Abstract
With the advent and the rapid growth of the Internet, e-services have proliferated. Indeed, e-commerce activities have played a vital role in expanding current business transactions to much higher levels by allowing a larger number of potential customers and companies to interact in a shorter time with lower costs. E-services include business information, processes, resources, and applications, which are supported through the Internet. As the popularity of e-services have grown, so has the need for effective security. All aspects of the e-service must be secured, using a variety of security mechanisms, objects, and functions. In order to maintain a secure system as a whole, security components must be managed. Therefore, the implementation of secure e-services cannot take place without full support from network management.
Network management monitors and controls the network in order to ensure that it is providing its services efficiently. It also shapes the network’s evolution through integrating new technology and supporting new services. There are five widely accepted network management functional areas: fault, configuration, accounting, performance, and security management. Security management involves several services including access control; authentication; confidentiality; integrity; non-repudiation; availability; and accountability.
This paper will highlight essential and common network management architectures and protocols in constructing a complete view of how network management enables security for e-services.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35696-9_19
Chapter PDF
References
V.L. Voydock, and S.T. Kent. Security Mechanisms in High-Level Network Protocols. ACM Comp. Sury, 1983, 15 (2), pp. 35–71.
A.S. Tanenbaum, and M. van Steen. Distributed Systems: Principles and Paradigms. Prentice-Hall, Upper Saddle River, N.J., 2002.
A. Langsford, and J.D. Moffett. Distributed Systems Management. Addison-Wesley, Wokingham, England, 1993.
P.A. Janson. Security for Management and Management of Security. Net work and Distributed Systems Management. M. Sloman, ed., Addison-Wesley, Wokingham, England, 1984, IP Security Document Roadmap, pp. 403–430.
National Bureau of Standards. Data Encryption Standard. FIPS PUB 46, January 1977.
B. Schneier. Description of a New Variable-Length Key, 64-Bit Block Cipher (Blowfish). Fast Software Encryption, Cambridge Security Workshop Proceedings (December 1993), Springer-Verlag, 1994, pp. 191–204.
R.L.Rivest, A.Shamir, and L.M.Adleman. A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. Communications of the ACM, February 1978.
R. Thayer et al. IP Security Document Roadmap. IETF RFC 2411, November 1998.
B.C. Neuman, and T. Ts’o. Kerberos: An Authentication Service for Computer Networks. IEEE Communications, 32 (9): 33–38. September 1994.
P.R. Calhoun et al. Diameter Base Protocol. IETF Internet Draft, draftietf-aaa-diameter-12.txt, July 2002. [Work in Progress]
C. Rigney et al. Remote Authentication Dial In User Service ( RADIUS ). IETF RFC 2865, June 2000.
C. Finseth. An Access Control Protocol, Sometimes Called TACACS. IETF RFC 1492, July 1993.
R. Rivest. The MD5 Message Digest Algorithm. RFC 1321, MIT Laboratory for Computer Science (April 1992).
National Institute of Standards and Technology. Secure Hash Standard. FIPS PUB 180–1, April 1995.
C. Adams, and S. Farrell. Internet X.509 Public Key Infrastructure Certificate Management Protocols. IETF RFC 2510, March 1999.
ITU-T Recommendation X.509 ( 1997 E): Information Technology—Open Systems Interconnection—The Directory: Authentication Framework, June 1997.
A. Westerinen et al. Terminology for Policy Based Management. IETF RFC 3198, November 2001.
K. Chan et al. COPS Usage for Policy Provisioning (COPS-PR). IETF RFC 3084, March 2001.
J.D. Case et al. Simple Network Management Protocol. IETF Standard 0015, May 1990.
J. Galvin, and K. McCloghrie. Security Protocols for Version 2 of the Simple Network Management Protocol (SNMPv2). IETF RFC 1446 (Historic), April 1993.
D. Harrington et al. An Architecture for Describing SNMP Management Frameworks. IETF RFC 2571, April 1999.
U. Blumenthal, and B. Wijnen. User-Based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3). IETF RFC 2574, April 1999.
B. Wijnen et al. View-based Access Control Model (VACM) for the Simple Network Management Protocol ( SNMP ). IETF RFC 2575, April 1999.
R.R. Henning. Security Service Level Agreements: Quantifiable Security for the Enterprise?. ACM 1999 New Security Paradigm Workshop,Ontario, Canada, 2000.
P.J. Brusil et al. Emerging Security Testing, Evaluation and Validation: The Key to Enhancing Consumer Trust in Security-Enhanced Products. In Handbook of Communication Technologies: The Next Decade,CRC Press, to be published. http://niap.nist.gov/article.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
Boutaba, R., Ishibashi, B., Shihada, B. (2003). A Network Management Viewpoint on Security in E-Services. In: Nardelli, E., Posadziejewski, S., Talamo, M. (eds) Certification and Security in E-Services. IFIP WCC TC11 2002. IFIP — The International Federation for Information Processing, vol 127. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35696-9_2
Download citation
DOI: https://doi.org/10.1007/978-0-387-35696-9_2
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-4737-9
Online ISBN: 978-0-387-35696-9
eBook Packages: Springer Book Archive