| 摘要 |
<p>A method for admission control and policing within IP packet-based networks, said IP packet-based networks including a first admission control and policing node and a second admission control and policing node consecutively accessible by an incoming packet, said first admission control and policing node being provided with a probabilistic traffic analyzer, said second admission control and policing node being provided with a probabilistic traffic analyzer, a decision agent and a set of security policies, said method comprising:
- analyzing the incoming packet by the probabilistic traffic analyzer of the first admission control and policing node ;
- transmitting the probabilistic results which is obtained by the probabilistic traffic analyzer and concerning the incoming packet to the second admission control and policing node ;
- receiving, successively or jointly, the transmitted probabilistic results and the incoming packet by the second admission control and policing node ;
- analyzing the received incoming packet by the probabilistic traffic analyzer of the second admission control and policing node ;
- correlating, by the decision agent, the probabilistic results, obtained by the probabilistic traffic analyzer, and the received probabilistic results, both concerning the incoming packet ;
- deciding by the decision agent according to the correlation results and the set of security policies.</p> |
