Policy Based Architecture for Class Based QoS Suppo

The main objective of the IETF differentiated services (DiffServ) model is to allow the support on the Internet of different levels of service to different sessions and information flows, aggregated in a few number of traffic classes. This model shows some security limitations that are inherent to the DiffServ model. This paper proposes an architecture for authentication, authorization, admission control and accounting (AAAA) of QoS client applications with dynamic identification of sessions and flows, based on the PBN paradigm. The proposal functionalities are described and analyzed in some detail, focusing on a set of extensions to the common information model of the DMTF. The paper ends with the discussion of the main advantages of the proposal over existing solutions

[1]  Louis-Nicolas Hamer,et al.  Session Authorization Policy Element , 2003, RFC.

[2]  Andrea Westerinen,et al.  Policy Core Information Model - Version 1 Specification , 2001, RFC.

[3]  Emil C. Lupu,et al.  PONDER policy implementation and validation in a CIM and differentiated services framework , 2004, 2004 IEEE/IFIP Network Operations and Management Symposium (IEEE Cat. No.04CH37507).

[4]  David L. Black,et al.  An Architecture for Differentiated Service , 1998 .

[5]  Stephen T. Kent,et al.  IP Authentication Header , 1995, RFC.

[6]  A. Striegel,et al.  Security Issues in a Differentiated Services Internet , 2002 .

[7]  Ian T. Foster,et al.  End-to-end provision of policy information for network QoS , 2001, Proceedings 10th IEEE International Symposium on High Performance Distributed Computing.

[8]  Bob Moore Policy Core Information Model (PCIM) Extensions , 2003, RFC.

[9]  John Strassner,et al.  Policy Quality of Service (QoS) Information Model , 2003, RFC.

[10]  Randall J. Atkinson,et al.  IP Encapsulating Security Payload (ESP) , 1995, RFC.

[11]  David L. Black,et al.  Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers , 1998, RFC.

[12]  Zheng Wang,et al.  An Architecture for Differentiated Services , 1998, RFC.

[13]  Winston Bumpus,et al.  Common Information Model: Implementing the Object Model for Enterprise Management , 1999 .

[14]  Edmundo Monteiro,et al.  Authentication, Authorization, Admission, and Accounting for QoS Applications , 2004, ECUMN.