1、 I n t e r n a t i o n a l T e l e c o m m u n i c a t i o n U n i o n ITU-T X.500 TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (10/2016) SERIES X: DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY Directory Information technology Open Systems Interconnection The Directory: Overview of conce
2、pts, models and services Recommendation ITU-T X.500 ITU-T X-SERIES RECOMMENDATIONS DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY PUBLIC DATA NETWORKS Services and facilities X.1X.19 Interfaces X.20X.49 Transmission, signalling and switching X.50X.89 Network aspects X.90X.149 Maintenance X.1
3、50X.179 Administrative arrangements X.180X.199 OPEN SYSTEMS INTERCONNECTION Model and notation X.200X.209 Service definitions X.210X.219 Connection-mode protocol specifications X.220X.229 Connectionless-mode protocol specifications X.230X.239 PICS proformas X.240X.259 Protocol Identification X.260X.
4、269 Security Protocols X.270X.279 Layer Managed Objects X.280X.289 Conformance testing X.290X.299 INTERWORKING BETWEEN NETWORKS General X.300X.349 Satellite data transmission systems X.350X.369 IP-based networks X.370X.379 MESSAGE HANDLING SYSTEMS X.400X.499 DIRECTORY X.500X.599 OSI NETWORKING AND S
5、YSTEM ASPECTS Networking X.600X.629 Efficiency X.630X.639 Quality of service X.640X.649 Naming, Addressing and Registration X.650X.679 Abstract Syntax Notation One (ASN.1) X.680X.699 OSI MANAGEMENT Systems management framework and architecture X.700X.709 Management communication service and protocol
6、 X.710X.719 Structure of management information X.720X.729 Management functions and ODMA functions X.730X.799 SECURITY X.800X.849 OSI APPLICATIONS Commitment, concurrency and recovery X.850X.859 Transaction processing X.860X.879 Remote operations X.880X.889 Generic applications of ASN.1 X.890X.899 O
7、PEN DISTRIBUTED PROCESSING X.900X.999 INFORMATION AND NETWORK SECURITY X.1000X.1099 SECURE APPLICATIONS AND SERVICES X.1100X.1199 CYBERSPACE SECURITY X.1200X.1299 SECURE APPLICATIONS AND SERVICES X.1300X.1399 CYBERSECURITY INFORMATION EXCHANGE X.1500X.1599 CLOUD COMPUTING SECURITY X.1600X.1699 For f
8、urther details, please refer to the list of ITU-T Recommendations. Rec. ITU-T X.500 (10/2016) i INTERNATIONAL STANDARD ISO/IEC 9594-1 RECOMMENDATION ITU-T X.500 Information technology Open Systems Interconnection The Directory: Overview of concepts, models and services Summary Recommendation ITU-T X
9、.500 | International Standard ISO/IEC 9594-1 introduces the concepts of the Directory and the DIB (Directory Information Base) and overviews the services and capabilities which they provide. History Edition Recommendation Approval Study Group Unique ID* 1.0 ITU-T X.500 1988-11-25 11.1002/1000/2995 2
10、.0 ITU-T X.500 1993-11-16 7 11.1002/1000/2996 3.0 ITU-T X.500 1997-08-09 7 11.1002/1000/4121 3.1 ITU-T X.500 (1997) Amd. 1 2000-03-31 7 11.1002/1000/5029 4.0 ITU-T X.500 2001-02-02 7 11.1002/1000/5307 5.0 ITU-T X.500 2005-08-29 17 11.1002/1000/8488 6.0 ITU-T X.500 2008-11-13 17 11.1002/1000/9587 7.0
11、 ITU-T X.500 2012-10-14 17 11.1002/1000/11732 8.0 ITU-T X.500 2016-10-14 17 11.1002/1000/13029 Keywords Attribute, directory, directory information tree, directory system agent, directory user agent, distinguished name. _ * To access the Recommendation, type the URL http:/handle.itu.int/ in the addr
12、ess field of your web browser, followed by the Recommendations unique ID. For example, http:/handle.itu.int/11.1002/1000/11830-en. ii Rec. ITU-T X.500 (10/2016) FOREWORD The International Telecommunication Union (ITU) is the United Nations specialized agency in the field of telecommunications, infor
13、mation and communication technologies (ICTs). The ITU Telecommunication Standardization Sector (ITU-T) is a permanent organ of ITU. ITU-T is responsible for studying technical, operating and tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on a wor
14、ldwide basis. The World Telecommunication Standardization Assembly (WTSA), which meets every four years, establishes the topics for study by the ITU-T study groups which, in turn, produce Recommendations on these topics. The approval of ITU-T Recommendations is covered by the procedure laid down in
15、WTSA Resolution 1. In some areas of information technology which fall within ITU-Ts purview, the necessary standards are prepared on a collaborative basis with ISO and IEC. NOTE In this Recommendation, the expression “Administration“ is used for conciseness to indicate both a telecommunication admin
16、istration and a recognized operating agency. Compliance with this Recommendation is voluntary. However, the Recommendation may contain certain mandatory provisions (to ensure, e.g., interoperability or applicability) and compliance with the Recommendation is achieved when all of these mandatory prov
