Re: [sacm] Architecture Draft
Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Mon, 15 July 2019 12:46 UTC
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5D36912014E for <sacm@ietfa.amsl.com>; Mon, 15 Jul 2019 05:46:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3CU3FLCmj-oF for <sacm@ietfa.amsl.com>; Mon, 15 Jul 2019 05:46:33 -0700 (PDT)
Received: from mail-ot1-x334.google.com (mail-ot1-x334.google.com [IPv6:2607:f8b0:4864:20::334]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B75012011B for <sacm@ietf.org>; Mon, 15 Jul 2019 05:46:33 -0700 (PDT)
Received: by mail-ot1-x334.google.com with SMTP id d17so16802960oth.5 for <sacm@ietf.org>; Mon, 15 Jul 2019 05:46:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=nSostvsYUuJRLmfDIYnR5scAOkZ0/liY6sokdKPnYSE=; b=SP8St3Tq6Y11bPE8MZ5RtW8/FwGDa7jV4Hc/kDIJQwGoGYisJ6YKftfojqDMAS1g6G cfdtF/1tVXe+zJZAXakjCIxykYeo68oKlLHFK3OY/BGyIP9xFXF7WWOaPNFEoetI5vWc wgpBXUnIk0RDZfKS8f1kAIKDrI9oH2Ko3pWcmwxgPbMz9GbVD0SQyFbgVw2uPpIU5xvG dLk0AyoYHeZyOugPBbRD2eLliBn6hjoX9Gb/O+/aGfNteaJgrE7chzqfyyqZtZZWIa8s JVMWQ/7CqZx0j5XBajOEPrsME2KOnLya8nnLtbHVgF4uwXFQB2lznTEm0hFuSCL8wTB/ M7GA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=nSostvsYUuJRLmfDIYnR5scAOkZ0/liY6sokdKPnYSE=; b=PTJ449/6E/HN600FVF4X5uBavUpg+Sd+6W15qZa/13FeVmctn7qT8SI2JZbLHoLF5a +Egg2z9E1iL6hQmjm6RXL0IE9jvhLJvMv3BVSBfMRYnr8JbJaKbDqjDXRRPgHfqRW3/L vvOTGzZYVtX8TFpQEksc5aZcfMac9io3mCFTrmr59H2ycSJyGtKlsuHXT0fxaYDhPSf/ 4bumS1D4aA4XzI+yZ4HXRjWHyQq1nrvMHvnuY/oeN857rFqyJxz43IpaT4kR2ND+n7Yr D1s8+eOZHdCZ7wz6tL0TqQUH/atAeL9r0way8YNs0EBbxwquys8Vv/YxV/gY2uThR+a+ kMoQ==
X-Gm-Message-State: APjAAAXgLS7T3q9L/IfXqoLUSp6UboIG4WSNwz9YeKybGw4RjtngXG8q WlyYC5H5cOMPRbUnSQN9U86yFL6vxa2Bbl/l12g=
X-Google-Smtp-Source: APXvYqxxmk/mnY3rfvzJEjgkfNi6IaA5AyvtEzcVftAF++Mpb4ozzI3m8qIkBgNQR7OVQALzImVj5dz+6yILMe/xguI=
X-Received: by 2002:a05:6830:1319:: with SMTP id p25mr20450686otq.224.1563194792612; Mon, 15 Jul 2019 05:46:32 -0700 (PDT)
MIME-Version: 1.0
References: <8F0550DE-D31D-4C6A-BB97-6CEEF589E617@gmail.com> <CAHbuEH5Q+4E34mOUXo4yPUgPAoE3y5eAH4mBQQQJdMiz71v8GA@mail.gmail.com> <9F37E60C-A427-46E0-A847-C31BAEADEFC1@gmail.com>
In-Reply-To: <9F37E60C-A427-46E0-A847-C31BAEADEFC1@gmail.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Mon, 15 Jul 2019 08:45:55 -0400
Message-ID: <CAHbuEH4ZfnfN+35njaEnN6mk3yfkX9f8=BFuztX17wbpg25hVw@mail.gmail.com>
To: Adam Montville <adam.montville.sdo@gmail.com>
Cc: "<sacm@ietf.org>" <sacm@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000005417e0058db7a6b8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sacm/n8Bbr9sa7gmxdRdcqAZjXHr9NdM>
Subject: Re: [sacm] Architecture Draft
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Jul 2019 12:46:36 -0000
On Mon, Jul 15, 2019 at 7:43 AM Adam Montville <adam.montville.sdo@gmail.com> wrote: > Hi Kathleen, > > Thank you for your questions. > > I’ll start with EPCP, which is depicted in Figure 3 of the current draft > as a collection subsystem (using the language from the draft). Addressing > EPCP in this way covers NEA, as EPCP is based on NEA, and it covers SWIMA > in that SWIMA is used within that collection subsystem. In this sense EPCP > describes a type of collection subsystem relative to the proposed SACM > architecture. The SACM architecture then has the freedom to rely on other > collection subsystems where needed. > > Similarly, ROLIE would be a type of repository. While not explicitly > referenced, see Figure 1, where ROLIE would be a repository connected to > the messaging system, and see Figure 3, where ROLIE could be the Policy > Repository. > > As far as SCAP 2.0 is concerned, I think we both align and diverge. We > align in that we are attempting