Glossary¶
DataONE Terms¶
- DataONE
Data Observation Network for Earth
- DataONE Common Library for Python
Part of the DataONE Investigator Toolkit (ITK). Provides functionality commonly needed by projects that interact with the DataONE infrastructure via Python. It is a dependency of DataONE Client Library for Python, GMN and currently all other DataONE components written in Python.
- DataONE Client Library for Python
Part of the DataONE Investigator Toolkit (ITK). Provides programmatic access to the DataONE infrastructure and may be used to form the basis of larger applications or to extend existing applications to utilize the services of DataONE.
- DataONE Test Utilities for Python
A framework for testing and validation of DataONE components implemented in Python.
- GMN
DataONE Generic Member Node.
A DataONE Member Node MN). It provides an implementation of MN APIs and can be used by organizations to expose their science data to DataONE if they do not wish to reate their own, native MN.
- Metacat
Metacat is a flexible, open source metadata catalog and data repository that targets scientific data, particularly from ecology and environmental science. Metacat accepts XML as a common syntax for representing the large number of metadata content standards that are relevant to ecology and other sciences. Thus, Metacat is a generic XML database that allows storage, query, and retrieval of arbitrary XML documents without prior knowledge of the XML schema.
Metacat provides a complete implementation of all MN APIs.
- Replication target
A MN that accepts replicas (copies) of science data from other MNs and thereby helps ensuring that science data remains available.
- Vendor specific extensions
Functionality that is not part of the DataONE APIs but is supported by a DataONE component. Vendor specific extensions are activated by adding custom HTTP headers when calling the existing DataONE API methods. When activated, they modify the behavior of the method in a vendor specific way. DataONE has reserved the namespace starting with VENDOR_ for such custom headers.
- Investigator Toolkit (ITK)
The Investigator Toolkit provides a suite of software tools that are useful for the various audiences that DataONE serves. The tools fall in a number of categories, which are further developed here, with examples of potential applications that would fit into each category. https://releases.dataone.org/online/api-documentation-v2.0.1/design/itk-overview.html
- MN
DataONE Member Node.
- CN
DataONE Coordinating Node.
- Node
DataONE Member Node or Coordinating Node
- client
An application that accesses the DataONE infrastructure on behalf of a user.
- Science Data
An object (file) that contains scienctific observational data.
- Science Metadata
An object (file) that contains information about a Science Data object.
- System Metadata
An object (file) that contains system level information about a Science Data or a Science Metadata object.
- PID
Persistent Identifier. An identifier that is unique within DataONE and references an immutable object.
- SID
Series Identifier. An identifier that is unique within DataONE and references one or more objects that have been linked together by a series of updates.
- Workspace
The Workspace is an online storage area where users can store search filters and references to DataONE objects. It follows the files and folders metaphor of regular filesystems. Objects are added to the Workspace from the ONEMercury search engine.
Authentication and security¶
- X.509
An ITU-T standard for a public key infrastructure (PKI) for single sign-on (SSO) and Privilege Management Infrastructure (PMI). X.509 specifies, amongst other things, standard formats for public key certificates, certificate revocation lists, attribute certificates, and a certification path validation algorithm.
- CA
Certificate Authority
A certificate authority is an entity that issues digital certificate s. The digital certificate certifies the ownership of a public key by the named subject of the certificate. This allows others (relying parties) to rely upon signatures or assertions made by the private key that corresponds to the public key that is certified. In this model of trust relationships, a CA is a trusted third party that is trusted by both the subject (owner) of the certificate and the party relying upon the certificate. CAs are characteristic of many public key infrastructure (PKI) schemes.
- CA signing key
- Server key
The private key that Apache will use for proving that it is the owner of the certificate that it provides to the client during the SSL handshake.
- CSR
Certificate Signing Request
A message sent from an applicant to a CA in order to apply for a certificate.
- Certificate
A public key certificate (also known as a digital certificate or identity certificate) is an electronic document which uses a digital signature to bind a public key with an identity – information such as the name of a person or an organization, their address, and so forth. The certificate can be used to verify that a public key belongs to an individual.
- CA certificate
A certificate that belongs to a CA and serves as the root certificate in a term:chain of trust.
- Self signed certificate
A certificate that is signed by its own creator. A self signed certificate is not a part of a chain of trust and so, it is not possible to validate the information stored in the certificate. Because of this, self signed certificates are useful mostly for testing in an implicitly trusted environment.
