ISO/IEC 7498-4 (Management Framework),1 defines five system
Accounting management enables charges to be established for the use of resources in an OSI environment, and for costs to be identified for the use of those resources. Accounting management includes functions to:
Configuration management identifies, exercises control over, collects data from, and provides data to open systems for the purpose of preparing for, initialising, starting, providing for continuous operation of, and terminating interconnection services.
Configuration management includes functions to:
Performance management enables the behaviour of resources in the OSI environment and the effectiveness of communication activities to be evaluated. Performance management includes functions to:
Fault management encompasses fault detection, isolation and the correction of abnormal operation of the OSI environment. Faults cause open systems to fail to meet their operational objectives and they may be persistent or transient. Faults manifest themselves as particular events (for example, errors) in the operation of an open system. Error detection provides for the recognition of errors. Fault management includes functions to:
The purpose of security management is to support the application of security policies by means of functions that include:
The X.700 System Management Functional Areas are part of the
underlying structure that supports the SPIRIT management.
The SPIRIT Scope of Management (see
There is a relationship between the operational aspects of
X.700 management and the SPIRIT disciplines as shown in
|SPIRIT Scope of||X.700 System Management|
Telecommunication Management Network (TMN) defines five layers:
The SPIRIT Scope of Management applies to the management of any general-purpose or management system computing platform that is utilised within any of these five layers.
SPIRIT Scope of Management addresses distributed systems management.
As such, it is wider in scope than ISO/IEC 7498-4. The SPIRIT Scope of Management is defined for Information Systems. Not all the Information Systems, particularly legacy systems, fit the definition of open systems as defined by ISO/IEC. But management has to apply to all Information Systems.
Information System is defined as any computing system capable
Process is defined as additional functions beyond those
Manager is defined to be a function that is required to be
Agent is defined to be a function that is required on
|Business Strategic Planning||Yes|
|Information Services Management||Yes|
|Monitoring and Tracking||Yes|
|Workload and Operations Planning||Yes|
|Performance Control and Monitoring||Yes|
|Performance Execution and Measurement||Yes|
|Problem Process Planning||Yes||Yes|
|Problem Policy Planning||Yes||Yes|
|Problem Bypass and Recovery||Yes||Yes|
|Problem Resolution and Verification||Yes||Yes|
Business management addresses the activities involved in the management of the business aspect of an enterprise's information system. Tasks that are categorised under the business management discipline are listed below.
Inventory control manages all the information system resources by maintaining information about where the resource is located and who it is assigned to. Inventory control follows a resource from identification as a requirement through purchase, installation, depreciation and finally disposal.
Accounting collects usage data and bills information system expenses to the appropriate users.
Charge-back includes the collection of usage data and the
Financial management supports budget planning, tracking of
Policy administration provides tools and services to collect policy information and translates that into actions for automation.
Business strategic planning deals with the long-range planning and the bridging of a company's Information Technology goals and objectives to the business objectives of the company.
Process management provides the support programming that allows the definition and execution of a process. A process is a defined relationship between the steps needed to accomplish a systems management task. The steps may be accomplished by people (as in signing an approval form), or they may be systems management functions (as in adding a link). Process management is applicable across all the disciplines.
Information services management defines the customers of the enterprise's business and the services that will be needed to support them. This includes defining the enterprise's marketplace and associated service offerings, forecasting service volumes, forecasting and publishing prices for services, promoting services offered, identifying which organisations will use which services, providing help for users, and coordinating problem resolution.
Within information services management:
Organisational planning includes education and training. Planning for, and training, staff and users, maintaining training material, and maintaining education profiles covers staff performance and skill assessment.
The configuration management discipline controls how you plan, develop and maintain the way the resources of an information system interrelate. Tasks that are categorised under the configuration management discipline are listed below.
Configuration design comprises the design, modelling and validation of hardware and software configurations. These configurations may be physical or logical. Validation validates that the proposed model is correct within current system requirements and existing system structures.
Environmental planning determines the physical specifications required to support the configuration.
Configuration creation builds and manages a configuration description of a specific resource.
Updating configuration information dynamically updates configuration information.
Sub-tasks under updating configuration include:
Accessing configuration information provides a means to retrieve any configuration information, active or inactive, based on relationships between resources and configuration versions.
Configuration parameters and policies display startup
Unique product identification or vital product data is an
Self-configuration reports a resource's
Downstream/Peer Attachment is the capability to recognise
System/User Access to Configuration Data provides human
Maintaining a Systems Inventory of all the system/network
Software administration controls the introduction of change into an information system environment. Its goals are to minimise the impact of the change, reduce the skill level needed to manage the change, and reduce the process to a series of small, repeatable steps that can be automated.
