Continuous Monitoring Reference Model Workflow, Subsystem, and Interface Specifications
暂无分享,去创建一个
This publication provides the technical specifications for the continuous monitoring (CM) reference model presented in NIST IR 7756. These specifications enable multi-instance CM implementations, hierarchical tiers, multi-instance dynamic querying, sensor tasking, propagation of policy, policy monitoring, and policy compliance reporting. A major focus of the specifications is on workflows that describe the coordinated operation of all subsystems and components within the model. Another focus is on subsystem specifications that enable each subsystem to play its role within the workflows. The final focus is on interface specifications that supply communication paths between subsystems. These three sets of specifications (workflows, subsystems, and interfaces) are written to be data domain agnostic, which means that they can be used for CM regardless of the data domain that is being monitored. A companion publication, NIST IR 7800, binds these specifications to specific data domains (e.g., asset, configuration, and vulnerability management). The specifications provided in this document are detailed enough to enable product instrumentation and development. They are also detailed enough to enable product testing, validation, procurement, and interoperability. Taken together, the specifications in this document define an ecosystem where a variety of interoperable products can be composed together to form effective CM solutions. If properly adopted, these specifications will enable teamwork, orchestration, and coordination among CM products that currently operate distinctly. For the computer security domain, this will greatly enhance organizational effectiveness and efficiency in addressing known vulnerabilities and technical policy requirements, and decision making. 1 The co-chairs are listed on the Office of Management and Budget website:https://max.omb.gov/community/display/Egov/Continuous+Monitoring+Working+Group+Members. 2 The acronym CM in this publication is not to be confused with other NIST 800 series publications that use the abbreviation CM to denote “Configuration Management.”