Download presentation
Presentation is loading. Please wait.
1
Proposed SACM Architecture
Ad-hoc SACM Arch team May 2014
2
Proposed SACM Architecture
Architecture defines the components or “actors” that communicate or interface with each other The interfaces define the means by which Posture Information (e.g. data model) is sent or received The means by which a provider or requestor can provide its metadata and address security access controls is defined through a “control plane”
3
SACM Architecture - Conceptual
Posture Assessment Information Requestor Posture Assessment Information Requestor Posture Assessment Information Requestor Control Plane Data Plane Broker/Proxy/Repository: authZ, directory, metadata/capability Posture Assessment Information Requestor Posture Assessment Information Requestor Posture Assessment Information Provider A Component is a Posture Assessment Requestor (R) or a Posture Assessment Provider (P) The data plane is where Posture Assessment Requestors (Rs) and Posture Assessment Providers (Ps) exchange information An “Actor” can be a R or a P or both A control plane is introduced to allow for Actors to establish the security mechanisms (e.g. authentication, authorization, key management and secure communication link) An individual actor (such as a posture assessment validator) may act as both an information requestor and an information provider. Different types of information providers may offer different types / levels of information (e.g. metadata or data profile)
4
Conceptual architecture based on Use Cases
Posture Assessment (Info) Requestor Posture Assessment (Info) Requestor Posture Assessment (Info) Requestor Admin Sensor Other Driven thru a single Information Model /Taxonomy Posture Assessment Information Provider Posture Assessment Information Provider Posture Assessment Information Provider Posture Collector Posture Validator Posture Aggregator Application
5
SACM Architecture - Example
[R] = Posture Assessment Information Requestor Endpoint Assessment [P] [P]=Posture Assessment Information Provider CMDB [RP] Analysis [RP] Response [RP] Other [P] Other [R] Vulnerability Scanner [RP] Repository Physical Security [RP] Broker Proxy Control Plane Dashboard [R] SIM / SEM [RP] AAA [RP] Sensor [P] Analytics Engine [R] Posture Aggregator [RP] Posture Collector [P] Posture Validator [RP] IDS [P]
6
Q & A
Similar presentations
