Research On Policy Conflicts Detection And Resolution Mechanism Of Policy-based Network Management For Mobile IP Handoff

With the development of wireless technology and mobile communication, the support for mobility has become inevitable demand of NGN. This paper integrates policy with the QoS management for mobile IP handoff in order to ensure QoS of multimedia flexibility. Making use of the mobility of mobile node and forecasting information of resource requirement automatically create dynamic policy for allocating resource by system itself. In order to ensure QoS of multimedia service for mobile IP handoff, using dynamic policy to complete admittance control and resource allocation before mobile node handoff. The IETF's policy definition is that policy is a set of management rules which are composed of conditions and actions. The satisfaction of some conditions may cause the execution of a group of actions. However, when this paper apply several different policies on the same network equipment, the maintenance of the consistence between management policies becomes more and more important. The consistent detection between policies is to estimate if there are conflicts between policies, i.e. the conditions of two or more policies are satisfied at the same time, however, the actions couldn't be executed simultaneously.The IETF and DMTF's PBNM framework is composed of five parts: policy management tool, which provides the network manager with a centralized visual interface to define policies as well as the functions of performing policy transformation and consistent detection; policy repository, which is used to store technical policy and can be implemented by the directory server; policy decision point, which sees to select the appreciate policys from the policy repository and transforms them into the managed device's configurations, then send them to PEP; policy enforcement point, which generates the conditions transferred to PDP in terms of network states and the events that happens in the network, further more receives and executes the actions generated by PDP;policy communication protocols, including LDAP protocol used for PDP accessing the policy repository and COPS protocol used for the interaction between PDP and PEP as well as the extended protocol COPS-RSVP and COPS-PR.Policy-based network resource reservation framework contains a number of wireless management domains. In each domain the differentiated-service model provides application program QoS. All the wireless domains are connected by some differentiated transmission domains to provide end-to-end network services for the mobile district. In differentiated services wireless domain, all network elements must support differentiated services IP router function. Gateway and base station which are connected by the core routers are called border router. Gateway is the interface which connects differentiated services transmission domain. In the framework, the administrator convertes SLA of QoS into policy rules. According to the policy framework defined by IETF, each domain uses policy depository to store policy rules.Policy conflict detection and resolution is an important problem after policy generation. It's necessary to ensure that the new generated policy cann't conflict with them in the policy depository. The major task is to avoid conflicts when defining policy. Policy conflict may happen in two aspects: when adding a new policy, the new policy may have conflicts with policy depository; when system runing, policy also may take place conflict. This kind of dynamic potential conflict is difficult to forecast.Now many academic organizations devote to the research of policy and PBNM system, among which the policy work groups in the Imperial University and Bell laboratory have done some outstanding work. Both of them have developed their own policy language and policy framework as well as the approach of policy conflict resolution based on the policy language they developed. The Imperial University explored the conflict detection mechanism for security policy using role-based accessing control and the ponder language template. The network management system developed by Bell laboratory uses the policy description language (PDL). Since the policy description language is based on events, they put forward the approach of policy conflict resolution using event-based logic programming.The policy-based network management adheres to the concept of"modality"all the time, such as policy representation, policy trigger, policy execution, all of which depend on the modality. Moreover the concrete approach of policy conflict detection and resolution ties to the modality of policy more closely. So, first of all, this paper presents the formal definition of policy, policy rule and policy conflict using set-based algebraic structure which helps to convey the information of actions executed when the policy conflict happens. This paper builds a policy conflict action depository. Detecting the relation of sets between policy conditions when detecting policy conflict, and finding the action according to condition in the conflict action depository to decide whether conflict or not. To the policy action resolution, this paper puts forward the policy conflict resolution based on semi-lattice. The semi-lattice can be regarded as a partially ordered set and may be represented in graph. The policy conflict happens when the conditions of two or more policy rules intersect but their action sets are not the same one, and it can be resolved by selecting a new action to be executed after detection. Therefore this paper can draw a conclusion: if an action set is coincident to semi-lattice, it is sure that a new action can be selected for policy conflict resolution. The advantage of policy conflict resolution based on the semi-lattice is that it can inherit all the mathematical results and algorithms from graph theory. In addition, this approach is independent of the policy syntaxes and of the layer at which the rules are defined. In fact, this paper abstracts the conflict resolution as the selection of a new action to enforce when two or more rules conflict.This paper use Sun One Directory Server as the policy repository to store policy, JAVA programming language to develop the policy management tool, Netscape Directory SDK to implement the LDAP API and Oracle database to develop policy conflict detection database and case database. The policy management tool provides the network manager with plentiful policy definition interfaces. It can receive dynamic policy according to the forecasting information, then detect and resolute conflict, and store policy into the policy repository.