|
Home : History
The development of ViewDS began in 1989 at the Telstra Research
Laboratories in Melbourne, Australia, to meet Telstra's organizational
requirements for a corporate electronic directory. The development
was led by Rolf Exner and Dr Stephen Legg then at the forefront
in the development and design of the global ISO X.500 standard.
As part of this development Telstra built into the directory solution
a set of sophisticated search capabilities designed to make the
implementation extremely easy to use by any web or windows user
providing support for approximate matching on a search request,
including phonetic matching and spelling correction, truncation
matching, abbreviations, keyword matching, synonyms, and any combinations
of these requests.
In 1999, a licence to exploit the View500 (now known as ViewDS) software was granted to Adacel Technologies Ltd. Acacel continued the development of View500 adding native support for LDAP v2 and v3.
In 2004 eB2Bcom,
Australia's leading identity management solution provider, acquired
the View500 business, which included licences to exploit Telstra's
and Adacel's IP (now consolidated within eB2Bcom,) the customer
base and the development and support teams. eB2Bcom has continued
to develop and maintain the View500 product whilst maintaining an
active role in the LDAP, PKIX and XED (XML Enabled directory) standards
advancements.
In 2006 the first new version of View500 under eB2Bcom was launched called Version 6.0. This version delivered a A range of new
features and facilities have been added, not least the ability to store XML objects and schema in the Directory
and to provide for searching, using Component matching, any directory data including XML objects.
In 2008, eB2Bcom acquired the ex Adacel Intellectual property in ViewDS, being the IP on software developed by Adacel from
the year they acquired the rights to develop the software from Telstra in 2000 to the year they sold the business to eB2Bcom
in 2004.
In July 2009, the Directors of eB2Bcom decided to activate another group company and transferred the Development team,
software IP, support infrstructure as well as the channel development and marketing team into that company - eNitiatives Pty
Ltd. eB2Bcom then became the reseller of ViewDS products in Australia, New Zealand & SE Asia with eNitiatives Pty Ltd as the
software developer and distributor then appointing other resellers, and OEM partners on a Worldwide basis.
A new major version of View500 was then launched in October 2009 Version 7.0 with a change of name to the product;
calling it ViewDS or View Discovery Server to give it it's full name. This reflected its much wider applicability than just
Directory services. The aim of the name change was to reflect a brand range of product solutions in the Identity and Access
Management space marketed under the name of ViewDS. ViewDS v7.0 brought about some major changes to the overall product with
a re-engineering of the ViewDS administrative inteface and the development of a new DotNet based ViewDS Management Agent,
new documentation and the start of a major revamp of capability in the web and customer interface.
In September 2010, a new minor release was made to the product. This most recent ViewDS release (Version 7.1) provides major improvements in the way that users interact with the ViewDS
web interface now known as ViewDS Access Presence doing searching, reporting and updating identity data. A new feature
provides a feature to do update and approval workflow. Other capabilities include the full support for a variety of XML
presentation formats and output. Version 7.1 also provides a range of support for new protocols such as SPMLv2 and DSMLv2
as well as ChangeLog.
These capabilities are designed to provide better integration support for Identity Management provisioning tools such as
Microsoft Forefront Identity Manager; Novell Identity Manager; Oracle Identity Manager and Tivoli Identity Manager.
In early 2011, ViewDS started to branch out of being just sold into the Australasian & SE Asia markets with partnerships
with companies in Europe and North America. Since then sales have been made to new customers in the USA, Belgium, Egypt, Oman,
Qatar, Bulgaria, New Zealand and Kuwait.Also in late 2011, our first International staff member was appointed based in Belgium
to drive European Channel partner sales.
View details of the released versions below:
[+]
All
[+]
ViewDS Version 7.1
The current version for ViewDS is version 7.1, which was released in September 2010. The focus of version 7.1
enhancements to the server have been to provide a greater level of integration with existing Identity Management
technologies as well as providing a lot of new capability in the web based User interface now known as ViewDS Access
Presence.
Some of the key features that have been incorporated into version 7.1 include:
GSSAPI SASL Authentication Mechanism for LDAP
Support for GSSAP SASL Authentication mechanism for LDAP will allow ViewDS to be accessed within Kerberos based Single
Sign On environments. The main benefit of supporting GSSAPI is that users are able to access ViewDS leveraging their
Microsoft Domain (or any other Kerberos server) account. This removes the requirement for a user to have passwords stored
within ViewDS.
SPML v2 (Service Provisioning Markup Language)
Support for SPML provides an additional XML based protocol for applications to access and provision with ViewDS. This
allows a greater level of interoperability with other Identity Management provisioning products. DSMLv2 Profile of SPMLv2
is the chosen profile that is now supported by ViewDS 7.1.
DSML (Directory Service Markup Language) v1 and v2 data
ViewDS now supports the ability to dump information in DSML v1 and DSML v2 data formats. This comes in addition to the
ViewDS SDUA format, LDIF and ELDIF. By allowing ViewDS's data to be exported into a DSML representation, other systems
can nowload and use the ViewDS data more readily.
