[1]张涛,陈鸣,谢希仁.基于目录服务的企业网SNMP管理数据安全模型[J].东南大学学报(自然科学版),2000,30(6):9-12.[doi:10.3969/j.issn.1001-0505.2000.06.003]
 Zhang Tao,Chen Ming,Xie Xiren.A Directory-Based Security Model of SNMP Management Data in Enterprise Networks[J].Journal of Southeast University (Natural Science Edition),2000,30(6):9-12.[doi:10.3969/j.issn.1001-0505.2000.06.003]
点击复制

基于目录服务的企业网SNMP管理数据安全模型()
分享到:

《东南大学学报(自然科学版)》[ISSN:1001-0505/CN:32-1178/N]

卷:
30
期数:
2000年第6期
页码:
9-12
栏目:
计算机科学与工程
出版日期:
2000-11-20

文章信息/Info

Title:
A Directory-Based Security Model of SNMP Management Data in Enterprise Networks
作者:
张涛 陈鸣 谢希仁
南京通信工程学院计算机系, 南京 210016
Author(s):
Zhang Tao Chen Ming Xie Xiren
Computer Department, Institute of Communication & Engineering, Nanjing 210016
关键词:
SNMP X.500目录服务 LDAP 管理数据安全
Keywords:
SNMP X.500 directory service LDAP management data security
分类号:
TP393
DOI:
10.3969/j.issn.1001-0505.2000.06.003
摘要:
当Manager跨越Internet对Agent实施SNMP管理时,企业网中的SNMP管理数据就面临着来自外部网络的安全性威胁.虽然IETF在SNMPv3规范中提出了某些安全性解决方案,但这些方案并不适用于现有的、异构版本SNMP设备共存的网络环境.本文基于目录服务和LDAP技术设计并实现了一个SNMP管理数据安全模型.该模型能够为跨Internet的企业网中各种版本的SNMP设备提供身份验证及访问控制等安全功能.
Abstract:
When the manager tries to manage SNMP devices across Internet, the management data in enterprise networks should face to the security threats coming from outer network. Though the IETF has proposed some security schemes in SNMPv3 specifications, these schemes can not work under the circumstances of heterogeneous SNMP version devices coexisting. The paper proposes and implements a SNMP security model for the management data using directory service and LDAP technologies. This model can provide security functions such as authentication and access control for different SNMP version devices in enterprise networks while spanning over Internet.

参考文献/References:

[1] David Chadwick.Understanding X.500—The directory.London:Chapman & Hall,1994
[2] Subrata Mazumdar.Directory enabled management information base-integration of MIB with directories using COSNaming and JNDI.In:Ninth IFIP/IEEE International Workshop on Distributed Systems:Operations & Management.Newark,Delaware,USA,1998.26~30

备注/Memo

备注/Memo:
第一作者:男,1973年生, 博士研究生, 讲师.
Blumenthal U, Wijnen B. User-based security model for SNMPv3. RFC 2274, 1998.
Wijnen B, Presuhn R, Mccloghrie K. View-based access control model for SNMP. RFC 2275, 1998.
更新日期/Last Update: 2000-11-20