Generic Policy Data Model for Simplified Use of Policy Abstractions (SUPA)
draft-halpern-supa-generic-policy-data-model-01

Network Working Group                                        J. Halpern
Internet-Draft                                                 Ericsson
Intended status: Informational                             J. Strassner
Expires: October 29, 2016                           Huawei Technologies
                                                         April 15, 2016


                     Generic Policy Data Model for
              Simplified Use of Policy Abstractions (SUPA)
            draft-halpern-supa-generic-policy-data-model-01


Abstract

   This document defines two YANG policy data models. The first is a
   generic policy model that is meant to be extended on an application-
   specific basis. The second is an exemplary extension of the first
   generic policy model, and defines rules as event-condition-action
   policies. Both models are independent of the level of abstraction of
   the content and meaning of a policy.


Status of this Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current
   Internet-Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six
   months and may be updated, replaced, or obsoleted by other
   documents at any time.  It is inappropriate to use Internet-Drafts
   as reference material or to cite them other than as "work in
   progress."

   This Internet-Draft will expire on October 29, 2016.

Copyright Notice

   Copyright (c) 2016 IETF Trust and the persons identified as the
   document authors. All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document. Please review these documents
   carefully, as they describe your rights and restrictions with
   respect to this document. Code Components extracted from this
   document must include Simplified BSD License text as described in
   Section 4.e of the Trust Legal Provisions and are provided
   without warranty as described in the Simplified BSD License.


Halpern, et al.          Expires October 29, 2016              [Page 1]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


Table of Contents

1.  Overview ....................................................... 2
2.  Conventions Used in This Document .............................. 2
3.  Terminology .................................................... 3
   3.1.  Acronyms .................................................. 3
   3.2.  Definitions ............................................... 3
   3.3.  Symbology ................................................. 4
4.  Design of the SUPA Policy Data Models .......................... 4
5.  SUPA Policy Data Model YANG Module ............................. 5
6. IANA Considerations ............................................ 47
7. Security Considerations ........................................ 47
8. Acknowledgments ................................................ 47
9. References ..................................................... 47
   9.1. Normative References ...................................... 48
   9.2. Informative References .................................... 48
Authors' Addresses ................................................ 48


1. Overview

   This document defines two YANG [RFC6020] [RFC6991] policy data
   models. The first is a generic policy model that is meant to be
   extended on an application-specific basis. It is derived from the
   Generic Policy Information Model (GPIM) defined in [1]. The second
   is an exemplary extension of the first (generic policy) model, and
   defines policy rules as event-condition-action tuples. Both models
   are independent of the level of abstraction of the content and
   meaning of a policy.

   The GPIM defines a common framework as a set of model elements
   (e.g., classes, attributes, and relationships) that specify a
   common set of policy management concepts that are independent of the
   type of policy (e.g., imperative, procedural, declarative, or
   otherwise). The first YANG data model is a translation of the GPIM
   to a YANG module. The Eca Policy Rule Information Model (EPRIM),
   also defined in [1], extends the GPIM to represent policy rules that
   use the Event-Condition-Action (ECA) paradigm. The second YANG data
   model maps the EPRIM to YANG. The second YANG data model MAY be
   used to augment the functionality of the first YANG data model.


2.  Conventions Used in This Document

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in
   this document are to be interpreted as described in [RFC2119]. In
   this document, these words will appear with that interpretation
   only when in ALL CAPS. Lower case uses of these words are not to
   be interpreted as carrying [RFC2119] significance.


Halpern, et al.          Expires October 29, 2016              [Page 2]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


3.  Terminology

   This section defines acronyms, terms, and symbology used in the
   rest of this document.

3.1.  Acronyms

   CNF        Conjunctive Normal Form
   DNF        Disjunctive Normal Form
   ECA        Event-Condition-Action
   EPRIM      (SUPA) ECA Policy Rule Information Model
   GPIM       (SUPA) Generic Policy Information Model
   NETCONF    Network Configuration protocol
   OAM&P      Operations, Administration, Management, and Provisioning
   OCL        Object Constraint Language
   OID        Object IDentifier
   SUPA       Simplified Use of Policy Abstractions
   UML        Unified Modeling Language
   URI        Uniform Resource Identifier


3.2.  Definitions

   Action:  a set of purposeful activities that have a set of
      associated behavior.

   Boolean Clause:  a logical statement that evaluates to either TRUE
      or FALSE.  Also called Boolean Expression.

   Condition:  a set of attributes, features, and/or values that are to
      be compared with a set of known attributes, features, and/or
      values in order to make a decision.  A Condition, when used in
      the context of a Policy Rule, is used to determine whether or not
      the set of Actions in that Policy Rul can be executed or not.

   Constraint:    A constraint is a limitation or restriction.
      Constraints may be added to any type of object (e.g., events,
      conditions, and actions in Policy Rules).

   Constraint Programming:  a type of programming that uses constraints
      to define relations between variables in order to find
      a feasible (and not necessarily optimal) solution.

   Data Model:  a data model is a representation of concepts of
      interest to an environment in a form that is dependent on data
      repository, data definition language, query language,
      implementation language, and protocol (typically one or more of
      these).

   ECA:    Event - Condition - Action policy.


Halpern, et al.          Expires October 29, 2016              [Page 3]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


   Event:  an Event is defined as any important occurrence in time of
      a change in the system being managed, and/or in the environment
      of the system being managed. An Event, when used in the context
      of a Policy Rule, is used to determine whether the condition
      clause of an imperative Policy Rule can be evaluated or not.

   Information Model:  an information model is a representation of
      concepts of interest to an environment in a form that is
      independent of data repository, data definition language, query
      language, implementation language, and protocol.

   Metadata:  is data that provides descriptive and/or prescriptive
   information about the object(s) to which it is attached.

   Policy Rule:    A Policy Rule is a set of rules that are used to
      manage and control the changing or maintaining of the state of one
      or more managed objects.


3.3.  Symbology

   The following representation is used to describe YANG data modules
   defined in this draft.

   o  Brackets "[" and "]" enclose list keys.

   o  Abbreviations before data node names: "rw" means configuration
      data (read-write), and "ro" means state data (read-only).

   o  Symbols after data node names: "?" means an optional node, "!"
      means a presence container, and "*" denotes a list and leaf-list.

   o  Parentheses enclose choice and case nodes, and case nodes are also
      marked with a colon (":").

   o  Ellipsis ("...") stands for contents of subtrees that are not
      shown.


4.  Design of the SUPA Policy Data Models

   This will be completed in the next version of this draft. Three
   important points are:

   - different policy models have common semantics
   - capture those semantics within a common framework (GPIM)
   - extend these semantics with a specific ECA example (EPRIM)





Halpern, et al.          Expires October 29, 2016              [Page 4]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


5.  SUPA Policy Data Model YANG Module

   The SUPA YANG data model module is divided into two main parts:

      1) a set of containers that represent the objects that make
         updated a Policy Rule and its Policy Rule Components
      2) a set of containers that represent the objects that define and
         apply metadata to Policy Rules and/or Policy Rule Components

   < This will be finished in version 02 >



<CODE BEGINS> file "ietf-supa-policydatamodel@2016-03-21.yang"

module ietf-supa-policydatamodel {

    yang-version 1.1;
    namespace "urn:ietf:params:xml:ns:yang:ietf-supa-policydatamodel";
    prefix supa-pdm;

    import ietf-yang-types {
        prefix yang;
    }

    organization "IETF";
        contact
            "Editor: Joel Halpern
             email: jmh@joelhalpern.com;
             Editor: John Strassner
             email: strazpdj@gmail.com;";

    description
        "This module defines a data model for generic high level
         definition of policies to be applied to a network.
         This module is derived from and aligns with
         draft-strassner-supa-generic-policy-info-model-04.
         Details on all classes, associations, and attributes
         can be found there.
         Copyright (c) 2015 IETF Trust and the persons identified
         as the document authors.  All rights reserved.
         Redistribution and use in source and binary forms, with or
         without modification, is permitted pursuant to, and
         subject to the license terms contained in, the Simplified
         BSD License set forth in Section 4.c of the IETF Trust's
         Legal Provisions Relating to IETF Documents
         (http://trustee.ietf.org/license-info).";





Halpern, et al.          Expires October 29, 2016              [Page 5]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016

    revision 2016-04-15 {
        description
            "Fixed pyang 1.1 compilation errors. Fixed must clause
             derefencing used in grouping statements. Reformatted
             and expanded descriptions. Fixed various typos.";
        reference
            "draft-halpern-supa-policy-data-model-01";
    }
    revision 2016-03-21 {
        description
            "Version 1 - initial version";
        reference
            "draft-halpern-supa-policy-data-model-00";
    }

    typedef policy-constraint-language-list {
        type enumeration {
            enum "undefined" {
                description
                    "This may be used as an initialization and/or
                     an error state.";
            }
            enum "OCL2.4" {
                description
                    "Object Constraint Language v2.4. This is a
                     declarative language for describing rules for
                     defining constraints and query expressions.";
            }
            enum "OCL2.x" {
                description
                    "Object Constraint Language, v2.0 through 2.3.1.";
            }
            enum "OCL1.x" {
                description
                    "Object Constraint Language, any version prior
                     to v2.0.";
            }
            enum "QVT1.2R" {
                description
                    "QVT Relational Language.";
            }
            enum "QVT1.2O" {
                description
                    "QVT Operational language.";
            }
            enum "Alloy" {
                description
                    "A language for defining structures and
                     and relations using constraints.";
            }
        }


Halpern, et al.          Expires October 29, 2016              [Page 6]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016

        description
            "The language used to encode the constraints
             relevant to the relationship between the metadata
             and the underlying policy object.";
    }

    typedef policy-data-type-id-encoding-list {
        type enumeration {
            enum "undefined" {
                description
                    "This can be used for either initialization
                     or for signifying an error.";
            }
            enum "String" {
                description
                    "The clause is directly present in
                     the content.";
            }
            enum "GUID" {
                description
                    "The clause is referenced by this GUID.";
            }
            enum "UUID" {
                description
                    "The clause is referenced by this UUID.";
            }
            enum "URI" {
                description
                    "The clause is referenced by this URI.";
            }
            enum "FQDN" {
                description
                    "The clause is referenced by this FQDN.";
            }
        }
        description
            "The list of possible data types used to represent object
             IDs in the SUPA policy hierarchy.";
    }

    typedef policy-data-type-encoding-list {
        type enumeration {
            enum "undefined" {
                description
                    "This can be used for either initialization
                     or for signifying an error.";
            }
            enum "string" {
                description
                    "This represents a string data type.";
            }


Halpern, et al.          Expires October 29, 2016              [Page 7]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016

            enum "integer" {
                description
                    "This represents an integer data type.";
            }
            enum "boolean" {
                description
                    "This represents a Boolean data type.";
            }
            enum "floating point" {
                description
                    "This represents a floating point data type.";
            }
            enum "date-and-time" {
                description
                    "This represents a data type that can specify
                     date and/or time.";
            }
            enum "GUID" {
                description
                    "This represents a GUID data type.";
            }
            enum "UUID" {
                description
                    "This represents a UUID data type.";
            }
            enum "URI" {
                description
                    "This represents a Uniform Resource Identifier
                     (URI) data type.";
            }
            enum "DN" {
                description
                    "This represents a Distinguished Name (DN)
                     data type.";
            }
            enum "NULL" {
                description
                    "This represents a NULL data type. NULL means the
                     absence of an actual value. NULL is frequently
                     used to represent a missing or invalid value.";
            }
        }
        description
            "The set of allowable data types used to encode
             multi-valued SUPA Policy attributes.";
    }

// identities are used in this model as a means to provide simple
// reflection to allow an instance-identifier to be tested as to what
// class it represents. In turn, this allows must clauses to specify
// that the target of a particular instance-identifier leaf must be a
// specific class, or within a certain branch of the inheritance tree.

Halpern, et al.          Expires October 29, 2016              [Page 8]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016

// This depends upon the ability to refine the entity class default
// value. The entity class should be read-only. Howeverm as this is
// the target of a MUST condition, it cannot be config-false. Also,
// it appears that we cannot put a MUST condition on its definition,
// as the default (actual) value changes at each inheritance.

    identity POLICY-OBJECT-TYPE {
        description
            "The identity corresponding to a SUPAPolicyObject
             object instance.";
    }

    grouping supa-policy-object-type {
        leaf supa-policy-ID {
            type string;
            mandatory true;
            description
                "The string identifier of this policy object.
                 It must be unique within the policy system.";
        }
        leaf entity-class {
            type identityref {
                base POLICY-OBJECT-TYPE;
            }
            default POLICY-OBJECT-TYPE;
            description
                "The identifier of the class of this grouping.";
        }
        leaf supa-policy-object-ID-encoding {
            type policy-data-type-id-encoding-list;
            mandatory true;
            description
                "The encoding used by the supa-object-ID.";
        }
        leaf supa-policy-object-description {
            type string;
            description
                "Human readable description of the characteristics
                 and behavior of this policy object.";
        }
        leaf supa-policy-name {
            type string;
            description
                "A human-readable name for this policy.";
        }
        leaf-list supa-has-policy-metadata-agg {
            type instance-identifier;
            must "derived-from-or-self (deref(.)/entity-class,
                  SUPA-HAS-POLICY-METADATA-ASSOC)";




Halpern, et al.          Expires October 29, 2016              [Page 9]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016

            description
                "The SUPAPolicyObject object instance that aggregates
                 this set of SUPAPolicyMetadata object instances. As
                 there are attributes on this association, the
                 instance-identifier MUST point to an instance using
                 the grouping supa-has-policy-metadata-detail (which
                 includes subclasses of this association class).";
        }
        description
            "This is the superclass for all SUPA objects. It is
             used to define common attributes and relationships
             that all SUPA subclasses inherit.";
    }

    identity POLICY-COMPONENT-TYPE {
        base POLICY-OBJECT-TYPE;
        description
            "The identity corresponding to a
             SUPAPolicyComponentStructure object instance.";
    }

    grouping supa-policy-component-structure-type {
        uses supa-policy-object-type {
            refine entity-class {
                default POLICY-COMPONENT-TYPE;
            }
        }
        leaf supa-has-policy-component-decorator-part {
            type instance-identifier;
            must "derived-from-or-self (deref(.)/entity-class,
                  SUPA-HAS-POLICY-COMPONENT-DECORATOR-ASSOC)";
            mandatory true;
            description
                "A reference to the association class for relating
                 policy component decorators to the policy components
                 they decorate. This is the set of
                 SUPAPolicyComponentStructure object instances that are
                 aggregated by a SUPAPolicyComponentDecorator object
                 instance. As there are attributes on this association,
                 the instance-identifier MUST point to an instance
                 using the specified grouping. This defines the object
                 class that this instance-identifier points to.";
       }
       description
          "A superclass for all objects that represent different types
           of components of a Policy Rule. Important subclasses include
           the SUPAPolicyClause and the SUPAPolicyComponentDecorator.
           This object is the root of the decorator pattern; as such,
           it enables all subclasses to be decorated.";
    }



Halpern, et al.          Expires October 29, 2016             [Page 10]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


    identity POLICY-COMPONENT-DECORATOR-TYPE {
        base POLICY-COMPONENT-TYPE;
        description
            "The identity corresponding to a
             SUPAPolicyComponentDecorator object instance.";
    }

    grouping supa-policy-component-decorator-type {
        uses supa-policy-component-structure-type {
            refine entity-class {
                default POLICY-COMPONENT-DECORATOR-TYPE;
            }
        }
        leaf-list supa-has-policy-component-decorator-agg {
            type instance-identifier;
            must "derived-from-or-self (deref(.)/entity-class,
                  SUPA-HAS-POLICY-COMPONENT-DECORATOR-ASSOC)";
            max-elements 1;
            description
                "The SUPAPolicyComponentDecorator object instance
                 that aggregates this set of
                 SUPAPolicyComponentStructure object instances. This
                 is a list of associations to the SUPA policy components
                 that this decorator decorates. As there are attributes
                 on this association, the instance-identifier MUST
                 point to an instance using the specified grouping.
                 This defines the object class that this
                 instance-identifier points to.";
        }
        leaf-list supa-decorator-constraints {
            type string;
            description
               "A constraint expression applying to this
                decorator, allowing specification of details not
                captured in its subclasses, using an appropriate
                constraint language.";
        }
        leaf supa-has-decorator-constraint-encoding {
            type policy-constraint-language-list;
            description
               "The language in which the constraints on the
                policy component decorator is expressed.";
        }
        description
           "This object implements the decorator pattern, which
            enables all or part of one or more objects to wrap
            another concrete object.";
    }




Halpern, et al.          Expires October 29, 2016             [Page 11]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


    identity POLICY-COMPONENT-CLAUSE-TYPE {
        base POLICY-COMPONENT-TYPE;
        description
            "The identity corresponding to a SUPAPolicyClause
             object instance.";
    }

    grouping supa-policy-clause-type {
        uses supa-policy-component-structure-type {
            refine entity-class {
               default POLICY-COMPONENT-CLAUSE-TYPE;
            }
        }
        leaf supa-policy-clause-exec-status {
            type enumeration {
                enum "Unknown" {
                    description
                       "This may be used as an initialization and/or
                        an error state.";
                }
                enum "Completed" {
                    description
                       "This signifies that this particular policy
                        clause has run successfully, and is now idle.";
                }
                enum "Working" {
                    description
                       "This signifies that this particular policy
                        clause is currently in use, and no errors have
                        been reported.";
                }
                enum "Not Working" {
                    description
                       "This signifies that this particular policy
                        clause is currently in use, but one or more
                        errors have been reported.";
                }
                enum "Available" {
                    description
                       "This signifies that this particular policy
                        clause could be used, but currently is not
                        in use.";
                }
                enum "In Test" {
                    description
                       "This signifies that this particular policy
                        clause is not for use in operational policies.";
                }




