[NexofRA09], section 4.3.7 "Management", paragraph 4, highlights the need for operational monitoring. While such monitoring is not a requirement for technical interoperability of TAS3 framework, it will be necessary to maintain reputation of TAS3 Service Provider and/or Trust Guarantor. This topic, which addresses Req. D1.2-1.6, is not an area for TAS3 research work. Consequently:
Standard operations monitoring approaches such as SNMP [RFC1157] and Nagios [Nagios] SHOULD be implemented.
Each organization in the Trust Network MUST be protected by network level firewall or packet filter. Any deny events from the firewall SHOULD be fed to the Intrusion Detection Channel of the Audit Event Bus.
Each organization in the Trust Network SHOULD operate an Intrusion Detection System (IDS) to
Detect well known attacks (e.g. ping of death)
Port scanning
Abusive patterns of usage
Any suspicious events from the IDS SHOULD be fed to the Intrusion Detection Channel of the Audit Event Bus.