(CADF) - 6 Data Format and Interface Definitions Specification

Total Page:16

File Type:pdf, Size:1020Kb

(CADF) - 6 Data Format and Interface Definitions Specification 1 2 Document Identifier: DSP0262 3 Version: 1.0.0 4 Date: 2014-06-19 5 Cloud Auditing Data Federation (CADF) - 6 Data Format and Interface Definitions Specification 7 Document Type: Specification 8 Document Status: DMTF Standard 9 Document Language: en-US 10 Cloud Auditing Data Federation - Data Format and Interface Definitions Specification DSP0262 11 Copyright Notice 12 Copyright © 2014 Distributed Management Task Force, Inc. (DMTF). All rights reserved. 13 DMTF is a not-for-profit association of industry members dedicated to promoting enterprise and systems 14 management and interoperability. Members and non-members may reproduce DMTF specifications and documents 15 for uses consistent with this purpose, provided that correct attribution is given. As DMTF specifications may be 16 revised from time to time, the particular version and release date should always be noted. 17 Implementation of certain elements of this standard or proposed standard may be subject to third party patent 18 rights, including provisional patent rights (herein "patent rights"). DMTF makes no representations to users of the 19 standard as to the existence of such rights, and is not responsible to recognize, disclose, or identify any or all such 20 third party patent right, owners or claimants, nor for any incomplete or inaccurate identification or disclosure of such 21 rights, owners or claimants. DMTF shall have no liability to any party, in any manner or circumstance, under any 22 legal theory whatsoever, for failure to recognize, disclose, or identify any such third party patent rights, or for such 23 party’s reliance on the standard or incorporation thereof in its product, protocols or testing procedures. DMTF shall 24 have no liability to any party implementing such standard, whether such implementation is foreseeable or not, nor 25 to any patent owner or claimant, and shall have no liability or responsibility for costs or losses incurred if a standard 26 is withdrawn or modified after publication, and shall be indemnified and held harmless by any party implementing 27 the standard from any and all claims of infringement by a patent owner for such implementations. 28 For information about patents held by third-parties which have notified the DMTF that, in their opinion, such patent 29 may relate to or impact implementations of DMTF standards, visit: 30 http://www.dmtf.org/about/policies/disclosures.php. 2 DMTF Standard Version 1.0.0 DSP0262 Cloud Auditing Data Federation - Data Format and Interface Definitions Specification 31 Contents 32 Foreword ...................................................................................................................................................................... 9 33 Acknowledgements .............................................................................................................................................. 9 34 Introduction ................................................................................................................................................................ 10 35 Document versioning scheme ........................................................................................................................... 10 36 Cloud auditing data federation use cases ......................................................................................................... 10 37 Auditing cloud applications independently of provider....................................................................................... 10 38 Auditing hybrid cloud applications ..................................................................................................................... 11 39 Granular use cases ............................................................................................................................................ 12 40 1 Scope and goals ................................................................................................................................................ 13 41 1.1 Scope ...................................................................................................................................................... 13 42 1.2 Goals ....................................................................................................................................................... 13 43 1.2.1 Audit data integrity and security ................................................................................................. 14 44 1.2.2 Audit data set sizes and performance ........................................................................................ 14 45 1.2.3 Extensibility................................................................................................................................. 14 46 1.2.4 Use cases and examples ........................................................................................................... 14 47 1.3 Out of scope ............................................................................................................................................ 15 48 1.3.1 Translation .................................................................................................................................. 15 49 1.3.2 Security policies ......................................................................................................................... 15 50 1.3.3 Forensic information ................................................................................................................... 15 51 1.3.4 Debug information ...................................................................................................................... 