OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

cti message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Kinds of Sources

There are many different concepts of “sources” that we seem to be talking about:


·         The creator of the STIX/CybOX object

o   An individual/organization  (created manually via something like Soltra Edge), probably represented by an Identity object

o   Software, that creates STIX/CybOX objects automatically – no manual input

·         A similar object from outside the STIX model  (used to be external_ID in STIX 1.2) – NOT a CTI ID

·         A reference, like in a bibliography, which might be accessible via a URL – NOT a CTI object

·         An association to another type of STIX object – like CVE (assuming we represent Vulnerability as a STIX TLO)


Did I miss anything?


The original object could be the source of a translated object, but that seem better handled separately (as discussed in the recent I18N email threat).





[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]