Network Working Group                                      A. Westerinen
Request for Comments: 3198                                 J. Schnizlein
Category: Informational                                    Cisco Systems
                                                            J. Strassner
                                                  Intelliden Corporation
                                                            M. Scherling
                                                                B. Quinn
                                                          Celox Networks
                                                               S. Herzog
                                                                A. Huynh
                                                     Lucent Technologies
                                                              M. Carlson
                                                        Sun Microsystems
                                                                J. Perry
                                                       Network Appliance
                                                           S. Waldbusser
                                                           November 2001
Network Working Group                                      A. Westerinen
Request for Comments: 3198                                 J. Schnizlein
Category: Informational                                    Cisco Systems
                                                            J. Strassner
                                                  Intelliden Corporation
                                                            M. Scherling
                                                                B. Quinn
                                                          Celox Networks
                                                               S. Herzog
                                                                A. Huynh
                                                     Lucent Technologies
                                                              M. Carlson
                                                        Sun Microsystems
                                                                J. Perry
                                                       Network Appliance
                                                           S. Waldbusser
                                                           November 2001

Terminology for Policy-Based Management


Status of this Memo


This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited.


Copyright Notice


Copyright (C) The Internet Society (2001). All Rights Reserved.




This document is a glossary of policy-related terms. It provides abbreviations, explanations, and recommendations for use of these terms. The document takes the approach and format of RFC 2828, which defines an Internet Security Glossary. The intent is to improve the comprehensibility and consistency of writing that deals with network policy, particularly Internet Standards documents (ISDs).

本文件是政策相关术语表。它提供了这些术语的缩写、解释和使用建议。本文件采用RFC 2828的方法和格式,该格式定义了互联网安全术语表。其目的是提高网络政策,特别是互联网标准文件(ISDs)写作的可理解性和一致性。

Table of Contents


   1. Introduction...................................................  2
   2. Explanation of Paragraph Markings..............................  3
   3. Terms..........................................................  3
   4. Intellectual Property.......................................... 16
   5. Acknowledgements............................................... 17
   6. Security Considerations........................................ 17
   7. References..................................................... 17
   8. Authors' Addresses............................................. 19
   9. Full Copyright Statement....................................... 21
   1. Introduction...................................................  2
   2. Explanation of Paragraph Markings..............................  3
   3. Terms..........................................................  3
   4. Intellectual Property.......................................... 16
   5. Acknowledgements............................................... 17
   6. Security Considerations........................................ 17
   7. References..................................................... 17
   8. Authors' Addresses............................................. 19
   9. Full Copyright Statement....................................... 21
1. Introduction
1. 介绍

This document provides abbreviations, definitions, and explanations of terms related to network policy. All definitions are provided in Section 3, with the terms listed in alphabetical order.


The intent is to improve the comprehensibility and consistency of Internet Standards documents (ISDs) -- i.e., RFCs, Internet-Drafts, and other material produced as part of the Internet Standards Process [RFC2026]. Benefits across the ISDs are well-stated in the Introduction to RFC 2828 [RFC2828]:

其目的是提高互联网标准文件(ISDs)的可理解性和一致性,即RFC、互联网草案和作为互联网标准过程一部分制作的其他材料[RFC2026]。在RFC 2828[RFC2828]的介绍中,对ISDs的好处进行了详细说明:

o "Clear, Concise, and Easily Understood Documentation" - Requires that the set of terms and definitions be consistent, self-supporting and uniform across all ISDs.

o “清晰、简洁且易于理解的文档”-要求术语和定义集在所有ISD中保持一致、自支持且统一。

o Technical Excellence - Where all ISDs use terminology accurately, precisely, and unambiguously.

o 技术卓越-所有ISD准确、准确、明确地使用术语。

o Prior Implementation and Testing - Requires that terms are used in their plainest form, that private and "made-up" terms are avoided in ISDs, and that new definitions are not created that conflict with established ones.

o 预先实施和测试-要求以最简单的形式使用术语,在ISDs中避免使用专用术语和“编造”术语,并且不创建与现有定义冲突的新定义。

o "Openness, Fairness, and Timeliness" - Where ISDs avoid terms that are proprietary or otherwise favor a particular vendor, or that create a bias toward a particular technology or mechanism.

o “公开性、公平性和及时性”-ISD避免使用专有或有利于特定供应商的条款,或对特定技术或机制产生偏见的条款。

Common and/or controversial policy terms are defined. These terms are directly related and specific to network policy.


Wherever possible, this document takes definitions from existing ISDs. It should be noted that:


o Expired Internet-Drafts are not referenced, nor are their terminology and definitions used in this document.

o 本文件未引用过期的互联网草稿,也未使用其术语和定义。

o Multiple definitions may exist across the ISDs. Each definition is listed, with its source.

o ISDs中可能存在多个定义。将列出每个定义及其来源。

2. Explanation of Paragraph Markings
2. 对段落标记的解释

Section 3 marks terms and definitions as follows:


o Capitalization: Only terms that are proper nouns are capitalized.

o 大写:只有专有名词的术语才大写。

o Paragraph Marking: Definitions and explanations are stated in paragraphs that are marked as follows:

o 段落标记:定义和解释在标记如下的段落中说明:

- "P" identifies basic policy-related terms.

- “P”表示与基本政策相关的术语。

- "T" identifies various techniques to create or convey policy-related information in a network. For example, COPS and an "Information Model" are two techniques for communicating and describing policy-related data. SNMP and MIBs are another.

- “T”标识了在网络中创建或传递策略相关信息的各种技术。例如,COPS和“信息模型”是用于通信和描述策略相关数据的两种技术。SNMP和MIB是另一种。

- "A" identifies specific Work Groups and general "areas of use" of policy. For example, AAA and QoS are two "areas of use" where policy concepts are extremely important to their function and operation.

- “A”确定了政策的具体工作组和一般“使用领域”。例如,AAA和QoS是两个“使用领域”,其中策略概念对其功能和操作极为重要。

3. Terms
3. 条款

Note: In providing policy definitions, other "technology specific" terms (for example, related to Differentiated Services) may be used and referenced. These non-policy terms will not be defined in this document, and the reader is requested to go to the referenced ISD for additional detail.


$ AAA See "Authentication, Authorization, Accounting".

$ AAA参见“认证、授权、记帐”。

$ abstraction levels See "policy abstraction".

$ 抽象级别请参见“策略抽象”。

$ action See "policy action".

$ 行动见“政策行动”。

$ Authentication, Authorization, Accounting (AAA) (A) AAA deals with control, authentication, authorization and accounting of systems and environments based on policies set by the administrators and users of the systems. The use of policy may be implicit - as defined by RADIUS [RFC2138]. In RADIUS, a network access server sends dial-user credentials to an AAA server, and receives authentication that the user is

$ 认证、授权、记帐(AAA)(A)AAA根据系统管理员和用户设置的策略处理系统和环境的控制、认证、授权和记帐。策略的使用可能是隐式的-如RADIUS[RFC2138]所定义。在RADIUS中,网络访问服务器向AAA服务器发送拨号用户凭据,并接收该用户的身份验证

who he/she claims, along with a set of attribute-value pairs authorizing various service features. Policy is implied in both the authentication, which can be restricted by time of day, number of sessions, calling number, etc., and the attribute-values authorized.


$ CIM See "Common Information Model".

$ CIM见“公共信息模型”。

$ Common Information Model (CIM) (T) An object-oriented information model published by the DMTF (Distributed Management Task Force) [DMTF]. It consists of a Specification detailing the abstract modeling constructs and principles of the Information Model, and a textual language definition to represent the Model. CIM's schemas are defined as a set of files, written in the language of the Specification, with graphical renderings using UML [UML]. Sets of classes and associations represent CIM's Core and Common Models, defining an information model for the "enterprise" - addressing general concepts (in Core), and systems, devices, users, software distribution, the physical environment, networks and policy (in the Common Models). (See also "information model".)

$ 公共信息模型(CIM)(T):由DMTF(分布式管理任务组)[DMTF]发布的面向对象的信息模型。它包括详细说明信息模型的抽象建模结构和原理的规范,以及表示模型的文本语言定义。CIM的模式定义为一组文件,以规范语言编写,并使用UML[UML]进行图形呈现。类和关联集表示CIM的核心和通用模型,为“企业”定义了一个信息模型——处理一般概念(在核心中)、系统、设备、用户、软件分发、物理环境、网络和策略(在通用模型中)。(另请参见“信息模型”。)

$ Common Open Policy Service (COPS) (T) A simple query and response TCP-based protocol that can be used to exchange policy information between a Policy Decision Point (PDP) and its clients (Policy Enforcement Points, PEPs) [RFC2748]. The COPS protocol is used to provide for the outsourcing of policy decisions for RSVP [RFC2749]. Another usage is for the provisioning of policy [RFC3084]. (See also "Policy Decision Point" and "Policy Enforcement Point".)

$ 公共开放策略服务(COPS)(T):一种基于TCP的简单查询和响应协议,可用于在策略决策点(PDP)及其客户端(策略实施点,PEP)之间交换策略信息[RFC2748]。COPS协议用于为RSVP提供政策决策外包[RFC2749]。另一个用途是提供策略[RFC3084]。(另请参见“策略决策点”和“策略实施点”。)

$ condition See "policy condition".

$ 条件见“政策条件”。

$ configuration (P) "Configuration" can be defined from two perspectives: - The set of parameters in network elements and other systems that determine their function and operation. Some parameters are static, such as packet queue assignment and can be predefined and downloaded to a network element. Others are more dynamic, such as the actions taken by a network device upon the occurrence of some event. The distinction between static (predefined) "configuration" and the dynamic state of network elements blurs as setting parameters becomes more responsive, and signaling controls greater degrees of a network device's behavior.

$ 配置(P)“配置”可以从两个角度定义:-网络元件和其他系统中确定其功能和操作的参数集。一些参数是静态的,例如数据包队列分配,可以预定义并下载到网元。另一些更具动态性,例如网络设备在发生某些事件时所采取的行动。随着设置参数变得更具响应性,以及信令控制网络设备行为的更大程度,网络元素的静态(预定义)“配置”和动态状态之间的区别变得模糊。

- A static setup of a network element, done before shipment to a customer and which cannot be modified by the customer. The first is the accepted usage in the Internet community.

- 网元的静态设置,在发货给客户之前完成,客户无法修改。第一个是互联网社区的公认用法。

$ COPS See "Common Open Policy Service".

$ 警察参见“公共开放政策服务”。

$ data model (T) A mapping of the contents of an information model into a form that is specific to a particular type of data store or repository. A "data model" is basically the rendering of an information model according to a specific set of mechanisms for representing, organizing, storing and handling data. It has three parts [DecSupp]: - A collection of data structures such as lists, tables, relations, etc. - A collection of operations that can be applied to the structures such as retrieval, update, summation, etc. - A collection of integrity rules that define the legal states (set of values) or changes of state (operations on values). (See also "information model".)

$ 数据模型(T):将信息模型的内容映射到特定于特定类型的数据存储或存储库的形式。“数据模型”基本上是根据一组表示、组织、存储和处理数据的特定机制来呈现信息模型。它有三个部分[DecSupp]:-数据结构的集合,如列表、表、关系等-可应用于结构的操作的集合,如检索、更新、求和等-定义合法状态(值集)或状态更改(值操作)的完整性规则的集合。(另请参见“信息模型”。)

$ DEN See "Directory Enabled Networks".

$ 请参阅“启用目录的网络”。

$ Differentiated Services (DS) (T) The IP header field, called the DS-field. In IPv4, it defines the layout of the ToS (Type of Service) octet; in IPv6, it is the Traffic Class octet [RFC2474]. (A) "Differentiated Services" is also an "area of use" for QoS policies. It requires policy to define the correspondence between codepoints in the packet's DS-field and individual per-hop behaviors (to achieve a specified per-domain behavior). In addition, policy can be used to specify the routing of packets based on various classification criteria. (See also "Quality of Service" and "filter".)

$ 区分服务(DS)(T)IP报头字段,称为DS字段。在IPv4中,它定义了ToS(服务类型)八位组的布局;在IPv6中,它是通信量类八位字节[RFC2474]。(A) “差异化服务”也是QoS策略的“使用领域”。它需要策略来定义数据包DS字段中的代码点与单个每跳行为之间的对应关系(以实现指定的每域行为)。此外,策略可用于根据各种分类标准指定数据包的路由。(另请参见“服务质量”和“过滤器”。)

$ diffserv See "Differentiated Services".

$ diffserv请参阅“区分服务”。

$ Directory Enabled Networks (DEN) (T) A data model that is the LDAP mapping of CIM (the Common Information Model). Its goals are to enable the deployment and use of policy by starting with common service and user concepts (defined in the information model), specifying their

$ 目录启用网络(DEN)(T)是一种数据模型,它是CIM(公共信息模型)的LDAP映射。它的目标是通过从公共服务和用户概念(在信息模型中定义)开始,指定它们的

mapping/storage in an LDAP-based repository, and using these concepts in vendor/device-independent policy rules [DMTF]. (See also "Common Information Model" and "data model".)


$ domain (P) A collection of elements and services, administered in a coordinated fashion. (See also "policy domain".)

$ 域(P)以协调方式管理的元素和服务的集合。(另请参见“策略域”。)

$ DS See "Differentiated Services".

$ 请参阅“差异化服务”。

$ filter (T) A set of terms and/or criteria used for the purpose of separating or categorizing. This is accomplished via single-or multi-field matching of traffic header and/or payload data. "Filters" are often manipulated and used in network operation and policy. For example, packet filters specify the criteria for matching a pattern (for example, IP or 802 criteria) to distinguish separable classes of traffic.

