idnits 2.17.1 draft-jilongwang-opsawg-nrc-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (July 17, 2018) is 2082 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- No issues found here. Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 opsawg WJL. Wang, Ed. 3 Internet-Draft MCC. Miao, Ed. 4 Intended status: Informational ZSY. Zhuang, Ed. 5 Expires: January 18, 2019 ZQL. Zhang, Ed. 6 Tsinghua University 7 CJF. Chen, Ed. 8 CETC 9 July 17, 2018 11 Framework for Network Resources Categorization 12 draft-jilongwang-opsawg-nrc-00 14 Abstract 16 This memo discusses and defines a framework for network resources 17 categorization that can identify and describe all the network to 18 assist network management. Now network resources have not been 19 systematically defined and classified. The objective of this draft 20 is to illustrate the applicability of framework for network resources 21 categorization through use cases, then discuss the basic methodology 22 and propose a not relatively mature framework for continued 23 supplement and improvement. 25 Status of This Memo 27 This Internet-Draft is submitted in full conformance with the 28 provisions of BCP 78 and BCP 79. 30 Internet-Drafts are working documents of the Internet Engineering 31 Task Force (IETF). Note that other groups may also distribute 32 working documents as Internet-Drafts. The list of current Internet- 33 Drafts is at https://datatracker.ietf.org/drafts/current/. 35 Internet-Drafts are draft documents valid for a maximum of six months 36 and may be updated, replaced, or obsoleted by other documents at any 37 time. It is inappropriate to use Internet-Drafts as reference 38 material or to cite them other than as "work in progress." 40 This Internet-Draft will expire on January 18, 2019. 42 Copyright Notice 44 Copyright (c) 2018 IETF Trust and the persons identified as the 45 document authors. All rights reserved. 47 This document is subject to BCP 78 and the IETF Trust's Legal 48 Provisions Relating to IETF Documents 49 (https://trustee.ietf.org/license-info) in effect on the date of 50 publication of this document. Please review these documents 51 carefully, as they describe your rights and restrictions with respect 52 to this document. Code Components extracted from this document must 53 include Simplified BSD License text as described in Section 4.e of 54 the Trust Legal Provisions and are provided without warranty as 55 described in the Simplified BSD License. 57 Table of Contents 59 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 60 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 61 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 62 3. Use cases . . . . . . . . . . . . . . . . . . . . . . . . . . 4 63 3.1. Network Management . . . . . . . . . . . . . . . . . . . 4 64 3.2. Network Search . . . . . . . . . . . . . . . . . . . . . 4 65 3.3. Network Security . . . . . . . . . . . . . . . . . . . . 5 66 4. Methodology for Network Resources Categorization . . . . . . 5 67 4.1. Basic Principles . . . . . . . . . . . . . . . . . . . . 5 68 4.1.1. Scientific principle . . . . . . . . . . . . . . . . 5 69 4.1.2. Systematic principle . . . . . . . . . . . . . . . . 6 70 4.1.3. Orthogonality principle . . . . . . . . . . . . . . . 6 71 4.1.4. Consistency principle . . . . . . . . . . . . . . . . 6 72 4.1.5. Scalable principle . . . . . . . . . . . . . . . . . 6 73 4.2. Requirements on categorization . . . . . . . . . . . . . 6 74 5. Framework for Network Resources Categorization . . . . . . . 7 75 5.1. Class-I . . . . . . . . . . . . . . . . . . . . . . . . . 7 76 5.2. Class-II . . . . . . . . . . . . . . . . . . . . . . . . 8 77 5.2.1. Network Infrastructure . . . . . . . . . . . . . . . 9 78 5.2.2. Network application service . . . . . . . . . . . . . 10 79 5.2.3. Network data source . . . . . . . . . . . . . . . . . 10 80 5.2.4. Network virtual subject . . . . . . . . . . . . . . . 12 81 5.3. Class-III and Class-IV . . . . . . . . . . . . . . . . . 12 82 5.3.1. Autonomous domain . . . . . . . . . . . . . . . . . . 12 83 5.3.2. Network . . . . . . . . . . . . . . . . . . . . . . . 13 84 5.3.3. Intermediate node . . . . . . . . . . . . . . . . . . 16 85 5.3.4. Terminal node . . . . . . . . . . . . . . . . . . . . 18 86 5.3.5. Link . . . . . . . . . . . . . . . . . . . . . . . . 19 87 5.3.6. Inorganic service . . . . . . . . . . . . . . . . . . 21 88 5.3.7. Organic service . . . . . . . . . . . . . . . . . . . 24 89 5.3.8. Code . . . . . . . . . . . . . . . . . . . . . . . . 25 90 5.3.9. Text resource . . . . . . . . . . . . . . . . . . . . 25 91 5.3.10. Picture resource . . . . . . . . . . . . . . . . . . 26 92 5.3.11. Audio resource . . . . . . . . . . . . . . . . . . . 26 93 5.3.12. Video resource . . . . . . . . . . . . . . . . . . . 27 94 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 27 95 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 27 96 8. Security Considerations . . . . . . . . . . . . . . . . . . . 27 97 9. Normative References . . . . . . . . . . . . . . . . . . . . 