Presentation is loading. Please wait.

Presentation is loading. Please wait.

The HEP White Pages Project Ray Jackson CERN / IT - Internet Services Group 23rd April 2001 - HEPiX/HEPNT Conference, LAL-Orsay, France.

Similar presentations


Presentation on theme: "The HEP White Pages Project Ray Jackson CERN / IT - Internet Services Group 23rd April 2001 - HEPiX/HEPNT Conference, LAL-Orsay, France."— Presentation transcript:

1 The HEP White Pages Project Ray Jackson CERN / IT - Internet Services Group 23rd April 2001 - HEPiX/HEPNT Conference, LAL-Orsay, France.

2 Ray Jackson - The HEP White Pages Project2 Roadmap Who am I? Introduction & History Why use LDAP? The Referrals Mechanism HEP White Pages Service at CERN Advantages & Issues with HEP WP. The future of HEP White Pages

3 Ray Jackson - The HEP White Pages Project3 Who am I? Arrived in June 1999 at CERN Internet Applications Group now named Internet Service Group Working with Messaging Infrastructure (e- mail, distribution lists, news, directories) Computer Science Graduate from Manchester, England Primary role at CERN is with LDAP and GroupWare (distribution lists etc.)

4 Ray Jackson - The HEP White Pages Project4 Introduction Aim is to have a Global Address Book Scope covers ALL people involved in HEP community Individual queries transparent to users Based on Standard Protocols (OS and Hardware independent) Must be highly scalable, fast & reliable

5 Ray Jackson - The HEP White Pages Project5 History June 1997 – First LDAP server at CERN Jan 1998 – 17 Labs of IN2P3 implement Global Addressbook Summer 1998 – CERN, IN2P3, DESY discuss HEP White Pages possibilities October 1999 – HEP White Pages implemented at CERN in Netscape Address- Book. Still used today. Summer 2000 – HEP tree expanded to 11 laboratories in Europe and United States

6 Ray Jackson - The HEP White Pages Project6 Why use LDAP? Official Internet Standard Protocol for Accessing Directories (IETF) Hardware/OS independent – No vendor ties. Replaces proprietary protocols with an ‘open’ protocol (like SMTP & IMAP for e-mail) Wide industry support (Microsoft, Novell, Sun, Netscape, Oracle, IBM, Cisco etc.) Already widely used and deployed.

7 Ray Jackson - The HEP White Pages Project7 Why use LDAP? cont… Highly scalable (using referrals) Very fast search/read access (5k+ p.s) Flexibility (design & implementation) Secure (v3+ SSL, Kerberos) Few overheads, simpler data model Replication provides fault tolerance, load balancing, redundancy, reliability Easier management & implementation Hierarchical rather than relational

8 Ray Jackson - The HEP White Pages Project8 The Referrals Mechanism Referrals already used in HEP address book. Referral is returned to client with the address of another LDAP server to contact to fetch data from. Completely transparent to user. (Sees single directory not concerned with multiple servers) Potentially scalable to millions of objects on dozens of servers.. Searches made in parallel. All LDAP v3.x servers/clients support referrals. (Netscape 4.7x, Outlook etc.)

9 Ray Jackson - The HEP White Pages Project9 Referral Illustration

10 Ray Jackson - The HEP White Pages Project10 HEP White Pages at CERN Base of search is o=hep Branches contain CERN data (locally stored) and referrals to other HEP LDAP servers. Each organisation in the HEP tree is responsible for their own data. Main access via the Netscape Addressbook Total of 11 Laboratories in the HEP tree. (7 in the US and 4 in Europe) Informal agreement between some labs.

11 Ray Jackson - The HEP White Pages Project11 Referrals in HEP White Pages

12 Ray Jackson - The HEP White Pages Project12 HEP White Pages Schema All objects/attributes in the tree must conform to LDAP v3 specifications Primary objects which describe people in the HEP tree are: person, organizationalPerson, inetOrgPerson, organization, organizationalUnit. Primary attributes which describe a person include: cn, givenName, sn, telephoneNumber, mail, o, ou, facsimileTelephoneNumber etc. Can also store binary attributes such as photographs, certificates etc.

13 Ray Jackson - The HEP White Pages Project13 HEP WP Person entry example dn: employeenumber=123,ou=People,o=cern,o=hep employeeNumber: 123 cn: David Smith givenName: Dave sn: Smith telephoneNumber: +41 22 767 1234 mail: Dave.Smith@cern.ch o: CERN l: Geneva ou: IT IS …. Etc.

14 Ray Jackson - The HEP White Pages Project14 HEP Address Book at CERN

15 Ray Jackson - The HEP White Pages Project15 Web Interface example http://cern.ch/hepsearch (NOTE: This is simply a test interface to illustrate the possibilities offered by the HEP White Pages)

16 Ray Jackson - The HEP White Pages Project16 Advantages to HEP WP. Each organisation maintains it’s own data Highly scalable. (Millions of people) Transparent to users. (New referral can be added/removed without client intervention) Single source of information HEP tree can be housed on any LDAP server. (Referrals act as pointers to same data) Low maintenance and easily managed.

17 Ray Jackson - The HEP White Pages Project17 Issues with HEP White Pages Based on informal agreements Reliability of data can vary between organisations Duplication of people entries? No unique identifier for a person in the HEP scope No LDAP server = No participation If one server goes down in HEP scope then complete results delayed until time-out. Legal implications (opt-out of HEP scope) Different usage of attributes e.g. roomnumber vs. physicalDeliveryOfficeName

18 Ray Jackson - The HEP White Pages Project18 Future of HEP White Pages More formal agreements between labs. Unique HEP identifiers for People. e.g. hepID Removal of duplicate entries Central body to oversee schema definitions and assign HEP ID’s? Secure White Pages based on LDAPS (running on SSL port 636) Personal Certificates stored on LDAP?

19 Ray Jackson - The HEP White Pages Project19 Questions and feedback Thanks for listening… do you have any questions about what you’ve heard?


Download ppt "The HEP White Pages Project Ray Jackson CERN / IT - Internet Services Group 23rd April 2001 - HEPiX/HEPNT Conference, LAL-Orsay, France."

Similar presentations


Ads by Google