Jill Gemmill 2004 NMI Component: commObject ITU-T H.350 Directory Services for Multimedia Jill Gemmill University of Alabama at Birmingham

Slides:

Advertisements

Similar presentations

Secure Videoconferencing Jill Gemmill, UAB. Room for Improvement… Videoconferencing applications today No resource discovery – need to already know address.

Advertisements

Experiences in Middleware Deployment: Teach a man to fish… Mary Fran Yafchak NMI Integration Testbed Manager SURA IT Program Coordinator.

19 July 2005UAB-IBM Life Sciences Mtg, Hawthorne Center UAB IT Academic Computing David L Shealy, Director Jill Gemmill, Asst. Director John-Paul Robinson,

Cut Costs and Increase Productivity in your IT Organization with Effective Computer and Network Monitoring. Copyright © T3 Software Builders, Inc 2004.

Jill Gemmill 2004 H.350 (ITU-T Recommendation H.350 Directory Services Architecture for Multimedia) What and Why? Egon Verharen, SURFnet Jill Gemmill,

Real Time Communications Protocols and Applications Tyler Johnson Acting Director Telecommunications R&D.

Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.

Andrea Eastman-Mullins Information & Technology Coordinator University of North Carolina, Office of the President Teaching and Learning with Technology.

IBM Software Group ® Accessing Domino via Outlook iNotes Access for Microsoft Outlook - Notes Domino 5.5 – Domino Access for MS Outlook - Notes Domino.

CGU SIP VC Client: Design, Architecture & Demo Dr. Samir Chatterjee Network Convergence Laboratory School of Information Science Claremont Graduate University.

K. Stoeckigt, E. Verharen, Secure real-time audio/video communication – H.350,

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

The Homegrown Single Sign On (SSO) Project at UM – St. Louis.

JA-SIG CAS Enterprise Single Sign-On Scott Battaglia Application Developer Enterprise Systems & Services Rutgers, the State University of New Jersey Copyright.

Copyright C. Grier Yartz This work is the intellectual property of the author. Permission is granted for this material to be shared.

Moving Your Paperwork Online Western Washington University E-Sign Web Forms Copyright Western Washington University, This work is the intellectual.

LionShare Presented by Eric Ferrin, Sr Director, Digital Library Technologies Feb 3, 2004 Copyright Penn State University, This work is.

CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

Identity Management – Why and How Experiences at CU-Boulder Copyright Linda Drake, Director of Development and Integration, University of Colorado, Boulder,

Classroom Technologies Re-organization Copyright Kathy Bohnstedt, This work is the intellectual property of the author. Permission is granted for.

EDUCAUSE April 25, 2006Enforcing Compliance with Security Policies … Enforcing Compliance of Campus Security Policies Through a Secure Identity Management.

Sharing MU's SharePoint Experience 2005 Midwest Regional Conference Innovative Use of Technology: Getting IT Done Wednesday, March 23, 2005.

Page 1 Copyright Jill M. Forrester This work is the intellectual property of the author. Permission is granted for this material to be shared for.

Office of Information Technology Balancing Technology and Privacy – the Directory Conundrum January 2007 Copyright Barbara Hope and Lori Kasamatsu 2007.

3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.

K. Stoeckigt, E. Verharen, Secure real-time audio/video communication – H.350,

1 Introduction of Desktop Video Conferencing based on ITU-Standard H.350 Spring 2005 Internet2 Member Meeting Frank Reinemer Managed Services Consulting,

H.350 Case Study: University of Alabama at Birmingham Jason L. W. Lynn IT Academic Computing University of Alabama at Birmingham.

©Stephen Kingham SIP Peering SIP Workshop APAN Taipei Taiwan 23rd Aug 2005 By Stephen Kingham

ViDe Video Development Initiative Presentation to Common Solutions Group May 9, 2001 Jill Gemmill, ViDe Chair University of Alabama at Birmingham (UAB)

Larry Amiot Northwestern University Internet2 Commons Site Coordinator Training September 27, 2004 Austin, Texas Introduction to.

Vidmid VC working group: Scenarios & workplan Egon Verharen, SURFnet.

USERS Implementers Target Communities NMI Integration Testbed The NMI Integration Testbed NMI Participation Developed and managed by SURA Evaluate NMI.

Building Secure, Flexible and Scalable Environments using LDAP - SANS Orlando Sacha Faust PricewaterhouseCoopers

Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.

GridShib: Grid/Shibboleth Interoperability September 14, 2006 Washington, DC Tom Barton, Tim Freeman, Kate Keahey, Raj Kettimuthu, Tom Scavo, Frank Siebenlist,

NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.

1 Introduction to Microsoft Windows 2000 Windows 2000 Overview Windows 2000 Architecture Overview Windows 2000 Directory Services Overview Logging On to.

