rfc1351.txt
来自「RFC 的详细文档!」· 文本 代码 · 共 1,542 行 · 第 1/5 页
TXT
1,542 行
Network Working Group J. Davin
Request for Comments: 1351 MIT Laboratory for Computer Science
J. Galvin
Trusted Information Systems, Inc.
K. McCloghrie
Hughes LAN Systems, Inc.
July 1992
SNMP Administrative Model
Status of this Memo
This document specifies an IAB standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "IAB
Official Protocol Standards" for the standardization state and status
of this protocol. Distribution of this memo is unlimited.
Table of Contents
1. Abstract . . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Introduction . . . . . . . . . . . . . . . . . . . . . . . 2
3. Elements of the Model . . . . . . . . . . . . . . . . . . . 2
3.1 SNMP Party . . . . . . . . . . . . . . . . . . . . . . . . 2
3.2 SNMP Protocol Entity . . . . . . . . . . . . . . . . . . . 6
3.3 SNMP Management Station . . . . . . . . . . . . . . . . . . 6
3.4 SNMP Agent . . . . . . . . . . . . . . . . . . . . . . . . 7
3.5 View Subtree . . . . . . . . . . . . . . . . . . . . . . . 7
3.6 MIB View . . . . . . . . . . . . . . . . . . . . . . . . . 7
3.7 SNMP Management Communication . . . . . . . . . . . . . . . 8
3.8 SNMP Authenticated Management Communication . . . . . . . . 9
3.9 SNMP Private Management Communication . . . . . . . . . . 9
3.10 SNMP Management Communication Class . . . . . . . . . . . . 10
3.11 SNMP Access Control Policy . . . . . . . . . . . . . . . . 11
3.12 SNMP Proxy Party . . . . . . . . . . . . . . . . . . . . . 12
3.13 Procedures . . . . . . . . . . . . . . . . . . . . . . . . 13
3.13.1 Generating a Request . . . . . . . . . . . . . . . . . . 13
3.13.2 Processing a Received Communication . . . . . . . . . . . 15
3.13.3 Generating a Response . . . . . . . . . . . . . . . . . . 17
4. Application of the Model . . . . . . . . . . . . . . . . . 17
4.1 Non-Secure Minimal Agent Configuration . . . . . . . . . . 17
4.2 Secure Minimal Agent Configuration . . . . . . . . . . . . 20
4.3 Proxy Configuration . . . . . . . . . . . . . . . . . . . 21
4.3.1 Foreign Proxy Configuration . . . . . . . . . . . . . . . 22
4.3.2 Native Proxy Configuration . . . . . . . . . . . . . . . 25
4.4 Public Key Configuration . . . . . . . . . . . . . . . . . 27
4.5 MIB View Configurations . . . . . . . . . . . . . . . . . . 29
Davin, Galvin, & McCloghrie [Page 1]
RFC 1351 SNMP Administrative Model July 1992
5. Compatibility . . . . . . . . . . . . . . . . . . . . . . . 33
6. Security Considerations . . . . . . . . . . . . . . . . . . 33
7. References . . . . . . . . . . . . . . . . . . . . . . . .
8. Authors' Addresses . . . . . . . . . . . . . . . . . . . . 34
1. Abstract
This memo presents an elaboration of the SNMP administrative model
set forth in [1]. This model provides a unified conceptual basis for
administering SNMP protocol entities to support
o authentication and integrity,
o privacy,
o access control, and
o the cooperation of multiple protocol entities.
Please send comments to the SNMP Security Developers mailing list
(snmp-sec-dev@tis.com).
2. Introduction
This memo presents an elaboration of the SNMP administrative model
set forth in [1]. It describes how the elaborated administrative
model is applied to realize effective network management in a variety
of configurations and environments.
The model described here entails the use of distinct identities for
peers that exchange SNMP messages. Thus, it represents a departure
from the community-based administrative model set forth in [1]. By
unambiguously identifying the source and intended recipient of each
SNMP message, this new strategy improves upon the historical
community scheme both by supporting a more convenient access control
model and allowing for effective use of asymmetric (public key)
security protocols in the future.
3. Elements of the Model
3.1 SNMP Party
A SNMP party is a conceptual, virtual execution context whose
operation is restricted (for security or other purposes) to an
administratively defined subset of all possible operations of a
particular SNMP protocol entity (see Section 3.2). Whenever a SNMP
protocol entity processes a SNMP message, it does so by acting as a
SNMP party and is thereby restricted to the set of operations defined
Davin, Galvin, & McCloghrie [Page 2]
RFC 1351 SNMP Administrative Model July 1992
for that party. The set of possible operations specified for a SNMP
party may be overlapping or disjoint with respect to the sets of
other SNMP parties; it may also be a proper or improper subset of all
possible operations of the SNMP protocol entity.
Architecturally, each SNMP party comprises
o a single, unique party identity,
o a single authentication protocol and associated
parameters by which all protocol messages originated by
the party are authenticated as to origin and integrity,
o a single privacy protocol and associated parameters by
which all protocol messages received by the party are
protected from disclosure,
o a single MIB view (see Section 3.6) to which all
management operations performed by the party are
applied, and
o a logical network location at which the party executes,
characterized by a transport protocol domain and
transport addressing information.
Conceptually, each SNMP party may be represented by an ASN.1 value
with the following syntax:
SnmpParty ::= SEQUENCE {
partyIdentity
OBJECT IDENTIFIER,
partyTDomain
OBJECT IDENTIFIER,
partyTAddr
OCTET STRING,
partyProxyFor
OBJECT IDENTIFIER,
partyMaxMessageSize
INTEGER,
partyAuthProtocol
OBJECT IDENTIFIER,
partyAuthClock
INTEGER,
partyAuthLastMsg
INTEGER,
partyAuthNonce
INTEGER,
Davin, Galvin, & McCloghrie [Page 3]
RFC 1351 SNMP Administrative Model July 1992
partyAuthPrivate
OCTET STRING,
partyAuthPublic
OCTET STRING,
partyAuthLifetime
INTEGER,
partyPrivProtocol
OBJECT IDENTIFIER,
partyPrivPrivate
OCTET STRING,
partyPrivPublic
OCTET STRING
}
For each SnmpParty value that represents a SNMP party, the following
statements are true:
o Its partyIdentity component is the party identity.
o Its partyTDomain component is called the transport
domain and indicates the kind of transport service by
which the party receives network management traffic.
An example of a transport domain is
rfc1351Domain (SNMP over UDP, using SNMP
parties).
o Its partyTAddr component is called the transport
addressing information and represents a transport
service address by which the party receives network
management traffic.
o Its partyProxyFor component is called the proxied
party and represents the identity of a second SNMP
party or other management entity with which
interaction may be necessary to satisfy received
management requests. In this context, the value
noProxy signifies that the party responds to received
management requests by entirely local mechanisms.
o Its partyMaxMessageSize component is called the
maximum message size and represents the length in
octets of the largest SNMP message this party is
prepared to accept.
o Its partyAuthProtocol component is called the
authentication protocol and identifies a protocol and a
mechanism by which all messages generated by the party
Davin, Galvin, & McCloghrie [Page 4]
RFC 1351 SNMP Administrative Model July 1992
are authenticated as to integrity and origin. In this
context, the value noAuth signifies that messages
generated by the party are not authenticated as to
integrity and origin.
o Its partyAuthClock component is called the
authentication clock and represents a notion of the
current time that is specific to the party. The
significance of this component is specific to the
authentication protocol.
o Its partyAuthLastMsg component is called the
last-timestamp and represents a notion of time
associated with the most recent, authentic protocol
message generated by the party. The significance of this
component is specific to the authentication protocol.
o Its partyAuthNonce component is called the nonce
and represents a monotonically increasing integer
associated with the most recent, authentic protocol
message generated by the party. The significance of this
component is specific to the authentication protocol.
o Its partyAuthPrivate component is called the private
authentication key and represents any secret value
needed to support the authentication protocol. The
significance of this component is specific to the
authentication protocol.
o Its partyAuthPublic component is called the public
authentication key and represents any public value that
may be needed to support the authentication protocol.
The significance of this component is specific to the
authentication protocol.
o Its partyAuthLifetime component is called the
lifetime and represents an administrative upper bound
on acceptable delivery delay for protocol messages
generated by the party. The significance of this
component is specific to the authentication protocol.
o Its partyPrivProtocol component is called the privacy
protocol and identifies a protocol and a mechanism by
which all protocol messages received by the party are
protected from disclosure. In this context, the value
noPriv signifies that messages received by the party are
not protected from disclosure.
Davin, Galvin, & McCloghrie [Page 5]
RFC 1351 SNMP Administrative Model July 1992
o Its partyPrivPrivate component is called the private
privacy key and represents any secret value needed to
support the privacy protocol. The significance of this
component is specific to the privacy protocol.
o Its partyPrivPublic component is called the public
privacy key and represents any public value that may be
needed to support the privacy protocol. The significance
of this component is specific to the privacy protocol.
If, for all SNMP parties realized by a SNMP protocol entity, the
authentication protocol is noAuth and the privacy protocol is noPriv,
then that protocol entity is called non-secure.
3.2 SNMP Protocol Entity
A SNMP protocol entity is an actual process which performs network
management operations by generating and/or responding to SNMP
protocol messages in the manner specified in [1]. When a protocol
entity is acting as a particular SNMP party (see Section 3.1), the
operation of that entity must be restricted to the subset of all
possible operations that is administratively defined for that party.
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?