Commit e0b56695 authored by 's avatar
Browse files

some changes into the admission control section


git-svn-id: file:///home/svn/mapi/trunk@235 8d5bb341-7cf1-0310-8cf6-ba355fef3186
parent bc19e45d
...@@ -569,19 +569,21 @@ access to the full packet record, {\tt print\_IP\_pkt()} can be altered ...@@ -569,19 +569,21 @@ access to the full packet record, {\tt print\_IP\_pkt()} can be altered
as needed to print any other part of the packet, even the whole packet payload. as needed to print any other part of the packet, even the whole packet payload.
\subsection{Admission control} \subsection{Admission control}
In this example we illustrate the admission control features of mapi. This example illustrates the admission control features of MAPI.
In most cases administrators of sensors do not want users to gain full In most cases, administrators of sensors may not want users to have full
control. Contrariwise, users should be restricted in means of the functions access to the monitoring system for privacy and performance reasons.
that they are allowed to apply to a flow. The main reasons behind this Contrariwise, users should be restricted in which functions
reluctance are privacy and performance. As far as privacy is concerned, they are allowed to apply to a network flow.
an administrator may not be willing to provide full packets to users As far as privacy is concerned,
but only statistics as packet of byte counters. Moreover, since some an administrator may not be willing to provide full packets to users,
but only statistics such as packet or byte counters. Moreover, since some
functions may consume a large amount of resources, such as the string functions may consume a large amount of resources, such as the string
search function, the usage of these functions should be restricted. searching or the TCP stream reassembly functions,
the usage of these functions should be restricted.
The administrator of each sensor creates a usage policy, that specifies The administrator of each sensor creates a usage policy that specifies
how the sensor can be used, or in other words which functions the user is how the sensor can be used, i.e., which functions the user is
able to use. A sample policy is presented below: allowed to use. An example of such a policy is the following:
\begin{code} \begin{code}
KeyNote-Version: 2 KeyNote-Version: 2
...@@ -595,21 +597,21 @@ Signature: "sig-rsa-sha1-base64:aVjpVTDs2ZWAQjJD2o5IUh+jDZc=" ...@@ -595,21 +597,21 @@ Signature: "sig-rsa-sha1-base64:aVjpVTDs2ZWAQjJD2o5IUh+jDZc="
\end{code} \end{code}
Policies in general specify that the administrator of the sensor, Policies in general specify that the administrator of the sensor,
identified in the {\tt Authorizer} field, permit users that are identified identified in the {\tt Authorizer} field, permit the users identified
in the {\tt Licensees} field to create network flows if they conform to the in the {\tt Licensees} field to create network flows if they conform to the
assertions that are specified in the {\tt Conditions} field. In this particular assertions that are specified in the {\tt Conditions} field. In this particular
policy the conditions restrict the user to open an interface in the policy, the conditions restrict the user to use an interface onyly in the
range of eth0-eth9, do not use the {\tt TO\_BUFFER} function and apply less range of eth0-eth9, do not use the {\tt TO\_BUFFER} function,
than four {\tt STR\_SEARCH} functions. and apply less than four {\tt STR\_SEARCH} functions.
When a user wants to use a sensor, he contacts the administrator of When a user wants to use a sensor, he contacts the administrator of
the sensor and sends his public key. The administrator adds this public the sensor and sends his public key. The administrator adds this public
key to the Licensees field of the policy and then digitally signs the key to the Licensees field of the policy and then digitally signs the
message, as it is shown in the {\tt Signature} field. This latter step is message, as it is shown in the {\tt Signature} field. This latter step is
mandatory so no one can alter the policy. The signed policy, called mandatory to ensure the integrity of the policy. The signed policy, called
credentials, is returned to the user and should be used every time a credentials, is returned to the user and should be used every time a
flow is created. For example, in the following program a user wants flow is created. In the following example, a user wants
to count the packets in a mapi sensor. to count the packets in a mapi sensor using appropriate credentials.
\begin{Verbatim}[numbersep=12pt, numbers=left, baselinestretch=1.1, fontsize=\small] \begin{Verbatim}[numbersep=12pt, numbers=left, baselinestretch=1.1, fontsize=\small]
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment