[IDS] Fwd: IETF SACM terminology - roles, etc. - worth reading

[IDS] Fwd: IETF SACM terminology - roles, etc. - worth reading

[IDS] Fwd: IETF SACM terminology - roles, etc. - worth reading

Ira McDonald blueroofmusic at gmail.com
Fri Aug 15 14:49:43 UTC 2014

Hi Joe,

Some thoroughly useful definitions from the latest IETF Security
Automation Configuration Management (SACM) terminology draft.

- Ira

---------- Forwarded message ----------
From: Adam W. Montville <adam.w.montville at gmail.com>
Date: Fri, Aug 15, 2014 at 10:45 AM
Subject: [sacm] Fwd: New Version Notification for
To: sacm at ietf.org

I've submitted an update to our terminology draft today, which reflects the
following additions.  If these additions have been made in the wrong place,
or if you have better definitions, please speak up.

Broker: An entity providing and/or connecting services on the behalf of
other architectural components.  Within the SACM Architecture, for example,
a broker may provide authorization services and find, upon request,
entities providing requested services.

Capability: The extent of an architectural component's ability.  For
example, a Posture Information Provider may only provide endpoint
management data, and then only a subset of that data.

Client: An architectural component receiving services from another
architectural component.

Consumer: An architectural component receiving information from another
architectrual component.

Function: A behavioral aspect of a particular architectural component,
which belies that component's purpose.  For example, the Management Plane
can provide a brokering function to other SACM architectrual components.

Management Plane (TBD per list; was "Control Plane"): Architectural
component providing common functions to all SACM participants, including
authentication, authorization, capabilities mappings, and the like.

Provider: An architectural component providing information to another
architectrual component.

Proxy: An architectural component providing functions, information, or
services on behalf of another component, which is not directly
participating in the architecture.

Repository: An architectural component intended to store information of a
particular kind.  A single repository may provide the functions of more
than one repository type (i.e. configuration baseline repository,
assessment results repository, etc.)

Role: A label representing a collection of functions provided by a
particular architectural component.

Supplicant: The entity seeking to be authenticated by the Management Plane
for the purpose of participating in the SACM architecture.



Begin forwarded message:

*From: *internet-drafts at ietf.org
*Subject: **New Version Notification for draft-ietf-sacm-terminology-05.txt*
*Date: *August 15, 2014 at 9:00:01 AM CDT
*To: *David Waltermire <david.waltermire at nist.gov>, David Harrington <
ietfdbh at comcast.net>, Adam W. Montville <adam.w.montville at gmail.com>,
"David Harrington" <ietfdbh at comcast.net>, "David Waltermire" <
david.waltermire at nist.gov>, "Adam W. Montville" <adam.w.montville at gmail.com>,
"Nancy Cam-Winget" <ncamwing at cisco.com>, Nancy Cam-Winget <
ncamwing at cisco.com>

A new version of I-D, draft-ietf-sacm-terminology-05.txt
has been successfully submitted by Adam W. Montville and posted to the
IETF repository.

Name: draft-ietf-sacm-terminology
Revision: 05
Title: Terminology for Security Assessment
Document date: 2014-08-15
Group: sacm
Pages: 9
Htmlized:       http://tools.ietf.org/html/draft-ietf-sacm-terminology-05

  This memo documents terminology used in the documents produced by
  SACM (Security Automation and Continuous Monitoring).

Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat

sacm mailing list
sacm at ietf.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/ids/attachments/20140815/99f06dee/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 506 bytes
Desc: not available
URL: <http://www.pwg.org/pipermail/ids/attachments/20140815/99f06dee/attachment-0001.sig>

More information about the ids mailing list