1 / 8

Proposed SACM Architecture

Proposed SACM Architecture. Ad-hoc SACM Arch team July 2014. Proposed SACM Architecture. Draft-camwinget-sacm-architecture-00 posted in June 2014 Architecture defines the components or “actors” that communicate or interface with each other

ohanzee-ojeda
Download Presentation

Proposed SACM Architecture

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Proposed SACM Architecture Ad-hoc SACM Arch team July 2014

  2. Proposed SACM Architecture • Draft-camwinget-sacm-architecture-00 posted in June 2014 • Architecture defines the components or “actors” that communicate or interface with each other • The interfaces define the means by which Posture Information (e.g. data model) is sent or received • The means by which a provider or requestor can provide its metadata and address security access controls is defined through a “control plane”

  3. Why a Control Plane? • Control Plane is an abstraction layer to facilitate: • Secure communications between a requestor and a publisher of Posture Information • Registration of new data models and transport • Discovery of existing/supported data models transport

  4. SACM Architecture - Conceptual Posture Assessment Information Requestor Posture Assessment Information Requestor Posture Assessment Information Requestor Control Plane Data Plane Broker/Proxy/Repository: authZ, directory, metadata/capability Posture Assessment Information Requestor Posture Assessment Information Requestor Posture Assessment Information Provider An individual actor (such as a posture assessment validator) may act as both an information requestor and an information provider. Different types of information providers may offer different types / levels of information (e.g. metadata or data profile)

  5. Conceptual architecture based on Use Cases Posture Assessment (Info) Requestor Posture Assessment (Info) Requestor Posture Assessment (Info) Requestor Admin Sensor Other Driven thru a single Information Model /Taxonomy Posture Assessment Information Provider Posture Assessment Information Provider Posture Assessment Information Provider Posture Collector Posture Validator Posture Aggregator Application

  6. SACM Architecture - Example [R] = Posture Assessment Information Requestor Endpoint Assessment [P] [P]=Posture Assessment Information Provider CMDB [RP] Analysis [RP] Response [RP] Other [P] Other [R] Vulnerability Scanner [RP] Repository Physical Security [RP] Broker Proxy Control Plane Dashboard [R] SIM / SEM [RP] AAA [RP] Sensor [P] Analytics Engine [R] Posture Aggregator [RP] Posture Collector [P] Posture Validator [RP] IDS [P]

  7. Next steps • Comments provided by David Waltemire: • More text required to define “roles”: consumer/producer and entities that can behave as both • More text to fit in the different Posture functions (e.g. Collector, Validator) • More text to distinguish operations employed in the control plane vs. data plane • More feedback please!

  8. Q & A

More Related