- Tech know how online


In large network installations with many end systems, network components, application processes and users, there must be an information system that provides the names, addresses and other relevant attributes such as the postal address or e-mail address in the form of an electronic address book to the persons and objects involved in communication. X.500 is an OSI protocol from 1988 for such a directory service, but only later was implemented in TCP/IP, which is described in RFC

1006. Originally, the impetus for standardizing directory services came from the requirements of MHS systems; however, the concepts developed are so flexible and powerful that an X.500 user directory can store arbitrary objects with their properties and provide information about them. A directory presents itself to the user as a database that stores information

about objects and makes it available on demand. This database is called a Directory Information Base

(DIB), andeach object known to the directory service is represented by an entry in the Directory Information Base. These requirements are solved in the X.500 standard by representing the hierarchical dependencies in a tree structure, the Directory Information Tree


Example of a Directory Information

Example of a Directory Information

Tree The tree structure defines a unique assignment for each entry to a higher-level entry. The concept for data distribution contained in the X.500 standard provides that the Directory Information Base can be distributed over any number of systems. On each system, an application process, the Directory System Agent (DSA), is available to perform accesses to the part of the Directory Information Base (DIB) that it manages. A user of the Directory is represented by a User Agent (UA), the Directory User Agent


Components of the Directory System According to X.500

Components of the Directory System According to X.500

The directory model according to X.500 also includes ways to verify the identity of a user. Two levels of authentication are provided. Simple authentication is based on simple password verification, strong authentication is based on public keyencryption

. The directory system, commonly known as Directory Services (DS), is designated X.500 by the International Telecommunication Union (ITU) and is specified by the International Standards Organization (ISO) under the ISO 9594 standard.

Informationen zum Artikel
Englisch: X.500
Updated at: 09.12.2016
#Words: 496