Presentation is loading. Please wait.

Presentation is loading. Please wait.

Workshop on the DOI System DOI SYSTEM: RESOLUTION International DOI Foundation.

Similar presentations

Presentation on theme: "Workshop on the DOI System DOI SYSTEM: RESOLUTION International DOI Foundation."— Presentation transcript:

1 Workshop on the DOI System DOI SYSTEM: RESOLUTION International DOI Foundation

2 Internet resolution The Handle System ® Implementation tools: Web browsers, proxies, plug-ins Appropriate resolution Data typing Multiple resolution Handle System developments Outline / Key concepts in this section doi>

3 DOI Handbook Chapter 3, Resolution Numbering DOI System and the Handle System Factsheet: Further reading on key concepts in this section doi>


5 Resolution: the process of submitting a DOI name to a network service and receiving in return one or more pieces of current information related to the identified object. e.g., a location (URL) of the object or metadata. –DNS is the best known type of resolution: resolve the IP address to route to a computer location This may involve one or more intermediate mapping operations. The resolution may or may not return an instance of the object. Multiple resolution is the simultaneous return as output of multiple pieces of current information related to the object, in defined data structures. The DOI System uses the Handle System to provide resolution –See for detail e.g. advantages over DNS – DOI Resolution doi>

6 The Handle System is a general purpose distributed information system that provides efficient, extensible, and secure identifier and resolution services for use on networks such as the Internet. A non-commercial, openly available protocol and reference implementation. Met the needs of DOI System development aim: do not re- invent the wheel. Can utilise existing or new schemes, many advantages that map to DOI System needs. Developed at Corporation for National Research Initiatives (US) by Robert Kahn, one of the fathers of the Internet (TCP/IP). The Handle System doi>

7 Digital information needs to be a first class citizen in the networked environment First class = one that has an identity independent of any other item Current Internet less than optimal for security, privacy, mobility. Original Internet design conflated addresses to serve two purposes: an indication of the location of the end point, and an indication of its identity – now recognised as a limitation (see e.g. NewArch*, FIND**) *Future generation Internet architecture **Future Internet network design The fundamental characteristic of digital information is that it is processable data, enabling re-use and hence new forms of electronic commerce, creativity and social benefit. Managing these units of digital information, the citizens in the network, requires that they have unique names (or identifiers) denoting a specific referent, and the ability to manage their attributes. Objects (citizens) may be representations of content, people, parties, resources, licences, avatars, sensors, etc. The Handle System: rationale doi>

8 Handle System is part of a wider architecture (but entirely separable and usable alone): focus on objects not packets. Managing information on the Net over very long periods of time – e.g. centuries or more. Dealing with very large amounts of information on the Net over time. When information, its location(s) and even the underlying systems may change dramatically over time. Respecting and protecting rights, interests and value. Robert Kahn/Robert Wilensky A Framework for Distributed Digital Object Services, – Part of Digital Object Architecture doi>

9 Identifier: unique persistent string (number, name, identifier) assigned to a referent –Unique: one to many: an identifier specifies one and only one referent (but a referent may have more than one identifier) –Persistent: once assigned, does not change referent Resolution: process by which an identifier is input to a network service which returns some information Referent: the object to which the identifier is assigned, whether or not resolution returns that object. –may be abstract, physical or digital, since all these forms of object are of relevance in identifier management (e.g. creations, resources, agreements, people, organisations) – classical ontology issues –Digital object: an instance of an abstract data type –(Objects are often compound and contain several referents) Terminology doi>

10 Basic Internet resolution system: identify objects, not servers. Optimized for speed, reliability, scaling Open defined protocol and data model (IETF RFC 3650,1,2) –free protocol; service at low cost (non-profit); –freely available to be used as engine underneath other named identifiers. Separation of control of the handle and who runs the servers –distributed administration, granularity at the handle level Any Unicode character set –internationalisation All transactions can be secure and certified –Both registration and resolution Not all data public: individual values within a handle can be private No semantics necessary in the identifier Logically centralized, physically distributed and highly scalable Does not need DNS, but can work with DNS: –deployed via tools e.g http proxies, client plug-ins, server software, etc Handle System overview doi>

11 A Handle consists of a prefix and suffix e.g. 123/4567 Prefix and suffix may be any length e.g /456-mydoc Suffix may incorporate another identifier numbering scheme e.g /ISBN Thereby adds functionality to that numbering scheme Shorter prefixes (1-3 digits) reserved for major projects, countries, etc. Handle syntax doi>

12 URL2…. DLS3acme/repository HS_ADMIN100acme.admin/jsmith XYZ Data value Handle Data type Index /456URL1…. Handles resolve to typed data One or more Handle values (type:value) Resolution can return all values, or all values of one type Schematic (simplified) representation of a handle record PrefixSuffix Handle value(s) doi>

