Due to the increasing complexity of modern information technological (IT) networks, integrated network management systems have become an important tool for the set-up and operation of IT networks. For example, Hewlett-Packard offers such a network management system under the name “hp OpenView” (see, for example, hp OpenView Quick Reference Guide, February 2003). One task of “network management” is monitoring the status, performance or availability of network elements and providing monitoring results, for example, to a network operator or a service responsible. Typically, network monitoring includes an alarm functionality which alerts the operator or the service responsible in the case of an incident which requires attention, for example, a fault, an impending fault, or a decline of performance or availability of a network element. Typically (but not necessarily) a network management system not only provides a flow of information from managed network elements to a management server and, e.g. to the network operator, but also enables managed network elements to be manipulated, e.g. by the network operator or, automatically, by a network management process. “Manipulating” may, for example, comprise configuring network elements or changing their existing configuration, starting and stopping processes in network elements, allocating memory to network elements, etc.
Typically, network management systems are distributed systems which include, on the one hand, distributed management software that runs on the managed network elements (also called “managed nodes”). The management software running in the managed node is called “agent”. On the other hand, a typical network management system includes a management server which communicates with the agents and is superordinate to them. The communication is typically two way: the management server receives information from the agents about the function of the managed node with which the respective agent is associated, or it sends a request or an instruction to an agent. In the OpenView management system, which is such a distributed management system, the agents do not simply forward information obtained from their node to the management server, but rather have some “intelligence”. For example, an agent is arranged to filter information it receives from its managed node via SNMP requests, or which it finds in a log file of the managed node, according to user-defined rules, and forwards only the information which passes this filter to the management server (a description of SNMP (Simple Network Management Protocol) can, for example, be found in W. Richard Stevens: TCP/IP Illustrated, Vol. 1, The Protocols, 1994, pp 359-388). Management systems of this kind are, for example, described in EP 1 244 251 A1 and EP 1 257 087 A1. The communication between the agents and the management server is not based on SNMP, but uses a more powerful network management protocol which is proprietary to the network management system.
Although network management is often located within a non-public domain of networks, network security may also be an issue in network management systems. For example, the use of symmetric secret key encryption has been proposed in the framework of SNMP in order to provide for user authentication and message integrity control (see U. Blumenthal et al.: User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3), Network Working Group, RFC 2574, April 1999, http://www.ietf.org/rfc/rfc2574.txt). WO 01/24444 A2 describes the application of this proposal to a broadband access network. US 2003/0033521 describes the use of public-key encryption to verify an authorization to request a switch user operation in the framework of a network management system.
Generally, at least some of the operating systems currently on the market provide a user authentication functionality and a public-key infrastructure (see, for example, Microsoft Windows 2000 Security Technical Reference, Redmond 2000, pp 163 and 175 to 208). In order to secure communication via the Internet, a security protocol called SSL (Secure Sockets Layer) has been developed, which is now widely used. SSL builds a secure connection between two sockets (sockets are transport service primitives), including mutual authentication of client and server (see, for example, Andrew S. Tanenbaum: Computer Networks, 4th edition, 2003, Pearson Education International, pp 813-816).