OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

cti-stix message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [cti-stix] next versions, frontiers, and roadmaps

Hi Trey,

As mentioned in a note at yesterday's meeting,
the GSMA Fraud and Security Group (FASG) has
two  extremely active provider-vendor subgroups
that deal with both device security and mobile
malware.  (The GSMA is the London based principal
global organization of mobile providers.)  Typically
threats are reported to them confidentially at about
the same point as the vendor is contacted and CVEs
are created, or somebody pops up at DEVCON, CCC,
etc.  GSMA has long planned to create within itself
a structured means for exchanging this information.

There are two crossovers with the NFV/virtualization
security world.  One is via 3GPP SA5 and SA3 into the
ISG NGV security group.  Another is into the ISG MEC
group.  The former is converting the mobile infrastructure
to NFV.  The latter is adding Mobile Edge Computing
data centers into the infrastructure.  (Think cabletTV
headends).

Already, NFV SEC has several work items that are
effectively "STIX ready."

The GSMA material is unfortunately not publicly
available, but there are several ways to get around
that.  The NFV and MEC material can be found off
the ETSI secretariat portal.
https://portal.etsi.org/tb.aspx?tbid=789&SubTB=789,832,831,801,798,799,802,828
https://portal.etsi.org/tb.aspx?tbid=826&SubTB=826,835

--tony

On 2015-11-20 7:16 AM, Trey Darley wrote:

On 20.11.2015 07:09:31, Tony Rutkowski wrote:

One of the areas of growing importance that oddly seems missing is
some focus on applying STIX and the subtending capabilities to
virtualization/NFV environments. Seems worth adding it as a bullet
somewhere.


Good eye, Tony! Just yesterday Ivan and I were going through the CybOX
objects and aligning them to use cases. We observed that
(embarrasingly) despite all the mobile malware out there, CybOX
utterly fails to address this. Likewise, we take your comment about
the need to address virtualization on board and will incorporate that
into our planning.

Great feedback, Tony, keep it coming!!!

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]