17、isions are met. The words “shall“ or some other obligatory language such as “must“ and the negative equivalents are used to express requirements. The use of such words does not suggest that compliance with the Recommendation is required of any party. INTELLECTUAL PROPERTY RIGHTSITU draws attention t
18、o the possibility that the practice or implementation of this Recommendation may involve the use of a claimed Intellectual Property Right. ITU takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or others outsi
19、de of the Recommendation development process. As of the date of approval of this Recommendation, ITU had not received notice of intellectual property, protected by patents, which may be required to implement this Recommendation. However, implementers are cautioned that this may not represent the lat
20、est information and are therefore strongly urged to consult the TSB patent database at http:/www.itu.int/ITU-T/ipr/. ITU 2016 All rights reserved. No part of this publication may be reproduced, by any means whatsoever, without the prior written permission of ITU. Rec. ITU-T X.500 (10/2016) iii CONTE
21、NTS Page 1 Scope 1 2 Normative references 1 2.1 Identical Recommendations | International Standards 1 3 Definitions 2 3.1 Communication model definitions 2 3.2 Directory model definitions 2 3.3 Distributed Operation definitions 3 3.4 Replication definitions 3 3.5 Basic directory definitions 3 4 Abbr
22、eviations . 3 5 Conventions 3 6 Overview of the Directory 4 7 The Directory Information Base (DIB) 5 8 The Directory service . 7 8.1 Introduction . 7 8.2 Service qualification 7 8.3 Directory interrogation 8 8.4 Directory modification 8 8.5 Other outcomes . 9 9 The distributed Directory . 9 9.1 Func
23、tional model . 9 9.2 Organizational model 9 9.3 Operation of the model 10 10 Access control in the Directory 13 11 Service administration 14 12 Replication in the Directory . 14 12.1 Introduction . 14 12.2 Forms of Directory replication 15 12.3 Replication and consistency of Directory information 16
24、 12.4 Views of replication 16 12.5 Replication and Access Control 17 13 Directory protocols . 17 14 Systems management of the Directory . 17 14.1 Introduction . 17 14.2 Management of the DIT domain . 17 14.3 Management of Directory components . 18 Annex A Applying the Directory 19 A.1 The Directory
25、environment . 19 A.2 Directory service characteristics . 19 A.3 Patterns of use of the Directory . 19 Annex B Amendments and corrigenda . 23 iv Rec. ITU-T X.500 (10/2016) Introduction This Recommendation | International Standard together with other Recommendations | International Standards, has been
26、 produced to facilitate the interconnection of information processing systems to provide directory services. A set of such systems, together with the directory information that they hold, can be viewed as an integrated whole, called the Directory. The information held by the Directory, collectively
27、known as the Directory Information Base (DIB), is typically used to facilitate communication between, with or about objects such as application entities, people, terminals and distribution lists. The Directory plays a significant role in Open Systems Interconnection, whose aim is to allow, with a mi
28、nimum of technical agreement outside of the interconnection standards themselves, the interconnection of information processing systems: from different manufacturers; under different managements; of different levels of complexity; and of different ages. This Recommendation | International Standard i
29、ntroduces and models the concepts of the Directory and of the DIB and overviews the services and capabilities which they provide. Other Recommendations | International Standards make use of these models in defining the abstract service provided by the Directory, and in specifying the protocols throu
30、gh which this service can be obtained or propagated. This Recommendation | International Standard provides the foundation frameworks upon which industry profiles can be defined by other standards groups and industry forums. Many of the features defined as optional in these frameworks, may be mandate
31、d for use in certain environments through profiles. This eighth edition technically revises and enhances, the seventh edition of this Recommendation | International Standard. This eighth edition specifies versions 1 and 2 of the Directory protocols. The first and second editions specified only versi
32、on 1. Most of the services and protocols specified in this edition are designed to function under version 1. However some enhanced services and protocols, e.g., signed errors, will not function unless all Directory entities involved in the operation have negotiated version 2. Whichever version has b
33、een negotiated, differences between the services and between the protocols defined in the seven editions, except for those specifically assigned to version 2, are accommodated using the rules of extensibility defined in Rec. ITU-T X.519 | ISO/IEC 9594-5. Annex A, which is an integral part of this Re
