draft-ietf-supa-generic-policy-data-model-02.txt   draft-ietf-supa-generic-policy-data-model-03.txt 
Network Working Group J. Halpern Network Working Group J. Halpern
Internet-Draft Ericsson Internet-Draft Ericsson
Intended status: Informational J. Strassner Intended status: Informational J. Strassner
Expires: April 16, 2017 Huawei Technologies Expires: October 15, 2017 Huawei Technologies
S. Van der Meer S. Van der Meer
Ericsson Ericsson
October 13, 2016 April 15, 2017
Generic Policy Data Model for Generic Policy Data Model for
Simplified Use of Policy Abstractions (SUPA) Simplified Use of Policy Abstractions (SUPA)
draft-ietf-supa-generic-policy-data-model-02 draft-ietf-supa-generic-policy-data-model-03
Abstract Abstract
This document defines two YANG policy data modules. The first is a This document defines two YANG policy data modules. The first is a
generic policy model that is meant to be extended on an application- generic policy model that is meant to be extended on an application-
specific basis. The second is an exemplary extension of the first specific basis. The second is an exemplary extension of the first
generic policy model, and defines rules as event-condition-action generic policy model, and defines rules as event-condition-action
policies. Both models are independent of the level of abstraction of policies. Both models are independent of the level of abstraction of
the content and meaning of a policy. the content and meaning of a policy.
skipping to change at page 1, line 43 skipping to change at page 1, line 43
Internet-Drafts are draft documents valid for a maximum of six Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other months and may be updated, replaced, or obsoleted by other
documents at any time. It is inappropriate to use Internet-Drafts documents at any time. It is inappropriate to use Internet-Drafts
as reference material or to cite them other than as "work in as reference material or to cite them other than as "work in
progress." progress."
This Internet-Draft will expire on April 15, 2017. This Internet-Draft will expire on April 15, 2017.
Copyright Notice Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the Copyright (c) 2017 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this respect to this document. Code Components extracted from this
document must include Simplified BSD License text as described in document must include Simplified BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided Section 4.e of the Trust Legal Provisions and are provided
skipping to change at page 2, line 19 skipping to change at page 2, line 19
3. Terminology .................................................... 3 3. Terminology .................................................... 3
3.1. Acronyms ................................................. 3 3.1. Acronyms ................................................. 3
3.2. Definitions .............................................. 3 3.2. Definitions .............................................. 3
3.3. Symbology ................................................ 5 3.3. Symbology ................................................ 5
4. Design of the SUPA Policy Data Models ......................... 5 4. Design of the SUPA Policy Data Models ......................... 5
4.1. Objectives ............................................... 5 4.1. Objectives ............................................... 5
4.2 Yang Data Model Maintenance ................................ 5 4.2 Yang Data Model Maintenance ................................ 5
4.3 YANG Data Model Overview ................................... 6 4.3 YANG Data Model Overview ................................... 6
4.4. YANG Tree Diagram ........................................ 7 4.4. YANG Tree Diagram ........................................ 7
5. SUPA Policy Data Model YANG Module ............................ 11 5. SUPA Policy Data Model YANG Module ............................ 11
6. IANA Considerations ........................................... 62 6. IANA Considerations ........................................... 63
7. Security Considerations ....................................... 62 7. Security Considerations ....................................... 63
8. Acknowledgments ............................................... 62 8. Acknowledgments ............................................... 63
9. References .................................................... 62 9. References .................................................... 63
9.1. Normative References ..................................... 62 9.1. Normative References ..................................... 63
9.2. Informative References ................................... 63 9.2. Informative References ................................... 63
Authors' Addresses ................................................ 63 Authors' Addresses ................................................ 64
1. Overview 1. Overview
This document defines two YANG [RFC6020] [RFC6991] policy data This document defines two YANG [RFC6020] [RFC6991] policy data
models. The first is a generic policy model that is meant to be models. The first is a generic policy model that is meant to be
extended on an application-specific basis. It is derived from the extended on an application-specific basis. It is derived from the
Generic Policy Information Model (GPIM) defined in [1]. The second Generic Policy Information Model (GPIM) defined in [1]. The second
is an exemplary extension of the first (generic policy) model, and is an exemplary extension of the first (generic policy) model, and
defines policy rules as event-condition-action tuples. Both models defines policy rules as event-condition-action tuples. Both models
are independent of the level of abstraction of the content and are independent of the level of abstraction of the content and
skipping to change at page 13, line 39 skipping to change at page 13, line 39
can be found there. can be found there.
Copyright (c) 2015 IETF Trust and the persons identified Copyright (c) 2015 IETF Trust and the persons identified
as the document authors. All rights reserved. as the document authors. All rights reserved.
Redistribution and use in source and binary forms, with or Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and without modification, is permitted pursuant to, and
subject to the license terms contained in, the Simplified subject to the license terms contained in, the Simplified
BSD License set forth in Section 4.c of the IETF Trust's BSD License set forth in Section 4.c of the IETF Trust's
Legal Provisions Relating to IETF Documents Legal Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info)."; (http://trustee.ietf.org/license-info).";
revision "2016-10-10" { revision "2017-04-15" {
description description
"20161010: Changed back to transitive identities (to "20170415: Updated SUPABooleanClause based on
implementation experience from SNMPO example;
reworded definitions of supaPolMetadataID and
supaEncodedClauseEncoding attribute.
20170117: updated class and attribute names in the YANG
to match those in the IM, except where noted.
20161210: Incorporated input from IISOMI
20161010: Changed back to transitive identities (to
enforce inheritance) after determining that enforce inheritance) after determining that
errors were from a confdc bug. errors were from a confdc bug.
20161008: Fixed errors found in latest pyang compiler 20161008: Fixed errors found in latest pyang compiler
and from YANG Doctors. and from YANG Doctors.
20161001: Minor edits in association definitions. 20161001: Minor edits in association definitions.
20160928: Generated yang tree. 20160928: Generated yang tree.
20160924: Rewrote association documentation; rebuilt 20160924: Rewrote association documentation; rebuilt
how all classes are named for consistency. how all classes are named for consistency.
20160904: Optimization of module by eliminating leaves 20160904: Optimization of module by eliminating leaves
that are not needed; rewrote section 4. that are not needed; rewrote section 4.
20160824: Edits to sync data model to info model. 20160824: Edits to sync data model to info model.
20160720: Conversion to WG draft. Fixed pyang 1.1 20160720: Conversion to WG draft. Fixed pyang 1.1
compilation errors. Fixed must clause derefencing compilation errors. Fixed must clause
used in grouping statements. Reformatted and expanded derefencing used in grouping statements.
descriptions. Fixed various typos. Reformatted and expanded descriptions.
Fixed various typos.
20160321: Initial version."; 20160321: Initial version.";
reference reference
"draft-ietf-supa-policy-data-model-02"; "draft-ietf-supa-policy-data-model-02";
} }
typedef policy-constraint-language-list { typedef policy-constraint-language-list {
type enumeration { type enumeration {
enum "error" { enum "error" {
description description
"This signifies an error state."; "This signifies an error state.";
skipping to change at page 14, line 36 skipping to change at page 14, line 46
enum "OCL2.x" { enum "OCL2.x" {
description description
"Object Constraint Language, v2.0 through 2.3.1 "Object Constraint Language, v2.0 through 2.3.1
[2]."; [2].";
} }
enum "OCL1.x" { enum "OCL1.x" {
description description
"Object Constraint Language, any version prior "Object Constraint Language, any version prior
to v2.0 [3]."; to v2.0 [3].";
} }
enum "QVT1.2R" { enum "QVT1.2 Relational Language" {
description description
"QVT Relational Language [5]."; "QVT Relational Language [5].";
} }
enum "QVT1.2O" { enum "QVT1.2 Operational Language" {
description description
"QVT Operational language [5]."; "QVT Operational Language [5].";
} }
enum "Alloy" { enum "Alloy" {
description description
"A language for defining structures and "A language for defining structures and
and relations using constraints [4]."; and relations using constraints [4].";
} }
enum "Text" {
description
"The constraints are written in plain text.";
}
} }
description description
"The language used to encode the constraints "The language used to encode the constraints that
relevant to the relationship between the metadata relevant to the relationship between the metadata
and the underlying policy object."; and the underlying policy object.";
} }
typedef policy-data-type-id-encoding-list { typedef policy-data-type-id-encoding-list {
type enumeration { type enumeration {
enum "error" { enum "error" {
description description
"This signifies an error state."; "This signifies an error state.";
} }
enum "init" { enum "init" {
description description
"This signifies a generic initialization state."; "This signifies a generic initialization state.";
} }
skipping to change at page 18, line 9 skipping to change at page 18, line 23
// it appears that we cannot put a MUST condition on its definition, // it appears that we cannot put a MUST condition on its definition,
// as the default (actual) value changes for each inherited object. // as the default (actual) value changes for each inherited object.
