Title :
Policies in SNMPv3-based management
Author :
Omari, Salima ; Boutaba, Raouf ; Cherkaoui, Omar
Author_Institution :
Lab. PRiSM, Versailles Univ., France
Abstract :
Two important achievements in the network management area motivated the work presented in this paper. The first one is the wide acceptance of the policy concept and its introduction as a means for driving management procedures. The second concerns the capabilities brought by the version 3 of the SNMP protocol for configurable and secure network management. The deployment of SNMPv3 at equipment level allows henceforth concretizing the policy-driven management, refining enterprise policies and enforcing them down the managed network resources. This paper aims at integrating the policy concept into the SNMPv3 framework. It proposes a set of rules to map authorization policies to the VACM (view based access control model) standardized as part of the SNMPv3 management framework. Policy attributes are maintained in a configuration database local to the SNMPv3 entity and a new application is incorporated into the SNMPv3 entity to perform the mapping. This will ultimately allow manager and management applications to enforce enterprise authorization policies independently of the security model(s) implemented by SNMPv3 entities
Keywords :
authorisation; computer network management; protocols; telecommunication security; SNMPv3; VACM; authorization policies; configuration database; enterprise policies; secure network management; view based access control model; Access control; Access protocols; Authorization; Data security; Databases; Disaster management; Environmental management; Human resource management; Intelligent networks; Resource management;
Conference_Titel :
Integrated Network Management, 1999. Distributed Management for the Networked Millennium. Proceedings of the Sixth IFIP/IEEE International Symposium on
Conference_Location :
Boston, MA
Print_ISBN :
0-7803-5748-5
DOI :
10.1109/INM.1999.770723
