blank.gif (43 bytes)

Church Of The
Swimming Elephant

Search:
2.13. SNMPv2 Access Control Policy Connected: An Internet Encyclopedia
2.13. SNMPv2 Access Control Policy

Up: Connected: An Internet Encyclopedia
Up: Requests For Comments
Up: RFC 1445
Up: 2. Elements of the Model
Prev: 2.12. SNMPv2 Management Communication Class
Next: 3. Elements of Procedure

2.13. SNMPv2 Access Control Policy

2.13. SNMPv2 Access Control Policy

A SNMPv2 access control policy is a specification of a local access policy in terms of a SNMPv2 context and the management communication classes which are authorized between a pair of SNMPv2 parties. Architecturally, such a specification comprises four parts:

  • the targets of SNMPv2 access control - the SNMPv2 parties that may perform management operations as requested by management communications received from other parties,

  • the subjects of SNMPv2 access control - the SNMPv2 parties that may request, by sending management communications to other parties, that management operations be performed,

  • the managed object resources of SNMPv2 access control - the SNMPv2 contexts which identify the management information on which requested management operations are to be performed, and

  • the policy that specifies the classes of SNMPv2 management communications pertaining to a particular SNMPv2 context that a particular target is authorized to accept from a particular subject.

Conceptually, a SNMPv2 access policy is represented by a collection of ASN.1 values with the following syntax:

        AclEntry ::= SEQUENCE {
          aclTarget
             OBJECT IDENTIFIER,
          aclSubject
             OBJECT IDENTIFIER,
          aclResources
             OBJECT IDENTIFIER,
          aclPrivileges
             INTEGER
        }

For each such value that represents one part of a SNMPv2 access policy, the following statements are true:

  • Its aclTarget component is called the target and identifies the SNMPv2 party to which the partial policy permits access.

  • Its aclSubject component is called the subject and identifies the SNMPv2 party to which the partial policy grants privileges.

  • Its aclResources component is called the managed object resources and identifies the SNMPv2 context referenced by the partial policy.

  • Its aclPrivileges component is called the privileges and represents a set of SNMPv2 management communication classes which, when they reference the specified SNMPv2 context, are authorized to be processed by the specified target party when received from the specified subject party.

The application of SNMPv2 access control policy only occurs on receipt of management communications; it is not applied on transmission of management communications. Note, however, that ASN.1 values, having the syntax AclEntry, are also used in determining the destinations of a SNMPv2-Trap [2].


Next: 3. Elements of Procedure

Connected: An Internet Encyclopedia
2.13. SNMPv2 Access Control Policy

Cotse.Net

Protect yourself from cyberstalkers, identity thieves, and those who would snoop on you.
Stop spam from invading your inbox without losing the mail you want. We give you more control over your e-mail than any other service.
Block popups, ads, and malicious scripts while you surf the net through our anonymous proxies.
Participate in Usenet, host your web files, easily send anonymous messages, and more, much more.
All private, all encrypted, all secure, all in an easy to use service, and all for only $5.95 a month!

Service Details

 
.
www.cotse.com
Have you gone to church today?
.
All pages ©1999, 2000, 2001, 2002, 2003 Church of the Swimming Elephant unless otherwise stated
Church of the Swimming Elephant©1999, 2000, 2001, 2002, 2003 Cotse.com.
Cotse.com is a wholly owned subsidiary of Packetderm, LLC.

Packetderm, LLC
210 Park Ave #308
Worcester, MA 01609