1 / 31

DCE: Past, Present, and Future

DCE: Past, Present, and Future. What we’ve done What we want “The New DCE”. Content. Why we chose DCE What we liked, what we expected What we are doing with DCE How we extend DCE as infrastructure What we’ve built using DCE What we see for the future of DCE

tuvya
Download Presentation

DCE: Past, Present, and Future

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. DCE: Past, Present, and Future What we’ve done What we want “The New DCE”

  2. Content • Why we chose DCE • What we liked, what we expected • What we are doing with DCE • How we extend DCE as infrastructure • What we’ve built using DCE • What we see for the future of DCE • The Securities Industry Middleware Council • “The New DCE”

  3. Who’s speaking • Eliot M. Solomon • Senior Technical DirectorSecurities Industry Automation Corporation (SIAC) • 25 years experience in information technologies • Mission critical computing • Distributed and global systems

  4. Additional “Hats” • Securities Industry Middleware Council • Chair • The DCE Program of The Open Group • Chair

  5. What sort of organization is ? • SIAC provides NYSE and AMEX... • Facilities management • System design, development, and operation • Communications and network operations • 1400 employees, mainly IT professionals • Supports key securities industry organizations • Consolidated “tapes” for all US stock exchanges • National Securities Clearing Corp. and allied clearing companies • Center of a network reaching nearly every securities firm in the United States

  6. The New York Stock Exchange in 1997 • Premier equities market in the world • Listed issues from more than 3,000 companies • 1,428* members from 467 securities firms • On an average day, NYSE systems handled: • 527,000,000 shares (sold) • 405,000 trades • 569,300 orders handled electronically by SuperDot • System capacity > 500 messages/second**(Now 600 messages/second) * 1,366 members own “seats” ** year-end 1997

  7. DCE Past Why we chose it How we deployed it

  8. We chose DCE... • To make UNIX operationally sound • Consistent, single system image • The promise of DME • To help make security automatic • Implicit inclusion in RPC mechanism • Single point of administration • To make “open systems” a business reality • Making us vendor-neutral, i.e. -independent

  9. We liked DCE…. • For the process more than the product • The “RFT” mechanism for finding and fitting • For the future more than the features • That the process would continue indefinitely • For the consistency more than the constancy • That it would facilitate change and evolution while allowing us to achieve operational continuity

  10. Did we get what we hoped? Not exactly! But we rarely get exactly what we want, so we pushed on...

  11. DCE Present What we are doing with it How we are adding to it

  12. Central Services Extends the Infrastructure • Provide a framework to support the user’s access to a wide variety of services in a unified, cohesive, secure manner, while maintaining adequate user accountability • Perform centrally administrative functions that would otherwise have to be replicated in multiple applications

  13. Administrative Services • Entitlement Management System & Shared Configuration Data Base • High-level view of entire system • In terms of users and their services • Not technical artifacts or systems • Single point of administration for all aspects of service entitlement and delivery • Reduce transcriptions and steps • Help ensure consistent application of rights

  14. Administrator’s View: Entitlement Management SCDB AuthenticationServers EM Workstationrunning EM Tool EM Host DFS Servers NYSE Bulk Update File Login Servers User Utilities Servers PC running Browser/spreadsheet Hand HeldLogin Servers

  15. “Dynamic” “Directories” • User location and activity information • Captured from the X-servers and Login Servers • Detailed “device characterizations” • Allows terminals, printers, etc. to be located by attributes or characteristics • Operational State Server • Provides real-time information about the state of systems and business

  16. XAS Components Closer Look XAS MonitorInterface XAS MonitorInterface XAS Server Object Request Broker XAS Query XAS CollectorInterface XAS Collector XAS Database User Events XAS Local File

  17. Policy-based, dynamic access control • Login Servers • Distributed Authorization Services • “RFC 68.4” Cross-realm authentication • “Xhost” control mechanisms • Role-based policies use “become user” mechanism

  18. Distributed Authorization Service Display Devices Dynamic Directories Context Servers OPS XAS X NC NT DCS Application Hosts Authorization Server BBSS Login APE“Access Policy Engine” DBK Servers Application SCDB Directories Preferences Business Policy Databases DCE Registry Profiles

  19. Other Services Based on DCE • “Emergency Broadcast” Server • Radio Paging Server • Wireless Data System Authentication Server • Network Print Services • And, of course, DFS

  20. Brow Server Web Server DCE Server dce login http Dceauthentication Set property XAS Server dialog Login Server Emergency Broadcast Messaging using XAS Login Server

  21. DCE Future What we needat SIAC, NYSE and the Securities Industry

  22. The Message of the Securities Industry Middleware Council • We must improve the quality of "infrastructure" software vendors provide to the Securities Industry • This is not to say that quality of middleware is bad, only that the quality metrics peculiarly relevant to our industry were not being met with any consistency

  23. We need The New DCE to… • Deliver Business Value to the User • Real solutions at appropriate cost • Preserve and leverage prior investments • Focus on the need of the Mission-critical enterprise • Secure the core of IT while enabling it to reach out to the world.

  24. A stable base on which we can build business strategies • Protection from the inconstancy of technology trends • Protection from the depredations of the monopolist • Protection from the risks of immature or incomplete infrastructure

  25. Enhanced integration • Enterprise directory infrastructure • Aligning directories with the larger enterprise • Consistent AuthN/AuthZ over all models • RPC, Messaging, Objects, Components • Consistent model of operation • Replication for throughput and availability • Security administration • Monitoring, management

  26. An approach to integrating diverse technologies A process for innovating while maintaining stability A support framework for a business-critical operational profile A common substrate of core services TIME Remote Invocation What is DCE? “Our” view. Technologies to choose among Wire RPC Security Directory DCE

  27. DCE and Security“Find and Fit” as a Technology Strategy • Security is DCE’s best success • DCE selected Kerberos as “best of class” • The “hardened” DCE version interoperates with “conventional” versions Kerberos DCE Security Services DCE Migration to LDAP directory technology follows this model

  28. Kerberos DCE Security Services DCE and PKI DCE RFC 68.4 “Finds and Fits” a Solution • The goal was to solve a business problem • A proven solution was selected as the model • The approach ensures business interoperability, not technology hegemony DCE RFC 68.4 DCE It’s not “DCE or PKI.”DCE finds the best solutions

  29. Anything that leverages the infrastructure is DCE DCE “flows up” the solution stack DCE must allow selective use of its features Layered middleware that uses DCE becomes DCE Business solution Business solution Business solution layered middleware layered middleware Solutions in Layers DCE

  30. And so, “The New DCE” must... • Increase the completeness of the solution • Reduce total cost of ownership • Focus on the enterprise The "New" DCE

  31. Business Model of “The New DCE” • The New DCE is loyal to its customers, not its technology • What preserves and leverages a customer’s investment in mission critical infrastructure is by definition “The New DCE” • The New DCE ensures that the buyer is never coerced

More Related