$ 过滤(T)用于分离或分类的一组术语和/或标准。这是通过单字段或多字段匹配流量报头和/或有效负载数据来实现的。“过滤器”经常在网络操作和策略中被操纵和使用。例如,包过滤器指定匹配模式的标准(例如,IP或802标准),以区分可分离的流量类别。

$ goal See "policy goal".

$ 目标见“政策目标”。

$ information model (T) An abstraction and representation of the entities in a managed environment, their properties, attributes and operations, and the way that they relate to each other. It is independent of any specific repository, software usage, protocol, or platform.

$ 信息模型(T):管理环境中实体的抽象和表示,它们的属性、属性和操作,以及它们相互关联的方式。它独立于任何特定的存储库、软件使用、协议或平台。

$ Management Information Base (MIB) (T) A collection of information that can be accessed via the Simple Network Management Protocol. Management information is defined in MIB modules using the rules contained in SNMP's Structure of Management Information (SMI) specifications [RFC2570]. Management information is an abstract concept, and definitions can be created for high level policy specifications, low level policy, as well as technology and vendor specific configurations, status and statistics. (See also "Simple Network Management Protocol" and "Structure of Management Information".)

$ 管理信息库(MIB)(T):可通过简单网络管理协议访问的信息集合。管理信息使用SNMP管理信息结构(SMI)规范[RFC2570]中包含的规则在MIB模块中定义。管理信息是一个抽象概念,可以为高级策略规范、低级策略以及特定于技术和供应商的配置、状态和统计信息创建定义。(另请参见“简单网络管理协议”和“管理信息结构”。)

$ MIB See "Management Information Base".

$ MIB见“管理信息库”。

$ MPLS See "Multiprotocol Label Switching". (Also, MPLS may refer to Multi-Protocol Lambda Switching in optical networks. But, this is unrelated to policy and not discussed further in this document.)

$ MPLS参见“多协议标签交换”。(此外,MPLS可能涉及光网络中的多协议Lambda交换。但是,这与政策无关,本文档中不再进一步讨论。)

$ Multiprotocol Label Switching (MPLS) (T) Integrates a label swapping and switching framework with network layer routing [RFC2702]. The basic idea involves assigning short fixed length labels to packets at the ingress to an MPLS cloud. Throughout the interior of the MPLS domain, the labels attached to packets are used to make forwarding decisions (usually without recourse to the original packet headers).

$ 多协议标签交换(MPLS)(T)将标签交换和交换框架与网络层路由集成在一起[RFC2702]。其基本思想是在MPLS云入口为数据包分配固定长度的短标签。在整个MPLS域内部,附加到数据包的标签用于做出转发决策(通常不依赖于原始数据包头)。

$ outsourced policy (P) An execution model where a policy enforcement device issues a query to delegate a decision for a specific policy event to another component, external to it. For example, in RSVP, the arrival of a new RSVP message to a PEP requires a fast policy decision (not to delay the end-to-end setup). The PEP may use COPS-RSVP to send a query to the PDP, asking for a policy decision [RFC2205, RFC2748]. "Outsourced policy" is contrasted with "provisioned policy", but they are not mutually exclusive and operational systems may combine the two.

$ 外包策略(P):一种执行模型,其中策略执行设备发出查询,将特定策略事件的决策委托给其外部的另一个组件。例如,在RSVP中,新的RSVP消息到达PEP需要快速策略决策(而不是延迟端到端设置)。政治公众人物可使用COPS-RSVP向PDP发送查询,要求作出决策[RFC2205,RFC2748]。“外包策略”与“供应策略”形成对比,但它们并不相互排斥,操作系统可以将两者结合起来。

$ PCIM See "Policy Core Information Model".

$ PCIM参见“政策核心信息模型”。

$ PDP See "Policy Decision Point".

$ PDP见“政策决策点”。

$ PEP See "Policy Enforcement Point".

$ 政治公众人物请参见“政策执行点”。

$ PIB See "Policy Information Base".

$ PIB见“政策信息库”。

$ policy (P) "Policy" can be defined from two perspectives: - A definite goal, course or method of action to guide and determine present and future decisions. "Policies" are implemented or executed within a particular context (such as policies defined within a business unit). - Policies as a set of rules to administer, manage, and control access to network resources [RFC3060].

$ 政策(P)“政策”可以从两个角度定义:-指导和确定当前和未来决策的明确目标、过程或行动方法。“策略”在特定上下文中实施或执行(例如在业务单元中定义的策略)。-策略作为一组规则,用于管理和控制对网络资源的访问[RFC3060]。

Note that these two views are not contradictory since individual rules may be defined in support of business goals. (See also "policy goal", "policy abstraction" and "policy rule".)


$ policy abstraction (P) Policy can be represented at different levels, ranging from business goals to device-specific configuration parameters. Translation between different levels of "abstraction" may require information other than policy, such as network and host parameter configuration and capabilities. Various documents and implementations may specify explicit levels of abstraction. However, these do not necessarily correspond to distinct processing entities or the complete set of levels in all environments. (See also "configuration" and "policy translation".)

$ 策略抽象(P)策略可以在不同的级别上表示,从业务目标到特定于设备的配置参数。不同“抽象”级别之间的转换可能需要策略以外的信息,例如网络和主机参数配置和功能。各种文档和实现可以指定明确的抽象级别。但是,这些并不一定对应于不同的处理实体或所有环境中的完整级别集。(另请参见“配置”和“策略转换”。)

$ policy action (P) Definition of what is to be done to enforce a policy rule, when the conditions of the rule are met. Policy actions may result in the execution of one or more operations to affect and/or configure network traffic and network resources. - In [RFC3060], a rule's actions may be ordered.

$ 策略操作(P)定义当满足规则的条件时,为强制执行策略规则所要做的事情。策略操作可能导致执行一个或多个操作,以影响和/或配置网络流量和网络资源。-在[RFC3060]中,可以对规则的操作进行排序。

$ policy condition (P) A representation of the necessary state and/or prerequisites that define whether a policy rule's actions should be performed. This representation need not be completely specified, but may be implicitly provided in an implementation or protocol. When the policy condition(s) associated with a policy rule evaluate to TRUE, then (subject to other considerations such as rule priorities and decision strategies) the rule should be enforced. (T) In [RFC3060], a rule's conditions can be expressed as either an ORed set of ANDed sets of statements (disjunctive normal form), or an ANDed set of ORed sets of statements (conjunctive normal form). Individual condition statements can also be negated.

