Title :
Network policy languages: a survey and a new approach
Author :
Stone, Gary N. ; Lundy, Bert ; Xie, Geoffrey G.
Author_Institution :
US Dept. of Defence, Fort Meade, MD, USA
Abstract :
A survey of current network policy languages is presented. Next, a summary of the techniques for detecting policy conflicts is given. Finally, a new language, path-based policy language, which offers improvements to these is introduced. Previous network policy languages vary from the very specific, using packet filters at the bit level, to the more abstract where concepts are represented, with implementation details left up to individual network devices. As background information a policy framework model and policy-based routing protocols are discussed. The PPL´s path-based approach for representing network policies is advantageous in that quality of service and security policies can be associated with an explicit path through the network. This assignment of policies to network flows aids in new initiatives such as integrated services. The more stringent requirement of supporting path-based policies can easily be relaxed with the use of wild card characters to also support differentiated services and best-effort service, which is provided by the Internet today
Keywords :
Internet; computer network management; formal languages; protocols; quality of service; telecommunication network routing; telecommunication security; IETF; Internet; QoS policies; best-effort service; bit level; differentiated services; integrated services; network flows; network management; network policy languages; packet filters; path-based policies; path-based policy language; policy conflicts detection; policy framework model; policy-based routing protocols; quality of service; security policies; survey; wild card characters; Cryptography; Filters; Information security; Intserv networks; NASA; Quality of service; Routing protocols; Telecommunication traffic; Virtual private networks; Web and internet services;
Journal_Title :
Network, IEEE
