T A B L E O F C O N T E N T S

Transcription

1 T A B L E O F C O N T E N T S PREFACE... v 1.0 INTRODUCTION Purpose Background Scope Organization of this Document Government Electronic Directory Services Overview Application Support Electronic Messaging Security Directory Management White Pages Blue Pages Green Pages Affinity Group Support Professional Organizations Government Sponsored Organizations Ocupational Roles Special Interest Groups Document Distribution Affinity Group Requirements Yellow Pages DIRECTORY SERVICE ARCHITECTURE Directory System Agent Topology Overview Principle Components Protocols LDAP Directory Information Directory Information Tree Naming Contexts Replication Between DSAs Page I

2 Master and Shadow DSAs Primary and Secondary Shadowing Shadowing Agreements Government Directory Knowledge Knowledge Reference Types DUA/DSA Interaction Modes Government DSA Topologies Background Design Factors Basic Topology Directory Synchronization Information Interface Topology Introduction Public Information Interface Topology Kiosk Interfaces Kiosk Interface Connectivity Public Domain Software U.S. Government Information Interface Topology Government Employee Interface Location and Connectivity of Government Employee Interfaces Government Administrative Directory User Agent Location and Connectivity of ADUA Client/Server Application Interfaces NAMING AND DIT STRUCTURE First Level Organizational Units - Registration Policy First Level Organizational Units - Naming Policy First Level Organizational Units - Exceptions Responsibilities of First Level OUs Second Level and Below Organizational Units Directory Distinguished Names Aliasing Basic Recommendations Naming Convention - Organizational Unit Page II

3 3.2.5 Naming Convention - Locality Naming Convention - Organizational Person User Friendly Names Non-operational DITs Government Contractors SECURITY ARCHITECTURE Authentication Framework Simple Authentication Strong Authentication No Authentication Certificates Certification Authorities Certification Paths Digital Signatures and Data Encryption Access Controls Basic Access Control Simplified Access Control Government Directory Schema Security Guidance Access Control Domains Security Policy Security Administration Features Security Accounting Features Physical Security Features Firewall DSAs SCHEMA Object Classes U.S. Government Defined Object Classes Labeled URI Object Class Definition U.S. Government Directory Attributes Attributes Used by the U.S. Government U.S. Government Defined Attributes Key Word Attributes Blue Pages Specific Attributes Page III

4 World Wide Web Link Attributes Labeled URL Attribute Types Physical Location MHS O/R Addresses With Capabilities Attribute Type MHS Preferred Delivery Attribute Type Collective Attributes Government X.500 Directory Support for Affinity Groups Appendix A National, Federal, and Federally Assisted Organizations... A-1 Appendix B Acronyms... B-1 Appendix C Functional Requirements Definition/ Detailed Design Compliance Matrix... C-1 Appendix D U.S. Government Schema... D-1 Appendix E References... E-1 Appendix F ASN.1... F-1 Page IV

5 PREFACE The Governmentwide PMO s mission is to direct the establishment of connectivity that will realize the EMTF vision of government capability. PMO action items, as defined in the PMO Two-Year Plan and shown in Exhibit P- 1 as follows: Promote, support, and provide leadership for the government electronicmessaging business process and electronic directory services. Increase the operational quality, productivity, and effectiveness of government messaging. Work with each government agency to develop the appropriate capability: Business quality Intermediate Basic. Build joint civilian and Department of Defense (DoD) consensus. Extend the reach of systems to an interagency and extra-governmental community. Work with Federal, State, Tribal, and Local governments, along with private sector organizations, industry, and the user community (including affinity groups), to ensure that the direction of government initiatives is synchronized with other national and global messaging efforts. Provide professional Help Desk services to government messaging customers. Page V

6 Government Electronic Messaging Program Achieving the Vice President s National Performance Review (NPR) Information Technology Initiative 08 To Plan, Demonstrate, and Provide Governmentwide Electronic Mail. Electronic Mail Task Force (EMTF) Recommendation: Provide... a service that appears to be a single, unified electronic postal system that offers robust and trustworthy capabilities with legally-sufficient controls for moving all forms of electronic information among employees at all levels of government, and with the public we serve... Governmentwide Program Office Mission: Orchestrated by the Governmentwide PMO PMO Action Items: Direct the establishment of connectivity that will make the EMTF vision of Governmentwide capability a reality Promote, support and provide leadership for the Governmentwide electronic messaging business process Increase the operational quality, productivity and effectiveness of Governmentwide messaging Work with each government agency to develop the appropriate capability Business Quality Intermediate Basic Build Joint Civilian and Department of Defense Consensus Extend the reach of systems to an Interagency and Extra-Governmental Community Work with Federal, State, Local and Tribal governments, private sector organizations, industry, and user community (including affinity groups) to ensure the direction of government initiatives is synchronized with other National and global messaging efforts Provide professional Help Desk Services to Governmentwide Messaging Customers. Page VI

7 This document presents a detailed design for the Government Electronic Directory a key ingredient to the Government Messaging capability. This document is also a source of information for planning and implementing interoperable electronic directories within the Federal, State, Commonwealth, Tribal, and Local Governments. Collectively, these agency-level electronic directories function to provide the Government Electronic Directory service. Several events make it timely to implement the Government Electronic Directory through a government, collaborative, and iterative approach: The advent and maturation of Open Systems standards, such as X.400 for electronic mail and X.500 for electronic directory service The availability of end-to-end digital security mechanisms and services The availability of affordable products based on open systems standards The widespread implementation and use of electronic mail throughout the Government and the private sector The reinvention of the Government, driven and guided by initiatives such as the NPR. The material presented in this document has been derived through a collaborative and iterative process involving key strategic telecommunications planners throughout the Government. The results clearly show that agencies throughout the Government intend to implement technologies that uphold and advance the spirit of the NPR IT08. Electronic messaging is a cornerstone of the emerging government electronic infrastructure. What the future holds is for each of us to envision today, and to begin those activities that will make that infrastructure possible. Page VII

8 Special thanks to the dedicated and hard-working participants from the Federal, State, Tribal, Commonwealth, and Local governments and the civilian and commercial communities. A very special thanks to Mr. Marion Royal and Mr. Gary Borgoyne, Center for, the technical leaders of the team that produced this document. Jack L. Finley Program Manager Center for (CEMT) Federal Telecommunications Service General Services Administration (GSA) Page VIII