesarealloXedtolocalhandleserviceproviders

andmostprefixhandlerecordsarecurrentlystoredinthe“GlobalHandleRegistry”(GHR).

•  AhandleprefixistypicallyresolvablebytheGHRtoanIPaddressforahandleresolu+onservicesuchasaLocalHandleService.

•  Thefullhandleisresolvablebythehandleresolu8onserviceintoahandlerecord.

•  CharacterSet:Unicode2.0•  Encoding:UTF-8•  Prefix:Currentlyalloca+ngonlynumericvalues.

•  Suffix:Norestric+ons.

35.1234/12345678

WhatisaHandle?

Suffix Prefix

hXp://www.caliber.net/abs/35.1525/2009.59.5.9URL

<loca+onschooseby="locaX,country,weighted"><loca+onid="1"cr_type="MR-LIST"href="hXp://www.acme.org/iPage?doi=35.1525%2Fbio.20.5.9"weight="1"/><loca+onid="2"cr_src="unca"label="SECONDARY_BIOONE"cr_type="MR-LIST"href="hXp://www.bioone.org/doi/full/35.1525/bio.2009.59.5.9"weight="0"/></loca+ons>

10320/loc

HandleRecord

35.1525/b.2009.59.5.9 handle=0.na/35.1525;index=200;[deletehdl,addval,readval,modifyval,deladmin,addadmin,list]

HS_ADMIN

Handle DataType HandleData

0000000B4453415F5055425F4B4559000000000015009760508F15230B….HS_PUBKEY

eyJhbGciOiJSUzI1NiJ9.eyJkaWdlc3RzIjp7ImFsZyI6IlNIQS0yNTYiLCJkaWdlc….HS_SIGNATURE

DataTypesarealsoresolvablehandlesandcanbespecificto:•  TheHandleSystem(*)

• HS_ADMIN• HS_PUBKEY• HS_SIGNATURE• URLetc…

•  Anapplica+onorservice•  10320/loc

•  Agroup/community•  AdevicetypeTypesshouldbeiden+fiedwithahandleandresolvetoatypedescrip+on.(*)HandleSystemtypesareregisteredashandlesstar+ngwiththe“0.TYPE/”prefix.(URL->0.TYPE/URL)

35.TYPE/DEVICE 35.1/1.2.3

HandleResolu8on-Overview

Resolvinganyhandlesuchas35.152/59.5isatwostepprocess:1)  FindtheHandleServiceassociatedwiththehandleprefix

35.152•  AccessthehandleservicesprovidedbyoneoftheGHR

serviceproviders.•  Resolve0.NA/35.152intoitsserviceinforma+on.

2)Resolvethe35.152/59.5handleintoitsrespec+vevalues•  Accessthehandleservicesforthatpar+cularhandleat

thatpar+cularHandleServiceprovider.•  Resolve35.152/59.5intoitshandlerecord.

HandleResolu8on-OverviewGSP11

MPA22

MPA10

MPA21

MPA86

MPA20DONA

Authorita8veService

MirrorService1

…... MirrorServicen

HandleService0.NA/10.152

Authorita8veService


Authorita8veService


Resolve0.NA/10.152HandleSystem™

`SVR#1

SVR #2

SVR#n

SVR#4

SVR#3

Authorita8veServicefor0.NA/10.152

...

SVR#1

SVR#2

GlobalHandleRegistry

SVR#1

hXp://www.acme.com/URL10.1525/59.5 4

eyJhbGciOiJSUzI1NiJ9…..HS_SIG 20

HandleService0.NA/20.123.1




Resolve10.152/59.5

HandleServicefor0.NA/10.152

Resolve10.152/59.5

SVR#1

SVR#1

SVR#2

HandleResolu8on-ServiceInfoRequest


Request:Resolve10.152/59.5 1.  ClientrequestsaspecificGSPintheGHRtoresolvetheprefixhandle0.NA/10.152

SecurityFeatures:o  Privacy:Encryptedclientrequesto  Authen8ca8on:

o  Cryptographicauthen+ca+onofthetargetGSPservice

o  Cryptographicauthen+ca+onoftheresolvingclient

o  Audittrail:GSPlogsthefullclientrequest

HandleResolu8on-ServiceInfoRequest


ClientreceivestheServiceInforma+onforthe10.152Service.

2.ThetargetedGSPRespondswiththeServiceInforma+onforthe10.152service.

HandleServiceInforma+on

xcccxv xc xc xc xc xc xc xc xc xc xc xc xc xc

xc xc

xc xc xc

xc xc xc

xc xc xc

..

..

.. xc xc xc

..

..

.. xc xc xc

..

..

..

... xcccxv

xccx xccx

xcccxv xccx xccx

xcccxv xccx xccx

SecurityFeatureso  Privacy:Encryptedclientrequesto  Authen8ca8on:

o  CryptographicAuthen+ca+onofthetargetGSPservice

o  CryptographicAuthen+ca+onoftheresolvingclient

o  Audittrail:GSPlogsthefullclientrequest

o  Privacy:ResponsefromGSPisencryptedo  Authoriza8on:Responseonlyprovideswhat

theauthen+catedclientisallowedtoseeo  Non-repudia8on:Serviceinforma+onissigned

bytheGSPserviceanditisverifiedbytheclient.

HandleServiceInforma8onxcccxv xc xc xc

xc xc xc xc xc xc xc xc xc xc

xc xc

xc xc xc

xc xc xc xc

xc xc ..

..

.. xc xc xc ..

..

.. xc xc xc ..

..

..

... xcccxv

xccx xccx xcccxv

xccx xccx xcccxv

xccx xccx

HandleServices IPAddresses PortNumber PublicKey …

Authorita+veServiceService1Service2

12.34.45.6712.34.56.68

26412641

5ec6f944…55fa26ca…

……

MirrorService1Service1Service2Service3

12.45.67.7112.45.67.7212.45.67.73

264126412641

C77ee70…22d81f1…43a7a1f….

………

MirrorService2Service1Service2

32.23.23.1232.23.23.13

26412641

A80b56…b56757…

HandleResolu8on–HandleServiceRequest

HandleServicefor10.152


SVC#1

SVC#2

Authorita8veService

MirrorService1

SVC#1

SVC#2

SVC#3

MirrorService2

SVC#1

SVC#2

3.ClientqueriesServer#2inMirrorService1toresolve10.152/59.5

SecurityFeatureso  Privacy:Encryptedclientrequesto  Authen8ca8on:

o  CryptographicAuthen+ca+onofthetargetLHSservice

o  CryptographicAuthen+ca+onoftheresolvingclient

o  Audittrail:LHSlogsthefullclientrequest

AcmeLocalHandleService


hXp://www.acme.com/URL10.152/59.5.9 4

eyJhbGciOiJSUzI1NiJ9…..HS_SIG 20

HandleServicefor10.152

SVC#1

SVC#2

Authorita8veService

MirrorService1

SVC#1

SVC#2

SVC#3

MirrorService2

SVC#1

SVC#2

4.Serverrespondswiththe10.152/59.5.9handlerecord

HandleResolu8on–HandleServiceRequest

SecurityFeatureso  Privacy:Encryptedclientrequest.o  Authen8ca8on:

o  CryptographicAuthen+ca+onofthetargetLHSservice.

o  CryptographicAuthen+ca+onoftheresolvingclient.

o  Audittrail:LHSlogsthefullclientrequest.

o  Privacy:ResponsefromMirrorisencrypted.o  Authoriza8on:Responseonlyprovidesthe

valuesthattheauthen+catedclientisallowedtosee.

o  Non-repudia8on:HandlerecordissignedbytheMirrorServiceandcanbeverifiedbytheclient.

Handleande-APPSynergy

•  Theneedforauthen+ca+ngdigitalresourcesisabasicrequirementinmanydifferentinforma+onindustries.•  Journalar+cles,medicaltaxonomies,assetsregistries.•  InternetofThings,BigData.

•  Thepoliciesandworkflowsthatresultinthesigningandcer+fyingofdigitalresourcesmaydifferbuttheintentsandprocessforverifyingsignature(s)andthesigner(s)aresimilar.

•  TheHandleSystemprovidesanopensolu+onthatoffers•  Security,scalability.•  Interoperability.•  Digitalsovereignty.•  Signeriden+fica+onusinghandles.

DocumentRegistra8on

RegisterHandle

20.500.123/doc-10 Title:”Dra~Agenda”Summary:e-APPAgendaAdobeSignatureLanguage:English

PDF_DATA

hXp://ds5.cnri.net/Dra~.pdfURLDocumentloca+oneyJhbGciOiJSUzI1NiJ9…..HS_SIGDocumentEndorsement

SignusingAdobeReader

20.500.123/doc-11 Title:”FinalAgenda”Summary:e-APPAgendaAdobeSignature:Language:EnglishRelatedDocuments:•  PreviousVersion:20.500.123/doc-10

PDF_DATA

hXp://ds5.cnri.net/Final.pdfURLDocumentloca+oneyJhbGciOiJSUzI1NiJ9…..HS_SIGDocumentEndorsement#1iJSI1NiJUecfGihOz54…..HS_SIGDocumentEndorsement#2

Updatedocument

RegisterHandle

SignUsingAdobeReader

UpdatedDocumentRegistra8on

hXp://ds5.cnri.net/Final-FD.pdfURL

20.500.123/doc-12 +tle:”OrdreduJour”Summary:e-APPAdobeSignature:Language:FrenchRelatedDocuments:•  English:20.500.123/doc-11

PDF_DATA

Documentloca+on

iJSI1NiJUecfGihOz54…..HS_SIG

eyJhbGciOiJSUzI1NiJ9…..HS_SIGDocumentEndorsement#1DocumentEndorsement#2

TranslateDocument

RegisterHandle

SignUsingAdobeReader

TranslatedDocumentRegistra8on

Rela8onshipsBetweenDocuments

20.500.123/doc-10

20.500.123/doc-11

NextVersion

PreviousVersion

20.500.123/doc-13

SpanishVersion

20.500.123/doc-12

EnglishVersion

FrenchVersion

HandleEnhancedDocumentValida8on1.  Resolvesthedocument’sHandlefromPDF

metadata2.  Extractsthedocument’shandlemetadata.3.  VerifiesthePDF’sandHandle’ssignature:

•  Correlatesthedocumenttothehandle.•  Confirmstheintegrityofthedocument.

