Security considerations in a network management environment

Abstract

Considers the security aspects of communication between two management processes operating in different management domains; identifies two major risks: the security of information exchanged during the management association, and control of access to the management information base (MIB); and enumerates the various threats that must be guarded against and possible methods of attack. Security techniques, including symmetric and public key cryptosystems, are employed in the design of a method of achieving a secure management association. A scheme of authorization control for MIB access is developed. The management of an open system's network resources takes place in the context of a management association. The resources themselves are controlled by an agent process which presents a view of these resources to the outside world as a number of managed objects, each of which contains a number of attributes. The collection of objects presented to the outside world by the agent is known as the MIB. A manager process regulates the operation of the managed resources by engaging in a management association with the agent and instructing it to carry out simple operations on elements of the MIB. Within a single management domain where all processing nodes and network links are under the control of the same administration, security is not such a critical issue. However, when the management association takes place across the boundary between two separate management domains, and make use of public data networks, security issues must be considered in greater detail.