15 52 1.3.5 Configuration data ...................................................................................................................... 16 53 1.3.6 Audit event alerting ..................................................................................................................... 16 54 2 Normative references ........................................................................................................................................ 16 55 3 Terms and definitions ........................................................................................................................................ 17 56 3.1 General terms .......................................................................................................................................... 17 57 3.2 Interface definitions ................................................................................................................................. 21 58 3.3 Interaction model ..................................................................................................................................... 22 59 3.4 Document versioning scheme ................................................................................................................. 22 60 4 CADF Event Model ............................................................................................................................................ 22 61 4.1 Basic concepts ........................................................................................................................................ 23 62 4.1.1 Resource .................................................................................................................................... 23 63 4.1.2 Actual Event, Event Record, CADF Event Record..................................................................... 23 64 4.2 Required model components .................................................................................................................. 23 65 4.2.1 Basic conceptual event model.................................................................................................... 24 66 4.2.2 The OBSERVER perspective ..................................................................................................... 25 67 4.2.3 Notes .......................................................................................................................................... 25 68 4.3 Conditional model components ............................................................................................................... 26 69 4.3.1 MEASUREMENT ....................................................................................................................... 26 70 4.3.2 REASON .................................................................................................................................... 26 71 4.3.3 Basic conceptual event model with optional components .......................................................... 26 72 4.4 Optional components .............................................................................................................................. 27 73 4.4.1 Reporters and the Reporter chain .............................................................................................. 27 74 4.5 Types of CADF Events ............................................................................................................................ 29 75 4.5.1 Valid EventType values .............................................................................................................. 30 76 4.5.2 EventType requirements ............................................................................................................ 31 77 4.6 Refinement of Event semantics based upon the selected EventType value .........................................
Recommended publications
  • AS/NZS ISO 6709:2011 ISO 6709:2008 ISO 6709:2008 Cor.1 (2009) AS/NZS ISO 6709:2011 AS/NZS ISO 6709:2011
    AS/NZS ISO 6709:2011 ISO 6709:2008 ISO 6709:2008 Cor.1 (2009) AS/NZS ISO 6709:2011AS/NZS ISO Australian/New Zealand Standard™ Standard representation of geographic point location by coordinates AS/NZS ISO 6709:2011 This Joint Australian/New Zealand Standard was prepared by Joint Technical Committee IT-004, Geographical Information/Geomatics. It was approved on behalf of the Council of Standards Australia on 15 November 2011 and on behalf of the Council of Standards New Zealand on 14 November 2011. This Standard was published on 23 December 2011. The following are represented on Committee IT-004: ANZLIC—The Spatial Information Council Australasian Fire and Emergency Service Authorities Council Australian Antarctic Division Australian Hydrographic Office Australian Map Circle CSIRO Exploration and Mining Department of Lands, NSW Department of Primary Industries and Water, Tas. Geoscience Australia Land Information New Zealand Mercury Project Solutions Office of Spatial Data Management The University of Melbourne Keeping Standards up-to-date Standards are living documents which reflect progress in science, technology and systems. To maintain their currency, all Standards are periodically reviewed, and new editions are published. Between editions, amendments may be issued. Standards may also be withdrawn. It is important that readers assure themselves they are using a current Standard, which should include any amendments which may have been published since the Standard was purchased. Detailed information about joint Australian/New Zealand Standards can be found by visiting the Standards Web Shop at www.saiglobal.com.au or Standards New Zealand web site at www.standards.co.nz and looking up the relevant Standard in the on-line catalogue.
