| With the fast expandence of computer network especially the scale of the network, the complexity and heterogeneity of networks are strenthening continuously. Traditional network management protocol such as simple network management protocol(SNMP) has not satisfied the requirement of network management, especially the configuration management. In order to make up the limitations of SNMP, XML(extensible markup language)-based network management technologies emerged as the times require. In this context, the working group of IETF made an XML-based network protocol called NETCONF for network configuration. Access control is a necessary security mechanism for NETCONF network management, because not anyone but specified one can access managed devices and read or write the data of configuration. In this dissergation, with the NETCONF prototype system developed in the project cooperated with Huawei Company before, choose the RBAC mechanism for verification after the study of the existing access control mechanisms through literature research and theory analysis, summarize the relative design experience and the advantages and disadvantages in terms of simiplity of application deployment, convenience of administration, high efficiency of verification under the circumstance of enormous data and so on. Finally, according the characteristic of NETCONF and data module, compose the architecture of centralized access control proxy server. |
PDF Full Text Request