Halpern, et al.          Expires October 29, 2016             [Page 12]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


                enum "Disabled" {
                    description
                       "This signifies that this particular policy
                        clause is not available for use.";
                }
            }
            description "This describes whether this policy clause is in
                use and if so whether it is working properly.";
        }
        leaf-list supa-has-policy-clause-part {
            type instance-identifier;
            must "derived-from-or-self (deref(.)/entity-class,
                  SUPA-HAS-POLICY-CLAUSE-ASSOC)";
            min-elements 1;
            description
                "The set of SUPAPolicyClause object instances that are
                 aggregated by this SUPAPolicyStructure (i.e., this
                 SUPA Policy Rule) object instance. This defines the
                 object class that this instance-identifier points to.";
        }
        description "The parent class for all SUPA Policy Clauses.";
    }

    identity POLICY-ENCODED-CLAUSE-TYPE {
        base POLICY-COMPONENT-CLAUSE-TYPE;
        description
            "The identity corresponding to a SUPAPolicyEncodedClause
             object instance.";
    }

    grouping supa-encoded-clause-type {
        uses supa-policy-clause-type {
            refine entity-class {
                default POLICY-ENCODED-CLAUSE-TYPE;
            }
        }
        leaf supa-encoded-clause-content {
            type string;
            mandatory true;
            description
               "Either a reference to a source for this clause or the
                string representation of the clause.";
        }
        leaf supa-encoded-clause-encoding {
            type policy-data-type-id-encoding-list;
            mandatory true;
            description
               "The encoding for the encoding clause content.";
        }



Halpern, et al.          Expires October 29, 2016             [Page 13]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016

        leaf supa-encoded-clause-language {
            type enumeration {
                enum "undefined" {
                    description
                        "This may be used as an initialization and/or
                         an error state.";
                }
                enum "CLI" {
                    description
                        "This defines the language as a type of Command
                         Line Interface.";
                }
                enum "TL1" {
                    description
                        "This defines the language as a type of
                         Transaction Language 1.";
                }
                enum "YANG" {
                    description
                        "This defines the language as a type of YANG.";
                }
            }
            mandatory true;
            description
               "Indicates the lanaguage used for this object instance.";
        }
        leaf supa-encoded-clause-response {
            type boolean;
            description
               "If present, this represents the success or failure
                of the last invocation of this clause.";
        }
        description
           "This class refines the behavior of the supa-policy-clause
            by encoding the contents of the clause into the attributes
            of this object. This enables clauses that are not based on
            other SUPA objects to be modeled.";
    }

    container supa-encoding-clause-container {
        description
            "This is a container to collect all object instances of
             type SUPAEncodedClause.";
        list supa-encoding-clause-list {
            key supa-policy-ID;
            uses supa-encoded-clause-type;
            description
                "List of all instances of supa-encoding-clause-type.
                 If a module defines subclasses of the encoding clause,
                 those will be stored in a separate container.";
        }
    }

Halpern, et al.          Expires October 29, 2016             [Page 14]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


    identity POLICY-COMPONENT-TERM-TYPE {
        base POLICY-COMPONENT-DECORATOR-TYPE;
        description
            "The identity corresponding to a
             SUPAPolicyComponentDecorator object instance.";
    }

    grouping supa-policy-term-type {
        uses supa-policy-component-decorator-type {
            refine entity-class {
               default POLICY-COMPONENT-TERM-TYPE;
            }
        }
        leaf supa-policy-term-is-negated {
            type boolean;
            description
               "If the value of this attribute is true, then
                this particular term is negated.";
        }
        description
           "This is the superclass of all SUPA policy objects that are
            used to test or set the value of a variable.";
    }

    identity POLICY-COMPONENT-VARIABLE-TYPE {
        base POLICY-COMPONENT-TERM-TYPE;
        description
            "The identity corresponding to a SUPAPolicyVariable
             object instance.";
    }

    grouping supa-policy-variable-type {
        uses supa-policy-term-type {
            refine entity-class {
               default POLICY-COMPONENT-VARIABLE-TYPE;
            }
        }
        leaf supa-policy-variable-name {
             type string;
             description
                "A human-readable name for this policy variable.";
         }
        description
           "This is one formulation of a SUPA Policy Clause. It uses
            an object, defined in the SUPA hierarchy, to represent the
            variable portion of a SUPA Policy Clause. The attribute
            defined by the supa-policy-variable-name specifies an
            attribute whose content should be compared to a value,
            which is typically specified by supa-policy-value-type.";
    }


Halpern, et al.          Expires October 29, 2016             [Page 15]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


    container supa-policy-variable-container {
        description
            "This is a container to collect all object instances of
             type SUPAPolicyVariable.";
        list supa-policy-variable-list {
            key supa-policy-ID;
            uses supa-policy-variable-type;
            description
                "List of all instances of supa-policy-variable-type.
                 If a module defines subclasses of this class,
                 those will be stored in a separate container.";
        }
    }

    identity POLICY-COMPONENT-OPERATOR-TYPE {
        base POLICY-COMPONENT-TERM-TYPE;
        description
            "The identity corresponding to a SUPAPolicyOperator
             object instance.";
    }

    grouping supa-policy-operator-type {
        uses supa-policy-term-type {
            refine entity-class {
               default POLICY-COMPONENT-OPERATOR-TYPE;
            }
        }
        leaf supa-policy-value-op-type {
            type enumeration {
                enum "unknown" {
                    description
                        "This may be used as an initialization and/or
                         an error state.";
                }
                enum "greater than" {
                    description
                        "A greater-than operator.";
                }
                enum "greater than or equal to" {
                    description
                        "A greater-than-or-equal-to operator.";
                }
                enum "less than" {
                    description
                        "A less-than operator.";
                }
                enum "less than or equal to" {
                    description
                        "A less-than-or-equal-to operator.";
                }


Halpern, et al.          Expires October 29, 2016             [Page 16]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


                enum "equal to" {
                    description
                        "An equal-to operator.";
                }
                enum "not equal to"{
                    description
                        "A not-equal-to operator.";
                }
                enum "IN" {
                    description
                        "An operator that determines whether a given
                         value matches any of the specified values.";
                }
                enum "NOT IN" {
                    description
                        "An operator that determines whether a given
                         value does not match any of the specified
                         values.";
                }
                enum "SET" {
                    description
                        "An operator that makes the value of the
                         result equal to the input value.";
                }
                enum "CLEAR"{
                    description
                        "An operator that deletes the value of the
                         specified object.";
                }
                enum "BETWEEN" {
                    description
                        "An operator that determines whether a given
                         value is within a specified range of values.";
                }
            }
            mandatory true;
            description
                "The type of operator used to compare the variable
                 and value portions of this SUPA Policy Clause.";
        }
        description
           "This is one formulation of a SUPA Policy Clause. It uses
            an object, defined in the SUPA hierarchy, to represent the
            operator portion of a SUPA Policy Clause. The attribute
            defined by the supa-policy-op-type specifies an attribute
            whose content defines the type of operator used to compare
            the variable and value portions of this policy clause.";
    }




Halpern, et al.          Expires October 29, 2016             [Page 17]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


    container supa-policy-operator-container {
        description
            "This is a container to collect all object instances of
             type SUPAPolicyOperator.";
        list supa-policy-operator-list {
            key supa-policy-ID;
            uses supa-policy-operator-type;
            description
                "List of all instances of supa-policy-operator-type.
                 If a module defines subclasses of this class,
                 those will be stored in a separate container.";
        }
    }

    identity POLICY-COMPONENT-VALUE-TYPE {
        base POLICY-COMPONENT-TERM-TYPE;
        description
            "The identity corresponding to a SUPAPolicyValue
             object instance.";
    }

    grouping supa-policy-value-type {
        uses supa-policy-term-type {
            refine entity-class {
               default POLICY-COMPONENT-VALUE-TYPE;
            }
        }
        leaf-list supa-policy-value-content {
            type string;
            description
               "The content of the value portion of this SUPA Policy
                Clause. The data type of the content is specified in
                the supa-policy-value-encoding.";
        }
        leaf supa-policy-value-encoding {
            type policy-data-type-encoding-list;
            description
                "The data type of the supa-policy-value-content.";
        }
        description
           "This is one formulation of a SUPA Policy Clause. It uses
            an object, defined in the SUPA hierarchy, to represent the
            value portion of a SUPA Policy Clause. The attribute
            defined by the supa-policy-value-content specifies an
            attribute whose content should be compared to a variable,
            which is typically specified by supa-policy-variable-type.";
    }





Halpern, et al.          Expires October 29, 2016             [Page 18]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016

    container supa-policy-value-container {
        description
            "This is a container to collect all object instances of
             type SUPAPolicyValue.";
        list supa-policy-value-list {
            key supa-policy-ID;
            uses supa-policy-value-type;
            description
                "List of all instances of supa-policy-value-type.
                 If a module defines subclasses of this class,
                 those will be stored in a separate container.";
        }
    }

    identity POLICY-GENERIC-DECORATED-TYPE {
        base POLICY-COMPONENT-DECORATOR-TYPE;
        description
            "The identity corresponding to a
             SUPAGenericDecoratedComponent object instance.";
    }

    grouping supa-policy-generic-decorated-type {
        uses supa-policy-component-decorator-type {
            refine entity-class {
               default POLICY-GENERIC-DECORATED-TYPE;
            }
        }
        leaf-list supa-policy-generic-decorated-content {
            type string;
            description
               "The content of this SUPA Policy Clause. The data type
                of this attribute is specified in the
                supa-policy-generic-decorated-encoding.";
        }
        leaf supa-policy-generic-decorated-encoding {
            type policy-data-type-encoding-list;
            description
                "The data type of the
                 supa-policy-generic-decorated-content attribute.";
        }
        description
           "This object enables a generic object to be defined and
            used as a decorator in a SUPA Policy Clause.
            This should not be confused with the SUPAEncodedClause
            class. This class represents a single, atomic,
            vendor-specific object that defines a portion of a SUPA
            Policy Clause, whereas a SUPA Policy Encoded Clause
            represents the entire policy clause.";
    }