- Chain of trust
The Chain of Trust of a Certificate Chain is an ordered list of certificates, containing an end-user subscriber certificate and intermediate certificates (that represents the Intermediate CA), that enables the receiver to verify that the sender and all intermediates certificates are trustworthy.
- DN
Distinguished Name.
- OpenSSL
Toolkit implementing the SSL v2/v3 and TLS v1 protocols as well as a full-strength general purpose cryptography library.
- SSL
Secure Sockets Layer
A protocol for transmitting private information via the Internet. SSL uses a cryptographic system that uses two keys to encrypt data − a public key known to everyone and a private or secret key known only to the recipient of the message.
- SSL handshake
The initial negotiation between two machines that communicate over SSL.
http://developer.connectopensource.org/display/CONNECTWIKI/SSL+Handshake
- TLS
Transport Layer Security
Successor of SSL.
- Client side authentication
SSL Client side authentication is part of the SSL handshake, where the client proves its identity to the web server by providing a certificate to the server. The certificate provided by the client must be signed by a CA that is trusted by the server. Client Side Authentication is not a required part of the handshake. The server can be set up to not allow Client side authentication, to require it or to let it be optional.
- Server Side Authentication
SSL Server Side Authentication is part of the SSL handshake, where the server proves its identity to the client by providing a certificate to the client. The certificate provided by the server must be signed by a CA that is trusted by the client. Server Side Authentication is a required part of the handshake.
- Client side certificate
Certificate that is provided by the client during client side authentication.
- Server side certificate
Certificate that is provided by the server during server side authentication.
- Identity Provider
A service that creates, maintains, and manages identity information for principals while providing authentication services to relying party applications within a federation or distributed network.
ONEDrive¶
- FUSE
Filesystem in Userspace.
- macfuse
- fusepy
- Dokan
User mode file system for windows.
Misc¶
- Subversion
Version control system
- Bash
GNU Bourne-Again Shell
- Apache
HTTP server
- MPM
Multi-Processing Module
The component within Apache that manages the processes and threads used for serving requests.
- Python
A dynamic programming language.
- Django
High-level Python Web framework that encourages rapid development and clean, pragmatic design.
- WSGI
Web Server Gateway Interface
- mod_wsgi
- mod_ssl
- PyXB
Python XML Schema Bindings
- minixsv
A Lightweight XML schema validator
- python-dateutil
Extends the standard datetime module
- PostgreSQL
A freely available object-relational database management system (ORDBMS).
- MySQL
A freely available object-relational database management system (ORDBMS).
- SQLite3
A freely available object-relational database management system (ORDBMS).
- Oracle
A object-relational database management system (ORDBMS) that is available in both free and commercial versions.
- Psycopg2
Psycopg is a PostgreSQL database adapter for Python.
- OpenSSL
An open source implementation of the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.
- cron
cron is a time-based job scheduler in Unix-like computer operating systems. cron enables users to schedule jobs (commands or shell scripts) to run periodically at certain times or dates.
- python-setuptools
A package manager for Python
- ISO8601
International standard covering the exchange of date and time-related data
- python-iso8601
Python library implementing basic support for ISO8601
- CILogon
The CILogon project facilitates secure access to CyberInfrastructure (CI).
- LOA
Levels of Assurance
CILogon operates three Certification Authorities (CAs) with consistent operational and technical security controls. The CAs differ only in their procedures for subscriber authentication, identity validation, and naming. These differing procedures result in different Levels of Assurance (LOA) regarding the strength of the identity contained in the certificate. For this reason, relying parties may decide to accept certificates from only a subset of the CILogon CAs.
- REST
Representational State Transfer
A style of software architecture for distributed hypermedia systems such as the World Wide Web.
http://en.wikipedia.org/wiki/Representational_State_Transfer
- SolR
Apache Solr
Solr is the popular, blazing fast open source enterprise search platform from the Apache Lucene project. Its major features include powerful full-text search, hit highlighting, faceted search, dynamic clustering, database integration, rich document (e.g., Word, PDF) handling, and geospatial search. Solr is highly scalable, providing distributed search and index replication, and it powers the search and navigation features of many of the world’s largest internet sites.
- OAI-ORE Resource Map
Open Archives Initiative Object Reuse and Exchange (OAI-ORE) defines standards for the description and exchange of aggregations of Web resources.