tech-invite   World Map     

IETF     RFCs     Groups     SIP     ABNFs    |    3GPP     Specs     Glossaries     Architecture     IMS     UICC    |    search

RFC 4104

Proposed STD
Pages: 88
Top     in Index     Prev     Next
in Group Index     Prev in Group     Next in Group     Group: ~ldap

Policy Core Extension Lightweight Directory Access Protocol Schema (PCELS)

Part 1 of 4, p. 1 to 8
None       Next RFC Part

Updates:    3703


Top       ToC       Page 1 
Network Working Group                                       M. Pana, Ed.
Request for Comments: 4104                                      MetaSolv
Updates: 3703                                                   A. Reyes
Category: Standards Track                     Computer Architecture, UPC
                                                                A. Barba
                                                                D. Moron
                                       Technical University of Catalonia
                                                              M. Brunner
                                                                     NEC
                                                               June 2005


                         Policy Core Extension
          Lightweight Directory Access Protocol Schema (PCELS)

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2005).

Abstract

   This document defines a number of changes and extensions to the
   Policy Core Lightweight Directory Access Protocol (LDAP) Schema (RFC
   3703) based on the model extensions defined by the Policy Core
   Information Model (PCIM) Extensions (RFC 3460).  These changes and
   extensions consist of new LDAP object classes and attribute types.
   Some of the schema items defined in this document re-implement
   existing concepts in accordance with their new semantics introduced
   by RFC 3460.  The other schema items implement new concepts, not
   covered by RFC 3703.  This document updates RFC 3703.

Table of Contents

   1. Introduction ....................................................3
      1.1. Specification of Requirements ..............................3
   2. Relationship to Other Policy Framework Documents ................3
   3. Inheritance Hierarchy for PCELS .................................4

Top      ToC       Page 2 
   4. General Discussion of Mapping the Policy Core
      Information Model ...............................................8
      4.1. Summary of Class Mappings ..................................8
      4.2. Summary of Association Mappings ...........................11
      4.3. Summary of Changes since PCLS .............................13
      4.4. Relationship to PCLS Classes ..............................15
      4.5. Impact on Existing Implementations of the Policy
           Core LDAP Schema ..........................................16
      4.6. The Association of PolicyVariable and PolicyValues ........16
      4.7. The Aggregation of PolicyRules and PolicyGroups in
           PolicySets ................................................17
      4.8. The Aggregation of Actions/Conditions in PolicyRules and
           CompoundActions/CompoundConditions ........................20
   5. Class Definitions ..............................................25
      5.1. The Abstract Class pcelsPolicySet .........................26
      5.2. The Structural Class pcelsPolicySetAssociation ............29
      5.3. The Three Policy Group Classes ............................30
      5.4. The Three Policy Rule Classes .............................31
      5.5. The Structural Class pcelsConditionAssociation ............36
      5.6. The Structural Class pcelsActionAssociation ...............37
      5.7. The Auxiliary Class pcelsSimpleConditionAuxClass ..........38
      5.8. The Auxiliary Class pcelsCompoundConditionAuxClass ........39
      5.9. The Auxiliary Class pcelsCompoundFilterConditionAuxClass ..40
      5.10. The Auxiliary Class pcelsSimpleActionAuxClass ............41
      5.11. The Auxiliary Class pcelsCompoundActionAuxClass ..........42
      5.12. The Abstract Class pcelsVariable .........................43
      5.13. The Auxiliary Class pcelsExplicitVariableAuxClass ........44
      5.14. The Auxiliary Class pcelsImplicitVariableAuxClass ........46
      5.15. The Subclasses of pcelsImplicitVariableAuxClass ..........47
      5.16. The Auxiliary Class pcelsValueAuxClass. ..................54
      5.17. The Subclasses of pcelsValueAuxClass. ....................55
      5.18. The Three Reusable Policy Container Classes ..............60
      5.19. The Structural Class pcelsRoleCollection. ................62
      5.20. The Abstract Class pcelsFilterEntryBase ..................64
      5.21. The Structural Class pcelsIPHeadersFilter ................65
      5.22. The Structural Class pcels8021Filter .....................73
      5.23. The Auxiliary Class pcelsFilterListAuxClass ..............77
      5.24. The Auxiliary Class pcelsVendorVariableAuxClass ..........79
      5.25. The Auxiliary Class pcelsVendorValueAuxClass .............80
   6. Security Considerations ........................................81
   7. IANA Considerations ............................................82
      7.1. Object Identifiers ........................................82
      7.2. Object Identifier Descriptors .............................82
   8. Acknowledgements ...............................................85
   9. Normative References ...........................................85
   10. Informative References ........................................86

