...
7.4 Policy Unification and Organization
In an expandable, multi-purpose Policy Framework, many types of Policy may be used. Policy may be organized using many convenient dimensions in order to facilitate the workings of the Framework within D2.0. A flexible organizing principle termed Policy Scope will enable a set of attributes to specify (to the degree/precision desired, and using any set of desired
“dimensions”) the precise “scope” of both policies and policy-enabled functions/components. Useful organizing dimensions of Policy Scope may include:
(a) Policy type or category, e.g., taxonomical, (b) Policy ownership / administrative domain, (c) geographic area or location, (d) technology type and/or specifics, (e) Policy language, version, etc., (f) security level or other security-related values/specifiers/limiters, (g) particular defined grouping, and (h) any other dimensions/attributes as may be deemed helpful, e.g., by Operations. Note that attributes can be defined for each dimension.
7.6 Policy Use
At runtime, policies that were previously distributed to policy-enabled components will be used by those components to control or influence their functionality and behavior, including any actions that are taken. In
16
By then setting values for these attributes, Policy Scope can be used to specify the precise Policy “scope” of: (A) Policy events or requests/triggers to allow each event/request to self-indicate its scope, e.g., which can then be examined by a suitable function for specifics of routing/delivery, (B) Policy decision/enforcement functions or other Policy functions to allow each Policy function to self-indicate its scope of decision making, enforcement, or other capabilities, (C) Virtual Functions of any type for auto-attachment to the appropriate Policy Framework and distribution mechanism instances, and most importantly to (D) individual policies to aid in management and distribution of the policies.
7.5 Policy Technologies
D2 Policy will utilize rather than replace various technologies; examples of possible policy areas are shown in the following table. These will be used, e.g., via translation capabilities, to achieve the best possible solution that takes advantage of helpful technologies while still providing in effect a single D2.0 Policy “brain.”
many cases, those policies will be utilized to make decisions, where these decisions will often be conditional upon the current situation.
A major example of this approach is the feedback/control loop pattern driven by DCAE. Many specific control loops can be defined. In a particular control loop, each participant (e.g., orchestrator, controller, DCAE, virtual function) will have received policies determining how it should act as part of that loop. All of the policies for that loop will have been previously created together, ensuring proper coordinated closed-loop action. DCAE can receive specific policies for data collection (e.g., what data to collect, how to collect, and how often), data analysis (e.g., what type and depth of analysis to perform), and signature and event publishing (e.g., what analysis results to look for as well as the specifics of the event to be published upon detecting those results). Remaining components of the loop (e.g., orchestrators, controllers, etc.) can receive specific policies determining actions to be taken upon receiving the triggered event from DCAE. Each loop participant could also receive policies determining the specific events to which it subscribes.