Tech-invite3GPPspaceIETF RFCsSIP
9190898887868584838281807978777675747372717069686766656463626160595857565554535251504948474645444342414039383736353433323130292827262524232221201918171615141312111009080706050403020100
in Index   Prev   Next

RFC 4104

Policy Core Extension Lightweight Directory Access Protocol Schema (PCELS)

Pages: 88
Proposed Standard
Updates:  3703
Part 1 of 4 – Pages 1 to 8
None   None   Next

Top   ToC   RFC4104 - Page 1
Network Working Group                                       M. Pana, Ed.
Request for Comments: 4104                                      MetaSolv
Updates: 3703                                                   A. Reyes
Category: Standards Track                     Computer Architecture, UPC
                                                                A. Barba
                                                                D. Moron
                                       Technical University of Catalonia
                                                              M. Brunner
                                                                     NEC
                                                               June 2005


                         Policy Core Extension
          Lightweight Directory Access Protocol Schema (PCELS)

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2005).

Abstract

This document defines a number of changes and extensions to the Policy Core Lightweight Directory Access Protocol (LDAP) Schema (RFC 3703) based on the model extensions defined by the Policy Core Information Model (PCIM) Extensions (RFC 3460). These changes and extensions consist of new LDAP object classes and attribute types. Some of the schema items defined in this document re-implement existing concepts in accordance with their new semantics introduced by RFC 3460. The other schema items implement new concepts, not covered by RFC 3703. This document updates RFC 3703.

Table of Contents

1. Introduction ....................................................3 1.1. Specification of Requirements ..............................3 2. Relationship to Other Policy Framework Documents ................3 3. Inheritance Hierarchy for PCELS .................................4
Top   ToC   RFC4104 - Page 2
   4. General Discussion of Mapping the Policy Core
      Information Model ...............................................8
      4.1. Summary of Class Mappings ..................................8
      4.2. Summary of Association Mappings ...........................11
      4.3. Summary of Changes since PCLS .............................13
      4.4. Relationship to PCLS Classes ..............................15
      4.5. Impact on Existing Implementations of the Policy
           Core LDAP Schema ..........................................16
      4.6. The Association of PolicyVariable and PolicyValues ........16
      4.7. The Aggregation of PolicyRules and PolicyGroups in
           PolicySets ................................................17
      4.8. The Aggregation of Actions/Conditions in PolicyRules and
           CompoundActions/CompoundConditions ........................20
   5. Class Definitions ..............................................25
      5.1. The Abstract Class pcelsPolicySet .........................26
      5.2. The Structural Class pcelsPolicySetAssociation ............29
      5.3. The Three Policy Group Classes ............................30
      5.4. The Three Policy Rule Classes .............................31
      5.5. The Structural Class pcelsConditionAssociation ............36
      5.6. The Structural Class pcelsActionAssociation ...............37
      5.7. The Auxiliary Class pcelsSimpleConditionAuxClass ..........38
      5.8. The Auxiliary Class pcelsCompoundConditionAuxClass ........39
      5.9. The Auxiliary Class pcelsCompoundFilterConditionAuxClass ..40
      5.10. The Auxiliary Class pcelsSimpleActionAuxClass ............41
      5.11. The Auxiliary Class pcelsCompoundActionAuxClass ..........42
      5.12. The Abstract Class pcelsVariable .........................43
      5.13. The Auxiliary Class pcelsExplicitVariableAuxClass ........44
      5.14. The Auxiliary Class pcelsImplicitVariableAuxClass ........46
      5.15. The Subclasses of pcelsImplicitVariableAuxClass ..........47
      5.16. The Auxiliary Class pcelsValueAuxClass. ..................54
      5.17. The Subclasses of pcelsValueAuxClass. ....................55
      5.18. The Three Reusable Policy Container Classes ..............60
      5.19. The Structural Class pcelsRoleCollection. ................62
      5.20. The Abstract Class pcelsFilterEntryBase ..................64
      5.21. The Structural Class pcelsIPHeadersFilter ................65
      5.22. The Structural Class pcels8021Filter .....................73
      5.23. The Auxiliary Class pcelsFilterListAuxClass ..............77
      5.24. The Auxiliary Class pcelsVendorVariableAuxClass ..........79
      5.25. The Auxiliary Class pcelsVendorValueAuxClass .............80
   6. Security Considerations ........................................81
   7. IANA Considerations ............................................82
      7.1. Object Identifiers ........................................82
      7.2. Object Identifier Descriptors .............................82
   8. Acknowledgements ...............................................85
   9. Normative References ...........................................85
   10. Informative References ........................................86
Top   ToC   RFC4104 - Page 3

