Upload
eugene-erick-barton
View
216
Download
0
Embed Size (px)
Citation preview
1
International Directory Initiatives
TERENA Networking Conference 2001 in Antalya
14.-17.5.2001
Peter Gietz(CEO of DAASI International, chair of TF-LSD)
2
Agenda TERENA Task Force LDAP
Service Deployment• History• Deliverables• Status
Global Grid Forum• History• Directory related work
Current challenges of Middleware
3
TERENA Task Force LDAP Service Deployment
4
TF-LSD History First LSD WG in IETF lsd• BoF at 40th IETF Washington Dec 1997
• Chairs: Chris Apple and Roland Hedberg
• IDs on:• Locating LDAP servers
• Minimum white pages schema
• Naming and interconnection guidelines
• Schema writer‘s guidelines
• Locating LDAP servers
• Discussion of the TISDAG project (CIP deployment)
5
IETF lsd Charter
„Explore, discuss, and document solutions for direcxtory deployment issues related to the installed base of LDAP implementations“
besides the mentioned IDs relevant topics were:
managing the root naming context for LDAP directories
Using of dc-based and X.500-based naming Guidelines for client and server
implementors
6
IETF lsd
First Meeting 42nd IETF August 1998 Chicago• TISDAG presentation (CIP)• Presentation of DESIRE II CIP work
Closed November 1998 No RFC came out of this group
7
IETF lsd take 2 Lsd - Take 2 BoF• at 45th IETF July 1999 in Oslo• Presentations on • TISDAG• Norwegian Directory of Directories • DESIRE II CIP work
• Discussion about services involves discussions about business models that are not allowed in IETF
Take 2 didn´t take off either
8
NameFLOW activities NameFLOW
• international Directory Project• Members from European NRNs• Coordinated by DANTE• www.dante.net/np
DANTE took part in DESIRE II LDAP work
NameFLOW meetings included discussions on LDAP deployment
9
TF-LSD Meetings 1 LDAP BoF • May 2000 Amsterdam TERENA office• Report on TERENA DIRECT project• Interconnecting LDAP servers via knowledge
information
• PKI and X.509 certificates in LDAP• Global Indexed Directory System (GIDS) • Need for an ongoing activity was felt
10
TF-LSD Meetings 2 1st TF-LSD Meeting • September 2000 Utrecht SURFnet office
• GIDS status and commitments
• DANTE LDAP Service: LDAP cached referrals
• Integration of directories and PKIs
• EuroPKI
• Schema for PKI
• web2ldap Gateway
• Discussion of the draft Terms of Reference for TF-LSD (approved by TERENA TechnicalCommittee December 2000)
11
TF-LSD Meetings 3 2nd TF-LSD meeting• February 2001 Amsterdam TERENA office• ToR and Status of the deliverables • Update from the NRNs • Internet2 update• EduPerson • DC/X.521 Gateway • IETF Update • Metadirectory• Experiences with OpenLDAP
12
TF-LSD Terms of Referencesa) to provide a forum for exchanging
experiences and knowledge in area of LDAP based services deployment;
b) to prepare the establishment of the European wide pilot White Pages index service;
c) contribute to the set up of European wide pilot LDAP services in the fields of White Pages index, PKI, and other directory services useful for the European research community;
d) to contribute to and liaise with standardization boards in the field of directories, like IETF, ITU, CEN, and with related projects, like DIRECT and OpenLDAP.
13
TF-LSD Deliverables 1
A. Establishing the Task Force Information site
B. Investigation of the various directory indexing implementations based on the Common Indexing Protocol (CIP) and their interoperability.
C. Study on the privacy issues arising with the public pan-European White Pages service
14
TF-LSD Deliverables 2
D. Definition of a European wide White Pages service based on one or more CIP implementations, including the following issues: • schema • mechanisms to register participating directory servers
and data crawlers• definition of crawler behavior • authentication mechanisms • mechanisms to distribute index
objects.
15
TF-LSD Deliverables 3
E. Setup of an experimental service for a CIP based European wide White Pages index service
F. Investigate the possibilities to reference between the X.521 naming and the Domain Component naming and the referral mechanisms to set up a Directory Information Tree between LDAP servers via distribution of knowledge information.
16
TF-LSD Deliverables 4
G. Working out specification/requirements for the technical framework of the LDAP based storage; distribution and validation of certificates in an European wide LDAP based Public Key Infrastructure (PKI) for the research community.
