Craig A. Rich
Webmaster and Professor of Computer Science
California State Polytechnic University, Pomona

The computing environment will play a critically important role as new teaching and learning processes emerge at Cal Poly Pomona. We will need a computing infrastructure that is versatile, easy-to-use and responsive. This presents a special challenge for the information system architect, who wants to deliver the rich capabilities available in a heterogeneous distributed environment and minimize the attendant complexity, cost, and potential incompatibility.

The key to implementing the environment is standardized services. By understanding and selecting the appropriate open industry specifications, we can build a framework that provides essential services--institutionally provided capabilities, chosen for broad applicability, defined by standards, and delivered throughout the campus with a level of commitment that leads to user confidence. This confidence, in turn, will encourage users to rely upon, build upon, and exploit the services.

We recommend that Cal Poly Pomona invest in a set of critical infrastructure services, which have been selected by a variety of criteria--applicability to Cal Poly Pomona's environment, endorsement by a broad consensus of industry vendors and consumers, maturity of governing open specifications, and affordability.

I would like to acknowledge the contributions of those who influenced these recommendations: Steve Jenkins of JPL, who authored the Enterprise Information System Architecture [1], after which these recommendations are modeled; the Academic Senate Advisory Committee to the CRC--Alan Felzer of Electrical and Computer Engineering, John Mallinckrodt of Physics, Gerald Viers of the School of Education and Integrative Studies, and Gwen Urey of Urban and Regional Planning, which has met regularly with Hamid Etesamnia--the Acting Director of the Computing Resource Center--during Fall 1995 and Winter 1996 and has helped to shape these recommendations; and Mandayam Srinivas and H. Norton Riley of the Computer Science Department for their professional insights.

The recommended computing infrastructure services are:

1. Network Service--the basic communication service upon which other distributed services are built.

2. Directory Service--the service by which information about system resources is located on demand. Resources include people, files, servers, databases and printers.

3. Security Service--a general mechanism to provide proof of identity for both people and servers, authorization to access all resources based upon a single user identity, and secure encrypted communication.

4. Messaging Service--electronic mail, bulletin board, and real-time notification services.

5. Application Service--served applications that can be downloaded or run on demand at individual workstations. Freeware, shareware and site-licensed applications will be delivered throughout the campus. Proprietary applications will be available through a floating license service to authorized users.

6. File Service--a community-wide shared file service.

7. Database Service--a mechanism for collecting, serving and querying institutional data.

8. the Cal Poly Pomona Web--a mechanism for providing global hyperaccess and control of all infrastructure services. The Cal Poly Pomona Web is currently providing delivery of publications; we should implement additional graphical Web interfaces to the directory, security, messaging, application, file and database services, and demote arcane keyboard-bound terminal interfaces.

Infrastructure Services

1. Network Service

The purpose of the Network Service is to provide data packet routing among computers, printers and other elements in a distributed computing environment. Most other infrastructure services are implemented on top of the Network Service. From the standpoint of campus-wide interoperability, it is essential to provide a unified network service based on a single protocol family.

Network Service Requirements

• The Network Service shall provide campus-wide packet routing.
• The Network Service shall employ a single, unified address scheme.
• The Network Service shall enable interoperation with external computers on the Internet.
• The Network Service shall provide connectivity to all offices and computing laboratories, and to many classrooms and conference rooms.
• The Network Service shall provide remote access through dial-up connections or other appropriate technology.

Network Service Recommendations

• The Internet Engineering Task Force (IETF) publishes a set of specifications in their Request for Comment (RFC) series. The current master RFC that specifies the required and recommended RFCs for the Internet is RFC 1800 [2]. RFC 1800 will provide reliable TCP/IP connectivity for users in offices, labs, classrooms, at home, on travel, and from the Internet.

2. Directory Service

Directory Service Requirements

• The Directory Service shall present a unified name space for Cal Poly Pomona network resources.
• The Directory Service shall provide the capability to associate arbitrary attributes with names.
• The ability to read or modify Directory Service data shall be controlled by the Security Service.
• The Directory Service shall interoperate with worldwide servers using the X.500 protocol.
• The Directory Service shall interoperate with worldwide servers using the Internet Domain Name Service protocols.

Directory Service Recommendations

• X/Open Distributed Computing Environment (DCE): Directory Services [3] is recommend as the Directory Service Specification. RFCs 974 [4], 1034 [5], and 1035 [6] are recommended as the Domain Name Service specifications. Directory servers should be replicated as necessary to provide dependable service. The DCE Directory Service is a rich, full-featured service that has industry consensus behind it.

