[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Fwd: [cti] Motion for Open Repository for the Common STIX objects
|
TAC TC: Rich Piazza of MITRE just sent this email out to the CTI TC asking for input on Common Objects for an OASIS Open Repository. It occurred to me that we should probably submit the Industry
Sector Vocabulary that Vasileios has developed for the Open
Vocabulary he is suggesting, below (industry-sector-ov).Â
It builds on the STIX 2.1 OV and extends it to include other key
industry sector frameworks. The Open Vocab for the 148,032 Vulnerability Objects will also be helpful to our endeavor within the TAC TC. Best regards, Jane Ginn -------- Forwarded Message --------
Hi all, Â As mentioned
previously, MITRE has been asked by DHS/CISA to stand up a
common object repository. After much thought, we think that
it would be best hosted as anÂOASIS Open Repository.Â
This needs the approval of the TC. We hope that
others find it useful and will contribute to the project.Â
See below for a
detailed description of this proposed repository and some
policy questions and answers. Â Â I move that
the TC approve by unanimous consent requesting OASIS to
set up an OASIS Open Repository project named
cti-stix-common-objects using the following pieces of
information: Â Purpose
Statement: A repository of commonly used STIX objects that
do not need to be created and shared by the CTI community. Â Initial
Maintainers: Rich Piazza, Chris Lenk  Open Source
License: BSD-3-Clause License  GitHub Name: cti-stix-common-objects  Short
Description: OASIS Common STIX Object Repository: a
repository for commonly used STIX objects in order to avoid
needless duplication
  If there have
been no objections before
Monday March 1 at 21:00 UTC (5:00 PM EST), I will
submit the form [1] to ask OASIS to create the repository.  Thank you, Rich Piazza  [1]Âhttps://www.oasis-open.org/resources/tc-admin-requests/open-repository-request  Rationale for the Repository  Having such a
repository of common CTI objects has always been on the
âwish listâ of members of the OASIS CTI-TC.
Many entities in cyber
threat intelligence are common and having many duplicate
STIX objects to represent the same concept has always been
seen as wasteful and problematic.  Initial Contents of the Repository  Â The initial content was
created via a script: Â
ÂÂÂÂÂÂÂÂÂ
Location objects
oÂÂÂ
All countries (compiled from Python
pycountry package)
oÂÂÂ
All States (constant in script)
oÂÂÂ
All Canadian Provinces (constant in
script)
oÂÂÂ
All regions from specification in
region-ov
ÂÂÂÂÂÂÂÂÂ
Identity objects
oÂÂÂ
One for the object creator (currently
OASIS - identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a.json)
oÂÂÂ
All sectors from specification in
industry-sector-ov
ÂÂÂÂÂÂÂÂÂ
Vulnerability objects
oÂÂÂ
All 148,032 âpublishedâ CVEs Â
Other objects considered but
rejected:
Â
ÂÂÂÂÂÂÂÂÂ
ipv4-addr objects (too many â billions
and billions)
ÂÂÂÂÂÂÂÂÂ
Data Markings
ÂÂÂÂÂÂÂÂÂ
Licenses â the text needs to be specific
to the license holder, so no realÂcommonÂobjects
 Policies Â
 IP Issues Â
This is where licensing information is
stated. I assume that the default
BSD-3-Clause License will be used
   |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]