[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: survey of isp security practices

To: ietfdbh@comcast.net
Subject: Re: survey of isp security practices
From: "George M. Jones" <gmjones@mitre.org>
Date: Thu, 18 Nov 2004 07:11:31 -0500
Cc: gmj@pobox.com, "'Randy Presuhn'" <randy_presuhn@mindspring.com>, opsec@ops.ietf.org
In-reply-to: <E1CUUmi-0002jf-Jr@psg.com>
References: <E1CUUmi-0002jf-Jr@psg.com>


On Nov 17, 2004, at 1:43 PM, David B Harrington wrote:

Hi George,

I agree with Randy that user, access control, and key management need
to be included in this discussion.
Assuming RADIUS will "handle it" is insufficient.

What happens when RADIUS authentication is not accessible because of
network problems?
Is there a fallback to local authentication?


In the operational environment that I am most familiar with, yes,
there is fallback to local authentication...a single account.

Does anyone have examples of large nets where more than a few
local users are maintained across all devices ?

How are the local authentication keys distributed and managed?

Generated and maintained offline...can differ per device/per class
of device ... access to per-device fallback passwords controlled other
globally available authentication and authorization means.
That's one way to do it.

Distribution is indeed a problem.


RADIUS can provide per-user authorization; what happens when RADIUS is
not available?
Is there a fallback to local per-user authorization?


See above.

How are the local per-user authorization rules managed (created,
deleted, etc.)?

You mention "per-command" access control.
Is per-command the only type of access control desired?
What about access to different subsets of information, such as
writable MIB module data, security configuration data, sensitive
directory data?
Does RADIUS provide enough info for controlling access to data
subsets, when a user is permitted to modify some things but not
others?
What happens in a local-authorization fallback scenario?

Some protocols provide for encrypted messaging, such as SSH and
SNMPv3.
Does RADIUS provide authentication for the encryption protocols?
How are the encryption keys managed?
How are the keys managed in a local-authnetication fallback scenario?

Without answering some of these questions, the discussion is really
incomplete.


Can you phrase those in the form of capabilities ("supports fallback
to local authentication in the event that network based authentication
mechanisms are unavailable") ?  If so, we can discuss.

Thanks,
---George

References:
- RE: survey of isp security practices
  - From: "David B Harrington" <ietfdbh@comcast.net>

Prev by Date: Re: survey of isp security practices
Next by Date: Re: survey of isp security practices
Previous by thread: RE: survey of isp security practices
Next by thread: Re: survey of isp security practices
Index(es):
- Date
- Thread