Snmpv3 Protocol Security Mechanisms

Posted on:2006-05-16

Degree:Master

Type:Thesis

Country:China

Candidate:S Wang

Full Text:PDF

GTID:2208360182460417

Subject:Communication and Information System

Abstract/Summary:

PDF Full Text Request

With the rapid development of the computer network, security issues have become the focus of the computer society and the researchers. The high-performance router is the core part of backbone network. Security management is one of the basic functions of router network management system. This dissertation is devoted to researches into the theory and implementation of the security mechanism of the Simple Network Management Protocol version 3 (SNMPv3) according to the requirements of the Tenth Five-year Plan 863 "T bit High-Performance IPv4/v6 Router Basic Platform and Experimental System" .The main contribution and innovation of this thesis come as follows:Firstly, we point out the problem of the security mechanism of SNMPv3 in existence. After a deep analysis of the protocol, we have found that if we use the SNMPv3 protocol directly in the terabit router system, some problems like simplex user category, not having much encrypt category and faulty key management would occur and can' t satisfy the requirement of the security policy.Secondly, in order to improve the security performance, based the RFC 3826, we put forward the application of the AES arithmetic to replace the DES arithmetic of the USM module and implement it in the terabit router system. The special condition of the military purpose requires the terabit router system to have more security than others. Based on the study of all kinds of encrypt arithmetic and the trend of current encrypt technology, we put forward the use of the AES arithmetic to replace the DES arithmetic, then we analyze the difficulties of the program and list the whole process of the design within the net-snmp software packet. From the theoretic analysis and experimentation, we can conclude that the AES arithmetic can satisfy the requirement of terabit router system perfectly.Thirdly, we propose and implement the Key-lifetime-limited betterment scheme based on the USM module. This scheme reminds the administrator to change the use key in time with the Trap mechanism once the key expires. This scheme enables the system to have the capability of security test in time and avoid the danger of using the same key for too much time. This improvement has greatly enhanced the security of the terabit router system.

Keywords/Search Tags:

SNMP, USM, security mechanism, encrypt arithmetic, key

PDF Full Text Request

Related items

1	The Design Of The Enterprise After-Sales Server System Based On Web And Research Of The Encrypt Technology
2	Network Applications Security Model Research And Applications
3	Study On Security Of SNMPv3-based Network Management System
4	Research And Implemention Of Information Security Encryption System Based On The RSA
5	Research And Implementation Of SMS End-To-End Encrypt System Technology
6	The Research On EC Trade Security Mechanism
7	Design And Realization Of MIB And Event Mechanism Used In The NMS Based On SNMP Protocol
8	The Study, Based On E-commerce Security Mechanism Of The Set Protocol
9	Research And Implementation Of A SNMP-Based Network Monitor Management System
10	The Secure Mechanism And Implementation Technics Of A Web Server