Top      ToC       Page 3 
1.  Introduction

   This document defines a number of changes and extensions to the
   Policy Core Lightweight Directory Access Protocol (LDAP) Schema
   [PCLS] based on the model extensions defined by the Policy Core
   Information Model (PCIM) Extensions [PCIM_EXT].  These changes and
   extensions consist of new LDAP object classes and attribute types
   [LDAP].  Some of the schema items defined in this document re-
   implement existing concepts in accordance with their new semantics
   introduced by [PCIM_EXT].  The other schema items implement new
   concepts, not covered by [PCLS].  This document updates RFC 3703
   [PCLS].

   In addition to the concepts defined by [PCIM_EXT], this document
   introduces two new classes: pcelsVendorVariableAuxClass and
   pcelsVendorValueAuxClass.  These classes provide a standard extension
   mechanism for vendor-specific policy variables and policy values that
   have not been specifically modeled.

   Within the context of this document, the term "PCELS" (Policy Core
   Extension LDAP Schema) is used to refer to the LDAP object class,
   attribute type definitions and the associated recommendations
   contained in this document.

1.1.  Specification of Requirements

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [KEYWORDS].

2.  Relationship to Other Policy Framework Documents

   This document contains an LDAP schema mapping for the classes defined
   in the "Policy Core Information Model (PCIM) Extensions" [PCIM_EXT].
   The LDAP schema defined in this document is an extension to the
   "Policy Core Lightweight Directory Access Protocol (LDAP) Schema"
   [PCLS], which defines the mapping of the "Policy Core Information
   Model -- Version 1 Specification" [PCIM] to an LDAP schema.

   These three documents ([PCIM], [PCIM_EXT] and [PCLS]) are
   prerequisites for reading and understanding this document.

   Other documents may subsequently be produced with mappings of the
   same model to other storage or transport technologies.

Top      ToC       Page 4 
3.  Inheritance Hierarchy for PCELS

   The object class and attribute type names defined in this document
   are prefixed 'pcels'.

   The diagram below illustrates the combined class hierarchy for the
   LDAP object classes defined in the following documents:

   - The class names prefixed 'pcels' are defined in this document.
   - The class names prefixed 'pcim' are defined in [PCLS].
   - The class names prefixed 'dlm1' are defined in [CIM_LDAP].
   - The class named 'top' is defined in [LDAP_SCHEMA].

   All the new object classes except for pcelsVendorVariableAuxClass and
   pcelsVendorValueAuxClass, are mapped from concepts defined or
   modified by [PCIM_EXT].  The pcelsVendorVariableAuxClass and
   pcelsVendorValueAuxClass classes are not mapped from [PCIM_EXT].
   They represent concepts introduced in this document.

      top
      |
      +---dlm1ManagedElement (abstract)
      |   |
      |   +---pcimPolicy (abstract)
      |   |   |
      |   |   +---pcelsPolicySet (abstract new)
      |   |   |   |
      |   |   |   +---pcelsGroup (abstract new)
      |   |   |   |   |
      |   |   |   |   +---pcelsGroupAuxClass (auxiliary new)
      |   |   |   |   |
      |   |   |   |   +---pcelsGroupInstance (structural new)
      |   |   |   |
      |   |   |   +---pcelsRule (abstract new)
      |   |   |       |
      |   |   |       +---pcelsRuleAuxClass (auxiliary new)
      |   |   |       |
      |   |   |       +---pcelsRuleInstance (structural new)
      |   |   |
      |   |   +---pcimGroup (abstract)
      |   |   |   |
      |   |   |   +---pcimGroupAuxClass (auxiliary)
      |   |   |   |
      |   |   |   +---pcimGroupInstance (structural)
      |   |   |
      |   |   +---pcimRule (abstract)
      |   |   |   |
      |   |   |   +---pcimRuleAuxClass (auxiliary)

