Hi IETF Independent Submission Editor Eliot, I would like to submit two I2NSF Drafts to IETF Independent Submission Stream. Event though the I2NSF WG concluded one year ago, the following drafts are submitted to the IETF Independent Submission Stream because they can complete Security Service Automation based on Intent-Based Networking (IBN) in RFC 9315. This submission was discussed with our I2NSF WG under the guidance of Linda Dunbar (I2NSF WG Chair).
- Security Management Automation of Cloud-Based Security Services in I2NSF Framework . URL: https://datatracker.ietf.org/doc/html/draft-jeong-i2nsf-security-management-automation-08 . Summary: The scope of this document is to propose an extension of the standard I2NSF framework such that it can perform security management automation based on Intent-Based Networking (IBN) in RFC 9315. This document augments the existing I2NSF framework by adding the features of security policy translation, closed-loop security control, and security audit system to it. For this system augmentation, a system component called I2NSF Analyzer and a new external interface called Analytics Interface are introduced for Closed-Loop Security Control on the basis of the analysis of NSF monitoring data. . Purpose: Informational RFC - I2NSF Analytics Interface YANG Data Model . URL: https://datatracker.ietf.org/doc/html/draft-lingga-i2nsf-analytics-interface-dm-04 . Summary: The scope of this document is to propose a YANG data model for a new external interface (called Analytics Interface) between Security Controller in the I2NSF framework and an Analyzer (performing the analysis of NSF monitoring data and the generation of policy reconfiguration and feedback). With this Analytics Interface, the I2NSF framework can perform Security Management Automation in terms of Closed-Loop Security Control. . Purpose: Experimental RFC The two documents of draft-jeong-i2nsf-security-management-automation and draft-lingga-i2nsf-analytics-interface-dm can be published in either conferences or journals. However, the publication of RFCs will let the technologies in these two documents be widely used by the industry because they are Internet Standard Specifications even though they are an Informational RFC and Experimental RFC, respectively. For draft-jeong-i2nsf-security-management-automation, this document is needed to complete the I2NSF Framework in RFC 8329 (Framework for Interface to Network Security Functions) in terms of Security Management Automation based on IBN in RFC 9315 (Intent-Based Networking - Concepts and Definitions). For draft-lingga-i2nsf-analytics-interface-dm, the YANG Data Model of Analytics Interface in draft-jeong-i2nsf-security-management-automation is well-synchronized with other I2NSF YANG Data Models (approved as RFCs) such as Consumer-Facing Interface, NSF-Facing Interface, Registration Interface, and Monitoring Interface. Also, the concept of this YANG data model was proved by the IETF-113 Hackathon Project: https://github.com/jaehoonpaul/i2nsf-framework/tree/master/Hackathon-113 Adrian Farrel reviewed these two drafts and gave me lots of valuable comments. I have tried to address all of his comments on the current versions of the two drafts. Linda (as I2NSF WG Chair) will ask for the YANG doctor review for draft-lingga-i2nsf-analytics-interface-dm soon. I CC Roman Danyliw (as the previous responsible AD) and Paul Wouters (as a possible sponsor AD). If you have questions, please let me know. Thanks for your help and support. Best Regards, Paul -- =========================== Mr. Jaehoon (Paul) Jeong Department of Computer Science and Engineering Sungkyunkwan University Phone: +82-31-299-4957 Email: [email protected], [email protected] URI: http://iotlab.skku.edu/people-jaehoon-jeong.php
_______________________________________________ I2nsf mailing list -- [email protected] To unsubscribe send an email to [email protected]
