Security

Video Links
› https://www.youtube.com/watch?v=XoMuYWol-7s
(Courtesy: CBT Nuggets)
› https://www.youtube.com/watch?v=NgceiOe9SO0
(Courtesy: nagiosvideo)
Security
› One of the main objective is addition of security features to
SNMP management
› Authentication, privacy, authorization and access control are
addressed in SNMPv3 specifications
› SNMPv3 architecture permits flexibility to use any protocol for
authentication and privacy of information
› (15) snmpUsmMIB follows traditional concept, user identified
by user name and associated security policies
› (15) has specified MD5 and SHA-96 as an authentication
protocols
› Cipher Block Chaining mode is adopted for privacy protocol
Security Threats
› Four types of threats exists to network management system
› When information is transported from entity A to entity B
› First three threats, signal has to be intercepted
› Whereas in last, the signal is just be tapped not intercepted
Modification
Masquerade
Stream Modification

Entity A Entity B

Disclosure
Security Threats
› Modification: some unauthorized user may modify the
contents of the message while in transit
› Masquerade: when an unauthorized user sends information
to another assuming the identity of an authorized user
› Message Stream Modification: reorder the data packets to
change the meaning of the message.
– Message may be intercepted, stored and replayed a later time
› Disclosure: disclosure of management information which
can be used later on.
– E-g: account information can be monitored and can be used
against the establishment
Security Sub-System
› Authentication Module: the source from which the message
is received should be authenticated receiver
› Privacy module: It ensure that the information is not made
available or disclosed to unauthorized users or entities.
› Timeliness: It check message timelines to prevents message
from redirection, delay and replay (window time = 150s)
Data Integrity
Data Origin Authentication Authentication Module
Message
Processing Data Confidentiality
Privacy Module
Model
Message Timeliness and
Limited Reply Protection Timeliness Module
SNMPv3 -
User-based Security Model
(USM)
USM (User-based Security Model)
› Based on traditional user name concept
› Defined abstract service interface
› Conceptual interface is define between generic USM services
and, authentication and privacy services
› Two primitive associated with authentication service are
– Authenticate Incoming message
– Authenticate Outgoing message
› Two primitive associated with privacy service are
– Encrypt Data
– Decrypt Data
USM - Overview
› MPM invokes the security sub-system
› USM invokes the privacy and authentication module depend
upon the level set in the message, of authentication and
privacy

Security sub-System
Message Privacy Module
Processing
Model Authentication Module
USM – Outgoing Message Service - Encryption
› Assuming both privacy and authentication flags are set
USM – Incoming Message Service - Decryption
› Assuming both privacy and authentication flags are set
Access Control
Access Control
› Who can access network management components and
what they can access (previously community profile)
› VACM (View based Access Control Model)
– More secure and more flexible
– It defines a set of services that an agent can use to validate
command requests and notifications
– It validates command requests as to the sending sources and their
access privileges
– It creates local database containing access rights and policies
called Local Configuration Data-store (LCD)
– In Agent or Manager (when acting as agent)
VACM - Groups
› A group Identifies as group name, is a set of zero or more SM
– Defines SNMP management object access
› Security name → principal, independent of SM used
› All elements belonging to groups have same access rights
› “Groups” same as “community names”
VACM – Groups - Security Level
› Level is security of user
– No authentication – no privacy – (noauth)
– Authentication – no privacy – (auth)
– Authentication – privacy – (priv)
› Access rights is depend upon the different security levels
› Member if same group can have different access rights
VACM - MIB view and MIB families
› It is define for each group, it deals with the set of managed
object types (specific instance of object type)
› MIB view is also define as a combination of a set of view
sub-trees, or the union of multiple sub-trees
› A require set of sub-trees are aggregated into one structure
is called “family of view sub-trees”
› A family of sub-tress can either be included or excluded from
the MIB view
VACM - MIB view and MIB families
› For example: system, interfaces, snmpProxys etc
› Standard Command
– snmp-server view <access-name> <MIB-tree-root-node1> <MIB-tree-
root-node1> …
› Example Commands
– snmp-server view ALL-ACCESS iso
– snmp-server view LIMITED-ACCESS snmpModules, snmpDomains
– snmp-server view CONFORMANCE-ACCESS snmpMIBConformance
VACM – Access Policy
› Determine the access rights to the object
– Read: Get-Request, Get-Next-Request, and Get-Bulk-Request
– Write: Set-Request
– Notify: authorized for sending objects in notification
› For the groupName, securityModel and securityLevel, that’s
the group access rights are define by either the combination
of the three view or not-accessible
› Standard Command
› snmp-server group <group-name>v3<security-level><access-name><view-name>

› Example Command
› snmp-server group G1 v3 auth LIMITED-ACCESS read
› snmp-server group G2 v3 noauth ALL-ACCESS write
VACM – Users
› That uses the group
› Standard Command
– snmp-sever user <user-name> <group-no> v3 <password-
authentication scheme> <security level> <algorithm type-password>
› Example Command
› snmp-server user jimmy G1 v3 auth sha myauth123 priv des128 mypriv123

› Security Model
– SHA
– DES
 VACM Process
1.Who are you? --- group
2.Where do you want to go? --- context
3.How secure are you to access the information?
--- security model, level
4.Why do you want to access? --- read, write or
notification
5.What object do you want to access? --- object
type
6.Which object do you want to access? --- object
instance