International Journal of Computer Networks & Communications (IJCNC)

AIRCC PUBLISHING CORPORATION

Establishment Of Virtual Policy Based Network Management Scheme By Load Experiments In Virtual Environment

Kazuya Odagiri1 , Shogo Shimizu2 and Naohiro Ishii 3

 1Sugiyama Jogakuen University, Aichi, 2Gakushuin Women’s College, Tokyo and

3Aichi Institute of Technology, Aichi, Japan

Abstract


In the current Internet-based systems, there are many problems using anonymity of the network communication such as personal information leak and crimes using the Internet systems. This is because the TCP/IP protocol used in Internet systems does not have the user identification information on the communication data, and it is difficult to supervise the user performing the above acts immediately. As a solution for solving the above problem, there is the approach of Policy-based Network Management (PBNM). This is the scheme for managing a whole Local Area Network (LAN) through communication control of every user. In this PBNM, two types of schemes exist. The first is the scheme for managing the whole LAN by locating the communication control mechanisms on the course between network servers and clients. The second is the scheme of managing the whole LAN by locating the communication control mechanisms on clients. As the second scheme, we have been studied theoretically about the Destination Addressing Control System (DACS) Scheme. By applying this DACS Scheme to Internet system management, we intend to realize the policy-based Internet system management finally. In the DACS Scheme, the inspection is not done about compatibility to cloud environment with virtualization technology that spreads explosively. As the result, the coverage of the DACS Scheme is limited only in physical environment now. In this study, we inspect compatibility of the DACS Scheme for the cloud environment with virtualization technology, and enlarge coverage of this scheme. With it, the Virtual DACS Scheme (vDACS Scheme) is established.

Keywords
policy-based network management, DACS Scheme

  1. Introduction

The current Internet system is a distributed autonomous system, and does not perform the unified safety and effective operation. When the Internet system is accessed by the user that does not understand structure of the Internet system very much, there are many problems using anonymity of the network communication, such as personal information leak and crimes using the Internet systems. The news of the information leak in the big company is sometimes reported through the mass media. On the other hand, the study for the purpose of putting the whole Internet system into the integrated management state is not performed now. Therefore, we aim at the realization of the secure and effective operative Internet system by promoting the study of the Internet Policy Based Network Management (Internet PBNM) under the long view. The Internet PBNM is the concept that we have proposed than before, and is the management scheme for managing the whole Internet system by applying the thinking of PBNM to it. In Figure 1, the image of  Internet PBNM is described.

Figure 1 : Internet PBNM

The study of the Internet PBNM has four steps as follows.

  • (Step1) Study on the PBNM managing the network of the specific organization
  • (Step2) Study on the PBNM managing the network group in the plural organizations
  • (Step3) Study on the PBNM managing the network group in the local domain that is within a constant range
  • (Step4) Study on the PBNM finally establishing Internet PBNM

In this paper, the study of the final stages in (Step1) is described. After the completion of this study, we are going to shift to (Step2). The existing PBNM realizes the network management of the own organization based on network policy and security policy. It manages the whole network of the specific organization through communication control (access control, encryption of the communication, quality of service). The existing PBNM is standardized in plural organizations such as Internet Engineering Task Force (IETF), Distributed Management Task Force (DMTF), Telecoms and Internet converged Services and protocols for Advanced Network (TISPAN) of European Telecommunications Standards Institute (ETSI), International Telecommunication Union Telecommunication Standardization Sector (ITU-T).  However, when we aim at the realization of Internet PBNM by extending this existing PBNM, it becomes the required condition that a specific administrative organization manages the network which other organizations hold. The existing PBNM is the scheme that places the Policy Enforcement point (PEP) for communication control on the course of a network. Therefore, the administrative organization must change the other organization’s network equipment. Then, the following problems occur.

  • Outbreak of the additional cost by the change of the network equipment
  •  Network topology change by application of the existing PBNM
  •  Limits on security policy and network policy which is caused by the network equipment change by the administrative organization.

 

%d bloggers like this: