[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] (CSAF-13) Analysis of "Vulnerability Description Ontology (VDO)" and any possible relation to CSAF work products
Stefan Hagen created CSAF-13: -------------------------------- Summary: Analysis of "Vulnerability Description Ontology (VDO)" and any possible relation to CSAF work products Key: CSAF-13 URL: https://issues.oasis-open.org/browse/CSAF-13 Project: OASIS Common Security Advisory Framework (CSAF) TC Issue Type: Task Environment: [New] Reporter: Stefan Hagen Priority: Critical This issue (task) is one of many similar formal issues formalizing the TCs process to analyse similar work. It deals with the analysis of the "EISPP Common Advisory Format" (cf. http://www.cert-ist.com/eispp/documents.htm#common_format ), which has been named explicitedly as similar work in section (2)(a) "Identification of Similar Work" of the "OASIS Common Security Advisory Framework (CSAF) Technical Committee Charter" (cf. http://www.oasis-open.org/committees/csaf/charter.php ). This issue allows us to track and document progress and findings of the CSAF TC of the following: 1. understand and summarize EISPP 2. ensure synergy potentials are identified 3. discussion of the relation to and reaction on EISPP 4. documentation of result When checked at 2016-11-24 the (HTML format) document tree root referenced existed at the URL http://www.cert-ist.com/eispp/documents.htm#common_format and some bibliographic data identified was: URL = http://www.cert-ist.com/eispp/documents.htm#common_format Authors/Editors = N.N. (?) AuthorInstitution = N.N. / IST / EISPP Consortium (?) DocumentDate = 2004-05-20 DocumentTitle = VULDEF: The VULnerability Data publication and Exchange Format data model DocumentStatus == """ This document describes a corner stone of the EISPP approach towards supplying SMEs with security advisories: a common advisory format, which will enable an easy exchange of advisory data between the four CERTs participating in EISPP. The advisory format merges the best-practice information regarding security advisories of these four CERTs. """ DocumentCopyright = "©EISPP Consortium" (!) Abstract == """ (content taken from Executive Summary of LinkedData::Instance[1]) The European Information Security Promotion Programme (EISPP) strives to set up a network of expertise with the aim of providing European SMEs with those IT Security services that give them the necessary trust in e-commerce to develop their businesses in that direction. EISPP is a project fund by the EU through the fifth European Framework Program within the thematic program Information Society Technologies (IST). Further information about EISPP can be found at its website, http://www.eispp.org/. Probably the most important security service SMEs have to be provided with, is an advisory service, i.e., the distribution of so-called security advisories that provides system administrators with precise and timely information about new vulnerabilities and what can be done against them. Such information is absolutely essential for IT security, because new vulnerabilities are discovered on a daily basis. IT systems can only be kept secure, if they are regularly upgraded or patched such that the latest security holes are closed again. This document describes a corner stone of the EISPP approach towards supplying SMEs with security advisories: a common advisory format, which will enable an easy exchange of advisory data between the four CERTs participating in EISPP. The advisory format merges the best-practice information regarding security advisories of these four CERTs. The format is defined using XML, so the various standards and standard tools of the XML-family can be used for advisory processing. The XML data-type description of this (and future versions) of the format, together with sample XSLT style sheets for displaying advisory data, are made publicly available on EISPP's website http://www.eispp.org. """ LinkedDataInstanceCount = 3 LinkedData::Instance[1]: LinkedData = http://www.cert-ist.com/eispp/commonformat_2_0.pdf LinkedDataDetails = EISPP Common Advisory Format Description LinkedDataId = EISPP-D3-001-TR LinkedDataVersion = "2.0" LinkedDAtaDate = 2004-05-20 LinkedData::Instance[2]: LinkedData = http://www.cert-ist.com/eispp/valuelist_2_0.pdf LinkedDataDetails = EISPP Common Advisory Format Description: Value Lists LinkedDataId = EISPP-D3-001b-TR LinkedDataVersion = "2.0" LinkedDAtaDate = 2004-05-20 LinkedData::Instance[3]: LinkedData = http://www.cert-ist.com/eispp/eispp_v20.dtd.txt LinkedDataDetails = Linked from entry document, contains dtd implementation of EISPP CAFD LinkedDataVersion = "2.0" -- This message was sent by Atlassian JIRA (v6.2.2#6258)
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]