DATAPRO Data Networking 2750 1 Standards

The Government Open Systems Interconnection Profile GOSIP

@ 1991 McGraw-Hili, Inccrporated. Reprcduction Prohibited. MARCH 1991 Datapro Information Servlces Group. Delran NJ 08075 USA 2 2750 The Government Data Networking Open S,stems Standards Interconnection Profile (GOSIP)

meet those needs, it attempted to design a de facto networking standard called the Network Control Program (NCP). NCP specified the first set of pro­ Analysis tocols for connecting computers and peripherals on one network. Ten years after it first developed NCP, the DoD replaced its single-network archi­ tecture with the multiple-network architecture of TCP/IP. TCP/IP was being used for the DoD's Ar­ As computer technology grabbed the business panet network by 1983. world by the lapels in the 1960s and 1970s, large TCP/IP not only added internetworking capa­ mainframe computers took over many tradition­ bility but also transferred data integrity checking ally manual tasks, such as number crunching and from the network protocols to the host computer word processing. Users found computer storage system. This transferal provides a more trustwor­ both tidier and more organized. thy system than NCP, which relied on the network It did not take long, however, for users to re­ for end-to-end transmission reliability. Today, alize that computers could do more than just pro­ TCP/IP's primary users include the federal govern­ cess mounds of data. Users explored ways of ment, universities, and research groups. sharing computer-generated data and software with each other, marking the beginning of computer net­ working. TCP/IP Computing at that time was expensive. Users A layered approach to internetworking, TCPIIP relied on batch processing or timesharing main­ began as an experimental alternative to the DoD's frame computers through remote processing. Be­ packet switched network, Arpanet. TCP/IP con­ fore Apple and the microcomputer, computer tains four layers of exchange protocols: the network networking meant connecting the product line of a access layer, the Internet Protocol (IP), the Trans­ single vendor (such as IBM, which dominated both mission Control Protocol (TCP), and the applica­ commercial and federal markets). In 1974, IBM tions themselves (see Figure 1). developed a networking architecture for its prod­ The network access layer sends data between ucts called Systems Network Architecture (SNA), two processors on the same network. The protocols which-despite its proprietary nature-planted the used depend on the type of network, such as an seed for connectivity. SNA today remains the most X.2S packet switched network or an IEEE 802.3 prevalent networking architecture in the industry. CSMAlCD, 802.4 token bus, or 802.5 token-ring The emergence of microcomputers and the local area network (LAN). establishment of proprietary networks left many The IP layer routes data among multiple net­ users stranded on islands of aU,tomation. They had works, whether they are similar or dissimilar. The plenty of data and applications, but no means to IP layer is where true connection among different share information among incompatible systems. In networks occurs. response came the concept of internetworking. In 1981, Xerox Corp. moved the technology toward intercongecting different networks with the Figure 1. Xerox Networking System (XNS), a complicated Transmission Control Protocol/Internet set of internetworking protocols influencing the Protocol (TCP/IP) Layers development of the OSI model. XNS never really caught on, however, and was later surpassed by a Layer 4 Applications: SMTP, FTP, Telnet set of Department of Defense (DOD) internet­ working protocols called the Transmission Control Layer 3 Transmission Control Protocol (TCP) Protocol/Internet Protocol (TCP/IP). Layer 2 ,Internet Protocol (IP) The idea for TCP/IP arose in the early 1970s, when the DoD-under budgetary constraints­ Layer 1 Network Access desperately needed a means of exchanging data with the research and development community. To

MARCH 1991 @) 1991 McGraW-Hili. Incorporated. ReproduCtion Prohibited. Datapro Information Servicas Group. Delran NJ 08075 USA Data Networking The Govemment Open S,stems 2750 3 Interconnection Profile Standards (GOSIP)