$ 策略条件(P)定义是否应执行策略规则操作的必要状态和/或先决条件的表示。这种表示不需要完全指定,但可以在实现或协议中隐式提供。当与策略规则关联的策略条件评估为TRUE时,则(根据规则优先级和决策策略等其他考虑因素)应强制执行该规则。(T) 在[RFC3060]中,规则的条件可以表示为一组或多组语句(析取范式)或一组或多组语句(合取范式)。个别条件语句也可以被否定。

$ policy conflict (P) Occurs when the actions of two rules (that are both satisfied simultaneously) contradict each other. The entity implementing the policy would not be able to determine which action to perform. The implementers of policy systems must provide conflict detection and avoidance or resolution mechanisms to prevent this situation. "Policy conflict" is contrasted with "policy error".

$ 当两个规则(同时满足两个规则)的操作相互冲突时,会发生策略冲突(P)。实施策略的实体将无法确定要执行的操作。政策系统的实施者必须提供冲突检测和避免或解决机制来防止这种情况。“政策冲突”与“政策错误”形成对比。

$ policy conversion See "policy translation".

$ 策略转换请参见“策略转换”。

$ Policy Core Information Model (PCIM) [RFC3060] (T) An information model describing the basic concepts of policy groups, rules, conditions, actions, repositories and their relationships. This model is described as a "core" model since it cannot be applied without domain-specific extensions (for example, extensions for QoS or IPsec). PCIM is "core" with respect to the area of policy. However, it is a "Common Model," with respect to CIM - in that it extends the basic CIM concepts for policy. (See also "Common Information Model".)

$ 策略核心信息模型(PCIM)[RFC3060](T)描述策略组、规则、条件、操作、存储库及其关系的基本概念的信息模型。此模型被描述为“核心”模型,因为如果没有特定于域的扩展(例如,QoS或IPsec扩展),则无法应用此模型。PCIM是政策领域的“核心”。然而,对于CIM来说,它是一个“通用模型”,因为它扩展了策略的基本CIM概念。(另请参见“公共信息模型”。)

$ policy decision (P) Two perspectives of "policy decision" exist: - A "process" perspective that deals with the evaluation of a policy rule's conditions - A "result" perspective that deals with the actions for enforcement, when the conditions of a policy rule are TRUE

$ 政策决策(P)“政策决策”有两种观点:-处理政策规则条件评估的“过程”观点-处理政策规则条件为真时执行行动的“结果”观点

$ Policy Decision Point (PDP) (P) A logical entity that makes policy decisions for itself or for other network elements that request such decisions [RFC2753]. (See also "policy decision".)

$ 策略决策点(PDP)(P)为自身或请求此类决策的其他网络元素做出策略决策的逻辑实体[RFC2753]。(另见“政策决定”。)

$ policy domain (P) A collection of elements and services, and/or a portion of an Internet over which a common and consistent set of policies are administered in a coordinated fashion [RFC2474]. This definition of a policy domain does not preclude multiple sources of policy creation within an organization, but does require that the resultant policies be coordinated. - Policies defined in the context of one domain may need to be communicated or negotiated outside of that domain. (See also "policy negotiation".)

$ 策略域(P)元素和服务的集合,和/或互联网的一部分,在互联网上以协调的方式管理一组公共和一致的策略[RFC2474]。策略域的这一定义并不排除组织内策略创建的多个来源,但要求协调生成的策略。-在一个域的上下文中定义的策略可能需要在该域之外进行沟通或协商。(另见“政策谈判”。)

$ policy enforcement (P) The execution of a policy decision.

$ 策略执行(P)策略决策的执行。

$ Policy Enforcement Point (PEP) (P) A logical entity that enforces policy decisions [RFC2753]. (See also "policy enforcement".)

$ 策略执行点(PEP)(P)执行策略决策的逻辑实体[RFC2753]。(另请参见“策略执行”。)

$ policy error (P) "Policy errors" occur when attempts to enforce policy actions fail, whether due to temporary state or permanent mismatch between the policy actions and the device enforcement capabilities. This is contrasted with "policy conflict".

$ 策略错误(P)“策略错误”发生在尝试实施策略操作失败时,无论是由于策略操作与设备实施功能之间的临时状态或永久性不匹配。这与“政策冲突”形成对比。

$ policy goal (P) Goals are the business objectives or desired state intended to be maintained by a policy system. As the highest level of abstraction of policy, these goals are most directly described in business rather than technical terms. For example, a goal might state that a particular application operate on a network as though it had its own dedicated network, despite using a shared infrastructure. 'Policy goals' can include the objectives of a service level agreement, as well as the assignment of resources to applications or individuals. A policy system may be created that automatically strives to achieve a goal through feedback regarding whether the goal (such as a service level) is being met.

$ 策略目标(P)目标是计划由策略系统维护的业务目标或期望状态。作为策略的最高抽象级别,这些目标最直接地用业务而不是技术术语来描述。例如,一个目标可能会指出,尽管使用了共享的基础设施,但某个特定的应用程序在网络上运行,就好像它有自己的专用网络一样。”“策略目标”可以包括服务级别协议的目标,以及将资源分配给应用程序或个人。可以创建一个策略系统,通过对目标(如服务级别)是否得到满足的反馈自动努力实现目标。

$ Policy Information Base (PIB) (T) Collections of related PRovisioning Classes (PRCs), defined as a module. (See also "PRovisioning Class".)

$ 策略信息库(PIB)(T)相关资源调配类(PRC)的集合,定义为一个模块。(另请参见“资源调配类”。)

$ policy mapping See "policy translation".

$ 策略映射请参见“策略转换”。

$ policy negotiation (P) Exposing the desired or appropriate part of a policy to another domain. This is necessary to support partial interconnection between domains, which are operating with different sets of policies.

$ 策略协商(P)将策略的所需或适当部分公开给另一个域。这对于支持使用不同策略集运行的域之间的部分互连是必要的。

$ policy repository (P) "Policy repository" can be defined from three perspectives: - A specific data store that holds policy rules, their conditions and actions, and related policy data. A database or directory would be an example of such a store. - A logical container representing the administrative scope and naming of policy rules, their conditions and actions, and related policy data. A "QoS policy" domain would be an example of such a container. - In [RFC3060], a more restrictive definition than the prior one exists. A PolicyRepository is a model abstraction representing an administratively defined, logical container for reusable policy elements.

$ 策略存储库(P)“策略存储库”可以从三个角度定义:-保存策略规则、其条件和操作以及相关策略数据的特定数据存储。数据库或目录就是这种存储的一个例子。-表示策略规则的管理范围和命名、其条件和操作以及相关策略数据的逻辑容器。“QoS策略”域就是此类容器的一个示例。-在[RFC3060]中,存在比先前定义更严格的定义。PolicyRepository是一个模型抽象,表示可重用策略元素的管理定义的逻辑容器。

$ policy request (P) A message requesting a policy-related service. This may refer to a request to retrieve a specific set of policy rules, to determine the actions to enforce, or other policy requests. When sent by a PEP to a PDP, it is more accurately qualified as a "policy decision request" [RFC2753]. (See also "policy decision".)