Introduction to SIP Larry Amiot Northwestern University Internet2 Commons Site Coordinator Training March 22, 2004 Indianapolis,

Overview of H.350 Directory Services For Multimedia Conferencing Larry Amiot Northwestern University Internet2 Commons Site Coordinator.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Internet Authentication Service.

5/7/2002 Vidmid-vc: Middleware for Video Conferencing Services Egon Verharen, SURFnet Vidmid-vc chair Middleware Vidmid VC History, Scope, Status, Authentication.

3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 NMI R3 Enterprise Directory Components.

Digital Diversity: Multi- institutional Access to Distributed Course Resources Barry Ribbeck UT HSC - Houston.

Standardized Directory Enabled Videoconferencing Infrastructure Nadim E. El-Khoury University of North Carolina at Chapel Hill Internet2.

©Stephen Kingham SIP Protocol overview SIP Workshop APAN Taipei Taiwan 23rd Aug 2005 By Stephen Kingham

The European Face of Videoconferencing and other developments Egon Verharen SURFnet GDS: Former TF-STREAM chair,

4 October 2001 Tuning in to H.323 / LDAP security What this presentation is about - RADvision ECS registration control via LDAP - information and configs.

Welcome to Base CAMP: Enterprise Directory Deployment Ken Klingenstein, Director, Internet2 Middleware Initiative Copyright Ken Klingenstein This.

XACML Showcase RSA Conference What is XACML? n XML language for access control n Coarse or fine-grained n Extremely powerful evaluation logic n.

H.350 Deployment Case Studies IETF Leveraging Middleware for Unified Campus Services: ITU-T H.350 and IETF RFC 3944 Jason Lynn (UAB) Frank Reinemer (Danet)

Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.

Larry Amiot Northwestern University Internet2 Commons Site Coordinator Training September 27, 2004 Austin, Texas Overview of H.350.

NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Renee Woodten Frost Internet2/University of Michigan.

Recent Developments in Directories: Performance Monitoring with “Look” Brendan Bellina, University of Notre Dame Spring 2003 Internet2 Member Meeting.

WebISO, Single Sign-On & Authorization General Overview Shelley Henderson Project Manager, Grid Software USC Information Services Copyright.

NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.

Directory Services CS5493/7493. Directory Services Directory services represent a technological breakthrough by integrating into a single management tool:

Computing Center of Max-Planck-Society and Institute of Plasmaphysics K. Stoeckigt, H.350: Everything OpenSource and solving the H.323 problem.

Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.

NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Mark Luker, EDUCAUSE Copyright Mark Luker, This work is the intellectual.

Peter Ziu Northrop Grumman ACS-WG Grid Provisioning Appliance Concept GGF13, March 14, 2005

Overview of H.350 Directory Services For Multimedia Conferencing Tim Poe University of North Carolina Internet2 Commons Site Coordinator Training December.

SIP Protocol overview SIP Workshop APAN Taipei Taiwan 23rd Aug 2005

Objectives Differentiate between the different editions of Windows Server 2003 Explain Windows Server 2003 network models and server roles Identify concepts.

Copyright Notice Copyright Bob Bailey This work is the intellectual property of the author. Permission is granted for this material to be shared.

Open Source Web Initial Sign-On Packages

Designing IIS Security (IIS – Internet Information Service)

Presentation transcript:

Jill Gemmill 2004 NMI Component: commObject ITU-T H.350 Directory Services for Multimedia Jill Gemmill University of Alabama at Birmingham 17 th APAN Meeting

Jill Gemmill 2004 What problems did we want to solve? Use existing identity management – avoid replicating into proprietary directories Standardize storage for protocol-specific data to ease updates/migrations; one central store for multiple protocols Leverage identity management for reliable authentication and authorization

Jill Gemmill 2004 Other drivers COTS - We wanted solution to be implemented by vendors. Therefore, adoption as a standard was necessary H.323/SIP already had existing security protocols – use those, without requiring modifications Be useful for non-standards based conferencing (MPEG2/AG/VRVS)

Jill Gemmill 2004 Acknowledgments NSF ANI “ViDe.Net: Middleware for Scalable Video Services for Research and Higher Education” (Gemmill (PI), Chatterjee, Johnson) NSF ANI “NSF Middleware Initiative” via SURA “UAB Middleware Testbed Program: Integrated Directory Services, PKI, Video, and Parallel Computing”, Subcontract (Shealy, Gemmill (Technical Lead)) NSF EPS via UA “Alabama Internet2 Middleware Initiative”, NSF EPSCoR (Shealy, Gemmill (co-PI) ) Any opinions, findings or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the National Science Foundation.