13 : 3 Handles resolve to typed data Fuller representation of a handle record: e.g. the handle " /may99-payette" has a set of three handle values: : 100 : HS_ADMIN : acme.admin/jsmith : 1 : URL : : {Relative: 24 hours} : PUBLIC_READ, ADMIN_WRITE : : {empty} doi>

14 is a collection of handle services, each of which consists of one or more replicated sites, Site 1Site 2 Site 1 Site 2 Site 3 …... Site n Client The Handle System LHS GHR each of which may have one or more servers /abcURL 4 URL #1#2#n#4#3 #1#2... Handles resolve to typed data

15 Global Handle Registry 1. Sends request to Global to resolve 0.NA/ (naming authority handle for ) Client Request to Client: Resolve hdl: /1 Handle clients

16 Client Request to Client: Resolve hdl: /1 Global Handle Registry 2. Global Responds with Service Information for Service Information Acme Local Handle Service xcccxv xc.. xc.. xc..... xcccxv xccx xcccxv xccx xcccxv xccx Handle clients

17 3. Client queries Server 3 in Secondary Site A for /1 Client Global Handle Registry #1#2 #1 #2 #3 Primary Site Secondary Site A Secondary Site B Request to Client: Resolve hdl: /1 Acme Local Handle Service Handle clients

18 4. Server responds with handle data Client Global Handle Registry #1#2 #1 #2 Primary Site Secondary Site A Secondary Site B Request to Client: Resolve hdl: /1 #3 Acme Local Handle Service Handle clients

19 LHS GHR LHS Handle System Web Client Handle Administration Client Resolve Handle HTTP Redirect Proxy/ Web Server HTTP Get Handle Data Handle clients

20 LHS GHR LHS Handle System Client Handle Administration Client hdl:/ /abc Client Plug-In Resolve Handle Request Handle Data Handle clients

21 LHS GHR LHS Handle System Web Handle Administration Client Web Server HTTP Handle Admin API Admin Forms Handle clients

22 LHS GHR LHS Handle System Web Handle Administration Client Custom Client Handle clients

23 LHS GHR LHS Handle System Handle Administration embedded in another process Web Handle clients

24 LHS GHR LHS Handle System Handle Administration embedded in another process Handle Resolution embedded in another process Handle clients

25 A handle has a set of values assigned to it = a record that consists of a group of fields field defines the syntax and semantics of a values data –e.g. URL (resolving to current location) –pre-defined set of handle data types for administrative use –registered handle data types for non-administrative use (URL, , and DESC): others being added* Types may include: –HS_PUBKEY: public key used to authenticate entities in the Handle System –HS_SECKEY: secret key password to access some service –DESC: UTF8-encoded descriptions of the object identified by the handle Full list at * Handle System Advisory Committee is defining a recommended practice process Handle System: typing doi>

26 Provides infrastructure for application domains, e.g. digital libraries & publishing, network management, id management... International DOI Foundation –Federation of several independent applications Defense Virtual Information Architecture –Defense Technical Information Center (DTIC), DARPA, CNRI –context sensitive distribution of data and metadata: resolution result depends on who you are GRID computing –Shared computing resources –Handle System - Globus Toolkit Integration Project Handle System usage (1) doi>

27 DSpace - Digital Repository System –MIT Libraries/Hewlett-Packard –stable, long-term storage of intellectual output of faculty, researchers, centers and labs National Digital Library Program (NDLP) –Library of Congress. Collections of historic materials converted to digital formats. LoC use handles to identify material in the library's own collections Los Alamos National Labs –internal doc management (600m+) Several Digital Library projects –e.g. ARROW Others who may adopt RFCs: –e.g. Fedmark: independent commercial implementation of Handle protocols for digital rights system Handle System usage (2) doi>

28 Some others of particular relevance to identity management... Transient Network Architecture –Pervasive transient mobile network in which all communications occur between persistently identified entities. –CNRI/University of New Mexico, under NSFs FIND (Future Internet Network Design) project –; Using PKI capability for persistent trustworthy identity, separating: –Transport trustworthy (name/attribute is binding) –Administration trustworthy (attribute is issued by attribute holder) –Attribute credential (attribute value is true) Representing Value as Digital Objects: Transferability and Anonymity –Deeds of trust, mortgages, bills of lading, digital cash etc. –Transferable records" structured as digital objects – Possible Application of Handles to licences and parties –See separate talk on content industry identifiers Handle System projects doi>

29 Assigned namespaces (prefix) –DOI –D-Space 500+ –Others 700+ Individual Handles (identifiers within each namespace) –DOI 30+ M –Other: 600?? millions total per namespace known only to namespace manager; e.g. LANL adding 600M but privately Global Handle System –Core three service sites (added locations being considered) –c. 60 million direct resolutions per month –c. 50 million proxy server resolutions per month Handle System statistics doi>

30 Integrity of the Global Handle Registry service. Protected service information and public key pair used to sign global service information. Handle protocol allows handle servers to authenticate their clients and to provide data integrity service on client request. Handle servers can be explicitly asked to generate or return a digital signature for every service response (but normally dont). Public key and/or secret key cryptography may be used. Server authentication may be used to prevent eavesdroppers from forging client requests or tampering with server responses. Client applications can (if wished) only accept information from the authoritative Global Handle Registry (not any mirrors) and check its integrity on each update. Handle System: security doi>

31 Similarities and differences in both the design and intended use. Naming –DNS naming hierarchy reflects a control hierarchy, Handle System need not. –Handle System separates control of handle (id) from control of server (location). Distributed Administration –Handle administrators can add/delete identifier and identifier values securely over the public Internet. Proxies –Technical advantages regarding resolution work behind SOCKS or HTTP proxies, both supported in Handle client library (whereas DNS resolution from behind proxies is difficult/impossible). Unicode –Full native Unicode is supported by the Handle System. There are hacks to make DNS support 8-bit character sets, but they are not widely implemented. Replication –In DNS, if a single record is updated all records must be copied to mirror servers. The Handle System has finer granularity: if a single record is updated, the server will copy only that record to the mirror servers. Handle System and DNS (1) doi>

32 Certification –DNS has to be fast, especially at the root. Not very good for alternative uses, e.g. certificates. Handle System has more flexible and robust certification support. Access Control –Handle System has support for access control and authentication. DNS does not. Record Size –Technical advantages regarding UDP and TCP handling: more efficient request handling; much larger storage in a record (DNS 64KB, Handle System 4GB). Examples of integration with DNS: –CNNIC Handle implementation offers secured DNS resolution via a Handle protocol interface. Further work will package the Handle-DNS software for public release; deploy the Handle-DNS server TLD registry and its subsidiaries; and establish an ENUM service and client software based on the Handle-DNS interface. –Client library and proxies for use with http etc. Handle System and DNS (2) doi>

33 Naming hierarchy independent of control hierarchy: –DNS: who runs controls who runs –Handle System separates control of handle (id) from control of server (location) Handles are first class names: –URLs: grouped by domain name and then by some sort of hierarchical structure, originally based on file trees –Handles: each name stands on its own, unconnected to any DNS or other hierarchy Can avoid broken URLs when control changes Ownership. The prefix administrator is considered the owner of the data (whereas in DNS, the system administrator is considered the owner): –Each Handle identifier and prefix can have its own set of administrators independent from the system administrator Relationships between objects can be expressed: –If you want to build a hierarchy you can – but on any basis –Handles can refer to other handles (some applications have introduced a detailed data model to allow this – e.g DOI) Handle System and granularity doi> Functional Granularity : it should be possible to identify an entity whenever it needs to be distinguished First class naming : Digital objects should have first class names

34 Specification –RFC 3650: Overview –RFC 3651: Namespace and Service Definition –RFC 3652: Protocol Application areas DoD Instruction 1322 –Mandates Handle System use as part of Advanced Distributed Learning ISO standards track for DOI System –A Handle application for the content sector –ISO TC46/SC9 (home of ISBN etc) Governance: HSAC - Handle System Advisory Committee –Approx 15 members representing big users or interest groups –Goal: evolve to oversee the system, autonomous (cf. IETF etc) –Currently by invitation; interest welcomed Handle System and standards doi>

35 Handle System home page

36 Resolve DOI name with some additional information to give results depending on context Open URL: see e.g. –Resolve to same content at different location (by user) Full contextual resolution: Handle System can do this (DVIA) –Resolve to different content (by user) Of interest re licensing etc Steps in evolution: –URLs: not useful for long term management –naming and resolution: get me the right thing –contextual resolution: get me the thing that is right for me (e.g. that I have access rights for) doi> DOI name appropriate (contextual) resolution

37 Adobe Acrobat plug-in Concept announced and mock-up shown 2002 Now fully developed and licensed, available for Acrobat 8.0 Builds on Acrobat SDK Early adopters needed Potential for more work Examples: 1. CrossRef data 2. New version functionality doi> DOI tools: example (1)





42 Adobe Acrobat plug-in 2. New version functionality doi> DOI tools: example (1)



45 Firefox Handle Extension Displays a toolbar with Handle System features Tool to create additional handles, bookmark handles, etc –Bring up a web page and assign a Handle Recent work: possible addition to Firefox Add-ons doi> DOI tools: example (2)