27 98 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 28 100 1. Introduction 102 Network resources have existed objectively, including physical 103 resources such as traditional network facilities and access devices, 104 as well as virtual resources such as application services and 105 information resources, which can be detected using software or 106 hardware tools based on certain methods, techniques and standards. 107 At present, network resources have not been systematically defined 108 and classified. Most of them are given corresponding names depending 109 on their purpose or vendor, but they seem to be in a "divine" state. 110 Each resource cannot find its own location in network. 112 The complexity and diversity of network resources make the 113 traditional categorization methods difficult to cover, unify and 114 integrate. Therefore, it is necessary to establish a framework for 115 network resources to systematically classify, define, identify and 116 describe all the network. The objective of this draft is to 117 illustrate the applicability of framework for network resources 118 categorization through use cases, then discuss the basic methodology 119 and propose a not relatively mature framework for continued 120 supplement and improvement 122 This memo discusses and defines a framework for network resources 123 categorization that can identify and describe all the network to 124 assist network management. Network resources are systematically 125 named, defined, classified and described to meet the completeness, 126 measurability, scalability and relative orthogonality of resources 127 categorization from the point of view of the network architecture. 128 We provide a unified description of network elements and their 129 attributes to support integration and management of surveying and 130 mapping information. The overall standard framework helps to 131 establish a network resources database, which can be used as the 132 basis for network information storage and sharing in the future. 134 1.1. Requirements Language 136 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 137 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 138 document are to be interpreted as described in RFC 2119 [RFC2119]. 140 2. Terminology 142 Methods of linear classification: The classification objects are 143 divided into several levels according to specific forms and 144 attributes, and each level is divided into several categories. The 145 same level category constitutes a parallel relationship, and 146 different level categories form a affiliation relationship. 148 category in higher level: In the methods of linear classification , a 149 category is called category in higher level relative to the next- 150 level category directly divided by it. 152 category in lower level: In the methods of linear classification, a 153 category is called category in lower level relative to the upper- 154 level category that classifies the category. 156 category in same level: In the methods of linear classification, a 157 number of lower-level categories directly classified by a category 158 are called category in same level. 160 3. Use cases 162 The following sections highlight some of the most common framework 163 for network resources categorization use case scenarios and are in no 164 way exhaustive. 166 3.1. Network Management 168 Network management is the process of administering and managing 169 computer networks. Services provided by this discipline include 170 fault analysis, performance management, provisioning of networks and 171 maintaining the quality of service. Now The variety of resources 172 lead to confusion in network. Network resources as the object of 173 network management need to be paid more attention. But for network 174 managers, there is a lack of uniform identification, location and 175 management of resources. 177 The framework for network resources categorization offers a way for 178 network managers to divide the managed resources. It provides unique 179 identities for each resource, that is, all resources can find the 180 appropriate location in the resources framework tree. Then the 181 corresponding code, name and attributes are added into the database 182 to facilitate unified management. At the same time, for resources 183 with abnormal properties ,it can be located and fixed vulnerabilities 184 in time. 186 3.2. Network Search 188 Now many platforms(Shodan, Censys etc.) detect network from the 189 network layer to the application layer based on multiple detection 190 technologies. The main goal is to identify network resources, 191 including websites, network hardware, etc and provide network 192 identifiable resources search and classification, establish 193 corresponding database to support user full-text search, regular 194 expression, boolean logic and digital range search. But the lack of 195 a unified standardized model will lead to inaccurate and incomplete 196 retrieval of resources. 198 This framework classifies the resources of the whole network. It can 199 be used to fill the resources search database, and cover the 200 resources that have not been covered before. At the same time, 201 standardize the storage of network resources and improve the search 202 efficiency. 