The present invention is directed to the field of computer networks. It is more specifically directed to validating configuration parameters and policy records stored in a remote repository.
The management and administration of a computer network is a complex process for most network operators and administrators. A network generally includes various network elements, such as servers, routers, firewalls, clients and switches. In order to inter-operate properly, each network element is configured with a specific set of parameters. These parameters dictate various aspects of network information, such as, what names and addresses should be used by a specific network element, which application is considered more important, what quality of service should be provided for specific applications in the network, and what type of security should be used for the different types of communication. Taken together, these parameters define the policies which are to be implemented in the network.
For a proper execution of the policies, it is essential that the different network elements be configured so that they support the policies defined for the network. Two network elements that use an encrypted tunnel for communication should use a consistent set of encryption parameters in order to operate properly. To achieve these goals, the different parameters for network element configuration can be stored in a central repository. The policies or configuration parameters of different elements retrieved from the central repository may be used by the different elements to configure themselves. One of the repositories that can be used to store this information is a directory in a network. Other possible repositories may store this information in a database.
When parameters are obtained from a remote repository in the network, there is a question as to whether the parameters are well-formed and could be trusted. Therefore, a network element may validate these parameters or policies prior to using them.
This validation step enables the network element to ensure a fault-free operation. However, in network elements that have limited computational resources, such a validation is not easy to make. This is true of many routers that run on embedded software platforms, or network elements that constitute a wireless, mobile, or home-area network. Due to the serious memory and computation power limitations of these devices, full validation of policies is generally not possible. However, in the absence of any policy validation, network elements run a serious risk of being incorrectly configured and may not work properly.
A solution to the problem of validation for resource-constrained network element is to have a validator, which has sufficient computational resources, to do the bulk of validation for the network elements. The validator stores validation information in the central repository. The network elements themselves have to perform much simpler tests on the validation information stored at the repository to ensure that the entries obtained from the repository are valid. This mechanism guards against accidental changes in configuration information, or a deliberate change by an non-trusted entity. Since the validator is a different entity than the repository of the policies or the network element obtaining the policies, this framework provides for third-party validation of records in the repository.
A solution within this framework for third-party validation needs to resolve some difficulties when policies are obtained from a remote repository. Policies in a database or directory are stored as different types of records or entries. Each entry has a multiplicity of attributes. A network element may obtain only a subset of the attributes stored for any entry in the repository. If a validator creates validation information that is dependent on all attributes of an entry, then an unnecessary burden of obtaining all the attributes is imposed on the network element.
Furthermore, the validation method permits a flexible trust model for the network elements and the validator. In some environments, the network infrastructure between the validator and the network elements may be secure enough so that cryptographic methods to ensure integrity of data may not be needed. In other cases, the infrastructure may not be secure and cryptographic techniques may be needed to ensure that no malicious agent can masquerade as the trusted third-party validator. A flexible validation method should enable efficient validation schemes in a secure environment and secure validation schemes in an insecure environment.
It is therefore an aspect of the present invention to provide a method, system and/or apparatus by which records stored in a remote repository are validated securely and flexibly by a trusted validator.
It is another aspect of this invention to provide a central repository which stores validation information which permits a secure and flexible validation of entries in the repository.
It is another aspect of this invention to provide a validator which verifies entries in a repository, and stores validation information in the repository for a secure and flexible validation of entries by other network clients.
It is still another aspect of this invention to provide a network element which validates entries obtained from a repository by verifying the validation information stored at that repository.