[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Motion for Open Repository for the Common STIX objects
Hi all, As mentioned previously, MITRE has been asked by DHS/CISA to stand up a common object repository. After much thought, we think that it would be best hosted as an OASIS Open Repository.
This needs the approval of the TC. We hope that others find it useful and will contribute to the project.
See below for a detailed description of this proposed repository and some policy questions and answers. I move that the TC approve by unanimous consent requesting OASIS to set up an OASIS Open Repository project named cti-stix-common-objects using the following pieces of information: Purpose Statement: A repository of commonly used STIX objects that do not need to be created and shared by the CTI community. Initial Maintainers: Rich Piazza, Chris Lenk Open Source License: BSD-3-Clause License GitHub Name: cti-stix-common-objects Short Description: OASIS Common STIX Object Repository: a repository for commonly used STIX objects in order to avoid needless duplication
If there have been no objections before
Monday March 1 at 21:00 UTC (5:00 PM EST), I will submit the form [1] to ask OASIS to create the repository. Thank you, Rich Piazza [1] https://www.oasis-open.org/resources/tc-admin-requests/open-repository-request Rationale for the Repository Having such a repository of common CTI objects has always been on the âwish listâ of members of the OASIS CTI-TC.
Many entities in cyber threat intelligence are common and having many duplicate STIX objects to represent the same concept has always been seen as wasteful and problematic. Initial Contents of the Repository The initial content was created via a script:
Â
Location objects
o
All countries (compiled from Python pycountry package)
o
All States (constant in script)
o
All Canadian Provinces (constant in script)
o
All regions from specification in
region-ov
Â
Identity objects
o
One for the object creator (currently OASIS - identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a.json)
o
All sectors from specification in
industry-sector-ov
Â
Vulnerability objects
o
All 148,032 âpublishedâ CVEs
Other objects considered but rejected:
Â
ipv4-addr objects (too many â billions and billions)
Â
Data Markings
Â
Licenses â the text needs to be specific to the license holder, so no real common objects
Policies
IP Issues
This is where licensing information is stated. I assume that the default
BSD-3-Clause License will be used
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]