204 3.3. Network Security 206 Network viruses and worms themselves are also a kind of network 207 resources. With the deepening of network opening and complexity, 208 network viruses and worms are evolving constantly, and the 209 characteristics of diversity and spatial discretization are 210 increasing, resulting in a great hidden danger of network security. 212 The framework for network resources categorization can locate the 213 network resources more accurately and distinguish the benign or 214 malignant network resources, study the process of virus evolution and 215 the possible effects according to the attached attributes , and 216 provide a clearer way to safeguard the operation of network space 217 security, such as anti virus, antivirus and so on. 219 4. Methodology for Network Resources Categorization 221 4.1. Basic Principles 223 The network resources categorization rules SHOULD follow the 224 following principles to meet the completeness, measurability, 225 scalability and relative orthogonality of resources categorization. 227 4.1.1. Scientific principle 229 Categorization rules SHOULD be consistent with the basic. 230 organizational rules of network resources. 232 The resources categorization perspective SHOULD meet the traditional 233 internet resources integration requirements, and meet the mapping 234 entity integration requirements of the multi-sources mapping 235 platform. 237 The resources categorization system SHOULD start from the traditional 238 network resources system and cover resource elements and have certain 239 compatibility. 241 4.1.2. Systematic principle 243 The network resources categorization architecture can sort and 244 systemize all network resources according to their characteristics, 245 correctly reflect the vertical and horizontal architecture, and form 246 a reasonable categorization system. 248 Each resource in the system occupies a position. And it SHALL 249 reflect the certain relationship between resources, and profoundly 250 reveal the network relationship and the whole picture between 251 resources. 253 4.1.3. Orthogonality principle 255 Each taxonomic unit of each categorization level in the resources 256 categorization system SHOULD be mutually incompatible, so that any 257 network resource cannot belong to two groups at the same time. That 258 is, the unique encoding allows the network resources to be uniquely 259 identified and described. 261 4.1.4. Consistency principle 263 Categorization design SHOULD be consistent with other national 264 standards in related fields, and at the same time meets the original 265 information concept and semantic consistency when resources coding 266 and code expansion, addition and deletion. 268 4.1.5. Scalable principle 270 It SHALL meet the needs of the development and change of network 271 resources to a great extent. It can increase the categorization of 272 different levels and can also be extended for expansion of unknown 273 resources. 275 4.2. Requirements on categorization 277 This section describes the requirements for categorization of network 278 resources . The network resources categorization SHOULD meet these 279 requirements to make sure it is orthogonal and accurate. Note that 280 the requirements listed in this section have been separated from the 281 context in which they may appear. 283 The following template is used for the definition of the 284 Requirements: 286 Req-ID: An ID composed of a unique two-digit number. 288 Description: The rationale and description of the requirement. 290 The detail requirements on categorization are listed as following: 292 Req-ID: 01 294 Description: The total range of categories in lower level classified 295 by categories in higher level SHOULD be the same as the range of 296 categories in higher level. 298 Req-ID: 02 300 Description: When dividing category in higher level, SHOULD choose 301 the same classification perspective to get the categories in lower 302 level. 304 Req-ID: 03 306 Description: The categories in same level SHALL do not intersect, do 307 not repeat, and only correspond to a category in higher level. 309 Req-ID: 04 311 Description: Categorization SHOULD be carried out from high to low, 312 and there MUST be no jump. 314 5. Framework for Network Resources Categorization 316 This framework for network resources categorization uses methods of 317 linear classification to classify them into five categories: 318 category, sub-category, large, medium and small-category based on the 319 above principles and requirements. It specifies the classification 320 names of the categories, Class-I, Class-II, Class-III, Class-IV, 321 Class-V, and the small-categories are subdivided and named according 322 to the application requirements. 324 5.1. Class-I 326 Firstly, The categories of network resources are divided into four 327 categories: the network infrastructure, the network application 328 service, the network data resource and the network virtual body based 329 on the sources, applications and activities of network resources. 330 Then the 4 categories are further subdivided into 12 sub-categories. 332 The following template is used for the definition of the 333 categorization of network resources: 335 Class-I: The name of network resources category in highest level 336 EnCode-q: An ID organized in OID format to identify network 337 resources. It can be added to 1.3.6.1.2 mgmt RFC3232 [RFC3232]. 