The TCP layer ensures that the data sent is in Implementors Workshop. This workshop series, sequence and error free. It is often called the reli­ where prospective vendors determine how OSI ability layer of TCP/IP; the IP randomly sends protocols will be implemented, has yielded Ver­ data without monitoring the transmission. sions 1.0 through 3.0 of the implementation agree­ At the application layer of TCP/IP, three pro­ ments that form the core of GOSIP. The tocols are available: the File Transfer Protocol agreements ensure that each vendor develops OS 1- (FTP), the Simple Mail Transfer Protocol (SMTP), based products in the same fashion, guaranteeing and Telnet. FTP transfers files from one host to compatibility. Federa~ users also provide input to another, and SMTP sends electronic messages be­ these vendor-adopted agreements. tween hosts. The Telnet application provides ter­ As TCPIIP did in the I 980s, GOSIP will provide minal emulation capability, allowing remote users to federal users a newer, more functional set of in­ to run applications as if they were directly con­ ternetworking standards in and beyond this de­ nected to a host system. cade. Unlike its predecessor, conformance of new Because TCP/IP is a static set of protocols products to GOSIP has been mandatory since Au­ with limited functionality and is not based on in­ gust 1990. In contrast to TCP/IP, GOSIP is de­ ternational standards, it eventually will be replaced signed to remain compatible, preventing its by the emerging OSI protocol suite. OSI is an evo­ obsolescence. New GOSIP versions will be incor­ lutionary, high-performance set of international porated gradually, so that users will be informed of data communications standards designed to be ex­ upcoming standards and can prepare for their im­ tended and manipulated for internetworking. plementation. But because of TCP/IP's massive installed The continuity and worldwide standards approach base, especially in the federal government, it must of OSI and GOSIP will save the federal govern­ coexist with OSI for the near term. Industry ex­ ment in development costs. A 1985 National Re­ perts maintain that TCP/IP-based products, be­ search Council report estimated that commercial cause they are available and proven, will remain OSI-based products would save an average of 30 to popular through the early 1990s. 80 percent in information technology costs. No longer will government users be tied to a single vendor for networking and computing require­ What Is QOSIP? ments. Instead, with OSI, they can select from a GOSIP, driving the standardization of OS I proto­ wide range of vendors, with the assurance that the cols, is a federal government procurement docu­ products meet OSI criteria for connectivity. ment for computer and networking technology OSI and GO SIP eliminate the need for expensive specifying OSI international and draft standards. bridging and duplication of products, such as soft­ As a federal information processing standard ware and peripherals, which can be shared on a (FIPS), GOSIP is not only forcing TCP/IP into re­ network. Standards let users preserve their product tirement, it is also forcing potential federal govern­ investments. GOSIP also provides procurement ment vendors to supply OSI-based products. guidelines so that federal users can employ those Although GOSIP represents a departure from the OSI protocols in their purchasing decisions. Based federal government's traditional purchasing meth­ on the seven-layer set of standards adopted by the ods, it is a conservative approach. GOSIP specifies worldwide standards body, the ISO, GOSIP con­ only OSI protocols having reached the final stages tains only stable DIS or IS protocols. of standardization-a draft international standard (DIS) or international standard (IS). This way, ven­ dors and users are not strapped with products QOSIP: A Layered Architecture based on protocols subject to change, making them Version 1.0 of GOSIP, mandatory for new govern­ obsolete with each protocol amendment. ment purchases since August 1990, contains stan­ To ensure interoperability, GOSIP is based dard protocols at each of the seven OSI layers: on vendor agreements reached at the National In­ physical, data link, network, transport, session, ( stitute of Standards and Technology (NIST) Work­ presentation, and application. These layers (see shop for Implementors of Open Systems Figure 2) are often referenced by their placement Interconnection, commonly called the NIST OSI in the OSI stack-layer one (physical), layer two

@ 1991 McGraw-Hili, Incorporated. Reproduction Prohibited. MARCH 1991 Datapro Information Services Group. Delran NJ 08075 USA The Government Data Networking 4 2750 Open.'...... Standards Interconnection ProfIle (GOSIPI

Figure 2. GOSIP Protocols

Legend Office Document o ·Version 1,0 Architecture (ODA) and o ·Version 2.0 Interchange lII·version 3.0 Format (ODIF)

FTAM (File Transfer) 7 Application X.400 (E-Mail) Association Control Service Elements (ACSE)