Changelog
Support for changelog makes it easier for Identity Management synchronization and provisioning software to utilize ViewDS
as an authoritative source of information. Changelog also allows applications to efficiently identify the changes that
have occurred within ViewDS, without issuing expensive and time consuming search operations.
Virtual List Views for LDAP
Virtual List Views (VLV) allows LDAP clients to search ViewDS and obtain a sorted subset of results. This allows large
result sets to be obtained in usable portions. This feature allows ViewDS to interoperate with a wider variety of client
applications that use VLV when displaying lists to users.
Workflow for Approval & Update
The Workflow capability is aimed at providing a facility for ViewDS updaters in Agencies or Departments to undertake an
approval workflow process for changes in the ViewDS directory solution. In the Approval workflow an updater will be
authorised to create an update to an entry (either Add, Modify, Move or Delete) and then that will be passed to an
Approver (the Approver will be sent an email asking them to log on and approve the update). The Approver can
approve/reject/edit the update request. If rejected then a message will be sent back to the Updater with reasons for the
rejection. The process ends with the Approver publishing the change into the ViewDS Server. The new workflow capability
also allows for the Directory Administrator (in effect a Super User) to be able to make Important changes such as
Organisational Name being wrong or non compliancy with privacy regulations with all changes being logged for audit purposes.
User and Management Interfaces
The ViewDS 7.1 Access Presence web Interface (WebDUA) and Management Agent has been enhanced to provide a richer set of
data management and presentation capability.
. Global Changes allow updaters to make bulk changes to content of ViewDS.
. Searching Form enhancements offer greater flexibility for searching and customizing the display of search results.
ViewDS Access Presence provides controlled vocabulary enhancements for constrained data types.
. Schema Management within the Management Agent has been greatly enhanced to simplify the process of importing and
removing schema elements.
. XML Editing capabilities are incorporated into the Management Agent to provide a native XML look and feel when
viewing, editing and creating XML information.
[+]
ViewDS Version 7.0
ViewDS is 7.0, was released in October 2009 had a range of new features and capabilities including a major
re-engineering and replacement of the ViewDS Management interface with a new DotNet based Management GUI. The features
included in ViewDS 7.0 were:
ViewDS Management Agent
The ViewDS Management Agent is a Windows application that allows the central management
of one or more ViewDS servers.The ViewDS Management Agent replaces the View500 AdminDUA.
Remote Administration Service
The Remote Administration Service (RAS) is a new component that is provided with the ViewDS
server. The RAS allows the Management Agent to completely manage a ViewDS server, including
file system settings and the ability to start and stop a ViewDS server.
Updated Documentation Suite
The ViewDS documentation is provided as three documents; the Installation and Operations Guide,
the Technical Reference Guide for the Directory System Agent, and the Technical Reference Guide
for the User Interfaces.
Role and Time based Access Control
The Basic Access Control scheme has been extended to allow dynamic user inclusion for an access
control item. User inclusion can be based on a search filter which allows a user's inclusion to be
based on the attributes of the user's entry.
This extension to the Basic Access Control scheme facilitates attribute based access control,
role based access control and access controls based on times (e.g. day of week, hour if day, etc).
Word List Management
The management of word lists, such as synonyms, noise words and truncations can be managed at runtime
and are now stored within the DIT. By storing these words in the DIT, they can now be replicated to other ViewDS servers.
[+]
Version 6.0
The new features that were added to the 6.0 release are listed below.
X.500 Technology
Internet Directly Mapped Protocol (IDMP)
IDMP is a protocol which provides a TCP/IP transport for DAP, DISP
(Shadowing), and DSP (distributed operation) operations.
LDAP Technology
Simple Authentication and Security Layer (SASL)
A mandatory user authentication scheme for LDAP is the SASL Digest-MD5
mechanism. Instead of the user transmitting their username and password
clearly to the LDAP Server, SASL allows only hashed values to be
transmitted.
XML Enabled Directory (XED)
View500 Version 6.0 is the only directory available that supports
XED.
The XML Enabled Directory is a newly developed standard, which defines
a framework that leverages off existing technology such as ASN.1,
XML, X.500 and LDAP.
Some of the features available in version 6.0, due to XED, include:
Robust XML Encoding Rules (RXER)- RXER is an XML based encoding
rule. Instead of using an unreadable binary encoding rule (such
as BER), the directory is now able to encode data using RXER, a
text based encoding rule.
XIDMP
Currently, IDMP can be used to send DAP, DSP, and DISP PDU's over
a TCP/IP connection. IDMP states that these PDU's must be encoded
using the Basic Encoding Rules (BER). XIDMP allows the IDMP PDU's
to be transmitted in an XML based encoding, such as RXER.