4.  Validatestheiden+tyofthedocumentsigner.•  Whoendorsedthesigner?•  Isthesigner’scer+ficatevalid?•  Isthesigners+llrecognized?

5.  Providesalistofrelateddocuments:•  Next–Previous.•  References•  Otherlanguagesetc…

6.  Listsandverifiesalladdi+onalcryptographicendorsements.

7.  Eachendorsementcer+ficatechaincanbeexplored.

Addi8onalBenefitsoftheHandleApproach1.  PDFdocumentsenhancedwithahandlebasedverifica+onsolu+oncanbeused

withanytechnologythatcanresolvehandlessuchas:•  AnAdobeReaderplugin.•  Awebbasedsolu+on.•  WithinaDigitalObjectbasedsolu+on.

2.  Thehandlebaseddocumentvalida+onsolu+oncanbeusedtoauthen+catedocumentsthatarenotPDFs:•  WebPages,Worddocuments,datasets,etc…

3.  DocumentsareassignedhandlesthatarestoredinaLocalHandleService(LHS)•  TheLHSismanagedlocally.•  TheLHSandregistra+oncanfollowrequiredlocalpoliciesandprocedures.•  Allhandlesaregloballyresolvableandinteroperable.

4.  Handleresolu+onprovidesanefficientsolu+onforinspec+ngcer+ficatechains

•  Providesadynamicmechanismforinspec+ngandverifyingcer+ficates.•  Resolvesasigner’sIDintoitsassociatedpublickeyandmetadata.•  Equallyverifieslocal,regional,andglobalcer+ficates.

Whoisresponsibleforopera8ngtheGHR?

•  TheoriginalGHRwasoperatedbyCNRIinRestonVAintheUSsincethemidtolate1990s.

•  Un+lrecently,CNRIhadthesolecreden+alandauthoriza+ontocreateallnewprefixes.

•  CNRIdecidedfurtherenhanceanddeveloptheGHRarchitecturetoenablemul+pleorganiza+onstocoordinateandadministertheGHRonamul+-primarybasisundertheoveralladministra+onoftheDONAFounda+on.

•  ThecurrentGHRmaintainsbackwardscompa+bilitywithalllegacyhandleclients.

ProvidersofGHRServices

•  Anorganiza+onthatiscreden+aledandauthorizedbyDONAtocreatederivedprefixesfromitsalloXedcreden+alprefixisknownasaMul+-PrimaryAdministrator(MPA)ormoregenerallyasaGlobalHandleServiceProvider(GSP).

•  Eachsuchorganiza+onisalloXedacreden+al(e.g.0.NA/21)byDONAandauthorizedtoprovideGHRservices.

•  Eachsuchorganiza+oncancreateanunlimitednumberofderivedprefixesfromitscreden+alprefixandallotthemtoorganiza+onsthatwishtoprovidelocalhandleservices.

•  AllGHRServicesverifyandreplicateanyandallvalidprefixescreated/modifiedbyotherfromallotherMPAsandGSPsinaccordancewithDONAFounda+onPoliciesandProcedures.

TheRoleoftheDONAFounda8on•  BasedinGenevaSwitzerland.•  Maintainstheopera+onsoftheGHR,collabora+velywithallMPAs.•  Providecoordina+on,so~ware,andotherstrategicservicesforthe

technicaldevelopment,evolu+on,applica+on,andotherusesinthepublicinterestaroundtheworldoftheDigitalObjectArchitecture(DOA)withamissiontopromoteinteroperabilityacrossheterogeneousinforma+onsystems.

•  DONAwillpromotetheX.1255standardandtheuseoftheDOAacrossmanydifferentcountries,domains,andindustries.

•  MakethedevelopedDOAstandardsand/orso~wareaccessibletothecommunitytofurthertheirdevelopmentandadop+on.

•  Enablesthedevelopmentofrelevantstandards,andso~wareforpurposesofreferencemodelsandinconnec+onwiththeGHR

DONAFounda8on’sGHROpera8ons

•  DONAcoordinateswiththeGHRServiceproviderstomaintainthestableandsecureopera+onofthetheGHRinthepublicinterest.

•  DONAcreden+alsandauthorizesnewMPAs.•  TheDONAFounda+onwillworkincollabora+onwiththeMPAs

toimprovethearchitectural,technical,andperformanceoftheGHR.

•  TheMul+-PrimaryGHROpera+onsstartedonthe9thofDecember2015.

Ques8ons?