F. Set up of an experimental Directory service for publishing certificates and CA information, like CRLs
17
TF-LSD Deliverables 5
I. Investigating the usability of services based on the new evolving directory related standards like: • DSML (Directory Service Markup Language) e.g. for data
interchange and replication
• DEN (Directory Enabled Networks) for provision of Quality of Service in networks, but also for storing other policy related information
• And others.
J. If needed, propose a revised version of the TF-ToR
18
TF-LSD Deliverables 6
K. Prepare a proposal to the TTC on follow-on activities based on recent developments in directory based network and information services
L. Contributing to the standardization process on LDAP and Global Directory services through the liaison with IETF, ITU and CEN standardization activity.
M. Maintaining mailing list(s) for communication between and with the TF members
19
TFD-LSD Status Website and Mailing list online
( http://www.terena.nl/task-forces/tf-lsd) CIP Interoperability testing more or
less done. Report in preparation White pages indexing system specs
ongoing First Draft on privacy issues out
soon Work on X.521 naming and the
Domain Component by SURFnet and REDIRIS
20
Project Proposals CIP-based Referral Server• API to GIDS
Definition of a European Education Person (DEEP)• Integrate existing schema definitions
• Coordinate with similar activities (EduPerson, GridPerson)
• First make a survey of Requirements in TERENA community
Adding Certificate Retrieval to OpenLDAP• Matched values
21
Global Grid Forum
22
What is the Grid?„The Grid is a consistent and standardized environment for collaborative, distributed problem solving that requires high performance computing on massive amounts of data that are stored, and/or generated at high data rates using widely distributed, heterogeneous resources „
„The Grid is an inherently layered architecture that provides for common services and a diversity of middleware that supports building distributed, large-scale, and high performance applications and problem solving systems. „
(W.E. Johnston as quoted by Ian Foster)
23
1998 Grid Forum BoF
At the SC ´98 in Orlando Goals :
a) review the state of various efforts in this areab) collect input on the goals and structure of a Grid
Forum, an organization that has been proposed to promote Grid technologies and applications, and encouraging cooperation on technologies.
Follow up BoFs:• SC'99 in Portland, Oregon • SC‘2000 in Dallas, Texas
24
First Grid Forum Workshop
16.-18. June 1999 at NASA Ames Research Center, Moffett Field, California, USA
Motivation:• Discuss common interests, problems, solutions
• Identify where “standards” can promote code sharing and interoperability
• Define such “standards” where sufficient experience exists
• Present united front to vendors
• Promote “Grid” technology
25
First GF WS (contd.) IETF-like model:• As little formal structure as possible!
• A goal of advancing Grids as a whole by identifying, defining, and encouraging deployment of common infrastructure elements
• "Rough consensus and running code": i.e., develop standards based on experience with real implementations in an IETF like way
• Focused, short-term standardization processes (e.g., what can be achieved in a year) rather than open-ended activities
26
First GF (contd.) Established working groups:• Scheduling • Grid Information Service • Grid Security infrastructure• Remote Data Access • Application and Tools Requirements • End-to-End Performance • Advanced Performance Models • Account Management • User Services
27
Second Grid Forum Meeting
19.-21. October 1999 at Northwestern University in Chicago
Goals:• further define/refine the "rules of
engagement„• synchronization among groups• establish a broad-based community forum
that accommodates a variety of interests and approaches
28
3rd Grid Forum Meeting
22.-24. March 2000 at University of California, San Diego
New features:• relatively clear working group charters
• Steering Group• Beginning to create community• Internationalization: Presentations on Grid
Projects in Europe (eGrid), Japan and Canada
29
4th Grid Forum Meeting
10.-12. July 2000 at Microsoft Campus, Redmond
Grid Forum Guidelines and Procedures defines three roles of GF:
1. development of production Grid infrastructures, and Applicability Statements, integration of technologies developed within IETF
2. forum for discussion and exploration of longer-term issues, similar to the Internet Research Task Force (IRTF)
3. Technical Specifications be developed that address topics not covered by IETF. In this respect, GF will operate in a fashion similar to IETF, focusing on shorter-term issues of engineering and standards making.
