Role-Based Access Control for XML Enabled Multi-Protocol Management Gateways

While security is often supported in standard management frameworks, security is of major importance in the management plane. In this paper we address the provisioning of a security ``continuum'' for management frameworks based on multi-protocol gateways. We provide an in depth security extension of such a gateway using the Role Based Access Control paradigm and show how to integrate our approach within a broader XML-based management framework. Two case studies are investigated: while the first one proposes to map an XML-based RBAC policy to SNMP access control model, the second one maps the same policy to CLI security levels. The target objective is to provide consistent access control policies not only locally on each device whatever be the network management framework but also globally through the managed domain