Hi all, I have posted a revised i2nsf I-D: - Title An Architecture for Security Management in I2NSF Framework
- File https://tools.ietf.org/html/draft-kim-i2nsf-security-management-architecture-02 - Abstract This document describes an architecture for security management in the Interface to Network Security Functions (I2NSF) framework. This security management architecture consists of I2NSF Client, Security Management System (i.e., Security Controller and Developer's Management System), and Network Security Functions (NSFs) in the I2NSF framework. I2NSF Client consists of Application Logic, Policy Updater, and Event Collector. Security Controller consists of Security Policy Manager and NSF Capability Manager. This document explains their missions and the processing of security management in a high level. It also describes representative use cases, such as security management for the list of malware domains, security management for VoIP-VoLTE and time-dependent access control. This draft will complement the i2nsf framework draft. The changes from the previous version are as follows: o This version reflects the framework for I2NSF in draft-ietf-i2nsf-framework-03. o As a term change, Policy Collector is renamed Event Collector. o A new use case for time-dependent access control is added. o As a logic change, NSF generates an event rather than an updated low-level policy for a new security attack, and then sends it to Security Controller. It will be great for you to give us comments or suggestions. Thanks. Best Regards, Paul -- =========================== Mr. Jaehoon (Paul) Jeong, Ph.D. Assistant Professor Department of Software Sungkyunkwan University Office: +82-31-299-4957 Email: [email protected], [email protected] Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php <http://cpslab.skku.edu/people-jaehoon-jeong.php>
_______________________________________________ I2nsf mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2nsf
