IETF Logo Mail Archive

Re: [I2nsf] Service Layer Policies - Post 0: note structure

Linda Dunbar <linda.dunbar@huawei.com> Mon, 07 December 2015 21:25 UTC

Return-Path: <linda.dunbar@huawei.com>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 454CB1A903B for <i2nsf@ietfa.amsl.com>; Mon, 7 Dec 2015 13:25:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.21
X-Spam-Level:
X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d8xdesz0RhJS for <i2nsf@ietfa.amsl.com>; Mon, 7 Dec 2015 13:25:54 -0800 (PST)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 477521A903A for <i2nsf@ietf.org>; Mon, 7 Dec 2015 13:25:53 -0800 (PST)
Received: from 172.18.7.190 (EHLO lhreml403-hub.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id CFD15602; Mon, 07 Dec 2015 21:25:50 +0000 (GMT)
Received: from LHREML705-CAH.china.huawei.com (10.201.5.168) by lhreml403-hub.china.huawei.com (10.201.5.217) with Microsoft SMTP Server (TLS) id 14.3.235.1; Mon, 7 Dec 2015 21:25:49 +0000
Received: from DFWEML705-CHM.china.huawei.com (10.193.5.142) by lhreml705-cah.china.huawei.com (10.201.5.168) with Microsoft SMTP Server (TLS) id 14.3.235.1; Mon, 7 Dec 2015 21:25:48 +0000
Received: from DFWEML701-CHM.china.huawei.com ([10.193.5.50]) by dfweml705-chm ([10.193.5.142]) with mapi id 14.03.0235.001; Mon, 7 Dec 2015 13:25:44 -0800
From: Linda Dunbar <linda.dunbar@huawei.com>
To: John Strassner <strazpdj@gmail.com>, "i2nsf@ietf.org" <i2nsf@ietf.org>
Thread-Topic: [I2nsf] Service Layer Policies - Post 0: note structure
Thread-Index: AQHRMIqyvnKSbbDaGE++ac31TX2i157ACZyg
Date: Mon, 07 Dec 2015 21:25:44 +0000
Message-ID: <4A95BA014132FF49AE685FAB4B9F17F657DADCA6@dfweml701-chm>
References: <CAJwYUrFofZHG+b5oPjsi8cMoJ9MjUnoHY5kcE_KW0NKxSrc2fA@mail.gmail.com>
In-Reply-To: <CAJwYUrFofZHG+b5oPjsi8cMoJ9MjUnoHY5kcE_KW0NKxSrc2fA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.192.11.76]
Content-Type: multipart/alternative; boundary="_000_4A95BA014132FF49AE685FAB4B9F17F657DADCA6dfweml701chm_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A0B0206.5665F95F.0080, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: b2c9dfb86f3d59d2c6d5c327bc6378c2
Archived-At: <http://mailarchive.ietf.org/arch/msg/i2nsf/F5QBloJ4ekl9xkqeLb_VsEWl8y4>
Subject: Re: [I2nsf] Service Layer Policies - Post 0: note structure
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Dec 2015 21:25:56 -0000

John,

Thank you very much for structuring the discussion. This is very helpful.


Maybe I am jumping ahead. For Post 5,  the “object” currently used in I2NSF framework is same as the  “Condition” in PCIM to describe the constraints. If no one disagree, I propose to align with PCIM, i.e. call it “Subject-Condition-Action-Function”.

Regards,
Linda

From: I2nsf [mailto:i2nsf-bounces@ietf.org] On Behalf Of John Strassner
Sent: Sunday, December 06, 2015 7:00 PM
To: i2nsf@ietf.org
Subject: [I2nsf] Service Layer Policies - Post 0: note structure

The I2NSF framework draft mentions PCIM (RFC3060) and PCIMe (RFC3460) as possible candidates for guiding the policy structure that can be mapped to the Capability Layer's "Subject-Object-Action-Function" paradigm.
During IETF94, I expressed discomfort with the above paradigm. However, this is a complex subject, and is more easily understood by breaking this up into smaller discussions. Here is the order of notes that I will post:

   Post 0:  this post
   Post 1:  problems in using PCIM
   Post 2:  problems in using PCIMe
   Post 3:  differentiating between groups and roles
   Post 4:  differentiating between context, constraints, and conditions
   Post 5:  specific worries about the "Subject-Object-Action-Function" paradigm
   Post 6:  proposed replacement policy structure

Posts 1 and 2 clarify the problems in using PCIM and PCIMe, respectively, which I volunteered to do.

Posts 3 and 4 are fundamental to posts 5 and 6, as they represent software building blocks that are critical for designing and implementing Service Policies in a scalable and robust manner. These also expand on points in posts 1 and 2.

Post 5 is the heart of the manner, but can't really be tackled until the preceding posts were done. Post 6 builds on the previous posts.

regards,
John
--
regards,
John

v2.29.0 | Report a Bug | By Email | System Status