1 © 2003, Cisco Systems, Inc. All rights reserved. IEEE Policy Conference 2004 CIM and Ponder Andrea Westerinen, Cisco June, 2004.

Slides:



Advertisements
Similar presentations
© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.
Advertisements

An Adaptive Policy-Based Framework for Network Service Management Leonidas Lymberopoulos Emil Lupu Morris Sloman Department of Computing Imperial College.
ANDREA WESTERINEN CA TECHNOLOGIES APR 28, 2011 Policy Language Overview 1.
1 Authorization XACML – a language for expressing policies and rules.
Agents That Reason Logically Copyright, 1996 © Dale Carnegie & Associates, Inc. Chapter 7 Spring 2004.
Linguistics, Morphology, Syntax, Semantics. Definitions And Terminology.
Approaches to generalization of XACML New challenges for access control 27 th April 2005 Tim Moses.
FT228/4 Knowledge Based Decision Support Systems Rule-Based Systems Ref: Artificial Intelligence A Guide to Intelligent Systems Michael Negnevitsky – Aungier.
Authz work in GGF David Chadwick
Logic in general Logics are formal languages for representing information such that conclusions can be drawn Syntax defines the sentences in the language.
Logic Programming Languages. Objective To introduce the concepts of logic programming and logic programming languages To introduce a brief description.
PROMPT: Algorithm and Tool for Automated Ontology Merging and Alignment Natalya Fridman Noy and Mark A. Musen.
 2006 Pearson Education, Inc. All rights reserved Generics.
XACML By Ganesh Godavari Craig Peltier. Information Sharing Information Sharing relates to the sharing of information between two or more entities. Entities.
UML Class Diagrams: Basic Concepts. Objects –The purpose of class modeling is to describe objects. –An object is a concept, abstraction or thing that.
XACML Gyanasekaran Radhakrishnan. Raviteja Kadiyam.
1 CIM User Group Conference Call december 8th 2005 Using UN/CEFACT Core Component methodology for EIC/TC 57 works and CIM Jean-Luc SANSON Electrical Network.
Sequence Control Chapter 6. 2 l Control structures: the basic framework within which operations and data are combined into programs. Sequence control.
Event-Condition-Action Rule Languages over Semistructured Data George Papamarkos.
CatBAC: A Generic Framework for Designing and Validating Hybrid Access Control Models Bernard Stepien, University of Ottawa Hemanth Khambhammettu Kamel.
MITREMITRE Coalition Security Policy Language Project 11 December 2000.
1 Strassner-Policy Theory and Practice – IM2001 Purpose of the PCIM Provide a set of classes and relationships that provide an extensible means for defining.
Software Design Patterns for Information Visualization 薛乃榮 Q NCBCI LAB.
An Introduction to Design Patterns. Introduction Promote reuse. Use the experiences of software developers. A shared library/lingo used by developers.
1 Logical Agents CS 171/271 (Chapter 7) Some text and images in these slides were drawn from Russel & Norvig’s published material.
Logical Agents Logic Propositional Logic Summary
A Declarative Similarity Framework for Knowledge Intensive CBR by Díaz-Agudo and González-Calero Presented by Ida Sofie G Stenerud 25.October 2006.
Refrain Policy Vocabulary HL7 Security WG Kathleen Connor VA (ESC) January 2012.
Agreement Offer and Acceptance Chapter 2. Offer  Offer: A promise or commitment to do or refrain from doing some specified thing in the future. Offer.
Environment Change Information Request Change Definition has subtype of Business Case based upon ConceptPopulation Gives context for Statistical Program.
Formal Specification of Intrusion Signatures and Detection Rules By Jean-Philippe Pouzol and Mireille Ducassé 15 th IEEE Computer Security Foundations.
Lambda Expressions Version 1.0
1 Logical Agents CS 171/271 (Chapter 7) Some text and images in these slides were drawn from Russel & Norvig’s published material.
Logical Agents Chapter 7. Outline Knowledge-based agents Logic in general Propositional (Boolean) logic Equivalence, validity, satisfiability.
VLDB2005 CMS-ToPSS: Efficient Dissemination of RSS Documents Milenko Petrovic Haifeng Liu Hans-Arno Jacobsen University of Toronto.
12/11/200049th IETF - San Diego1 IPSP Configuration Model Framework Feedback Lee Rafalow IPSP WG & Policy WG IPSP Configuration.
 Copyright 2005 Digital Enterprise Research Institute. All rights reserved. WSLA Language Specification
Getting to a NetConf Data Model Considerations Andrea Westerinen.
A Flexible Access Control Service for Java Mobile Code HPCC lab 문 정 아.
Liang, Introduction to Java Programming, Tenth Edition, (c) 2015 Pearson Education, Inc. All rights reserved. 1 Chapter 15 Event-Driven Programming and.
Advanced Software Development Karl Lieberherr CSG 260 Fall Semester
DMTF Standards Overview WBEM and CIM September 18, 2002 Andrea Westerinen Julie Schott Cisco Systems.
1Copyright © 2009, Printer Working Group. All rights reserved. PWG Plenary Status Report MFD Working Group August, 2009 Redmond, WA PWG F2F Meeting.
Liang, Introduction to Java Programming, Tenth Edition, (c) 2015 Pearson Education, Inc. All rights reserved. 1 Chapter 15 Event-Driven Programming and.
Architectural Considerations for Semantic Support Group Name: WG5 Source: Martin Bauer (NEC), Joerg Swetina (NEC) Meeting Date: Agenda Item:
47th IETF 3/29/00 Information Model for describing network policy and services John Strassner - Cisco Walter Weiss - Lucent Andrea Westerinen - SNIA David.
1 Authorization Sec PAL: A Decentralized Authorization Language.
Copyright © 2010 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Starting Out with Programming Logic & Design Second Edition by Tony Gaddis.
 Description of Inheritance  Base Class Object  Subclass, Subtype, and Substitutability  Forms of Inheritance  Modifiers and Inheritance  The Benefits.
Authorization PDP GE Course (R4) FIWARE Chapter: Security FIWARE GE: Authorization PDP FIWARE GEri: AuthZForce Authorization PDP Owner: Cyril Dangerville,
Copyright © 2003 DMTFPage 1 Overlap of Concepts between GGF DAIS Specs and the DMTF CIM Schema CIM System/Devices, Application, User/Security and Database.
1 © 2003, Cisco Systems, Inc. All rights reserved. DMTF and Cisco Profile overview/comparison August 17, 2005.
Logical Agents. Outline Knowledge-based agents Logic in general - models and entailment Propositional (Boolean) logic Equivalence, validity, satisfiability.
Simplified Use of Policy Abstractions (SUPA) Policy Data Model Overview 1 Michiaki Hayashi KDDI R&D Labs. Inc Nov. 3 rd, 2015.
July 2010 doc.: IEEE /0xxxr0 Proposed liaison presentation to SC6 in relation to the identifier conflict issue 9 May 2011 Authors: Andrew Myles,
Lambda Expressions Version 1.1
Knowledge Representation and Reasoning
ATS Application Programming: Java Programming
Using local variable without initialization is an error.
UML Class Diagrams: Basic Concepts
Chapter 2 Database Environment.
Logic Programming Languages
Back to “Serious” Topics…
Imperative Programming
David Botzer and Opher Etzion
The Attribute and the ecosystem
Title Introduction: Discussion & Conclusion: Methods & Results:
Forms.
Ponder policy toolkit Jovana Balkoski, Rashid Mijumbi
Presentation transcript:

1 © 2003, Cisco Systems, Inc. All rights reserved. IEEE Policy Conference 2004 CIM and Ponder Andrea Westerinen, Cisco June, 2004

222 © 2003, Cisco Systems, Inc. All rights reserved. Purpose Determine if the DMTF approach for writing policy rules is workable Compare the CIM representation with a “known” language

333 © 2003, Cisco Systems, Inc. All rights reserved. DMTF’s Policy Model in CIM Instances and groups of PolicyRules Rules aggregate PolicyConditions and PolicyActions Conditions can be combined in conjunctive or disjunctive sets Actions can be sequenced Domain-specific subclassing For example, IPsec or Authentication/Authorization rules New work in support of generic Event-Condition- Action policy rules

444 © 2003, Cisco Systems, Inc. All rights reserved. CIM Policy Classes

555 © 2003, Cisco Systems, Inc. All rights reserved. Authentication/Authorization Rules in CIM

666 © 2003, Cisco Systems, Inc. All rights reserved. CIM Event-Condition-Action Classes Can identify “rule triggering” conditions/events

777 © 2003, Cisco Systems, Inc. All rights reserved. PONDER Policies Declarative Three categories of policy rules Authorization, Obligation, Delegation Both positive and negative Negative obligation rules are coded as “refrain” inst oblig { on ; subject = ; target = ; do ; }

888 © 2003, Cisco Systems, Inc. All rights reserved. Policy, Pigs and PONDER Discussion in DMTF Policy WG If at least two of a farmer’s pigs are squealing, then he/she must feed one of the pigs that is not squealing.

999 © 2003, Cisco Systems, Inc. All rights reserved. Policy and Pigs – CIM Representation MethodAction’s Query clause MUST specify the method to be called and its parameters

10 © 2003, Cisco Systems, Inc. All rights reserved. Policy and Pigs – PONDER Representation oblig feedNotSquealingPig { on CIM_AtLeastTwoSquealingPigs ; // 2 or more squealing pigs subject /farmers ; // i.e., all farmers do (t = self.Raises->reject(isSquealing)) -> self.HandleAnimal(t, 2) ; } // where 2=‘feed’

11 © 2003, Cisco Systems, Inc. All rights reserved. Conclusions Both Ponder and CIM - Declarative rules with backing semantics Ponder – Concise and explicit CIM – Language neutral and reusing infrastructure Query expression is “not natural” Initial rendering/testing successful (SNIA SMI-S)

12 © 2003, Cisco Systems, Inc. All rights reserved. Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.