Page 381 - Handbook of Modern Telecommunications
P. 381

3-172                   CRC Handbook of Modern Telecommunications, Second Edition

            3.7.2.1.4  Time Services
            In distributed systems and network environments, where processes and applications are running on dif-
            ferent machines, time differences may occur between systems. Such time differences become critical when
            correct time stamps determine sequencing of events, job scheduling, measurement timing, and reporting
            intervals. Consistent use of time services is imperative when dealing with global networks, which span
            multiple time zones. Time service general requirements can be summarized as follows (MORR00):
              •   Use of an absolute, universal, coordinated time reference source
              •   Consistent synchronization services across hardware and software components
              •   Translation of universal time to local time for networks spanning multiple time zones
              •   Automatic resynchronization of manager and agent platforms after service interruptions
              •   Ability to operate in a heterogeneous computer and network environment
              •   Ability to keep the service running in case of major network instabilities
              •   Ability to provide both clock corrections and time source synchronization
              In most cases, the Internet Network Time Protocol (NTP) is used. Its primary reference time source
            is the absolute Universal Time Clock (UTC) or sources directly derived from the UTC.

            3.7.2.1.5  Software Distribution
            In complex environments, management systems are usually distributed. These systems consist of serv-
            ers, clients, and the communication paths between them. In order to ensure that they remain in synch,
            software versions or releases running on servers and clients must be compatible with each other. Manual
            software distribution is too slow and not sufficiently reliable. Electronic software distribution offers two
            popular alternatives: push and pull. Distributing software by “push” allows easier scheduling and better
            automation and does not require the physical presence of administrators. However, receiver servers and
            clients should be prepared for the distribution. Distributing by “pull” offers better control by admin-
            istrators and changes during distribution at the price of low automation. Scheduling is flexible and
            depends solely on human decisions. At present, pull is the usual choice in Web environments.

            3.7.2.1.6  Security Services
            Open distributed network environments consist of an increasing number of interconnected computing
            resources, networks, and users. Networks are no longer closed networks but mixtures of private and
            public networks. These networks include heterogeneous components, which has a bearing on security
            services as well. The security of a network depends on the security of adjacent networks and other trusted
            partners. Frequent changes, such as adding new resources and new users, lead to additional concerns
            regarding security. Security can be seen as the security management functional feature built into certain
            management applications, namely security management applications. Since management frameworks
            control resources, security becomes an issue, as other framework services must operate securely if the sys-
            tem as a whole is to be secure. Security is often embedded in framework services such as communications,
            database management, and object manipulation services, which perform management operations.
              Basic security requirements include (MORR00):
              •   Support for basic security features such as authentication, access control, and data integrity
              •   Ability to protect the system against potential intrusions
              •   Security features in the entire software development life cycle
              •   Distinctions in user security access profiles according to their role in the network
              •   Ability to group resources and users and apply common security policies to them
              •   Need to test security features and services against possible violations
              •   Protection of passwords and encryption keys by storing them in protected, encrypted files
              •   Mechanism to provide automatic clearing of disabled user accounts, user IDs, and passwords
              •   Capacity to communicate security data in a secured fashion
   376   377   378   379   380   381   382   383   384   385   386