ACL Data Model for NETCONF

Members of the IETF Network Configuration (NETCONF) Working Group
have published a draft "ACL Data Model for NETCONF." The Working
Group was chartered to produce a protocol for network configuration
that uses XML for data encoding purposes: "Configuration of networks
of devices has become a critical requirement for operators in today's
highly interoperable networks. Operators from large to small have
developed their own mechanisms or used vendor specific mechanisms to
transfer configuration data to and from a device, and for examining
device state information which may impact the configuration..." The
"ACL Data Model" document introduces a data model developed by the
authors so that it facilitates discussion of data model which NETCONF
protocol carry. Data modeling of configuration data of each network
function is necessary in order to achieve interoperability among NETCONF
entities. For that purpose, the authors devised an ACL data model and
developed a network configuration application using that data model...
The data model was originally designed in a style of UML (Unified
Modeling Language) class diagram. From the class diagram ACL's XML
schema can be generated; the configuration data are sent in a style
conforming to this XML schema. The configuration application developed
using the ACL data model can open and read the file. Then, the
configuration application reads the lists of ACL line by line and
transforms them into a NETCONF request message conforming to the XML
schema listed before. And the configuration application sends the
NETCONF request message and configures the network device accordingly...
When we exchange NETCONF messages based on the data model we proposed,
security should be taken care of. WS-Security can achieve secure data
transportation by utilizing XML Signature, XML Encryption mechanism...." More Information