This invention relates to a network element as set forth in the preamble of claim 1, to a method of controlling a network element as set forth in claim 7, and to a controller for a network element as set forth in the preamble of claim 9.
Network elements are pieces of equipment in a communications network which serve, for example, to establish connections within the network, provide access to the network, switch connections in the network, or change the format of messages which are transmitted in the network. In a synchronous digital communications network based on the synchronous digital hierarchy (SDH) or in Synchronous Optical Networks (SONETs), the network elements include crossconnects, add/drop multiplexers, and line multiplexers.
Such network elements contain a controller for controlling and monitoring network-element-specific functions. In an article by S. Colombo et al, xe2x80x9cTechnologie der SDH-Netzelemente: die Software-Platformxe2x80x9d, Elektrisches Nachrichtenwesen, 4th Quarter 1993, pp. 322-328, it is described that network elements operate and are controlled in accordance with an object-oriented specification which was defined by international standards committees such as CCITT (now ITU-T), ETSI, or ANSI. Functions of the network elements are described and implemented in the form of managed objects (MO).
Managed objects are real life imagesxe2x80x94and thus descriptions of static and dynamic propertiesxe2x80x94of physical or virtual components (resources) of the network element. In CCITT Recommendation X.720 (01/92), a managed object is defined as an abstraction of data processing and data processing resources (e.g., protocol state machines, connections, and modems) for the purposes of management.
According to the above article by S. Colombo et al, the controller of a network element comprises:
processor hardware consisting of CPU, memory, and permanent (xe2x80x9cpersistentxe2x80x9d) storage;
a processor platform with OSI stack, operating system, data management, interprocess communication, and defense functions;
a so-called framework, which has a common application program interface (API) for managed object implementation; and
a number of network element functions which are implemented by managed objects.
The xe2x80x9cframeworkxe2x80x9d incorporates an attribute library, which provides services for accessing the managed objects, such as SET, GET, REPLACE, CREATE or DELETE. It further provides an interobject communication service, which controls communication between different managed objects.
A disadvantage of this approach is that access rights, which determine which access services are permitted for the individual managed objects, have to be taken into account in the programming of the network element functions in each individual case and encoded into the source code of the object classes (applications). This is complicated and prone to error.
It is an object of the invention to provide a network element, a controller for a network element, and a method of controlling a network element which permit more flexible and less error-prone management of the access rights of managed objects.
This object is attained with respect to the network element by the features of claim 1, with respect to the method by the features of claim 7, and with respect to the controller by the features of claim 9. Further advantageous aspects of the invention are defined in the dependent claims.
The invention simplifies the management of access rights during communication between managed objects.
A particular advantage of the invention is that the functionality of a network element can be extended or restricted without making any changes to hardware and software, simply by loading new service profiles. This makes it possible to provide a network element version with standard functions and a version with extended functions using identical hardware and software.
A further advantage of the invention is that by means of service profiles it is possible to hide entire managed-object classes from one or more user groups and to make this class accessible by, and thus xe2x80x9cvisiblexe2x80x9d to, only one particular user group, for example.