Re: [I2nsf] Service Layer Policies - Post 0: note structure
John Strassner <strazpdj@gmail.com> Thu, 10 December 2015 19:15 UTC
Return-Path: <strazpdj@gmail.com>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C15891ACE74 for <i2nsf@ietfa.amsl.com>; Thu, 10 Dec 2015 11:15:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.399
X-Spam-Level:
X-Spam-Status: No, score=-1.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, J_CHICKENPOX_24=0.6, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mlYwumtnlhFj for <i2nsf@ietfa.amsl.com>; Thu, 10 Dec 2015 11:15:23 -0800 (PST)
Received: from mail-vk0-x233.google.com (mail-vk0-x233.google.com [IPv6:2607:f8b0:400c:c05::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E79D51ACD9A for <i2nsf@ietf.org>; Thu, 10 Dec 2015 11:15:22 -0800 (PST)
Received: by vkha189 with SMTP id a189so97180988vkh.2 for <i2nsf@ietf.org>; Thu, 10 Dec 2015 11:15:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=T60iFl8g3g/9qIVbYS4y+ozz7tVjf0LGLKc1AROvk+Q=; b=S3UWIrGUsyFiHNugGehaFVMZK1ujD/atz3C50ju5gO1k6V1xr5mW86QtrrbLRMHGSh Yx37RxhFLw9YEM38+usiI6QwqD/OhBM0EsUU4kA3ZrfzM/f4F6KVBE3YcZIkg6kAsPKn 049XKfV0pAg3alWsobTpPHCtmZ/Oa1PtpSunW2pgPk/dLt5CNMIppGJ+gcBXIXw8uwqm mGkCaaCzJ4I8D05GEhAq/refyIl3jSUCjfsU+Qz//UX4sCnw1kmpl3uJ7Vncl8j3BCbO /06coc8H3JroPkl3fBIEN7UDXKhOsdpO+rIJx6UglJd/+LmCoGgZbSoe+HTAMuIXNIg4 8UaQ==
MIME-Version: 1.0
X-Received: by 10.31.54.78 with SMTP id d75mr11589467vka.122.1449774922058; Thu, 10 Dec 2015 11:15:22 -0800 (PST)
Received: by 10.103.40.131 with HTTP; Thu, 10 Dec 2015 11:15:21 -0800 (PST)
In-Reply-To: <4A95BA014132FF49AE685FAB4B9F17F657DAEE81@dfweml701-chm>
References: <CAJwYUrFofZHG+b5oPjsi8cMoJ9MjUnoHY5kcE_KW0NKxSrc2fA@mail.gmail.com> <4A95BA014132FF49AE685FAB4B9F17F657DADCA6@dfweml701-chm> <A56B1B45-FBAF-49DC-BB57-DBC035490C3C@telefonica.com> <566813CC.3090709@polito.it> <4A95BA014132FF49AE685FAB4B9F17F657DAEE81@dfweml701-chm>
Date: Thu, 10 Dec 2015 11:15:21 -0800
Message-ID: <CAJwYUrHBwxd0yyVhiC=7ANEtyS4fUFgLZjsz9gbBpL8MVNxhbQ@mail.gmail.com>
From: John Strassner <strazpdj@gmail.com>
To: Linda Dunbar <linda.dunbar@huawei.com>
Content-Type: multipart/alternative; boundary="001a1143e41c3bd7d705269007b2"
Archived-At: <http://mailarchive.ietf.org/arch/msg/i2nsf/3u7aZXFdGmgqURsnNVcTG3yTUm0>
Cc: "i2nsf@ietf.org" <i2nsf@ietf.org>, DIEGO LOPEZ GARCIA <diego.r.lopez@telefonica.com>, Aldo Basile <cataldo.basile@polito.it>
Subject: Re: [I2nsf] Service Layer Policies - Post 0: note structure
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Dec 2015 19:15:26 -0000
Hi all, Aldo wrote: In my experience, all the policy-related concepts that one may need during such a design phase can be described by referring to PCIM/PCIMe-defined concepts (regardless of the way they are represented, classes, associations, association classes), ... <jcs> I disagree that PCIM/PCIMe has "all" of the policy-related concepts that I2NSF needs. First, its structure cannot be extended without significant rework. So, if I2NSF ever does want to examine other types of policies (e.g., utility functions, intent-based (declarative), or functional policies), then it is very likely that this would cause the resulting data models to be completely redone. Second, PCIM/PCIMe have no notion of events. This means that many OAM functions cannot trigger an associated security function. In addition, from a practical point-of-view, events are useful for deterministic analysis of how security functions work. If you look at a standard ECA (event-condition-action) policy, then the purpose of the event clause is to trigger the evaluation of the condition clause; this makes it much easier to audit, log, and debug complex security scenarios. Third, PCIM/PCIMe have no concept of either a Policy Subject or a Policy Target. The former is vital for deontic and alethic logic (which I would assume are vital for not just I2NSF, but other security groups (e.g., SACM)). The later is critical for identifying, in a scalable manner, which entities are being changed by which security functions. I could go on, but I think that these are sufficient. </jcs> Aldo wrote: ...concepts that PCIM/PCIMe miss, and concepts that are not correctly/optimally represented in PCIM/PCIMe. <jcs> Sorry, but my parser seg faulted. :-) IFF you are saying that everything we need is covered by what PCIM/PCIMe have and what PCIM/PCIMe don't have, then this is a logical tautology. If this isn't what you mean, I'm lost; please explain. </jcs> regards, John On Wed, Dec 9, 2015 at 3:54 PM, Linda Dunbar <linda.dunbar@huawei.com> wrote: > Aldo, > > Thank you for the suggestion. > > Just want to add a note: I2NSF only deals with rule-set/policy for > treating packets/flows traversing through NSF. Therefore, the I2NSF polices > would be much simpler, which doesn't need to deal with network wide > policies or user policies. > > Linda > > > -----Original Message----- > From: Aldo Basile [mailto:cataldo.basile@polito.it] > Sent: Wednesday, December 09, 2015 5:43 AM > To: DIEGO LOPEZ GARCIA; Linda Dunbar > Cc: i2nsf@ietf.org; John Strassner > Subject: Re: [I2nsf] Service Layer Policies - Post 0: note structure > > Dear all, > > I agree it is not worth considering the whole PCIM or PCIMe models and > suggested implementations. They are too complex to implement and > maintain and far from being perfect (John Strassner's Posts 0/1 are much > more precise references to PCIM issues). > > However, I think PCIM/PCIMe are excellent starting points for the design > of the an information model, thus they can be used for I2NSF as well. > > In my experience, all the policy-related concepts that one may need > during such a design phase can be described by referring to > PCIM/PCIMe-defined concepts (regardless of the way they are represented, > classes, associations, association classes), concepts that PCIM/PCIMe > miss, and concepts that are not correctly/optimally represented in > PCIM/PCIMe. > > In the SECURED project (and before in the PoSecCo project), PCIM/PCIMe > have been considered as starting point to design the information and > data models (which are now similar but not equal), while the actual > implementation of the repositories and management tasks have been > completely detached from PCIM/PCIMe (we had indeed a bad experience in > fully agreeing with PCIM during a previous POSITIF project). > > Therefore, it is probably worth considering the 'refinement' of the > I2NSF requirements (which, to the best of my knowledge are presented > here https://datatracker.ietf.org/wg/i2nsf/charter/, please correct me > if I'm wrong) to a set of more formal/precisely defined requirements and > probably also inputs from use cases. > > Only at that point it would be possible to precisely understand what we > can reuse from existing (de facto) standards or models. > > > Regards, > Cataldo > > > > On 08/12/2015 10:37, DIEGO LOPEZ GARCIA wrote: > > Hi, > > > > I support this. I think it is good to be aligned with common usage of > > terms, unless there are very good reasons to do otherwise. > > > > Just for the record, we are collecting some of the (already mature) > > results of the SECURED project policy efforts into a document we will > > contribute anytime soon. I hope we will be well aligned with John's > ideas. > > > > Be goode, > > > >> On 7 Dec 2015, at 22:25 , Linda Dunbar <linda.dunbar@huawei.com > >> <mailto:linda.dunbar@huawei.com>> wrote: > >> > >> John, > >> Thank you very much for structuring the discussion. This is very > helpful. > >> Maybe I am jumping ahead. For Post 5, the "object" currently used in > >> I2NSF framework is same as the "Condition" in PCIM to describe the > >> constraints. If no one disagree, I propose to align with PCIM, i.e. > >> call it "Subject-Condition-Action-Function". > >> Regards, > >> Linda > >> *From:*I2nsf [mailto:i2nsf-bounces@ietf.org]*On Behalf Of*John > Strassner > >> *Sent:*Sunday, December 06, 2015 7:00 PM > >> *To:*i2nsf@ietf.org <mailto:i2nsf@ietf.org> > >> *Subject:*[I2nsf] Service Layer Policies - Post 0: note structure > >> The I2NSF framework draft mentions PCIM (RFC3060) and PCIMe (RFC3460) > >> as possible candidates for guiding the policy structure that