[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: EXT :Re: Initial impressions: OCSF vs. OpenC2 data types
Thanks for finding that, and I agree that it is of particular interest. JADN of course is at the "data model" layer of CMF, but the examples are too simple to fully explore the relationships between data model and data (e.g. 4 byte IP addresses -> hex or type-specific
string.)
David From: openc2@lists.oasis-open.org <openc2@lists.oasis-open.org> on behalf of Lemire, Dave (HII-Mission Technologies) <david.lemire@hii-tsd.com>
Sent: Wednesday, August 24, 2022 9:52 AM To: duncan sfractal.com <duncan@sfractal.com>; TC OpenC2 <openc2@lists.oasis-open.org> Subject: [openc2] RE: EXT :Re: Initial impressions: OCSF vs. OpenC2 data types Also, if we’re going to talk about JADN and NIEM, this page may be of particular interest:
https://www.niem.gov/strategic-initiatives/niem-metamodel-and-common-model-format
This is a brief high-level explanation of the new NIEM metamodel and Common Model Format (CMF). It describes the relations between runtime data, development-time data models, and the data model for those data models (known as the metamodel) and lists the anticipated benefits of this new modeling approach.
Dave
__________________
From: Lemire, Dave (HII-Mission Technologies)
Duncan,
We can look at that; Mike is supportive. I was refreshing my NIEM knowledge starting w/Wikipedia, which includes this in the up-front material:
NIEM is currently transitioning to an OASIS Open Project. This initiative will formalize NIEM's designation as an official standard in national and international policy and procurement. The transition is in the early stages with completion anticipated at the end of 2023.
I don’t know what’s involved in that transition, but 18 months seems like quite a long time. More reading is required.
My first encounter was when I attended a knowledge session about NIEM some years ago and at the time it was being presented as mandatory for use within USG agencies, but I don’t see anything about that today. The NIEM About page emphasizes “NIEM can save organizations time and money by providing consistent, reusable, and repeatable data terms, definitions, and processes.” I’ve never actually encountered a project that was (to my knowledge) actually using it.
Dave
__________________
From: duncan sfractal.com <duncan@sfractal.com>
DaveL, Thank you for your excellent work. Would it be possible to also look at NIEM Cyber Domain at the same time. Although ignorant in this area, my gut is NIEM should get a higher priority than OCSF since NIEM is now an OASIS project with path to standardization while OCSF is a github project (albeit with some big players supporting) without a clear path to standardization (albeit I hope they become an OASIS project as well).
DaveK, Do either OCSF or NIEM lend themselves better to JADN? Would JADN be useful to help with the type of analysis DaveL is doing?
-- Duncan Sparrell sFractal Consulting LLC iPhone, iTypo, iApologize I welcome VSRE emails. Learn more at http://vsre.info [vsre.info]/
From: openc2@lists.oasis-open.org <openc2@lists.oasis-open.org>
on behalf of Lemire, Dave (HII-Mission Technologies) <david.lemire@hii-tsd.com> At our last TC meeting we spend some time discussing the recently announced Open Cybersecurity Schema Framework (OCSF). Just to get a sense, I started looking at the data types defined in OCSF, viewing them in their schema browser located at https://schema.ocsf.io/ [schema.ocsf.io]
The data types, specifically, are at https://schema.ocsf.io/data_types?extensions=
I haven’t yet dived into a careful point-by-point comparison, but have some initial observations:
Dave
__________________
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]