This sounds like something a bit different than a “database subcommittee” or a “data model subcommittee.” To me, it sounds like implementation or best practices.
I like it.. Good points.
Thanks,
Bret Bret Jordan CISSPDirector of Security Architecture and Standards | Office of the CTO Blue Coat Systems PGP Fingerprint: 62A6 5999 0F7D 0D61 4C66 D59C 2DB5 111D 63BC A303 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
Hi Bret,
I would like to see this expanded to cover 'implementation of STIX, TAXII and CybOX', such that it helps bridge the gap between the schema and reference libraries generated by the CybOX/TAXII/STIX SC and the people who are actually implementing them in their tools. Examples could be producing libraries in additional languages, producing database schemas, producing test results of different storage methods, maintaining a list of TAXII compatible products, maybe even performing testing and certification of new tools to confirm compliance in the future.
|