Top      ToC       Page 5 
      |   |   |   |
      |   |   |   +---pcimRuleInstance (structural)
      |   |   |
      |   |   +---pcimRuleConditionAssociation (structural)
      |   |   |   |
      |   |   |   +---pcelsConditionAssociation (structural new)
      |   |   |
      |   |   +---pcimRuleValidityAssociation (structural)
      |   |   |
      |   |   +---pcimRuleActionAssociation (structural)
      |   |   |   |
      |   |   |   +---pcelsActionAssociation (structural new)
      |   |   |
      |   |   +---pcelsPolicySetAssociation (structural new)
      |   |   |
      |   |   +---pcimPolicyInstance (structural)
      |   |   |
      |   |   +---pcimElementAuxClass (auxiliary)
      |   |   |
      |   |   +---pcelsRoleCollection (structural new)
      |   |   |
      |   |   +---pcelsFilterEntryBase (abstract new)
      |   |       |
      |   |       +---pcelsIPHeadersFilter (structural new)
      |   |       |
      |   |       +---pcels8021Filter (structural new)
      |   |
      |   +---dlm1ManagedSystemElement (abstract)
      |       |
      |       +---dlm1LogicalElement (abstract)
      |           |
      |           +---dlm1System (abstract)
      |               |
      |               +---dlm1AdminDomain (abstract)
      |                   |
      |                   +---pcimRepository (abstract)
      |                       |
      |                       +---pcimRepositoryAuxClass (auxiliary)
      |                       |
      |                       +---pcimRepositoryInstance (structural)
      |                       |
      |                       +---pcelsReusableContainer (abstract new)
      |                           |
      |                           +---pcelsReusableContainerAuxClass
      |                           |   (auxiliary new)
      |                           |
      |                           +---pcelsReusableContainerInstance
      |                               (structural new)

Top      ToC       Page 6 
      |
      +---pcimConditionAuxClass (auxiliary)
      |   |
      |   +---pcimTPCAuxClass (auxiliary)
      |   |
      |   +---pcimConditionVendorAuxClass (auxiliary)
      |   |
      |   +---pcelsSimpleConditionAuxClass (auxiliary new)
      |   |
      |   +---pcelsCompoundConditionAuxClass (auxiliary new)
      |   |   |
      |   |   +---pcelsCompoundFilterConditionAuxClass (auxiliary new)
      |   |
      |   +---pcelsFilterListAuxClass (auxiliary new)
      |
      +---pcimActionAuxClass (auxiliary)
      |   |
      |   +---pcimActionVendorAuxClass (auxiliary)
      |   |
      |   +---pcelsSimpleActionAuxClass (auxiliary new)
      |   |
      |   +---pcelsCompoundActionAuxClass (auxiliary new)
      |
      +---pcelsVariable (abstract new)
      |   |
      |   +---pcelsVendorVariableAuxClass (auxiliary new)
      |   |
      |   +---pcelsExplicitVariableAuxClass (auxiliary new)
      |   |
      |   +---pcelsImplicitVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsSourceIPv4VariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsSourceIPv6VariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsDestinationIPv4VariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsDestinationIPv6VariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsSourcePortVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsDestinationPortVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsIPProtocolVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsIPVersionVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsIPToSVariableAuxClass (auxiliary new)

Top      ToC       Page 7 
      |       |
      |       +---pcelsDSCPVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsFlowIdVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsSourceMACVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsDestinationMACVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsVLANVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsCoSVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsEthertypeVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsSourceSAPVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsDestinationSAPVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsSNAPOUIVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsSNAPTypeVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsFlowDirectionVariableAuxClass (auxiliary new)
      |
      +---pcelsValueAuxClass (auxiliary new)
      |   |
      |   +---pcelsVendorValueAuxClass (auxiliary new)
      |   |
      |   +---pcelsIPv4AddrValueAuxClass (auxiliary new)
      |   |
      |   +---pcelsIPv6AddrValueAuxClass (auxiliary new)
      |   |
      |   +---pcelsMACAddrValueAuxClass (auxiliary new)
      |   |
      |   +---pcelsStringValueAuxClass (auxiliary new)
      |   |
      |   +---pcelsBitStringValueAuxClass (auxiliary new)
      |   |
      |   +---pcelsIntegerValueAuxClass (auxiliary new)
      |   |
      |   +---pcelsBooleanValueAuxClass (auxiliary new)

Top      ToC       Page 8 
      |
      +---pcimSubtreesPtrAuxClass (auxiliary)
      |
      +---pcimGroupContainmentAuxClass (auxiliary)
      |
      +---pcimRuleContainmentAuxClass (auxiliary)

            Figure 1.  LDAP Class Inheritance Hierarchy for PCELS



(page 8 continued on part 2)

Next RFC Part