Distributed Denial-of-Service Open Threat Signaling (DOTS) Information and Data Model
draft-andreasen-dots-info-data-model-01

Document Type Active Internet-Draft (individual)
Last updated 2016-10-31
Stream (None)
Intended RFC status (None)
Formats plain text pdf html bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state I-D Exists
Telechat date
Responsible AD (None)
Send notices to (None)
DOTS                                                       F. Andreasen
Internet Draft                                                 T. Reddy
Intended status: Standards Track                                  Cisco
Expires: April 30, 2017                                October 31, 2016

        Distributed Denial-of-Service Open Threat Signaling (DOTS)
                        Information and Data Model
                draft-andreasen-dots-info-data-model-01.txt

Abstract

   This document defines an information model and a data model for
   Distributed Denial-of-Service Open Threat Signaling (DOTS).  The
   document specifies the Message and Information Elements that are
   transported between DOTS agents and their interconnected
   relationships.  The primary purpose of the DOTS Information and Data
   Model is to address the DOTS requirements and DOTS use cases.

Status of this Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six
   months and may be updated, replaced, or obsoleted by other documents
   at any time.  It is inappropriate to use Internet-Drafts as
   reference material or to cite them other than as "work in progress."

   This Internet-Draft will expire on March 30, 2017.

Copyright Notice

   Copyright (c) 2016 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with

Andreasen               Expires April 31, 2017                 [Page 1]
Internet-Draft      DOTS Information & Data Model     October 2016 2016

   respect to this document.  Code Components extracted from this
   document must include Simplified BSD License text as described in
   Section 4.e of the Trust Legal Provisions and are provided without
   warranty as described in the Simplified BSD License.

Table of Contents

   1. Introduction...................................................3
   2. Notational Conventions and Terminology.........................4
   3. Information Model..............................................4
      3.1. General...................................................4
      3.2. Signal Channel Messages...................................6
         3.2.1. Open Signal Channel..................................6
         3.2.2. Close Signal Channel.................................8
         3.2.3. Redirect Signal Channel..............................8
         3.2.4. Request Status Update................................9
         3.2.5. Status Update.......................................10
         3.2.6. Request Mitigation..................................10
         3.2.7. Stop Mitigation.....................................11
      3.3. Data Channel Messages....................................11
         3.3.1. Open Data Channel...................................11
         3.3.2. Close Data Channel..................................12
         3.3.3. Redirect Data Channel...............................12
         3.3.4. SendData............................................12
      3.4. Information Elements.....................................13
         3.4.1. Protocol version....................................13
         3.4.2. Attack Target.......................................13
         3.4.3. Agent Id............................................13
         3.4.4. Blacklist...........................................13
         3.4.5. Whitelist...........................................13
         3.4.6. Attack telemetry....................................13
         3.4.7. Mitigator feedback..................................14
         3.4.8. Mitigation efficacy.................................14
         3.4.9. Mitigation failure..................................14
         3.4.10. Mitigation Scope...................................14
         3.4.11. Mitigation Scope Conflict..........................15
         3.4.12. Resource Group Alias...............................15
         3.4.13. Mitigation duration................................15
         3.4.14. Peer health........................................15
         3.4.15. Filters............................................15
         3.4.16. Filter-actions.....................................15
Show full document text