Internet Engineering Task Force                Kwok Ho Chan
 RAP Working Group                              Nortel Networks
 Internet-Draft
 Expiration: February 2002                      
 draft-ietf-rap-cops-frwk-00.txt                





An Architecture for COPS Based Policy Control
 Management Framework

Last Updated: 7/13/01



Status of this Memo

This document is an Internet-Draft and is in full conformance with 
all provisions of Section 10 of RFC2026.

Internet-Drafts are working documents of the Internet Engineering 
Task Force (IETF), its areas, and its working groups.  Note that 
other groups may also distribute working documents as Internet-
Drafts.

Internet-Drafts are draft documents valid for a maximum of six 
months and may be updated, replaced, or obsoleted by other documents 
at any time.  It is inappropriate to use Internet-Drafts as 
reference material or to cite them other than as "work in progress."

The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt

The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.


Conventions used in this document

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 
"SHOULD", "SHOULD NOT", "RECOMMENDED",  "MAY", and "OPTIONAL" in 
this document are to be interpreted as described in [RFC-2119].



Status of this Memo	1
Conventions used in this document	1
Abstract	3
1. Introduction	3
2. Architecture Overview	3
2.1 Policy Controlled Management System Units	3
2.2 Policy Controlled Management System Data Models	4
3. Policy Decision Point	4
3.1 Message Processing	4
3.2 Security	4
3.3 Framework Data Model	4
3.4 Application Specific Data Model	4
4. Access Edge Policy Enforcement Point	4
4.1 Message Processing	4
4.2 Security	4
4.3 Framework Data Model	4
4.4 Application Specific Data Model	4
5. Core Policy Enforcement Point	4
5.1 Message Processing	4
5.2 Security	4
5.3 Framework Data Model	4
5.4 Application Specific Data Model	4
6. References	4




Abstract

This document describes an architecture for a COPS based Policy 
Control Management System Framework.  The architecture is designed 
to be modular, allowing future modification and addition to existing 
framework.  The major units of the architecture are the Policy 
Decision Points (PDP), the Access Edge Policy Enforcement Points 
(PEP), the Core Policy Enforcement Points.  With Message Processing 
Subsystem, Security Subsystem, Framework Data Model Subsystem, and 
Application Specific Data Model Subsystem in each PDP and PEP.

This document further provides a high level description of each unit 
and describes the relationship among each unit.  This document also 
describes how the subsystems within each unit interact with each 
other to provide the functionality of a Policy Control Management 
System.


1. Introduction

COPS based Policy Control Management System provides a modular and 
scalable way to management resource access and provisioning.  We 
started with network QoS resources but this is only the initial 
application of COPS based Policy Control.  Other applications 
includes but not limited to:
1.	Network Plumbing Resource
2.	Content Resource

This document provides examples on how Policy Controlled access and 
provisioning can be done for each of the above resources.  Providing 
some solutions for Policy Controlled End-To-End Services.


2. Architecture Overview

The COPS based Policy Control Management System Architecture 
contains two kinds of modular decompositions:
1.	Functional Units
2.	Data Models

As described in more details in the following sub sections.


2.1 Policy Controlled Management System Units

In this architecture, we have broken up the Policy Controlled 
Management System into two functionalities, each handled by the 
functional units:
1.	Policy Decision Point (PDP)
PDPs are the gateways to the centralized policy repository, 
allowing administrative domain wide policy implementation. 
2.	Policy Enforcement Point (PEP)
PEPs are the gateways to the resource being managed and have 
direct interfaces to the resource's control planes.


2.2 Policy Controlled Management System Data Models

In this architecture, the Data Models are tied to the kinds of 
resource being managed, for example:
1.	For Network QoS Resource, the DiffServ PIB Data Model is used.
2.	For Network Plumbing Resource, the TE PIB Data Model is used.

Other Data Models are being defined and more examples will be 
provided as this document is being developed.


3. Policy Decision Point

3.1 Message Processing

3.2 Security

3.3 Framework Data Model

3.4 Application Specific Data Model


4. Access Edge Policy Enforcement Point

4.1 Message Processing

4.2 Security

4.3 Framework Data Model

4.4 Application Specific Data Model


5. Core Policy Enforcement Point

5.1 Message Processing

5.2 Security

5.3 Framework Data Model

5.4 Application Specific Data Model



6. References

[FWPIB] M. Fine, K. McCloghrie, J. Seligson, K. Chan, S. Hahn, R.
        Sahita, A. Smith, F. Reichmeyer, Framework Policy
        Information Base,"
        draft-ietf-rap-frameworkpib-04.txt, March 1, 2001.

[DSPIB] M. Fine, K. McCloghrie, J. Seligson, K. Chan, S. Hahn, C.
        Bell, A. Smith, F. Reichmeyer, "Differentiated
        Services Quality of Service Policy Information Base,"
        draft-ietf-diffserv-pib-03.txt, March 2, 2001.


9. Author Information and Acknowledgments

Kwok Ho Chan
    Nortel Networks
    600 Technology Park Drive
    Billerica, MA 01821
    Phone: 978-288-8175
    E-mail: khchan@nortelnetworks.com

Internet Draft	COPS Framework 	July 2001


 
Chan	Expires February 2002	[Page 3]
 
Chan		[Page 1]