339 Upper-Class: The name of its category in higher level. 341 Attribute:The characteristics of this network resource category from 342 different levels of internet. 344 Class-I: Network Infrastructure 346 EnCode-q:1 348 Upper-Class: None 350 Attribute:MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 351 address\ Operating System\ 353 Class-I: Network application service 355 EnCode-q:2 357 Upper-Class: None 359 Attribute:MAC Address\IP Address\Port\Service\ Protocol\Performance\ 361 Class-I: Network data source 363 EnCode-q:3 365 Upper-Class: None 367 Attribute:IP Address\Port\Service\ Protocol\ Data Format\ Data 368 size\Data Permission\ 370 Class-I: Network virtual subject 372 EnCode-q:4 374 Upper-Class: None 376 Attribute:IP Address\Port\Service\ Protocol\Account Name\ Landing 377 Time\ 379 5.2. Class-II 381 The following template is used for the definition of the 382 categorization of network resources category in second category 383 level: 385 Class-II: The name of network resources category in second level 387 EnCode-q: An ID organized in OID format to identify network 388 resources. It can be added to 1.3.6.1.2 mgmt RFC3232 [RFC3232]. 390 Upper-Class: The name of its category in higher level. 392 Attribute: The characteristics of this network resource category from 393 different levels of internet. 395 5.2.1. Network Infrastructure 397 The Network infrastructure is the physical part of the network 398 resources which provides basic support, including various hardware 399 devices. It is the material basis of all network services and is 400 divided into the following 5 sub-category based on the internet 401 architecture and its network functions, device roles and network 402 levels . 404 Class-II: Autonomous domain 406 EnCode-q:1.1 408 Upper-Class: Network Infrastructure (EnCode-q:1) 410 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 411 address\ Operating 412 System\ASN\ISP\Institutions\Organizations\Operators\ 414 Class-II: Network 416 EnCode-q:1.2 418 Upper-Class: Network Infrastructure (EnCode-q:1) 420 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 421 address\ Operating System\Network 423 Class-II: Intermediate node 425 EnCode-q:1.3 427 Upper-Class: Network Infrastructure (EnCode-q:1) 429 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 430 address\ Operating System\Model Number Code 432 Class-II: Terminal node 433 EnCode-q:1.4 435 Upper-Class: Network Infrastructure (EnCode-q:1) 437 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 438 address\ Operating System\ Model Number Code\ 440 Class-II: Link 442 EnCode-q:1.5 444 Upper-Class: Network Infrastructure (EnCode-q:1) 446 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 447 address\ Operating System\ Transmission medium\Protocol\ 449 5.2.2. Network application service 451 Network application service is an application running on top of the 452 network application layer and provide data storage, manipulation, 453 rendering, communication, or other capabilities. These capabilities 454 typically use an application layer network protocol. It is 455 classified into inorganic services and organic services based on the 456 internet architecture and the unity of a network application service. 458 Class-II: Inorganic service 460 EnCode-q:2.1 462 Upper-Class: Network application service (EnCode-q:2) 464 Attribution: MAC Address\IP Address\Port\Service\ 465 Protocol\Performance\ 467 Class-II: Organic service 469 EnCode-q:2.2 471 Upper-Class: Network application service (EnCode-q:2) 473 Attribution: MAC Address\IP Address\Port\Service\ 474 Protocol\Performance\ 476 5.2.3. Network data source 478 Network data is defined as a resource that is stored on the Internet 479 and is not running. We divide it into five categories based on 480 resource content. 482 Class-II: Code 484 EnCode-q:3.1 486 Upper-Class: Network data source(EnCode-q:3) 488 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 489 size\Data Permission\ Programming Language\ 491 Class-II: Text resource 493 EnCode-q:3.2 495 Upper-Class: Network data source(EnCode-q:3) 497 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 498 size\Data Permission\ 500 Class-II: Picture resource 502 EnCode-q:3.3 504 Upper-Class: Network data source(EnCode-q:3) 506 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 507 size\Data Permission\ 509 Class-II: Audio resource 511 EnCode-q:3.4 513 Upper-Class: Network data source(EnCode-q:3) 515 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 516 size\Data Permission\ 518 Class-II: Video resource 520 EnCode-q:3.5 522 Upper-Class: Network data source(EnCode-q:3) 524 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 525 size\Data Permission\ 527 5.2.4. Network virtual subject 529 The virtual subject of network refers to the account behavior of the 530 network virtual feature stored on the Internet. The carrier of the 531 user in network is a virtual account, So The network virtual subject 532 is divided into the following sub- category. 