Skip to main content
SpringerLink
Log in
Book cover

International Conference on Intelligence in Services and Networks

IS&N 1995: Bringing Telecommunication Services to the People — IS&N '95 pp 64–74Cite as

Integrated access control management

  • Conference paper
  • First Online:

  • 133 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 998))

Abstract

In this paper, we discuss access control for objects distributed over heterogeneous network management systems. In particular, we compare the access control mechanisms of SNMP version 2 against those proposed for CMIP. We employ the Typed Access Matrix model as a framework to study the two approaches in detail. Apart from the differences due to their management model, both schemes use an identitybased ACL scheme on object groups defined as collections of subtrees. We present an access control scheme integrating both systems.

This work was supported in part, by the European Communities under RACE II project no. R2058, Security and Management Services in Open Networks (SAMSON).

This is a preview of subscription content, log in via an institution.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. P.E. Amman and R.S. Sandhu. Implementing transaction control expressions by checking the absence of rights. In Eighth Annual Computer Security Applications Conference, pages 131–140, 1992.

    Google Scholar 

  2. L. LaBarre (Editor). Forum 027-ISO/CCITT to Internet Management Security. Issue 1.0, Network Management Forum, October 1993.

    Google Scholar 

  3. Object Management. Group. Object Services RFP 3. TC Document 94-7-1, 1994.

    Google Scholar 

  4. K. McCloghrie and J. Galvin. Administrative Model for version 2 of the Simple Network Management Protocol (SNMPv2), RFC 1445, Hughes LAN Systems, Trusted Information Systems, April 1993.

    Google Scholar 

  5. R.S. Sandhu. The typed access matrix model. In 1992 IEEE Computer Society Symposium on Research in Security and Privacy, pages 122–136, Computer Society Press, 1992.

    Google Scholar 

  6. W. Stallings. SNMP. SNMPΝ2 and CMIP. Addison-Wesley. 1993.

    Google Scholar 

  7. T.Y.C. Woo and S.S. Lam. Authorization in distributed systems: A formal approach. In 1992 IEEE Computer Society Symposium on Research in Security and Privacy, pages 33–50, Computer Society Press, 1992.

    Google Scholar 

  8. Information technology — open systems interconnection — systems management: Objects and attributes for access control. DIS 101G4-9, ISO/IEC, 1994. ITU-T Rec. X.741.

    Google Scholar 

  9. Information technology — open systems interconnection — security frame-works in open systems — part 3: Access control. DIS 10181-3, ISO/IEC JTC1, 1994. ITU-T Rec. X.812.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. IBM Research Division, Zurich Research Laboratory, 8803, Rüschlikon, Switzerland

    Günter Karjoth

Authors
  1. Günter Karjoth
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Anne Clarke Mario Campolargo Nikos Karatzas

Rights and permissions

Reprints and permissions

Copyright information

© 1995 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Karjoth, G. (1995). Integrated access control management. In: Clarke, A., Campolargo, M., Karatzas, N. (eds) Bringing Telecommunication Services to the People — IS&N '95. IS&N 1995. Lecture Notes in Computer Science, vol 998. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0016957

Download citation

  • DOI: https://doi.org/10.1007/BFb0016957

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-60479-2

  • Online ISBN: 978-3-540-47618-4

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation