Tech-invite3GPPspaceIETFspace
959493929190898887868584838281807978777675747372717069686766656463626160595857565554535251504948474645444342414039383736353433323130292827262524232221201918171615141312111009080706050403020100
in Index   Prev   Next

RFC 3060

Policy Core Information Model -- Version 1 Specification

Pages: 100
Proposed Standard
Updated by:  3460
Part 1 of 5 – Pages 1 to 10
None   None   Next

Top   ToC   RFC3060 - Page 1
Network Working Group                                           B. Moore
Request for Comments: 3060                                           IBM
Category: Standards Track                                    E. Ellesson
                                                         LongBoard, Inc.
                                                            J. Strassner
                                                           A. Westerinen
                                                           Cisco Systems
                                                           February 2001


        Policy Core Information Model -- Version 1 Specification

Status of this Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2001).  All Rights Reserved.

Abstract

This document presents the object-oriented information model for representing policy information developed jointly in the IETF Policy Framework WG and as extensions to the Common Information Model (CIM) activity in the Distributed Management Task Force (DMTF). This model defines two hierarchies of object classes: structural classes representing policy information and control of policies, and association classes that indicate how instances of the structural classes are related to each other. Subsequent documents will define mappings of this information model to various concrete implementations, for example, to a directory that uses LDAPv3 as its access protocol.

Table of Contents

1. Introduction.................................................... 4 2. Modeling Policies............................................... 5 2.1. Policy Scope............................................... 8 2.2. Declarative versus Procedural Model........................ 8 3. Overview of the Policy Core Information Model.................. 10 4. Inheritance Hierarchies for the Policy Core Information Model.. 13 4.1. Implications of CIM Inheritance........................... 15 5. Details of the Model........................................... 15
Top   ToC   RFC3060 - Page 2
      5.1. Reusable versus Rule-Specific Conditions and Actions...... 15
      5.2. Roles..................................................... 17
      5.2.1. Roles and Role Combinations............................. 17
      5.2.2. The PolicyRoles Property................................ 21
      5.3. Local Time and UTC Time in PolicyTimePeriodConditions..... 21
      5.4. CIM Data Types............................................ 23
      5.5. Comparison between CIM and LDAP Class Specifications...... 24
   6. Class Definitions.............................................. 25
      6.1. The Abstract Class "Policy"............................... 25
      6.1.1. The Property "CommonName (CN)".......................... 26
      6.1.2. The Multi-valued Property "PolicyKeywords".............. 26
      6.1.3. The Property "Caption" (Inherited from ManagedElement).. 27
      6.1.4. The Property "Description" (Inherited from
             ManagedElement)......................................... 27
      6.2. The Class "PolicyGroup"................................... 27
      6.3. The Class "PolicyRule".................................... 29
      6.3.1. The Property "Enabled".................................. 31
      6.3.2. The Property "ConditionListType"........................ 31
      6.3.3. The Property "RuleUsage"................................ 31
      6.3.4. The Property "Priority"................................. 32
      6.3.5. The Property "Mandatory"................................ 32
      6.3.6. The Property "SequencedActions"......................... 33
      6.3.7. The Multi-valued Property "PolicyRoles"................. 33
      6.4. The Abstract Class "PolicyCondition"...................... 34
      6.5. The Class "PolicyTimePeriodCondition"..................... 36
      6.5.1. The Property "TimePeriod"............................... 38
      6.5.2. The Property "MonthOfYearMask".......................... 39
      6.5.3. The Property "DayOfMonthMask"........................... 39
      6.5.4. The Property "DayOfWeekMask"............................ 40
      6.5.5. The Property "TimeOfDayMask"............................ 41
      6.5.6. The Property "LocalOrUtcTime"........................... 42
      6.6. The Class "VendorPolicyCondition"......................... 42
      6.6.1. The Multi-valued Property "Constraint".................. 43
      6.6.2. The Property "ConstraintEncoding"....................... 43
      6.7. The Abstract Class "PolicyAction"......................... 44
      6.8. The Class "VendorPolicyAction"............................ 45
      6.8.1. The Multi-valued Property "ActionData".................. 45
      6.8.2. The Property "ActionEncoding"........................... 46
      6.9. The Class "PolicyRepository".............................. 46
   7. Association and Aggregation Definitions........................ 46
      7.1. Associations.............................................. 47
      7.2. Aggregations.............................................. 47
      7.3. The Abstract Aggregation "PolicyComponent................. 47
      7.4. The Aggregation "PolicyGroupInPolicyGroup"................ 47
      7.4.1. The Reference "GroupComponent".......................... 48
      7.4.2. The Reference "PartComponent"........................... 48
      7.5. The Aggregation "PolicyRuleInPolicyGroup"................. 48
      7.5.1. The Reference "GroupComponent".......................... 49
Top   ToC   RFC3060 - Page 3
      7.5.2. The Reference "PartComponent"........................... 49
      7.6. The Aggregation "PolicyConditionInPolicyRule"............. 49
      7.6.1. The Reference "GroupComponent".......................... 50
      7.6.2. The Reference "PartComponent"........................... 50
      7.6.3. The Property "GroupNumber".............................. 50
      7.6.4. The Property "ConditionNegated"......................... 51
      7.7. The Aggregation "PolicyRuleValidityPeriod"................ 51
      7.7.1. The Reference "GroupComponent".......................... 52
      7.7.2. The Reference "PartComponent"........................... 52
      7.8. The Aggregation "PolicyActionInPolicyRule"................ 52
      7.8.1. The Reference "GroupComponent".......................... 53
      7.8.2. The Reference "PartComponent"........................... 53
      7.8.3. The Property "ActionOrder".............................. 53
      7.9. The Abstract Association "PolicyInSystem"................. 54
      7.10. The Weak Association "PolicyGroupInSystem"............... 55
      7.10.1. The Reference "Antecedent"............................. 55
      7.10.2. The Reference "Dependent".............................. 55
      7.11. The Weak Association "PolicyRuleInSystem"................ 56
      7.11.1. The Reference "Antecedent"............................. 56
      7.11.2. The Reference "Dependent".............................. 56
      7.12. The Association "PolicyConditionInPolicyRepository"...... 56
      7.12.1. The Reference "Antecedent"............................. 57
      7.12.2. The Reference "Dependent".............................. 57
      7.13. The Association "PolicyActionInPolicyRepository"......... 57
      7.13.1. The Reference "Antecedent"............................. 58
      7.13.2. The Reference "Dependent".............................. 58
      7.14. The Aggregation "PolicyRepositoryInPolicyRepository"..... 58
      7.14.1. The Reference "GroupComponent"......................... 58
      7.14.2. The Reference "PartComponent".......................... 59
   8. Intellectual Property.......................................... 59
   9. Acknowledgements............................................... 59
   10. Security Considerations....................................... 60
   11. References.................................................... 62
   12. Authors' Addresses............................................ 64
   13. Appendix A:  Class Identification in a Native CIM
       Implementation................................................ 65
      13.1. Naming Instances of PolicyGroup and PolicyRule........... 65
      13.1.1. PolicyGroup's CIM Keys................................. 65
      13.1.2. PolicyRule's CIM Keys.................................. 66
      13.2. Naming Instances of PolicyCondition and Its Subclasses... 67
      13.2.1. PolicyCondition's CIM Keys............................. 69
      13.3. Naming Instances of PolicyAction and Its Subclasses...... 71
      13.4. Naming Instances of PolicyRepository..................... 72
      13.5. Role of the CreationClassName Property in Naming......... 73
      13.6. Object References........................................ 73
   14. Appendix B:  The Core Policy MOF.............................. 75
   15. Full Copyright Statement..................................... 100
Top   ToC   RFC3060 - Page 4

1. Introduction

This document presents the object-oriented information model for representing policy information currently under joint development in the IETF Policy Framework WG and as extensions to the Common Information Model (CIM) activity in the Distributed Management Task Force (DMTF). This model defines two hierarchies of object classes: structural classes representing policy information and control of policies, and association classes that indicate how instances of the structural classes are related to each other. Subsequent documents will define mappings of this information model to various concrete implementations, for example, to a directory that uses LDAPv3 as its access protocol. The components of the CIM schema are available via the following URL: http://www.dmtf.org/spec/cims.html [1]. The policy classes and associations defined in this model are sufficiently generic to allow them to represent policies related to anything. However, it is expected that their initial application in the IETF will be for representing policies related to QoS (DiffServ and IntServ) and to IPSec. Policy models for application-specific areas such as these may extend the Core Model in several ways. The preferred way is to use the PolicyGroup, PolicyRule, and PolicyTimePeriodCondition classes directly, as a foundation for representing and communicating policy information. Then, specific subclasses derived from PolicyCondition and PolicyAction can capture application-specific definitions of conditions and actions of policies. Two subclasses, VendorPolicyCondition and VendorPolicyAction, are also included in this document, to provide a standard extension mechanism for vendor-specific extensions to the Policy Core Information Model. This document fits into the overall framework for representing, deploying, and managing policies being developed by the Policy Framework Working Group. It traces its origins to work that was originally done for the Directory-enabled Networks (DEN) specification, reference [5]. Work on the DEN specification by the DEN Ad-Hoc Working Group itself has been completed. Further work to standardize the models contained in it will be the responsibility of selected working groups of the CIM effort in the Distributed Management Task Force (DMTF). DMTF standardization of the core policy model is the responsibility of the SLA Policy working group in the DMTF.
Top   ToC   RFC3060 - Page 5
   This document is organized in the following manner:

   o  Section 2 provides a general overview of policies and how they are
      modeled.

   o  Section 3 presents a high-level overview of the classes and
      associations comprising the Policy Core Information Model.

   o  The remainder of the document presents the detailed specifications
      for each of the classes and associations.

   o  Appendix A overviews naming for native CIM implementations.  Other
      mappings, such as LDAPv3, will have their own naming mechanisms.

   o  Appendix B reproduces the DMTF's Core Policy MOF specification.

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119, reference
   [3].

2. Modeling Policies

The classes comprising the Policy Core Information Model are intended to serve as an extensible class hierarchy (through specialization) for defining policy objects that enable application developers, network administrators, and policy administrators to represent policies of different types. One way to think of a policy-controlled network is to first model the network as a state machine and then use policy to control which state a policy-controlled device should be in or is allowed to be in at any given time. Given this approach, policy is applied using a set of policy rules. Each policy rule consists of a set of conditions and a set of actions. Policy rules may be aggregated into policy groups. These groups may be nested, to represent a hierarchy of policies. The set of conditions associated with a policy rule specifies when the policy rule is applicable. The set of conditions can be expressed as either an ORed set of ANDed sets of condition statements or an ANDed set of ORed sets of statements. Individual condition statements can also be negated. These combinations are termed, respectively, Disjunctive Normal Form (DNF) and Conjunctive Normal Form (CNF) for the conditions. If the set of conditions associated with a policy rule evaluates to TRUE, then a set of actions that either maintain the current state of the object or transition the object to a new state may be executed.
Top   ToC   RFC3060 - Page 6
   For the set of actions associated with a policy rule, it is possible
   to specify an order of execution, as well as an indication of whether
   the order is required or merely recommended.  It is also possible to
   indicate that the order in which the actions are executed does not
   matter.

   Policy rules themselves can be prioritized.  One common reason for
   doing this is to express an overall policy that has a general case
   with a few specific exceptions.

   For example, a general QoS policy rule might specify that traffic
   originating from members of the engineering group is to get Bronze
   Service.  A second policy rule might express an exception: traffic
   originating from John, a specific member of the engineering group, is
   to get Gold Service.  Since traffic originating from John satisfies
   the conditions of both policy rules, and since the actions associated
   with the two rules are incompatible, a priority needs to be
   established.  By giving the second rule (the exception) a higher
   priority than the first rule (the general case), a policy
   administrator can get the desired effect: traffic originating from
   John gets Gold Service, and traffic originating from all the other
   members of the engineering group gets Bronze Service.

