Journal of Information Technology Services (한국IT서비스학회지)

Korea Society of IT Services (한국IT서비스학회)
권호 표지

Detection and Recovery of Policy Conflicts in Policy-based Network Management Systems

정책기반 네트워크 관리 시스템의 정책 충돌 탐지 및 복구

  • 이규웅 (상지대학교 컴퓨터정보공학부)
  • Published : 2007.08.31
Download PDF
⟨ Previous Next ⟩

Abstract

Policy-based Network Management (PBNM) has been presented as a paradigm for efficient and customizable management systems. The approach chosen is based on PBNM systems, which are a promising and novel approach to network management. These systems have the potential to improve the automation of network management processes. The Internet Engineering Task Force (IETF) has also used policy concepts and provided a framework to describe the concept as the Policy Core Information Model (PCIM) and its extensions. There are policy conflicts among the policies that are defined as the policy information model and they are not easily and effectively detected and resolved. In this paper, we present the brief description of PBNM and illustrate the concepts of policy core information model and its policy implementation for a network security. Especially we describe our framework for detecting and resolving the policy conflicts for network security.

Keywords

References

  1. Adiseshu Hari, Subhash Suri, Guru Parulkar, Packet Filter Management for Layer 4 Switching, Proceedings of IEEE INFOCOM, 1999
  2. Distributed Management Task Force, Inc., Common Information Model (CIM) Specification, version 2.7, Apr. 2003
  3. Florin Baboescu and George Varghese. Scalable packet classification. Proceedings of SIGC OMM, 2001
  4. Hari, A., S. Suri, and G. Parulkar, Detecting and Resolving Packet Filter Conflicts, Proc. of the Internaltion Conference on INFOCOM, 2000
  5. Kanada, Y. and O'Keefe, B. J., Diffserv Policies and Their Combinations in a Policy Server Called PolicyXpert, IEICE SIG on Information Networks & SIG on Network Systems, March 2002
  6. Kanada, Y., Taxonomy and Description of Policy Combination Methods, Workshop on Policies for Distributed Systems and Networks, Lecture Notes in Computer Science, No.1995, (Springer, January 2001), pp.171-184
  7. Moore, B. Ed. IBM, Policy Core Information Model (PCIM) Extensions, The IETF Network Working Group, RFC 3460, Jan. 2003
  8. Moore, B., E. Ellesson, and J. Strassner, Policy Core Information Model-Version 1 Specification, The IETF Network Working Group, RFC 3060, Feb. 2001
  9. Nigel Sheridan-Smith, A Distributed Policybased Network Management for Enriched Experience Networks, Ph. D Dissertation, University of Technology, Sydney, 2003
  10. Pana, M., A. Reyes, A. Moron, M. Brunner, Policy Core Extension Lightweight Directory Access Protocol Schema, The IETF Network Working Group, RFC4104, Jun. 2005
  11. Srinivasan, V., S. Suri, and G. Varghese, Packet Classification using Tuple Space Search, Proceedings of ACM SIGCOMM, Sept. 1999
  12. Strassner, J., B. Moore, R. Moats, E. Ellesson, Policy Core Lightweight Directory Access Protocol (LDAP) Schema, The IETF Network Working Group, RFC3703, Feb. 2004