34、commendation | International Standard, describes the types of use to which the Directory can be applied. Annex B, which is not an integral part of this Recommendation | International Standard, lists the amendments and defect reports that have been incorporated to form this edition of this Recommenda
35、tion | International Standard. ISO/IEC 9594-1:2017 (E) Rec. ITU-T X.500 (10/2016) 1 INTERNATIONAL STANDARD ITU-T RECOMMENDATION Information technology Open Systems Interconnection The Directory: Overview of concepts, models and services 1 Scope The Directory provides the directory capabilities requi
36、red by OSI applications, OSI management processes, other OSI layer entities, and telecommunications services. Among the capabilities which it provides are those of “user-friendly naming“, whereby objects can be referred to by names which are suitable for citing by human users (though not all objects
37、 need have user-friendly names); and “name-to-address mapping“ which allows the binding between objects and their locations to be dynamic. The latter capability allows OSI networks, for example, to be “self-configuring“ in the sense that addition, removal and the changes of object location do not af
38、fect OSI network operation. The Directory is not intended to be a general-purpose database system, although it may be built on such systems. It is assumed, for instance, that, as is typical with communications directories, there is a considerably higher frequency of “queries“ than of updates. The ra
39、te of updates is expected to be governed by the dynamics of people and organizations, rather than, for example, the dynamics of networks. There is also no need for instantaneous global commitment of updates; transient conditions, where both old and new versions of the same information are available,
40、 are quite acceptable. It is a characteristic of the Directory that, except as a consequence of differing access rights or un-propagated updates, the results of directory queries will not be dependent on the identity or location of the inquirer. This characteristic renders the Directory unsuitable f
41、or some telecommunications applications, for example some types of routing. For cases where the results are dependent on the identity of the inquirer, access to directory information and updates of the Directory may be denied. 2 Normative references The following Recommendations and International St
42、andards contain provisions which, through reference in this text, constitute provisions of this Recommendation | International Standard. At the time of publication, the editions indicated were valid. All Recommendations and Standards are subject to revision, and parties to agreements based on this R
43、ecommendation | International Standard are encouraged to investigate the possibility of applying the most recent edition of the Recommendations and Standards listed below. Members of IEC and ISO maintain registers of currently valid International Standards. The Telecommunication Standardization Bure
44、au of the ITU maintains a list of currently valid ITU-T Recommendations. 2.1 Identical Recommendations | International Standards Recommendation ITU-T X.200 (1994) | ISO/IEC 7498-1:1994, Information technology Open Systems Interconnection Basic Reference Model: The basic model. Recommendation ITU-T X
45、.501 (2016) | ISO/IEC 9594-2:2017, Information technology Open Systems Interconnection The Directory: Models. Recommendation ITU-T X.509 (2016) | ISO/IEC 9594-8:2017, Information technology Open Systems Interconnection The Directory: Public-key and attribute certificate frameworks. Recommendation IT
46、U-T X.511 (2016) | ISO/IEC 9594-3:2017, Information technology Open Systems Interconnection The Directory: Abstract service definition. Recommendation ITU-T X.518 (2016) | ISO/IEC 9594-4:2017, Information technology Open Systems Interconnection The Directory: Procedures for distributed operation. Re
47、commendation ITU-T X.519 (2016) | ISO/IEC 9594-5:2017, Information technology Open Systems Interconnection The Directory: Protocol specifications. Recommendation ITU-T X.520 (2016) | ISO/IEC 9594-6:2017, Information technology Open Systems Interconnection The Directory: Selected attribute types. Rec
48、ommendation ITU-T X.521 (2016) | ISO/IEC 9594-7:2017, Information technology Open Systems Interconnection The Directory: Selected object classes. Recommendation ITU-T X.525 (2016) | ISO/IEC 9594-9:2017, Information technology Open Systems Interconnection The Directory: Replication. ISO/IEC 9594-1:20
49、17 (E) 2 Rec. ITU-T X.500 (10/2016) 3 Definitions For the purposes of this Recommendation | International Standard, the following definitions apply. 3.1 Communication model definitions The following terms are defined in Rec. ITU-T X.519 | ISO/IEC 9594-5: a) application-entity; b) application layer; c) application process. 3.2 Directory model definitions The following terms are defined in Rec. ITU-T X.501 | ISO/IEC 9594-2: a) acce