$ 策略请求(P)请求策略相关服务的消息。这可能是指检索特定策略规则集、确定要执行的操作的请求,或其他策略请求。当PEP将其发送给PDP时,它更准确地被限定为“策略决策请求”[RFC2753]。(另见“政策决定”。)

$ policy rule (P) A basic building block of a policy-based system. It is the binding of a set of actions to a set of conditions - where the conditions are evaluated to determine whether the actions are performed [RFC3060].

$ 策略规则(P)基于策略的系统的基本构造块。它是一组操作与一组条件的绑定,其中对条件进行评估以确定是否执行操作[RFC3060]。

$ policy server (P) A marketing term whose definition is imprecise. Originally, [RFC2753] referenced a "policy server". As the RFC evolved, this term became more precise and known as the Policy Decision Point (PDP). Today, the term is used in marketing and other literature to refer specifically to a PDP, or for any entity that uses/services policy.

$ 策略服务器(P):一个定义不精确的营销术语。最初,[RFC2753]引用了一个“策略服务器”。随着RFC的发展,这个术语变得更加精确,被称为策略决策点(PDP)。如今,在营销和其他文献中,该术语专门指PDP,或任何使用/服务策略的实体。

$ policy translation (P) The transformation of a policy from a representation and/or level of abstraction, to another representation or level of abstraction. For example, it may be necessary to convert PIB data to a command line format. In this "conversion," the translation to the new representation is likely to require a change in the level of abstraction (becoming more or less specific). Although these are logically distinct tasks, they are (in most cases) blurred in the act of translating/converting/mapping. Therefore, this is also known as "policy conversion" or "policy mapping".

$ 策略转换(P):将策略从一个表示和/或抽象级别转换为另一个表示或抽象级别。例如,可能需要将PIB数据转换为命令行格式。在这种“转换”中,对新表示的转换可能需要改变抽象级别(变得更具体或更不具体)。尽管这些任务在逻辑上是不同的,但它们(在大多数情况下)在翻译/转换/映射过程中是模糊的。因此,这也称为“策略转换”或“策略映射”。

$ PolicyGroup (T) An abstraction in the Policy Core Information Model [RFC3060]. It is a class representing a container, aggregating either policy rules or other policy groups. It allows the grouping of rules into a Policy, and the refinement of high-level Policies to lower-level or different (i.e., converted or translated) peer groups.

$ PolicyGroup(T)策略核心信息模型[RFC3060]中的抽象。它是一个表示容器的类,聚合策略规则或其他策略组。它允许将规则分组到策略中,并将高级策略细化到较低级别或不同(即转换或翻译)的对等组。

$ PRC See "PRovisioning Class".

$ 请参阅“资源调配类”。

$ PRI See "PRovisioning Instance".

$ 请参阅“配置实例”。

$ provisioned policy (P) An execution model where network elements are pre-configured, based on policy, prior to processing events. Configuration is pushed to the network device, e.g., based on time of day or at initial booting of the device. The focus of this model is on the distribution of configuration information, and is exemplified by Differentiated Services [RFC2475]. Based on events received, devices use downloaded (pre-provisioned)

$ 配置策略(P):一种执行模型,其中网络元素在处理事件之前根据策略进行预配置。配置被推送到网络设备,例如,基于一天中的时间或设备的初始引导。该模型的重点是配置信息的分布,并以区分服务[RFC2475]为例。根据接收到的事件,设备使用下载(预配置)

mechanisms to implement policy. "Provisioned policy" is contrasted with "outsourced policy".


$ PRovisioning Class (PRC) (T) An ordered set of attributes representing a type of policy data. PRCs are defined in PIB modules (encoded using SPPI) and registered in the Object Identifier tree. Instances of each PRC are organized in tables, similar to conceptual tables in SMIv2. (See also "Structure of Policy Provisioning Information" and "Policy Information Base".) The acronym, PRC, has evolved from "policy rule class" to "provisioning class". The reason for the change is that a discrepancy existed between the use of the words, "policy rule" in the PRC context versus other uses in PCIM and the industry. In the latter, rules are If/Then statements - a binding of conditions to actions. PRCs are not "rules" by this definition, but the encoding of (network-wide) configuration information for a device.

$ 配置类(PRC)(T)表示策略数据类型的有序属性集。PRC在PIB模块中定义(使用SPPI编码),并在对象标识符树中注册。每个PRC的实例都组织在表中,类似于SMIv2中的概念表。(另请参见“策略供应信息结构”和“策略信息库”。)缩写PRC已从“策略规则类”演变为“供应类”。这一变化的原因是,在中国语境中,“政策规则”一词的使用与PCIM和行业中的其他使用之间存在差异。在后者中,规则是If/Then语句,是对动作的条件约束。PRC不是此定义中的“规则”,而是设备(网络范围)配置信息的编码。

$ PRovisioning Instance (PRI) (T) An instantiation of a PRovisioning Class. (See also "PRovisioning Class".)

$ 配置实例(PRI)(T)配置类的实例化。(另请参见“资源调配类”。)

$ QoS See "Quality of Service".

$ QoS见“服务质量”。

$ Quality of Service (QoS) (A) At a high level of abstraction, "Quality of Service" refers to the ability to deliver network services according to the parameters specified in a Service Level Agreement. "Quality" is characterized by service availability, delay, jitter, throughput and packet loss ratio. At a network resource level, "Quality of Service" refers to a set of capabilities that allow a service provider to prioritize traffic, control bandwidth, and network latency. There are two different approaches to "Quality of Service" on IP networks: Integrated Services [RFC1633], and Differentiated Service [RFC2475]. Integrated Services require policy control over the creation of signaled reservations, which provide specific quantitative end-to-end behavior for a (set of) flow(s). In contrast, Differentiated Services require policy to define the correspondence between codepoints in the packet's DS-field and individual per-hop behaviors (to achieve a specified per-domain behavior). A maximum of 64 per-hop behaviors limit the number of classes of service traffic that can be marked at any point in a domain. These classes of service signal the treatment of the packets with respect to various QoS aspects, such as flow priority and packet drop precedence. In

$ 服务质量(QoS)(A)“服务质量”是指根据服务水平协议中规定的参数提供网络服务的能力。“质量”的特征是服务可用性、延迟、抖动、吞吐量和丢包率。在网络资源级别,“服务质量”指的是一组功能,允许服务提供商对流量、控制带宽和网络延迟进行优先级排序。在IP网络上有两种不同的“服务质量”方法:集成服务[RFC1633]和差异化服务[RFC2475]。集成服务要求对信号预订的创建进行策略控制,为(一组)流提供特定的定量端到端行为。相反,差异化服务需要策略来定义数据包DS字段中的代码点与单个每跳行为之间的对应关系(以实现指定的每域行为)。每跳最多64个行为限制了可以在域中的任意点标记的服务流量类别的数量。这些服务类别表示关于各种QoS方面(例如流优先级和分组丢弃优先级)的分组处理。在里面

addition, policy can be used to specify the routing of packets based on various classification criteria. Policy controls the set of configuration parameters and routing for each class in Differentiated Service, and the admission conditions for reservations in Integrated Services. (See also "policy abstraction" and "Service Level Agreement".)


$ Resource reSerVation Protocol (RSVP) (T) A setup protocol designed for an Integrated Services Internet, to reserve network resources for a path [RFC2205]. And, a signaling mechanism for managing application traffic's QoS in a Differentiated Service network.

$ 资源预留协议(RSVP)(T)为综合服务互联网设计的设置协议,用于为路径预留网络资源[RFC2205]。以及,用于在区分服务网络中管理应用业务的QoS的信令机制。

$ role (P) "Role" is defined from three perspectives: - A business position or function, to which people and logical entities are assigned [X.500] - The labeled endpoints of a UML (Unified Modeling Language) association. Quoting from [UML], "When a class participates in an association, it has a specific role that it plays in that relationship; a role is just the face the class at the near end of the association presents to the class at the other end of the association". The Policy Core Information Model [RFC3060] uses UML to depict its class hierarchy. Relationships/associations are significant in the model. - An administratively specified characteristic of a managed element (for example, an interface). It is a selector for policy rules and PRovisioning Classes (PRCs), to determine the applicability of the rule/PRC to a particular managed element [RFC3060]. Only the third definition (roles as selectors of policy) is directly related to the management of network policy. However, the first definition (roles as business positions and functions) may be referenced in policy conditions and actions.

$ 角色(P)“角色”从三个角度定义:-人员和逻辑实体分配到的业务职位或职能[X.500]-UML(统一建模语言)关联的标记端点。引用[UML],“当一个类参与一个关联时,它在该关系中扮演着一个特定的角色;角色只是该关联近端的类呈现给该关联另一端的类的面孔”。策略核心信息模型[RFC3060]使用UML描述其类层次结构。关系/关联在模型中非常重要。-托管元素(例如,接口)的管理指定特性。它是策略规则和配置类(PRC)的选择器,用于确定规则/PRC对特定托管元素的适用性[RFC3060]。只有第三个定义(作为策略选择器的角色)与网络策略的管理直接相关。但是,第一个定义(作为业务职位和职能的角色)可以在政策条件和行动中引用。

$ role combination (P) A lexicographically ordered set of roles that characterize managed elements and indicate the applicability of policy rules and PRovisioning Classes (PRCs). A policy system uses the set of roles reported by the managed element to determine the correct rules/PRCs to be sent for enforcement. That determination may examine all applicable policy rules identified by the role combination, its sub-combinations and the individual roles in the combination [RFC3060]. In the case of PRCs, a PRC must explicitly match the role combination of the managed element in order to be applicable and/or enforced. (The comparison is typically case-sensitive.) The

$ 角色组合(P):一组按字典顺序排列的角色,用于描述托管元素,并指示策略规则和资源调配类(PRC)的适用性。策略系统使用托管元素报告的角色集来确定要发送以供实施的正确规则/PRC。该确定可检查角色组合、其子组合和组合中的单个角色标识的所有适用策略规则[RFC3060]。对于PRC,PRC必须明确匹配受管要素的角色组合,以便适用和/或实施。(比较通常区分大小写。)

final set of rules/PRCs for enforcement are defined by the policy system, as appropriate for the specified role combination of the managed element.


$ RSVP See "Resource reSerVation Protocol".

$ RSVP见“资源预留协议”。

$ rule See "policy rule".

$ 规则见“策略规则”。

$ rule based engine (T) A rule based engine is able to evaluate policy condition(s) and trigger appropriate policy actions. A particular rule based engine may only be capable of acting upon policy rules that are formatted in a specified way or adhere to a specific language.

$ 基于规则的引擎(T)基于规则的引擎能够评估策略条件并触发适当的策略操作。特定的基于规则的引擎可能只能对以指定方式格式化或遵循特定语言的策略规则进行操作。

$ schema (T) Two different perspectives of schema are defined: - A set of rules that determines what data can be stored in a database or directory service [DirServs] - A collection of data models that are each bound to the same type of repository. The latter is the preferred and recommended one for Internet Standards documents. (See also "data model".)

$ schema(T)定义了schema的两个不同视角:-一组确定哪些数据可以存储在数据库或目录服务[DirServs]中的规则,-一组数据模型,每个模型都绑定到同一类型的存储库。后者是互联网标准文件的首选和推荐方法。(另请参见“数据模型”。)

$ service (P) The behavior or functionality provided by a network, network element or host [DMTF, RFC2216]. Quoting from RFC 2216 [RFC2216], in order to completely specify a "service", one must define the "functions to be performed ..., the information required ... to perform these functions, and the information made available by the element to other elements of the system". Policy can be used to configure a "service" in a network or on a network element/host, invoke its functionality, and/or coordinate services in an interdomain or end-to-end environment.

$ 服务(P)网络、网元或主机提供的行为或功能[DMTF,RFC2216]。引用RFC 2216[RFC2216],为了完全指定“服务”,必须定义“要执行的功能…”、执行这些功能所需的信息以及该元件向系统其他元件提供的信息”。策略可用于在网络或网元/主机上配置“服务”、调用其功能和/或在域间或端到端环境中协调服务。

$ Service Level Agreement (SLA) (P) The documented result of a negotiation between a customer/consumer and a provider of a service, that specifies the levels of availability, serviceability, performance, operation or other attributes of the service [RFC2475]. (See also "Service Level Objective".)

$ 服务水平协议(SLA)(P)客户/消费者和服务提供商之间协商的记录结果,规定了服务的可用性、可服务性、性能、操作或其他属性的级别[RFC2475]。(另请参见“服务级别目标”。)

$ Service Level Objective (SLO) (P) Partitions an SLA into individual metrics and operational information to enforce and/or monitor the SLA. "Service Level Objectives" may be defined as part of an SLA, an SLS, or in a separate document. It is a set of parameters and their values. The actions of enforcing and reporting monitored compliance can be implemented as one or more policies. (See also "Service Level Agreement".)

$ 服务级别目标(SLO)(P)将SLA划分为单独的度量和操作信息,以实施和/或监控SLA。“服务级别目标”可以定义为SLA、SLS或单独文档的一部分。它是一组参数及其值。强制执行和报告监控合规性的操作可以作为一个或多个策略来实施。(另请参见“服务级别协议”。)

$ Service Level Specification (SLS) (P) Specifies handling of customer's traffic by a network provider. It is negotiated between a customer and the provider, and (for example) in a DiffServ environment, defines parameters such as specific Code Points and the Per-Hop-Behavior, profile characteristics and treatment of the traffic for those Code Points. An SLS is a specific SLA (a negotiated agreement) and its SLOs (the individual metrics and operational data to enforce) to guarantee quality of service for network traffic. (See also "Service Level Agreement" and "Service Level Objective".)

$ 服务级别规范(SLS)(P)规定了网络提供商对客户流量的处理。它在客户和提供商之间协商,并且(例如)在DiffServ环境中,定义参数,例如特定代码点和每跳行为、配置文件特征和这些代码点的流量处理。SLS是一种特定的SLA(协商协议)及其SLO(要实施的单个度量和操作数据),用于保证网络流量的服务质量。(另请参见“服务级别协议”和“服务级别目标”。)

$ Simple Network Management Protocol (SNMP) (T) SNMP is a framework (including a protocol) for managing systems in a network environment [RFC2570]. It can be used for policy-based configuration and control using a specific MIB Module designed to execute policies on managed elements via scripts. The elements (instances) in a network device are evaluated using a policy filter, to determine where policy will be applied.

$ 简单网络管理协议(SNMP)(T)SNMP是用于在网络环境中管理系统的框架(包括协议)[RFC2570]。它可以使用特定的MIB模块用于基于策略的配置和控制,该模块设计用于通过脚本在托管元素上执行策略。使用策略过滤器对网络设备中的元素(实例)进行评估,以确定将应用策略的位置。

$ SLA See "Service Level Agreement".

$ SLA见“服务水平协议”。

$ SLO See "Service Level Objective".

$ SLO见“服务水平目标”。

$ SLS See "Service Level Specification".

$ SLS请参见“服务级别规范”。

$ SMIv2 See "Structure of Management Information".

$ SMIv2请参见“管理信息结构”。

$ SNMP See "Simple Network Management Protocol".

$ SNMP请参阅“简单网络管理协议”。

$ SPPI See "Structure of Policy Provisioning Information".

$ 请参阅“策略设置信息的结构”。

$ Structure of Policy Provisioning Information (SPPI) (T) An adapted subset of SNMP's Structure of Management Information (SMIv2) that is used to encode collections of related PRovisioning Classes as a PIB [RFC3159]. (See also "Policy Information Base" and "PRovisioning Class".)

$ 策略配置信息结构(SPPI)(T)SNMP管理信息结构(SMIv2)的一个子集,用于将相关配置类的集合编码为PIB[RFC3159]。(另请参见“策略信息库”和“资源调配类”。)

$ Structure of Management Information, version 2 (SMIv2) (T) An adapted subset of OSI's Abstract Syntax Notation One, ASN.1 (1988) used to encode collections of related objects as SNMP Management Information Base (MIB) modules [RFC2578].

$ 管理信息结构,第2版(SMIv2)(T)OSI抽象语法符号1的一个子集,ASN.1(1988),用于将相关对象集合编码为SNMP管理信息库(MIB)模块[RFC2578]。

$ subject (P) An entity, or collection of entities, which originates a request, and is verified as authorized/not authorized to perform that request.

$ 主体(P)发起请求的实体或实体集合,并被验证为授权/未授权执行该请求。

$ target (P) An entity, or collection of entities, which is affected by a policy. For example, the "targets" of a policy to reconfigure a network device are the individual services that are updated and configured.

$ 目标(P)受策略影响的实体或实体集合。例如,重新配置网络设备的策略的“目标”是更新和配置的单个服务。

4. Intellectual Property
4. 知识产权

The IETF takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on the IETF's procedures with respect to rights in standards-track and standards-related documentation can be found in BCP-11.


Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF Secretariat.


The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may cover technology that may be required to practice this standard. Please address the information to the IETF Executive Director.


5. Acknowledgements
5. 致谢

This document builds on the work of previous terminology drafts. The authors of these documents were Fran Reichmeyer, Dan Grossman, John Strassner, Ed Ellesson and Matthew Condell. Also, definitions for the general concepts of policy and policy rule include input from Predrag Spasic. Very helpful comments and suggestions were received from Juergen Schoenwaelder, Joe Salowey, Jon Saperia, Ravi Sahita, Bob Moore, Guus Sliepen, T.H. Jonatan and Dave Perkins.

本文件以以前的术语草案为基础。这些文件的作者是弗兰·赖希迈尔、丹·格罗斯曼、约翰·斯特拉斯纳、埃德·埃尔森和马修·康德尔。此外,政策和政策规则的一般概念的定义包括Predrag Spasic的输入。Juergen Schoenwaelder、Joe Salowey、Jon Saperia、Ravi Sahita、Bob Moore、Guus Sleipen、T.H.Jonatan和Dave Perkins提出了非常有用的意见和建议。

6. Security Considerations
6. 安全考虑

This document only defines policy-related terms. It does not describe in detail the vulnerabilities of, threats to, or mechanisms that protect specific policy implementations or policy-related Internet protocols.


7. References
7. 工具书类

[DecSupp] Building Effective Decision Support Systems. R. Sprague, and E. Carleson. Prentice Hall, 1982.


[DirServs] Understanding and Deploying LDAP Directory Services. T. Howes, M. Smith, and G. Good. MacMillan Technical Publications, 1999.


[DMTF] Common Information Model (CIM) Schema, version 2.x. Distributed Management Task Force, Inc. The components of the CIM v2.x schema are available via links on the following DMTF web page:

[DMTF]公共信息模型(CIM)模式,版本2.x。Distributed Management Task Force,Inc.。CIM v2.x模式的组件可通过以下DMTF网页上的链接获得:

[RFC1633] Braden, R., Clark, D. and S. Shenker, "Integrated Services in the Internet Architecture: An Overview", RFC 1633, June 1994.

[RFC1633]Braden,R.,Clark,D.和S.Shenker,“互联网体系结构中的综合服务:概述”,RFC 16331994年6月。

[RFC2026] Bradner, S., "The Internet Standards Process -- Revision 3", BCP 9, RFC 2026, October 1996.

[RFC2026]Bradner,S.,“互联网标准过程——第3版”,BCP 9,RFC 2026,1996年10月。

[RFC2138] Rigney, C., Rubens, A., Simpson, W. and S. Willens, "Remote Authentication Dial In User Service (RADIUS)", RFC 2138, April 1997.

[RFC2138]Rigney,C.,Rubens,A.,Simpson,W.和S.Willens,“远程认证拨入用户服务(RADIUS)”,RFC 21381997年4月。

[RFC2205] Braden, R., Zhang, L., Berson, S., Herzog, S. and S. Jamin, "Resource ReSerVation Protocol (RSVP) -- Version 1 Functional Specification", RFC 2205, September 1997.

[RFC2205]Braden,R.,Zhang,L.,Berson,S.,Herzog,S.和S.Jamin,“资源预留协议(RSVP)——第1版功能规范”,RFC 22052997年9月。

[RFC2216] Shenker, S. and J. Wroclawski, "Network Element Service Specification Template", September 1997.


