Design and analysis of role-based security model in SNMPv3 for policy-based security management

Abstract

Policy-Based Network Management(PBNM) architecture is to meet various needs of network users, and to provide effective management facilities in distributed and large-scaled networks to network administrators. In PBNM, network administrators perform network management operations by stipulating a set of rules rather than control each network component. On the other hand, by providing security services such as authentication, privacy of messages as well as a new flexible and extensible administration framework, SNMPv3 enables network administrators to monitor and control the operation of network components more secure than its predecessors. Despite of its enhanced security services, SNMPv3 has deficiencies in managing distributed, large-scaled network because it does not provide centralized and policy-based security management facilities. In this paper, we propose a new security model, named Role-based Security Model(RSM) with security management policy, to support scalable and centralized security management for SNMP-based networks. Also, the analysis of the SNMPv3 security system extended by RSM is also described.