datatracker.ietf.org
Sign in
Version 5.12.0.p2, 2015-03-02
Report a bug

Policy, Authorization, and Enforcement Requirements of the Open Pluggable Edge Services (OPES)
RFC 3838

Document type: RFC - Informational (August 2004; No errata)
Document stream: IETF
Last updated: 2013-03-02
Other versions: plain text, pdf, html

IETF State: (None)
Consensus: Unknown
Document shepherd: No shepherd assigned

IESG State: RFC 3838 (Informational)
Responsible AD: Ted Hardie
Send notices to: <mrose+mtr.ietf@dbc.mtview.ca.us>, <hofmann@bell-labs.com>

Network Working Group                                          A. Barbir
Request for Comments: 3838                               Nortel Networks
Category: Informational                                       O. Batuner
                                                              Consultant
                                                                 A. Beck
                                                     Lucent Technologies
                                                                 T. Chan
                                                                   Nokia
                                                                H. Orman
                                               Purple Streak Development
                                                             August 2004

          Policy, Authorization, and Enforcement Requirements
               of the Open Pluggable Edge Services (OPES)

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2004).

Abstract

   This document describes policy, authorization, and enforcement
   requirements for the selection of the services to be applied to a
   given Open Pluggable Edge Services (OPES) flow.

Barbir, et al.               Informational                      [Page 1]
RFC 3838                OPES Policy Requirements             August 2004

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3
   2.  Terminology  . . . . . . . . . . . . . . . . . . . . . . . . .  3
   3.  Policy Architecture  . . . . . . . . . . . . . . . . . . . . .  4
       3.1.  Policy Components and Functions  . . . . . . . . . . . .  4
       3.2.  Requirements for Policy Decision Points. . . . . . . . .  5
       3.3.  Requirements for Policy Enforcement Points . . . . . . .  5
   4.  Requirements for Interfaces  . . . . . . . . . . . . . . . . .  6
       4.1.  Service Bindings Requirements  . . . . . . . . . . . . .  7
             4.1.1.  Environment Variables  . . . . . . . . . . . . .  7
             4.1.2.  Requirements for Using State Information . . . .  8
             4.1.3.  Requirements for Passing Information Between
                     Services . . . . . . . . . . . . . . . . . . . .  8
       4.2.  Requirements for Rule and Rules Management . . . . . . .  8
             4.2.1.  Requirements for Rule Providers  . . . . . . . .  8
             4.2.2.  Requirements for Rule Formats and Protocols  . .  9
             4.2.3.  Requirements for Rule Conditions . . . . . . . .  9
             4.2.4.  Requirements for Rule Actions  . . . . . . . . .  9
       4.3.  Requirements for Policy Expression . . . . . . . . . . . 10
   5.  Authentication of Principals and Authorization of Services . . 10
       5.1.  End users, Publishers and Other Considerations . . . . . 11
             5.1.1.  Considerations for End Users . . . . . . . . . . 11
             5.1.2.  Considerations for Publishing Sites. . . . . . . 12
             5.1.3.  Other Considerations . . . . . . . . . . . . . . 12
       5.2.  Authentication . . . . . . . . . . . . . . . . . . . . . 12
       5.3.  Authorization  . . . . . . . . . . . . . . . . . . . . . 13
       5.4.  Integrity and Encryption . . . . . . . . . . . . . . . . 14
             5.4.1.  Integrity and Confidentiality of Authentication
                     and Requests/Responses for Service . . . . . . . 14
             5.4.2.  Integrity and Confidentiality of Application
                     Content  . . . . . . . . . . . . . . . . . . . . 14
       5.5.  Privacy. . . . . . . . . . . . . . . . . . . . . . . . . 14
   6.  Security Considerations  . . . . . . . . . . . . . . . . . . . 15
   7.  References . . . . . . . . . . . . . . . . . . . . . . . . . . 15
       7.1.  Normative References . . . . . . . . . . . . . . . . . . 15
       7.2.  Informative References . . . . . . . . . . . . . . . . . 15
   8.  Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 16
   9.  Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 16
   10. Full Copyright Statement . . . . . . . . . . . . . . . . . . . 17

Barbir, et al.               Informational                      [Page 2]
RFC 3838                OPES Policy Requirements             August 2004

1.  Introduction

   The Open Pluggable Edge Services (OPES) [1]  architecture enables
   cooperative application services (OPES services) between a data
   provider, a data consumer, and zero or more OPES processors.  The
   application services under consideration analyze and possibly
   transform application-level messages exchanged between the data

[include full document text]