Tasks that are categorised under software administration are described in the following sections.
Change entry accepts change requests from authorised change
Assessment and approval support business and technical
Planning identifies the resources affected by the change
Scheduling sets the actual schedule for the change, within
Distribution controls the distribution of the software and software updates.
Synchronisation defines the order and timing of change installation, along with recovery actions if the installation is not successful. It includes the synchronisation of changes across multiple managers and agents.
Installation deals with changes that can be applied under program control. Some changes cannot be applied under program control because they depend on user intervention.
Activation controls the transition from the previous production version to the new version.
Testing verifies the expected operation of the new or altered components. The change plan will identify the tests associated with each phase of the change. Tests will typically be run before the change is installed, after the change is installed, and after the change is removed if a backout was necessary.
Backout provides procedures for reversing an unsuccessful change.
Monitoring and tracking maintains the status of each step in the change process. Within monitor and tracking, change result notification notifies affected areas of successful changes (that is, through electronic mail with return codes and error messages).
Post-installation analysis reviews completed changes to verify that they meet the enterprise's objectives. The analysis provides feedback to help identify modifications needed to improve the change process and to meet objectives.
The operations management discipline uses managers and the resources they manage to support an enterprise's information systems workload. This discipline includes tasks for planning, distributing, evaluating and controlling workloads and the resources needed to support those workloads in real time.
Tasks that are categorised under the operations management discipline are listed below.
Workload planning defines, analyses and reports on the
Operations planning defines the operational policies and
Workload control distributes the work-handling responsibilities among systems. It includes the monitoring, analysing and adjusting of work in those systems.
Operations control implements operations policies in each system. It monitors and adjusts the dynamic states of systems and resources.
Within operations control:
Print management consists of those components and interfaces required to provide for:
Performance management defines how to plan, evaluate and control the delivery of service to the users of an enterprise's information systems.
Tasks that are categorised under the performance management discipline are listed below.
Capacity planning defines the level of system resources
Performance policy definition defines the performance
Define performance levels, within performance policy
Performance control and monitoring distributes established policies throughout an installation, monitors the level of service delivered, such as availability, compares actual levels with planned levels, and provides performance reporting.
Under performance control and monitoring:
Performance execution and measurement directs systems management applications to follow the installation's performance policies, taking the steps necessary to execute the plan. Performance execution and measurement periodically report back on how things are going.
The problem management discipline encompasses the detection, analysis, recovery, resolution and tracking of potential and recognised problems occurring in the information system. This encompasses and expands on the OSI Fault Management. The overall goals of problem management are to reduce the resources required for detecting incidents and resolving problems, and to provide better availability of information system resources.
Tasks that are categorised under the problem management discipline are listed below.
Problem process planning and tracking supports the planning
Problem policy planning and definition prepares policies for identifying and resolving real-time problems rapidly and with limited human intervention.
Detection and logging provides notification of problems
Problem correlation and determination relates multiple incidents to a specific problem in order to expedite problem determination, and minimise the handling of duplicate incidents. In addition, the probable cause of a problem is determined.
Problem analysis and diagnosis determines why a specific problem occurred, and diagnostic processes can determine potential solution strategies.
Problem bypass and recovery adjusts to the problem by using an alternate path or resource, or restarts the failing component.
Subtasks under problem bypass and recovery include:
Problem assignment directs the problem to the proper person or application for resolution.
Problem fix determination determines the "fix" for a problem.
Problem escalation provides a mechanism for increasing the
Problem resolution and verification has the task of applying the problem solution identified during the problem analysis and diagnosis task, and verifying to ensure that the solution corrected the problem.
Security management is the administration, control and review of an enterprise's security policy. Security managers make use of procedures and system security services to implement policies consistent with the organisation's objectives. System auditability can provide checks and balances on system users and administrators to ensure that security management policies are enforced.
Security management goes beyond access control administration. A clear requirement involves the registration and enrolment of system users and the management of programs, data and security information such as cryptographic keys. Event logs have to be processed that produce meaningful reports to facilitate the audit task. These functions have to accommodate a distributed system environment and manage the cross-system aspects transparent to the user.
The security management functions perform the following types of activities:
System security management is concerned with the management of the security aspects of the overall information systems environment. This includes:
Security services management is concerned with the management of specific security services. This includes interaction with other security service management functions and security mechanism management functions. An example might be the enabling of the access control service.
Security mechanisms management is concerned with the management of specific security mechanisms. Using the access control example, this could be the setting of access control list parameters.
This section summarises ISO/IEC 7498-2 (Security Architecture).