    [Show full text]
  • Contributing to the Getty Vocabularies (2020)
    Contributing to the Getty Vocabularies Revised May 2020 Patricia Harpring Managing Editor Getty Vocabulary Program Patricia Harpring Contributing to the Getty Vocabularies revised 13 May 2020 1 Table of Contents • Contributing to ULAN ….76 • Preface ….3 • ...Required Fields ….82 • What Are the Getty Vocabularies …5 • ...Sources ….99 • Basics for Contributions ….18 • Contributing to TGN ….103 • ...Who Contributes? ….19 • ...Required Fields ….109... • ...Processing Contributions ….21 • Sources ….122 • ...Criteria for Contributions ….23 • Contributing to CONA ….128 • ...XML: Mapping Your Data ….30 • ...Required Fields ….134 • …Spreadsheet: use OpenRefine...33 • ...Sources ….156 • …Online contribution form …35 • Contributing to the IA ….163 • Contributing to the AAT ….36 • ...Required Fields ….168 • ...Required Fields ….42 • ...Sources ….181 • ...Sources ...68 • Exercise ……. 188 Contributing to the Getty Vocabularies Patricia Harpring Contributing to the Getty Vocabularies revised 13 May 2020 2 Preface • This presentation is a brief overview of general issues surrounding contributions to the Getty Vocabularies • It includes examples of various issues surrounding contributions; it is not comprehensive Getty Vocabularies • The complex and extensive rules and examples surrounding the fields are not included in this presentation • For extensive guidance concerning rules and issues, in a field‐by‐field discussion, see the online • For general information about contributions and Getty Vocabulary Editorial Guidelines, which contain links to contribution
    [Show full text]
  • NGDA Baseline Standards Inventory Companion Guide
    The Companion Guide: Achieving an NGDA Baseline Standards Inventory A Baseline Assessment to Meet Geospatial Data Act, Federal Data Strategy, and Other Requirements Federal Geographic Data Committee August 31, 2020 Contents Introduction .................................................................................................................................................. 1 Approach ....................................................................................................................................................... 2 Outcomes ...................................................................................................................................................... 2 How to Use this Document ........................................................................................................................... 2 Geospatial Data and Metadata Standards .................................................................................................... 3 Data Standards Categories ............................................................................................................................ 5 Data Content Standards Category Definitions .......................................................................................... 5 Data Exchange Standards Definitions ....................................................................................................... 8 Metadata Standards Categories ..................................................................................................................
    [Show full text]
  • D2.8.I.1 INSPIRE Specification on Coordinate Reference Systems - Guidelines
    INSPIRE Infrastructure for Spatial Information in Europe D2.8.I.1 INSPIRE Specification on Coordinate Reference Systems - Guidelines Title D2.8.I.1 INSPIRE Specification on Coordinate Reference Systems – Guidelines Creator INSPIRE Thematic Working Group Coordinate Reference Systems and Geographical Grid Systems Date 2009-09-07 Subject INSPIRE Specification: Coordinate reference systems Status n/a Publisher INSPIRE Thematic Working Group Coordinate Reference Systems and Geographical Grid Systems Type Text Description This document describes the INSPIRE specification for the spatial data theme Coordinate reference systems. Contributor Members of the INSPIRE Thematic Working Group Coordinate Reference Systems and Geographical Grid Systems Format MS Word 95/2000 (doc) Source Rights Public Identifier INSPIRE_Specification_CRS_v3.doc Language En Relation Directive 2007/2/EC of the European Parliament and of the Council of 14 March 2007 establishing an Infrastructure for Spatial Information in the European Community (INSPIRE) Coverage Project duration These are Dublin Core metadata elements. See for more details and examples http://www.dublincore.org/. INSPIRE Reference: INSPIRE_Specification_CRS_v3.0 TWG-RS INSPIRE Specification on Coordinate reference systems 2009-09-08 Page II Foreword How to read the document? This guideline describes the INSPIRE Specification on Coordinate Reference Systems developed by the Thematic Working Group Coordinate Reference Systems and Geographical Grid Systems (Thematic Working Group Reference System, TWG-RS). The guideline contains detailed technical documentation highlighting the mandatory and the recommended elements related to the implementation of INSPIRE. The technical details are expected to be of prime interest to those organisations that are/will be responsible for implementing INSPIRE within the field of Coordinate reference systems.