   Policies can either be used in a stand-alone fashion or aggregated
   into policy groups to perform more elaborate functions.  Stand-alone
   policies are called policy rules.  Policy groups are aggregations of
   policy rules, or aggregations of policy groups, but not both.  Policy
   groups can model intricate interactions between objects that have
   complex interdependencies.  Examples of this include a sophisticated
   user logon policy that sets up application access, security, and
   reconfigures network connections based on a combination of user
   identity, network location, logon method and time of day.  A policy
   group represents a unit of reusability and manageability in that its
   management is handled by an identifiable group of administrators and
   its policy rules would be consistently applied

   Stand-alone policies are those that can be expressed in a simple
   statement.  They can be represented effectively in schemata or MIBs.
   Examples of this are VLAN assignments, simple YES/NO QoS requests,
   and IP address allocations.  A specific design goal of this model is
   to support both stand-alone and aggregated policies.

   Policy groups and rules can be classified by their purpose and
   intent.  This classification is useful in querying or grouping policy
   rules.  It indicates whether the policy is used to motivate when or
   how an action occurs, or to characterize services (that can then be
   used, for example, to bind clients to network services).  Describing
   each of these concepts in more detail,
Top   ToC   RFC3060 - Page 7
   o  Motivational Policies are solely targeted at whether or how a
      policy's goal is accomplished.  Configuration and Usage Policies
      are specific kinds of Motivational Policies.  Another example is
      the scheduling of file backup based on disk write activity from
      8am to 3pm, M-F.

   o  Configuration Policies define the default (or generic) setup of a
      managed entity (for example, a network service).  Examples of
      Configuration Policies are the setup of a network forwarding
      service or a network-hosted print queue.

   o  Installation Policies define what can and cannot be put on a
      system or component, as well as the configuration of the
      mechanisms that perform the install.  Installation policies
      typically represent specific administrative permissions, and can
      also represent dependencies between different components (e.g., to
      complete the installation of component A, components B and C must
      be previously successfully installed or uninstalled).

   o  Error and Event Policies.  For example, if a device fails between
      8am and 9pm, call the system administrator, otherwise call the
      Help Desk.

   o  Usage Policies control the selection and configuration of entities
      based on specific "usage" data.  Configuration Policies can be
      modified or simply re-applied by Usage Policies.  Examples of
      Usage Policies include upgrading network forwarding services after
      a user is verified to be a member of a "gold" service group, or
      reconfiguring a printer to be able to handle the next job in its
      queue.

   o  Security Policies deal with verifying that the client is actually
      who the client purports to be, permitting or denying access to
      resources, selecting and applying appropriate authentication
      mechanisms, and performing accounting and auditing of resources.

   o  Service Policies characterize network and other services (not use
      them).  For example, all wide-area backbone interfaces shall use a
      specific type of queuing.

      Service policies describe services available in the network.
      Usage policies describe the particular binding of a client of the
      network to services available in the network.

   These categories are represented in the Policy Core Information Model
   by special values defined for the PolicyKeywords property of the
   abstract class Policy.
Top   ToC   RFC3060 - Page 8

2.1. Policy Scope

Policies represent business goals and objectives. A translation must be made between these goals and objectives and their realization in the network. An example of this could be a Service Level Agreement (SLA), and its objectives and metrics (Service Level Objectives, or SLOs), that are used to specify services that the network will provide for a given client. The SLA will usually be written in high-level business terminology. SLOs address more specific metrics in support of the SLA. These high-level descriptions of network services and metrics must be translated into lower-level, but also vendor-and device-independent specifications. The Policy Core Information Model classes are intended to serve as the foundation for these lower-level, vendor- and device-independent specifications. It is envisioned that the definition of the Policy Core Informational Model in this document is generic in nature and is applicable to Quality of Service (QoS), to non-QoS networking applications (e.g., DHCP and IPSec), and to non-networking applications (e.g., backup policies, auditing access, etc.).

