Integration by Technology Component
This section takes each of the DCE technology components in turn and describes its use of other technology components.
· DCE Threads Integration The DCE Threads component does not involve distribution across nodes and therefore does not use any other DCE component.
· DCE RPC Integration RPC uses threads, CDS, and the security service. Threads are used to allow clients and servers to deal with multiple simultaneous RPCs. Note
that, as a result of the use of threads by RPC, any component that uses DCE RPC also uses threads.
RPC uses CDS to look up servers that support a given interface or object in order to discover the locations of those servers and the protocols that they use. GDS can be used indirectly by RPC. If
an RPC server is located in a foreign cell that is registered in the X.500 namespace, then GDS is accessed via CDS to find the given RPC server.
RPC uses a notion of time; for example, how long to wait for a reply to a message. However, this involves only the time on the local node, such as comparing the time when a message was sent with
the current time to see if a timeout has expired. As a result, RPC does not use DTS timestamps directly. RPC does, however, depend on DTS to help ensure that clocks on different machines run at
approximately the same rate.
The DCE Security Service is used to authenticate the RPC client and server to one another, and to pass authorization information about the client for the server to check against its ACLs.
· DCE CDS Integration
CDS makes use of several DCE technology components. It uses DCE Threads to allow the CDS server and the CDS clerk to handle multiple requests concurrently. It uses RPC in communications between
CDS clerks and CDS servers, as well as in communications between CDS servers, such as for keeping replicated information consistent.
CDS relies on DTS to maintain synchronized clocks in the network for use in the sequencing of updates to the namespace and for use in replication. CDS uses GDS (via the GDA) to find foreign cells
registered in GDS. And finally, CDS uses DCE security's ACLs and authenticated RPC to ensure authorized access to directory data and administrative functions.
· DCE DTS Integration
DTS uses RPC in the communications between DTS clients and DTS servers. It also uses RPC in the protocol between a time server and a time provider. Since DTS is based on DCE RPC, which uses DCE
Threads, DTS also uses Threads.
DTS depends on CDS to find time servers and their locations. GDS may be used indirectly if a global time server is registered in a foreign cell that is registered in the X.500 namespace. DTS uses
the DCE Security Service to authenticate its interactions and to audit security-critical DTS events.
· DCE Security Service Integration The DCE security server, like all DCE RPC-based applications, uses DCE Threads. The security server communicates with its
clients via DCE RPC. CDS is used to find security servers. GDS may be used indirectly in accessing a security server that is in a foreign cell registered in the X.500 namespace.
The security service uses a notion of time for the expiration of credentials and for detecting replays of authentication information. It assumes reasonable synchronization of the clocks in the
network, which is accomplished in DCE by DTS. The security service does not use DTS timestamps in this version of DCE.
· DCE GDS Integration The GDS server does not use DCE Threads; instead, it uses multiple processes to handle multiple requests. Since GDS is based on the X.500
standard, which is specified to run over ISO protocols, GDS does not use DCE RPC.
GDS does not use CDS; since GDS is at a higher level in the global namespace hierarchy, CDS refers to GDS but not the other way around. GDS supports DCE authentication and has a separate security
mechanism based on its own implementation of ACLs. Again, this is in order for GDS to comply to the international directory service standard.
· DCE DFS Integration The DFS servers that run in user space (for example, the backup, fileset location, and fileset servers) all use DCE Threads to handle multiple
requests. Because the DFS file exporter and cache manager run in the kernel, they do not use DCE Threads; DCE Threads is a user-space, not kernel, threads implementation.
DFS uses DCE RPC for all remote interaction between the DFS clients (for example, the cache manager and Scout) and servers (for example, the file exporter, fileset location server, and backup
server). Because the cache manager and file exporter run in the kernel, they use a kernel version of RPC. DFS uses CDS to locate fileset location servers. DFS may use GDS indirectly (via CDS) to
locate fileset location servers in foreign cells registered in the X.500 namespace. DFS uses Authenticated RPC and DCE ACLs to protect its resources. DFS relies on DTS to maintain clock
synchronization in the network.
|