1. Field of the Invention
The present invention relates, generally to a method and apparatus for encoding, transmitting and decoding a digital message and, more specifically, to such a method and apparatus wherein cryptographic security mechanisms are provided which are simpler than those in known methods and arrangements.
2. Description of the Prior Art
Various network protocols are known in the area of managing computer networks. The jobs for the management of computer networks are becoming increasingly more difficult due to both the great spread of computers. The more and more complex networking of computers and the systems for network management required for this purpose also are becoming more and more powerful. The question of security of the network management is acquiring greater and greater significance in the framework of the management of computer networks. The security of the network management is highly dependent on the security techniques employed in the system.
The document (M. Rose, The Simple Book, PTR Prentice Hall, 2nd Edition, ISBN 0-13-177254-6, pages 59-91, 1994) discloses various network protocols for network management, for example the Simple Network Management Protocol (SNMP) in Version 1 (SNMPv1) and in Version 2 (SNMPv2) or the Common Management Internet Protocol (CMIP) as well.
The SNMPv1 has been the most widespread protocol for monitoring and supervision of network components over local computer networks (Local Area Networks, LANs) as well as over global networks (Wide Area Networks, WANs). The SNMPv1 is arranged above the Internet protocols of user datagram protocol (UDP) and Internet protocol (IP) in the framework of the OSI Communication Layer system. Both the UDP and the IP exhibit substantial weaknesses in the area of security, since security mechanisms are hardly integrated, or not at all integrated, in these protocols. Below, both the SNMP and CMIP are referred to as network protocol.
The network protocols are employed for the transmission of computer network management information between a first computer unit, which contains what is referred to as a manager, and at least one second computer unit, which contains what is referred to as an agent. In a complex computer network, at least one management station and an arbitrary plurality of computers monitored and supervised by the manager application usually are monitored or, respectively, controlled via the network protocol.
However, network management architectures also are known that include a plurality of hierarchies, for example a plurality of computers that are respectively monitored by one manager, and a plurality of computers that respectively contain a manager application that is monitored or, respectively, controlled by a further computer that contains a higher-ranking manager application. A computer that contains a manager application of the respective network protocol is referred to below as, first computer unit.
Each computer unit that has an agent implemented is referred to below as a second computer unit. It is possible that a computer may be configured both as manager and as agent; correspondingly, the functionalities are contained in the computer. The respective network protocol can be implemented in the computer in hardware as well as in software.
A simple hierarchy is assumed below; i.e., only that case is described wherein a first computer unit as manager monitors or, respectively, controls an arbitrary plurality of second computer units, the agents. This, however, only serves the purpose of a simpler presentation. It is possible also to apply the present invention in an architecture having an arbitrary plurality of hierarchy levels.
In the network protocols, either an information query is transmitted from the first computer unit to the second computer unit, or a control value is transmitted for the control or, respectively, supervision of the second computer unit. It is standard in each second computer unit, given the known network protocols, that the information employed by the second computer unit in the framework of the network protocol is stored in the form of what is referred to as a management information base (MIB), which exhibits the structure of a hierarchic data bank.
The overall structure of the management information of the network protocols is stored in what is referred to as a global registration tree; for example, the global SNMP registration tree. The MIB of an agent (a second computer unit), is a part of the registration tree of the respective network protocol.
Digital messages, for example an SNMPv1 message, are employed for the transmission of information between the first computer unit and the second computer unit. An SNMPv1 message contains a version number, what is referred to as a community string, and an SNMPv1 protocol data unit (PDU). The version of the network protocol employed is indicated with the version number. The version number is defined upon implementation of the respective network protocol.
The community string in the SNMPv1 serves as a password for access to an MIB of a second computer unit. The community string given SNMPv1 is sent to the agent unencrypted. A check is carried out in the agent (i.e., the second computer unit), to see whether the community string that was respectively received together with an SNMPv1 message authorizes an access in the MIB of the second computer. Since the password is transmitted unencrypted given SNMPv1, a misuse of the community string is easily possible; for example, for masking a potential attacker and for unauthorized access to a second computer unit. Such is the case since it is very simple for a potential attacker to tap the community string together with an IP sender address of an authorized user.
SNMPv1 thus has practically no effective security mechanism integrated in it, particularly no effective authentication of the SNMPv1 manager, and, as a consequence of the lacking authentication, has no dependable access control on the part of the agent. Further, SNMPv1 contains no possibility for implementing security mechanisms of the data integrity or of the data confidentiality. It is, thus, possible for a potential attacker to simply listen in to transmitted SNMP-PDUs and to misuse the transmitted information between manager and agent. The encoding rules of the network protocols are described in detail in M. Rose, The Simple Book, PTR Prentice Hall, 2nd Edition, ISBN 0-13-177254-6, pages 59-91, 1994.
In the second version of SNMP, SNMPv2, various security measures were, in fact, provided but the administration of cryptographic keys was so Involved that this problem led to the SNMPv2 being incapable of prevailing in the marketplace over the SNMPv1 despite considerably greater possibilities for the administration of computer networks compared to SNMPv1. The original SNMPv2 standard was therefore withdrawn and replaced by a modified standard wherein no security was integrated.
CMIP, which due to generally significantly greater complexity compared to SNMPv1 and SNMPv2, was hardly considered in products was incapable of prevailing in the marketplace. Further, the concept of what is referred to as proxy agents is likewise described in the document of (M. Rose, The Simple Book, PTR Prentice Hall, 2nd Edition, ISBN 0-13-177254-6, page 315, 1994).