Declarative Public Extension Key for Internet Small Computer Systems Interface (iSCSI) Node Architecture
Voir toute la rfc dans une seule page
Page : 5 / 9
Télécharger le PDF
Auteur(s) :
D. Wysochanski
Classé sous :
Tcp,
Transport protocol,
Transmission control protocol
RFC 4850 iSCSI Node Architecture April 2007
Finally, it is important to note that different nodes may have
different levels of risk, and these differences may affect the
implementation. The components of risk include assets, threats, and
vulnerabilities. Consider the following example iSCSI nodes, which
demonstrate differences in assets and vulnerabilities of the nodes,
and as a result, differences in implementation:
o One iSCSI target based on a special-purpose operating system.
Since the iSCSI target controls access to the data storage
containing company assets, the asset level is seen as very high.
Also, because of the special-purpose operating system, in which
vulnerabilities are less well-known, the vulnerability level is
viewed as low.
o Multiple iSCSI initiators in a blade farm, each running a general-
purpose operating system. The asset level of each node is viewed
as low, since blades are replaceable and low cost. However, the
vulnerability level is viewed as high, since there are many well-
known vulnerabilities to the general-purpose operating system.
For the above target, an appropriate implementation might be logging
of received key values, but no transmission of the key. For the
initiators, an appropriate implementation might be transmission of
the key, but no logging of received key values.
5. IANA Considerations
The standards action of this document updates RFC 3720 to allow any
iSCSI extension item, specifically X# extension text keys, Y# digest
algorithms, and Z# authentication methods, to be defined by a
standards track, experimental, or informational RFC. This document
is a standards track RFC that defines an X# extension text key.
IANA registered this key as follows:
o Key Name: X#NodeArchitecture
o Description: Node architecture details
o Reference: [RFC4850]
The update to RFC 3720 to allow additional types of RFCs for iSCSI
Extension items has the same effect as if the following changes were
made to the text of RFC 3720 (RFC text cannot be changed after
publication):
Wysochanski Standards Track [Page 5]