48 Significant benefit of Handle System: Resolve from one DOI name to several different things One-to-many linkage Resolution request would give: –all results, or –all results of one type Need a framework to build these applications on: group similar uses so that the results are predictable and can be used across applications DOI Application Profile framework Handle System data value typing CrossRef use for e.g. location-dependent resolution Other business cases? Could express relationships (ISTC to ISBNs etc) doi> DOI multiple resolution

49 Entity Service Instance Service Definition Entity Service Instance Application Profile Service Instance Application Profile Service Instance Service Definition The properties of groups of DOIs are defined as APs APs have one or more Services Services have definitions APs and services are themselves identified by Handles (DOIs) Referents are identified by DOIs DOI Application Profiles doi>

50 Other related tools for resolution NISO = National Information Standards Organization (under ANSI, the US national body of ISO) Open URL NISO standard Z A syntax to create web-transportable packages of metadata and/or identifiers about an information object. Not an identifier, but a complementary technology for appropriate redirection of an identifier resolution. In use with Digital Object Identifiers (DOI names) and handles. e.g. "info" URI Registry IETF RFC 4452: The "info" URI Scheme for Information Assets with Identifiers in Public Namespaces. Turn legacy identifiers into URLs (e.g. info:lccn/ ). DOI and Handle are both registered as info URI schemes. Now formalizing policies for the "info" URI registry. This identifier and its registry could serve as a focal point for NISO's identifier activity, creating a trusted brand and a starting point for community members doing work that requires identifiers. (NISO workshop on identifiers 2006) doi>

51 Berkeley DB JE support –Increased performance –Increased scalability Template resolution, a.k.a. virtual handles –All handles that match a given pattern, e.g., 123/456*, will resolve to the same data, e.g., a single URL at which all objects are found –Currently a fixed value per pattern, but could be extended to be a function of the handle presented for resolution (think limited regular expressions), e.g., 123/, resolved by any client, would resolve to the pattern and the server would return New features in recent Handle releases: server side

52 Choose by facility - currently being deployed in the proxy service –Pack alternatives into a single handle value using XML. –Include criteria for selecting among them, to be evaluated by the client. –Example: alternatives = geographic locations, criteria = incoming IP, proxy matches incoming IP to IP tables and picks best location, other clients could be configured to select country in some other way. –Detail: For some handle, the value of type CNRI.RSRC_LOC New features in recent Handle releases: client side

53 Extended Handle client library to provide higher level API –Creation: handleValue = hsClient.createHandleValue(1,URL,"http://acme.."); hsClient.createHandle(handle, new HandleValue[] {handleValue}); –Deletion hsClient.deleteHandle(handle); Resolver.xml –Local file containing override or default values for specific handles If override, local client never goes to Handle System for that handle, but just uses the given value If default, local client uses that value if it cannot resolve the handle for whatever reason, e.g., on an airplane Web services interface to Handle System at multiple levels –Added to current set of proxies –Released as a stand-alone interface that could employed by other organizations as needed Handle plug-in for Acrobat Reader re-released for Reader 8 New features in recent Handle releases: client side

54 URL2…. DLS9acme/repository HS_ADMIN100acme.admin/jsmith XYZ Handle data HandleData type Index /456URL1…. Handles resolve to typed data Rules for data type construction: doi>

55 How to define these types? (not types of referents) Handle Records may be thought of as sets of handle triples: handle:type:value Clients rely on types in order to interpret the values All of this is transparent to HS servers – servers simply store and deliver type:value pairs - type is completely open, no type police A few standard types already exist: –Admin types - what the HS itself needs to operate –Common types, e.g., URL –They are themselves registered as handles, e.g., 0.TYPE/URL Lots of projects using the Handle System invent types for their own purposes Two issues coming to the fore: –What can a client do with a type it doesnt know about ahead of time? –What sort of synergies across projects are we missing through wheel re-invention? Handles resolve to typed data

56 Keep the 0.TYPE mechanism in place Encourage registration, with low barriers –Is it in use? –Is it understandable? –Is it harmful to the overall HS? Expand the required type/values under the 0.TYPE handle –Human-readable description –Responsible party –Dates of creation and last revision –Related handle types –Searchable registry in which the type is registered Introduce a searchable Registry of Handle Types –Publicly available for searching –Searchable version of the complete set of 0.TYPE records –Added fields and examples? Issues –Ontologies: are two types really the same but using different descriptions or languages? –Trial vs accepted types Proposed Registry of Handle types

57 Internet resolution The Handle System Implementation tools: Web browsers, proxies, plug-ins Appropriate resolution Data typing Multiple resolution Handle System developments Outline / Key concepts in this section

58 Workshop on the DOI System DOI SYSTEM: RESOLUTION International DOI Foundation

Download ppt "Workshop on the DOI System DOI SYSTEM: RESOLUTION International DOI Foundation."

Similar presentations

Ads by Google