[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: Time-args slpf
Makes sense to me, do you think that we should move that up to the Language spec? Something like drop, reject, complete makes sense for packet filters, not so much for other actuators. Temporal arguments make sense for a wide (dare I say majority) range of actuators. Sound logical? -----Original Message----- From: openc2-actuator@lists.oasis-open.org <openc2-actuator@lists.oasis-open.org> On Behalf Of Vasileios Mavroeidis Sent: Tuesday, September 17, 2019 4:09 AM To: openc2-actuator@lists.oasis-open.org Cc: Vasileios Mavroeidis <vasileim@ifi.uio.no> Subject: [Non-DoD Source] [openc2-actuator] Time-args slpf Hi all, A suggestion for more refined time args regarding the SLPF that we may consider in the future. Currently, we support start_time, stop_time, and duration even though they make sense to have, a different categorization would be more useful, especially for packet filtering (many packet filters have this capability). Parent classes: -absolute or absolute_time -periodic or periodic_time Absolute_time can include start_time, stop_time, duration Periodic, it is what it sounds, and it can support the following: Monday Tuesday Wednesday Thursday Friday Saturday Sunday daily weekdays weekend start_time (without defined date) stop_time (without defined date) or duration (instead of using stop time) Best, Vasileios Mavroeidis â Security Researcher and Ph.D. Research Fellow Research Group of Information and Cyber Security (SECURITY) SecurityLab University of Oslo +47 40347666
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]