Asset Summary Reporting draft-davidson-sacm-asr-00 David Waltermire

Slides:



Advertisements
Similar presentations
February Harvesting RDF metadata Building digital library portals with harvested metadata workshop EU-DL All Projects concertation meeting DELOS.
Advertisements

Research Issues in Web Services CS 4244 Lecture Zaki Malik Department of Computer Science Virginia Tech
1 Web Data Management XML Schema. 2 In this lecture XML Schemas Elements v. Types Regular expressions Expressive power Resources W3C Draft:
Web Services Nasrullah. Motivation about web service There are number of programms over the internet that need to communicate with other programms over.
Managed Incident Lightweight Exchange (MILE) Overview and Participation Kathleen Moriarty Global Lead Security Architect EMC Corporate CTO Office.
Auditing Concepts.
SACM Terminology Nancy Cam-Winget, David Waltermire, March.
Mark Evans, Tessella Digital Preservation Boot Camp – PASIG meeting, Washington DC, 22 nd May 2013 PREMIS Practical Strategies For Preservation Metadata.
1 Introduction to XML. XML eXtensible implies that users define tag content Markup implies it is a coded document Language implies it is a metalanguage.
1 Introduction to SOA. 2 The Service-Oriented Enterprise eXtensible Markup Language (XML) Web services XML-based technologies for messaging, service description,
Network Management Overview IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
Requirements for Format for INcident data Exchange (FINE) draft-ietf-inch-requirements-00.txt INCH WG, IETF56 March 19, 2003 Yuri Demchenko Glenn Mansfield.
Understanding Networked Applications: A First Course Chapter 15 by David G. Messerschmitt.
DCS Architecture Bob Krzaczek. Key Design Requirement Distilled from the DCS Mission statement and the results of the Conceptual Design Review (June 1999):
Web Services By Ethan Justin Yuli. Web Services in Action Information through Integration (Google Example)Google Example What do Web.
The Semantic Web – WEEK 3: XML Schema Tutorial/Practical: Exercises using the Suns Today’s lecture will include material relevant to Advanced DBs and Language.
The RDF meta model: a closer look Basic ideas of the RDF Resource instance descriptions in the RDF format Application-specific RDF schemas Limitations.
Web Services Michael Smith Alex Feldman. What is a Web Service? A Web service is a message-oriented software system designed to support inter-operable.
A Use Case for SAML Extensibility Ashish Patel, France Telecom Paul Madsen, NTT.
Automated XML Content Data Exchange and Management draft-waltermire-content-repository-00
Securing Legacy Software SoBeNet User group meeting 25/06/2004.
S New Security Developments in DICOM Lawrence Tarbox, Ph.D Chair, DICOM WG 14 (Security) Siemens Corporate Research.
DMSO Technical Exchange 3 Oct 03 1 Web Services Supporting Simulation to Global Information Grid Mark Pullen George Mason University with support from.
A Model for Exchanging Vulnerability Information draft-booth-sacm-vuln-model-01 David Waltermire.
Embracing the Value of XML in Institutional Research Jim Few Center for Institutional Effectiveness Kennesaw State University Association.
Web Services Architecture1 - Deepti Agarwal. Web Services Architecture2 The Definition.. A Web service is a software system identified by a URI, whose.
The Semantic Web Service Shuying Wang Outline Semantic Web vision Core technologies XML, RDF, Ontology, Agent… Web services DAML-S.
Database System Concepts and Architecture
Automating STIGs: The Transition to CCI and SRG
Query Health Operations Workgroup HQMF & QRDA Query Format - Results Format February 9, :00am – 12:00am ET.
Web Services Description Language (WSDL) Jason Glenn CDA 5937 Process Coordination in Service and Computational Grids September 30, 2002.
