Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Although the vast majority of PBN systems conformed to the architecture shown <strong>in</strong> figure 23,<br />
PBN approaches are historically divided <strong>in</strong>to several dist<strong>in</strong>ct factions. Most of these alternatives<br />
are fac<strong>in</strong>g dw<strong>in</strong>dl<strong>in</strong>g support today due to the complexity of their underly<strong>in</strong>g policy systems.<br />
The more widely known PBN approaches <strong>in</strong>clude:<br />
• The Distributed Management Task Force’s 21 common <strong>in</strong>formation model (CIM) and<br />
directory-enabled network<strong>in</strong>g (DEN) work. The DMTF CIM model is widely supported<br />
by most NMSs. However, many vendors have also tried to use CIM and DEN to enable<br />
PBN. Those latter attempts have not succeeded due to schema complexities.<br />
• The IETF’s 22 former Resource Allocation Protocol work<strong>in</strong>g group previously def<strong>in</strong>ed the<br />
COPS (see RFC 2748 and RFC 2749) protocols as well as an alternative approach to<br />
CIM/DEN for specify<strong>in</strong>g policy and device configurations. This latter approach was<br />
def<strong>in</strong>ed by RFC 3159, “Structure of Policy Provision<strong>in</strong>g Information (SPPI).” This work<br />
leveraged the exist<strong>in</strong>g SNMP MIB work that is widely used today with<strong>in</strong> IP-oriented<br />
NMSs to create a parallel structure to the MIB for convey<strong>in</strong>g policy and configuration<br />
data, the policy <strong>in</strong>formation base (PIB). This latter concept was quite popular with<strong>in</strong> the<br />
IETF for many years, <strong>in</strong>fluenc<strong>in</strong>g many other IETF work<strong>in</strong>g groups, <strong>in</strong>clud<strong>in</strong>g IP security<br />
policy (IPSP) and the Differentiated Services QoS work<strong>in</strong>g groups. Unfortunately, the<br />
various IETF PIBs were poorly coord<strong>in</strong>ated together. Many of them used different<br />
schemas to do similar th<strong>in</strong>gs, and the complexity of many of these systems was<br />
significant. For these reasons, this work has also lost its former popularity and m<strong>in</strong>d<br />
share.<br />
• The TeleManagement Forum’s 23 shared <strong>in</strong>formation and data work, <strong>in</strong>clud<strong>in</strong>g their next<br />
generation DEN work, which is unrelated to the DMTF DEN work.<br />
Although the construction of large multivendor policy-based systems had achieved a significant<br />
amount of m<strong>in</strong>d share at one time, actually try<strong>in</strong>g to build PBN systems us<strong>in</strong>g the figure 23<br />
model consistently demonstrated how difficult and challeng<strong>in</strong>g the articulation of policy itself<br />
turns out to be [68].<br />
Because of the sheer complexity associated with policy articulation (e.g., RFC 3060, RFC 3084,<br />
RFC 3159, RFC 3317, RFC 3318, RFC 3460, RFC 3571, and RFC 3585), multivendor PBN<br />
attempts to date have ultimately imploded. For this reason, this study recommends that airborne<br />
or NAS systems should not be designed us<strong>in</strong>g technologies that require significant policy<br />
complexity or a high degree of policy coord<strong>in</strong>ation between networked elements.<br />
By contrast, Steve Bellov<strong>in</strong> wrote a report <strong>in</strong> 1999, “Distributed Firewalls” [69], which described<br />
a mechanism to build policy-based networks by leverag<strong>in</strong>g the IPsec protocol (see RFC 4301).<br />
IPsec is a protocol that is implemented natively by IP devices. This approach addressed most of<br />
21 DMTF; http://www.dmtf.org<br />
22 IETF; http://www.ietf.org<br />
23 TMF; http://www.tmforum.org<br />
71