Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Revocation severity levels and context #48

Open
THS-on opened this issue Jun 8, 2021 · 2 comments
Open

Revocation severity levels and context #48

THS-on opened this issue Jun 8, 2021 · 2 comments
Labels

Comments

@THS-on
Copy link
Member

THS-on commented Jun 8, 2021

Enhancement Description

  • One-line enhancement description (can be used as a release note): Adding support for severity levels and (user provided) context to revocation events.
  • Keylime Enhancement Proposal: Proposal for revocation severity levels and context #47
  • Primary contact (assignee): @THS-on
  • Enhancement target (which target equals to which milestone):
    • Alpha release target (x.y)
    • Beta release target (x.y)
    • Stable release target (x.y)

Please to keep this description up to date.

THS-on added a commit to THS-on/keylime that referenced this issue Aug 2, 2021
Currently Keylime operates in a binary state when it comes failures that cause
revocations and does not collect information where and why that revocation
happened.

This commit introduces the tagging and collection infrastructure and
configuration for revocation events and adding context to them.

SeverityLabel
    Has a name that can be set in the keylime.conf and a severity that is
    dynamically calculated based on the order in the configuration.

Components
    Is a enumeration that contains the main components of Keylime that can cause
    events. Must be specified when creating a Failure object.

Event
    Holds a revocation event. An event can be identified by their event_id which
    has the format: "component.[sub_component].event"
    The severity is automatically assigned based on the event_id.
    The event contains a context which is string encoded JSON object.
    An event must be marked irrecoverable if other validation steps are skipped
    by early returning.

Failure
    Holds a collection of events and provides add_event(...) for adding new
    events to it and merge(...) to merge it with another Failure object.

    Is False if no events are currently in the Failure object and is otherwise
    True.

Future changes that cause a revocation must extend and return a Failure object
instead of returning a boolean value.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Aug 2, 2021
Currently Keylime operates in a binary state when it comes failures that cause
revocations and does not collect information where and why that revocation
happened.

This commit introduces the tagging and collection infrastructure and
configuration for revocation events and adding context to them.

SeverityLabel
    Has a name that can be set in the keylime.conf and a severity that is
    dynamically calculated based on the order in the configuration.

Components
    Is a enumeration that contains the main components of Keylime that can cause
    events. Must be specified when creating a Failure object.

Event
    Holds a revocation event. An event can be identified by their event_id which
    has the format: "component.[sub_component].event"
    The severity is automatically assigned based on the event_id.
    The event contains a context which is string encoded JSON object.
    An event must be marked irrecoverable if other validation steps are skipped
    by early returning.

Failure
    Holds a collection of events and provides add_event(...) for adding new
    events to it and merge(...) to merge it with another Failure object.

    Is False if no events are currently in the Failure object and is otherwise
    True.

Future changes that cause a revocation must extend and return a Failure object
instead of returning a boolean value.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Aug 10, 2021
Currently Keylime operates in a binary state when it comes failures that cause
revocations and does not collect information where and why that revocation
happened.

This commit introduces the tagging and collection infrastructure and
configuration for revocation events and adding context to them.

SeverityLabel
    Has a name that can be set in the keylime.conf and a severity that is
    dynamically calculated based on the order in the configuration.

Components
    Is a enumeration that contains the main components of Keylime that can cause
    events. Must be specified when creating a Failure object.

Event
    Holds a revocation event. An event can be identified by their event_id which
    has the format: "component.[sub_component].event"
    The severity is automatically assigned based on the event_id.
    The event contains a context which is string encoded JSON object.
    An event must be marked irrecoverable if other validation steps are skipped
    by early returning.

Failure
    Holds a collection of events and provides add_event(...) for adding new
    events to it and merge(...) to merge it with another Failure object.

    Is False if no events are currently in the Failure object and is otherwise
    True.

Future changes that cause a revocation must extend and return a Failure object
instead of returning a boolean value.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Aug 30, 2021
…eylime

Currently Keylime operates in a binary state when it comes failures that cause
revocations and does not collect information where and why that revocation
happened.

This commit introduces the tagging and collection infrastructure and
configuration for revocation events and adding context to them.

SeverityLabel
    Has a name that can be set in the keylime.conf and a severity that is
    dynamically calculated based on the order in the configuration.

Components
    Is a enumeration that contains the main components of Keylime that can cause
    events. Must be specified when creating a Failure object.

Event
    Holds a revocation event. An event can be identified by their event_id which
    has the format: "component.[sub_component].event"
    The severity is automatically assigned based on the event_id.
    The event contains a context which is string encoded JSON object.
    An event must be marked irrecoverable if other validation steps are skipped
    by early returning.

Failure
    Holds a collection of events and provides add_event(...) for adding new
    events to it and merge(...) to merge it with another Failure object.

    Is False if no events are currently in the Failure object and is otherwise
    True.

Future changes that cause a revocation must extend and return a Failure object
instead of returning a boolean value.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Aug 30, 2021
Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Aug 30, 2021
Currently only has one event id. If necessary can be extended such that
policies can generate their own event ids.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Aug 30, 2021
Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Aug 30, 2021
We only send notifications if a event with a higher severity level was
generated and save the severity level (as integer) and the first event id
that generated the failure with that level in the database.

The current design assumes that when a device is added no failures should
occur on the first validation to mark the device as in use to recive
revocation notifcations.

If a failure is generated that is irrecoverable we stop polling the agent.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Aug 30, 2021
…eylime

Currently Keylime operates in a binary state when it comes failures that cause
revocations and does not collect information where and why that revocation
happened.

This commit introduces the tagging and collection infrastructure and
configuration for revocation events and adding context to them.

SeverityLabel
    Has a name that can be set in the keylime.conf and a severity that is
    dynamically calculated based on the order in the configuration.

Components
    Is a enumeration that contains the main components of Keylime that can cause
    events. Must be specified when creating a Failure object.

Event
    Holds a revocation event. An event can be identified by their event_id which
    has the format: "component.[sub_component].event"
    The severity is automatically assigned based on the event_id.
    The event contains a context which is string encoded JSON object.
    An event must be marked irrecoverable if other validation steps are skipped
    by early returning.

Failure
    Holds a collection of events and provides add_event(...) for adding new
    events to it and merge(...) to merge it with another Failure object.

    Is False if no events are currently in the Failure object and is otherwise
    True.

Future changes that cause a revocation must extend and return a Failure object
instead of returning a boolean value.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Aug 30, 2021
Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Aug 30, 2021
Currently only has one event id. If necessary can be extended such that
policies can generate their own event ids.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Aug 30, 2021
Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Aug 30, 2021
We only send notifications if a event with a higher severity level was
generated and save the severity level (as integer) and the first event id
that generated the failure with that level in the database.

The current design assumes that when a device is added no failures should
occur on the first validation to mark the device as in use to recive
revocation notifcations.

If a failure is generated that is irrecoverable we stop polling the agent.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Sep 8, 2021
…eylime

Currently Keylime operates in a binary state when it comes failures that cause
revocations and does not collect information where and why that revocation
happened.

This commit introduces the tagging and collection infrastructure and
configuration for revocation events and adding context to them.

SeverityLabel
    Has a name that can be set in the keylime.conf and a severity that is
    dynamically calculated based on the order in the configuration.

Components
    Is a enumeration that contains the main components of Keylime that can cause
    events. Must be specified when creating a Failure object.

Event
    Holds a revocation event. An event can be identified by their event_id which
    has the format: "component.[sub_component].event"
    The severity is automatically assigned based on the event_id.
    The event contains a context which is string encoded JSON object.
    An event must be marked irrecoverable if other validation steps are skipped
    by early returning.

Failure
    Holds a collection of events and provides add_event(...) for adding new
    events to it and merge(...) to merge it with another Failure object.

    Is False if no events are currently in the Failure object and is otherwise
    True.

Future changes that cause a revocation must extend and return a Failure object
instead of returning a boolean value.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Sep 8, 2021
Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Sep 8, 2021
Currently only has one event id. If necessary can be extended such that
policies can generate their own event ids.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Sep 8, 2021
Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Sep 8, 2021
We only send notifications if a event with a higher severity level was
generated and save the severity level (as integer) and the first event id
that generated the failure with that level in the database.

The current design assumes that when a device is added no failures should
occur on the first validation to mark the device as in use to recive
revocation notifcations.

If a failure is generated that is irrecoverable we stop polling the agent.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Sep 8, 2021
…eylime

Currently Keylime operates in a binary state when it comes failures that cause
revocations and does not collect information where and why that revocation
happened.

This commit introduces the tagging and collection infrastructure and
configuration for revocation events and adding context to them.

SeverityLabel
    Has a name that can be set in the keylime.conf and a severity that is
    dynamically calculated based on the order in the configuration.

Components
    Is a enumeration that contains the main components of Keylime that can cause
    events. Must be specified when creating a Failure object.

Event
    Holds a revocation event. An event can be identified by their event_id which
    has the format: "component.[sub_component].event"
    The severity is automatically assigned based on the event_id.
    The event contains a context which is string encoded JSON object.
    An event must be marked irrecoverable if other validation steps are skipped
    by early returning.

Failure
    Holds a collection of events and provides add_event(...) for adding new
    events to it and merge(...) to merge it with another Failure object.

    Is False if no events are currently in the Failure object and is otherwise
    True.

Future changes that cause a revocation must extend and return a Failure object
instead of returning a boolean value.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Sep 8, 2021
Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Sep 8, 2021
Currently only has one event id. If necessary can be extended such that
policies can generate their own event ids.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Sep 8, 2021
Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Sep 8, 2021
We only send notifications if a event with a higher severity level was
generated and save the severity level (as integer) and the first event id
that generated the failure with that level in the database.

The current design assumes that when a device is added no failures should
occur on the first validation to mark the device as in use to recive
revocation notifcations.

If a failure is generated that is irrecoverable we stop polling the agent.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Sep 13, 2021
…eylime

Currently Keylime operates in a binary state when it comes failures that cause
revocations and does not collect information where and why that revocation
happened.

This commit introduces the tagging and collection infrastructure and
configuration for revocation events and adding context to them.

SeverityLabel
    Has a name that can be set in the keylime.conf and a severity that is
    dynamically calculated based on the order in the configuration.

Components
    Is a enumeration that contains the main components of Keylime that can cause
    events. Must be specified when creating a Failure object.

Event
    Holds a revocation event. An event can be identified by their event_id which
    has the format: "component.[sub_component].event"
    The severity is automatically assigned based on the event_id.
    The event contains a context which is string encoded JSON object.
    An event must be marked irrecoverable if other validation steps are skipped
    by early returning.

Failure
    Holds a collection of events and provides add_event(...) for adding new
    events to it and merge(...) to merge it with another Failure object.

    Is False if no events are currently in the Failure object and is otherwise
    True.

Future changes that cause a revocation must extend and return a Failure object
instead of returning a boolean value.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Sep 13, 2021
Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Sep 13, 2021
Currently only has one event id. If necessary can be extended such that
policies can generate their own event ids.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Sep 13, 2021
Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Sep 13, 2021
We only send notifications if a event with a higher severity level was
generated and save the severity level (as integer) and the first event id
that generated the failure with that level in the database.

The current design assumes that when a device is added no failures should
occur on the first validation to mark the device as in use to recive
revocation notifcations.

If a failure is generated that is irrecoverable we stop polling the agent.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Sep 13, 2021
…eylime

Currently Keylime operates in a binary state when it comes failures that cause
revocations and does not collect information where and why that revocation
happened.

This commit introduces the tagging and collection infrastructure and
configuration for revocation events and adding context to them.

SeverityLabel
    Has a name that can be set in the keylime.conf and a severity that is
    dynamically calculated based on the order in the configuration.

Components
    Is a enumeration that contains the main components of Keylime that can cause
    events. Must be specified when creating a Failure object.

Event
    Holds a revocation event. An event can be identified by their event_id which
    has the format: "component.[sub_component].event"
    The severity is automatically assigned based on the event_id.
    The event contains a context which is string encoded JSON object.
    An event must be marked irrecoverable if other validation steps are skipped
    by early returning.

Failure
    Holds a collection of events and provides add_event(...) for adding new
    events to it and merge(...) to merge it with another Failure object.

    Is False if no events are currently in the Failure object and is otherwise
    True.

Future changes that cause a revocation must extend and return a Failure object
instead of returning a boolean value.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Sep 13, 2021
Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Sep 13, 2021
Currently only has one event id. If necessary can be extended such that
policies can generate their own event ids.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Sep 13, 2021
Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
THS-on added a commit to THS-on/keylime that referenced this issue Sep 13, 2021
We only send notifications if a event with a higher severity level was
generated and save the severity level (as integer) and the first event id
that generated the failure with that level in the database.

The current design assumes that when a device is added no failures should
occur on the first validation to mark the device as in use to recive
revocation notifcations.

If a failure is generated that is irrecoverable we stop polling the agent.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
mpeters pushed a commit to keylime/keylime that referenced this issue Sep 13, 2021
…eylime

Currently Keylime operates in a binary state when it comes failures that cause
revocations and does not collect information where and why that revocation
happened.

This commit introduces the tagging and collection infrastructure and
configuration for revocation events and adding context to them.

SeverityLabel
    Has a name that can be set in the keylime.conf and a severity that is
    dynamically calculated based on the order in the configuration.

Components
    Is a enumeration that contains the main components of Keylime that can cause
    events. Must be specified when creating a Failure object.

Event
    Holds a revocation event. An event can be identified by their event_id which
    has the format: "component.[sub_component].event"
    The severity is automatically assigned based on the event_id.
    The event contains a context which is string encoded JSON object.
    An event must be marked irrecoverable if other validation steps are skipped
    by early returning.

Failure
    Holds a collection of events and provides add_event(...) for adding new
    events to it and merge(...) to merge it with another Failure object.

    Is False if no events are currently in the Failure object and is otherwise
    True.

Future changes that cause a revocation must extend and return a Failure object
instead of returning a boolean value.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
mpeters pushed a commit to keylime/keylime that referenced this issue Sep 13, 2021
Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
mpeters pushed a commit to keylime/keylime that referenced this issue Sep 13, 2021
Currently only has one event id. If necessary can be extended such that
policies can generate their own event ids.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
mpeters pushed a commit to keylime/keylime that referenced this issue Sep 13, 2021
Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
mpeters pushed a commit to keylime/keylime that referenced this issue Sep 13, 2021
We only send notifications if a event with a higher severity level was
generated and save the severity level (as integer) and the first event id
that generated the failure with that level in the database.

The current design assumes that when a device is added no failures should
occur on the first validation to mark the device as in use to recive
revocation notifcations.

If a failure is generated that is irrecoverable we stop polling the agent.

Part of enhancement proposal keylime/enhancements#48

Signed-off-by: Thore Sommer <[email protected]>
@mpeters
Copy link
Member

mpeters commented Feb 3, 2022

@THS-on I believe this enhancement issue can be closed, correct?

@THS-on
Copy link
Member Author

THS-on commented Feb 3, 2022

I like to keep this open till we tested that feature in more production and added better documentation.

@THS-on THS-on added the backlog label Jul 13, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants