Re: [sacm] Components for Vulnerability Assessment
Adam Montville <adam.w.montville@gmail.com> Fri, 21 April 2017 13:01 UTC
Return-Path: <adam.w.montville@gmail.com>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C31C6129478 for <sacm@ietfa.amsl.com>; Fri, 21 Apr 2017 06:01:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.688
X-Spam-Level:
X-Spam-Status: No, score=-2.688 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_FREEMAIL_DOC_PDF=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h_bljS2yugWH for <sacm@ietfa.amsl.com>; Fri, 21 Apr 2017 06:01:48 -0700 (PDT)
Received: from mail-io0-x231.google.com (mail-io0-x231.google.com [IPv6:2607:f8b0:4001:c06::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 87809124234 for <sacm@ietf.org>; Fri, 21 Apr 2017 06:01:48 -0700 (PDT)
Received: by mail-io0-x231.google.com with SMTP id o22so130583397iod.3 for <sacm@ietf.org>; Fri, 21 Apr 2017 06:01:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=NxIHYAYMS+gGSOurZM580XBfX8Ij96mE/HFb88U7JX8=; b=IaUeab9K49gUNLBTOfU5t2FPpbajM5uhlftiNdZuxLwAzgCFdWuJKcWmI1giNnz70O c66U87/cJ967FgYhJCWCcsxy0i88JbjDAcwanftaTp4fTMmY7kZk0T62oxo9losr4/hV TVa6ty9nczrhV92+ryf0pKku1eTjvcKQPZ6xUR8r8VzYDIZrW1RljPE1p2XaSC9CDFPS iKfYP2gdVVhFwGsCzonbg/ktyTpMsEWpUGcNIp51RcJSFEYd3+mIKxLO0vuHR9bd7HRY o9eXVLTysq1reP0VyJiS+opl7JvQna0QI3ZKKvOlKSmrEP6KWbBlDzJS5HUwEz7B3qOb z3wA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=NxIHYAYMS+gGSOurZM580XBfX8Ij96mE/HFb88U7JX8=; b=b4YsXUC5yL1/XU+EUDN30CmNDzLAAzWgn4NYbLSf/ZA0NNPq42ESfI25uJMNzT73JA 7lQZ1hCyrlnNWq7yZd3zUnwo5Hh9MQzdQQ+zMX35prJnhJW/gbEDS8RgLxLVnhvw9yie TKZSctOhQIIIU06h51GwrHtalsU27H0bSntQrJFEWuLPQJhOWDc0G9x9kBUwpHLUKo/u al6IeH5ujwmLIGyyIFo5FJND4GdJvAXipBrYFfHHWAjhuarSlBttNXJBB3mzHgRmbNWp YefownUMeqVzfLxGpxVP/dAfQF5iEiK2opYn++oiY6AuFl6XG9H5UHxGryPhvfR33rz1 K0Ow==
X-Gm-Message-State: AN3rC/4roqsfGMjS9hwFzLJe5ZQdwl1Wb+0xOCm7Rm8UfcIjHyZ/hp1+ M5UAYQ9I+2imfaIq+FdIJMMXunybERRl
X-Received: by 10.107.169.199 with SMTP id f68mr15598371ioj.199.1492779660367; Fri, 21 Apr 2017 06:01:00 -0700 (PDT)
MIME-Version: 1.0
References: <CACknUNUNhCCV8LRDpjEm1SvgwpLq+NEEDbc3LOPYzMyRbmfy9w@mail.gmail.com>
In-Reply-To: <CACknUNUNhCCV8LRDpjEm1SvgwpLq+NEEDbc3LOPYzMyRbmfy9w@mail.gmail.com>
From: Adam Montville <adam.w.montville@gmail.com>
Date: Fri, 21 Apr 2017 13:00:49 +0000
Message-ID: <CACknUNXtxuHKcO35vzNR79m--UfNP4E5tRMSFr=WXJpbdQOCrw@mail.gmail.com>
To: "sacm@ietf.org" <sacm@ietf.org>
Content-Type: multipart/mixed; boundary="001a11426aa662a2e8054dacd997"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sacm/u2cppct5RgwnOdfQoZnlkMN7t2w>
Subject: Re: [sacm] Components for Vulnerability Assessment
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Apr 2017 13:01:51 -0000
Hello Everyone, After some discussion on this topic, I feel like we've got no real objection to this proposed list of components. As such, this brings us back to the second version of the sequence diagram that some of us were working with not too long ago (see attached PDF vector diagram). Given that set of components, we can now start talking about the expected communications between them in an ideal case through the system. Remember that the VDI (vulnerability information) is assumed to have been transformed and placed into the VDD (vulnerability detection) Repository. I've numbered the flows in the attached sequence diagram to show the proposed order and so that we can talk about each flow by that number. Does this flow feel right to everyone on the list? What needs to be different? What alternate flows may exist for the basic case of checking inventory against a new vulnerability? Let's carry this discussion on for a week or so. (Do we need longer?) Kind regards, Adam On Tue, Apr 18, 2017 at 8:03 AM Adam Montville <adam.w.montville@gmail.com> wrote: > Hi All: > > We've got a list of components we think we care about for our > vulnerability assessment scenario (focusing on the narrowest "ideal case" > through the scenario for the time being. > > These are: > > * Vulnerability Detection Data Repository > * Vulnerability Assessor > * Endpoint Repository > * Collector > * Target Endpoint > * Assessment Results Repository > > For reference, see our wiki [1] and/or the slides from IETF 98 [2] and/or > the minutes from IETF 98 [3] > > Question to the WG: Is this an appropriate initial list of components? > > Please opine within the next few days (say by end of your day on Thursday, > wherever you may be), so that we can generate some momentum on this effort. > > Kind regards, > > Adam > > [1] > https://trac.ietf.org/trac/sacm/wiki/SacmVulnerabilityAssessmentScenario > [2] > https://www.ietf.org/proceedings/98/slides/slides-98-sacm-vulnerability-scenario-discussion-00.pdf > > [3] https://www.ietf.org/proceedings/98/minutes/minutes-98-sacm-00.txt > > >
- Re: [sacm] Components for Vulnerability Assessment Henk Birkholz
- [sacm] Components for Vulnerability Assessment Adam Montville
- Re: [sacm] Components for Vulnerability Assessment Haynes, Dan
- Re: [sacm] Components for Vulnerability Assessment Haynes, Dan
- Re: [sacm] Components for Vulnerability Assessment Adam Montville
- Re: [sacm] Components for Vulnerability Assessment Carl-Heinz Genzel
- Re: [sacm] Components for Vulnerability Assessment Muhammad Nasir Mumtaz Bhutta
- Re: [sacm] Components for Vulnerability Assessment Haynes, Dan
- Re: [sacm] Components for Vulnerability Assessment Haynes, Dan
- Re: [sacm] Components for Vulnerability Assessment Adam Montville
- Re: [sacm] Components for Vulnerability Assessment Adam Montville
- Re: [sacm] Components for Vulnerability Assessment Adam Montville
- [sacm] Component Communication Sequence (Was - Re… Adam Montville
- Re: [sacm] Component Communication Sequence (Was … Jerome Athias
- Re: [sacm] Component Communication Sequence (Was … Adam Montville
- Re: [sacm] Component Communication Sequence (Was … Haynes, Dan
- Re: [sacm] Component Communication Sequence (Was … Adam Montville
- Re: [sacm] Component Communication Sequence (Was … Haynes, Dan
- Re: [sacm] Component Communication Sequence (Was … Haynes, Dan
- Re: [sacm] Component Communication Sequence (Was … Jerome Athias
- Re: [sacm] Component Communication Sequence (Was … Adam Montville