30
GF 5 15-18 October, 2000 in Marlborough,
Massachusetts Keynote „Observations“ by Ian Foster
on: 1. The Grid problem: controlled resource sharing in
multi-institutional settings2. Standards as a means of enabling sharing of code,
resources, services3. Definition of role and importance of protocols,
services, SDKs, APIs, etc.4. A “Grid Architecture”: a categorization of protocols,
services, SDKs, and APIs 30 % of the Participants from
Europe and Japan
31
eGrid 1st European Grid Forum
Workshop, 12.-13. April 2000 in Poznan, Poland• To improve the conditions for Grid-related
research and applications in Europe• For information exchange • To find partners for projects of mutual
interest• Communication channel to Grid Forum• Emphasize European dimension
32
eGrid 2nd eGrid Workshop 29. August
2000 in Munich• 5 WGs established:
• Performance Analysis (egrid-wg-perf) • Data Management (egrid-wg-data) • Resource Management (egrid-wg-rm) • Testbeds (egrid-wg-testbed) • Programming Models (egrid-wg-pm)
• EGrid Steering Committee established
• Discussion on merging with Grid Forum
• WGs should merge with the GF WGs where possible
• Other WGs (e.g. Testbed WG) will be kept separate
33
EC WS on Grid Technologies
22 - 23 June 2000 in Brussels Objectives:
1. to define the present status of grids world-wide2. to cover all underlying technologies, define the
R&D efforts needed for effective deployment in research, business and market areas
3. to identify the added value of grid technology and grid-ware applications for the end-users, intermediaries and service providers
4. provide input for the update of the IST Work Programm 2001
34
First Global Grid ForumWorkshop
4.-7. March 2001 in Amsterdam
Merger of the Grid Forum with eGrid (European Grid Forum) and the Asia-Pacific Grid Forum community
Roughly doubling of number of participants (2/3 from Europe)
Tutorials
35
First GGF contd. New activities:• Grid Protocol Architecture WG (GPA)
• Advanced Collaborative Environments WG (ACE)
• JINI activity
• Activity for defining a common grid policy for PKI
EUROGRID• Application test bed for European Grid Computing
• funded by the European Union
36
Directory related work in GGF
Most WGs use directories as base technology in the frame of the Globus toolkit for distributed information
Two WGs are most related with TF-LSD work:• Grid Information Service WG (GIS)• Security WG
37
GIS WG Charter http://www.unix.mcs.anl.gov/gridforum/gis
/ Identify requirements for interoperable
models and mechanisms for the information services necessary for doing grid-based computing:• definition of meta-models to allow the creation of inter
changeable schemas
• definition of formalisms to describe such schemas uniformly by the various WGs
• definition of a mechanism to access information that is stored in the schema
• educational outreach
• verification of the feasibility of the models
38
Selected GIS WG Documents
GOSv2: Defining Schemas for the Grid Information Service • defines formal syntax for the definition of
objects that form the core of the GIS• builds on the syntax developed as part of the
Globus Metacomputing Directory Service• roots in LDAP terminology• http://www-unix.mcs.anl.gov/gridforum/gis/
reports/gos-v2/gos-v2.pdf
39
Selected GIS WG Docs contd. Representing People for the GIS
• people objectclass definition• Based on InetPerson• To enable a single identity across all Grid components• provide support for authentication mechanisms
(password, certificate)• Not yet finished• Defines:
• GridPerson,• GridResourceAdministrator• MDSAdministrator
• http://www-unix.mcs.anl.gov/gridforum/gis/reports/people/people.pdf
40
Security WG Charter Mission:• Support the creation of secure Grid
environments• Enable cooperation among secure Grid
environments• Enable collaboration between end-users and
Grid sites through the use of secure methods Two Activities• Grid Security Infrastructure (GSI)• Grid Certificate Policy Design
41
Grid Security Infrastructure
Based on existing standards Needs to extent these due to special Grid
needs:• Single sign on• Delegation of trust• Integration with various local security solutions• User-based trust relationships• Flexible message protection
42
GIS Documents
Internet X.509 Public Key Infrastructure Impersonation Certificate Profile• Future term: „proxy certificate“• Delegation of trust• Similar usage than Attribute certificate
43
GGF Certificate Policy Activity Mission:
• Develop an identity Certificate Policy for the Global Grid community.
• The CP will reduce the cost and time needed to build a Grid PKI and increase policy and technical interoperability in the Global Grid community.
Goals:1. Define a certificate policy based on the global grid
community's identity requirements. This certificate policy may require support for multiple assurance levels.
2. Collaborate with related efforts such as Internet2, DFN, etc.3. Have the GGF Identity CP accepted
and used by the grid community
44
Current challenges of Middleware
Standardization is necessary Where will this take place? Use IETF/IRTF structures Synchronize GGF and AAA/AAAArch International Cooperation. There is
no US-Middleware or European Middleware
Think about architecture Define more applications Think about schema
45
Questions?
www.terena.nl/task-forces/tf-lsd
www.gridforum.org
This presentation at: www.terena.nl/tnc2001 or www.daasi.de
Email me at [email protected]