Abstract
Policy-Based Network Management(PBNM) architecture is to meet various needs of network users, and to provide effective management facilities in distributed and large-scaled networks to network administrators. In PBNM, network administrators perform network management operations by stipulating a set of rules rather than control each network component. On the other hand, by providing security services such as authentication, privacy of messages as well as a new flexible and extensible administration framework, SNMPv3 enables network administrators to monitor and control the operation of network components more secure than its predecessors. Despite of its enhanced security services, SNMPv3 has deficiencies in managing distributed, large-scaled network because it does not provide centralized and policy-based security management facilities. In this paper, we propose a new security model, named Role-based Security Model(RSM) with security management policy, to support scalable and centralized security management for SNMP-based networks. Also, the analysis of the SNMPv3 security system extended by RSM is also described.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Y. S. Shin, Policy-based Security Management Network Architecture, NETSEC-KR2001, April, 2001.
Wang Changkun, “Policy-based Network Management,” Communication Technology Proceedings, 2000.
Policy Framework Core Information Model, draft-ietf-policy-core-info-schema-02.txt, Internet Draft, February 1999.
The COPS(Common Open Policy Service) Protocol, draft-ietf-rap-cops-06.txt, Internet Draft, February 1999.
Policy Framework, draft-ietf-policy-framework00.txt, Internet Draft, September 1999.
Policy Framework Core Information Model, draft-ietf-policy-core-info-model-02.txt, Internet Draft, October 1999.
David F. Ferraiolo, Janet A. Cugini, D. Richard Kuhn, “Role-Based Access Control(RBAC): Features and Motivations,” Proceedings of the 11th Annual Computer Security Applications Conferences, December 1995, pp. 241–248.
Warwick Ford, Computer Communications Security: Principles, Standard Protocols and Techniques, Prentice-Hall, 1994.
HyungHyo Lee, DongIk Lee, BongNam Noh, “Policy-based Security Management in SNMPv3: Role-based Approach,” Workshop on Information Security Applications, November 2000.
RFC 2571, An Architecture for Describing SNMP Management Frameworks, May, 1999.
RFC 2572, Message Processing and Dispatching for the Simple Network Management Protocol(SNMP), May 1999.
RFC 2574, User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3), April 1999.
RFC 2575, View-based Security Model (VACM) for the Simple Network Management Protocol(SNMP), April 1999.
Ravi S. Sanhdu, Pierangela Samarati, “Access Control: Principle and Practice,” IEEE Computer, September 1994, pp. 40–48.
Susan J, Shepard, “Policy-Based Networks: Hype and Hope,” IT Pro, January-February 2000.
Morris Sloman, Network and Distributed Systems Management, Addison-Wesley, 1994.
Stallings, W. SNMP, SNMPv2, SNMPv3 and RMON1 and RMON2, Third Edition, Addison-Wesley, 1998.
Mani Subramanian, Network Management: Principles and Practice, Addison-Wesley, 2000.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lee, H., Noh, B. (2002). Design and Analysis of Role-Based Security Model in SNMPv3 for Policy-Based Security Management. In: Chong, I. (eds) Information Networking: Wireless Communications Technologies and Network Applications. ICOIN 2002. Lecture Notes in Computer Science, vol 2344. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45801-8_42
Download citation
DOI: https://doi.org/10.1007/3-540-45801-8_42
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-44255-4
Online ISBN: 978-3-540-45801-2
eBook Packages: Springer Book Archive