Halpern, et al.          Expires October 29, 2016             [Page 19]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


    container supa-policy-generic-decorated-container {
        description
            "This is a container to collect all object instances of
             type SUPAGenericDecoratedComponent.";
        list supa-encoding-clause-list {
            key supa-policy-ID;
            uses supa-policy-generic-decorated-type;
            description
                "List of all instances of
                 supa-policy-generic-decorated-type. If a module
                 defines subclasses of this class, those will be
                 stored in a separate container.";
        }
    }

    identity POLICY-COLLECTION {
        base POLICY-COMPONENT-DECORATOR-TYPE;
        description
            "The identity corresponding to a SUPAPolicyCollection
             object instance.";
    }

    grouping supa-policy-collection {
        uses supa-policy-component-decorator-type {
            refine entity-class { default POLICY-COLLECTION;
            }
        }
        leaf-list supa-policy-collection-content {
            type string;
            description
               "The content of this collection object. The data type
                is specified in supa-policy-collection-encoding.";
        }
        leaf supa-policy-collection-encoding {
            type enumeration {
                enum "undefined" {
                    description
                        "This may be used as an initialization and/or
                         an error state.";
                }
                enum "by regex" {
                    description
                        "This defines the data type of the content of
                         this collection instance to be a regular
                         expression that contains all or part of a
                         string to match the class name of the object
                         that is to be collected by this instance of a
                         SUPAPolicyCollection class.";
                }



Halpern, et al.          Expires October 29, 2016             [Page 20]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016

                enum "by URI" {
                    description
                        "This defines the data type of the content of
                         this collection instance to be a Uniform
                         Resource Identifier. It identifies the object
                         instance that is to be collected by this
                         instance of a SUPAPolicyCollection class.";
                }
            }
            mandatory true;
            description
                "The data type of the supa-policy-collection-content.";
        }
        leaf supa-policy-collection-function {
            type enumeration {
                enum "undefined" {
                    description
                        "This may be used as an initialization and/or
                         an error state.";
                }
                enum "event collection" {
                    description
                        "This collection contains objects that are used
                         to populate the event clause of a
                         SUPA Policy.";
                }
                enum "condition collection" {
                    description
                        "This collection contains objects that are used
                         to populate the condition clause of a
                         SUPA Policy.";
                }
                enum "action collection" {
                     description
                        "This collection contains objects that are used
                         to populate the action clause of a
                         SUPA Policy.";
                }
               enum "logic collection" {
                    description
                        "This collection contains objects that define
                         logic for processing a SUPA Policy.";
                }
            }
            description
                "Defines how this collection instance is to be used.";
        }






Halpern, et al.          Expires October 29, 2016             [Page 21]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


        leaf supa-policy-collection-is-ordered {
            type boolean;
            description
                "If the value of this leaf is true, then all elements
                 in this collection are ordered.";
        }
        leaf supa-policy-collection-type {
            type enumeration {
                enum "undefined" {
                    description
                       "This may be used as an initialization and/or
                        an error state.";
                }
                enum "set" {
                    description
                       "An unordered collection of elements that MUST
                        NOT have duplicates.";
                }
                enum "bag" {
                    description
                       "An unordered collection of elements that MAY
                        have duplicates.";
                }
                enum "dictionary" {
                    description
                       "A list of values that is interpreted as a set
                        of pairs, with the first entry of each pair
                        interpreted as a dictionary key, and the
                        second entry interpreted as a value for that
                        key. As a result, collections using this value
                        of supa-policy-collection-type MUST have
                        supa-policy-collection-is-ordered set to true.";
                }
            }
            mandatory true;
            description
                "The type of the supa-policy-collection.";
        }
        description
           "This enables a collection of arbitrary objects to be
            defined and used in a SUPA Policy Clause.
            This should not be confused with the SUPAEncodedClause
            class. This class represents a single, atomic, object that
            defines a portion of a SUPA Policy Clause, whereas a SUPA
            Policy Encoded Clause represents the entire policy clause.";
    }






Halpern, et al.          Expires October 29, 2016             [Page 22]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016

    container supa-policy-collection-container {
        description
            "This is a container to collect all object instances of
             type SUPAPolicyCollection.";
        list supa-policy-collection-list {
            key supa-policy-ID;
            uses supa-policy-collection;
            description
                "List of all instances of supa-policy-collection.
                 If a module defines subclasses of this class,
                 those will be stored in a separate container.";
        }
    }

    identity POLICY-STRUCTURE-TYPE {
        base POLICY-OBJECT-TYPE;
        description
            "The identity corresponding to a SUPAPolicyStructure
             object instance.";
    }

    grouping supa-policy-structure-type {
        uses supa-policy-object-type {
            refine entity-class {
                default POLICY-STRUCTURE-TYPE;
            }
        }
        leaf supa-policy-admin-status {
            type enumeration {
                enum "unknown" {
                    description
                        "This may be used as an initialization and/or
                         an error state.";
                }
                enum "enabled" {
                    description
                        "This SUPA Policy Rule has been
                         administratively enabled.";
                }
                enum "disabled" {
                    description
                        "This SUPA Policy Rule has been
                         administratively disabled.";
                }
                enum "in test" {
                    description
                        "This SUPA Policy Rule has been
                         administratively placed into test mode, and
                         SHOULD NOT be used as part of an operational
                         policy rule.";
                }
            }

Halpern, et al.          Expires October 29, 2016             [Page 23]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016

            mandatory true;
            description
                "The current admnistrative status of this SUPA POLICY
                 Rule.";
        }
        leaf supa-policy-continuum-level {
            type uint32;
            description
                "This is the current level of abstraction of this
                 particular SUPA Policy Rule.";
        }
        leaf supa-policy-deploy-status {
            type enumeration {
                enum "undefined" {
                    description
                        "This may be used as an initialization and/or
                         an error state.";
                }
                enum "deployed and enabled" {
                    description
                        "This SUPA Policy Rule has been deployed and
                         enabled.";
                }
                enum "disabled" {
                    description
                        "This SUPA Policy Rule has been
                         administratively disabled.";
                }
                enum "in test" {
                    description
                        "This SUPA Policy Rule has been
                         administratively placed into test mode, and
                         SHOULD NOT be used as part of an operational
                         policy rule.";
                }
            }
            mandatory true;
            description
                "This is the current level of abstraction of this
                 particular SUPA Policy Rule.";
        }
        leaf supa-policy-exec-status {
            type enumeration {
                enum "undefined" {
                    description
                        "This may be used as an initialization and/or
                         an error state.";
                }





Halpern, et al.          Expires October 29, 2016             [Page 24]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


                enum "operational success" {
                    description
                        "This SUPA Policy Rule has been executed in
                         operational mode, and produced no errors.";
                }
                enum "operational failure" {
                    description
                        "This SUPA Policy Rule has been executed in
                         operational mode, but has produced at least
                         one error.";
                }
                enum "currently in operation" {
                    description
                        "This SUPA Policy Rule is currently still
                         executing in operational mode.";
                }
                enum "ready" {
                    description
                        "This SUPA Policy Rule is ready to be
                         executed in operational mode.";
                }
                enum "test success" {
                    description
                        "This SUPA Policy Rule has been executed in
                         test mode, and produced no errors.";
                }
                enum "test failure" {
                    description
                        "This SUPA Policy Rule has been executed in
                         test mode, but has produced at least
                         one error.";
                }
                enum "currently in test" {
                    description
                        "This SUPA Policy Rule is currently still
                         executing in test mode.";
                }
            }
            mandatory true;
            description
                "This is the current level of abstraction of this
                 particular SUPA Policy Rule.";
        }
        leaf supa-policy-exec-fail-strategy {
            type enumeration {
                enum "undefined" {
                    description
                        "This may be used as an initialization and/or
                         an error state.";
                }