// Finally, note that since identities are irreflexive, we define a // Finally, note that since identities are irreflexive, we define a
// parent identitym called SUPA-ROOT-TYPE, to serve as the single root // parent identitym called SUPA-ROOT-TYPE, to serve as the single root
// from which all identity statements are derived. // from which all identity statements are derived.
identity SUPA-ROOT-TYPE { identity SUPA-ROOT-TYPE {
description description
"The identity corresponding to a single root for all "The identity corresponding to a single root for all
identities in the SUPA Data Model. Note that section identities in the SUPA Data Model. Note that section
7.18.2 in RFC7950 says that identity derivation is 7.18.2 in [RFC7950] says that identity derivation is
irreflexive (i.e., an identity cannot be derived irreflexive (i.e., an identity cannot be derived
from itself."; from itself.";
} }
identity POLICY-OBJECT-TYPE { identity POLICY-OBJECT-TYPE {
base SUPA-ROOT-TYPE; base SUPA-ROOT-TYPE;
description description
"The identity corresponding to a SUPAPolicyObject "The identity corresponding to a SUPAPolicyObject
object instance."; object instance.";
} }
skipping to change at page 18, line 38 skipping to change at page 19, line 8
"The identifier of the class of this grouping."; "The identifier of the class of this grouping.";
} }
leaf supa-policy-ID { leaf supa-policy-ID {
type string; type string;
mandatory true; mandatory true;
description description
"The string identifier of this policy object, which "The string identifier of this policy object, which
functions as the unique object identifier of this functions as the unique object identifier of this
object instance. This attribute MUST be unique within object instance. This attribute MUST be unique within
the policy system. This attribute is named the policy system. This attribute is named
supaObjectIDContent in [1], and is used with another supaPolObjIDContent in [1], and is used with another
attribute (supaObjectIDEncoding); since the YANG data attribute (supaPolObIDEncoding); since the YANG data
model does not need this genericity, the model does not need this genericity, the
supaObjectIDContent attribute was renamed, and the supaPolObjIDContent attribute was renamed, and the
supaObjectIDEncoding attribute was not mapped."; supaObjectIDEncoding attribute was removed.";
} }
leaf supa-policy-name { leaf supa-policy-name {
type string; type string;
description description
"A human-readable name for this policy object. Note "A human-readable name for this policy object. Note
that this is NOT the object ID."; that this is NOT the object ID.";
} }
leaf supa-policy-object-description { leaf supa-policy-object-description {
type string; type string;
description description
skipping to change at page 24, line 14 skipping to change at page 24, line 21
grouping supa-encoded-clause-type { grouping supa-encoded-clause-type {
uses supa-policy-clause-type { uses supa-policy-clause-type {
refine entity-class { refine entity-class {
default POLICY-ENCODED-CLAUSE-TYPE; default POLICY-ENCODED-CLAUSE-TYPE;
} }
} }
leaf supa-encoded-clause-content { leaf supa-encoded-clause-content {
type string; type string;
mandatory true; mandatory true;
description description
"This defines the content of this SUPAEncodedClause; the "This defines the content of this SUPAEncodedClause.
language used to express this content is defined by the Since the target is YANG, the supaEncodedClauseEncoding
supa-encoded-clause-language attribute."; attribute is NOT required, and therefore, not mapped.";
} }
leaf supa-encoded-clause-language { leaf supa-encoded-clause-language {
type enumeration { type enumeration {
enum "error" { enum "error" {
description description
"This signifies an error state. OAM&P Policies "This signifies an error state. OAM&P Policies
SHOULD NOT use this SUPAEncodedClause if the SHOULD NOT use this SUPAEncodedClause if the
value of this attribute is error."; value of this attribute is error.";
} }
enum "init" { enum "init" {
skipping to change at page 35, line 38 skipping to change at page 35, line 50
leaf-list supa-has-policy-target-agg-ptr { leaf-list supa-has-policy-target-agg-ptr {
type instance-identifier; type instance-identifier;
must "derived-from-or-self (deref(.)/entity-class, must "derived-from-or-self (deref(.)/entity-class,
'SUPA-HAS-POLICY-TARGET-ASSOC')"; 'SUPA-HAS-POLICY-TARGET-ASSOC')";
description description
"This leaf-list holds instance-identifiers that "This leaf-list holds instance-identifiers that
reference SUPAHasPolicyTarget associations [1]. reference SUPAHasPolicyTarget associations [1].
This association is represented by the grouping This association is represented by the grouping
supa-has-policy-target-detail, and describes how supa-has-policy-target-detail, and describes how
this SUPAPolicyStructure instance is related to a this SUPAPolicyStructure instance is related to a
set of SUPAPolicyTarget instances. Each set of SUPAPolicyTarget instances.
SUPAPolicyTarget instance defines a set of
Each SUPAPolicyTarget instance defines a set of
unambiguous managed entities to which this unambiguous managed entities to which this
SUPAPolicy will be applied to. Since this association SUPAPolicy will be applied to. Since this association
class contains attributes, the instance-identifier class contains attributes, the instance-identifier
MUST point to an instance using the grouping MUST point to an instance using the grouping
supa-has-policy-target-detail (which includes supa-has-policy-target-detail (which includes
subclasses of this association class)."; subclasses of this association class).";
} }
leaf-list supa-has-policy-clause-agg-ptr { leaf-list supa-has-policy-clause-agg-ptr {
type instance-identifier; type instance-identifier;
must "derived-from-or-self (deref(.)/entity-class, must "derived-from-or-self (deref(.)/entity-class,
skipping to change at page 37, line 40 skipping to change at page 37, line 54
leaf-list supa-has-policy-source-part-ptr { leaf-list supa-has-policy-source-part-ptr {
type instance-identifier; type instance-identifier;
must "derived-from-or-self (deref(.)/entity-class, must "derived-from-or-self (deref(.)/entity-class,
'SUPA-HAS-POLICY-SOURCE-ASSOC')"; 'SUPA-HAS-POLICY-SOURCE-ASSOC')";
description description
"This leaf-list holds the instance-identifiers that "This leaf-list holds the instance-identifiers that
reference a SUPAHasPolicySource association [1], which reference a SUPAHasPolicySource association [1], which
is represented by the supa-has-policy-source-detail is represented by the supa-has-policy-source-detail
grouping. This association describes how each grouping. This association describes how each
SUPAPolicySource instance is related to this SUPAPolicySource instance is related to this
particular SUPAPolicyStructure instance. Since particular SUPAPolicyStructure instance.
this association class contains attributes, the
Since this association class contains attributes, the
instance-identifier MUST point to an instance using instance-identifier MUST point to an instance using
the grouping supa-has-policy-source-detail (which the grouping supa-has-policy-source-detail (which
includes subclasses of this association class)."; includes subclasses of this association class).";
} }
description description
"This object defines a set of managed entities that "This object defines a set of managed entities that
authored, or are otherwise responsible for, this authored, or are otherwise responsible for, this
SUPAPolicy. Note that a SUPAPolicySource does NOT evaluate SUPAPolicy. Note that a SUPAPolicySource does NOT evaluate
or execute SUPAPolicies. Its primary use is for or execute SUPAPolicies. Its primary use is for
auditability and the implementation of deontic logic (i.e., auditability and the implementation of deontic logic (i.e.,
skipping to change at page 39, line 49 skipping to change at page 40, line 13
} }
leaf supa-policy-metadata-id { leaf supa-policy-metadata-id {
type string; type string;
mandatory true; mandatory true;
description description
"This represents the object identifier of an instance "This represents the object identifier of an instance
of this class. This attribute is named of this class. This attribute is named
supaPolMetadataIDContent in [1], and is used with supaPolMetadataIDContent in [1], and is used with
another attribute (supaPolMetadataIDEncoding); since another attribute (supaPolMetadataIDEncoding); since
the YANG data model does not need this genericity, the the YANG data model does not need this genericity, the
supaPolMetadataIDContent attribute was renamed, and supaPolMetadataIDContent attribute was renamed to
the supaPolMetadataIDEncoding attribute was supa-policy-metadata-id, and the
not mapped."; supaPolMetadataIDEncoding attribute was not mapped.";
} }
leaf supa-policy-metadata-description { leaf supa-policy-metadata-description {
type string; type string;
description description
"This contains a free-form textual description of this "This contains a free-form textual description of this
metadata object (e.g., what it may be used for)."; metadata object (e.g., what it may be used for).";
} }
leaf supa-policy-metadata-name { leaf supa-policy-metadata-name {
type string; type string;
description description
skipping to change at page 42, line 41 skipping to change at page 43, line 4
type instance-identifier; type instance-identifier;
must "derived-from-or-self (deref(.)/entity-class, must "derived-from-or-self (deref(.)/entity-class,
'SUPA-HAS-POLICY-METADATA-DECORATOR-DETAIL-ASSOC')"; 'SUPA-HAS-POLICY-METADATA-DECORATOR-DETAIL-ASSOC')";
description description
"This leaf-list holds instance-identifiers that "This leaf-list holds instance-identifiers that
reference a SUPAHasMetadaDecorator association [1]. reference a SUPAHasMetadaDecorator association [1].
This association is represented by the grouping This association is represented by the grouping
supa-has-policy-metadata-dec-detail. This association supa-has-policy-metadata-dec-detail. This association
describes how a SUPAPolicyMetadataDecorator instance describes how a SUPAPolicyMetadataDecorator instance
wraps a given SUPAPolicyMetadata instance wraps a given SUPAPolicyMetadata instance
using the Decorator pattern [1]. Multiple concrete
using the Decorator pattern [1]. Multiple concrete
subclasses of SUPAPolicyMetadataDecorator may be used subclasses of SUPAPolicyMetadataDecorator may be used
to wrap the same SUPAPolicyMetadata instance. Since to wrap the same SUPAPolicyMetadata instance. Since
this association class contains attributes, the this association class contains attributes, the
instance-identifier MUST point to an instance using instance-identifier MUST point to an instance using
the grouping supa-has-policy-metadata-dec-detail (which the grouping supa-has-policy-metadata-dec-detail (which
includes subclasses of this association class)."; includes subclasses of this association class).";
} }
description description
"This object implements the Decorator pattern [1] for all "This object implements the Decorator pattern [1] for all
SUPA metadata objects. This enables all or part of one or SUPA metadata objects. This enables all or part of one or
skipping to change at page 45, line 32 skipping to change at page 45, line 51
supa-policy-metadata-access-priv-model-ref is supa-policy-metadata-access-priv-model-ref is
error, then this SUPAPolicyAccessMetadataDef object error, then this SUPAPolicyAccessMetadataDef object
MUST NOT be used. If the value of the MUST NOT be used. If the value of the
supa-policy-metadata-access-priv-model-ref is init, supa-policy-metadata-access-priv-model-ref is init,
then this SUPAPolicyAccessMetadataDef object has been then this SUPAPolicyAccessMetadataDef object has been
properly initialized, and is ready to be used. If the properly initialized, and is ready to be used. If the
value of the supa-policy-metadata-access-priv-model-ref value of the supa-policy-metadata-access-priv-model-ref
is read only or read write, then the value of this is read only or read write, then the value of this
attribute is not applicable (because a type of model attribute is not applicable (because a type of model
is NOT being defined; instead, the access control for is NOT being defined; instead, the access control for
all SUPAPolicyObjects is being defined). Otherwise, all SUPAPolicyObjects is being defined).
the text in this class attribute SHOULD be interpreted
according to the value of the Otherwise, the text in this class attribute SHOULD be
interpreted according to the value of the
supa-policy-metadata-access-priv-model-ref class supa-policy-metadata-access-priv-model-ref class
attribute."; attribute.";
} }
leaf supa-policy-metadata-access-priv-model-ref { leaf supa-policy-metadata-access-priv-model-ref {
type enumeration { type enumeration {
enum "error" { enum "error" {
description description
"This signifies an error state. OAM&P Policies "This signifies an error state. OAM&P Policies
SHOULD NOT use this SUPAPolicyAccessMetadataDef SHOULD NOT use this SUPAPolicyAccessMetadataDef
object if the value of this attribute is object if the value of this attribute is
skipping to change at page 52, line 27 skipping to change at page 52, line 55
of this grouping."; of this grouping.";
} }
leaf supa-has-policy-component-decorator-part-ptr { leaf supa-has-policy-component-decorator-part-ptr {
type instance-identifier; type instance-identifier;
must "derived-from-or-self (deref(.)/entity-class, must "derived-from-or-self (deref(.)/entity-class,
'POLICY-COMPONENT-TYPE')"; 'POLICY-COMPONENT-TYPE')";
description description
"This leaf is an instance-identifier that references "This leaf is an instance-identifier that references
the SUPAPolicyComponentStructure instance end point of the SUPAPolicyComponentStructure instance end point of
the association represented by this instance of the the association represented by this instance of the
SUPAHasDecoratedPolicyComponent association [1]. The SUPAHasDecoratedPolicyComponent association [1].
groupings supa-policy-component-decorator-type and
The groupings supa-policy-component-decorator-type and
supa-policy-component-structure-type represent the supa-policy-component-structure-type represent the
SUPAPolicyComponentDecorator and SUPAPolicyComponentDecorator and
SUPAPolicyComponentStructure classes, respectively. SUPAPolicyComponentStructure classes, respectively.
Thus, the instance identified by this leaf is the Thus, the instance identified by this leaf is the
SUPAPolicyComponentStructure instance that is SUPAPolicyComponentStructure instance that is
associated by this association to the set of associated by this association to the set of
SUPAPolicyComponentStructure instances referenced by SUPAPolicyComponentStructure instances referenced by
the supa-has-policy-component-decorator-agg-ptr leaf the supa-has-policy-component-decorator-agg-ptr leaf
of this grouping."; of this grouping.";
} }
skipping to change at page 62, line 33 skipping to change at page 63, line 20
TBD TBD
8. Acknowledgments 8. Acknowledgments
This document has benefited from reviews, suggestions, comments This document has benefited from reviews, suggestions, comments
and proposed text provided by the following members, listed in and proposed text provided by the following members, listed in
alphabetical order: alphabetical order:
Andy Bierman Andy Bierman
Benoit Claise Benoit Claise
Berndt Zeuner
Martin Bjorklund Martin Bjorklund
Qin Wu Qin Wu
9. References 9. References
This section defines normative and informative references for this This section defines normative and informative references for this
document. document.
9.1. Normative References 9.1. Normative References
skipping to change at page 63, line 4 skipping to change at page 63, line 36
This section defines normative and informative references for this This section defines normative and informative references for this
document. document.
9.1. Normative References 9.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC6020] Bjorklund, M., "YANG - A Data Modeling Language for [RFC6020] Bjorklund, M., "YANG - A Data Modeling Language for
the Network Configuration Protocol (NETCONF)", the Network Configuration Protocol (NETCONF)",
RFC 6020, October 2010. RFC 6020, October 2010.
[RFC6991] Schoenwaelder, J., "Common YANG Data Types", RFC 6991, [RFC6991] Schoenwaelder, J., "Common YANG Data Types", RFC 6991,
July 2013. July 2013.
[RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling
Language", August 2016. Language", August 2016.
9.2. Informative References 9.2. Informative References
[1] Strassner, J., Halpern, J., Coleman, J., "Generic [1] Strassner, J., Halpern, J., Coleman, J., "Generic
Policy Information Model for Simplified Use of Policy Policy Information Model for Simplified Use of Policy
Abstractions (SUPA)", March 21, 2016, Abstractions (SUPA)", Jan 18, 2017,
draft-ietf-supa-generic-policy-info-model-01 draft-ietf-supa-generic-policy-info-model-02
[2] http://www.omg.org/spec/OCL/ [2] http://www.omg.org/spec/OCL/
[3] http://doc.omg.org/formal/2002-04-03.pdf [3] http://doc.omg.org/formal/2002-04-03.pdf
[4] http://alloy.mit.edu/alloy/ [4] http://alloy.mit.edu/alloy/
[5] http://www.omg.org/spec/QVT/ [5] http://www.omg.org/spec/QVT/
[6] http://semver.org/ [6] http://semver.org/
[7] Definitions of DAC, MAC, and RBAC may be found here: [7] Definitions of DAC, MAC, and RBAC may be found here:
http://csrc.nist.gov/groups/SNS/rbac/faq.html#03 http://csrc.nist.gov/groups/SNS/rbac/faq.html#03
[8] ABAC is described here: [8] ABAC is described here:
http://csrc.nist.gov/groups/SNS/rbac/index.html http://csrc.nist.gov/groups/SNS/rbac/index.html
Authors' Addresses Authors' Addresses
Joel Halpern Joel Halpern
Ericsson Ericsson
 End of changes. 32 change blocks. 
45 lines changed or deleted 65 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/