1

International Directory Initiatives

TERENA Networking Conference 2001 in Antalya

14.-17.5.2001

Peter Gietz(CEO of DAASI International, chair of TF-LSD)

peter.gietz@DAASI.de

2

Agenda TERENA Task Force LDAP

Service Deployment• History• Deliverables• Status

Global Grid Forum• History• Directory related work

Current challenges of Middleware

3

TERENA Task Force LDAP Service Deployment

4

TF-LSD History First LSD WG in IETF lsd• BoF at 40th IETF Washington Dec 1997

• Chairs: Chris Apple and Roland Hedberg

• IDs on:• Locating LDAP servers

• Minimum white pages schema

• Naming and interconnection guidelines

• Schema writer‘s guidelines

• Locating LDAP servers

• Discussion of the TISDAG project (CIP deployment)

5

IETF lsd Charter

„Explore, discuss, and document solutions for direcxtory deployment issues related to the installed base of LDAP implementations“

besides the mentioned IDs relevant topics were:

managing the root naming context for LDAP directories

Using of dc-based and X.500-based naming Guidelines for client and server

implementors

6

IETF lsd

First Meeting 42nd IETF August 1998 Chicago• TISDAG presentation (CIP)• Presentation of DESIRE II CIP work

Closed November 1998 No RFC came out of this group

7

IETF lsd take 2 Lsd - Take 2 BoF• at 45th IETF July 1999 in Oslo• Presentations on • TISDAG• Norwegian Directory of Directories • DESIRE II CIP work

• Discussion about services involves discussions about business models that are not allowed in IETF

Take 2 didn´t take off either

8

NameFLOW activities NameFLOW

• international Directory Project• Members from European NRNs• Coordinated by DANTE• www.dante.net/np

DANTE took part in DESIRE II LDAP work

NameFLOW meetings included discussions on LDAP deployment

9

TF-LSD Meetings 1 LDAP BoF • May 2000 Amsterdam TERENA office• Report on TERENA DIRECT project• Interconnecting LDAP servers via knowledge

information

• PKI and X.509 certificates in LDAP• Global Indexed Directory System (GIDS) • Need for an ongoing activity was felt

10

TF-LSD Meetings 2 1st TF-LSD Meeting • September 2000 Utrecht SURFnet office

• GIDS status and commitments

• DANTE LDAP Service: LDAP cached referrals

• Integration of directories and PKIs

• EuroPKI

• Schema for PKI

• web2ldap Gateway

• Discussion of the draft Terms of Reference for TF-LSD (approved by TERENA TechnicalCommittee December 2000)

11

TF-LSD Meetings 3 2nd TF-LSD meeting• February 2001 Amsterdam TERENA office• ToR and Status of the deliverables • Update from the NRNs • Internet2 update• EduPerson • DC/X.521 Gateway • IETF Update • Metadirectory• Experiences with OpenLDAP

12

TF-LSD Terms of Referencesa) to provide a forum for exchanging

experiences and knowledge in area of LDAP based services deployment;

b) to prepare the establishment of the European wide pilot White Pages index service;

c) contribute to the set up of European wide pilot LDAP services in the fields of White Pages index, PKI, and other directory services useful for the European research community;

d) to contribute to and liaise with standardization boards in the field of directories, like IETF, ITU, CEN, and with related projects, like DIRECT and OpenLDAP.

13

TF-LSD Deliverables 1

A. Establishing the Task Force Information site

B. Investigation of the various directory indexing implementations based on the Common Indexing Protocol (CIP) and their interoperability.

C. Study on the privacy issues arising with the public pan-European White Pages service

14

TF-LSD Deliverables 2

D. Definition of a European wide White Pages service based on one or more CIP implementations, including the following issues: • schema • mechanisms to register participating directory servers

and data crawlers• definition of crawler behavior • authentication mechanisms • mechanisms to distribute index

objects.

15

TF-LSD Deliverables 3

E. Setup of an experimental service for a CIP based European wide White Pages index service

F. Investigate the possibilities to reference between the X.521 naming and the Domain Component naming and the referral mechanisms to set up a Directory Information Tree between LDAP servers via distribution of knowledge information.

16

TF-LSD Deliverables 4

G. Working out specification/requirements for the technical framework of the LDAP based storage; distribution and validation of certificates in an European wide LDAP based Public Key Infrastructure (PKI) for the research community.

