OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

cti-users message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: STIX 2.1 Proposal - IEP Data Marking Object


Hi All,

This proposal is for adding the ability to mark STIX objects using the FIRST Information Exchange Policy (IEP) Framework. This would be designed to support IEP 2.0 currently under development.

The IEP Framework is a FIRST backed initiative to help Organizations better define how recipients can use their threat intelligence. In other words  "What am I allowed to do with this intel?". Think of it as TLP with extra features!

IEP 1.0 was accepted for inclusion in STIX 2.0 but was eventually removed due to the lack of implementation detail. IEP 2.0 has rectified this with the inclusion of an additional separate detailed JSON Standard which provides the implementation detail needed. 

Please note: The IEP 2.0 documentation is not yet in the public domain as it is still under development by the FIRST IEP-SIG.

We expect the final version of IEP to be released in the next 2-3 months, which should easily fit into the STIX 2.1 development timeframe.

Please add this to the list of items to be included in STIX 2.1.

Cheers

Terry MacDonald | Chief Product Officer






Attachment: STIX2.1Proposal-InformationExchangePolicyMarkingObjectType2.pdf
Description: Adobe PDF document



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]