Context Driven Access Control to SNMP MIB Objects in Multi-homed Environments

  • R. State
  • O. Festor
  • I. Chrisment
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2867)


The advent of multi-technology networks offering the service continuum over multiple network infrastructures implies new challenges to integrated management. One of these challenges is the auto-configuration of the management plane needed to allow dynamic relationships among several managers and one management agent. This paper proposes the use of provisional policies in order to dynamically auto-configure the access control part of a management agent. This allows simple management based on agent location and time as well as the cooperative behavior of several managers.


Access Control Management Framework Security Model Home Network Access Request 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Verma, D.: Policy-Based Networking. New Riders Publishing, Indianapolis (2000)Google Scholar
  2. 2.
    RFC 3159. Structure of Provisioning Information (SPPI). IETF (2001)Google Scholar
  3. 3.
    RFC 2748. The COPS (Common Open Policy Service). IETF (2000)Google Scholar
  4. 4.
    RFC 3084. COPS Usage for Policy Provisioning (COPS-PR). IETF (2001)Google Scholar
  5. 5.
    Stallings, W.: SNMP, SNMPv2, SNMPv3 and RMON1 and 2, 3rd edn. Addison-Wesley Pub Co., Reading (1998)Google Scholar
  6. 6.
    Stallings, W.: Network Security Essentials, 2nd edn. Prentice Hall, Englewood Cliffs (2002)Google Scholar
  7. 7.
    Kuda, M., Hata, S.: XML Document security based on provisional authorization. In: Proc. 7th ACM Conference on Computer and Communication Security (CCS 2000)(November 2000)Google Scholar
  8. 8.
    Jajodia, S., Kuda, M., Subrahmanian, V.S.: Provisional authorizations. In: Workshop on Security and Privacy in E-Commerce (WSPEC) (November 2000); Recent Advances in Secure and Private E-Commerce. Kluwer Academic Publishers, Dordrecht (2001)Google Scholar
  9. 9.
    Guttman, E.: Autoconfiguration for IP Networking: Enabling Local Communication. IEEE Internet computing (2001)Google Scholar
  10. 10.
    Droms, R.: The DHCP Handbook, 2nd edn. SAMS, USA (2002)Google Scholar
  11. 11.
    RFC 2608. Service Location Protocol, Version 2. IETF (1999)Google Scholar
  12. 12.
    RFC 2974. Session Announcement Protocol. IETF (2000)Google Scholar
  13. 13.
    Schneier, B.: Applied Cryptography: Protocols, Algorithms and Source Code in C, 2nd edn. John Wiley and Sons, Chichester (1995)Google Scholar
  14. 14.
    Konstantinou, V., Yemini, Y., Florissi, D.: Towards Self-Configuring Networks. In: DARPA Active Networks Conference and Exposition (DANCE), San Franscisco, CA (May 2002)Google Scholar
  15. 15.
    Bakke, M.: DHCP Option for SNMP Notifications. draft-bakke-dhc-snmp-trap- 01.txt. Internet draft IETF. Work in progress (2003)Google Scholar
  16. 16.
    Damianou, N.: A Policy Framework for Management of Distributed Systems. Ph.D thesis. Faculty of Engineering of the University of London and Diploma of the Imperial College of London, London (December 2002)Google Scholar
  17. 17.
    RFC 3415. View Based Access Control Module (VACM) for the Simple Network Management Protocol. IETF (2002)Google Scholar
  18. 18.
    RFC 2274. User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3). IETF (2002)Google Scholar
  19. 19.
    RFC 3411. An architecture for describing simple network management protocol (SNMP) Management Frameworks. IETF (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • R. State
    • 1
  • O. Festor
    • 1
  • I. Chrisment
    • 1
  1. 1.INRIA-LORIAVillers-les-NancyFrance

Personalised recommendations