Presentation is loading. Please wait.

Presentation is loading. Please wait.

Proposed SACM Architecture Ad-hoc SACM Arch team July 2014.

Published byChristine Cole Modified over 8 years ago

Similar presentations

Presentation on theme: "Proposed SACM Architecture Ad-hoc SACM Arch team July 2014."— Presentation transcript:

1 Proposed SACM Architecture Ad-hoc SACM Arch team July 2014

2 Proposed SACM Architecture Draft-camwinget-sacm-architecture-00 posted in June 2014 Architecture defines the components or “actors” that communicate or interface with each other The interfaces define the means by which Posture Information (e.g. data model) is sent or received The means by which a provider or requestor can provide its metadata and address security access controls is defined through a “control plane”

3 Why a Control Plane? Control Plane is an abstraction layer to facilitate: – Secure communications between a requestor and a publisher of Posture Information – Registration of new data models and transport – Discovery of existing/supported data models transport

4 SACM Architecture - Conceptual Posture Assessment Information Requestor Broker/Proxy/Repository: authZ, directory, metadata/capability Posture Assessment Information Requestor Posture Assessment Information Provider An individual actor (such as a posture assessment validator) may act as both an information requestor and an information provider. Different types of information providers may offer different types / levels of information (e.g. metadata or data profile) Control Plane Data Plane

5 Posture Assessment Information Provider Posture Assessment Information Provider Posture Assessment Information Provider Posture Assessment Information Provider Conceptual architecture based on Use Cases Posture Collector Posture Validator Posture Assessment Information Provider Posture Assessment Information Provider Posture Aggregator Application Driven thru a single Information Model /Taxonomy Posture Assessment (Info) Requestor Admin Posture Assessment (Info) Requestor Sensor Posture Assessment (Info) Requestor Other

6 SACM Architecture - Example Sensor [P] Posture Aggregator [RP] IDS [P] Posture Collector [P] Posture Validator [RP] Analytics Engine [R] Other [R] Endpoint Assessment [P] AAA [RP] Dashboard [R] Physical Security [RP] Response [RP] Control Plane Broker Proxy Repository [P]=Posture Assessment Information Provider [R] = Posture Assessment Information Requestor Analysis [RP] Vulnerability Scanner [RP] SIM / SEM [RP] Other [P] CMDB [RP]

7 Next steps Comments provided by David Waltemire: – More text required to define “roles”: consumer/producer and entities that can behave as both – More text to fit in the different Posture functions (e.g. Collector, Validator) – More text to distinguish operations employed in the control plane vs. data plane More feedback please!

8 Q & A

Download ppt "Proposed SACM Architecture Ad-hoc SACM Arch team July 2014."

Similar presentations

Authentication Authorization Accounting and Auditing

Authentication Authorization Accounting and Auditing
Contextual Linking Architecture Christophe Blanchi June 20 2006 Corporation for National Research Initiatives Approved for.

Contextual Linking Architecture Christophe Blanchi June Corporation for National Research Initiatives Approved for.
Geoscience Information Network Stephen M Richard Arizona Geological Survey National Geothermal Data System.

Geoscience Information Network Stephen M Richard Arizona Geological Survey National Geothermal Data System.
MgmtSecurity QOS Transport Packaging Extensions Wire Inspection Discovery Publication Registry Description Business Level Agreements Service Level Agreements.

MgmtSecurity QOS Transport Packaging Extensions Wire Inspection Discovery Publication Registry Description Business Level Agreements Service Level Agreements.
XP Processor Intermediary XP Processor Intermediary XP Processor Application Message (Application Headers+ Application Bodies) XP Layer Entity XP Layer.

XP Processor Intermediary XP Processor Intermediary XP Processor Application Message (Application Headers+ Application Bodies) XP Layer Entity XP Layer.
MgmtSecurity QOS Transport Packaging Extensions Wire Inspection Discovery Publication Registry Description Business Level Agreements Service Level Agreements.

MgmtSecurity QOS Transport Packaging Extensions Wire Inspection Discovery Publication Registry Description Business Level Agreements Service Level Agreements.
Multi-level SLA Management for Service-Oriented Infrastructures Wolfgang Theilmann, Ramin Yahyapour, Joe Butler, Patrik Spiess consortium / SAP.

Multi-level SLA Management for Service-Oriented Infrastructures Wolfgang Theilmann, Ramin Yahyapour, Joe Butler, Patrik Spiess consortium / SAP.
1 UDDI 20052101 Jong-Ha Jung 07/28. 2 INDEX INDEX What is UDDI? What is UDDI? Appearance of UDDI Appearance of UDDI Why UDDI? Why UDDI? Analogy with Telephone.

1 UDDI Jong-Ha Jung 07/28. 2 INDEX INDEX What is UDDI? What is UDDI? Appearance of UDDI Appearance of UDDI Why UDDI? Why UDDI? Analogy with Telephone.
Desktop Profile Web Profile Mobile Profile Communications Profile Communications Profile Service Framework Abstraction Identity Management Policy Life.

Desktop Profile Web Profile Mobile Profile Communications Profile Communications Profile Service Framework Abstraction Identity Management Policy Life.
SACM Terminology Nancy Cam-Winget, David Waltermire, March.

SACM Terminology Nancy Cam-Winget, David Waltermire, March.
SOA and Web Services. SOA Architecture Explaination Transport protocols - communicate between a service and a requester. Messaging layer - enables the.

SOA and Web Services. SOA Architecture Explaination Transport protocols - communicate between a service and a requester. Messaging layer - enables the.
1 Richard White Design decisions: architecture 1 July 2005 BiodiversityWorld Grid Workshop NeSC, Edinburgh, 30 June - 1 July 2005 Design decisions: architecture.

1 Richard White Design decisions: architecture 1 July 2005 BiodiversityWorld Grid Workshop NeSC, Edinburgh, 30 June - 1 July 2005 Design decisions: architecture.
IETF NEA WG (NEA = Network Endpoint Assessment) Chairs:Steve Hanna, Susan Thomson,

IETF NEA WG (NEA = Network Endpoint Assessment) Chairs:Steve Hanna, Susan Thomson,
Web Services Seppo Heikkinen MITA seminar/TUT 5.11.2003.

Web Services Seppo Heikkinen MITA seminar/TUT
Trns*port Data Model Unification Joe Pugh Virginia Department of Transportation Peggy Leight Info Tech Inc 11/06/05.

Trns*port Data Model Unification Joe Pugh Virginia Department of Transportation Peggy Leight Info Tech Inc 11/06/05.
Web-based Portal for Discovery, Retrieval and Visualization of Earth Science Datasets in Grid Environment Zhenping (Jane) Liu.

Web-based Portal for Discovery, Retrieval and Visualization of Earth Science Datasets in Grid Environment Zhenping (Jane) Liu.
Automated XML Content Data Exchange and Management draft-waltermire-content-repository-00

Automated XML Content Data Exchange and Management draft-waltermire-content-repository-00
Collaborative Direct-- Status Update December 6, 2013 Don Jorgenson Inpriva, Inc.

Collaborative Direct-- Status Update December 6, 2013 Don Jorgenson Inpriva, Inc.
Initial slides for Layered Service Architecture

Initial slides for Layered Service Architecture
SACM Information Model. Current Status First WG draft posted 10/24 Many open issues remain Several comments / suggestions sent to WG for review Today.

SACM Information Model. Current Status First WG draft posted 10/24 Many open issues remain Several comments / suggestions sent to WG for review Today.

Similar presentations

Ads by Google