[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: OpenC2: A proposal for a new OASIS Technical Committee is being drafted
CTI TC, As proposed: The OASIS Open Command and Control (OpenC2) Technical Committee. The purpose of this technical committee is to create a standardized language for the command and control of technologies that provide or support cyber defenses [1]. The draft charter and non-normative information is located on googledocs at https://drive.google.com/drive/folders/0B2A_XQu_O5s-SmpXVDl4YVVPZmM If you or your company would be interested in registering your "Co-Proposer" support for this TC in the initial "Call for Comment" document, please contact jmbrule@nsa.gov for details. Thank you Very Respectfully, Joe Brule [1] Provisional draft language in the TC "Scope" statement The technical committee will draft documents, specifications, lexicons or other artifacts to fulfill the needs of cyber security command and control in a standardized manner. The technical committee will leverage pre-existing standards to the greatest extent practical, therefore identifying gaps pertaining to the command and control of technologies that provided or support cyber defenses is within the technical committee's scope of work. The technical committee will base its initial efforts on artifacts generated by the OpenC2 Forum. Prior to the creation of this TC, the OpenC2 Forum was a community of cyber-security stakeholders that was facilitated by the National Security Agency. The OpenC2 Forum drafted a language description document, actuator profiles and open source prototype implementations. This TC can leverage the pre-existing artifacts produced by the OpenC2 Forum to provide a foundation to base its development It is recognized that command and control of technologies is necessary but insufficient for cyber-security, therefore every effort will be made to ensure that artifacts produced will be done so in the context of being implementation agnostic and striving toward an architecture that decouples the functional blocks utilized by cyber-defense. Other implementation aspects such as such as transport, authentication, key management, cyber-threat sharing, situational awareness and other services are being addressed by other efforts and are beyond the scope of this technical committee. This technical committee will collaborate with other technical communities to ensure consistency and avoid duplicative efforts. In particular, this committee will work closely with the OASIS Cyber-threat Indicator Technical Committee (CTI TC). The OpenC2 Technical Committee will focus on the Acting or Response portion of cyber defense but recognizes that there are significant overlaps with the functional blocks associated with sensing, analytics and decision making. References: http://openc2.org/ http://openc2.org/docs/status_2017-02-17.pdf <http://openc2.org/docs/status_2017-02-17.pdf> !'
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]