期刊名称:International Journal of Advanced Networking and Applications
电子版ISSN:0975-0290
出版年度:2010
卷号:1
期号:6
页码:393-399
出版社:Eswar Publications
摘要:We present a framework for managing system security, based on a SNMP Management Information Base (MIB), namely the System Security MIB (SSEC MIB), We have defined managed objects and completed the ASN.1 description of the MIB that embeds them. The related security management functions are mainly focused on monitoring external script execution for system security scanning and access control. The main goal of this work is to introduce the semantics and a standard interface that will allow the realization of specific system security management functions independently of the underlying architecture. Our definitions pertain to multi -user; multi-tasking operating systems that support TCP/IP communications and a prototype of the SSEC MIB are under development for UNIX system. The proposed management framework follows the manager agent paradigm: an agent is installed on every system connected to the network, communicating with one or more central managers through a management protocol. We have tried not to heavily rel y on polling for the manager-agent interaction by using as much as possible asynchronous notification mechanisms and allowing some limited delegated functionality for the agent (scheduling and handling of local scripts). The manager scans the agents for security information, sets specific parameters for monitoring and script execution and receives asynchronous notifications on specific events, whereas the agent maintains a MIB that provides the system-independent interface semantics, executes scripts for security scanning, performs monitoring & logging and generates the asynchronous notification PDUs
关键词:Systems Management; System Security; SNMP; Agent; MIB