534 Class-II: Network account 536 EnCode-q:4.1 538 Upper-Class: Network virtual subject (EnCode-q:4) 540 Attribution: IP Address\Port\Service\ Protocol\Account Name\ Landing 541 Time\ 543 5.3. Class-III and Class-IV 545 Note that Network infrastructure, the categorization of the large- 546 categories are organized from the hierarchical location of the 547 network infrastructure in the network architecture and the role 548 played by it. 550 Note that Network application service, first organize the 551 categorization of large-category from the perspective of whether the 552 application is based on ports, and then classify these categories 553 according to the types of services provided by the application. 555 Note that Network data source, firstly the categorization of large- 556 categories are organized from whether the data resources need to be 557 compiled, the storage mode , structure of the data resources and the 558 functions of the data resources are completed. And then classify 559 these categories according to the application scenarios of the data 560 and the data are performed. 562 On the basis of category and sub-category, the resources are further 563 classified and named according to methods of linear classification. 564 On the basis of 4 Class-I and 13 Class-II, there are 22 categories, 565 of which there are 10 network infrastructure categories,5 network 566 application services categories and 7 network data resources 567 categories. 569 5.3.1. Autonomous domain 571 We continue "Autonomous domain" sub-category categorization. 573 Class-III: Autonomous domain. 575 EnCode-q:1.1.1 577 Upper-Class: Autonomous domain (EnCode-q:1.1) 579 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 580 address\ Operating 581 System\ASN\ISP\Institutions\Organizations\Operators\ 583 According to the division of the number of digits of the autonomous 584 system number ASN which is owned by each autonomous region. This 585 large-category is divided into 16 autonomous regions and 32 586 autonomous regions, with a total of 2 categories. 588 Class-IV:Autonomous domain(16 bits) 590 EnCode-q:1.1.1.1 592 Upper-Class: Autonomous domain (EnCode-q:1.1.1) 594 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 595 address\ Operating 596 System\ASN\ISP\Institutions\Organizations\Operators\ 598 Class-IV:Autonomous domain(32 bits) 600 EnCode-q:1.1.1.2 602 Upper-Class: Autonomous domain (EnCode-q:1.1.1) 604 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 605 address\ Operating 606 System\ASN\ISP\Institutions\Organizations\Operators\ 608 5.3.2. Network 610 The subcategories of "network" are organized in accordance with the 611 characteristics of whether the application layer is only oriented to 612 the application layer or the main application layer. 614 Class-III: physical network 616 EnCode-q:1.2.1 618 Upper-Class: Network (EnCode-q:1.2) 620 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 621 address\ Operating System\Network\ 622 Class-III: overlay network 624 EnCode-q:1.2.2 626 Upper-Class: Network (EnCode-q:1.2) 628 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 629 address\ Operating System\Network\ 631 The physical network is divided into categories: the backbone 632 network, the access network, the Internet of things, the industrial 633 network and the other network according to the hierarchical position 634 of the network ,the deployed area, and the production and life tasks 635 undertaken in the entire network architecture. 637 Class-IV: backbone network 639 EnCode-q:1.2.1.1 641 Upper-Class: physical network (EnCode-q:1.2.1) 643 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 644 address\ Operating System\Network\ Organization\ 646 Class-IV: access network 648 EnCode-q:1.2.1.2 650 Upper-Class: physical network (EnCode-q:1.2.1) 652 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 653 address\ Operating System\Network\ Organization\ 655 Class-IV: Internet of things 657 EnCode-q:1.2.1.3 659 Upper-Class: physical network (EnCode-q:1.2.1) 661 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 662 address\ Operating System\Network\ 664 Class-IV: industrial network 666 EnCode-q:1.2.1.4 668 Upper-Class: physical network (EnCode-q:1.2.1) 669 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 670 address\ Operating System\Network\Protocol\ 672 Class-IV: other network 674 EnCode-q:1.2.1.5 676 Upper-Class: physical network (EnCode-q:1.2.1) 678 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 679 address\ Operating System\Network\ 681 The overlay network is divided into 4 categories:Content Delivery 682 Network, peer-to-peer network, virtual private network and the other 683 network. 685 Class-IV:Content Delivery Network 687 EnCode-q:1.2.2.1 689 Upper-Class: overlay network (EnCode-q:1.2.2) 691 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 692 address\ Operating System\Network\ 694 Class-IV:peer-to-peer network 696 EnCode-q:1.2.2.2 698 Upper-Class: overlay network (EnCode-q:1.2.2) 700 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 701 address\ Operating System\Network\ 703 Class-IV:virtual private network RFC2764 [RFC2764] 705 EnCode-q:1.2.2.3 707 Upper-Class: overlay network (EnCode-q:1.2.2) 709 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 710 address\ Operating System\Network\ 712 Class-IV:other network 714 EnCode-q:1.2.2.4 716 Upper-Class: overlay network (EnCode-q:1.2.2) 717 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 718 address\ Operating System\Network\ 720 5.3.3. Intermediate node 722 The "intermediate node" sub-category organizes a large-category 723 according to the functions that nodes play in the network 724 architecture. It is divided into routing node, switching node, and 725 controlling node. 727 Class-III: routing node 729 EnCode-q:1.3.1 731 Upper-Class: Intermediate node(EnCode-q:1.3) 733 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 734 address\ Operating System\Model Number Code\ Routing Protocol\ 736 Class-III: switching node 738 EnCode-q:1.3.2 740 Upper-Class: Intermediate node(EnCode-q:1.3) 742 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 743 address\ Operating System\Model Number Code\ 745 Class-III: controlling node 747 EnCode-q:1.3.3 749 Upper-Class: Intermediate node(EnCode-q:1.3) 751 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 752 address\ Operating System\Model Number Code\ 754 The routing node is classified into categories inter-domain routing 755 node and intra-domain routing node according to the working level of 756 the routing. 758 Class-IV: inter-domain routing node RFC904 [RFC904] 760 EnCode-q:1.3.1.1 762 Upper-Class: routing node (EnCode-q:1.3.1) 763 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 764 address\Operating System\Model Number Code\ Routing Protocol\ 766 Class-IV: intra-domain routing node 768 EnCode-q:1.3.1.2 770 Upper-Class: routing node (EnCode-q:1.3.1) 772 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 773 address\Operating System\Model Number Code\ Routing Protocol\ASN\ISP\ 775 The switching node is organized into different categories according 776 to different network segments where the node is located. 778 Class-IV: hub 780 EnCode-q:1.3.2.1 782 Upper-Class: switching node (EnCode-q:1.3.2) 784 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 785 address\ Operating System\Model Number Code\ 787 Class-IV: bridge RFC1242 [RFC1242] 789 EnCode-q:1.3.2.2 791 Upper-Class: switching node (EnCode-q:1.3.2) 793 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 794 address\ Operating System\Model Number Code\ 796 Class-IV: switch 798 EnCode-q:1.3.2.3 800 Upper-Class: switching node (EnCode-q:1.3.2) 802 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 803 address\ Operating System\Model Number Code\ 805 Class-IV: gateway 807 EnCode-q:1.3.2.4 809 Upper-Class: switching node (EnCode-q:1.3.2) 810 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 811 address\ Operating System\Model Number Code\ 813 Class-IV: other 815 EnCode-q:1.3.2.5 817 Upper-Class: switching node (EnCode-q:1.3.2) 819 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 820 address\ Operating System\Model Number Code\ 822 The controlling node is no longer to be classified here. 824 5.3.4. Terminal node 826 The "Terminal node" sub-category organizes a large-category according 827 to the functions played by the terminal in actual production and 828 life. It is divided into client, site, hybrid node, and a total of 829 three major categories. 831 Class-III: client 833 EnCode-q:1.4.1 835 Upper-Class: Terminal node (EnCode-q:1.4) 837 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 838 address\ Operating System\ Model Number Code\ 840 Class-III: server 842 EnCode-q:1.4.2 844 Upper-Class: Terminal node (EnCode-q:1.4) 846 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 847 address\ Operating System\ Model Number Code\Performance\ 849 Class-III: hybrid node 851 EnCode-q:1.4.3 853 Upper-Class: Terminal node (EnCode-q:1.4) 855 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 856 address\ Operating System\ Model Number Code\ 857 The client category is subdivided into desktop device, mobile device, 858 sensor device, and other according to the physical device types of 859 the nodes. 861 Class-IV: desktop device 863 EnCode-q:1.4.1.1 865 Upper-Class: client (EnCode-q:1.4.1) 867 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 868 address\ Operating System\ Model Number Code\ 870 Class-IV: mobile device 872 EnCode-q:1.4.1.2 874 Upper-Class: client (EnCode-q:1.4.1) 876 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 877 address\ Operating System\ Model Number Code\ 879 Class-IV: sensor device 881 EnCode-q:1.4.1.3 883 Upper-Class: client (EnCode-q:1.4.1) 885 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 886 address\ Operating System\ Model Number Code\ Detection information\ 888 Class-IV: other 890 EnCode-q:1.4.1.4 892 Upper-Class: client (EnCode-q:1.4.1) 894 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 895 address\ Operating System\ Model Number Code\ 897 The server and hybrid node continue the division of their sub- 898 category 900 5.3.5. Link 902 The "Link" sub-category is organized into a large-category of 903 transmission links according to the transmission medium used by the 904 network, and is divided into two categories: wired link and wireless 905 link. 907 Class-III: wired link 909 EnCode-q:1.5.1 911 Upper-Class: Link (EnCode-q:1.5) 913 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 914 address\ Operating System\ Transmission medium\Protocol\ 916 Class-III: wireless link 918 EnCode-q:1.5.2 920 Upper-Class: Link (EnCode-q:1.5) 922 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 923 addre 925 The wired link category is organized according to the material of the 926 transmission medium and the winding mode of the transmission medium. 