This provides a good framework for security.2
X.800 describes the general security related architectural elements which can be applied appropriately in the circumstances for which protection of communication between information systems is required. The architecture consists of a number of functions as follows:
This framework enables verification of the identity of individuals. The basic function is the unique identification of users and programs, verification of these identities and assurance of individual accountability. Authentication includes mutual authentication as well as single, user-to-system, authentication.
Authenticated user identification provides the basis for additional security functions; for example, access control and auditing. Authentication technology may take the form of passwords, smart tokens, smart cards and biometric measuring devices. Authentication has multiple meanings:
The corroboration that the source of data received is as claimed.
The corroboration that a peer entity in an association is the one claimed. There are at least three types of entity authentication protocols:
The prevention of unauthorised use of a resource, including the prevention of use of a resource in an unauthorised manner.
Access control allows the installation to protect critical resources by limiting access to only authorised and authenticated users. Depending on the environment, access may be controlled by the resource owner, or it may be done automatically by the system if using security labels. The resource owner can specify who can access the information, how it can be accessed, when it can be accessed, and under what conditions it can be accessed (for example, when executing specific applications, programs or transactions). The functional goal is to ensure that security is maintained for resources, whether they are in a central system, distributed or mobile (as in the case with files and programs).
Non-denial by one of the entities involved in communication of having participated in all or part of the communication. Non-repudiation may be viewed as an extension to the identification and authentication services. The non-repudiation service can protect a recipient against the false denial by an originator that the data has been sent, and it can protect an originator against the false denial of a recipient that the data has been received. In general, non-repudiation applies to the transmission of electronic data, such as an order to a stock broker to buy/sell stock, a doctor's order for medication to a specific patient, or approval to pay an invoice by a company to its bank. The overall goal is to be able to verify, with virtually 100% certainty, that a particular message can be associated with a particular individual, just as a handwritten signature on a bank cheque is tied back to the account owner.
The property that data has not been altered in any way.
Data integrity provides detection of the unauthorised modification of data. Organisations must allow the usage of data by authorised users and applications, as well as the transmission of data for remote processing. Data integrity facilities can indicate whether information has been altered. Data may be altered in two ways: because of hardware or transmission errors, or because of an attack. For years, many products have used a checksum mechanism in disk and tape storage systems and in network protocols to protect against transmission and hardware errors. Active attacks on data integrity require a different mechanism, which uses cryptography and allows for the verification of data integrity.
The property that information is not made available or disclosed to unauthorised individuals, entities or processes.
Confidentiality protects sensitive information from disclosure. When it is stored locally, sensitive data can be protected by access controls or encryption mechanisms. For network communication security, sensitive data should be encrypted as it is transmitted from system to system.
Data collected and potentially used to facilitate a security audit.
The generation, storage, secure distribution and application of keys in accordance with a security policy.
Security mechanisms are technical tools and techniques used to implement the security services. Mechanisms may operate individually, or in concert with others, in providing a particular service.
This mechanism provides verification of the identity of the entity by comparing identification information provided by the entity to the content of a known and trusted information repository. This information may take the form of something the user knows, something the user has, or something the user is. For stronger verification, more than one of these characteristics may be required.
Access control lists are a form of information repository that contain data relative to the rights and permissions of access granted to each authenticated identity known to the system. Security labelling provides a mechanism to enhance or refine the levels of control imposed on a resource or entity. This is done by defining specific controls on the label tag itself.
Cryptography is the mechanism used to provide the confidentiality service. It is also used quite frequently in complementing some other mechanisms in providing total security solutions. Encipherment and decipherment essentially deal with the transformation of data and/or information from an intelligible format, to an unintelligible format, and back to an intelligible format. This is basically a mathematical process employing the use of keys (conversion factors) and algorithms that apply the key values against the data in a predetermined fashion.
Data integrity is supported by the use of some sort of checking code. Three methods of calculating the checking code are in common use: cyclic redundancy check (CRC), modification detection codes (MDC), and message authentication codes (MAC). A CRC is relatively easy to compute, and has typically been used to recognise hardware failures. It is a weak check for detecting attacks. An MDC is computed using cryptography, but no secret key is used. As a result, MDC is a much stronger check than CRC for it is very difficult to find a second message with the same MDC as the legitimate one. However, an MDC has the same delivery requirements as a CRC, in that a CRC or an MDC may be delivered with data by encrypting it using a secret key shared by the sender and the recipient. The MAC is cryptographically derived using a secret key shared by the sender and recipient, so it may be delivered with the data being protected without further trouble.
In addition to data integrity, non-repudiation services such as
digital signature are becoming more important to many customers.
Digital signatures provide proof of data origin and/or proof of delivery.
The first provides the recipient with proof of who the data sender
The second provides the sender with a receipt for the delivery