| With the overwhelming development of network to large-scale,heterogeneity and high-speed,network management becomes more and more important.But the fast development of network results in low efficiency and high proneness to error.Network manager's enthusiasm shrivels when they confront such complex network.To lighten the complexity of operation,and to improve the flexibility and autonomy of the management,the vision of autonomic computing(AC) is proposed. The essence of autonomic computing systems is self-management.Autonomic computing,as the name suggests,is a metaphor based on biology.The general properties of an autonomic(self-managing) system can be summarised as four objectives:self-configuring,self-healing,self-optimising and self-protecting.With the future vision of AC,policy-based management(PBM) becomes a promising solution,which is developed to deliver simplification and automation of the network management process.The PBM,realizing by implement policies,is the embodiment of manager's global management ideas.PBM is one of the key but challenging areas of network management.But now PBM can not meet the need of AC, especially in self-management of policy,dynamic self-configuring,self-optimization, safely configuring.In this dissertation,inspired by classical conditioning,the most basic learning mode of biology,we presented a method of intelligent policy description based on classical conditioning,and then we proposed a dynamic policy adaptation framework. To improve PBM to traditional network management,we put forword a model which combines traditional SNMP network management and PBM.In addition,in order to make the policy change with the environment,we propose a policy optimization method and policy dormant mechanism.At last,confronting insecurity factors of campus network,we bring forword corresponding security policy to deal with them.The main thesis research results and characteristics are as follows:(1) Comparability between reflex,conditioned reflex and PBM is analyzed. Intelligent policy description based on classical conditioning is presented.The processes of reflex and conditioned reflex are described by policy,and some typical examples of classical conditioning are pictured.Then some typical network security cases are presented to testify how network management policies cater for the dynamic management of network security,and the selected network security policy is calculated and changed at run-time.So policy adapts dynamically by selecting and enabling/disabling a policy,or by learning the most suitable policy from the system behavior.(2) An adaptive network policy management model is presented in this paper,and it is based on the theory of classical conditioning,which is a basic learning mode of biological system.The proposed framework is an extension of Internet Engineering Task Force(IETF) framework for policy-based network,and it is built with several simple building blocks as a complete reflex arc.In order to learning which are the most suitable configuration policies from the system behavior,the network rules specified within our framework are dynamically triggered by comparing training stimulus of the experiments.Our approach provides the flexibility to adapt to the changing of network environment and the ability to simulate some typical experiments of classical conditioning.Furthermore,the major advantage of this procedure is that the framework could successfully realize the self-learning process of classical conditioning and achieves an adaptive network policy management.(3) The traditional management of centralized style cannot deal with the task of managing large-scaled distributed network.And policy-based management is one of the effective solutions in network and distributed systems management.By analyzing traditional network management and policy-based network management,a scalable network management model PSBNM is proposed,which takes full advantage of the two technologies and makes up the disadvantages of them.(4) A policy optimization study based on evolution learning is proposed.A certain policy only suits to a certain network environment.If the network environment changes, the certain policy does not suit any more.Thereby,the policy-based management should also have similar "natural selection" process.Useful policy will be retained,and policies which have lost their effectiveness are eliminated.For different shooting times, the priority of policy with high shooting times is improved,while policy hit a low rate has lower priority,and long-term no shooting policy will be dormant.Thus the strategy for the survival of the fittest is realized,and the degree of self-learning in policy management is improved.(5) Applications on policy-based network security management are carried on. Some security breaches in campus networks gradually emerged from the overwhelming development of network,specially represented by ARP snooping,or URL based content filtering,and network access security.They are deeply analyzed,and we propose solutions to these problems by using policy-based management and other network management technology.So information security of campus network is enhanced accordingly.
|
PDF Full Text Request