Halpern, et al.          Expires October 29, 2016             [Page 25]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


                enum "rollback all" {
                    description
                        "This means that execution of this SUPA
                         Policy Rule is stopped, rollback of all
                         actions (whether successful or not) is
                         attempted, and all SUPA Policy Rules that
                         otherwise would have executed are ignored.";
                }
                enum "rollback failure" {
                    description
                        "This means that execution of this SUPA
                         Policy Rule is stopped, and rollback is
                         attempted for only the SUPA Policy Rule that
                         failed to execute correctly.";
                }
                enum "stop execution" {
                    description
                        "This means that execution of this SUPA Policy
                         Rule SHOULD be stopped.";
                }
                enum "ignore" {
                    description
                        "This means that any failures produced by this
                         SUPA Policy Rule SHOULD be ignored.";
                }
            }
            mandatory true;
            description
                "This defines what actions, if any, should be taken by
                 this particular SUPA Policy Rule if it fails to
                 execute correctly. Some implementations may not be
                 able to accommodate the rollback failure option;
                 hence, this option may be skipped.";
        }
        leaf-list supa-has-policy-source-agg {
            type instance-identifier;
            must "derived-from-or-self (deref(.)/entity-class,
                  SUPA-HAS-POLICY-SOURCE-ASSOC)";
            description
                "The SUPAPolicyStructure (i.e., the type of SUPA
                 Policy Rule) object instance that aggregates this set
                 set of SUPAPolicySource object instances. This
                 defines the object class that this instance-identifier
                 points to.";
        }
        leaf-list supa-has-policy-target-agg {
            type instance-identifier;
            must "derived-from-or-self (deref(.)/entity-class,
                  SUPA-HAS-POLICY-TARGET-ASSOC)";



Halpern, et al.          Expires October 29, 2016             [Page 26]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


            description
                 "This represents the aggregation of Policy Target
                 objects by this particular SUPA Policy Rule. It is
                 the SUPAPolicyStructure object instance that
                 aggregates this set of SUPAPolicyTarget object
                 instances. This defines the object class that
                 this instance-identifier points to.";
        }
        leaf-list supa-has-policy-clause-agg {
            type instance-identifier;
            must "derived-from-or-self (deref(.)/entity-class,
                  SUPA-HAS-POLICY-CLAUSE-ASSOC)";
            description
                "The SUPAPolicyStructure object instance that
                 aggregates this set of SUPAPolicyClause object
                 instances. This defines the object class that
                 this instance-identifier points to.";
        }
        leaf-list supa-has-policy-exec-action-assoc-src-ptr {
            type instance-identifier;
            must "derived-from-or-self (deref(.)/entity-class,
                  SUPA-HAS-POLICY-EXEC-ACTION-ASSOC)";
            description
                "This associates a SUPAPolicyStructure (i.e., a SUPA
                 Policy Rule) object instance to zero or more SUPA
                 Policy Actions to be used to correct errors caused if
                 this SUPA Policy Rule does not execute correctly.";
        }
        leaf-list supa-has-policy-exec-action-assoc-dst-ptr {
            type instance-identifier;
            must "derived-from-or-self (deref(.)/entity-class,
                  SUPA-HAS-POLICY-EXEC-ACTION-ASSOC)";
            min-elements 1;
            description
                "The set of zero or more SUPA Policy Actions to be used
                 by this particular SUPAPolicyStructure (i.e., SUPA
                 Policy Rule to correct errors caused if this SUPA
                 Policy Rule does not execute correctly.";
        }
        description
           "A superclass for all objects that represent different types
            of Policy Rules. Currently, this is limited to a single
            type - the event-condition-action (ECA) policy rule.
            A SUPA Policy may be an individual policy, or a set of
            policies. This is supported by applying the composite
            pattern to this class.";
    }





Halpern, et al.          Expires October 29, 2016             [Page 27]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


    identity POLICY-SOURCE-TYPE {
        base POLICY-OBJECT-TYPE;
        description
            "The identity corresponding to a SUPAPolicySource
             object instance.";
    }

    grouping supa-policy-source-type {
        uses supa-policy-object-type {
            refine entity-class {
                default POLICY-SOURCE-TYPE;
            }
        }
        leaf-list supa-has-policy-source-part {
            type instance-identifier;
            must "derived-from-or-self (deref(.)/entity-class,
                  SUPA-HAS-POLICY-SOURCE-ASSOC)";
            description
                "This represents the aggregation of one or more SUPA
                 Policy Source objects to this particular SUPA Policy
                 Rule object. In other words, it is the set of
                 SUPAPolicySource object instances that are aggregated
                 by this SUPAPolicyStructure (i.e., this SUPA Policy
                 Rule). This defines the object class that this
                 instance-identifier points to.";
        }
        description
           "This object defines a set of managed entities that
            authored, or are otherwise responsible for, this SUPA
            Policy Rule. Note that a SUPA Policy Source does not
            evaluate or execute SUPAPolicies. Its primary use is for
            auditability and the implementation of deontic and/or
            alethic logic.";
    }

    identity POLICY-TARGET-TYPE {
        base POLICY-OBJECT-TYPE;
        description
            "The identity corresponding to a SUPAPolicyTarget
             object instance.";
    }

    grouping supa-policy-target-type {
        uses supa-policy-object-type {
            refine entity-class {
                default POLICY-TARGET-TYPE;
            }
        }




Halpern, et al.          Expires October 29, 2016             [Page 28]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


        leaf-list supa-has-policy-target-part {
            type instance-identifier;
            must "derived-from-or-self (deref(.)/entity-class,
                  SUPA-HAS-POLICY-TARGET-ASSOC)";
            description
                "This represents the aggregation of one or more SUPA
                 Policy Target objects to this particular SUPA Policy
                 Rule object. In other words, it is the set of
                 SUPAPolicyTarget object instances that are aggregated
                 by this SUPAPolicyStructure (i.e., this SUPA Policy
                 Rule). This defines the object class that this
                 instance-identifier points to.";
        }
        description
           "This object defines a set of managed entities that a
            SUPA Policy Rule is applied to.";
    }

    identity POLICY-METADATA-TYPE {
        description
            "The identity corresponding to a SUPAPolicyMetadata
             object instance.";
    }

    grouping supa-policy-metadata-type {
        leaf supa-policy-metadata-id {
            type string;
            mandatory true;
            description
                "This represents part of the object identifier of an
                 instance of this class. It defines the content of the
                 object identifier.";
        }
        leaf entity-class {
            type identityref {
                base POLICY-METADATA-TYPE;
            }
            default POLICY-METADATA-TYPE;
            description
               "The identifier of the class of this grouping.";
        }
        leaf supa-policy-metadata-id-encoding {
            type policy-data-type-id-encoding-list;
            mandatory true;
            description
                "This represents part of the object identifier of an
                 instance of this class. It defines the format of the
                 object identifier.";
        }



Halpern, et al.          Expires October 29, 2016             [Page 29]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


        leaf supa-policy-metadata-description {
            type string;
            description
                "This contains a free-form textual description of this
                 metadata object.";
        }
        leaf supa-policy-metadata-name {
            type string;
            description
                "This contains a human-readable name for this
                 metadata object.";
        }
        leaf-list supa-has-policy-metadata-part {
            type instance-identifier;
            must "derived-from-or-self (deref(.)/entity-class,
                  SUPA-HAS-POLICY-METADATA-ASSOC)";
            description
                "This represents the set of SUPAPolicyMetadata object
                 instances that are aggregated by this SUPAPolicyObject
                 object instance (i.e., this is the set of policy
                 metadata aggregated by this SUPAPolicyObject). As
                 there are attributes on this association, the
                 instance-identifier MUST point to an instance using
                 the grouping supa-has-policy-metadata-detail (which
                 includes the subclasses of the association class).";
        }
        leaf supa-policy-metadata-decorator-part {
            type instance-identifier;
            must "derived-from-or-self (deref(.)/entity-class,
                  SUPA-HAS-POLICY-COMPONENT-DECORATOR-ASSOC)";
            mandatory true;
            description
               "This object implements the decorator pattern, which is
                applied to SUPA metadata objects. This enables all or
                part of one or more metadata objects to wrap another
                concrete metadata object.";
        }
        description
           "This is the superclass of all metadata classes. Metadata
            is information that describes and/or prescribes the
            characteristics and behavior of another object that is
            not an inherent, distinguishing characteristics or
            behavior of that object.";
    }

    identity POLICY-METADATA-CONCRETE-TYPE {
        base POLICY-METADATA-TYPE;
        description
            "The identity corresponding to a SUPAPolicyConcreteMetadata
             object instance.";
    }

Halpern, et al.          Expires October 29, 2016             [Page 30]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


    grouping supa-policy-concrete-metadata-type {
        uses supa-policy-metadata-type {
            refine entity-class {
                default POLICY-METADATA-TYPE;
            }
        }
        leaf supa-policy-metadata-valid-period-end {
            type yang:date-and-time;
            description
                "This defines the ending date and time that this
                 metadata object is valid for.";
        }
        leaf supa-policy-metadata-valid-period-start {
            type yang:date-and-time;
            description
                "This defines the starting date and time that this
                 metadata object is valid for.";
        }
        description
           "This is a concrete class that will be wrapped by concrete
            instances of the SUPA Policy Metadata Decorator class. It
            can be viewed as a container for metadata that will be
            attached to a subclass of SUPA Policy Object. It may
            contain all or part of one or more metadata subclasses.";
    }

    container supa-policy-concrete-metadata-container {
        description
            "This is a container to collect all object instances of
             type SUPAPolicyConcreteMetadata.";
        list supa-policy-concrete-metadata-list {
            key supa-policy-metadata-id;
            uses supa-policy-concrete-metadata-type;
            description
                "A list of all supa-policy-metadata instances in the
                 system.";
        }
    }

    identity POLICY-METADATA-DECORATOR-TYPE {
        base POLICY-METADATA-TYPE;
        description
            "The identity corresponding to a
             SUPAPolicyMetadataDecorator object instance.";
    }







Halpern, et al.          Expires October 29, 2016             [Page 31]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016

    grouping supa-policy-metadata-decorator-type {
        uses supa-policy-metadata-type {
            refine entity-class {
                default POLICY-METADATA-DECORATOR-TYPE;
            }
        }
        leaf-list supa-policy-metadata-decorator-agg {
            type instance-identifier;
             must "derived-from-or-self (deref(.)/entity-class,
                   SUPA-HAS-POLICY-COMPONENT-DECORATOR-ASSOC)";
            max-elements 1;
            description
                "This represents the decorator pattern being applied to
                 metadata. This is the aggregate part (i.e., the
                 concrete subclass of the SUPAPolicyMetadataDecorator
                 class that wraps a concrete subclass of
                 SUPAPolicyMetadata; currently, the only such class is
                 SUPAPolicyConcreteMetadata).";
        }
        description
           "This object implements the decorator pattern, which is
            applied to SUPA metadata objects. This enables all or part
            of one or more metadata objects to wrap another concrete
            metadata object.";
    }

    identity POLICY-METADATA-DECORATOR-ACCESS-TYPE {
        base POLICY-METADATA-DECORATOR-TYPE;
        description
            "The identity corresponding to a
             SUPAPolicyAccessMetadataDef object instance.";
    }

    grouping supa-policy-metadata-decorator-access-type {
        uses supa-policy-metadata-decorator-type {
            refine entity-class {
                default POLICY-METADATA-DECORATOR-ACCESS-TYPE;
            }
        }
        leaf supa-policy-metadata-access-priv-def {
            type enumeration {
                enum "undefined" {
                    description
                        "This may be used as an initialization and/or
                         an error state.";
                }
                enum "read only" {
                    description
                        "This defines access as read only for ALL SUPA
                         Policy object instances that are adorned with
                         this metadata object.";
                }

Halpern, et al.          Expires October 29, 2016             [Page 32]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016

                enum "read write" {
                    description
                        "This defines access as read and/or write for
                         ALL SUPA Policy object instances that are
                         adorned with this metadata object.";
                }
                enum "specified by MAC" {
                    description
                        "This defines access as defined by an external
                         Mandatory Access Control model. The name and
                         location of this model are specified in the
                         supa-policy-metadata-access-priv-model-name
                         and supa-policy-metadata-access-priv-model-ref
                         attributes of this metadata object.";
                }
                enum "specified by DAC" {
                    description
                        "This defines access as defined by an external
                         Discretionary Access Control model. The name
                         and location of this model are specified in the
                         supa-policy-metadata-access-priv-model-name
                         and supa-policy-metadata-access-priv-model-ref
                         attributes of this metadata object.";
                }
                enum "specified by RBAC" {
                    description
                        "This defines access as defined by an external
                         Role Based Access Control model. The name
                         and location of this model are specified in the
                         supa-policy-metadata-access-priv-model-name
                         and supa-policy-metadata-access-priv-model-ref
                         attributes of this metadata object.";
                }
                enum "specified by ABAC" {
                    description
                        "This defines access as defined by an external
                         Attribute Based Access Control model. The name
                         and location of this model are specified in the
                         supa-policy-metadata-access-priv-model-name
                         and supa-policy-metadata-access-priv-model-ref
                         attributes of this metadata object.";
                }
                enum "specified by custom" {
                    description
                        "This defines access as defined by an external
                         Custom Access Control model. The name and
                         location of this model are specified in the
                         supa-policy-metadata-access-priv-model-name
                         and supa-policy-metadata-access-priv-model-ref
                         attributes of this metadata object.";
                }
            }

Halpern, et al.          Expires October 29, 2016             [Page 33]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016

            description
                "This defines the type of access control model that is
                 used by this object instance.";
        }
        leaf supa-policy-metadata-access-priv-model-name {
            type string;
            description
                "This contains the name of the access control model
                 being used. If the value of the
                 supa-policy-metadata-access-priv-model-ref is 0-2,
                 then the value of this attribute is not applicable.
                 Otherwise, the text in this class attribute should be
                 interpreted according to the value of the
                 supa-policy-metadata-access-priv-model-ref class
                 attribute.";
        }
        leaf supa-policy-metadata-access-priv-model-ref {
            type enumeration {
                enum "undefined" {
                    description
                        "This can be used for either initialization
                        or for signifying an error.";
                }
                enum "URI"  {
                    description
                        "The clause is referenced by this URI.";
                }
                enum "GUID"  {
                    description
                        "The clause is referenced by this GUID.";
                }
                enum "UUID"  {
                    description
                        "The clause is referenced by this UUID.";
                }
                enum "FQDN"  {
                    description
                        "The clause is referenced by this FQDN.";
                }
            }
            description
                "This defines the data type of the
                 supa-policy-metadata-access-priv-model-name
                 attribute.";
        }
        description
            "This is a concrete class that defines metadata for access
             control information that can be added to a SUPA Policy
             object. This is done using the SUPAHasPolicyMetadata
             aggregation.";
    }


Halpern, et al.          Expires October 29, 2016             [Page 34]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


    container supa-policy-metadata-decorator-access-container {
        description
            "This is a container to collect all object instances of
             type SUPAPolicyAccessMetadataDef.";
        list supa-policy-metadata-decorator-access-list {
            key supa-policy-metadata-id;
            uses supa-policy-metadata-decorator-type;
            description
                "A list of all supa-policy-metadata-decorator-access
                instances in the system.  Instances of subclasses
                will be in a separate list.";
        }
    }

    identity POLICY-METADATA-DECORATOR-VERSION-TYPE {
        base POLICY-METADATA-DECORATOR-TYPE;
        description
            "The identity corresponding to a
             SUPAPolicyVersionMetadataDef object instance.";
    }

    grouping supa-policy-metadata-decorator-version-type {
        uses supa-policy-metadata-decorator-type {
            refine entity-class {
                default POLICY-METADATA-DECORATOR-VERSION-TYPE;
            }
        }
        leaf supa-policy-metadata-version-major {
            type string;
            description
                "This contains a string (typically representing an
                 integer in the overall version format) that indicates
                 a significant increase in functionality is present in
                 this version.";
        }
        leaf supa-policy-metadata-version-minor {
            type string;
            description
                "This contains a string (typically representing an
                 integer in the overall version format) that indicates
                 that this release contains a set of features and/or bug
                 fixes that collectively do not warrant incrementing the
                 supa-policy-metadata-version-major attribute.";
        }
        leaf supa-policy-metadata-version-rel-type {
            type enumeration {
                enum "undefined" {
                    description
                        "This can be used for either initialization
                        or for signifying an error.";
                }

Halpern, et al.          Expires October 29, 2016             [Page 35]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


                enum "internal" {
                    description
                        "This indicates that this version should only
                         be used for internal (development) purposes.";
                }
                enum "alpha" {
                    description
                        "This indicates that this version is considered
                         to be alpha quality.";
                }
                enum "beta" {
                    description
                        "This indicates that this version is considered
                         to be beta quality.";
                }
                enum "release candidate" {
                    description
                        "This indicates that this version is considered
                         to be a candidate for full production.";
                }
                enum "release production" {
                    description
                        "This indicates that this version is considered
                         to be ready for full production.";
                }
                enum "maintenance" {
                    description
                        "This indicates that this version is considered
                         to be for maintenance purposes.";
                }
            }
            description
                "This defines the type of this version's release.";
        }
        leaf supa-policy-metadata-version-rel-type-num {
            type string;
            description
                "This contains a string (typically representing an
                 integer in the overall version format) that indicates
                 a significant increase in functionality is present in
                 this version.";
        }
        description
            "This is a concrete class that defines metadata for version
             control information that can be added to a SUPA Policy
             object. This is done using the SUPAHasPolicyMetadata
             aggregation.";
    }




Halpern, et al.          Expires October 29, 2016             [Page 36]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


    container supa-policy-metadata-decorator-version-container {
        description
            "This is a container to collect all object instances of
             type SUPAPolicyVersionMetadataDef.";
        list supa-policy-metadata-decorator-version-list {
            key supa-policy-metadata-id;
            uses supa-policy-metadata-decorator-type;
            description
                "A list of all supa-policy-metadata-decorator-version
                instances in the system. Instances of subclasses
                will be in a separate list.";
        }
    }

    identity SUPA-HAS-POLICY-METADATA-ASSOC {
        description
            "The identity corresponding to a
             SUPAHasPolicyMetadataDetail association class
             object instance.";
    }

    grouping supa-has-policy-metadata-detail {
        leaf supa-policy-ID {
            type string;
            description
                "This is a globally unique ID for this association
                 instance in the overall policy system.";
        }
        leaf entity-class {
            type identityref {
                base SUPA-HAS-POLICY-METADATA-ASSOC;
            }
            default SUPA-HAS-POLICY-METADATA-ASSOC;
            description
                "The identifier of the class of this assocation.";
        }
        leaf supa-has-policy-metadata-object-ptr {
            type instance-identifier;
            must "derived-from-or-self (deref(.)/entity-class,
                  POLICY-OBJECT-TYPE)";
            description
                "This is a reference from the SUPAPolicyObject object
                 instance that is aggregating SUPAPolicyMetadata object
                 instances using the SUPAHasPolicyMetadata aggregation.
                 This SUPAPolicyMetadataDetail association class is
                 used to define part of the semantics of the
                 SUPAHasPolicyMetadata aggregation. For example, it can
                 define which SUPAPolicyMetadata object instances can
                 be aggregated by this particular SUPAPolicyObject
                 object instance.";
        }

