Connected: An Internet Encyclopedia
1.3. Goals and Constraints
Up:
Connected: An Internet Encyclopedia
Up:
Requests For Comments
Up:
RFC 1446
Up:
1. Introduction
Prev: 1.2. Threats
Next: 1.4. Security Services
1.3. Goals and Constraints
1.3. Goals and Constraints
Based on the foregoing account of threats in the SNMP network
management environment, the goals of a SNMPv2 security
protocol are enumerated below.
- The protocol should provide for verification that each
received SNMPv2 message has not been modified during its
transmission through the network in such a way that an
unauthorized management operation might result.
- The protocol should provide for verification of the
identity of the originator of each received SNMPv2
message.
- The protocol should provide that the apparent time of
generation for each received SNMPv2 message is recent.
- The protocol should provide, when necessary, that the
contents of each received SNMPv2 message are protected
from disclosure.
In addition to the principal goal of supporting secure network
management, the design of any SNMPv2 security protocol is also
influenced by the following constraints:
- When the requirements of effective management in times of
network stress are inconsistent with those of security,
the former are preferred.
- Neither the security protocol nor its underlying security
mechanisms should depend upon the ready availability of
other network services (e.g., Network Time Protocol (NTP)
or secret/key management protocols).
- A security mechanism should entail no changes to the
basic SNMP network management philosophy.
Next: 1.4. Security Services
Connected: An Internet Encyclopedia
1.3. Goals and Constraints