Corporation For NationalResearch Initiatives
Server Authentication
Global Handle Registry Acme Local Handle Service
Site G1
Each handle client knows the locationor has a copy of the Global Handle
Registry’s service information (hash table),which contains global’s
servers’ public keys.
The Global Handle Registry is atrusted source.
Server G1-a Site #3 Server #1-a
Client
Corporation For NationalResearch Initiatives
Server Authentication
ClientSends query to Global:
“Where is handle 10.1234/d?”
Global Handle Registry Acme Local Handle Service
Site G1 Server G1-a Site #3 Server #1-a
Client
Corporation For NationalResearch Initiatives
Server Authentication
Responsesigned with Global’s
private key
Global Handle Registry Acme Local Handle Service
Site G1 Server G1-a Site #3 Server #1-a
Global responds with the service information for Acme LHS, which
enables the client to determine the server onwhich handle 10.1234/d resides, and
includes the server’s public key.
Client
Corporation For NationalResearch Initiatives
Server Authentication
Client queries Acme LHS, Site #3/Server #1-a:
“Give me handle 10.1234/d.”
Global Handle Registry Acme Local Handle Service
Site G1 Server G1-a Site #3 Server #1-a
Client
Corporation For NationalResearch Initiatives
Server Authentication
Global Handle Registry Acme Local Handle Service
Site G1 Server G1-a Site #3 Server #1-a
The server responds with the handle value pair,
signed with its private key.
Client
Corporation For NationalResearch Initiatives
Server Authentication
Client verifies response usingthe server’s public key.
Global Handle Registry Acme Local Handle Service
Site G1 Server G1-a Site #3 Server #1-a
Client
Corporation For NationalResearch Initiatives
Server AuthenticationSummary
Client* LHS ServerGlobal Server
*Client has Global Handle Registry’s service information, including Global’s public key.
The client verifies the response usingthe server’s public key.
Client queries Global for a handle.
Global responds with service information for the LHS in which the handle resides. The
response is signed with the Global server’s private key.
Using the service information, the client determines which server in the LHS to query for the handle. The service information included that server’s public key.
The LHS server responds with the handle value pair, signed with its private key.
Corporation For NationalResearch Initiatives
Distributed Administration(Using Server Authentication)
Administrator Jane
Administrator Janemust have a private key
Corporation For NationalResearch Initiatives
Distributed AdministrationModify Handle Request
Administrator Jane
Acme Local Handle Service
Site #1 Server #1-b
Administrator Jane sendsthe server a request to modify the data
associated with handle 10.1234/d.
Corporation For NationalResearch Initiatives
Distributed AdministrationModify Handle Request
Administrator Jane
Acme Local Handle Service
Site #1 Server #1-b
The server responds with a challengeconsisting of a digest of the original request,
plus a nonce (random set of bits).
Corporation For NationalResearch Initiatives
Distributed AdministrationModify Handle Request
Administrator Jane
Acme Local Handle Service
Site #1 Server #1-b
Administrator Jane authenticates herself by returning a digest of the challenge signed with her
private key, along with her personaladministrator’s handle, admin/Jane.
Corporation For NationalResearch Initiatives
Administrator Jane
Handle data for 10.1234/d is checked to confirm that Administrator Jane is an
administrator for the handle, with permission to modify
handle data.
admin
10.1234/d 8 http://www.loc.gov/... URL
9 admin/Jane
Distributed AdministrationModify Handle Request
Acme Local Handle Service
Site #1 Server #1-b
Corporation For NationalResearch Initiatives
Administrator jane
Distributed AdministrationModify Handle Request
The server then resolves handle
admin/Jane, located in a different Local Handle Service, to get Jane’s public key, which
is stored as a handle value.
Budget Local Handle Service
Site B Server B-1
Site #1 Server #1-b
Acme Local Handle Service
Corporation For NationalResearch Initiatives
Administrator Jane
Distributed AdministrationModify Handle Request
The server in Budget LHS responds with the value of the
public key for handle admin/Jane.
Budget Local Handle Service
Site B Server B-1
Site #1 Server #1-b
Acme Local Handle Service
admin/Jane public keyadmin 5
Corporation For NationalResearch Initiatives
Distributed AdministrationModify Handle Request
Administrator Jane
Challenge Response
The public key is used to authenticate the signed challenge response that
Administrator Jane had sent to the server.
PUBLICKEY
Budget Local Handle Service
Site B Server B-1
Acme Local Handle Service
Site #1 Server #1-b
Corporation For NationalResearch Initiatives
Administrator Jane
Distributed AdministrationModify Handle Request
Budget Local Handle Service
Site B Server B-1
Acme Local Handle Service
Site #1 Server #1-b
If the authentication is good, the data is changed and the
server responds to Adminstrator Jane:
OK
Corporation For NationalResearch Initiatives
Distributed AdministrationModify Handle Request Summary
Administrator* Other Local Handle ServiceLocal Handle Service
*Administrator must have a public/private key pair.
Administrator sends a request to the LHS to modify the value of handle 10.123/d.
LHS server responds with a challenge requesting authentication from the administrator.
Administrator returns a challenge response to the server that includes his personal handle, admin/X.
Server confirms the administrator has permission to modify handle 10.123/d.
Server uses the public key to authenticate Administrator X’s original challenge
response, modfies handle 10.123/d, and sends confirmation back to Administrator
X.
Server resolves administrator’s handle admin/X, which in this example is located on a server maintained by a different Local Handle Service.
Other LHS server responds with Administrator X’s public key.