    [Show full text]
  • Handling Data Consistency Through Spatial Data Integrity Rules in Constraint Decision Tables
    Handling Data Consistency through Spatial Data Integrity Rules in Constraint Decision Tables Fei Wang Vollständiger Abdruck von der Fakultät für Bauingenieur- und Vermessungswesen der Universität der Bundeswehr München zur Erlangung des akademischen Grades eines Doktor- Ingenieurs (Dr.-Ing.) genehmigten Dissertation. Vorsitzender: Univ.-Prof. Dr.-Ing. Wilhelm Caspary 1.Berichterstatter: Univ.-Prof. Dr.-Ing. Wolfgang Reinhardt 2.Berichterstatter: Univ.-Prof. Dr.-Ing. Anders Östman Diese Dissertation wurde am 31. Jan. 2008 bei der Universität der Bundeswehr münchen eingereicht. Tag der Mündlichen Prüfung: 13. Mai 2008 2 3 Abstract With the rapid development of the GIS world, spatial data are being increasingly shared, transformed, used and re-used. The quality of spatial data is put in a high priority because spatial data of inadequate quality is of little value to the GIS community. Several main components of spatial data quality were indentified by international standardization bodies such as ISO/TC 211, OGC and FGDC, which consists of seven usual quality elements: lineage, positional accuracy, attribute accuracy, semantic accuracy, temporal accuracy, logical consistency and completeness (two different names for similar aspects of quality are grouped in the same category). In this dissertation our work focuses on the data consistency issue of the spatial data quality components, which involves the logical consistency as well as semantic and temporal aspects. Due to complex geographic data characteristics, various data capture workflows and different data sources, the final large datasets often result in inconsistency, incompleteness and inaccuracy. To reduce spatial data inconsistency and provide users the data of adequate quality, the specification of spatial data consistency requirements should be explicitly described.
    [Show full text]
  • Spatial Standards for the Internet of Things (September 2013) I
    ITU-T Technology Watch surveys the ICT landscape to capture new topics for standardization activities. Technology Watch Reports assess new technologies with regard to existing standards inside and outside ITU-T and their likely impact on future standardization. Previous reports in the series include: ICTs and Climate Change Ubiquitous Sensor Networks Remote Collaboration Tools NGNs and Energy Efficiency Distributed Computing: Utilities, Grids & Clouds The Future Internet Biometrics and Standards Location matters: Decreasing Driver Distraction The Optical World Spatial standards for the Trends in Video Games and Gaming Digital Signage Internet of Things Privacy in Cloud Computing E-health Standards and Interoperability ITU-T Technology Watch Report E-learning September 2013 Smart Cities Mobile Money http://www.itu.int/ITU-T/techwatch Precise and accurate location (spatial) information enhance our association with our natural and built environments. This report looks at the global effort to weave different sources and formats of spatial information together so that they can be useful to people wherever they are and whatever they are doing. Printed in Switzerland Geneva, 2013 Photo credits: Shutterstock® The rapid evolution of the telecommunication/information and communication technology (ICT) environment requires related technology foresight and immediate action in order to propose ITU-T standardization activities as early as possible. ITU-T Technology Watch surveys the ICT landscape to capture new topics for standardization activities. Technology Watch Reports assess new technologies with regard to existing standards inside and outside ITU-T and their likely impact on future standardization. Acknowledgements This report was written by staff and members of the Open Geospatial Consortium (OGC), in collaboration with the ITU Secretariat.
    [Show full text]
  • Iso 6709:2008(E)
    This preview is downloaded from www.sis.se. Buy the entire standard via https://www.sis.se/std-910055 INTERNATIONAL ISO STANDARD 6709 Second edition 2008-07-15 Standard representation of geographic point location by coordinates Représentation normalisée des latitude, longitude et altitude pour la localisation des points géographiques Reference number ISO 6709:2008(E) © ISO 2008 This preview is downloaded from www.sis.se. Buy the entire standard via https://www.sis.se/std-910055 ISO 6709:2008(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below. COPYRIGHT PROTECTED DOCUMENT © ISO 2008 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISO's member body in the country of the requester.
    [Show full text]
  • ISO) TC211 and TC172 with Respect to Geodetic References
    Activities of International Standards Organization (ISO) TC211 and TC172 with respect to Geodetic References Session 2.4 Standards and Traceability of a Terrestrial Reference Frame/GNSS Larry D. Hothem ISO/TC211 Liaision Representative to FIG and IAG Member, US national body for geospatial data and information standards USGS, Reston, Virginia USA • Overview - ISO Technical Committee 211 (TC211), Geographic Information/Geomatics • TC211 work related to Geodesy and Geodetic References • 19111, 19127, Geodetic Registry Network , Geodetic References (NWIP) , 6709 • TC211: other work of interest to geodesists and surveyors • 19130 and 19159: remote sensors, e.g. Optical, LiDAR, etc. • ISO TC172 , Special Committee 6 (SC 6), Geodetic and Surveying Instruments ISO/TC 211 Geographic information/Geomatics The ISO/TC 211 Geographic information/Geomatics (2012-02) … building the foundation of the geospatial infrastructure, brick by brick ... ISO/TC 211 The goal of ISO/TC 211 ... is to develop a family of international standards that will support the understanding and usage of geographic information increase the availability, access, integration, and sharing of geographic information, enable inter - operability of geospatially enabled computer systems contribute to a unified approach to addressing global ecological and humanitarian problems ease the establishment of geospatial infrastructures on local, regional and global level contribute to sustainable development ISO/TC 211 Scope of ISO/TC 211 • Standardization in the field of digital geographic information. • This work aims to establish a structured set of standards for information concerning objects or phenomena that are directly or indirectly associated with a location relative to the Earth . • These standards may specify, for geographic information, methods, tools and services for data management (including definition and description), acquiring, processing, analyzing, accessing, presenting and transferring such data in digital/electronic form between different users, systems and locations.
    [Show full text]
  • Spatial Data Studio Ltom.02.011 Interoperabilty & Webgis
    SPATIAL DATA STUDIO LTOM.02.011 INTEROPERABILTY & WEBGIS Alexander Kmoch DATA INTEROPERABILITY • Introduction & Motivation • Service Orientied Architecture • Spatial Data Infrastructure • Open Geospatial Consortium INTRODUCTION & MOTIVATION ● Spatial Information and its role in taking informed decision making ● Spatial data transfer ● Web services ● Open GIS vs. Open Source The Network is the Computer (* (* John Gage, 1984 SPATIAL INFORMATION AND TECHNOLOGIES SPATIAL DATA TRANSFER: FROM CLASSIC PAPER MAPS TO WEB SERVICES Web Services Online download (FTP) Offline copy (CD/DVD) Print Copy (paper maps) Source: Fu and Sun, 2011 WEB SERVICES ● “A Web Service is a software system designed to support interoperable machine-to-machine interaction over a network” (W3C, 2004) ● Interface to application functionality accessible through a network ● Intermediary between data/applications and users WEB SERVICES FUNCTIONALITY Web Client File data Send Request Desktop Client Send response Mobile Client geodatabase FUNCTIONALITIES OF THE GEOSPATIAL WEB SERVICES ● Map services: display an image of the spatial data, but not the raw data ● Data services: ● Editing services: create, retrieve, update and delete the geo-data online; e.g. OSM mapping capabilities ● Search services: INSPIRE Geoportal ● Analytical services ● Geocoding services: transforming the addresses into X,Y coordinates ● Network analysis services: e.g. finding the shortest path/route between two locations: A and B ● Geoprocessing services: mapping the crime hotspots using a GIS tool that
    [Show full text]
  • Iso 19107:2003
    SDISDI –– Standards Standards atat workwork Jan Juul Jensen Senior Technology Strategist Informi GIS Denmark Informi GIS A/S InformiInformi GISGIS Private held Limited Company Specialized in GIS 100+ employees HQ in Charlottenlund, Copenhagen Regional Offices in Aalborg and Kolding Aalborg ESRI distributor in Denmark Software, Solutions, Consultancy Charlottenlund Kolding Customers: Utility, Defense, Government, Commercial, Transportation, Education a.o. Informi GIS A/S StandardsStandards –– making making life life easier easier ”2008-05-15T10:17:35” Informi GIS A/S ISO/TCISO/TC 211211 ProjectsProjects (1)(1) Color legend: DIS, FDIS, IS, Work on-going ISO 19111 - Spatial referencing ISO 6709:1983 - Standard by coordinates representation of latitude, longitude and ISO 19111 - 2 Revision altitude for geographic point locations ISO 19112 - Spatial referencing ISO 6709 – Geographic point location by geographic identifiers ISO 19101 - Reference model ISO 19113 - Quality principles ISO 19101-2 – Reference Model – Part ISO 19114 - Quality evaluation 2: Imagery procedures ISO/TS 19103 - Conceptual schema ISO 19115 – Metadata language ISO 19115-2 – Metadata – Part 2: Extensions for imagery and ISO 19104 - Terminology gridded data ISO 19105 - Conformance and testing ISO 19116 - Positioning ISO 19106 - Profiles services ISO 19107 - Spatial schema ISO 19117 - Portrayal ISO 19108 - Temporal schema ISO 19118 - Encoding ISO 19109 - Rules for application ISO 19119 - Services schema ISO/TR 19120 - Functional standards
    [Show full text]
  • La Familia ISO 19100
    Introducción a la normalización en Información Geográfica: la familia ISO 19100 Francisco Javier Ariza López Antonio Federico Rodríguez Pascual Editores Introducción a la normalización en información geográfica: la familia ISO 19100 Grupo de Investigación en Ingeniería Cartográfica Universidad de Jaén Introducción a la normalización en información geográfica: la familia ISO 19100 Francisco Javier Ariza López Universidad de Jaén Antonio Federico Rodríguez Pascual Instituto Geográfico Nacional 2008 Título: “Introducción a la normalización en información geográfica: la familia ISO 19100” Editores/Coordinadores: Ariza López; Francisco Javier Rodríguez Pascual; Antonio Federico © Los autores: Abad Power; Paloma Alonso Jiménez; José Ángel Ariza López; Francisco Javier Ballari; Daniela Barrot Feixat; Dolors Doménech Tofiño; Emilio Escriu Paradell; Jordi García Balboa; José Luis García García; Francisco Javier Iguácel Abeigón; Cristina López Romero; Emilio Lucas Martínez; José Luis Mas Mayoral; Sebastián Matos; João Luis Nogueras Iso; Javier Rodríguez Pascual; Antonio Federico Sánchez Maganto; Alejandra Sevilla de Lerma; Miguel Sevilla Sánchez; Celia Valcárcel Sanz; Nuria Villa Alcázar; Guillermo Portada: Sánchez Maganto; Alejandra Publica: Grupo de Investigación en Ingeniería Cartográfica Universidad de Jaén Paraje Las Lagunillas S/N E-23071-Jaén (España) http://coello.ujaen.es/investigacion/web_giic/index.html ISBN: 978-84-612-2075-5 Depósito Legal: J-93-2008 Contenido Contenido PRÓLOGO ..............................................................................................................................
    [Show full text]
  • Axiell User Conference, Denver, 2019 Alex Fell
    EMu roadmap Axiell User Conference, Denver, 2019 Ale x Fe ll - Head of R&D, EMu Product Manager EMu 6 .0 EMu 6 .0 - Released and available • 48 customers currently upgraded • 0.5 < n > 5.75 days per customer • Reactions mainly positive • Upgrades mainly undertaken by helpdesk • Minor UI glitches being resolved by dev team EMu - Forthcoming enhancements • Deep links • Link directly to records within same institution • Clicking a link opens EMu at appropriate record • Questions to be resolved around links between installations • UI scaling improvements • Provide a better response when changing DPI or font size • Fa irly s ig nific a nt d e ve lo p m e nt • May be released over time EMu - Forthcoming enhancements • Client timeout facility • Handle user inactivity more gracefully • Optional timeout set in Registry • Brings EMu in line with NIST standards Axie ll Co lle c t io ns Eng ine (formally the CDP) Axie ll Colle c t ions Eng ine • Development is feature complete • Significant internal effort with a world -wide team • Work continues on efficiency and improvements • Multi -lingual data final feature to add • Scalable to many records, horizontally • Vertical scaling - buy a bigger server • Horizontal scaling - buy another server • Question of when to scale (number of nodes / size of node) Axie ll Colle c t ions Eng ine • Data storage and indexing are separated (CQRS) • Elasticsearch provides indexing • MongoDB (currently) provides storage • System is modular and technologies can be changed • Offers a wide variety of scaling combinations
    [Show full text]