Metadata and Geographical Information Systems Adrian Moss KINDS project, Manchester Metropolitan University, UK
Sharing Value Sets (SVS Profile) Ana Estelrich GIP-DMP.
Abierman-netconf-mar03 1 NETCONF BOF 56th IETF San Francisco, California March 17, 2003 Discussion: Admin:
1  Bob Hager Director of Publishing Standards Metadata Specification.
Incident Object Description and Exchange Format
1 Chapter 1 Introduction. 2 Introduction n Definition A database management system (DBMS) is a general-purpose software system that facilitates the process.
Web Services Standards. Introduction A web service is a type of component that is available on the web and can be incorporated in applications or used.
XML Web Services Architecture Siddharth Ruchandani CS 6362 – SW Architecture & Design Summer /11/05.
SACM Requirements Nancy Cam-Winget March 2014.
Terminology and Use Cases Status Report David Harrington IETF 88 – Nov Security Automation and Continuous Monitoring WG.
SACM Scope Discussion IETF-92 Meeting March 23, 2015 Dave Waltermire Adam Montville.
Advanced Accounting Information Systems Day 31 XML Language Foundation November 6, 2009.
McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 6-1 Chapter 6 CHAPTER 6 INTERNAL CONTROL IN A FINANCIAL STATEMENT AUDIT.
Geography Markup Language (GML). What is GML? – Scope  The Geography Markup Language is  a modeling language for geographic information  an encoding.
Overview of SC 32/WG 2 Standards Projects Supporting Semantics Management Open Forum 2005 on Metadata Registries 14:45 to 15:30 13 April 2005 Larry Fitzwater.
The RDF meta model Basic ideas of the RDF Resource instance descriptions in the RDF format Application-specific RDF schemas Limitations of XML compared.
Metadata : an overview XML and Educational Metadata, SBU, London, 10 July 2001 Pete Johnston UKOLN, University of Bath Bath, BA2 7AY UKOLN is supported.
Representing data with XML SE-2030 Dr. Mark L. Hornick 1.
Dec 5, 2007NEA Working Group1 NEA Requirement I-D IETF 70 – Vancouver Mahalingam Mani Avaya Inc.
Metadata and Meta tag. What is metadata? What does metadata do? Metadata schemes What is meta tag? Meta tag example Table of Content.
Abierman-netconf-mar07 1 NETCONF WG 68 th IETF Prague, CZ March 19, 2007.
MNP1163/MANP1163 (Software Construction).  Minimizing complexity  Anticipating change  Constructing for verification  Reuse  Standards in software.
1 How can CPR benefit from XML? By Patricio Cobar.
Providing web services to mobile users: The architecture design of an m-service portal Minder Chen - Dongsong Zhang - Lina Zhou Presented by: Juan M. Cubillos.
1 G52IWS: Web Services Description Language (WSDL) Chris Greenhalgh
Copyright 2007, Information Builders. Slide 1 iWay Web Services and WebFOCUS Consumption Michael Florkowski Information Builders.
March 2004 At A Glance The AutoFDS provides a web- based interface to acquire, generate, and distribute products, using the GMSEC Reference Architecture.
ADN Framework Overview A Collaboration of ADEPT, DLESE and NASA (2002 Nov. 19)
YANG Background and Discussion: Why we need a new language for NETCONF configuration modeling The YANG Gang IETF 70 Vancouver, Canada.
Data Models. 2 The Importance of Data Models Data models –Relatively simple representations, usually graphical, of complex real-world data structures.
Postage Statement Wizard Mail.dat Web Services Presented by: (insert name here) The 1, 2, 3 of Electronic Postage Documentation.
Software Architecture Patterns (3) Service Oriented & Web Oriented Architecture source: microsoft.
Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved Chapter 9 Web Services: JAX-RPC,
SACM Vulnerability Assessment Scenario IETF 95 04/05/2016.
Auditing Concepts.
draft-fitzgeraldmckay-sacm-endpointcompliance-00
Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business.
Henk Birkholz Jarret Lu Nancy Cam-Winget
Presentation transcript:

Asset Summary Reporting draft-davidson-sacm-asr-00 David Waltermire Presenting for: Mark Davidson

What is Asset Summary Reporting (ASR)? An XML-based data format that facilitates the exchange of summary information about one or more sets of assets. ASR is vendor neutral. It is flexible, and suited for a wide variety of reporting applications. ASR Goals: To describe summary information about one or more arbitrarily large and complex asset-related data sets in a standardized manner. To allow content producers the ability to choose an appropriate level of detail depending on their needs and data set size requirements. To reduce the complexity of producing and consuming summary result documents. This specification defines an asset as anything that has value to an organization including, but not limited to: Computing devices Networks People Organizational units

What information does it capture? Data source – Identifies the asset pool from which the report is generated – Can use Asset Identification (draft-montville-sacm-asset-identification-00) to identify assets Record set – A collection of 1 or more records to report – An ASR record set may span multiple pages when necessary Reduces risk of resending a large, single report Reduces memory load of creating large, single reports Record set type – A description of how to construct a record set – May reference a record set type definition Namespace Qualified Attributes – Semantically well-defined attributes associated with a record – Controlled vocabulary approach – Specific data types (e.g. counts of assets, identifer types, report findings)

How does it relate to the IETF? Security Automation and Continuous Monitoring (SACM) Use Case 1: System State Assessment (draft- waltermire-sacm-use-cases-02) Asset Management (4.1.1) – Can provide a common vocabulary to support the exchange of asset details Content Management (4.1.4) – Record Set Type definitions are another type of content that may be exchanged Provides machine-interpretable guidance that may support report generation Used to validate reporting data

How does it relate to the IETF? (Cont’d) Security Automation and Continuous Monitoring (SACM) Use Case 2: Enforcement of Acceptable State (draft-waltermire-sacm-use-cases-02) Assessment Query and Transport (4.2.1) – Exchange of assessment results – Use within NEA-related protocols to provide transport?

How does it relate to the IETF? (Cont’d) Security Automation and Continuous Monitoring (SACM) Use Case 3: Security Control Verification and Monitoring (draft-waltermire-sacm-use-cases- 02) Data Aggregation and Reporting (4.3.2) – Supports the definition and exchange of aggregate reports – Enables aggregation of by asset characteristics, assessment identifiers and characteristics, control identifiers, checklist identifiers, product ids or classes

How does it relate to the IETF? (Cont’d) Managed Incident Lightweight Exchange (MILE WG) IODEF-extension to support structured cybersecurity information (draft-ietf-mile-sci-05) Capable of representing observed information pertaining to various extended classes (e.g. platform, vulnerability) Possible candidate for inclusion in the IANA registry (Appendix II)

Possible work / How you can help? Develop greater consensus around reporting use cases for ASR Develop an IANA registry for Namespace Qualified Attributes – Provides future extensibility to additional reporting use cases Develop an IANA registry referencing definitions for common record set types Integrate/extend into protocols where applicable (e.g. SACM, NEA, MILE) JSON vs. XML

EXAMPLES

Current ASR Data Model

Example – Record Set <asr:summary-report xmlns:ex="com.example" xmlns:asr=" xmlns:asr-attr=“ page-number="1" last-page="true" report-id="d1e1"> <asr:record-set id="asr:com.example:rset:1" data-source-ref="asr:com.example:dsrc:1" record-set-type="ex:cve-report-small"> <asr:record asr-attr:cve-id="CVE “ asr-attr:inventory-finding="EXISTS“ asr-attr:count="50"/> <asr:record asr-attr:cve-id="CVE “ asr-attr:inventory-finding="NOT_EXISTS" asr-attr:count="170"/> <asr:record asr-attr:cve-id="CVE " asr-attr:inventory-finding="NOT_APPLICABLE" asr-attr:count="30"/> <asr:data-source id="asr:com.example:dsrc:1" resource="VulnDb.abc.com" population-size="250"/>

Example – Data Source Using Asset Identification <asr:summary-report xmlns:ex="com.example“... <asr:data-source id="asr:com.example:dsrc:1" resource="VulnDb.example.com“ population-size="250"> cpe:2.3:o:microsoft:windows_7:-:-:x64:*:*:*:*:* asset1.example.com cpe:2.3:o:microsoft:windows_7:-:-:x86:*:*:*:*:* asset2.example.com...

Example – Record Set Type Record Set Type Name: {com.example}cve-report-small Description: To report on the number of computers affected by a CVE. Attributes – asr-attr:cve-id – MUST include. This is the CVE ID being reported on. Type: XML schema “string”. – asr-attr:inventory-finding – MUST include. This is a status of the CVE for each asset in the count. Value must be one of “EXISTS”, “NOT_EXISTS”, “NOT_APPLICABLE”, “NOT_REPORTED”, “ERROR”, or “UNKNOWN”. Type: XML schema “string”. – asr-attr:count – MUST include. Asset list is associated with this attribute. This count is the number of assets with the CVE related to the asset via the inventory-finding. Type: XML schema nonNegativeInteger. Permit attributes not explicitly described here: no Require asset list: not permitted Require identifier list: not permitted 13

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.