RFC 2264 (rfc2264) - Page 1 of 76


User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)



Alternative Format: Original Text Document



Network Working Group                                      U. Blumenthal
Request for Comments: 2264                     IBM T. J. Watson Research
Category: Standards Track                                      B. Wijnen
                                               IBM T. J. Watson Research
                                                            January 1998


          User-based Security Model (USM) for version 3 of the
              Simple Network Management Protocol (SNMPv3)

Status of this Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (1997).  All Rights Reserved.

Abstract

   This document describes the User-based Security Model (USM) for SNMP
   version 3 for use in the SNMP architecture [RFC 2261].  It defines the
   Elements of Procedure for providing SNMP message level security.
   This document also includes a MIB for remotely monitoring/managing
   the configuration parameters for this Security Model.

Table of Contents

1.  Introduction                                                       3
1.1.  Threats                                                          4
1.2.  Goals and Constraints                                            5
1.3.  Security Services                                                6
1.4.  Module Organization                                              7
1.4.1.  Timeliness Module                                              7
1.4.2.  Authentication Protocol                                        8
1.4.3.  Privacy Protocol                                               8
1.5.  Protection against Message Replay, Delay and Redirection         8
1.5.1.  Authoritative SNMP engine                                      8
1.5.2.  Mechanisms                                                     8
1.6.  Abstract Service Interfaces.                                    10
1.6.1.  User-based Security Model Primitives for Authentication       11
1.6.2.  User-based Security Model Primitives for Privacy              11
2.  Elements of the Model                                             12
2.1.  User-based Security Model Users                                 12



Blumenthal & Wijnen         Standards Track