6 Presentation '----.-..... Presentation Protocol

5 Session

4 Transport

Dynamic 3 Network Internetwork Protocol Routing Protocols 2 Data Link

X.25 802.3 1 PhYSical Ethernet

(data link), layer three (network), layer four (trans­ Thus far, GOSIP requires support for two port), layer five (session), layer six (presentation), OSI applications standards: the X.400 Message and layer seven (application). The lower layers, one Handling System (MHS) for electronic messaging through four, handle the interconnection of system and File Transfer, Access and Management processors on a network, while the upper layers, (FfAM) for file transfer. In addition, GOSIP man­ five through seven, interconnect the applications dates the Association Control Service Element that run on those processors. (ACSE). ACSE is a service that corresponds to a particular application protocol, helping establish an association between the sending and receiving The Application Lay.r stations. The heart of the communications process, the Ap­ plication Layer provides the interface between the The Pre•• ntatlon Lay.r network and the computer application, such as The Presentation Layer plays the role of translator, electronic messaging or file transfer. This is the converting transmitted data into a format under­ layer nearest to the user, who wants to run soft­ stood by both sending and receiving systems. At ware over various networks without learning the this layer, GOSIP specifies the accepted OSI pre­ interworking of each OSI layer. sentation protocol.

MARCIi 1991 @ 1991 McGraw·HIII, Incorporated. Reproduction Prohibited. Datapro Information Services Group. Delran NJ 08075 USA Data Networking The Govemment 2750 5 Open Syatema Interconnection Prollie Standards (GOSIPJ

The Session Layer GOSIP does not mandate a specific physical The Session Layer establishes and synchronizes a interface standard but recommends the Consulta­ communications session between application pro­ tive Committee on Telegraph and Telephone's cessors in a transmission. It sets up and closes the (CCITT's) X.25 packet-switching protocol, stan­ data dialog between those systems. dard interfaces such as EIA RS-232-C for transmis­ GOSIP merely calls for the OSI session proto­ sion speeds up to 19.2K bps, and the CCITT V.35 col, suggesting that users select the various session interface for speeds that exceed 19.2K bps. functions based on characteristics of their own ap­ plications. Different applications require different session functions; therefore, the application drives GOSIP's Evolution the type of session function adopted. As the ISO process evolves, so will GOSIP. With the help ofNIST, the Technology and Advanced The Transport Layer Requirements Group ofthe.Government OSI Us­ The Transport Layer ensures that the data flowing ers Committee will update GOSIP on a regular ba­ between systems is sent intact to the proper desti­ sis, adding new OSI standards as they are nation. Sometimes called the "reliability" layer, completed. Transport maintains the integrity of a data trans­ mission. Transport Protocol Class 4 (TP4) is the GOSIP Version 2.0 OSI standard for transport and is required under The next version of GOSIP, Version 2.0, was final­ GOSIP. ized in September 1989 and will become manda­ tory in August 1991. GOSIP 2.0 expands the The Network Layer Application Layer and adds connection-oriented The Network Layer determines the data's route. It transmission service as an option for government sends data over yarious links to the destination networks. It brings three new application-layer system. GOSIP mandates the use of connectionless standards to the GOSIP profile: Virtual Terminal networking, provided by the OSI Connectionless (VT), the Office Document Architecture (OOA), Network Layer Protocol (CLNP), for networking and the Office Document Interchange Format between various subnetworks and within a single (ODIF). subnetwork. VT allows a PC or workstation to act as an IBM 3270-type terminal and to access mainframe The Data Link Layer data and applications. Users at a remote site can Here, the data sent from the Network Layer for access and run mainframe applications from the transmission is packaged for travel over the net­ desktop. Similar to TCP/IP's Telnet function, this work medium. GOSIP specifies Data Link Layer protocol is in demand at the DoD, where terminal protocols, such as High Level Data Link Control emulation is a popular feature. (HDLC) for X.25 transmission and the LAN trans­ ODA and OOIF are both options for swap­ mission protocols prescribed by the Institute of ping documents among dissimilar systems. OOA Electrical and Electronics Engineers (IEEE 802.3 provides the standard for office document appear­ [Carrier Sense, Multiple Access with Collision De­ ance, and OOIF is the transfer format. Together tection, or CSMA/CD], 802.4 [token bus], and' they are crucial to the exchange of compound doc­ 802.5 [token ring]). The document also includes uments, those generated by different word process­ the protocol for the logical link, Logical Link Con­ ing software and those produced by desktop trol (LLC). publishing systems. ODA/OOIF should not be con­ fused with Electronic Data Interchange (ED I), a The Physical Layer protocol allowing users to swap business docu­ At the Physical Layer, the physical connection is ments electronically. established. This layer contains the protocols for GOSIP 2.0 also includes dynamic routing passing the bit streams across the transmission me­ protocols, which provide automatic data routing dium. capabilities for a network. Version 1_0 of GOSIP only calls for a static routing mechanism contained in a rigid routing table.