Jill Gemmill 2004 H.350 : New ITU-T Standard (ratified August 2003) H.350 was born out of Internet2 Video Middleware working group (Internet2 Middleware and ViDe joint initiative) H.350 was introduced in NMI Release 2 as commObject, an NMI-EDIT component NSF grant to UAB with partners CGU, SURFnet, UNC, and RADVISION Sent by ITU for informational review to IETF

Jill Gemmill 2004 H.350 Architecture Components

Jill Gemmill 2004 Endpoints (What the end user has) H.323 Terminals: –Desktop videoconferencing (VCON, Viavideo, etc) –Room videoconferencing (Polycom, Tandberg, etc) –Multi-point control unit (MCU) SIP User Agents: –IP Telephony –Desktop (Messenger, CGU client…)

Jill Gemmill 2004 Call Servers - Service Management H.323 Gatekeeper SIP Proxy Both have lists of users, do call routing, enforce usage policies, do logging for any billing….

Jill Gemmill 2004 Enterprise Directory Central stores of information about people associated with an institution Authoritative (eg: Human Resources, Registrar; Telecommunications) ONE consolidated list – identities resolved (SSN!) Benefits: –Correct and current –Single location to disable account –Single location to reset password Video/VoIP manager – reinvent this wheel?

Jill Gemmill 2004 H.350 Directory Standardized LDAP schema that represents application-specific information for multimedia including these protocols: –SIP –H.323 –H.235 –H.320 –Non-standard (eg: Access Grid, VRVS, MPEG2). Designed to require minimal changes to the enterprise directory.

Jill Gemmill 2004 H.350 Directory Organization commObject commUniqueId commOwner commPrivate h323Identity h323IdentityGKDomain h323Identityh323-ID h323IdentitydialedDigits h323Identity -ID …… h323IdentityEndPointTyper h323IdentityServiceLevel h235Identity h235IdentityUid h323IdentityPassword userCertificate Enterprise Directory inetOrgPerson name (dn) address telephone organization organizational unit commURI RFC 1274 userPassword

Jill Gemmill 2004 White Pages Look up person – find video/voip address Standardized – works with multiple vendors’ hardware and software Makes “Directory of Directories” searching possible (a global multimedia directory) Supports ‘clickable’ dialing Prototype/Testbed H.350 directory –

Jill Gemmill 2004 Search for a person Enter name; SearchResult: Associated with multiple endpoints

Jill Gemmill 2004 Endpoint Information Non-Standard “genericIdentity” example

Jill Gemmill 2004 Person/Owner Information

Jill Gemmill 2004 Other Searches Possible

Jill Gemmill 2004 Directory of Directories Search Simple Java Directory Search searches public attributes in predefined list of directories. Under Development: scalable approach indexes remote directories (LIMS/TIO). A “google-like” repository linking back to distributed entries.

Jill Gemmill 2004 Endpoints Implementing H.350 can… Based on EndpointID, address, etc., lookup correct configuration information and load it. - Solves big user support issue! No matter what protocol or brand, necessary data can be managed in an organized way. Do white pages search via LDAP protocol – receive answers; ‘click to dial’ if supported. UAB Electronic Phonebook

Jill Gemmill 2004 Endpoints supporting H.235 can… User/Endpoint Validation –Do enterprise authentication (via LDAP) –Obtain videoconferencing credentials –Use VC credentials to obtain CORRECT configuration –Logging now suitable for usage tracking/billing

Jill Gemmill 2004 Call Servers Implementing H.350 can… Pull information from canonical store –Solves manual data entry problems –Can convert canonical to proprietary if needed on the fly Use XIdentityServiceLevel attribute to provide levels of authorization Scale up video/voip operations

Jill Gemmill 2004 Video Middleware Cookbook Version 0.5 is included in NMI Release 4 Description and examples of all H.350 attributes LDIF files ready to use for iPlanet and OpenLDAP H.350 installation and server configuration instructions Version 1. (March 2004) will include code snippets for developers and global indexing instructions.

Jill Gemmill 2004 Video Middleware Cookbook

Jill Gemmill 2004 Do Any Products Support H.350? YES! Next version of RADVISION ECS Gatekeeper Demonstration H.323 Endpoint HCL Technologies SIP Proxy Server CGU SIP UserAgent available for download Having customers like you request H.350 compliance in RFP’s and products will certainly impact the vendors

Jill Gemmill 2004 Recent Developments Addition of H – Call Forwarding ASN.1 for using H.350 in X.500 directories Study Group 16 has requested additional contributions on Federated approaches to authentication and authorization Study Group 16 has approved of the idea of a 'Global Secure Conferencing Profile' as a useful concept and has requested further contributions in this area.

Jill Gemmill 2004 How to Participate Join Internet2 VidMid-VC Join the ViDeNet H.350 Deployment Testbed –Contact TestBed Manager Jason Lynn –Use Video Middleware Cookbook and provide feedback to the cookbook editors –Attend the “Deploying H.350” full-day workshop Thursday March 25 (SURA/ViDe Digital Video Workshop post-conference)

Jill Gemmill 2004 Workshop

Jill Gemmill 2004 Q & A

Jill Gemmill 2004 Copyright Jill Gemmill 2003 This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.