Electrical computers and digital processing systems: multicomput – Computer network managing – Computer network access regulating
Reexamination Certificate
2000-08-24
2004-11-16
Maung, Zarni (Department: 2154)
Electrical computers and digital processing systems: multicomput
Computer network managing
Computer network access regulating
C709S250000, C711S216000
Reexamination Certificate
active
06820121
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates to policy rule based operations and more particularly to policy rule based computer network systems such as computer networks.
BACKGROUND OF THE INVENTION
Computer networks have grown increasingly complex with the use of distributed client/server applications, mixed platforms and multiple protocols all in a single physical backbone. The control of traffic on networks is likewise moving from centralized information systems departments to distributed work groups. The growing utilization of computer networks is not only causing a move to new, high speed technologies, but is at the same time making the operation of computer networks more critical to day to day business operations. The use of quality of service (QoS) criteria for managing and/or contracting communication service level agreements (SLAs) is becoming increasingly common in networks, such as networks supporting Internet protocol (IP) communications.
The Internet Engineering Task Force (IETF) has proposed a set of policy schemas (object oriented models of policy classes and policy attributes) and a policy framework for managing future networks. The IETF proposed policy based networking technology is described in the Internet draft entitled “Policy Core LDAP Schema,” draft-IETF-policy-core-schema-07.txt, Jul. 14, 2000 (“IETF proposal”). Among other things, the IETF proposal includes three policy classes referred to as policy Rule, policy Action and policy Condition respectively. A policy rule (class policyRule) has the following semantics: “If Condition then Action.” In other words, the actions (class policyAction) specified by a policy rule are to be performed/executed only if the policy condition (class policyCondition) evaluates to TRUE (i.e., is met).
Stated differently, the IETF proposal provides policy conditions which represent a set of criteria that are used to identify various groupings, such as host(s), routing, application(s), based on which, if the condition evaluates to TRUE, appropriate actions are performed. The application condition group, for example, includes, among other things, an attribute that is used to identify the content of the application data to be used in the policy condition evaluation. This data, for Web requests, generally represents the Universal Resource Indicator (URI) portion of the Universal Resource Locator (URL) or the directory where the object of the request is located.
In addition to the network environment, various other areas are dependent upon operations which are policy rule based. Thus, structuring procedures or methods based upon a policy expressed as “If Condition then Action” may be generalized across a broad scope of applications where similar issues of implementation may be encountered. Some of these application environments operate under conditions without time pressures. However, implementation of such policy rule based operations in time sensitive environments, such as a high speed network environment, can place time critical demands on processing capabilities of various network communication server devices. Rapid detection of the application data type or other aspects of a communication packet processed by a communication server may be critical, for example, where service differentiation by different data types is utilized to guarantee SLAs related to QoS.
As an example, in the environment of the worldwide Web (Web or Internet), each hypertext transport protocol (HTTP) type request can result in a different data type(s) being sent to a requesting client device from a server device. For example, an HTTP request may call for video/audio data streaming, transaction oriented data, FTP data, etc. Different data types may require different service levels to be assigned while the data is being transmitted to the client. For instance, File Transfer Protocol (FTP) type data generally requires low loss but is not highly sensitive to delays whereas video/audio data will typically be sensitive to delay but not to loss.
SUMMARY OF THE INVENTION
Embodiments of the present invention include methods, systems and computer program products which provide for processing an event having a classification based on associated policy rules where the policy rules are conditioned on the classification. A policy rules hash table is provided including a plurality of policy rule entries, each policy rule entry being associated with a hash index. An event is received and a hash index is generated using a classification hash length based on the classification of the event, the classification having an associated length at least equal to the classification hash length. A policy rule entry in the policy rules hash table is identified that corresponds to the generated hash index. It is determined if a classification field length associated with the identified policy rule corresponds to the classification hash length. The identified policy rule entry is executed if the hash length associated with the identified policy rule corresponds to the classification hash length.
In further embodiments of the present invention, the hash index is generated using a list identifying classification hash lengths to be used for generation of a hash index for a plurality of candidate classification lengths of the classification. The list has associated classification hash lengths corresponding to classification field lengths associated with at least one of the plurality of policy rule entries. A classification hash length is identified from the provided list for the received event which is no greater than the associated length of the classification. The hash index is generated using the identified classification hash length.
Identification of a classification hash length in various embodiments includes identifying from the provided list a classification hash length for the received event which is equal to the associated length of the classification of the received event if such a classification hash length is found in the provided list. A classification hash length which is found in the provided list is selected as a classification hash length for the received event, the selected classification hash length being a largest length not greater than the associated length of the classification of the received event, if a classification hash length which is equal to the associated length of the classification of the received event is not found in the provided list.
In other embodiments of the present invention, the identified policy rule entry has a plurality of associated conditions, the classification being one of the plurality of associated conditions. It is determined if all of the plurality of associated conditions are met and the identified policy rule entry is executed only if all of the plurality of associated conditions are met.
In yet other embodiments of the present invention, a method is provided for processing an event having a classification based on associated policy rules, the policy rules being conditioned on the classification. A policy rules hash table is provided including a plurality of policy rule entries, each policy rule entry being associated with a hash index. A list is also provided identifying classification hash lengths to be used for generation of a hash index for a plurality of candidate classification lengths of the classification, the list having associated classification hash lengths corresponding to classification field lengths found in at least one of the plurality of policy rule entries. An event is received. A classification hash length is identified from the provided list for the received event which is no greater than an associated length of the classification of the received event. A hash index is generated using the identified classification hash length. A policy rule entry is identified in the policy rules hash table that corresponds to the generated hash index and that has an associated classification field length that corresponds to the classification hash length of the event. It is determined if all conditions associated with
Callis Gregory M.
Franks Jon Kevin
Huynh Lap Thiet
Nguyen Loan
Shannon Diane Iupe
Herndon Jerry W.
International Business Machines - Corporation
Maung Zarni
Myers Bigel Sibley & Sajovec P.A.
LandOfFree
Methods systems and computer program products for processing... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Methods systems and computer program products for processing..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Methods systems and computer program products for processing... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3322785