TY - GEN
T1 - Managing access and usage controls in SNMP
AU - Barka, E.
AU - Sallabi, F.
AU - Hosani, A.
PY - 2012
Y1 - 2012
N2 - Simple Network Management Protocol "SNMP", which is a component of the Internet Protocol Suite, is the most widely-used protocol in network management systems today. It is used to monitor network-attached devices such as routers, switches, Servers, workstations, printers, etc., for conditions that warrant administrative attention. In its initial versions, SNMPv1 and SNMPv2, SNMP was criticized for its lack of security, however, in its latest version, SNMPv3, it added important security features such as confidentiality, message integrity, authentication, and access control. In this paper we analyze the current approach, used by SNMP for providing access control, and we present new architecture that implements a new type of access control, called Usage Control (UCON), to better-control the access to the SNMP-managed environment at: pre-connection, during connection, and post connection. We believe that our proposed solution will enable owners of the SNMP-managed network to control who can access the system objects "i.e. the MIBs", to control the activities of both the manager and the agent entities, and to help set some parameters to determine whether a communication between the agent and the manager can continue or should terminate.
AB - Simple Network Management Protocol "SNMP", which is a component of the Internet Protocol Suite, is the most widely-used protocol in network management systems today. It is used to monitor network-attached devices such as routers, switches, Servers, workstations, printers, etc., for conditions that warrant administrative attention. In its initial versions, SNMPv1 and SNMPv2, SNMP was criticized for its lack of security, however, in its latest version, SNMPv3, it added important security features such as confidentiality, message integrity, authentication, and access control. In this paper we analyze the current approach, used by SNMP for providing access control, and we present new architecture that implements a new type of access control, called Usage Control (UCON), to better-control the access to the SNMP-managed environment at: pre-connection, during connection, and post connection. We believe that our proposed solution will enable owners of the SNMP-managed network to control who can access the system objects "i.e. the MIBs", to control the activities of both the manager and the agent entities, and to help set some parameters to determine whether a communication between the agent and the manager can continue or should terminate.
KW - Access Control
KW - SNMP
KW - UCON
KW - VBAC
UR - http://www.scopus.com/inward/record.url?scp=84860470932&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84860470932&partnerID=8YFLogxK
U2 - 10.1109/ComComAp.2012.6154000
DO - 10.1109/ComComAp.2012.6154000
M3 - Conference contribution
AN - SCOPUS:84860470932
SN - 9781457717178
T3 - 2012 Computing, Communications and Applications Conference, ComComAp 2012
SP - 41
EP - 47
BT - 2012 Computing, Communications and Applications Conference, ComComAp 2012
T2 - 2012 Computing, Communications and Applications Conference, ComComAp 2012
Y2 - 11 January 2012 through 13 January 2012
ER -