F. Set up of an experimental Directory service for publishing certificates and CA information, like CRLs

17

TF-LSD Deliverables 5

I. Investigating the usability of services based on the new evolving directory related standards like: • DSML (Directory Service Markup Language) e.g. for data

interchange and replication

• DEN (Directory Enabled Networks) for provision of Quality of Service in networks, but also for storing other policy related information

• And others.

J. If needed, propose a revised version of the TF-ToR

18

TF-LSD Deliverables 6

K. Prepare a proposal to the TTC on follow-on activities based on recent developments in directory based network and information services

L. Contributing to the standardization process on LDAP and Global Directory services through the liaison with IETF, ITU and CEN standardization activity.

M. Maintaining mailing list(s) for communication between and with the TF members

19

TFD-LSD Status Website and Mailing list online

( http://www.terena.nl/task-forces/tf-lsd) CIP Interoperability testing more or

less done. Report in preparation White pages indexing system specs

ongoing First Draft on privacy issues out

soon Work on X.521 naming and the

Domain Component by SURFnet and REDIRIS

20

Project Proposals CIP-based Referral Server• API to GIDS

Definition of a European Education Person (DEEP)• Integrate existing schema definitions

• Coordinate with similar activities (EduPerson, GridPerson)

• First make a survey of Requirements in TERENA community

Adding Certificate Retrieval to OpenLDAP• Matched values

21

Global Grid Forum

22

What is the Grid?„The Grid is a consistent and standardized environment for collaborative, distributed problem solving that requires high performance computing on massive amounts of data that are stored, and/or generated at high data rates using widely distributed, heterogeneous resources „

„The Grid is an inherently layered architecture that provides for common services and a diversity of middleware that supports building distributed, large-scale, and high performance applications and problem solving systems. „

(W.E. Johnston as quoted by Ian Foster)

23

1998 Grid Forum BoF

At the SC ´98 in Orlando Goals :

a) review the state of various efforts in this areab) collect input on the goals and structure of a Grid

Forum, an organization that has been proposed to promote Grid technologies and applications, and encouraging cooperation on technologies.

Follow up BoFs:• SC'99 in Portland, Oregon • SC‘2000 in Dallas, Texas

24

First Grid Forum Workshop

16.-18. June 1999 at NASA Ames Research Center, Moffett Field, California, USA

Motivation:• Discuss common interests, problems, solutions

• Identify where “standards” can promote code sharing and interoperability

• Define such “standards” where sufficient experience exists

• Present united front to vendors

• Promote “Grid” technology

25

First GF WS (contd.) IETF-like model:• As little formal structure as possible!

• A goal of advancing Grids as a whole by identifying, defining, and encouraging deployment of common infrastructure elements

• "Rough consensus and running code": i.e., develop standards based on experience with real implementations in an IETF like way

• Focused, short-term standardization processes (e.g., what can be achieved in a year) rather than open-ended activities

26

First GF (contd.) Established working groups:• Scheduling • Grid Information Service • Grid Security infrastructure• Remote Data Access • Application and Tools Requirements • End-to-End Performance • Advanced Performance Models • Account Management • User Services

27

Second Grid Forum Meeting

19.-21. October 1999 at Northwestern University in Chicago

Goals:• further define/refine the "rules of

engagement„• synchronization among groups• establish a broad-based community forum

that accommodates a variety of interests and approaches

28

3rd Grid Forum Meeting

22.-24. March 2000 at University of California, San Diego

New features:• relatively clear working group charters

• Steering Group• Beginning to create community• Internationalization: Presentations on Grid

Projects in Europe (eGrid), Japan and Canada

29

4th Grid Forum Meeting

10.-12. July 2000 at Microsoft Campus, Redmond

Grid Forum Guidelines and Procedures defines three roles of GF:

1. development of production Grid infrastructures, and Applicability Statements, integration of technologies developed within IETF

2. forum for discussion and exploration of longer-term issues, similar to the Internet Research Task Force (IRTF)

3. Technical Specifications be developed that address topics not covered by IETF. In this respect, GF will operate in a fashion similar to IETF, focusing on shorter-term issues of engineering and standards making.

