4 SCAP Messages for IF-M Specification
Total Page:16
File Type:pdf, Size:1020Kb
TCG Trusted Network Connect SCAP Messages for IF-M Specification Version 1.0 Revision 16 3 October 2012 Public Review Contact: Please submit comments by January 15, 2012 to scap-messages- [email protected] Review all comments received at: https://www.trustedcomputinggroup.org/resources/comments_for_tnc_scap_ messages_for_ifm Work in Progress This document is an intermediate draft for comment only and is subject to change without notice. Readers should not design products based on this document. TCG PUBLIC REVIEW TCG Copyright © TCG 2012 SCAP Messages for IF-M TCG Copyright Specification Version 1.0 Copyright © 2012 Trusted Computing Group, Incorporated. Disclaimer THIS SPECIFICATION IS PROVIDED "AS IS" WITH NO WARRANTIES WHATSOEVER, INCLUDING ANY WARRANTY OF MERCHANTABILITY, NONINFRINGEMENT, FITNESS FOR ANY PARTICULAR PURPOSE, OR ANY WARRANTY OTHERWISE ARISING OUT OF ANY PROPOSAL, SPECIFICATION OR SAMPLE. Without limitation, TCG disclaims all liability, including liability for infringement of any proprietary rights, relating to use of information in this specification and to the implementation of this specification, and TCG disclaims all liability for cost of procurement of substitute goods or services, lost profits, loss of use, loss of data or any incidental, consequential, direct, indirect, or special damages, whether under contract, tort, warranty or otherwise, arising in any way out of use or reliance upon this specification or any information herein. No license, express or implied, by estoppel or otherwise, to any TCG or TCG member intellectual property rights is granted herein. Except that a license is hereby granted by TCG to copy and reproduce this specification for internal use only. Contact the Trusted Computing Group at www.trustedcomputinggroup.org for information on specification licensing through membership agreements. Any marks and brands contained herein are the property of their respective owners. Revision 16 Public Review Page ii of 41 TCG PUBLIC REVIEW SCAP Messages for IF-M TCG Copyright Specification Version 1.0 IWG TNC Document Roadmap IF-IMC APIs IF-IMV IF-M Protocol PTS IF-M Protocol SCAP IF-IMV Messages Protocol TNC Assessment Architecture Protocols IF-PEP XML TLV IF-TNCCS SoH IF-T IF-MAP TLS Tunneled EAP Methods Revision 16 Public Review Page iii of 41 TCG PUBLIC REVIEW SCAP Messages for IF-M TCG Copyright Specification Version 1.0 Acknowledgement The TCG wishes to thank all those who contributed to this specification. This document builds on considerable work done in the various working groups in the TCG. Special thanks to the members of the TNC contributing to this document: Authors of the PTS Protocol Binding to TNC IF-M, from which some sections of this document were lifted. Dave Waltermire (NIST) Lisa Lorenzin (Juniper) Clifford Kahn (Juniper) Steve Venema (Boeing) James Tan (Infoblox) David Vigier (Infoblox) Ira McDonald (High North Inc.) Kent Landfield (Intel) Stephen Hanna (Juniper) Paul Sangster (Symantec) Charles Schmidt (MITRE) Revision 16 Public Review Page iv of 41 TCG PUBLIC REVIEW SCAP Messages for IF-M TCG Copyright Specification Version 1.0 Table of Contents 1 Introduction ............................................................................................................ 7 1.1 Scope and Audience ..................................................................................................................... 7 1.2 Keywords ....................................................................................................................................... 7 2 Background ............................................................................................................ 8 2.1 Role of IF-M for SCAP ................................................................................................................... 8 2.2 Supported Use Cases ................................................................................................................... 9 2.2.1 Provisioning ............................................................................................................................... 9 2.2.2 Assessment ............................................................................................................................... 9 2.2.3 Freshness ................................................................................................................................ 10 2.2.4 IF-M Use Cases ....................................................................................................................... 10 2.3 Non-supported Use Cases .......................................................................................................... 10 2.4 Requirements .............................................................................................................................. 11 2.5 Non-Requirements ...................................................................................................................... 12 2.6 Assumptions ................................................................................................................................ 12 2.7 SCAP Messages for IF-M Message Diagram Conventions ........................................................ 12 3 Design Considerations ........................................................................................ 14 3.1 Flexible Content Structure Support ............................................................................................. 14 3.2 Non-divergence from Existing SCAP Practices........................................................................... 14 3.3 Interoperation .............................................................................................................................. 14 4 SCAP Messages for IF-M Specification .............................................................. 15 4.1 IF-M Subtype (AKA IF-M Component Type) ............................................................................... 15 4.2 IF-M Message Header ................................................................................................................. 15 4.3 SCAP Message Exchanges ........................................................................................................ 16 4.3.1 Vendor Proprietary Exchanges vs. SCAP Message Exchanges ............................................ 17 4.3.2 SCAP Content ......................................................................................................................... 18 4.3.3 Capabilities Exchange ............................................................................................................. 20 4.3.4 Content Exchange ................................................................................................................... 21 4.3.5 Assessment Exchange ............................................................................................................ 21 4.4 SCAP Messages for IF-M Attribute Enumeration ........................................................................ 23 4.5 SCAP References Message ........................................................................................................ 24 4.6 SCAP Capabilities and Inventory Message ................................................................................. 24 4.7 SCAP Content Message .............................................................................................................. 26 4.8 SCAP Assessment Message....................................................................................................... 27 4.9 SCAP Results Message .............................................................................................................. 31 4.10 SCAP Summary Results Message .............................................................................................. 32 4.11 SCAP Error Message .................................................................................................................. 34 5 Security Considerations ...................................................................................... 37 5.1 Trust Relationships ...................................................................................................................... 37 5.1.1 SCAP-IMC ............................................................................................................................... 37 5.1.2 IMV .......................................................................................................................................... 37 5.1.3 Vendor-proprietary exchanges ................................................................................................ 37 5.2 Security Threats and Countermeasures ...................................................................................... 37 5.2.1 Measurement Theft ................................................................................................................. 37 5.2.2 Message Fabrication ............................................................................................................... 38 5.2.3 Denial of Service ..................................................................................................................... 38 5.2.4 Remote Content as an Attack Vector ...................................................................................... 38 6 References ............................................................................................................ 39 6.1 Normative References