XML Lightweight Directory Access Protocol (XLDAP)
XLDAP is semantically equivalent to LDAP, with the major difference
being the encoding rule used to encode the PDU. RXER is used to
encode XLDAP PDU's.
XED defines two transport mechanisms in which XLDAP messages can
be transmitted over, XLDAP over TCP/IP and XLDAP over SOAP 1.1.
ViewDS will support both of these mechanisms in the next release.
Extended LDAP Data Interchange Format (ELDIF)
The LDIF specification imposes restrictions that result in XML encoded
values being converted into an unreadable Base64 format within LDIF
dumps.
ELDIF extends the current LDIF specification to make allowances
for XML encoded values so their human readable encoding is retained.
For more information on XED, including the set of standards which
define the XED framework, visit the XED website, which can be found
in the Links section.
[+]
Version 5.3
Version 5.3 became available on the 15th of November, 2002.
This release included enhancements to the security of passwords within the directory.
Value hashing
ViewDS's proprietary value hashing scheme was implemented into the directory. This
value protection scheme is a configurable policy that can be used to protect passwords
when they are stored into and returned out of the directory.
The password values can be protected by a range of hash algorithms.
When a password is in a hashed format it can be safely returned out of the
directory over insecure channels. This is due to the fact that it becomes
cryptographically infeasible for an attacker to obtain the user's cleartext
password from a hashed version.
[+]
Version 5.2
Version 5.2 of ViewDS became available on the 25th of June, 2002.
Tree Browsing
This version of ViewDS saw the WebDUA get a facelift to illustrate new functionality.
The major upgrades included new graphics and Tree Browsing functionality. The WebDUA
now allows user's to navigate through the Directory Information Tree via a graphical interface.
LDAP Enhancements
In the DSA Server, additional portions of the LDAP specification were implemented. Such features include:
* LDAP Controls.
Controls are defined as part of the LDAP standard and can be used to convey
additional information or functionality through the existent LDAP protocol. Newly supported controls included:
# Server Side Sorting Control
This control allows LDAP clients to request that the DSA sort search results before returning them.
# Paged Search results Control.
This control can be used by clients to instruct the DSA server to only return a subset
(whose size is specified by the client) of results. The client is then able to repeat
the request and get the next set of results at its leisure.
# Proxied Authorization Control.
This control allows an LDAP Client to perform LDAP operations on behalf of other users.
This is useful when applications manage their own user authentication, and would like
to act on the user's behalf to access the directory.
# LDAP Password Policy Control.
When an LDAP Password Policy is being applied within the directory, this control can
be used to convey information from the DSA to the user. Such information may include
the amount of time that a user has left before they must change their password.
* LDAP Extension - Transport Layer Security.
This extended operation provides additional security for LDAP connections.
* LDAP Password Policy.
This standards based feature allows an administrator to specify password
policies for password attributes. This policy is highly configurable and
allows the administrator to enforce an appropriate level of password security
to reduce the possibility of a security breach due to password compromise.
* Chaining LDAP Operations
Leveraging off the X.500's distribution protocols, the DSA is now able to
convert an LDAP request into DAP and distribute the operation to other DSA's.
This mechanism allows an LDAP client to interact more fully within an X.500
distributed environment.
AdminDUA
The AdminDUA was enhanced to allow access control information to be imported
and exported from the directory. Once exported, access control information
can be easily imported from a file. This saves time, since making the
configuration via a GUI can be by-passed.
[+]
Version 5.1
ViewDS, Version 5.1, was released on the 25th of July 2001.
Native LDAP
This was the first version of ViewDS that contained native LDAP support.
Removing the need for an X.500/LDAP gateway, Native LDAP provided performance
and reliability benefits for ViewDS.
LDAP Data Interchange Format
LDIF, the LDAP Data Interchange Format, also became supported. This allowed
ViewDS to bulk-load large volumes of data in an efficient manner, which
is especially useful for loading information from other directories.
OpennSSL Enhancements
The security of directory information, whilst in transmission, was increased
with the support for LDAP over SSL. OpenSSL libraries being used by ViewDS
were updated to support SSLv3 and TLSv1, in addition to the already existent SSLv2.
Other security enhancements included the support for securely retrieving passwords
from the directory. This feature allowed password values to be obtained from
the directory in a hashed format.
[+]
Version 4.7
On the 30th of October 2000, Adacel released the 4.7 version of ViewDS.
24 x 7
In 4.7, the DSA became capable of continuous operation, 24 hours a day,
7 days a week. The DSA no longer required a routine shutdown when various log files became too large.
GUI Enhancements
Version 4.7 included changes to the GUI's which allowed them to provide the following functionality:
* Anonymous Browsing
* Increased control over the configuration of Access Control
Various bug fixes, made to the DSA, PDUA, WebDUA, SDUA, VFLOAD, AdminDUA, LDAP
gateway, VTDUA and WinDUA were all bundled into the 4.7 release.
The LDAP-API component of ViewDS was deprecated from the 4.7 release.
|