30

GF 5 15-18 October, 2000 in Marlborough,

Massachusetts Keynote „Observations“ by Ian Foster

on: 1. The Grid problem: controlled resource sharing in

multi-institutional settings2. Standards as a means of enabling sharing of code,

resources, services3. Definition of role and importance of protocols,

services, SDKs, APIs, etc.4. A “Grid Architecture”: a categorization of protocols,

services, SDKs, and APIs 30 % of the Participants from

Europe and Japan

31

eGrid 1st European Grid Forum

Workshop, 12.-13. April 2000 in Poznan, Poland• To improve the conditions for Grid-related

research and applications in Europe• For information exchange • To find partners for projects of mutual

interest• Communication channel to Grid Forum• Emphasize European dimension

32

eGrid 2nd eGrid Workshop 29. August

2000 in Munich• 5 WGs established:

• Performance Analysis (egrid-wg-perf) • Data Management (egrid-wg-data) • Resource Management (egrid-wg-rm) • Testbeds (egrid-wg-testbed) • Programming Models (egrid-wg-pm)

• EGrid Steering Committee established

• Discussion on merging with Grid Forum

• WGs should merge with the GF WGs where possible

• Other WGs (e.g. Testbed WG) will be kept separate

33

EC WS on Grid Technologies

22 - 23 June 2000 in Brussels Objectives:

1. to define the present status of grids world-wide2. to cover all underlying technologies, define the

R&D efforts needed for effective deployment in research, business and market areas

3. to identify the added value of grid technology and grid-ware applications for the end-users, intermediaries and service providers

4. provide input for the update of the IST Work Programm 2001

34

First Global Grid ForumWorkshop

4.-7. March 2001 in Amsterdam

Merger of the Grid Forum with eGrid (European Grid Forum) and the Asia-Pacific Grid Forum community

Roughly doubling of number of participants (2/3 from Europe)

Tutorials

35

First GGF contd. New activities:• Grid Protocol Architecture WG (GPA)

• Advanced Collaborative Environments WG (ACE)

• JINI activity

• Activity for defining a common grid policy for PKI

EUROGRID• Application test bed for European Grid Computing

• funded by the European Union

36

Directory related work in GGF

Most WGs use directories as base technology in the frame of the Globus toolkit for distributed information

Two WGs are most related with TF-LSD work:• Grid Information Service WG (GIS)• Security WG

37

GIS WG Charter http://www.unix.mcs.anl.gov/gridforum/gis

/ Identify requirements for interoperable

models and mechanisms for the information services necessary for doing grid-based computing:• definition of meta-models to allow the creation of inter

changeable schemas

• definition of formalisms to describe such schemas uniformly by the various WGs

• definition of a mechanism to access information that is stored in the schema

• educational outreach

• verification of the feasibility of the models

38

Selected GIS WG Documents

GOSv2: Defining Schemas for the Grid Information Service • defines formal syntax for the definition of

objects that form the core of the GIS• builds on the syntax developed as part of the

Globus Metacomputing Directory Service• roots in LDAP terminology• http://www-unix.mcs.anl.gov/gridforum/gis/

reports/gos-v2/gos-v2.pdf

39

Selected GIS WG Docs contd. Representing People for the GIS

• people objectclass definition• Based on InetPerson• To enable a single identity across all Grid components• provide support for authentication mechanisms

(password, certificate)• Not yet finished• Defines:

• GridPerson,• GridResourceAdministrator• MDSAdministrator

• http://www-unix.mcs.anl.gov/gridforum/gis/reports/people/people.pdf

40

Security WG Charter Mission:• Support the creation of secure Grid

environments• Enable cooperation among secure Grid

environments• Enable collaboration between end-users and

Grid sites through the use of secure methods Two Activities• Grid Security Infrastructure (GSI)• Grid Certificate Policy Design

41

Grid Security Infrastructure

Based on existing standards Needs to extent these due to special Grid

needs:• Single sign on• Delegation of trust• Integration with various local security solutions• User-based trust relationships• Flexible message protection

42

GIS Documents

Internet X.509 Public Key Infrastructure Impersonation Certificate Profile• Future term: „proxy certificate“• Delegation of trust• Similar usage than Attribute certificate

43

GGF Certificate Policy Activity Mission:

• Develop an identity Certificate Policy for the Global Grid community.

• The CP will reduce the cost and time needed to build a Grid PKI and increase policy and technical interoperability in the Global Grid community.

Goals:1. Define a certificate policy based on the global grid

community's identity requirements. This certificate policy may require support for multiple assurance levels.

2. Collaborate with related efforts such as Internet2, DFN, etc.3. Have the GGF Identity CP accepted

and used by the grid community

44

Current challenges of Middleware

Standardization is necessary Where will this take place? Use IETF/IRTF structures Synchronize GGF and AAA/AAAArch International Cooperation. There is

no US-Middleware or European Middleware

Think about architecture Define more applications Think about schema

45

Questions?

www.terena.nl/task-forces/tf-lsd

www.gridforum.org

This presentation at: www.terena.nl/tnc2001 or www.daasi.de

Email me at peter.gietz@daasi.de