Access Control Information.
Specified in the X.500 specification.
ACL (Access Control List):
Rules associated with a directory
that defines the permissions that users, groups, processes, and devices
have for accessing data stored in the directory.
Authentication:
Establishes a user's identity. Who are you?
Authorization:
Establishes a user's permissions. What are you allowed
to do? Permission may be based on the identity you have established
via authentication, or by other attributes associated with that identity
such as "enrolled in BUS201" or "person
who can be authenticated by UAB".
BIND:
An application establishes an association with an LDAP server
(using that server's hostname and port number), and then performs
an LDAP bind operation which accomplishes the following: (a) requests
access and is returned appropriate authorization and (b) is returned
a session handle that typically corresponds to a connection to a single
server.
Call Server:
A protocol-specific signaling engine that routes video
or voice calls on the network. In H.323 this entity is a gatekeeper.
In SIP, this entity is a SIP Proxy Server. Note that not all signaling
protocols use a call server.
Client:
a SIP client is a network device that initiates SIP requests
and receives SIP responses on a network.
commObject:
An LDAP object class defined in ITU-T H.350 that represents
generic multimedia conferencing endpoints.
commURI:
Labeled URI containing an LDAP URL identifying the directory
containing the referenced commObject instance. Used to find
the endpoint of the user in question.
DIT (Directory Information Tree):
The hierarchical data structure
for LDAP information.
DN (Distinguished Name):
A globally unique name that can be used
to access a specific LDAP entry.
Endpoint:
a logical device that provides video and/or voice media
encoding/decoding, and signaling functions. Examples include:
a group teleconferencing appliance that is located in a conference
room
an IP telephone.
a software program that takes video and voice from a camera and microphone
and encodes it and applies signaling using a host computer.
Enterprise Directory:
A canonical collection of information about
users in an organization. Typically this information is collected
from a variety of organizational units to create a whole. For example,
Human Resources may provide name and address, Telecommunications may
provide the telephone number, Information Technology may provide the
email address, etc. For the purposes of this architecture, it is assumed
that an enterprise directory is accessible via LDAP.
Gatekeeper:
The H.323 gatekeeper controls a particular set of videoconferencing
resources (terminals, gateways, MCU's) and provides advanced services
somewhat like a videoconferencing switchboard operator or traffic
cop. In this role, the gatekeeper enables more scalable, reliable
and secure H.323 conferencing.
Gateway:
A device that translates from one protocol to another.
Often gateways translate between the IP network and the public switched
voice network to allow integration of the two.
GDS (Global Dialing Scheme):
GDS is a numbering plan for the
global video and voice over IP network test bed, developed by ViDeNet.
It resembles the international telephone system numbering plan, with
some exceptions. With the GDS, you can number each participating videoconferencing
endpoint, MCU conference and gateway. GDS provides easy, uniform dialling
throughout the world . Each basic number consists of four parts: <International
Access Code><Country Code><Organizational Prefix><Endpoint Number>.
More information on the GDS and the Numerical Addressing Space Management
(NASM) working group overseeing its development can be found at: http://www.wvn.ac.uk/support/h323address.htm
and http://www.vide.net/workgroups/nasm/index.shtml.
H.323:
A multimedia protocol for video, voice and data over IP as
standardized by the International Telecommunication Union (ITU).
Internet2:
A consortium led by 200 universities working in partnership
with industry and government to develop and deploy advanced network
applications and technologies, accelerating the creation of tomorrow's
Internet. See http://www.internet2.edu/.
LDAP (Lightweight Directory Access Protocol):
As defined in
IETF RFC 1777.
LDIF (LDAP Data Interchange Format):
LDIF files are easily human
readable (text) files representing LDAP entries. LDIF files are used
to add, delete, or modify data in an LDAP directory, and to import
or export that data. LDIF files provided in our cookbook create the
H.350 object classes and attributes for you.
MCU (Multipoint Control Unit):
A device capable of mixing audio/video
from multiple endpoints to create a virtual meeting space.
Middleware:
Middleware is software that connects two or more otherwise
separate applications across the Internet. More specifically, the
term refers to an evolving layer of services that resides between
the network and more traditional applications for managing security,
access and information exchange.
OID (Object_Identifier):
A unique number assigned to each LDAP
schema attribute and object. While it is most common to perform LDAP
lookups by object class or attribute name, it should also be possible
to perform lookups by OID number.
Proxy Server (SIP Proxy):
A server that acts as both a client
and a server to make requests on behalf of another user agent. The
primary role of a proxy server is to ensure that a request generated
by a UA is passed to another entity that is closer to the destination
user.
Registrar:
a registrar is a server that accepts REGISTER requests
and places the information it receives in those requests into the
location service for the domain it handles.
Resource:
A non-human entity to which an endpoint is associated.
For example, and endpoint may be associated with a conference room,
classroom, office, or other physical or virtual location.
Schema:
Formal definition of data to be stored in an LDAP directory.
The schema definition maintains consistency across implementations
and establishes a means for interoperability. The schema defines the
name, OID number, and date type for each attribute, and specifies
whether attributes are required or optional. The schema also establishes
how attributes are to be compared, and whether the attribute instance
is expected to be unique or multi-valued.
SIP (Session Initiation Protocol):
As defined in IETF RFC 3261.
SIP URI:
A type of Uniform Resource Identifier that identifies
a communication resource in SIP. A SIP URI usually contains a user
name and a host name and is similar in format to an email address.
URI (Uniform Resource Identifier):
Syntax for the name and address
of any object on the Internet. A URI consists of a scheme name (such
as file, http, ftp, news, mailto, ldap) followed by a colon, followed
by a path whose nature is determined by the scheme that precedes it
(see RFC 1630).
URL (Uniform Resource Locator):
The World Wide Web address of
a site on the Internet.
User Agent (UA):
a device that can function as both a user agent
client and server in SIP.
ViDe (The Video Development Initiative):
Founded by representatives
from universities and education networks, the Video Development Initiative
(ViDe) promotes the deployment of digital video in research and higher
education. Leveraging collective resources and expertise, ViDe advances
digital video deployment through promotion and development of interoperable,
standardized, and cost-effective technologies. See http://www.vide.net/.
ViDeNet:
ViDeNet is a project of ViDe that consists of a large scale,
multi-institutional test bed of interconnected voice and video over
IP networks in order to explore issues associated with global deployment
of those technologies. See https://videnet.unc.edu/.