3. Security Service

Security Service Requirements

• The Security Service shall provide authenticated access to all infrastructure services, integrity of information, and privacy.
• The Security registry shall have the capacity to store principal information for all Cal Poly Pomona faculty, staff, students, administrators and any other users with whom secure transactions are required.
• The Security Service shall have the ability to manage credentials for use with existing authentication mechanisms.

Security Service Recommendations

• X/Open Distributed Computing Environment (DCE): Security Service [7] is recommended as the preferred specification for security. RFCs 1508 [8], 1509 [9], and 1510 [10] are recommended as specifications for non-DCE based authentication service.

4. Messaging Service

Messaging Service Requirements

• The Messaging Service shall provide electronic mail, bulletin board, mailing list service and real-time event notification services.
• The Messaging Service shall interoperate with external services on the Internet.
• The Messaging Service shall provide a centrally managed message store.
• The Messaging Service shall provide for reliable delivery of non-ASCII file attachments.
• The Messaging Service shall be integrated with the Security Service.

Messaging Service Recommendations

• Peer-to-peer mail delivery is specified in the Simple Mail Transfer Protocol (SMTP) suite [4,12-16]. The Multipurpose Internet Mail Extensions (MIME) RFCs [15, 16] specify a mechanism for the reliable deliver of attachments through arbitrary transport agents such as SMTP. The Post Office Protocol (POP) documents [17, 18] and the Interactive Mail Access Protocol (IMAP) documents [19, 20] specify a protocol for the management of remote message stores. The Network News Transfer Protocol (NNTP) RFC [21] specifies a protocol for the reliable distribution of bulletin board messages or news groups. The Internet Relay Chat (IRC) Protocol RFC [22] specifies a protocol for real-time event notification.

5. Application Service

Application Service Requirements

• The Application Service shall deliver recommended client applications which provide desktop access to all distributed infrastructure services.
• The Application Service shall make software available for downloaded installation as well as in ready-to-execute volumes.
• The Application Service shall provide recommended freeware and shareware, as well as commercial applications for which site licenses have been obtained.
• The Application Service shall provide limited license commercial software through a floating license server, ensuring that applications are widely available while adhering to license agreements limiting the number of simultaneous uses.
• The Application Service shall be integrated with the File Service, Directory Service and Security Service.

Application Service Recommendations

• Applications should be provided through the File Service using protocols native to the popular workstation operating environments. MacOS applications should be provided through the Appletalk transport; Windows applications should be provided through the TCP/IP transport or NetBEUI transport.

6. File Service

File Service Requirements

• The File Service shall present a single, unified name space for shared files.
• The File Service shall provide location-independent access to files.
• The File Service shall be integrated with the Directory and Security Services.
• The File Service shall provide storage for individual, group, and institutional tools and data.

File Service Recommendations

• X/Open Distributed Computing Environment (DCE): Distributed File Service (DFS) [11] is recommended as the specification for File Service. The DCE DFS implements a global name space, which ensures that clients can access files based on name alone, and not other ancillary information such as file server name. It provides sophisticated storage management facilities (including replication) that dramatically reduce the administrative workload required to support large numbers of users. DFS uses aggressive client-side cache management to reduce network traffic and improve performance and reliability. DFS is also integrated with the DCE Security and Directory Services.

7. Database Service

Database Service Requirements

• The Database Service shall provide convenient access to institutional data expressly to end user clients--students, parents, teachers, staff, administrators, alumni, development partners, and so on.
• The Database Service shall be continuously accessible to all authorized users through the Cal Poly Pomona Web.
• The Database Service shall provide students a mechanism to conduct business with the university: admission, registration, grades and transcripts, fee payment.
• The Database Service shall provide faculty, staff and administrators with a mechanism for accessing all institutional data which they are authorized to see.
• The Database Service shall provide a mechanism for collecting data directly through the Cal Poly Pomona Web.
• The Database Service shall be integrated with the Security Service.

Database Service Recommendations

• ISO 9075 specifies the Structured Query Language (SQL) [23] for relational data. X/Open Structured Query Language (SQL) [24] is based on ISO 9075, but includes some widely implemented extensions. The SQL Access Group a technical working group within X/Open, has developed Data Management: SQL Call Level Interface (CLI) [25], a portable programming interface for database access.
• Hypertext Transport Protocol (HTTP) servers should be placed on machines providing the Database Service so that Web browsers can access data through Common Gateway Interface (CGI) scripts. Historically, data has been controlled tightly so that students have no network access to it, and this recommendation will make the information much more easily acquired and managed.
• CGI access is a low-cost highly effective mechanism for providing express Database Service to end user clients throughout the Internet. Examples of early efforts in this area at Cal Poly Pomona are the Web-based Undergraduate Admissions Application and the Web-based Master University Calendar.

