search

sacmwg / draft-ietf-sacm-terminology

SACM terminology aligned with best practice definitions, standard references, and terminology definitions of other work groups
Other
2 stars 2 forks source link

Endpoint Discovery #14

Closed henkbirkholz closed 8 years ago

henkbirkholz commented 9 years ago

The current definition of this term seems to refer to Endpoint Identification. This could be relabeled as Target Endpoint Discovery. Or is the intend of this definition something different entirely?

This would be one of the Building Blocks that compose SACM Components.

Correspondingly, a definition of SACM Component Discovery could be added.

sacm commented 9 years ago

My preference would be to a keep "discovery" and "Identification" as two very separate things. Our internal use of identification is to be able to assign some unique value to each device, along with some unique set of discoverable characteristics, that will allow users/evaluators to determine that the device under assessment, review, or remediation is the same device that was under assessment or review previously. This is a different issue than "discovering" devices.

Joseph L. Wolfkiel SCM Engineering Lead DISA ID52 Work: (301) 225-8820 Gov Cell: (571) 814-8231 Joseph.L.Wolfkiel.civ@mail.mil

-----Original Message----- From: sacm [mailto:sacm-bounces@ietf.org] On Behalf Of henkbirkholz Sent: Wednesday, June 17, 2015 11:35 AM To: sacmwg/draft-ietf-sacm-terminology Subject: [sacm] [draft-ietf-sacm-terminology] Endpoint Discovery (#14)

The current definition of this term seems to refer to Endpoint Identification. This could be relabeled as Target Endpoint Discovery. Or is the intend of this definition something different entirely?

This would be one of the Building Blocks that compose SACM Components.

Correspondingly, a definition of SACM Component Discovery could be added.

— Reply to this email directly or view it on GitHub https://github.com/sacmwg/draft-ietf-sacm-terminology/issues/14 . https://github.com/notifications/beacon/AKbE0Qta5Kffk1qpC-gwhCBJ_dVnhroBks5oUYsJgaJpZM4FFdZ-.gif

henkbirkholz commented 9 years ago

I agree with that.

As a first result, there will be at least two groups of terms that are about: 1.) Identification: the definition will include output from the Endpoint ID DT. 2.) Discovery: the architecture covers the term Discovery at least via the following text:

“Registration/Discovery: The discovery of what Providers are available, what information a Provider can share, and how it can be requested / communicated. A discovery mechanism is required to facilitate interaction with Providers that may have different Posture Assessment Information and potentially limited, or a rich set of, ways in which they can share the information.”

Registration seems to covered implicitly, at most. The content of this text will most likely provide the basis for the definition of Discovery in the terminology draft.

Both Identification and Discovery can have different foci that could be reflected in the terminology. Discovery and Identification of Target Endpoints, and Discovery and Identification of SACM Components and - closely related and equally as important – the Building Blocks/Capabilities of SACM Components on the Data Plane and the Control Plane.

Identification, Discovery and Registration would be Control Plane Building Blocks.

henkbirkholz commented 8 years ago

Added first draft of definitions for Target Endpoint Discovery, SACM Component Discovery, Target Endpoint Identifier and Target Endpoint Label to address this issue.

henkbirkholz commented 8 years ago

addressed in term draft