Revised SCAP Architecture - August 18
39 views
Skip to first unread message
Charles Schmidt
Aug 18, 2020, 4:50:58 PM8/18/20
to scap-dev-endpoint
Hi all,
I have updated the SCAP architecture based on feedback received. I believe I have addressed all comments. I've attached both the revised architecture and a version with tracked changes for those interested in what has changed.
Comments welcome.
Charles
David Kemp
Aug 19, 2020, 3:55:17 PM8/19/20
to Charles Schmidt, scap-dev-endpoint
Hi Charles,
Danny H displayed the latest prototype diagram at today's meeting; I have the older version, but I think they are similar in approach. I'd like to see a set of data objects (entities) with unique names that are sent between nodes. I used colored boxes on the diagram to illustrate the concept, but OpenC2 does not use diagrams, just text schemas like the one I sent a while ago for the temporal overlay. The idea is for the diagram to consistently name the data objects sent between nodes or stored in the nodes.
For example, the diagram says the Application sends "Report Requests", "Query Requests" and "Cancel Requests" to the Manager. That's straightforward, but for the schema it means three types named "Report Request", etc. as shown in the green (conceptual) entity. The tan (logical) entity starts to fill out what a Report Request contains. If we do the same thing for Query Request, it may turn out that they have nearly identical content, in which case there might not be a Query Request message, just a Report Request with a different parameter or two.
It gets more interesting with Collection Request from Manager to Collector. Is Collection Request exactly a Report Request, or a Report Request with additional info as shown, or something else? Giving names to entities clarifies the difference.
I've shown the collector sending an Agent Registration and a Target Registration to the Repository - is that what happens when a new PCE is connected or a PCE discovers a new target? Or does the Collector keep track of that by itself and periodically send Bound Asset List objects to the Repository?
So if we could give names to each of the data items, and start to fill out what we know about what each item contains, that would be a big help.
Regards,
Dave
Danny H displayed the latest prototype diagram at today's meeting; I have the older version, but I think they are similar in approach. I'd like to see a set of data objects (entities) with unique names that are sent between nodes. I used colored boxes on the diagram to illustrate the concept, but OpenC2 does not use diagrams, just text schemas like the one I sent a while ago for the temporal overlay. The idea is for the diagram to consistently name the data objects sent between nodes or stored in the nodes.
For example, the diagram says the Application sends "Report Requests", "Query Requests" and "Cancel Requests" to the Manager. That's straightforward, but for the schema it means three types named "Report Request", etc. as shown in the green (conceptual) entity. The tan (logical) entity starts to fill out what a Report Request contains. If we do the same thing for Query Request, it may turn out that they have nearly identical content, in which case there might not be a Query Request message, just a Report Request with a different parameter or two.
It gets more interesting with Collection Request from Manager to Collector. Is Collection Request exactly a Report Request, or a Report Request with additional info as shown, or something else? Giving names to entities clarifies the difference.
I've shown the collector sending an Agent Registration and a Target Registration to the Repository - is that what happens when a new PCE is connected or a PCE discovers a new target? Or does the Collector keep track of that by itself and periodically send Bound Asset List objects to the Repository?
So if we could give names to each of the data items, and start to fill out what we know about what each item contains, that would be a big help.
Regards,
Dave
--
To unsubscribe from this group, send email to scap-dev-endpo...@list.nist.gov
Visit this group at https://list.nist.gov/scap-dev-endpoint
---
To unsubscribe from this group and stop receiving emails from it, send an email to scap-dev-endpo...@list.nist.gov.
Charles Schmidt
Aug 19, 2020, 4:52:11 PM8/19/20
to scap-dev-endpoint
Hi Dave,
Thank you for the input. Danny and I will take a look and see if we can create a better way of capturing the necessary information.
Thanks,
Charles
To unsubscribe from this group, send email to scap-dev...@list.nist.gov
Visit this group at https://list.nist.gov/scap-dev-endpoint
---
To unsubscribe from this group and stop receiving emails from it, send an email to scap-dev...@list.nist.gov.
Reply all
Reply to author
Forward
0 new messages