IETF Logo Mail Archive

Re: [I2nsf] Service Layer Policies - Post 0: note structure

DIEGO LOPEZ GARCIA <diego.r.lopez@telefonica.com> Tue, 08 December 2015 09:38 UTC

Return-Path: <diego.r.lopez@telefonica.com>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4DDAF1ABD3D for <i2nsf@ietfa.amsl.com>; Tue, 8 Dec 2015 01:38:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.61
X-Spam-Level:
X-Spam-Status: No, score=-2.61 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z1W-OvV-CTr0 for <i2nsf@ietfa.amsl.com>; Tue, 8 Dec 2015 01:38:07 -0800 (PST)
Received: from smtpjc.telefonica.com (smtpjc.telefonica.com [81.47.204.76]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 52F351ABD36 for <i2nsf@ietf.org>; Tue, 8 Dec 2015 01:38:05 -0800 (PST)
Received: from smtpjc.telefonica.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 6EF762F0195; Tue, 8 Dec 2015 10:38:03 +0100 (CET)
Received: from ESTGVMSP104.EUROPE.telefonica.corp (unknown [10.92.4.9]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by smtpjc.telefonica.com (Postfix) with ESMTPS id 549912F014B; Tue, 8 Dec 2015 10:38:03 +0100 (CET)
Received: from emea01-am1-obe.outbound.protection.outlook.com (10.92.5.139) by tls.telefonica.com (10.93.6.50) with Microsoft SMTP Server (TLS) id 14.3.235.1; Tue, 8 Dec 2015 10:38:02 +0100
Received: from DB4PR06MB0624.eurprd06.prod.outlook.com (10.161.13.142) by DB4PR06MB0624.eurprd06.prod.outlook.com (10.161.13.142) with Microsoft SMTP Server (TLS) id 15.1.337.19; Tue, 8 Dec 2015 09:38:00 +0000
Received: from DB4PR06MB0624.eurprd06.prod.outlook.com ([10.161.13.142]) by DB4PR06MB0624.eurprd06.prod.outlook.com ([10.161.13.142]) with mapi id 15.01.0337.015; Tue, 8 Dec 2015 09:38:00 +0000
From: DIEGO LOPEZ GARCIA <diego.r.lopez@telefonica.com>
To: Linda Dunbar <linda.dunbar@huawei.com>
Thread-Topic: [I2nsf] Service Layer Policies - Post 0: note structure
Thread-Index: AQHRMIqxhUeiN7iAx0uHXNErC3WMYZ7ACpMAgADMlgA=
Date: Tue, 08 Dec 2015 09:37:59 +0000
Message-ID: <A56B1B45-FBAF-49DC-BB57-DBC035490C3C@telefonica.com>
References: <CAJwYUrFofZHG+b5oPjsi8cMoJ9MjUnoHY5kcE_KW0NKxSrc2fA@mail.gmail.com> <4A95BA014132FF49AE685FAB4B9F17F657DADCA6@dfweml701-chm>
In-Reply-To: <4A95BA014132FF49AE685FAB4B9F17F657DADCA6@dfweml701-chm>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=diego.r.lopez@telefonica.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [195.76.49.202]
x-microsoft-exchange-diagnostics: 1; DB4PR06MB0624; 5:KPnlXGvlsuzTFNz8pc2GQubEutIJnsEY8o0xtPh0M9Z3m3RwaFKnepfRZXZh5uQCyj6gITddFAT58zsuiQhXGPhDfFuUSjWIq9oWLaT/9Mdg+pRW6An3qh0qU4eAqS+luZEEzR9UyA+sye4XSBb5hA==; 24:Q6jA0kVN3PYRCSJnyVHOH0L0IiFyqrBjYxDymSW0/b5qVo0WGa6RZWwalb0LqX5wsKzta/PgY0Ft6vMKJGi6hwvZzBQA9hTA8YveFvCW1fQ=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DB4PR06MB0624;
x-microsoft-antispam-prvs: <DB4PR06MB0624F08C1A1FF3C33162373FDF080@DB4PR06MB0624.eurprd06.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(40392960112811);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401047)(520078)(5005006)(8121501046)(3002001)(10201501046); SRVR:DB4PR06MB0624; BCL:0; PCL:0; RULEID:; SRVR:DB4PR06MB0624;
x-forefront-prvs: 0784C803FD
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(45984002)(24454002)(377454003)(252514010)(189002)(199003)(87936001)(1220700001)(19617315012)(92566002)(1096002)(77096005)(105586002)(40100003)(83716003)(122556002)(6116002)(19580395003)(19580405001)(11100500001)(50986999)(33656002)(2950100001)(15975445007)(3846002)(101416001)(36756003)(2900100001)(106356001)(76176999)(66066001)(86362001)(102836003)(586003)(10400500002)(81156007)(97736004)(54356999)(106116001)(5002640100001)(110136002)(5004730100002)(5008740100001)(16236675004)(82746002)(5001960100002)(189998001)(104396002); DIR:OUT; SFP:1102; SCL:1; SRVR:DB4PR06MB0624; H:DB4PR06MB0624.eurprd06.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: telefonica.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_A56B1B45FBAF49DCBB57DBC035490C3Ctelefonicacom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Dec 2015 09:37:59.9335 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 9744600e-3e04-492e-baa1-25ec245c6f10
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB4PR06MB0624
X-OriginatorOrg: telefonica.com
X-TM-AS-MML: No
Archived-At: <http://mailarchive.ietf.org/arch/msg/i2nsf/Ye6a_d50FevILmVQGfMo9ylLoD0>
Cc: "i2nsf@ietf.org" <i2nsf@ietf.org>, John Strassner <strazpdj@gmail.com>
Subject: Re: [I2nsf] Service Layer Policies - Post 0: note structure
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Dec 2015 09:38:11 -0000

Hi,

I support this. I think it is good to be aligned with common usage of terms, unless there are very good reasons to do otherwise.

Just for the record, we are collecting some of the (already mature) results of the SECURED project policy efforts into a document we will contribute anytime soon. I hope we will be well aligned with John’s ideas.

Be goode,

On 7 Dec 2015, at 22:25 , Linda Dunbar <linda.dunbar@huawei.com<mailto:linda.dunbar@huawei.com>> wrote:

John,

Thank you very much for structuring the discussion. This is very helpful.


Maybe I am jumping ahead. For Post 5,  the “object” currently used in I2NSF framework is same as the  “Condition” in PCIM to describe the constraints. If no one disagree, I propose to align with PCIM, i.e. call it “Subject-Condition-Action-Function”.

Regards,
Linda

From: I2nsf [mailto:i2nsf-bounces@ietf.org] On Behalf Of John Strassner
Sent: Sunday, December 06, 2015 7:00 PM
To: i2nsf@ietf.org<mailto:i2nsf@ietf.org>
Subject: [I2nsf] Service Layer Policies - Post 0: note structure

The I2NSF framework draft mentions PCIM (RFC3060) and PCIMe (RFC3460) as possible candidates for guiding the policy structure that can be mapped to the Capability Layer's "Subject-Object-Action-Function" paradigm.
During IETF94, I expressed discomfort with the above paradigm. However, this is a complex subject, and is more easily understood by breaking this up into smaller discussions. Here is the order of notes that I will post:

   Post 0:  this post
   Post 1:  problems in using PCIM
   Post 2:  problems in using PCIMe
   Post 3:  differentiating between groups and roles
   Post 4:  differentiating between context, constraints, and conditions
   Post 5:  specific worries about the "Subject-Object-Action-Function" paradigm
   Post 6:  proposed replacement policy structure

Posts 1 and 2 clarify the problems in using PCIM and PCIMe, respectively, which I volunteered to do.

Posts 3 and 4 are fundamental to posts 5 and 6, as they represent software building blocks that are critical for designing and implementing Service Policies in a scalable and robust manner. These also expand on points in posts 1 and 2.

Post 5 is the heart of the manner, but can't really be tackled until the preceding posts were done. Post 6 builds on the previous posts.

regards,
John
--
regards,
John
_______________________________________________
I2nsf mailing list
I2nsf@ietf.org<mailto:I2nsf@ietf.org>
https://www.ietf.org/mailman/listinfo/i2nsf

--
"Esta vez no fallaremos, Doctor Infierno"

Dr Diego R. Lopez
Telefonica I+D
http://people.tid.es/diego.lopez/

e-mail: diego.r.lopez@telefonica.com<mailto:diego.r.lopez@telefonica.com>
Tel:    +34 913 129 041
Mobile: +34 682 051 091
----------------------------------


________________________________

Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede contener información privilegiada o confidencial y es para uso exclusivo de la persona o entidad de destino. Si no es usted. el destinatario indicado, queda notificado de que la lectura, utilización, divulgación y/o copia sin autorización puede estar prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción.

The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it.

Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e proceda a sua destruição

v2.29.0 | Report a Bug | By Email | System Status