Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

NISTIR 7799 (DRAFT)

Continuous Monitoring Reference Model Workflow, Subsystem, and Interface Specifications

Date Published: January 2012
Comments Due: February 17, 2012 (public comment period is CLOSED)
Email Questions to: fe-comments@nist.gov

Author(s)

Peter Mell (NIST), David Waltermire (NIST), Adam Halbardier (BAH), Larry Feldman (BAH)

Announcement

NIST announces the public comment release of Draft NIST Interagency Report (NISTIR) 7799, Continuous Monitoring Reference Model Workflow, Subsystem, and Interface Specifications. This publication provides the technical specifications for the continuous monitoring (CM) reference model presented in NIST IR 7756. These specifications enable multi-instance CM implementations, hierarchical tiers, multi-instance dynamic querying, sensor tasking, propagation of policy, policy monitoring, and policy compliance reporting. A major focus of the specifications is on workflows that describe the coordinated operation of all subsystems and components within the model. Another focus is on subsystem specifications that enable each subsystem to play its role within the workflows. The final focus is on interface specifications that supply communication paths between subsystems. These three sets of specifications (workflows, subsystems, and interfaces) are written to be data domain agnostic, which means that they can be used for CM regardless of the data domain that is being monitored.

Abstract

Keywords

continuous monitoring
Control Families

Audit and Accountability; Security Assessment and Authorization; Configuration Management; Incident Response; Maintenance; Risk Assessment; System and Communications Protection;