[RFC2474] Nichols, K., Blake, S., Baker, F. and D. Black, "Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers", RFC 2474, December 1998.

[RFC2474]Nichols,K.,Blake,S.,Baker,F.和D.Black,“IPv4和IPv6标头中区分服务字段(DS字段)的定义”,RFC 2474,1998年12月。

[RFC2475] Blake, S., Black, D., Carlson, M., Davies, E., Wang, Z. and W. Weiss, "An Architecture for Differentiated Service", RFC 2475, December 1998.

[RFC2475]Blake,S.,Black,D.,Carlson,M.,Davies,E.,Wang,Z.和W.Weiss,“差异化服务架构”,RFC 24751998年12月。

[RFC2570] Case, J., Mundy, R., Partain, D. and B. Stewart, "Introduction to Version 3 of the Internet-standard Network Management Framework", RFC 2570, April 1999.

[RFC2570]Case,J.,Mundy,R.,Partain,D.和B.Stewart,“互联网标准网络管理框架第3版简介”,RFC 25701999年4月。

[RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M. and S.Waldbusser, "Structure of Management Information Version 2 (SMIv2)", RFC 2578, April 1999.

[RFC2578]McCloghrie,K.,Perkins,D.,Schoenwaeld,J.,Case,J.,Rose,M.和S.Waldbusser,“管理信息的结构版本2(SMIv2)”,RFC 2578,1999年4月。

[RFC2702] Awduche, D., Malcolm, J., Agogbua, J., O'Dell, M. and J. McManus, "Requirements for Traffic Engineering Over MPLS", RFC 2702, September 1999.

[RFC2702]Awduche,D.,Malcolm,J.,Agogbua,J.,O'Dell,M.和J.McManus,“MPLS上的流量工程要求”,RFC 2702,1999年9月。

[RFC2748] Durham, D., Boyle, J., Cohen, R., Herzog, S., Rajan, R. and A. Sastry, "The COPS (Common Open Policy Service) Protocol", RFC 2748, January 2000.

[RFC2748]达勒姆,D.,博伊尔,J.,科恩,R.,赫尔佐格,S.,拉詹,R.和A.萨斯特里,“共同开放政策服务协议”,RFC 27482000年1月。

[RFC2749] Herzog, S., Boyle, J., Cohen, R., Durham, D., Rajan, R. and A. Sastry, "COPS Usage for RSVP", RFC 2749, January 2000.

[RFC2749]Herzog,S.,Boyle,J.,Cohen,R.,Durham,D.,Rajan,R.和A.Sastry,“警察对RSVP的使用”,RFC 2749,2000年1月。

[RFC2753] Yavatkar, R., Pendarakis, D. and R. Guerin, "A Framework for Policy-based Admission Control", RFC 2753, January 2000.

[RFC2753]Yavatkar,R.,Pendarakis,D.和R.Guerin,“基于政策的准入控制框架”,RFC 2753,2000年1月。

[RFC2828] Shirey, R., "Internet Security Glossary", FYI 36, RFC 2828, May 2000.

[RFC2828]Shirey,R.,“互联网安全词汇表”,FYI 36,RFC 2828,2000年5月。

[RFC3060] Moore, B., Ellesson, E., Strassner, J. and A. Westerinen, "Policy Core Information Model -- Version 1 Specification", RFC 3060, February 2001.

[RFC3060]Moore,B.,Ellesson,E.,Strassner,J.和A.Westerinen,“政策核心信息模型——版本1规范”,RFC 3060,2001年2月。

[RFC3084] Chan, K., Seligson, J., Durham, D., Gai, S., McCloghrie, K., Herzog, S., Reichmeyer, F., Yavatkar, R. and A. Smith, "COPS Usage for Policy Provisioning (COPS-PR)", RFC 3084, February 2001.

[RFC3084]Chan,K.,Seligson,J.,Durham,D.,Gai,S.,McCloghrie,K.,Herzog,S.,Reichmeyer,F.,Yavatkar,R.和A.Smith,“策略供应的COPS使用(COPS-PR)”,RFC 3084,2001年2月。

[RFC3159] McCloghrie, K., Fine, M., Seligson, J., Chan, K., Hahn, S., Sahita, R., Smith, A. and F. Reichmeyer, "Structure of Policy Provisioning Information," RFC 3159, August 2001.

[RFC3159]McCloghrie,K.,Fine,M.,Seligson,J.,Chan,K.,Hahn,S.,Sahita,R.,Smith,A.和F.Reichmeyer,“策略供应信息的结构”,RFC 3159,2001年8月。

[UML] The Unified Modeling Language User Guide. G. Booch, J. Rumbaugh, and I. Jacobson. Addison-Wesley, 1999.


[X.500] Data Communications Networks Directory, Recommendations X.500-X.521, Volume VIII - Fascicle VIII.8. CCITT, IXth Plenary Assembly, Melbourne. November 1988.


8. Authors' Addresses
8. 作者地址

Andrea Westerinen Cisco Systems, Bldg 20 725 Alder Drive Milpitas, CA 95035

加利福尼亚州米尔皮塔斯奥尔德大道20 725号楼思科系统公司安德里亚·韦斯特林,邮编95035


John Schnizlein Cisco Systems 9123 Loughran Road Fort Washington, MD 20744

美国马里兰州华盛顿堡拉夫兰路9123号思科系统公司John Schnizlein 20744


John Strassner Intelliden Corporation 90 South Cascade Avenue Colorado Springs, CO 80903 Phone: +1-719-785-0648

John Strassner Intelliden Corporation科罗拉多州斯普林斯市南卡斯克大街90号,邮编80903电话:+1-719-785-0648


Mark Scherling Xcert International Inc. Suite 300 505 Burrard Street Vancouver, BC V7X 1M3

Mark Scherling Xcert International Inc.不列颠哥伦比亚省温哥华伯拉德街505号300室V7X 1M3


Bob Quinn Celox Networks 2 Park Central Drive Southborough, MA 01772

马萨诸塞州南区公园中央大道2号Bob Quinn Celox Networks邮编01772


Jay Perry Network Appliance 495 East Java Drive Sunnyvale, CA 94089



Shai Herzog 200 Clove Rd. New Rochelle, NY 10801

Shai Herzog Policy Consulting.com纽约州新罗谢尔市丁香路200号,邮编10801


An-Ni Huynh Lucent Technologies 2139 Route 35 Holmdel, NJ 07733


Mark Carlson Sun Microsystems, Inc. 500 Eldorado Boulevard Broomfield, CO 80021



Steve Waldbusser


   Phone: +1-650-948-6500
   Fax:   +1-650-745-0671
   Phone: +1-650-948-6500
   Fax:   +1-650-745-0671
9. Full Copyright Statement
9. 完整版权声明

Copyright (C) The Internet Society (2001). All Rights Reserved.


This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English.


The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns.






Funding for the RFC Editor function is currently provided by the Internet Society.