8. the Cal Poly Pomona Web

the Cal Poly Pomona Web Requirements

• the Cal Poly Pomona Web shall provide a mechanism for accessing and controlling all networked infrastructure services. Specifically:
• the Cal Poly Pomona Web shall interoperate with the File Service so that faculty, staff and students may publish Web documents.
• the Cal Poly Pomona Web shall provide a Common Gateway Interface (CGI) to the Directory Service so that information associated with network resources can be queried or provided by authorized individuals through the Web.
• the Cal Poly Pomona Web shall provide a hypertext view of the Messaging Service to publicize and facilitate campus-wide dialogue.
• the Cal Poly Pomona Web shall provide a Common Gateway Interface (CGI) to the Database Service to provide reports and forms for direct dissemination and collection of data.
• the Cal Poly Pomona Web shall interoperate with the Security Service so that sensitive Web content is accessible to authorized individuals.

the Cal Poly Pomona Web Recommendations

• Install Hypertext Transport Protocol (HTTP) servers on all machines providing networked infrastructure services. HTTP servers should implement the Secure Sockets Layer (SSL) so they can extend the security provided by the Security Service.

References

1. J. S. Jenkins et al. Enterprise Information System Architecture. Enterprise Information System Architecture Team, Jet Propulsion Laboratory, November 1995. (JPL D-12991).
2. J. Postel. Internet Official Protocol Standards. Internet Engineering Task Force, July 1995. (RFC 1800, IETF STD 1).
3. X/Open Company Ltd., U.K. X/Open DCE: Directory Services, December 1994. (CAE Specification C312).
4. C. Partridge. Mail routing and the domain system. Internet Engineering Task Force, January 1986. (RFC 974).
5. P. Mockapetris. Domain names--concepts and facilities. Internet Engineering Task Force, November 1987. (RFC 1034).
6. P. Mockapetris. Domain names--implementation and specification. Internet Engineering Task Force, November 1987. (RFC 1035).
7. X/Open Company Ltd., U.K. X/Open DCE: Authentication and Security Services, December 1995. (Preliminary Specification P315, to be published).
8. J. Linn. Generic Security Service Application Program Interface. Internet Engineering Task Force, September 1993. (RFC 1508).
9. J. Wray. Generic Security Service API: C-bindings. Internet Engineering Task Force, September 1993. (RFC 1509).
10. J. Kohl and B. Neuman. The Kerberos Network Authentication Service (V5). Internet Engineering Task Force, September 1993. (RFC 1510).
11. X/Open Company Ltd., U.K. X/Open DCE: Distributed File Services, 1996. (Preliminary Specification, to be published).
12. J. Postel. Simple Mail Transfer Protocol. Internet Engineering Task Force, August 1982. (RFC 821).
13. D. Crocker. Standard for the format of ARPA Internet text messages. Internet Engineering Task Force, August 1982. (RFC 822).
14. M. Sirbu. Content-type header field for Internet messages. Internet Engineering Task Force, March 1988. (RFC 1049).
15. N. Freed and N. Borenstein. MIME (Multipurpose Internet Mail Extensions) Part One: Mechanisms for Specifying and Describing the Format of Internet Message Bodies. Internet Engineering Task Force, September 1993. (RFC 1521).
16. J. Postel. Media Type Registration Procedure. Internet Engineering Task Force, March 1994. (RFC 1590).
17. J. Myers and M. Rose. Post Office Protocol--Version 3. Internet Engineering Task Force, November 1994. (RFC 1725).
18. J. Myers. POP3 AUTHentication command. Internet Engineering Task Force, December 1994. (RFC 1734).
19. M. Crispin. INTERNET MESSAGE ACCESS PROTOCOL--VERSION 4. Internet Engineering Task Force, December 1994. (RFC 1730).
20. J. Myers. IMAP4 Authentication mechanisms. Internet Engineering Task Force, December 1994. (RFC 1731).
21. B. Kantor and P Lapsley. Network News Transfer Protocol: A Proposed Standard for the Stream-Based Transmission of News. Internet Engineering Task Force, February 1986. (RFC 977).
22. J. Oikarinen and D. Reed. Internet Relay Chat Protocol. Internet Engineering Task Force, May 1993. (RFC 1459).
23. International Organization for Standardisation, International Electrotechnical Commission. Information technology--Database languages--SQL, 1992. (ISO/IEC 9075).
24. X/Open Company Ltd., U.K. Structured Query Language (SQL), September 1992. (CAE Specification C201).
25. X/Open Company Ltd., U.K. Data Management: SQL Call Level Interface (CLI), April 1995. (CAE Specification C451).