draft-ietf-i2nsf-consumer-facing-interface-dm-12.txt   draft-ietf-i2nsf-consumer-facing-interface-dm-13.txt 
I2NSF Working Group J. Jeong, Ed. I2NSF Working Group J. Jeong, Ed.
Internet-Draft C. Chung Internet-Draft C. Chung
Intended status: Standards Track Sungkyunkwan University Intended status: Standards Track Sungkyunkwan University
Expires: March 12, 2021 T. Ahn Expires: September 9, 2021 T. Ahn
Korea Telecom Korea Telecom
R. Kumar R. Kumar
Juniper Networks Juniper Networks
S. Hares S. Hares
Huawei Huawei
September 8, 2020 March 8, 2021
I2NSF Consumer-Facing Interface YANG Data Model I2NSF Consumer-Facing Interface YANG Data Model
draft-ietf-i2nsf-consumer-facing-interface-dm-12 draft-ietf-i2nsf-consumer-facing-interface-dm-13
Abstract Abstract
This document describes an information model and a YANG data model This document describes an information model and a YANG data model
for the Consumer-Facing Interface between an Interface to Network for the Consumer-Facing Interface between an Interface to Network
Security Functions (I2NSF) User and Security Controller in an I2NSF Security Functions (I2NSF) User and Security Controller in an I2NSF
system in a Network Functions Virtualization (NFV) environment. The system in a Network Functions Virtualization (NFV) environment. The
information model defines various types of managed objects and the information model defines various types of managed objects and the
relationship among them needed to build the interface. The relationship among them needed to build the interface. The
information model is based on the "Event-Condition-Action" (ECA) information model is based on the "Event-Condition-Action" (ECA)
skipping to change at page 1, line 47 skipping to change at page 1, line 47
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 12, 2021. This Internet-Draft will expire on September 9, 2021.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
skipping to change at page 18, line 36 skipping to change at page 18, line 36
based firewall, VoIP/VoLTE security service, and DDoS-attack based firewall, VoIP/VoLTE security service, and DDoS-attack
mitigation in Section 8. mitigation in Section 8.
7.1. YANG Module of Consumer-Facing Interface 7.1. YANG Module of Consumer-Facing Interface
This section describes a YANG module of Consumer-Facing Interface. This section describes a YANG module of Consumer-Facing Interface.
This YANG module imports from [RFC6991]. It makes references to [RFC This YANG module imports from [RFC6991]. It makes references to [RFC
0854][RFC0913][RFC0959][RFC1081][RFC1631][RFC2616][RFC2818][RFC4250][ 0854][RFC0913][RFC0959][RFC1081][RFC1631][RFC2616][RFC2818][RFC4250][
RFC5321]. RFC5321].
<CODE BEGINS> file "ietf-i2nsf-cfi-policy@2020-09-08.yang" <CODE BEGINS> file "ietf-i2nsf-cfi-policy@2021-03-08.yang"
module ietf-i2nsf-cfi-policy { module ietf-i2nsf-cfi-policy {
yang-version 1.1; yang-version 1.1;
namespace namespace
"urn:ietf:params:xml:ns:yang:ietf-i2nsf-cfi-policy"; "urn:ietf:params:xml:ns:yang:ietf-i2nsf-cfi-policy";
prefix nsfcfi; prefix nsfcfi;
import ietf-inet-types{ import ietf-inet-types{
prefix inet; prefix inet;
} }
skipping to change at page 19, line 24 skipping to change at page 19, line 24
Editor: Jaehoon Paul Jeong Editor: Jaehoon Paul Jeong
<mailto:pauljeong@skku.edu> <mailto:pauljeong@skku.edu>
Editor: Patrick Lingga Editor: Patrick Lingga
<mailto:patricklink@skku.edu>"; <mailto:patricklink@skku.edu>";
description description
"This module is a YANG module for Consumer-Facing Interface. "This module is a YANG module for Consumer-Facing Interface.
Copyright (c) 2020 IETF Trust and the persons identified as Copyright (c) 2021 IETF Trust and the persons identified as
authors of the code. All rights reserved. authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject without modification, is permitted pursuant to, and subject to
to the license terms contained in, the Simplified BSD License the license terms contained in, the Simplified BSD License set
set forth in Section 4.c of the IETF Trust's Legal Provisions forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents Relating to IETF Documents
http://trustee.ietf.org/license-info). (https://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX; see This version of this YANG module is part of RFC XXXX
the RFC itself for full legal notices."; (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself
for full legal notices.";
// RFC Ed.: replace XXXX with an actual RFC number and remove // RFC Ed.: replace XXXX with an actual RFC number and remove
// this note. // this note.
revision "2020-09-08"{ revision "2021-03-08"{
description "Initial revision."; description "Initial revision.";
reference reference
"RFC XXXX: I2NSF Consumer-Facing Interface YANG Data Model"; "RFC XXXX: I2NSF Consumer-Facing Interface YANG Data Model";
// RFC Ed.: replace XXXX with an actual RFC number and remove // RFC Ed.: replace XXXX with an actual RFC number and remove
// this note. // this note.
} }
identity malware-file-type { identity malware-file-type {
description description
skipping to change at page 30, line 23 skipping to change at page 30, line 23
reference reference
"draft-ietf-i2nsf-sdn-ipsec-flow-protection-08: "draft-ietf-i2nsf-sdn-ipsec-flow-protection-08:
Software-Defined Networking (SDN)-based IPsec Flow Protection Software-Defined Networking (SDN)-based IPsec Flow Protection
- IPsec method types can be selected."; - IPsec method types can be selected.";
} }
} }
} }
grouping user-group { grouping user-group {
description description
"The grouping for user-group entities, and contains information "This group represents user group information such as name and
such as name & ip-address."; ip-address.";
leaf name { leaf name {
type string; type string;
description description
"This represents the name of a user-group. A user-group name "This represents the name of a user-group. A user-group name
is used to map a user-group's name (e.g., employees) to an IP is used to map a user-group's name (e.g., employees) to an IP
address. It is dependent on implementation."; address. It is dependent on implementation.";
} }
uses ip-address-info{ uses ip-address-info{
refine match-type{ refine match-type{
mandatory true; mandatory true;
} }
description description
"This represent the IP addresses of a user-group."; "This represents the IP addresses of a user-group.";
} }
} }
grouping device-group { grouping device-group {
description description
"This group represents device group information such as ip-address "This group represents device group information such as ip-address
protocol."; protocol.";
leaf name { leaf name {
type string; type string;
description description
"This represents the name of a device-group."; "This represents the name of a device-group.";
} }
uses ip-address-info{ uses ip-address-info{
refine match-type{ refine match-type{
mandatory true; mandatory true;
} }
} }
leaf-list protocol { leaf-list protocol {
type identityref { type identityref {
base protocol-type; base protocol-type;
} }
skipping to change at page 56, line 11 skipping to change at page 56, line 11
<https://www.rfc-editor.org/info/rfc8805>. <https://www.rfc-editor.org/info/rfc8805>.
14.2. Informative References 14.2. Informative References
[I-D.ietf-i2nsf-capability] [I-D.ietf-i2nsf-capability]
Xia, L., Strassner, J., Basile, C., and D. Lopez, Xia, L., Strassner, J., Basile, C., and D. Lopez,
"Information Model of NSFs Capabilities", draft-ietf- "Information Model of NSFs Capabilities", draft-ietf-
i2nsf-capability-05 (work in progress), April 2019. i2nsf-capability-05 (work in progress), April 2019.
[I-D.ietf-i2nsf-sdn-ipsec-flow-protection] [I-D.ietf-i2nsf-sdn-ipsec-flow-protection]
Lopez, R., Lopez-Millan, G., and F. Pereniguez-Garcia, Marin-Lopez, R., Lopez-Millan, G., and F. Pereniguez-
"Software-Defined Networking (SDN)-based IPsec Flow Garcia, "Software-Defined Networking (SDN)-based IPsec
Protection", draft-ietf-i2nsf-sdn-ipsec-flow-protection-08 Flow Protection", draft-ietf-i2nsf-sdn-ipsec-flow-
(work in progress), June 2020. protection-12 (work in progress), October 2020.
[SNORT] Roesch, M., Green, C., and B. Caswell, "SNORT", SNORT [SNORT] Roesch, M., Green, C., and B. Caswell, "SNORT", SNORT
Documents https://www.snort.org/#documents, August 2020. Documents https://www.snort.org/#documents, August 2020.
[STIX] Jordan, B., Piazza, R., and T. Darley, "Structured Threat [STIX] Jordan, B., Piazza, R., and T. Darley, "Structured Threat
Information Expression (STIX)", STIX Version 2.1: Information Expression (STIX)", STIX Version 2.1:
Committee Specification 01 https://docs.oasis- Committee Specification 01 https://docs.oasis-
open.org/cti/stix/v2.1/stix-v2.1.pdf, March 2020. open.org/cti/stix/v2.1/stix-v2.1.pdf, March 2020.
[SURICATA] [SURICATA]
Julien, V. and , "SURICATA", SURICATA Documents Julien, V. and , "SURICATA", SURICATA Documents
https://suricata-ids.org/docs/, August 2020. https://suricata-ids.org/docs/, August 2020.
[YARA] Alvarez, V., Bengen, H., Metz, J., Buehlmann, S., and W. [YARA] Alvarez, V., Bengen, H., Metz, J., Buehlmann, S., and W.
Shields, "YARA", YARA Shields, "YARA", YARA
Documents https://yara.readthedocs.io/en/v3.5.0/, August Documents https://yara.readthedocs.io/en/v3.5.0/, August
2020. 2020.
Authors' Addresses Authors' Addresses
Jaehoon Paul Jeong (editor) Jaehoon (Paul) Jeong (editor)
Department of Computer Science and Engineering Department of Computer Science and Engineering
Sungkyunkwan University Sungkyunkwan University
2066 Seobu-Ro, Jangan-Gu 2066 Seobu-Ro, Jangan-Gu
Suwon, Gyeonggi-Do 16419 Suwon, Gyeonggi-Do 16419
Republic of Korea Republic of Korea
Phone: +82 31 299 4957 Phone: +82 31 299 4957
Fax: +82 31 290 7996 Fax: +82 31 290 7996
EMail: pauljeong@skku.edu EMail: pauljeong@skku.edu
URI: http://iotlab.skku.edu/people-jaehoon-jeong.php URI: http://iotlab.skku.edu/people-jaehoon-jeong.php
 End of changes. 16 change blocks. 
24 lines changed or deleted 25 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/