China
Africa
Explore chapters and articles related to this topic
Review of the Standardization Work for Next Generation Networks
Published in Thierry Van De Velde, Value-Added Services for Next Generation Networks, 2007
In the 3GPP IMS, the P-CSCF contains a Policy Decision Function (PDF), which can instruct the access network node (Gateway GPRS Support Node, Mobile IP Home Agent or Broadband Remote Access Server) to apply a given IP Quality of Service (IP QoS) via Common Open Policy Service (COPS) protocol on the Go interface. This is the COPS response to an initial query by the GGSN.*
A PBNM and economic incentive-based defensive mechanism against DDoS attacks
Published in Enterprise Information Systems, 2022
A PBNM system is composed of policy editor, policy enforcement point (PEP), policy decision point (PDP), policy negotiation proxy and policy repository (Verma 2002; Pérez et al. 2006). Figure 1 shows the various modules of PBNM architecture. Now, we discuss how these components work and how can we embed PBNM in our proposed model. Policy editor: Policy editor is a console through which administrator writes policies for his organisation. Administrator defines functionalities of every device by writing policies. Policy editor provides policy modification, policy validation and policy translation functions. Through policy editor, administrator defines conditions and the actions that need to be taken when the system encounter specified conditions. An administrator can define how resources are used during attack time through policy editor. Policies must be defined in such a way that each policy correlates users, applications, business profit and market variables. All policies are written in XML (Xtensible Markup language) to make the system independent of different policies created by different users.PEP: PEP is an agent running on a device like router or firewall which enforces a decision made by PDP. This module basically runs policies stored in policy repository. A system implementing PBNM can have more than one PEP. In our proposed approach, front-end broker (FEB), directory manager, payment infrastructure, classifier node and metering node act as PEPs. PDP and PEP communicate through COPS-PR protocol, i.e. common open policy service- policy provisioning protocol. This protocol is responsible to provision PEP through PDP and to enforce instructions stored in policy repository. COPS-PR helps in translating business-level policies stored in policy repository to device-level instructions. Earlier, SNMP and CLI were used instead of COPS-PR. But SNMP and CLI have become obsolete due to low-level granularity.PDP: PDP is an agent in PBNM that makes a decision based on rules and the state of the network. After making the decision, it instructs PEP to enforce the decision. It is the PDP unit that translates the policies present in the repository and passes them to PEP. PDP communicates with policy repository through HTTP and XPATH.Policy repository (PR): PR is the storage of policies created by all authorised users of a particular network. Policies are expressed in XML to make the proposed architecture independent of the type of policies; hence, we have used HTTP XPATH to access policies stored in PR. Here, PR is an XML database server.