Re: [I2nsf] Service Level Policies - Post 4: differentiating between context, conditions, and Constraints
Linda Dunbar <linda.dunbar@huawei.com> Fri, 08 January 2016 17:51 UTC
Return-Path: <linda.dunbar@huawei.com>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 933871B2AA8 for <i2nsf@ietfa.amsl.com>; Fri, 8 Jan 2016 09:51:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.21
X-Spam-Level:
X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wKvcp2XHJbMk for <i2nsf@ietfa.amsl.com>; Fri, 8 Jan 2016 09:51:34 -0800 (PST)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 126FE1B2AA7 for <i2nsf@ietf.org>; Fri, 8 Jan 2016 09:51:24 -0800 (PST)
Received: from 172.18.7.190 (EHLO lhreml406-hub.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id CGN73272; Fri, 08 Jan 2016 17:51:22 +0000 (GMT)
Received: from DFWEML702-CHM.china.huawei.com (10.193.5.72) by lhreml406-hub.china.huawei.com (10.201.5.243) with Microsoft SMTP Server (TLS) id 14.3.235.1; Fri, 8 Jan 2016 17:51:21 +0000
Received: from DFWEML701-CHM.china.huawei.com ([10.193.5.50]) by dfweml702-chm ([10.193.5.72]) with mapi id 14.03.0235.001; Fri, 8 Jan 2016 09:51:14 -0800
From: Linda Dunbar <linda.dunbar@huawei.com>
To: John Strassner <strazpdj@gmail.com>, "i2nsf@ietf.org" <i2nsf@ietf.org>
Thread-Topic: [I2nsf] Service Level Policies - Post 4: differentiating between context, conditions, and Constraints
Thread-Index: AQHRSTN957og4+b0ZU6SFHVLrc52bJ7x5tYA
Date: Fri, 08 Jan 2016 17:51:14 +0000
Message-ID: <4A95BA014132FF49AE685FAB4B9F17F657DB9CCD@dfweml701-chm>
References: <CAJwYUrGdNiYf5fbVQ+9r0E7pMXE8-0uErrX-qxL9AFirz_8kEQ@mail.gmail.com>
In-Reply-To: <CAJwYUrGdNiYf5fbVQ+9r0E7pMXE8-0uErrX-qxL9AFirz_8kEQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.192.11.189]
Content-Type: multipart/alternative; boundary="_000_4A95BA014132FF49AE685FAB4B9F17F657DB9CCDdfweml701chm_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020203.568FF71A.0204, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: ee991a1653b825a4826492311add6a76
Archived-At: <http://mailarchive.ietf.org/arch/msg/i2nsf/dOOPcfvxAKAE5o-ViusqJE8wMb0>
Subject: Re: [I2nsf] Service Level Policies - Post 4: differentiating between context, conditions, and Constraints
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jan 2016 17:51:43 -0000
John, Thank you very much for clarifying the differences among The term “Object” in I2NSF was intended for describing all three “Context, Conditions and Constraints”. I agree it is not very straight forward definition. Do you Suggest I2NSF should have something like: Within the frame of “Subject - <xxx> - Action –Function”, <xxx> is the combination of “Context, Conditions and Constraints”. Should we call it “CCC”? Or do you have a better term? Linda From: I2nsf [mailto:i2nsf-bounces@ietf.org] On Behalf Of John Strassner Sent: Thursday, January 07, 2016 4:09 AM To: i2nsf@ietf.org Subject: [I2nsf] Service Level Policies - Post 4: differentiating between context, conditions, and Constraints During IETF94, I expressed discomfort with the "Subject-Object-Action-Function" paradigm. This note defines and differentiates between the concepts of context, constraints, and conditions. 1. Context There are many definitions of context. One of the most popular [1] is: ‘‘Context is any information that can be used to characterize the situation of an entity. An entity is a person, place, or object that is considered relevant to the interaction between a user and an application, including the user and application themselves’’. As stated in [2], the above definition has a number of problems. Instead, [2] proposes the following definition: "The Context of an Entity is a collection of measured and/or inferred knowledge that describe the state and the environment in which an Entity exists or has existed." The above definition enables human and or machine inference to be used to more fully characterize the context of an Entity. 2. Conditions An event-condition-action (ECA) policy rule consists of three Boolean clauses, and has the following conceptual behavior: IF the event_clause evaluates to TRUE IF the condition_clause evaluates to TRUE THEN execute the actions in the action_clause ENDIF ENDIF Each of the above clauses may consist of one or more statements. For example, a condition clause could be: if userLogin = Error AND numLoginTries > 3 3. Constraints A constraint is a limitation or restriction. Constraints have been used in programming and in modeling for a long time. Constraint programming refers to the embedding of constraints in a language; for example, most Prolog languages include good support for constraint programming. OCL (the Object Constraint Language) is used to specify constraints in UML. 4. Putting Context, Conditions, and Constraints Together Given a condition, a constraint can be used to further restrict how to satisfy the condition. Then, if a context is specified, the condition and its constraint are bound to that context. In an ECA policy rule, the effect of this is typically to more fully specify the condition clause. Note, however, that constraints do not have to be used solely with Conditions. For example, a constraint can be used to specify when it is safe to transition to a new state. As another, more powerful, example, the concept of a software contract [3] uses constraints to extend the definition of Abstract Data Types to formally define the behavior of software components. Simplifying the theory, this says the following: In order for a method to execute, a set of pre-conditions must be satisfied before the method can execute a set of post-conditions must be satisfied when the method is finished a set of invariants must not change their value during the execution • The set of pre- and post-conditions, along with invariants, are all constraints. 5. Proposal Context, conditions, and constraints are separate concepts, but they fit together naturally. With respect to policies, if a policy is viewed as a (software) container, then context is applied to the container (and hence, to the components of the container). Constraints can be applied to terms in each of the event, condition, and action clauses of an ECA policy rule to restrict their behavior, data type, domain and range, and so forth. The most common examples are applying constraints to conditions or to govern the behavior of actions. • [1] Dey, A., "Providing Architectural Support for Building Context-Aware Applications, Ph.D. Thesis, 2000 [2] Strassner, J., et al., "The Use of Context-Aware Policies and Ontologies to Facilitate Business-Aware Network Management", Journal of Network and Systems Management (17), pg 255-284, 2009 • [3] Meyer, B., "Object-Oriented Software Construction, 2nd edition, Prentice-Hall, ISBN: 0-13-629155-4 -- regards, John
- Re: [I2nsf] Service Level Policies - Post 4: diff… Linda Dunbar
- [I2nsf] Service Level Policies - Post 4: differen… John Strassner
- Re: [I2nsf] Service Level Policies - Post 4: diff… John Strassner
- [I2nsf] 答复: Service Level Policies - Post 4: diff… Xialiang (Frank)
- Re: [I2nsf] 答复: Service Level Policies - Post 4: … John Strassner
- [I2nsf] 答复: 答复: Service Level Policies - Post 4: … Xialiang (Frank)
- Re: [I2nsf] 答复: Service Level Policies - Post 4: … DIEGO LOPEZ GARCIA
- [I2nsf] ECA umbrella - with "Condition" being the… Linda Dunbar
- Re: [I2nsf] 答复: Service Level Policies - Post 4: … John Strassner
- [I2nsf] 答复: 答复: Service Level Policies - Post 4: … Xialiang (Frank)
- Re: [I2nsf] 答复: 答复: Service Level Policies - Post… John Strassner
- Re: [I2nsf] ECA umbrella - with "Condition" being… John Strassner
- [I2nsf] 答复: 答复: 答复: Service Level Policies - Post… Xialiang (Frank)
- Re: [I2nsf] ECA umbrella - with "Condition" being… Linda Dunbar
- Re: [I2nsf] ECA umbrella - with "Condition" being… John Strassner
- Re: [I2nsf] ECA umbrella - with "Condition" being… Linda Dunbar
- Re: [I2nsf] ECA umbrella - with "Condition" being… Robert Moskowitz
- Re: [I2nsf] ECA umbrella - with "Condition" being… Robert Moskowitz