can be > >> mapped to the Capability Layer's "Subject-Object-Action-Function" > >> paradigm. > >> During IETF94, I expressed discomfort with the above paradigm. > >> However, this is a complex subject, and is more easily understood by > >> breaking this up into smaller discussions. Here is the order of notes > >> that I will post: > >> Post 0: this post > >> Post 1: problems in using PCIM > >> Post 2: problems in using PCIMe > >> Post 3: differentiating between groups and roles > >> Post 4: differentiating between context, constraints, and conditions > >> Post 5: specific worries about the > >> "Subject-Object-Action-Function" paradigm > >> Post 6: proposed replacement policy structure > >> Posts 1 and 2 clarify the problems in using PCIM and PCIMe, > >> respectively, which I volunteered to do. > >> Posts 3 and 4 are fundamental to posts 5 and 6, as they represent > >> software building blocks that are critical for designing and > >> implementing Service Policies in a scalable and robust manner. These > >> also expand on points in posts 1 and 2. > >> Post 5 is the heart of the manner, but can't really be tackled until > >> the preceding posts were done. Post 6 builds on the previous posts. > >> regards, > >> John > >> -- > >> regards, > >> John > >> _______________________________________________ > >> I2nsf mailing list > >> I2nsf@ietf.org <mailto:I2nsf@ietf.org> > >> https://www.ietf.org/mailman/listinfo/i2nsf > > > > -- > > "Esta vez no fallaremos, Doctor Infierno" > > > > Dr Diego R. Lopez > > Telefonica I+D > > http://people.tid.es/diego.lopez/ > > > > e-mail: diego.r.lopez@telefonica.com <mailto: > diego.r.lopez@telefonica.com> > > Tel: +34 913 129 041 > > Mobile: +34 682 051 091 > > ---------------------------------- > > > > > > ------------------------------------------------------------------------ > > > > Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, > > puede contener información privilegiada o confidencial y es para uso > > exclusivo de la persona o entidad de destino. Si no es usted. el > > destinatario indicado, queda notificado de que la lectura, utilización, > > divulgación y/o copia sin autorización puede estar prohibida en virtud > > de la legislación vigente. Si ha recibido este mensaje por error, le > > rogamos que nos lo comunique inmediatamente por esta misma vía y proceda > > a su destrucción. > > > > The information contained in this transmission is privileged and > > confidential information intended only for the use of the individual or > > entity named above. If the reader of this message is not the intended > > recipient, you are hereby notified that any dissemination, distribution > > or copying of this communication is strictly prohibited. If you have > > received this transmission in error, do not read it. Please immediately > > reply to the sender that you have received this communication in error > > and then delete it. > > > > Esta mensagem e seus anexos se dirigem exclusivamente ao seu > > destinatário, pode conter informação privilegiada ou confidencial e é > > para uso exclusivo da pessoa ou entidade de destino. Se não é vossa > > senhoria o destinatário indicado, fica notificado de que a leitura, > > utilização, divulgação e/ou cópia sem autorização pode estar proibida em > > virtude da legislação vigente. Se recebeu esta mensagem por erro, > > rogamos-lhe que nos o comunique imediatamente por esta mesma via e > > proceda a sua destruição > > > > > > _______________________________________________ > > I2nsf mailing list > > I2nsf@ietf.org > > https://www.ietf.org/mailman/listinfo/i2nsf > > > > > -- regards, John
- [I2nsf] Service Layer Policies - Post 0: note str… John Strassner
- Re: [I2nsf] Service Layer Policies - Post 0: note… Linda Dunbar
- Re: [I2nsf] Service Layer Policies - Post 0: note… John Strassner
- Re: [I2nsf] Service Layer Policies - Post 0: note… DIEGO LOPEZ GARCIA
- Re: [I2nsf] Service Layer Policies - Post 0: note… Aldo Basile
- Re: [I2nsf] Service Layer Policies - Post 0: note… Linda Dunbar
- Re: [I2nsf] Service Layer Policies - Post 0: note… John Strassner