12/11/200049th IETF - San Diego1 IPSP Configuration Model Framework Feedback Lee Rafalow IPSP WG & Policy WG IPSP Configuration.

Slides:

Advertisements

Similar presentations

Authentication Authorization Accounting and Auditing

Advertisements

Dr. Bhavani Thuraisingham February 18, 2011 Building Trustworthy Semantic Webs RDF and RDF Security.

Non-monotonic Properties for Proving Correctness in a Framework of Compositional Logic Koji Hasebe Mitsuhiro Okada (Dept. of Philosophy, Keio University)

The software process A software process is a set of activities and associated results which lead to the production of a software product. This may involve.

1 CPCP Hisham Khartabil XCON WG IETF 60, San Diego 2 nd August, 2004

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

1 © 2003, Cisco Systems, Inc. All rights reserved. IEEE Policy Conference 2004 CIM and Ponder Andrea Westerinen, Cisco June, 2004.

Using XACML Policies to Express OAuth Scope Hal Lockhart Oracle June 27, 2013.

Chapter 1 Object-Oriented System Development

Chapter 14 (Web): Object-Oriented Data Modeling

What is UML? A modeling language standardized by the OMG (Object Management Group), and widely used in OO analysis and design A modeling language is a.

Policy Framework Status aaaarch mtg, irtf, Aug. 2, 2000 Ed Ellesson co-chairs of policy framework wg: Ed Ellesson: John Strassner:

Identity, Spheres and Privacy Rules Henning Schulzrinne (with Hannes Tschofenig and Richard Barnes) Workshop on Identity, Information and Context October.

Chapter 10 Classes Continued

8.1 Classes & Inheritance Inheritance Objects are created to model ‘things’ Sometimes, ‘things’ may be different, but still have many attributes.

Copyright © 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 11 Object and Object- Relational Databases.

Chapter 14: Object-Oriented Data Modeling

Intelligent Tutoring Systems Traditional CAI Fully specified presentation text Canned questions and associated answers Lack the ability to adapt to students.

Slide #1 Minneapolis, March 10, 2005XCON WG, IETF62 draft-levin-xcon-cccp-02.txt Orit Levin Roni Even

CSE 331 Software Design & Implementation Hal Perkins Autumn 2012 Java Classes, Interfaces, and Types 1.

C++ Object Oriented 1. Class and Object The main purpose of C++ programming is to add object orientation to the C programming language and classes are.

Cross-Domain Privacy-Preserving Cooperative Firewall Optimization.

UML Notations in CommonKADS Activity diagrams State diagrams Class diagrams Use-case diagrams.

1 Strassner-Policy Theory and Practice – IM2001 Purpose of the PCIM Provide a set of classes and relationships that provide an extensible means for defining.

QPIM 49th IETF San Diego Policy WG QoS Policy Information Model draft-ietf-policy-qos-info-model-02 Yoram Snir Yoram Ramberg John Strassner Ron Cohen.

AToM 3 : A Tool for Multi- Formalism and Meta-Modelling Juan de Lara (1,2) Hans Vangheluwe (2) (1) ETS Informática Universidad Autónoma de Madrid Madrid,

Windows 7 Firewall.

In-Band Access Control Framework Group Name: WG4 SEC Source: Qualcomm Meeting Date: Agenda Item:

A Document Format for Expressing Privacy Preferences H. Schulzrinne, J. Morris, H. Tschofenig, J. Cuellar, J. Polk, J. Rosenberg.

1. 3 x = x 3 2. K + 0 = K (3 + r) = (12 + 3) + r 4. 7 (3 + n) = n Name the Property Commutative of Multiplication Identity of Addition.

CS3773 Software Engineering Lecture 04 UML Class Diagram.

1 © Prentice Hall, 2002 Chapter 14: Object-Oriented Data Modeling Modern Database Management 6 th Edition Jeffrey A. Hoffer, Mary B. Prescott, Fred R.

Chapter 3 Object Oriented Systems and Open GIS. Objectives of the Chapter Establish place of O-O in OpenGIS cover basics of O-O emphasise design issues.

Actors and Use Case Diagrams Month Day, Year. Agenda Training Plan Overview Review Detailing Requirements with Requisite Pro Concepts Setting Up XDE Integration.

Analysis and Design. PROCESS OVERVIEW A software development process provides a basis for the organized production.

SNMP for the PAA-EP protocol PANA wg - IETF 60 San Diego -> Yacine El Mghazli (Alcatel)

The world of autonomous reconfigurable systems Intelligent Interactive Distributed Systems Group Vrije Universiteit Amsterdam /

Chapter 3 Part II Describing Syntax and Semantics.

IETF67 DIME WG Towards the specification of a Diameter Resource Control Application Dong Sun IETF 67, San Diego, Nov 2006 draft-sun-dime-diameter-resource-control-requirements-00.txt.

Social Roles and Relationships.

Class diagrams Terézia Mézešová.

Inferring Declarative Requirements Specification from Operational Scenarios IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, VOL. 24, NO. 12, DECEMBER, 1998.

1 5/18/2007ã 2007, Spencer Rugaber Acme Architectural interchange language – CMU and ISI Extensible Tool support –AcmeStudio.

Fundamentals, Design, and Implementation, 9/e Appendix B The Semantic Object Model.

Types of Inheritance in C++. In C++ we have 5 different types of inheritance: – Single Inheritance – Multiple Inheritance – Hierarchical Inheritance –

Object Modeling THETOPPERSWAY.COM. Object Modelling Technique(OMT)  Building a model of an application domain and then adding implementation.

Slide 1 2/22/2016 Policy-Based Management With SNMP SNMPCONF Working Group - Interim Meeting May 2000 Jon Saperia.

Policy Framework WG Agenda 49 th IETF, San Diego Co-chairs: Joel Halpern, Ed Ellesson,

47th IETF 3/29/00 Information Model for describing network policy and services John Strassner - Cisco Walter Weiss - Lucent Andrea Westerinen - SNIA David.

Java Inheritance in Java. Inheritance Inheritance is a mechanism in which one object acquires all the properties and behaviors of parent object. The idea.

W3C Workshop on Languages for Privacy Policy Negotiation and Semantics- Driven Enforcement Report Hannes Tschofenig IETF 67, San Diego, November 2006.

 CHAPTER 8 Mixed-Methods Research By Laura Fox Fall 2015 EDCI 695.

Policy Modeling in a PBM Architecture 6WIND / Euronetlab

ForCES Forwarding Element Functional Model Lily Yang Intel Corp. Nov 18, rd IETF meeting.

June 21, Reasoning about explicit strictness in a lazy language using mixed lazy/strict semantics Marko van Eekelen Maarten de Mol Nijmegen University,

1 Minneapolis‘ IETF IPFIX Aggregation draft-dressler-ipfix-aggregation-00.txt.

1 Pertemuan 24 Access Control List Fundamentals. Discussion Topics Introduction ACLs How ACLs work Creating ACLs The function of a wildcard mask Verifying.

Interface to The Internet Routing System (IRS) Framework documents Joel Halpern IETF 84 – Routing Area Open Meeting 1.

12/11/00Policy Framework WG - 49th IETF1 QDDIM-02 Issues Policy Framework WG 49th IETF Bob Moore -

Design Rules for NBD – Network Based Defence

Object-Oriented Modeling

SysML v2 Formalism: Requirements & Benefits

Presence Composition draft-schulzrinne-simple-composition-00

Division with negative numbers:

Decision Making in Code Logical Tests & Truth Logical Expressions

draft-levin-xcon-cccp-02.txt Orit Levin

Lec 3: Object-Oriented Data Modeling

Bluespec-7: Semantics of Bluespec

PAA-2-EP protocol PANA wg - IETF 58 Minneapolis

Presentation transcript:

12/11/200049th IETF - San Diego1 IPSP Configuration Model Framework Feedback Lee Rafalow IPSP WG & Policy WG IPSP Configuration Information Model (ICIM) Feedback discussions

12/11/200049th IETF - San Diego2 DMTF Device-Model Overview

12/11/200049th IETF - San Diego3 Derived from Policy Framework

12/11/200049th IETF - San Diego4 Filter-based Conditions

12/11/200049th IETF - San Diego5 Actions, Proposals & Transforms

12/11/200049th IETF - San Diego6 IPSP Configuration Info Model Feedback Discussion Many of the differences in the models can be traced back to: –PCIM is a general framework –QPIM is a domain-level policy model –QDDIM is a device-level model of operational behavior –ICIM is a device-level policy model A few are just different approaches

12/11/200049th IETF - San Diego7 Condition Differences Filters & “Atoms” (QPIM) –IPSP provides for discipline-specific condition evaluation information using associations to a FilterList and CredentialManagementService –QPIM defines subclasses of Condition that provide a general grammar Implicit Condition Semantics –IPsec protocol provides identity information at different times in the protocol sequence –Condition evaluation is predicated on presence of the information, i.e., semantic of identity and credential filter is compound “if present and ” if and may evaluate to TRUE in early stage of Phase 1 and evaluate to FALSE once identity information is available

12/11/200049th IETF - San Diego8 IPsecPolicyGroupInPolicyGroup.GroupPriority (QPIM) –IPSP models GroupPriority in the aggregation –QPIM models gpPriority as a property of gpsPolicyGroup (in the same way as RulePriority) Rules in exactly one group (PCIM) Unique Rule & Group Priority values (PCIM) –Deterministic rule evaluation order Decision Strategy (QPIM) –IPSP decision strategy is Match First, implicit –QPIM has explicit decision strategies defined in qpPolicyDomain.gpPolicyRuleMatchMethod and gpsPolicyGroup.gpNamedPolicyRuleMatchMethod Group-related Differences

12/11/200049th IETF - San Diego9 PolicyGroup, Roles & Interface Bindings (PCIM) –IPsec model defines explicit association between IPsecPolicyGroup and interfaces (IPProtocolEndpoint) to which it applies –PCIM defines PolicyRole on a rule basis, association by named relationship IKERule.IdentityContexts & Roles (PCIM) –IdentityContexts uses roles and role combinations syntax –Provides named relationship between IKERule and appropriate local identity to use, used with other properties IKEAction.UseIkeIdentityType IPProtocolEndpoint Policy Roles

12/11/200049th IETF - San Diego10 Inheritance Discussion Device-level model structures –QDDIM is a model of operational behavior, derives from operational classes –IPSP ICIM is a policy model, derives from Policy classes PolicyActions vs. Settings –Some disagreement about class derivations Multiple inheritance in a single inheritance environment –Bypass and Discard

12/11/200049th IETF - San Diego11 PolicyRule.SequencedActions (PCIM) –“Mandatory” but with a “use first appropriate” semantic, extend enumeration values? PolicyElementInRepository (QPIM) –IPSP defines …InRepository associations for SAProposal & SATransform, weak associations –QPIM defines one general association Other Discussion Topics