• Home
  • InfoBase
  • Dictionaries
  • Member
  • News
    • 中文网站
     Advanced Search
    Read the latest Blogs from IT professionals in the field. Read and write community created documents. Need IT help? Ask our staff. Connect with your peers. Check our Tech Shop for posters, books and software tools. Home
    HomeProtocolsISOApplication Layer

    X.500: Directory Access Protocol (DAP)


    X.500, the directory Access Protocol (DAP) by ITU-T (X.500) and also ISO (ISO/IEC 9594), is a standard way to develop an electronic directory of people in an organization so that it can be part of a global directory available to anyone in the world with Internet access.

    In the X.500 directory architecture, the client queries and receives responses from one or more servers in the server Directory Service with the Directory Access Protocol (DAP) controlling the communication between the client and the server

    A Directory System Agent (DSA) is the database in which the directory information is stored. This database is hierarchical in form, designed to provide fast and efficient search and retrieval. The DSAs are interconnected from the Directory Information Tree (DIT). The user interface program for access to one or more DSAs is a Directory User Agent (DUA). DUAs include whois, finger, and programs that offer a graphical user interface.

    The Directory System Protocol (DSP) controls the interaction between two or more Directory System Agents, and between a Directory User Agent and a Directory System Agent. This is done in such a way that an end user can access information in the Directory without needing to know the exact location of that specific piece of information.

    X.500 offers the following key features:

    • Decentralized Maintenance: Each site running X.500 is responsible ONLY for its local part of the Directory, so updates and maintenance can be done instantly.
    • Powerful Searching Capabilities: X.500 provides powerful searching facilities that allow users to construct arbitrarily complex queries.
    • Single Global Namespace: Much like the DNS, X.500 provides a single homogeneous namespace to users. The X.500 namespace is more flexible and expandable than the DNS.
    • Structured Information Framework: X.500 defines the information framework used in the Directory, allowing local extensions.
    • Standards-Based Directory Services: As X.500 can be used to build a standards-based directory, applications which require directory information (e-mail, automated resources locators, special-purpose directory tools) can access a planet"s worth of information in a uniform manner.

    X.500 is criticized to be too complex for most implementations. To address the issue, the University of Michigan developed a simpler TCP/IP-based version of DAP, the Lightweight Directory Access Protocol (LDAP), for use on the Internet. LDAP offers much of the same basic functionality as DAP and can be used to query data from proprietary directories as well as from an open X.500 service. Within the past year, most major suppliers of e-mail and directory-services software have expressed interest in LDAP, which is fast becoming a de facto directory protocol for the Internet.

    Protocol Structure - LDAP (Lightweight Directory Access Protocol)

    X.500 has a complex data structure in the directory database and for its communication protocols such as DAP. One should read the specification documents from ISO and ITU.

    Related protocols:LDAP, Finger, DNS, ROSE, ACSE

    Sponsor Source:X.500 (DAP) protocol is defined by ISO (http://www.iso.org) and ITU-T (http://www.itu.org)

    Reference:http://www.javvin.com/protocol/rfc1308.pdf: Executive Introduction to Directory Services Using the X.500 Protocol
    http://www.javvin.com/protocol/rfc1309.pdf: Technical Overview of Directory Services Using the X.500 Protocol

     

     

     

    ‹ X.400: ISO/ITU Message Handling Service Protocols (MHS or MHP)upISO Network Layer ›