Directory Supported Management with SNMPv3

  • Salima Omari
  • Raouf Boutaba
  • Omar Cherkaoui
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1700)


Data security and maintaining system integrity are the primary concerns pointed out by corporations and individuals when connecting to the Internet. To respond to this demand, the most recent agreed Internet management standard, SNMPv3, introduces new security features to make SNMPbased management ready for enterprise management. This is possible only if the SNMPv3 management framework is introduced properly in the enterprise, i.e., in such a way to respond efficiently to the management and security requirements specific to this enterprise. This paper proposes the use of standard directory service and protocol to configure SNMPv3 entities, to regulate SNMPv3 management exchanges and to customize security features according to the enterprise needs. It addresses in particular the configuration of access control parameters to be implemented by SNMPv3 entities according to enterprise security policies.


Access Control Authentication Protocol Security Model Directory Service Security Parameter 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Case, J., M. Fedor, M. Schoffstall, and J. Davin, “The Simple Network Management Protcol”, STD 15, RFC 1157, University of Tennessee at Knoxville, Performance Systems International, Performance International, and the MIT Laboratory for Computer Science, May 1990.Google Scholar
  2. 2.
    Jeffrey D Russ Mundy David Partain Bob Stewart, «Introduction to Version 3 of the Internetstandard Network Management Framework» Draft, Octobre 1998.Google Scholar
  3. 3.
    Judd, S., Strassner, J., “Directory Enabled Networks-Information Model and Base Schema”, Draft version 3.0c5, August 1998.Google Scholar
  4. 4.
    Omari, S., Boutaba, R., Cherkaoui, O, “Policies for SNMPv3-based management”, IEEE /IFIP IM’99, Mai 1999.Google Scholar
  5. 5.
    Wijnen, B., Presuhn, R., and K. McCloghrie, “View-based Access Control Model for version 3 the Simple Network Management Protocol (SNMP)”, RFC 2275, January 1998.Google Scholar
  6. 6.
    Blumenthal, U., Wijnen, B., “User-Based Security Model for version 3 of the Simple Network Management Protocol (SNMP)”, RFC 2574, April 1999.Google Scholar
  7. 7.
    Harrington, D., Presuhn, R., and B. Wijnen, “An Architecture for describing SNMP Management Frameworks”, RFC 2271, January 1998.Google Scholar
  8. 8.
    Levi, D., Meyer, P., and B. Stewart, “SNMPv3 Applications”, RFC 2273, January 1998.Google Scholar
  9. 9.
    ITU-T Rec. X.500, “The Directory: Overview of Concepts, Models and Service”, 1993.Google Scholar
  10. 10.
    Wahl, M.,. Coulbeck, A., Howles, T., Kille, S., “Lightweight Directory Access Protocol Attribute SyntaxDefinitions”, RFC 2252, December 1997.Google Scholar
  11. 11.
    Howes, T, Smith, M, Good, G, “Understanding and deploying LDAP Directory services”, MTP editionGoogle Scholar
  12. 12.
    Wahl, M., Howes, T, Kill, S., “Lightweight Directory Access Protocol (v3)”, RFC 2251, December 1998Google Scholar
  13. 13.
    Myers, J., “Simple Authentication and Security Layer (SASL)”, RFC 2222, October 1997Google Scholar
  14. 14.
    Dierks, T. and C. Allen, “The TLS Protocol Version 1.0”, RFC 2246, January 1999Google Scholar
  15. 15.
    Java Naming and Directory Interface (JNDI).,

Copyright information

© Springer-Verlag Berlin Heidelberg 1999

Authors and Affiliations

  • Salima Omari
    • 1
  • Raouf Boutaba
    • 2
  • Omar Cherkaoui
    • 3
  1. 1.Laboratoire PRiSMUniversité de VersaillesVersaillesFrance
  2. 2.Computer Science DepartmentUniversity of WaterlooWaterlooCanada
  3. 3.Laboratoire de téléinformatiqueUniversité UQAMMontrealCanada

Personalised recommendations