1. Introduction

This document defines a number of changes and extensions to the Policy Core Lightweight Directory Access Protocol (LDAP) Schema [PCLS] based on the model extensions defined by the Policy Core Information Model (PCIM) Extensions [PCIM_EXT]. These changes and extensions consist of new LDAP object classes and attribute types [LDAP]. Some of the schema items defined in this document re- implement existing concepts in accordance with their new semantics introduced by [PCIM_EXT]. The other schema items implement new concepts, not covered by [PCLS]. This document updates RFC 3703 [PCLS]. In addition to the concepts defined by [PCIM_EXT], this document introduces two new classes: pcelsVendorVariableAuxClass and pcelsVendorValueAuxClass. These classes provide a standard extension mechanism for vendor-specific policy variables and policy values that have not been specifically modeled. Within the context of this document, the term "PCELS" (Policy Core Extension LDAP Schema) is used to refer to the LDAP object class, attribute type definitions and the associated recommendations contained in this document.

1.1. Specification of Requirements

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [KEYWORDS].

2. Relationship to Other Policy Framework Documents

This document contains an LDAP schema mapping for the classes defined in the "Policy Core Information Model (PCIM) Extensions" [PCIM_EXT]. The LDAP schema defined in this document is an extension to the "Policy Core Lightweight Directory Access Protocol (LDAP) Schema" [PCLS], which defines the mapping of the "Policy Core Information Model -- Version 1 Specification" [PCIM] to an LDAP schema. These three documents ([PCIM], [PCIM_EXT] and [PCLS]) are prerequisites for reading and understanding this document. Other documents may subsequently be produced with mappings of the same model to other storage or transport technologies.
Top   ToC   RFC4104 - Page 4

3. Inheritance Hierarchy for PCELS

The object class and attribute type names defined in this document are prefixed 'pcels'. The diagram below illustrates the combined class hierarchy for the LDAP object classes defined in the following documents: - The class names prefixed 'pcels' are defined in this document. - The class names prefixed 'pcim' are defined in [PCLS]. - The class names prefixed 'dlm1' are defined in [CIM_LDAP]. - The class named 'top' is defined in [LDAP_SCHEMA]. All the new object classes except for pcelsVendorVariableAuxClass and pcelsVendorValueAuxClass, are mapped from concepts defined or modified by [PCIM_EXT]. The pcelsVendorVariableAuxClass and pcelsVendorValueAuxClass classes are not mapped from [PCIM_EXT]. They represent concepts introduced in this document. top | +---dlm1ManagedElement (abstract) | | | +---pcimPolicy (abstract) | | | | | +---pcelsPolicySet (abstract new) | | | | | | | +---pcelsGroup (abstract new) | | | | | | | | | +---pcelsGroupAuxClass (auxiliary new) | | | | | | | | | +---pcelsGroupInstance (structural new) | | | | | | | +---pcelsRule (abstract new) | | | | | | | +---pcelsRuleAuxClass (auxiliary new) | | | | | | | +---pcelsRuleInstance (structural new) | | | | | +---pcimGroup (abstract) | | | | | | | +---pcimGroupAuxClass (auxiliary) | | | | | | | +---pcimGroupInstance (structural) | | | | | +---pcimRule (abstract) | | | | | | | +---pcimRuleAuxClass (auxiliary)
Top   ToC   RFC4104 - Page 5
      |   |   |   |
      |   |   |   +---pcimRuleInstance (structural)
      |   |   |
      |   |   +---pcimRuleConditionAssociation (structural)
      |   |   |   |
      |   |   |   +---pcelsConditionAssociation (structural new)
      |   |   |
      |   |   +---pcimRuleValidityAssociation (structural)
      |   |   |
      |   |   +---pcimRuleActionAssociation (structural)
      |   |   |   |
      |   |   |   +---pcelsActionAssociation (structural new)
      |   |   |
      |   |   +---pcelsPolicySetAssociation (structural new)
      |   |   |
      |   |   +---pcimPolicyInstance (structural)
      |   |   |
      |   |   +---pcimElementAuxClass (auxiliary)
      |   |   |
      |   |   +---pcelsRoleCollection (structural new)
      |   |   |
      |   |   +---pcelsFilterEntryBase (abstract new)
      |   |       |
      |   |       +---pcelsIPHeadersFilter (structural new)
      |   |       |
      |   |       +---pcels8021Filter (structural new)
      |   |
      |   +---dlm1ManagedSystemElement (abstract)
      |       |
      |       +---dlm1LogicalElement (abstract)
      |           |
      |           +---dlm1System (abstract)
      |               |
      |               +---dlm1AdminDomain (abstract)
      |                   |
      |                   +---pcimRepository (abstract)
      |                       |
      |                       +---pcimRepositoryAuxClass (auxiliary)
      |                       |
      |                       +---pcimRepositoryInstance (structural)
      |                       |
      |                       +---pcelsReusableContainer (abstract new)
      |                           |
      |                           +---pcelsReusableContainerAuxClass
      |                           |   (auxiliary new)
      |                           |
      |                           +---pcelsReusableContainerInstance
      |                               (structural new)
Top   ToC   RFC4104 - Page 6
      |
      +---pcimConditionAuxClass (auxiliary)
      |   |
      |   +---pcimTPCAuxClass (auxiliary)
      |   |
      |   +---pcimConditionVendorAuxClass (auxiliary)
      |   |
      |   +---pcelsSimpleConditionAuxClass (auxiliary new)
      |   |
      |   +---pcelsCompoundConditionAuxClass (auxiliary new)
      |   |   |
      |   |   +---pcelsCompoundFilterConditionAuxClass (auxiliary new)
      |   |
      |   +---pcelsFilterListAuxClass (auxiliary new)
      |
      +---pcimActionAuxClass (auxiliary)
      |   |
      |   +---pcimActionVendorAuxClass (auxiliary)
      |   |
      |   +---pcelsSimpleActionAuxClass (auxiliary new)
      |   |
      |   +---pcelsCompoundActionAuxClass (auxiliary new)
      |
      +---pcelsVariable (abstract new)
      |   |
      |   +---pcelsVendorVariableAuxClass (auxiliary new)
      |   |
      |   +---pcelsExplicitVariableAuxClass (auxiliary new)
      |   |
      |   +---pcelsImplicitVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsSourceIPv4VariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsSourceIPv6VariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsDestinationIPv4VariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsDestinationIPv6VariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsSourcePortVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsDestinationPortVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsIPProtocolVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsIPVersionVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsIPToSVariableAuxClass (auxiliary new)
Top   ToC   RFC4104 - Page 7
      |       |
      |       +---pcelsDSCPVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsFlowIdVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsSourceMACVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsDestinationMACVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsVLANVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsCoSVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsEthertypeVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsSourceSAPVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsDestinationSAPVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsSNAPOUIVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsSNAPTypeVariableAuxClass (auxiliary new)
      |       |
      |       +---pcelsFlowDirectionVariableAuxClass (auxiliary new)
      |
      +---pcelsValueAuxClass (auxiliary new)
      |   |
      |   +---pcelsVendorValueAuxClass (auxiliary new)
      |   |
      |   +---pcelsIPv4AddrValueAuxClass (auxiliary new)
      |   |
      |   +---pcelsIPv6AddrValueAuxClass (auxiliary new)
      |   |
      |   +---pcelsMACAddrValueAuxClass (auxiliary new)
      |   |
      |   +---pcelsStringValueAuxClass (auxiliary new)
      |   |
      |   +---pcelsBitStringValueAuxClass (auxiliary new)
      |   |
      |   +---pcelsIntegerValueAuxClass (auxiliary new)
      |   |
      |   +---pcelsBooleanValueAuxClass (auxiliary new)
Top   ToC   RFC4104 - Page 8
      |
      +---pcimSubtreesPtrAuxClass (auxiliary)
      |
      +---pcimGroupContainmentAuxClass (auxiliary)
      |
      +---pcimRuleContainmentAuxClass (auxiliary)

            Figure 1.  LDAP Class Inheritance Hierarchy for PCELS



(page 8 continued on part 2)

Next Section