[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Request-response over pub/sub for openC2
Openc2 members, I received a request for technical assistance on openc2 over mqtt spec from Mr Brule earlier today. I am responding to oasis relay as recommended by Mr Brule.
The discussion is around setting up topics. > Would you set up a topic that is 'action' so an orchestrator would
> post a 'deny evil_domain' then would you set up another topic 'response_action'
> so any actuator that could act on the deny evil domain would post
> its ack on the 'response_deny' channel? Or would you guys make the
>topics more device centric, so there would be a topic that is 'gateway_routers' > and the orchestrator posts the commands there then each
> router would have its own topic 'router_one', 'router_two' etc. to post its response. There are a few challenges to the openc2 spec in terms of pub sub. Openc2 messaging specifies request-response semantics, which is a different message pattern vis-Ã-vis pub-sub. The way we may manage req-res over pub-sub is as below (as
implemented in McAfee opendxl )
Happy to discuss further on the thread Sudeep Das Principal Engineer McAfee LLC |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]