Halpern, et al.          Expires October 29, 2016             [Page 37]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


        leaf supa-has-policy-metadata-ptr {
            type instance-identifier;
            must "derived-from-or-self (deref(.)/entity-class,
                  POLICY-METADATA-TYPE)";
            description
                "This is a reference from the SUPAPolicyMetadata object
                 instance(s) that are being aggregated by this
                 SUPAPolicyObject object instance using the
                 SUPAHasPolicyMetadata aggregation. The class
                 SUPAPolicyMetadataDetail association class is used to
                 define part of the semantics of the
                 SUPAHasPolicyMetadata aggregation. For example, it can
                 define which SUPAPolicyMetadata object instances can
                 be aggregated by this particular SUPAPolicyObject
                 object instance.";
        }
        leaf supa-policy-metadata-detail-is-applicable {
            type boolean;
            description
                "This attributes controls whether the associated
                 metadata is currently considered applciable to this
                 policy object; this enables metadata to be turned on
                 and off when needed without disturbing the structure
                 of the object that the metadata applies to.";
        }
        leaf-list supa-policy-metadata-detail-constraint {
            type string;
            description
                "A list of constraints, expressed as strings
                in the language defined by the
                supa-policy-metadata-detail-encoding.";
        }
        leaf supa-policy-metadata-detail-encoding {
            type string;
            description
                "The langauge used to encode the constraints
                relevant to the relationship between the metadata
                and the underlying policy object.";
        }
        description
            "This is a concrete association class that defines the
             semantics of the SUPAPolicyMetadata aggregation. This
             enables the attributes and relationships of the
             SUPAPolicyMetadataDetail class to be used to constrain
             which SUPAPolicyMetadata objects can be aggregated by
             this particular SUPAPolicyObject instance.";
    }





Halpern, et al.          Expires October 29, 2016             [Page 38]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


    container supa-policy-metadata-detail-container {
        description
            "This is a container to collect all object instances of
             type SUPAPolicyMetadataDetail.";
        list supa-policy-metadata-detail-list {
            key supa-policy-ID;
            uses supa-has-policy-metadata-detail;
            description
                "This is a list of all supa-policy-metadata-detail
                instances in the system.  Instances of subclasses
                will be in a separate list.
                Note that this policy is made concrete for exemplary
                purposes.  To be useful, it almost certainly needs
                refinement.";
        }
    }

    identity SUPA-HAS-POLICY-COMPONENT-DECORATOR-ASSOC {
        description
            "The identity corresponding to a SUPAHasMetadataDecorator
             association class object instance.";
    }

    grouping supa-has-decorator-policy-component-detail {
        leaf supa-policy-ID {
            type string;
            description
                "This is a globally unique ID for this association
                 instance in the overall policy system.";
        }
        leaf entity-class {
            type identityref {
                base SUPA-HAS-POLICY-COMPONENT-DECORATOR-ASSOC;
            }
            default SUPA-HAS-POLICY-COMPONENT-DECORATOR-ASSOC;
            description
                "The identifier of the class of this assocation.";
        }
        leaf supa-policy-component-decorator-ptr {
            type instance-identifier;
             must "derived-from-or-self (deref(.)/entity-class,
                   SUPA-POLICY-COMPONENT-DECORATOR-TYPE)";
            description
                "This associates the SUPAPolicyComponentStructure
                 object instance participating in a
                 SUPAHasDecoratedPolicyComponent aggregation to the
                 SUPAHasDecoratedPolicyComponentDetail association
                 class that provides the semantics of this aggregation.
                 This defines the object class that this
                 instance-identifier points to.";
        }

Halpern, et al.          Expires October 29, 2016             [Page 39]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


        leaf supa-policy-component-ptr {
            type instance-identifier;
             must "derived-from-or-self (deref(.)/entity-class,
                   SUPA-POLICY-COMPONENT-TYPE)";
            description
                "This associates the SUPAPolicyComponentDecorator
                 object instance participating in a
                 SUPAHasDecoratedPolicyComponent aggregation to the
                 SUPAHasDecoratedPolicyComponentDetail association
                 class that provides the semantics of this aggregation.
                 This defines the object class that this
                 instance-identifier points to.";
        }
        leaf-list supa-has-decorator-constraint {
            type string;
            description
                "A constraint expression applying to this association
                 between a policy component decorator and the
                 decorated component.";
        }
        leaf supa-has-decorator-constraint-encoding {
            type string;
            description
                "The language in which the constraints on the
                 policy component-decoration is expressed.";
        }
        description
            "This is a concrete association class that defines the
             semantics of the SUPAHasDecoratedPolicyComponent
             aggregation. The purpose of this class is to use the
             Decorator pattern to detemine which
             SUPAPolicyComponentDecorator object instances, if any,
             are required to augment the functionality of the concrete
             subclass of SUPAPolicyClause that is being used.";
    }

    container supa-policy-component-decorator-detail-container {
        description
            "This is a container to collect all object instances of
             type SUPAPolicyComponentDecoratorDetail.";
        list supa-policy-component-decorator-detail-list {
            key supa-policy-ID;
            uses supa-has-decorator-policy-component-detail;
            description
                "This is a list of all
                 supa-policy-component-decorator-details.";
        }
    }




Halpern, et al.          Expires October 29, 2016             [Page 40]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016

    identity SUPA-HAS-POLICY-SOURCE-ASSOC {
        description
            "The identity corresponding to a SUPAHasPolicySource
             association class object instance.";
    }

    grouping supa-has-policy-source-detail {
        leaf supa-policy-ID {
            type string;
            description
                "This is a globally unique ID for this association
                 instance in the overall policy system.";
        }
        leaf entity-class {
            type identityref {
                base SUPA-HAS-POLICY-SOURCE-ASSOC;
            }
            default SUPA-HAS-POLICY-SOURCE-ASSOC;
            description
                "The identifier of the class of this assocation.";
        }
        leaf supa-policy-source-structure-ptr {
            type instance-identifier;
            must "derived-from-or-self (deref(.)/entity-class,
                  POLICY-STRUCTURE-TYPE)";
            description
                "This associates the SUPAPolicyStructure object
                 instance participating in a SUPAHasPolicySource
                 aggregation to the SUPAHasPolicySourceDetail
                 association class that provides the semantics of
                 this aggregation. This defines the object class
                 that this instance-identifier points to.";
        }
        leaf supa-policy-source-ptr {
            type instance-identifier;
             must "derived-from-or-self (deref(.)/entity-class,
                   SUPA-POLICY-SOURCE-TYPE)";
            description
                "This associates the SUPAPolicySource object
                 instance participating in a SUPAHasPolicySource
                 aggregation to the SUPAHasPolicySourceDetail
                 association class that provides the semantics of
                 this aggregation. This defines the object class
                 that this instance-identifier points to.";
        }
        leaf supa-policy-source-is-authenticated {
            type boolean;
            description
                "If the value of this attribute is true, then this
                 SUPAPolicySource object has been authenticated by
                 this particular SUPAPolicyStructure object.";
        }

Halpern, et al.          Expires October 29, 2016             [Page 41]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


        leaf supa-policy-source-is-trusted {
            type boolean;
            description
                "If the value of this attribute is true, then this
                 SUPAPolicySource object has been verified to be
                 trusted by this particular SUPAPolicyStructure
                 object.";
        }
        description
            "This is an association class, and defines the semantics of
             the SUPAHasPolicySource aggregation. The attributes and
             relationships of this class can be used to define which
             SUPAPolicySource objects can be attached to which
             particular set of SUPAPolicyStructure objects.";
    }

    container supa-policy-source-detail-container {
    description
            "This is a container to collect all object instances of
             type SUPAPolicySourceDetail.";
        list supa-policy-source-detail-list {
            key supa-policy-ID;
            uses supa-has-policy-source-detail;
            description
                "This is a list of all supa-policy-source-detail
                 objects.";
        }
    }

    identity SUPA-HAS-POLICY-TARGET-ASSOC {
        description
            "The identity corresponding to a SUPAHasPolicyTarget
             association class object instance.";
    }

    grouping supa-has-policy-target-detail {
        leaf supa-policy-ID {
            type string;
            description
                "This is a globally unique ID for this association
                 instance in the overall policy system.";
        }
        leaf entity-class {
            type identityref {
                base SUPA-HAS-POLICY-TARGET-ASSOC;
            }
            default SUPA-HAS-POLICY-TARGET-ASSOC;
            description
                "The identifier of the class of this assocation.";
        }


