DCE Glossary of Technical Terms

DCE Glossary of Technical Terms

Access Control List (ACL): Data that controls access to a protected object. An access control list specifies the privilege attribute(s) needed to access the object and the permissions that can be granted, with respect to the protected object, to principals that possess such privilege attribute(s).
Application Programming Interface (API): A set of callable routines that a programmer uses to interact with an application.
Asynchronous operation: An operation that does not itself cause the process or thread) requesting the operation to be blocked from further use of the CPU. This implies that the process and the operation are running concurrently.
Authentication: The verification of a principal's network identity.
Authentication protocol: A formal procedure for verifying a principal's network identity; Kerberos is an instance of a shared-secret authentication protocol.
Binding: A relationship between a client and a server involved in a remote procedure call.
Blocking call: A call in which a caller is suspended until a called procedure completes.
Caching: The technique of copying data from a server machine (its central storage place) to a client machine's local disk or memory; users then access the copy locally. Caching reduces network load because the data does not have to be fetched across the network more than once (unless the central copy changes).
Cell: The basic unit of operation in the DCE. A cell is a group of users, systems and resources that are typically centered around a common purpose and that share common DCE services.
Cell Directory Service (CDS): A distributed, replicated naming service
Client: The party that initiates a remote procedure call. Some applications act as both an RPC client and an RPC server. See also server.
Condition variable: A synchronization object used in conjunction with a mutex. A condition variable allows a thread to block until some event happens.
Credentials: A general term for privilege attribute data that has been certified by a trusted privilege certification authority. In DCE credentials are implemented as Privilege Attribute Certificates (PACs). See also Privilege Attribute Certificate.
Distributed File Service (DFS): A file service that joins the local file systems of several File Server machines, making the file systems equally available to all DFS client machines.
Distributed Time Service (DTS): The Distributed Time Service synchronizes the clocks in networked systems and is responsible for propagating a consistent notion of time throughout a cell.
Domain Naming Service (DNS): A distributed directory service used on the Internet. Along with GDS, it provides a global namespace that connects local DCE cells into one worldwide hierarchy.
Global Directory Service (GDS): A distributed, replicated directory service based on the CCITT X.500/ISO 9594 international standard. Along with DNS, it provides a global namespace that connects local DCE cells into one worldwide hierarchy.
Global name: A name that is universally meaningful and usable from anywhere in the DCE naming environment. The prefix /... indicates that a name is global.
Interface: See RPC Interface.
Interface Definition Language (IDL): A high-level declarative language that provides the syntax for interface definitions.
IP: Internet Protocol. A family of network protocols defined by the U.S. Department of Defense.
Kerberos: The authentication protocol implemented in DCE. Kerberos was developed at the Massachusetts Institute of Technology. In classical mythology, Kerberos was the three-headed dog that guarded the gates of the underworld.
Key: A value used to encrypt and decrpyt data.
Load balancing: Distributing system load evenly across server machines by placing identical copies of frequently accessed information among available server machines.
Local Area Network (LAN): A set of computers sharing a network that does not include bridges or Wide Area Network links.
Local name: A name that is meaningful and usable only from within the cell where the entry exists. The local name is a shortened form of the global name. Local names begin with the prefix /.: and do not contain a cell name.
Mutex: A synchronization object that provides mutual exclusion among threads. A mutex is often used to ensure that shared variables are always seen by other threads in a consistent state.
Network Computing Architecture (NCA): An architecture for distributing software applications across heterogeneous collections of networks, computers and programming environments. NCA specifies the DCE Remote Procedure Call architecture.
Network Data Representation (NDR): The transfer syntax defined by the Network Computing Architecture.
Network File System (NFS): A protocol for remote file access developed by Sun Microsystems, Inc.
Network Information System (NIS): A protocol for remote distribution of common configuration files developed by Sun Microsystems, Inc.
Network protocol: A communications protocol from the Network Layer of the OSI network architecture, such as the Internet Protocol.
Object: A data structure that implements some feature and has an associated set of operations. For RPC applications, an object can be anything that an RPC server defines and identifies to its clients (using an object UUID). Often an RPC object is a physical computing resource such as a database, directory, device or processor. Alternatively, an RPC object can be an abstraction that is meaningful to an application, such as a service or the location of a server. See also object UUID.
Object UUID: The universal unique identifier that identifies a particular RPC object. A server specifies a distinct object UUID for each of its RPC objects; to access a particular object RPC object, a client uses the object UUID to find the server that offers the object. See also object, Universal Unique Identifier.
Open Connectivity Architecture: A standard way of connecting applications to enterprise services.
Password: A string presented by a principal to prove its identity. The login facility transforms this string to generate an encryption key that is used by the Authentication Service to authenticate the principal.
POSIX: A set of standards intended to provide portable interfaces to operating systems services.
Principal: An entity that is capable of believing that it can communicate securely with another entity. In DCE, principals are represented as entries in the security database and include users, servers, computers and cells.
Privilege Attribute Certificate (PAC): Data, describing a principal's privilege attributes, that has been certified by an authority. In DCE, the Privilege Service is the certifying authority. The Privilege Service, along with Kerberos, is part of the DCE Security Service.
Remote Procedure Call (RPC): A call to a procedure in a different address space. In a traditional procedure call, the calling procedure and the called procedure are in the same address space on one machine. In a remote procedure call, the calling procedure invokes a procedure in a different address space and usually on a different machine.
Replication: The process of creating read-only copies of information. Replication is supported by the Security, Directory and File services in DCE. Replication can improve availability and load balancing. See also load balancing.
RPC Interface: A logical grouping of operation, data type, and constant declarations that serves as a network contract for calling a set of remote procedures. See also interface definition language.
Server: The party that receives remote procedure calls. A given application can act as both an RPC server and an RPC client. See also client.
Thread: A single sequential flow of control within a process.
Transaction: A related set or unit of changes to metadata. The events in a transaction are atomic. No change takes effect unless all the changes that make up that transaction are performed.
Transport independence: The capability, without changing application code, to use any transport protocol that both the client and server systems support, while guaranteeing the same call semantics. See also transport layer, transport protocol.
Transport layer: A network service that provides end-to-end communications between two parties, while hiding the details of the communications network. The TCP and ISO TP4 transport protocols provide full-duplex virtual circuits on which delivery is reliable, error free, sequenced, and duplicate free. UDP provides no guarantees.
Transport protocol: A communications protocol from the transport layer of the OSI network architecture, such as the Transmission Control Protocol (TCP) or the User Datagram Protocol (UDP).
Universal Unique Identifier (UUID): An identifier that is immutable and unique across time and space. See also object UUID.
Wide Area Network (WAN): A network that includes computers spread across a large geographical distance, usually involving several cities, states or countries. Communications connections in a WAN are typically done over modems, T1 lines, or satellite hookups.
X/Open Federated Naming (XFN): XFN provides a federated naming service interface comprising a set of common naming operations and infrastructure policies for constructing composite names. A federated naming service maps composite names to their references.

Permission is granted to reproduce any portion of the text or graphic images of this document provided that you prominently display both the copyright notice listed above and the following acknowledgment: Portions of this document have been reproduced with the permission of the copyright owner, The Open Group, Inc., Woburn, MA.