Browse Prior Art Database

User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3) (RFC2574)

IP.com Disclosure Number: IPCOM000003161D
Original Publication Date: 1999-Apr-01
Included in the Prior Art Database: 2019-Feb-11

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

U. Blumenthal: AUTHOR [+1]

Related Documents

10.17487/RFC2574: DOI

Abstract

This document describes the User-based Security Model (USM) for SNMP version 3 for use in the SNMP architecture. It defines the Elements of Procedure for providing SNMP message level security. This document also includes a MIB for remotely monitoring/managing the configuration parameters for this Security Model. [STANDARDS-TRACK]

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 3% of the total text.

Network Working Group U. Blumenthal Request for Comments: 2574 IBM T. J. Watson Research Obsoletes: 2274 B. Wijnen Category: Standards Track IBM T. J. Watson Research April 1999

User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)

Status of this Memo

This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (1999). All Rights Reserved.

Abstract

This document describes the User-based Security Model (USM) for SNMP version 3 for use in the SNMP architecture [RFC2571]. It defines the Elements of Procedure for providing SNMP message level security. This document also includes a MIB for remotely monitoring/managing the configuration parameters for this Security Model.

Table of Contents

1. Introduction 3 1.1. Threats 4 1.2. Goals and Constraints 5 1.3. Security Services 6 1.4. Module Organization 7 1.4.1. Timeliness Module 7 1.4.2. Authentication Protocol 8 1.4.3. Privacy Protocol 8 1.5. Protection against Message Replay, Delay and Redirection 8 1.5.1. Authoritative SNMP engine 8 1.5.2. Mechanisms 9 1.6. Abstract Service Interfaces 10 1.6.1. User-based Security Model Primitives for Authentication 11 1.6.2. User-based Security Model Primitives for Privacy 11 2. Elements of the Model 12 2.1. User-based Security Model Users 12

Blumenthal & Wijnen Standards Track [Page 1]

RFC 2574 USM for SNMPv3 April 1999

2.2. Replay Protection 13 2.2.1. msgAuthoritativeEngineID 13 2.2.2. msgAuthoritativeEngineBoots and msgAuthoritativeEngineTime14 2.2.3. Time Window 15 2.3. Time Synchronization 15 2.4. SNMP Messages Using this Security Model 16 2.5. Services provided by the User-based Security Model 17 2.5.1. Services for Generating an Outgoing SNMP Message 17 2.5.2. Services for Processing an Incoming SNMP Message 19 2.6. Key Localization Algorithm. 21 3. Elements of Procedure 21 3.1. Generating an Outgoing SNMP Message 22 3.2. Processing an Incoming SNMP Message 25 4. Discovery 30 5. Definitions 31 6. HMAC-MD5-96 Authentication Protocol 50 6.1. Mechanisms 50 6.1.1. Digest Authentication Mechanism 50 6.2. Elements of the Digest Authentication Protocol 51 6.2.1. Users 51 6.2.2. msgAuthoritativeEngineID 51 6.2.3. SNMP Messages Using this Authentication Protocol 51 6.2.4. Services provided by the HMAC-MD5-96 Authentication Module52 6.2.4.1. Services for Generating an Outgoing SNMP Message 52 6.2.4.2. Services for Processing an Incoming SNMP Message 53 6.3. Elements of Procedure 53 6.3.1. Processing an Outgoing Message 54 6.3.2. Processing an Incoming Message 54 7. HMAC-SHA-96 Authentication Protocol 55 7.1. Mechanisms 55 7.1.1. Digest Authentication Mechanism 56 7.2. Elements of the HMAC-SHA-96 Authenti...

Processing...
Loading...