Hi Frank, In the I2NSF framework, the basic purpose of the registration interface is to register an NSF into the system. In addition to this purpose, however, the registration interface can be also utilized for dynamic life cycle management of NSFs. For example, the security controller can request the developer's management system (DMS) to create a new NSF instance. The registration interface DM defines the data model that is required to enable this additional functionality of the registration interface.
On the other hand, the capability DM can be used to describe the security capability of a new NSF instance to be created by the DMS along with its location and IT resources. Thanks. Best Regards, Paul On Wed, Jul 12, 2017 at 6:54 PM, Xialiang (Frank) <[email protected] > wrote: > Hi Paul, > > Thanks for your clear clarification. I share the same idea with you. > > Actually, in the latest draft-xibassnez-i2nsf-capability, we have > separated capability and security policy information model distinctly. > > > > So, my further question is what is the relationship between the capability > DM draft and registration interface DM? > > > > Thanks! > > > > B.R. > > Frank > > > > *发件人:* I2nsf [mailto:[email protected]] *代表 *Mr. Jaehoon Paul Jeong > *发送时间:* 2017年7月10日 23:21 > *收件人:* Linda Dunbar > *抄送:* [email protected]; Adrian Farrel; [email protected] > *主题:* Re: [I2nsf] relationship between > draft-hares-i2nsf-capability-data-model-03 > & draft-kim-i2nsf-nsf-facing-interface-data-model-02? (was RE: Request > for Timeslots in I2NSF WG Meeting > > > > Hi Linda, > > Here is the clarification between NSF-facing interface YANG data model and > Capability YANG data model. > > > > NSF-facing YANG data model is used to configure the rules of a policy into > NSFs. > > This YANG data model is a standard interface for Security Controller to > manipulate NSFs > > developed by various vendors. > > > > Capability YANG data model is used to retrieve capability information of > an NSF. > > For example, after an NSF for network security control (i.e., firewall) > inspects a packet and > > needs an additional security function such as deep packet inspection > (DPI), > > it can ask Security Controller the location of such an additional security > function and > > the corresponding IT resources with the Capability YANG data model. > > > > In summary, Capability YANG data model is used to query the capability > information of > > a requested NSF and NSF-facing YANG data model is used to configure the > rules of > > a policy (e.g., add/delete/update/read) based on an ECA paradigm. > > > > Thus, since these two models have different purposes, I think that we need > to have two YANG drafts. > > > > Thanks. > > > > Best Regards, > > Paul > > > > On Sat, Jul 8, 2017 at 8:24 AM, Linda Dunbar <[email protected]> > wrote: > > Paul and Sue: > > > > You requested slots for both draft-hares-i2nsf-capability-data-model-03 & > draft-kim-i2nsf-nsf-facing-interface-data-model-02. > > > > The abstract of draft-kim-i2nsf-nsf-facing-interface-data-model-02 stated > that the draft defines the data model for network security functions), such > as network security control, content security control, and attack > mitigation control,.. > > > > The draft-hares-i2nsf-capability-data-model-03 has specified the > High-Level YANG for Network Security Control, Content Security Control and > Attack Mitigation Control. > > > > How are those two drafts related? I have a vague memory that those two > drafts are to be merged, are they? > > > > Thank you very much, > > > > Linda > > > > > > *From:* Mr. Jaehoon Paul Jeong [mailto:[email protected]] > *Sent:* Thursday, July 06, 2017 7:54 AM > *To:* Linda Dunbar <[email protected]>; Adrian Farrel < > [email protected]> > *Cc:* [email protected]; [email protected] > *Subject:* Request for Timeslots in I2NSF WG Meeting > > > > Hi Linda and Adrian, > > I would like to ask the timeslots for our 7 drafts as follows: > > > > draft-hares-i2nsf-capability-data-model-03 > > - Presenter: Sue Hares > > - Time: 10 min > > > > draft-kim-i2nsf-nsf-facing-interface-data-model-02 > > - Presenter: Jaehoon Paul Jeong > > - Time: 10 min > > > > draft-jeong-i2nsf-consumer-facing-interface-dm-02 > > - Presenter: Jaehoon Paul Jeong > > - Time: 10 min > > > > draft-jeong-i2nsf-applicability-00 > > - Presenter: Jaehoon Paul Jeong > > - Time: 15 min > > > > draft-hyun-i2nsf-nsf-triggered-steering-03 > > - Presenter: Sangwon Hyun > > - Time: 10 min > > > > draft-hyun-i2nsf-registration-interface-im-02 > > draft-hyun-i2nsf-registration-interface-dm-01 > > - Presenter: Sangwon Hyun > > - Time: 10 min > > > > Thanks. > > > > Best Regards, > > Paul > > -- > > =========================== > Mr. Jaehoon (Paul) Jeong, Ph.D. > Assistant Professor > Department of Software > Sungkyunkwan University > Office: +82-31-299-4957 > Email: [email protected], [email protected] > Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php > <http://cpslab.skku.edu/people-jaehoon-jeong.php> > > > _______________________________________________ > I2nsf mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/i2nsf > > > > > > -- > > =========================== > Mr. Jaehoon (Paul) Jeong, Ph.D. > Assistant Professor > Department of Software > Sungkyunkwan University > Office: +82-31-299-4957 > Email: [email protected], [email protected] > Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php > <http://cpslab.skku.edu/people-jaehoon-jeong.php> > -- =========================== Mr. Jaehoon (Paul) Jeong, Ph.D. Assistant Professor Department of Software Sungkyunkwan University Office: +82-31-299-4957 Email: [email protected], [email protected] Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php <http://cpslab.skku.edu/people-jaehoon-jeong.php>
_______________________________________________ I2nsf mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2nsf
