search

sacmwg / draft-ietf-sacm-terminology

SACM terminology aligned with best practice definitions, standard references, and terminology definitions of other work groups
Other
2 stars 2 forks source link

added terms from the vulnerability assessment scenario. #35

Closed djhaynes closed 8 years ago

djhaynes commented 8 years ago

added terms from the vulnerability assessment scenario

henkbirkholz commented 8 years ago

Hi Danny,

I still want to highlight one last time that we will have 3-4 different kinds of capability in the terminology in -10 if we pull this in.

I understand this to be a basis of discussion still :) I am not sure if that is the case, though! Let me elaborate.

We have in SACM used by the architecture:

Capability:

: The extent of an SACM component's ability enabled by the functions it is composed of. Capabilities are propagated by a SACM component and can be discovered by or negotiated with other SACM components. For example, the capability of a SACM Provider may be to provide endpoint management data, or only a subset of that data.

We have in i2nsf, referenced in the sacm terminology:

Capability:  Defines a set of features that are available from a
   managed entity (see also I2NSF Capability). Examples of “managed
   entities” are NSFs and Controllers, where NSF Capabilities and
   Controller Capabilities define functionality of an NSF and a
   Controller that may, but do not have to, be used, respectively.
   All Capabilities are announced through the Registration Interface.

We have the VA Terms:

+Endpoint management capability: + +: An enterprise IT capability managing endpoint identity, endpoint information, and associated metadata on an ongoing basis.

+Vulnerability management capability: + +: An enterprise IT capability managing endpoint vulnerabilities and associated metadata on an ongoing basis by ingesting vulnerability description information and vulnerability detection data, and performing a vulnerability assessment.

"Managed" in i2nsf means "has interface on the management-plane". I still do not understand what managing actually means in the context of an VA capability :)

What potential functions are propagated as capabilities? What is their input? What is their output? Is it possible that the two VA capabilities are actually tasks?

Viele Grüße,

Henk

TL;DR I will pull these terms in, but we will have to align these terms better.

On 07/08/2016 01:56 PM, Danny Haynes wrote:

added terms from the vulnerability assessment scenario

    You can view, comment on, or merge this pull request online at:

https://github.com/sacmwg/draft-ietf-sacm-terminology/pull/35

    Commit Summary

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/sacmwg/draft-ietf-sacm-terminology/pull/35, or mute the thread https://github.com/notifications/unsubscribe/AL9wUmdEwdsuGaXAVLlgZFgpF3dS-b9xks5qTjsKgaJpZM4JH90q.