@ 1991 McGraw-Hili, Incorporated, Reproduction Prohibited, MARCH 1991 Datapro Information Services Group, Delran NJ 08075 USA 2750 The Government Data Networking • Open S,atema Standards Interconnection Profile (GOSIPJ

Also supported by GOSIP 2.0 are Integrated Both GKS and CGM already exist as applica­ Services Digital Network (ISDN) communications tions profiles in the Technical and Office Protocol standards, connection-oriented service, the connec­ (TOP) Version 3.0 specification. GKS lets users tionless transport protocol, and the end system-to­ run graphics programs over different types of sys­ intermediate system protocol. ISDN provides a tems and contains a "toolbox" for programmers to backbone network alternative to X.25 packet develop two-dimensional graphics capabilities. switched networks, adding the capability of com­ CGM provides for the exchange of picture infor­ bining voice, data, and video over the same circuit. mation among different computer graphics sys­ tems. QOSIP Version 3.0 EDI, the transfer of electronic documents The third version of GOSIP, finalized in 1990 and among suppliers and customers, is used by such scheduled to become mandatory in August 1992, divisions of the government as the Defense Logis­ will feature two new OSI applications: X.500 Di­ tics Agency and the U.S. Customs Service. GOSIP­ rectory Services and the OSI network management based EDI will be modeled after the ANSI X 12 protocol, Common Management Information Pro­ standard, which is already in widespread commer­ tocol (CMIP). cial use. The federal government and the ISO com­ Directory Services provides global directory munity are exploring how to integrate EDI into assistance, as well as a database of electronic mail GOSIP-based systems. users. With Directory Services, users of the X.400 Still in the formative stages in the federal gov­ Message Handling System can access a wide data­ ernment is Transaction Processing (TP), an appli­ base of other E-Mail users.CMIP is the protocol cation most common in financial and retail providing communications between computing services. TP tracks and updates customer transac­ devices and a central management station on a net­ tions. NIST, the Internal Revenue Service, and the work. The OSI community, the TCP/IP commu­ Defense Logistics Agency are currently studying nity, and the OSIINetwork Management Forum the government's requirements for TP. have all backed the adoption of CMIP for OSI net­ work management. GOSIP 3.0 will also include the Fiber Distrib­ Security for 051 uted Data Interface (FOOl), a fiber LAN standard The ISO does not yet specify security protocols for that would allow federal users to implement high­ the OSI standard. It has devised an OSI Security speed, 100M bps, fiber optic backbone networks. Architecture, however, that spells out security fea­ At the Transport Layer, GOSIP 3.0 will add tures. GOSIP's appendixes include the OSI Secu­ an end system-to-intermediate system protocol rity Architecture, giving federal procurement called Transport Class 2 for connection-oriented officials a framework when ordering secure com­ service, where two systems could be considered munications equipment. Several security protocols part of a single, logical network. In Version 1.0, remain under development at the ISO and within GOSIP calls for connectionless service, allowing the industry. When those protocols become avail­ one system to access another by establishing a able, they will be reviewed as possible GOSIP com­ store-and-forward messaging system. COllnection­ ponents. oriented service is considered more efficient for The OSI Security Architecture contains five internetworking, because systems can communi­ basic features of secure networks: cate around the clock without establishing a con­ 1. Physical Security: The physical medium over nection and disconnection for every session. which data is transmitted. Other Future Enhancements to QOSIP 2. End-System Security: The protection of pro­ In addition to the protocols slated for the first cessors on a network. three versions of GOSIP, the federal government 3. Tamper Resistance: A means of guarding has other protocols planned, including the Graphi­ against computer hackers. cal Kernel System (GKS), Computer Graphics 4. User Authentication: The verification of users Metafile (CGM), EDI, and Transaction Processing and their access to data. (TP).

MARCH 1991 @ 1991 MCGraw-Hili, Incorporated. Reproduction Prohibited. Datapro Information Services Group. Delran NJ 08075 USA Data Networking The Govemment 2750 7 Open Syatema Interconnection Profile Standards (GOSIPJ

5. Trusted Functionality: The assurance of a se­ Although POSIX has been closely associated cure system's reliability. with UNIX because of UNIX' portability features, POSIX is operating system neutral. But how do GOSIP and POSIX work together? Guidance for the Nontechnical User How do federal users acquiring networking equip­ ment and building networks employ the GOSIP The Applications Portability Profile document and its specifications? With the help of a lAPP) user's manual. APP will bring GOSIP and POSIX together under In March 1989, NIST released a GOSIP Us­ one umbrella. The Applications Portability Profile, er's Guide for all levels of users-from manager to which was included in the POSIX FIPS appendix, communications technician. For the nontechnical picks up where POSIX leaves off: beyond the oper­ manager, the guide provides an explanation of ating system. GOSIP's benefits and positive effect on productiv­ NIST developed APP after federal officials ity. The guide also provides a tutorial and covers realized that POSIX alone did not provide true GOSIP's relationship to other federal government applications portability. While POSIX provided information processing efforts, such as the Federal the first step, it failed to address the networking, Telecommunications Systems 2000 program, database, and user interface issues crucial to porta­ Computer-Aided Acquisition and Logistic Support ble applications. Furthermore, while GOSIP speci­ (CALS), and the Secure Data Network System fies communications procedures for heterogeneous project at the National Security Agency (NSA). systems, it does not handle the interfaces between a network and the applications. It is these deficien­ cies which APP fills. The Portable Operating System APP specifies software interfaces for operat­ ( \ Interface for Computer Environments ing system and networking services. With APP, IPOSIX) developers can write portable software programs For a distributed processing environment to be using those services. The programs can be moved fully open requires more than a standard means of across different computing platforms. GOSIP, data communications. A need also exists for stan­ POSIX, and APP provide federal users with a full dard operating systems and software. While OSI complement of tools for developing open, distrib­ provides connectivity, it does not specify software uted systems. portability. In response, NIST issued in September The APP "toolbox" for developing portable 1988 a Federal Information Processing Standard software applications includes the following ele­ (FIPS) for the Portable Operating System Interface ments (see Table 1): for Computer Environments (POSIX)-a specifi­ • Operating System cation for a vendor-independent interface between • Database Management a software application and an operating system. POSIX is an IEEE standard initially launched • Data Interchange in 1981 by an organization composed of AT&T • Network Services UNIX users. The IEEE has proposed that POSIX • User Interface be included in the ISO's open systems effort. Written in the C programming language, • Programming Services which provides simple portability among different hardware platforms, POSIX permits true applica­ The Operating System element is POSIX, a tions portability. POSIX interface software can run vendor-independent interface between an operat­ over different operating systems, regardless of ing system and a software application. Database Management provides and main­ hardware. Like OSI, POSIX will free government users tains a dynamic bank of data accessible by all types ( from the bonds of a single vendor. Government of applications. APP specifies the Structured users will have more options when procuring soft­ ware and can preserve existing systems.

@ 1991 McGraw-Hili, Incorporated. Reproduction ProhlbHed. MARCH 1991 Datapro Information Services Group. Delran NJ 08075 USA 8 2750 The Govemment Data Networking Open Systems Standards Interconnection ProtIIe (GOSIPI

