Secure Management Information Exchange

Abstract

This paper describes the design and implementation of a secure management protocol for the management of distributed applications. The protocol is a modified use of the ISO CMIP protocol, with additional mechanisms and behaviour to provide the following security services: ffl Mutual authentication of communicating parties. Both parties can prove to each other that they are who they claim to be by the exchange of signed credentials. ffl Stream integrity for management information packets (protocol data units -- PDUs). The management information exchanged between the parties is protected from replay, misordering, modification, insertion and deletion of the PDUs. ffl Confidentiality of the management PDUs. Only the communicating parties can read the information passed between them. The mechanism used also provides a level of back traffic protection and perfect forward secrecy. In previous work we have implemented a public-key based system. Here, we present an experiment based on the ..

Download PDF:
_{Sorry, we are unable to provide the full text but you may find it at the following location(s):}

http://citeseerx.ist.psu.edu/v... (external link)

http://www.cs.ucl.ac.uk/staff/... (external link)