Halpern, et al.          Expires October 29, 2016             [Page 42]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


        leaf supa-policy-target-structure-ptr {
            type instance-identifier;
             must "derived-from-or-self (deref(.)/entity-class,
                   POLICY-STRUCTURE-TYPE)";
            description
                "This associates the SUPAPolicyStructure object
                 instance participating in a SUPAHasPolicyTarget
                 aggregation to the SUPAHasPolicyTargetDetail
                 association class that provides the semantics of
                 this aggregation. This defines the object class
                 that this instance-identifier points to.";
        }
        leaf supa-policy-target-ptr {
            type instance-identifier;
             must "derived-from-or-self (deref(.)/entity-class,
                   SUPA-POLICY-TARGET-TYPE)";
            description
                "This associates the SUPAPolicyTarget object
                 instance participating in a SUPAHasPolicyTarget
                 aggregation to the SUPAHasPolicyTargetDetail
                 association class that provides the semantics of
                 this aggregation. This defines the object class
                 that this instance-identifier points to.";
        }
        leaf supa-policy-source-is-authenticated {
            type boolean;
            description
                "If the value of this attribute is true, then this
                 SUPAPolicyTarget object has been authenticated by
                 this particular SUPAPolicyStructure object.";
        }
        leaf supa-policy-source-is-enabled {
            type boolean;
            description
                "If the value of this attribute is true, then this
                 SUPAPolicyTarget object is able to be used as a
                 SUPAPolicyTarget. This means that it has agreed to
                 play the role of a SUPAPolicyTarget, and that it is
                 able to either process (directly or with the aid of a
                 proxy) SUPAPolicies, or receive the results of a
                 processed SUPAPolicy and apply those results to
                 itself.";
        }
        description
            "This is an association class, and defines the semantics of
             the SUPAHasPolicyTarget aggregation. The attributes and
             relationships of this class can be used to define which
             SUPAPolicyTarget objects can be attached to which
             particular set of SUPAPolicyStructure objects.";
    }


Halpern, et al.          Expires October 29, 2016             [Page 43]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


    container supa-policy-target-detail-container {
    description
            "This is a container to collect all object instances of
             type SUPAPolicyTargetDetail.";
        list supa-policy-target-detail-list {
            key supa-policy-ID;
            uses supa-has-policy-target-detail;
            description
                "This is a list of all supa-policy-target-detail
                 objects.";
        }
    }

    identity SUPA-HAS-POLICY-CLAUSE-ASSOC {
        description
            "The identity corresponding to a SUPAHasPolicyClause
             association class object instance.";
    }

    grouping supa-has-policy-clause-detail {
        leaf supa-policy-ID {
            type string;
            description
                "This is a globally unique ID for this association
                 instance in the overall policy system.";
        }
        leaf entity-class {
            type identityref {
                base SUPA-HAS-POLICY-CLAUSE-ASSOC;
            }
            default SUPA-HAS-POLICY-CLAUSE-ASSOC;
            description
                "The identifier of the class of this assocation.";
        }
        leaf supa-policy-clause-structure-ptr {
            type instance-identifier;
             must "derived-from-or-self (deref(.)/entity-class,
                   POLICY-STRUCTURE-TYPE)";
            description
                "This associates the SUPAPolicyStructure object
                 instance participating in a SUPAHasPolicyClause
                 aggregation to the SUPAHasPolicyClauseDetail
                 association class that provides the semantics of
                 this aggregation. This defines the object class
                 that this instance-identifier points to.";
        }
        leaf supa-policy-clause-ptr {
            type instance-identifier;
            must "derived-from-or-self (deref(.)/entity-class,
                   SUPA-POLICY-CLAUSE-TYPE)";


Halpern, et al.          Expires October 29, 2016             [Page 44]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016

            description
                "This associates the SUPAPolicyClause object
                 instance participating in a SUPAHasPolicyClause
                 aggregation to the SUPAHasPolicyClauseDetail
                 association class that provides the semantics of
                 this aggregation. This defines the object class
                 that this instance-identifier points to.";
        }
        description
            "This is an association class, and defines the semantics of
             the SUPAHasPolicyClause aggregation. The attributes and
             relationships of this class can be used to define which
             SUPAPolicyTarget objects can be attached to which
             particular set of SUPAPolicyStructure objects.
             Every SUPAPolicyStructure object instance MUST aggregate
             at least one SUPAPolicyClause object instance. However,
             the converse is NOT true. For example, a SUPAPolicyClause
             could be instantiated and then stored for later use in a
             policy repository.";
    }

    container supa-policy-clause-detail-container {
        description
            "This is a container to collect all object instances of
             type SUPAPolicyClauseDetail.";
        list supa-policy-clause-detail-list {
            key supa-policy-ID;
            uses supa-has-policy-clause-detail;
            description
                "This is a list of all supa-policy-clause-detail
                 objects.";
        }
    }

    identity SUPA-HAS-POLICY-EXEC-ACTION-ASSOC {
        description
            "The identity corresponding to a
             SUPAHasPolExecFailActionToTake association class
             object instance.";
    }

    grouping supa-has-policy-exec-action-detail {
        leaf supa-policy-ID {
            type string;
            description
                "This is a globally unique ID for this association
                 instance in the overall policy system.";
        }
        leaf entity-class {
            type identityref {
                base SUPA-HAS-POLICY-EXEC-ACTION-ASSOC;
            }

Halpern, et al.          Expires October 29, 2016             [Page 45]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


            default SUPA-HAS-POLICY-EXEC-ACTION-ASSOC;
            description
                "The identifier of the class of this assocation.";
        }
        leaf supa-policy-structure-action-src-ptr {
            type instance-identifier;
            must "derived-from-or-self (deref(.)/entity-class,
                  POLICY-STRUCTURE-TYPE)";
            description
                "This associates the SUPAPolicyStructure object
                 instance participating in a
                 SUPAHasPolExecFailActionToTake association to the
                 SUPAHasPolExecFailActionToTakeDetail association
                 class that provides the semantics of this
                 aggregation. This defines the object class that
                 this instance-identifier points to.";
        }
        leaf supa-policy-structure-action-dst-ptr {
            type instance-identifier;
            must "derived-from-or-self (deref(.)/entity-class,
                  POLICY-STRUCTURE-TYPE)";
            description
                "This associates a SUPAPolicyAction object
                 instance participating in a
                 SUPAHasPolExecFailActionToTake association to the
                 SUPAHasPolExecFailActionToTakeDetail association
                 class that provides the semantics of this
                 aggregation. This defines the object class that
                 this instance-identifier points to.";
        }
        leaf supa-policy-exec-fail-take-action-encoding {
            type policy-data-type-id-encoding-list;
            description
                "This defines how to find the set of SUPA Policy
                 Action objects contained in each element of the
                 supa-policy-exec-fail-take-action-name attribute
                 object.";
        }
        leaf-list supa-policy-exec-fail-take-action-name {
            type string;
            description
                "This identifies the set of SUPA Policy Actions to take
                 if the SUPAPolicyStructure object that owns this
                 association failed to execute properly. The
                 interpretation of this string attribute is defined by
                 the supa-policy-exec-fail-take-action-encoding class
                 attribute.";
        }




Halpern, et al.          Expires October 29, 2016             [Page 46]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


        description
            "This is an association class, and defines the semantics of
             the SUPAHasPolExecFailTakeAction association. The
             attributes and relationships of this class can be used to
             determine which SUPA Policy Action objects are executed in
             response to a failure of the SUPAPolicyStructure object
             instance that owns this association.";
    }

    container supa-policy-exec-fail-take-action-detail-container {
        description
            "This is a container to collect all object instances of
             type SUPAPolExecFailActionToTakeDetail.";
        list supa-policy-exec-fail-take-action-detail-list {
            key supa-policy-ID;
            uses supa-has-policy-exec-action-detail;
            description
                "This is a list of all
                 supa-has-policy-exec-action-detail objects.";
        }
    }
}

<CODE ENDS>




6. IANA Considerations

   No IANA considerations exist for this document.


7. Security Considerations

   TBD


8. Acknowledgments

   This document has benefited from reviews, suggestions, comments
   and proposed text provided by the following members, listed in
   alphabetical order:  Qin Wu.


9. References

   This section defines normative and informative references for this
   document.



Halpern, et al.          Expires October 29, 2016             [Page 47]


Internet-Draft      SUPA Generic Policy YANG Data Model      April 2016


9.1. Normative References

    [RFC2119]   Bradner, S., "Key words for use in RFCs to Indicate
                Requirement Levels", BCP 14, RFC 2119, March 1997.

    [RFC6020]   Bjorklund, M., "YANG - A Data Modeling Language for
                the Network Configuration Protocol (NETCONF)",
                RFC 6020, October 2010.

    [RFC6991]   Schoenwaelder, J., "Common YANG Data Types", RFC 6991,
                July 2013.


9.2. Informative References

    [1]         Strassner, J., Halpern, J., Coleman, J., "Generic
                Policy Information Model for Simplified Use of Policy
                Abstractions (SUPA)",
                draft-strassner-supa-generic-policy-info-model-05
                March 21, 2016


Authors' Addresses

   Joel Halpern
   Ericsson
   P. O. Box 6049
   Leesburg, VA 20178
   Email:  joel.halpern@ericsson.com

   John Strassner
   Huawei Technologies
   2330 Central Expressway
   Santa Clara, CA  95138  USA
   Email: john.sc.strassner@huawei.com

















Halpern, et al.          Expires October 29, 2016             [Page 48]