927 It is divided into twisted pair, coaxial cable, digital subscriber 928 line ,optical fiber and other. 930 Class-IV: twisted pair 932 EnCode-q:1.5.1.1 934 Upper-Class: wired link (EnCode-q:1.5.1) 936 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 937 address\ Operating System\ Transmission medium\Protocol\ 939 Class-IV: coaxial cable 941 EnCode-q:1.5.1.2 943 Upper-Class: wired link (EnCode-q:1.5.1) 945 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 946 address\ Operating System\ Transmission medium\Protocol\ 948 Class-IV: digital subscriber line 950 EnCode-q:1.5.1.3 951 Upper-Class: wired link (EnCode-q:1.5.1) 953 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 954 address\ Operating System\ Transmission medium\Protocol\ 956 Class-IV: optical fiber 958 EnCode-q:1.5.1.4 960 Upper-Class: wired link (EnCode-q:1.5.1) 962 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 963 address\ Operating System\ Transmission medium\Protocol\ 965 Class-IV: other 967 EnCode-q:1.5.1.5 969 Upper-Class: wired link (EnCode-q:1.5.1) 971 Attribution: MAC Address\IP Address\DNS Address\ DHCP Address\Gateway 972 address\ Operating System\ Transmission medium\Protocol\ 974 The wireless is no longer to be classified here. 976 5.3.6. Inorganic service 978 The "Inorganic Service" sub-category, according to the port type used 979 by the application, the tight program bound to the application and 980 the port RFC6346 [RFC6346], organizes a large-category. which is 981 divided into generic port service , registered port service , and 982 dynamic/private port service. 984 Class-III: generic port service 986 EnCode-q:2.1.1 988 Upper-Class: Inorganic service (EnCode-q:2.1) 990 Attribution: MAC Address\IP Address\Port\Service\ 991 Protocol\Performance\ 993 Class-III: registered port service 995 EnCode-q:2.1.2 997 Upper-Class: Inorganic service (EnCode-q:2.1) 998 Attribution: MAC Address\IP Address\Port\Service\ 999 Protocol\Performance\ 1001 Class-III: dynamic/private port service 1003 EnCode-q:2.1.3 1005 Upper-Class: Inorganic service (EnCode-q:2.1) 1007 Attribution: MAC Address\IP Address\Port\Service\ 1008 Protocol\Performance\ 1010 According to the port used and the type of service provided, the 1011 generic port service is divided into website service (HTTP, HTTPS), 1012 file transfer service (FTP, TFTP), mail service (SMTP, POP3, IMAP), 1013 network management service (SNMP) RFC1157 [RFC1157], domain name 1014 service (DNS) and other. 1016 Class-IV: website service 1018 EnCode-q:2.1.1.1 1020 Upper-Class: generic port service (EnCode-q:2.1.1) 1022 Attribution: MAC Address\IP Address\Port\Service\ 1023 Protocol\Performance\URL\ 1025 Class-IV: file transfer service 1027 EnCode-q:2.1.1.2 1029 Upper-Class: generic port service (EnCode-q:2.1.1) 1031 Attribution: MAC Address\IP Address\Port\Service\ 1032 Protocol\Performance\ 1034 Class-IV: mail service 1036 EnCode-q:2.1.1.3 1038 Upper-Class: generic port service (EnCode-q:2.1.1) 1040 Attribution: MAC Address\IP Address\Port\Service\ 1041 Protocol\Performance\ 1043 Class-IV: network management service 1045 EnCode-q:2.1.1.4 1046 Upper-Class: generic port service (EnCode-q:2.1.1) 1048 Attribution: MAC Address\IP Address\Port\Service\ 1049 Protocol\Performance\ 1051 Class-IV: domain name service 1053 EnCode-q:2.1.1.5 1055 Upper-Class: generic port service (EnCode-q:2.1.1) 1057 Attribution: MAC Address\IP Address\Port\Service\ 1058 Protocol\Performance\ 1060 Class-IV: other 1062 EnCode-q:2.1.1.6 1064 Upper-Class: generic port service (EnCode-q:2.1.1) 1066 Attribution: MAC Address\IP Address\Port\Service\ 1067 Protocol\Performance\ 1069 The registered port service is no longer to be classified here. 1070 According to the type of services provided by the application, the 1071 dynamic/private port service is divided into search query service, 1072 audio and video service, shopping service, social service and other. 1074 Class-IV: search query service 1076 EnCode-q:2.1.3.1 1078 Upper-Class: dynamic/private port service (EnCode-q:2.1.3) 1080 Attribution: MAC Address\IP Address\Port\Service\ 1081 Protocol\Performance\ 1083 Class-IV: audio and video service 1085 EnCode-q:2.1.3.2 1087 Upper-Class: dynamic/private port service (EnCode-q:2.1.3) 1089 Attribution: MAC Address\IP Address\Port\Service\ 1090 Protocol\Performance\ 1092 Class-IV: shopping service 1093 EnCode-q:2.1.3.3 1095 Upper-Class: dynamic/private port service (EnCode-q:2.1.3) 1097 Attribution: MAC Address\IP Address\Port\Service\ 1098 Protocol\Performance\ 1100 Class-IV: social service 1102 EnCode-q:2.1.3.4 1104 Upper-Class: dynamic/private port service (EnCode-q:2.1.3) 1106 Attribution: MAC Address\IP Address\Port\Service\ 1107 Protocol\Performance\ 1109 Class-IV: other 1111 EnCode-q:2.1.3.5 1113 Upper-Class: dynamic/private port service (EnCode-q:2.1.3) 1115 Attribution: MAC Address\IP Address\Port\Service\ 1116 Protocol\Performance\ 1118 5.3.7. Organic service 1120 The "organic service" continues the sub-category classification. 1122 Class-III: Organic service 1124 EnCode-q:2.2.1 1126 Upper-Class: Organic service (EnCode-q:2.2) 1128 Attribution: MAC Address\IP Address\Port\Service\ 1129 Protocol\Performance\ 1131 The organic service categories are classified into P2P service , CDN 1132 service and other according to the scenario where the application is 1133 located and the network service function. 1135 Class-IV: P2P service 1137 EnCode-q:2.2.1.1 1139 Upper-Class: Organic service (EnCode-q:2.2.1) 1140 Attribution: MAC Address\IP Address\Port\Service\ 1141 Protocol\Performance\ 1143 Class-IV: CDN service 1145 EnCode-q:2.2.1.2 1147 Upper-Class: Organic service (EnCode-q:2.2.1) 1149 Attribution: MAC Address\IP Address\Port\Service\ 1150 Protocol\Performance\ 1152 Class-IV: other 1154 EnCode-q:2.2.1.3 1156 Upper-Class: Organic service (EnCode-q:2.2.1) 1158 Attribution: MAC Address\IP Address\Port\Service\ 1159 Protocol\Performance\ 1161 5.3.8. Code 1163 The "Code" continues the sub-category classification and is no longer 1164 subdivided. 1166 Class-III: Code 1168 EnCode-q:3.1.1 1170 Upper-Class: Code (EnCode-q:3.1) 1172 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 1173 size\Data Permission\ Programming Language\ 1175 5.3.9. Text resource 1177 The "Text resource" sub-category, according to the storage form of 1178 text, whether the text can be represented by unified data or format 1179 to organize large categories, is divided into structured text, semi- 1180 structured text, unstructured text. 1182 Class-III: structured text 1184 EnCode-q:3.2.1 1186 Upper-Class: Text resource (EnCode-q:3.2) 1187 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 1188 size\Data Permission\ 1190 Class-III: semi-structured text 1192 EnCode-q:3.2.2 1194 Upper-Class: Text resource (EnCode-q:3.2) 1196 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 1197 size\Data Permission\ 1199 Class-III: unstructured text 1201 EnCode-q:3.2.3 1203 Upper-Class: Text resource (EnCode-q:3.2) 1205 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 1206 size\Data Permission\ 1208 The " structured text", "semi-structured text" and " structured text 1209 "continues the large-category classification and is no longer 1210 subdivided. 1212 5.3.10. Picture resource 1214 The "picture resource" continues the sub-category classification and 1215 is no longer subdivided. 1217 Class-III: Picture resource 1219 EnCode-q:3.3.1 1221 Upper-Class: Picture resource (EnCode-q:3.3) 1223 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 1224 size\Data Permission\ 1226 5.3.11. Audio resource 1228 The Audio resource continues the sub-category classification and is 1229 no longer subdivided. 1231 Class-III: Audio resource 1233 EnCode-q:3.4.1 1234 Upper-Class: Audio resource (EnCode-q:3.4) 1236 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 1237 size\Data Permission\ 1239 5.3.12. Video resource 1241 The " Video resource" continues the sub-category classification. and 1242 is no longer subdivided. 1244 Class-III: Video resource 1246 EnCode-q:3.5.1 1248 Upper-Class: Video resource (EnCode-q:3.5) 1250 Attribution: IP Address\Port\Service\ Protocol\ Data Format\ Data 1251 size\Data Permission\ 1253 6. Acknowledgements 1255 The authors would like to thank the support of Tsinghua. University 1256 and China Electronic Technology Group Corporation thirtieth Research 1257 Institute. We also thank the following persons for their suggestions 1258 on earlier versions of this work: Zhi Sun, Jianfeng Chen, Da He, Rui 1259 Xu, Zhihong Rao, etc, for their. discussion, comments and 1260 suggestions. 1262 7. IANA Considerations 1264 This memo includes no request to IANA. 1266 8. Security Considerations 1268 This document only defines a framework for network resources 1269 categorization. This document itself does not directly introduce 1270 security issues. 1272 9. Normative References 1274 [RFC1157] Case, J., "A Simple Network Management Protocol (SNMP)", 1275 RFC 1157, May 1990. 1277 [RFC1242] Bradner, S., "Benchmarking Terminology for Network 1278 Interconnection Devices", RFC 1242, July 1991. 1280 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1281 Requirement Levels", RFC 2119, March 1997. 1283 [RFC2764] Gleeson, B., "A Framework for IP Based Virtual Private 1284 Networks", RFC 2764, February 2000. 1286 [RFC3232] Reynolds, J., "Assigned Numbers: RFC 1700 is Replaced by 1287 an On-line Database", RFC 3232, January 2002. 1289 [RFC6346] Bush, R., "The Address plus Port (A+P) Approach to the 1290 IPv4 Address Shortage", RFC 6346, August 2011. 1292 [RFC904] Mills, D., "A Framework for IP Based Virtual Private 1293 Networks", RFC 904, April 1984. 1295 Authors' Addresses 1297 Jilong Wang (editor) 1298 Tsinghua University 1299 Beijing 100084 1300 China 1302 Email: wjl@tsinghua.edu.cn 1304 Congcong Miao (editor) 1305 Tsinghua University 1306 Beijing 100084 1307 China 1309 Email: mccmiao@163.com 1311 Shuying Zhuang (editor) 1312 Tsinghua University 1313 Beijing 100084 1314 China 1316 Email: 17751034616@163.com 1318 Qianli Zhang (editor) 1319 Tsinghua University 1320 Beijing 100084 1321 China 1323 Email: zhang@cernet.edu.cn 1324 Jianfeng Chen (editor) 1325 CETC 1326 Chengdu 610000 1327 China 1329 Email: atrix@163.com