cti-taxii message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Re: [cti-taxii] Question about multiple trust group support
- From: "Jason Keirstead" <Jason.Keirstead@ca.ibm.com>
- To: "Jordan, Bret" <bret.jordan@bluecoat.com>
- Date: Tue, 29 Sep 2015 17:13:53 -0300
I agree - it could work that way. But it could also work the other way. The problem is - if you specify enrollment as part of the spec, then *everyone* needs to support that*, and the other way is now not possible.
*Unless it is part of some type of auto-enroll profile that is not mandatory.
-
Jason Keirstead
Product Architect, Security Intelligence, IBM Security Systems
www.ibm.com/security | www.securityintelligence.com
Without data, all you are is just another person with an opinion - Unknown
"Jordan, Bret" ---2015/09/29 05:06:21 PM---Jason, I could see a cloud TAXII server allowing short-lived on-the-fly channels to be setup, very s
From: "Jordan, Bret" <bret.jordan@bluecoat.com>
To: Jason Keirstead/CanEast/IBM@IBMCA, "cti-taxii@lists.oasis-open.org" <cti-taxii@lists.oasis-open.org>
Date: 2015/09/29 05:06 PM
Subject: Re: [cti-taxii] Question about multiple trust group support
Jason,
I could see a cloud TAXII server allowing short-lived on-the-fly channels to be setup, very similar to the way cloud based chat / IRC servers work today. I could also see the person setting up the channel specifying a group password or some sort of auth-token to control who can join it, or even specifying a list of email address that are allowed to join it (think Slack auto-enroll).
Thanks,
Bret
Bret Jordan CISSP
Director of Security Architecture and Standards | Office of the CTO
Blue Coat Systems
PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
On Sep 29, 2015, at 13:17, Jason Keirstead <Jason.Keirstead@ca.ibm.com> wrote:
RE the below:
Realizing that these two people will NEED and WANT to create their own permissions to make sure only they can see each others CTI information. This has two steps:
I would assert this is not necessarily true. If there is a TAXII server in the cloud, and I am paying for access to it as a client - I would not expect that I have administrative control over that service and that I can make my own sharing channels. Rather I would just expect them to tell me what channel or channels to use, and I would use those. Those channels might be sourcing data from other internal data structures, the idea that I can always create them for every service doesn't make sense.
-
Jason Keirstead
Product Architect, Security Intelligence, IBM Security Systems
www.ibm.com/security | www.securityintelligence.com
Without data, all you are is just another person with an opinion - Unknown
<graycol.gif>"Jordan, Bret" ---2015/09/29 02:49:17 PM---I do not disagree with you. And I can fully understand the desire for there to be a tear line / Chi
From: "Jordan, Bret" <bret.jordan@bluecoat.com>
To: Jason Keirstead/CanEast/IBM@IBMCA
Cc: Mark Davidson <mdavidson@mitre.org>, Terry MacDonald <terry.macdonald@threatloop.com>, "Thompson, Dean" <Dean.Thompson@anz.com>, "cti-taxii@lists.oasis-open.org" <cti-taxii@lists.oasis-open.org>
Date: 2015/09/29 02:49 PM
Subject: Re: [cti-taxii] Question about multiple trust group support
Sent by: <cti-taxii@lists.oasis-open.org>
[attachment "signature.asc" deleted by Jason Keirstead/CanEast/IBM]
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]