Information Technology Reference
In-Depth Information
6.4 Communication Between PDP and PEP
Various alternatives have been analysed for the communication between the PDP and
any PEP. A first approach is based on the use of Simple Network Management
Protocol (SNMP). SNMP is an application layer protocol that facilitates the exchange
of management information between network devices. In this case, our network
components are the PDP and PEP elements. Although SNMP is a good protocol for
implementing the outsourcing model and also for monitoring purposes, it lacks of
appropriate mechanisms for implementing the provisioning model.
COPS-PR is the protocol recommended by the IETF to transport provisioning
policy data between PDP servers and PEP clients. Therefore, as part of PBNM design
and implementation, we have developed a complete COPS provisioning
implementation, called UMU-jCOPS (University of Murcia Java COPS). It has been
completely developed in Java, allowing the use of any operating system to run an
implementation of PDP or PEP. Furthermore it is IPv6 enabled, so any operation can
be performed using this new network protocol. Both the PDP and PEP contains
UMU-jCOPS core libraries integrated inside.
6.5 Policy Decision Point (PDP)
The Policy Decision Point (PDP) is the PBNM component that applies the policy
documents to the network nodes. It retrieves the CIM routing policies from the Policy
Repository and uses them to generate the low-level policy decisions to be sent to PEPs.
PDP has been implemented using Java 1.4.x and XML technology. Figure 6 shows
the internal PDP components.
PDP Config
Config File
<XML>
PDP Server
Policy
Validator
DB Manager
MONITOR
COPS Agent
Fig. 6.
Internal PDP components
The PDP obtains its configuration (i.e., type of policies, database path, digital
certificate path, etc.) from an XML file. This file is store in memory by the PDP
Config component. PDP Server launches the PDP Monitor and the COPS PDP Agent.
The PDP Monitor component maintains a list of PEPs connected to a given PDP,