language, known for its portability. To expand the Table 1. Elements of the Applications programming language options, APP will also sup­ / Portability Profile (APP) , / port Fortran, Cobol, Ada, and Pascal. The Graphi­ cal Kernel System (GKS) and Programmer's Function Elements Operating Sytem POSIX Hierarchical Interactive Graphics System (PHIGS) Data Base Management SQl standards will also be supported in this section of IRDS the APP. Data Interchange: To support APP's evolution, NIST will spon­ -Business Graphics CGM sor user and implementor workshops similar to -Product Data IGES -Document Processing SGMl those it operates for OSI. The process for APP will ODA/ODIF be similar to NIST's OSI workshops, allowing ven­ Network Services: dors and users to provide input for implementing -Data Communications OSI APP. -File Management NFS User Interface X Window System Programming Services C The Impact of GOSIP, POSIX, and APP Cobol on the Marketplace Fortran Ada Given the three elements of open distributed Pascal processing-GOSIP, POSIX, and APP-federal government users will have the tools necessary to Query Language (SQL) database language and the forge ahead in computing. With the federal govern­ Information Resource Dictionary Systems (IRDS) ment's backing, standardization efforts will be a standard. catalyst of open networking for the entire industry. Data Interchange includes business graphics, There are advantages and pitfalls to pioneer­ product data, and document processing. In this ing OSI and applications portability, however, and area, APP and GOSIP overlap significantly. APP, the federal government likely will be the first to like future versions of GOSIP, contains CGM for experience them. The chore of ironing out new graphics and ODA/ODIF for document processing. technology wrinkles is ever present. There is a (The GKS and PHIGS graphics standards will be learning curve caused by eliminating old, estab­ implemented under Programming Services, dis­ lished information processing tools to make room cussed later.) APP, however, also contains the for new techniques. Standard Generalized Markup Language (SGML) Being the first to adopt OSI means reaping for document processing and the Initial Graphics the economic and functional benefits sooner than Exchange Specification (IGES) for exchanging users who wait, a particular advantage for the fed­ product data. eral government, which is constantly under budget Network Services specifies GOSIP for the in­ constraints. OSI will help agencies tie together dif­ teroperation of dissimilar systems over networks. ferent computing and communications devices In addition, APP requires a file management fea­ that currently can~ot communicate. Once systems ture, to ensure proper sharing and monitoring of are connected, federal users can better exploit ex­ files in dissimilar systems. APP also specifies Sun isting capabilities and easily add new standards­ Microsystems' protocol for file sharing, called Net­ based technology. work File System (NFS). POSIX and APP will enhance the communi­ The User Interface for portable software pro­ cations capabilities inherent in GOSIP-based net­ grams is the end user's view into the open network. works. With the strong backing of the U.S. federal Since there are different applications available to government, these three information technology users, they need a consistent interface to ease ac­ standards will more 'rapidly infiltrate the commer­ cess to those applications. APP calls for the X Win­ cial market as well. Entering the fledgling OSI mar­ dow System user interface, developed by MIT. ket via GOSIP guarantees advantages, but it also Programming Services must also be portable means risking interoperability troubles with late­ ./ in this open software and communications envi­ comers' OSI products. ronment. APP initially offers the C programming

MARCH 1991 @ 1991 McGraw-Hili, Incorporated. Reproduction Prohibited. Datapro Information Services Group. Delran NJ 08075 USA Data Networking The Govemment Open Systems 2750 9 Interconnection Profile Standards (GOSIPI

Despite pioneering risks, GOSIP will serve as market early can later devote resources to develop­ a catalyst to entice vendors into developing OS 1- ing distinguishing features while latecomers are based products now, rather than waiting for the still buried with OSI research and development. market and technology to mature. GOSIP's federal Because OSI is inevitable, industry experts government stamp of approval should alleviate the feel all vendors will be forced to implement it risks. Vendors that forge ahead with GOSIP prod­ within the next four years. OSI will yield a more ucts will be those wanting a share of the lucrative competitive marketplace, where vendors will be federal government computer and communications unable to "lock" customers into their proprietary market. For smaller vendors, entering the OSI mar­ systems. Because compliance with GOSIP has been ket in its infancy provides a foothold in what will mandatory since August 1990, federal users now become a massive market by the late 1990s. have access to a world of open internetworking, The OSI market will be one where vendors complete with greater software and hardware op­ supplying products based on the same standards tions and the capability to maintain their capital must differentiate their offerings with added fea­ technology investments. Users not only will have tures, functions, or service. Vendors that join the more options in choosing their information tech­ nology tools, they also will be assured that the products operate under the same set of protocols.•

(

@ 1991 McGraw-Hili. Incorporated. Reproduction Prohibited. MARCH 1991 Datapro Information Services Group. Delran NJ 08075 USA