| Description | To facilitate the provisioning of access control by a
security administrator using the View-Based Access
Control Model (RFC 2575, VACM) for tables in which
multiple users may need to independently create or modify
entries, the initial index is used as an 'owner index'.
Such an initial index has a syntax of SnmpAdminString,
and can thus be trivially mapped to a securityName or
groupName as defined in VACM, in accordance with a
security policy.
All entries in that table belonging to a particular user
will have the same value for this initial index. For a
given user's entries in a particular table, the object
identifiers for the information in these entries will
have the same subidentifiers (except for the 'column'
subidentifier) up to the end of the encoded owner index.
To configure VACM to permit access to this portion of the
table, one would create vacmViewTreeFamilyTable entries
with the value of vacmViewTreeFamilySubtree including the
owner index portion, and vacmViewTreeFamilyMask
'wildcarding' the column subidentifier. More elaborate
configurations are possible. |