2.2. Declarative versus Procedural Model

The design of the Policy Core Information Model is influenced by a declarative, not procedural, approach. More formally, a declarative language is used to describe relational and functional languages. Declarative languages describe relationships between variables in terms of functions or inference rules, to which the interpreter or compiler can apply a fixed algorithm in order to produce a result. An imperative (or procedural) language specifies an explicit sequence of steps to follow in order to produce a result. It is important to note that this information model does not rule out the use of procedural languages. Rather, it recognizes that both declarative as well as procedural languages can be used to implement policy. This information model is better viewed as being declarative because the sequence of steps for doing the processing of declarative statements tends to be left to the implementer. However, we have provided the option of expressing the desired order of action execution in this policy information model, and for expressing whether the order is mandatory or not. In addition, rather than trying to define algorithms or sets of instructions or steps that must be followed by a policy rule, we instead define a set of modular building blocks and relationships that can be used in a declarative or procedural fashion to define policies.
Top   ToC   RFC3060 - Page 9
   Compare this to a strictly procedural model.  Taking such an approach
   would require that we specify the condition testing sequence, and the
   action execution sequence, in the policy repository itself.  This
   would, indeed, constrain the implementer.  This is why the policy
   model is characterized as a declarative one.  That is, the
   information model defines a set of attributes, and a set of entities
   that contain these attributes.  However, it does NOT define either
   the algorithm to produce a result using the attributes or an explicit
   sequence of steps to produce a result.

   There are several design considerations and trade-offs to make in
   this respect.

   1. On the one hand, we would like a policy definition language to be
      reasonably human-friendly for ease of definitions and diagnostics.
      On the other hand, given the diversity of devices (in terms of
      their processing capabilities) which could act as policy decision
      points, we would like to keep the language somewhat machine-
      friendly.  That is, it should be relatively simple to automate the
      parsing and processing of the language in network elements.  The
      approach taken is to provide a set of classes and attributes that
      can be combined in either a declarative or procedural approach to
      express policies that manage network elements and services.  The
      key point is to avoid trying to standardize rules or sets of steps
      to be followed in defining a policy.  These must be left up to an
      implementation.  Interoperability is achieved by standardizing the
      building blocks that are used to represent policy data and
      information.

   2. An important decision to make is the semantic style of the
      representation of the information.

      The declarative approach that we are describing falls short of
      being a "true" declarative model.  Such a model would also specify
      the algorithms used to combine the information and policy rules to
      achieve particular behavior.  We avoid specifying algorithms for
      the same reason that we avoid specifying sets of steps to be
      followed in a policy rule.  However, the design of the information
      model more closely follows that of a declarative language, and may
      be easier to understand if such a conceptual model is used.  This
      leads to our third point, acknowledging a lack of "completeness"
      and instead relying on presenting information that the policy
      processing entity will work with.

   3. It is important to control the complexity of the specification,
      trading off richness of expression of data in the core information
      model for ease of implementation and use.  It is important to
      acknowledge the collective lack of experience in the field
Top   ToC   RFC3060 - Page 10
      regarding policies to control and manage network services and
      hence avoid the temptation of aiming for "completeness".  We
      should instead strive to facilitate definition of a set of common
      policies that customers require today (e.g., VPN and QoS) and
      allow migration paths towards supporting complex policies as
      customer needs and our understanding of these policies evolve with
      experience.  Specifically, in the context of the declarative style
      language discussed above, it is important to avoid having full
      blown predicate calculus as the language, as it would render many
      important problems such as consistency checking and policy
      decision point algorithms intractable.  It is useful to consider a
      reasonably constrained language from these perspectives.

   The Policy Core Information Model strikes a balance between
   complexity and lack of power by using the well understood logical
   concepts of Disjunctive Normal Form and Conjunctive Normal Form for
   combining simple policy conditions into more complex ones.



(page 10 continued on part 2)

Next Section