to solve the same problems. Both > architectures have collection, repositories (of various types, including > CMDB), and downstream components (i.e. analysis and reporting). We diverge > in a couple of ways. First, SCAP 2.0 appears to rely exclusively on EPCP as > a collection subsystem (at least presently). The SACM architecture > explicitly recognizes a need for multiple collection subsystems to be > supported. Second, SCAP 2.0 appears to rely on point-to-point component > communication, where the components of the architecture have direct > awareness of other components. The SACM architecture allows not only > point-to-point connections, but also supports things like pub/sub. (NOTE: I > have not spent hours studying SCAP 2.0.) > > The SACM architecture is focused on defining components, their > capabilities and interfaces, and the workflows they explicitly support. We > started with three common workflow domains (IT asset management, > vulnerability management, configuration management), and we explicitly > recognize that there are multiple ways to collect data necessary in these > domains. We anticipate that there will always be multiple ways to collect > information, and further believe that we cannot rely on one particular > collection subsystem to cover the whole of an enterprise, which must > consider cloud-native and hybrid environments equally with traditional > endpoint-centric approaches). > > Does this help? > Thank you, Adam. Yes, it does. I may come back with more questions after reading the ECP draft in last call. Best regards, Kathleen > > Kind regards, > > Adam > > > > On Jul 13, 2019, at 9:16 PM, Kathleen Moriarty < > kathleen.moriarty.ietf@gmail.com> wrote: > > Hi Adam, > > Thanks for raising the question to the list. I just skimmed (and sorry if > I missed it) and am wondering how does ROLIE, SWIMA, and NEA fit into the > architecture? Does this align with the SCAP 2.0 vision or does it diverge > (we don't have to follow NIST obviously, but it would be good to understand > the picture and if they do align, could or should. > > Since the ECP draft has a reliance on NEA (and I think SWIMA, but will be > reading the ECP draft again this week), they are all part of the overall > architecture, right? Having this picture of how these pieces fit and if > there are identified gaps would be very helpful to me, likely others as > well. > > Thank you! > Kathleen > > On Fri, Jul 12, 2019 at 2:09 PM Adam Montville < > adam.montville.sdo@gmail.com> wrote: > >> Greetings all: >> >> During the last virtual interim we talked about some of the next things >> we wanted to work on, and one of those is the current architecture draft. >> Per the notes, we would like this to be an item to discuss during our >> session in Montreal, and it seems like a good idea to have some discussion >> points ready before then. Our goal (again, as stated in the notes) is to >> drive the direction of the draft to conclusion. >> >> What needs to be done with the draft to get there? >> >> Kind regards, >> >> Adam >> >> 2019-06-25 VI Notes: >> https://datatracker.ietf.org/doc/minutes-interim-2019-sacm-02-201906251300/ >> >> SACM Architecture 01: >> https://datatracker.ietf.org/doc/draft-ietf-sacm-arch/ >> _______________________________________________ >> sacm mailing list >> sacm@ietf.org >> https://www.ietf.org/mailman/listinfo/sacm >> > > > -- > > Best regards, > Kathleen > > > -- Best regards, Kathleen
- [sacm] Architecture Draft Adam Montville
- Re: [sacm] Architecture Draft Kathleen Moriarty
- Re: [sacm] Architecture Draft Adam Montville
- Re: [sacm] Architecture Draft Kathleen Moriarty
- Re: [sacm] Architecture Draft Adam Montville