OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

cti message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [cti] Playing the "simpleton's advocate": how much complexity can we throw overboard?


So.. part of the reason it is so complex is that we are trying to re-implement what is essentially a rule language. If we actually *had* a real rule language, instead of all of these XML constructs, then we could simply use this language.

Imagine how much simpler Observables would be if we could do something like this


Taking this and turning it into CybOX would result in likely 2 dozen lines of XML.

IE... what makes the whole thing so complicated is we're trying to disil a rule language into XML tags.

I don't know what an answer is that doesn't involve "reinvent CybOX from the ground up", but that is the problem.

-
Jason Keirstead
Product Architect, Security Intelligence, IBM Security Systems
www.ibm.com/security | www.securityintelligence.com

Without data, all you are is just another person with an opinion - Unknown


Inactive hide details for "Jordan, Bret" ---09/21/2015 01:37:50 PM---So Jason, how do we do those things in a more sane manner "Jordan, Bret" ---09/21/2015 01:37:50 PM---So Jason, how do we do those things in a more sane manner and give more expressiveness so you can me

From: "Jordan, Bret" <bret.jordan@bluecoat.com>
To: Jason Keirstead/CanEast/IBM@IBMCA
Cc: "Grobauer, Bernd" <Bernd.Grobauer@siemens.com>, "cti@lists.oasis-open.org" <cti@lists.oasis-open.org>
Date: 09/21/2015 01:37 PM
Subject: Re: [cti] Playing the "simpleton's advocate": how much complexity can we throw overboard?




So Jason, how do we do those things in a more sane manner and give more expressiveness so you can meet your needs. I would like to make sure it is simple to understand and easy to use but also allows for rich expressiveness.


Thanks,

Bret



Bret Jordan CISSP
Director of Security Architecture and Standards | Office of the CTO
Blue Coat Systems
PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
[attachment "signature.asc" deleted by Jason Keirstead/CanEast/IBM]



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]