Browse Prior Art Database

SNMP Security Protocols (RFC1352)

IP.com Disclosure Number: IPCOM000002176D
Original Publication Date: 1992-Jul-01
Included in the Prior Art Database: 2019-Feb-11
Document File: 41 page(s) / 54K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

J. Galvin: AUTHOR [+2]

Related Documents

10.17487/RFC1352: DOI

Abstract

The Simple Network Management Protocol (SNMP) specification [1] allows for the protection of network management operations by a variety of security protocols. The SNMP administrative model described in [2] provides a framework for securing SNMP network management. In the context of that framework, this memo defines protocols to support the following three security services: data integrity, data origin authentication and data confidentiality. [STANDARDS-TRACK]

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 4% of the total text.

Network Working Group J. Galvin Request for Comments: 1352 Trusted Information Systems, Inc. K. McCloghrie Hughes LAN Systems, Inc. J. Davin MIT Laboratory for Computer Science July 1992

SNMP Security Protocols

Status of this Memo

This document specifies an IAB standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "IAB Official Protocol Standards" for the standardization state and status of this protocol. Distribution of this memo is unlimited.

Table of Contents

1. Abstract . . . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2.1 Threats . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.2 Goals and Constraints . . . . . . . . . . . . . . . . . . . 5 2.3 Security Services . . . . . . . . . . . . . . . . . . . . . 6 2.4 Mechanisms . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.4.1 Message Digest Algorithm . . . . . . . . . . . . . . . . . 7 2.4.2 Symmetric Encryption Algorithm . . . . . . . . . . . . . . 8 3. SNMP Party . . . . . . . . . . . . . . . . . . . . . . . . 9 4. Digest Authentication Protocol . . . . . . . . . . . . . . . 11 4.1 Generating a Message . . . . . . . . . . . . . . . . . . . 14 4.2 Receiving a Message . . . . . . . . . . . . . . . . . . . . 15 5. Symmetric Privacy Protocol . . . . . . . . . . . . . . . . . 16 5.1 Generating a Message . . . . . . . . . . . . . . . . . . . 17 5.2 Receiving a Message . . . . . . . . . . . . . . . . . . . . 18 6. Clock and Secret Distribution . . . . . . . . . . . . . . . 19 6.1 Initial Configuration . . . . . . . . . . . . . . . . . . 20 6.2 Clock Distribution . . . . . . . . . . . . . . . . . . . . 22 6.3 Clock Synchronization . . . . . . . . . . . . . . . . . . . 24 6.4 Secret Distribution . . . . . . . . . . . . . . . . . . . . 26 6.5 Crash Recovery . . . . . . . . . . . . . . . . . . . . . . 28 7. Security Considerations . . . . . . . . . . . . . . . . . . 30 7.1 Recommended Practices . . . . . . . . . . . . . . . . . . . 30 7.2 Conformance . . . . . . . . . . . . . . . . . . . . . . . 33 7.3 Protocol Correctness . . . . . . . . . . . . . . . . . . . . 34 7.3.1 Clock Monotonicity Mechanism . . . . . . . . . . . . . . . 35 7.3.2 Data Integrity Mechanism . . . . . . . . . . . . . . . . . 36

Galvin, McCloghrie, & Davin [Page 1]

RFC 1352 SNMP Security Protocols July 1992

7.3.3 Data Origin Authentication Mechanism . . . . . . . . . . . 36 7.3.4 Restricted Administration Mechanism . . . . . . . . . . . 36 7.3.5 Ordered Delivery Mechanism . . . . . . . . . . . . . . . 37 7.3.6 Message Timeliness Mechanism . . . . . . . . . . . . . . . 38 7.3.7 Selective Clock Acceleration Mechanism . . . . . . . . . . 38 7.3.8 Confidentiality Mechanism . . . . . . . . . . . . . . . . 39 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 39 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 40 10. Authors’ Addr...

Processing...
Loading...