Re: [scap_interest] IETF SCAP and ITU-T CYBEX synergies and cooperation
Sean Turner <turners@ieca.com> Wed, 20 October 2010 21:18 UTC
Return-Path: <turners@ieca.com>
X-Original-To: scap_interest@core3.amsl.com
Delivered-To: scap_interest@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7A2E43A67FB for <scap_interest@core3.amsl.com>; Wed, 20 Oct 2010 14:18:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.598
X-Spam-Level:
X-Spam-Status: No, score=-102.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, UNPARSEABLE_RELAY=0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kKxVjpKUTGMZ for <scap_interest@core3.amsl.com>; Wed, 20 Oct 2010 14:18:11 -0700 (PDT)
Received: from nm4-vm0.bullet.mail.ac4.yahoo.com (nm4-vm0.bullet.mail.ac4.yahoo.com [98.139.53.206]) by core3.amsl.com (Postfix) with SMTP id 8769C3A681E for <scap_interest@ietf.org>; Wed, 20 Oct 2010 14:18:10 -0700 (PDT)
Received: from [98.139.52.188] by nm4.bullet.mail.ac4.yahoo.com with NNFMP; 20 Oct 2010 21:19:41 -0000
Received: from [98.139.52.177] by tm1.bullet.mail.ac4.yahoo.com with NNFMP; 20 Oct 2010 21:19:41 -0000
Received: from [127.0.0.1] by omp1060.mail.ac4.yahoo.com with NNFMP; 20 Oct 2010 21:19:40 -0000
X-Yahoo-Newman-Id: 794612.73261.bm@omp1060.mail.ac4.yahoo.com
Received: (qmail 65519 invoked from network); 20 Oct 2010 20:48:08 -0000
Received: from thunderfish.local (turners@96.231.127.199 with plain) by smtp112.biz.mail.re2.yahoo.com with SMTP; 20 Oct 2010 13:48:08 -0700 PDT
X-Yahoo-SMTP: ZrP3VLSswBDL75pF8ymZHDSu9B.vcMfDPgLJ
X-YMail-OSG: 1Biik5cVM1mZu_V9txW556p9YKJerYHWvGINv8clP2HRl5O .CS8fbZZVyogMcG_osi6Y4LrhhjeT0sdr8LkfDT0DJLjvuD0xiij5vuDvAxp CGfn99QGdQsixQJeTpOomxskGc3aVONsRvQjkGc_4nO4ZCZRU64Xyq7IVG.Z XX734UePaxesppEKEr3zaHgcjyNpWcbJsRZPPGJSrzMPExI.YHdUs2Kcg.ye 33LI7wMNbDqY1Ftda.mV_ZfdfGimlhTTrTpb7qBQT
X-Yahoo-Newman-Property: ymail-3
Message-ID: <4CBF5589.406@ieca.com>
Date: Wed, 20 Oct 2010 16:48:09 -0400
From: Sean Turner <turners@ieca.com>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.11) Gecko/20101013 Lightning/1.0b2 Thunderbird/3.1.5
MIME-Version: 1.0
To: scap_interest@ietf.org
References: <4CBF515C.4090507@yaanatech.com>
In-Reply-To: <4CBF515C.4090507@yaanatech.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: Malcolm Johnson <Malcolm.Johnson@itu.int>, Kent_Landfield@McAfee.com
Subject: Re: [scap_interest] IETF SCAP and ITU-T CYBEX synergies and cooperation
X-BeenThere: scap_interest@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Discussion List for IETFers interested in the Security Content Automation Protocol \(SCAP\)." <scap_interest.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/scap_interest>, <mailto:scap_interest-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scap_interest>
List-Post: <mailto:scap_interest@ietf.org>
List-Help: <mailto:scap_interest-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scap_interest>, <mailto:scap_interest-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Oct 2010 21:18:14 -0000
Also note that there is the following draft: https://datatracker.ietf.org/doc/draft-takahashi-cybex-intro/ spt On 10/20/10 4:30 PM, Tony Rutkowski wrote: > Dear all, > > At the ITU-T cybersecurity standards group (Q4/17) > interim meeting in Tokyo last week, the participants > noted the new effort to introduce into the IETF some of > the systems assurance standards under the general aegis > the SCAP BOF and this interest list. > > An effort leveraging the same concepts and underlying > standardization work was started within the ITU-T last > year among an array of industry and government > participants and organizations for outlining ways of > sharing and exchanging structured information, that is > called the Cybersecurity Information Exchange Framework > or CYBEX for short. CYBEX identified the entire array > of information assurance, incident response, forensics > and trust specifications - most of which were in use or > under development in the respective communities - as > part of this Framework. The CYBEX framework is > scheduled for approval as as Recommendation ITU-T > X.1500, together with CVE and CVSS as X.1520 and X.1521 > respectively. Many others are in various stages of > maturity. The editors of X.1500 include US DHS, > Japan's NICT, MITRE, Microsoft, FIRST, Cisco, and Yaana > Technologies. > > Part of that framework of course includes the use of > security automation schemas such as SCAP as a means > to facilitate systems, services, devices of all kinds > to make them "measurably" secure as to potential > vulnerabilities and threats. The U.S. federal > system implementation of SCAP is included as an > example in the X.1500 appendix, as is a similar > implementation in Japan known as JVN. > > The vision includes the potential development, use, and > evolution of innumerable numbers of public and private > security automation schemas for innumerable systems, > services, and devices - similar in many ways to the > deployment of network management MIBs over the past 25 > years. The IETF is one of many standards bodies that > should be developing security content automation schemas, > and the BOF list plus a scheduled event at the upcoming > Beijing IETF meeting next month is an important step in > that direction. > > This development was discussed at some length at the > Tokyo Interim Meeting and there was significant > enthusiasm for working with IETF (and many other > standards bodies) in developing these implementations > for their standards based protocols and services. > Also demonstrated in Tokyo was the rather remarkable > work demonstrated by the Japan network security > community of a RDF-based discovery mechanism for CYBEX > should be an essential mechanism for enabling use of > all the many distributed instances of security > automation schema. The platform is part of a CYBEX > discovery specification designated X.cybex-discovery. > In addition, an entire new OID Arc 2.48 has been > allocated for cybersecurity information exchange > structured identity purposes. > > Dr. Takehashi of NICT, as well as Q4/17 associate > rapporteur Dr. Kadobayashi of NAIST, who have been > developing CYBEX related concepts, tools, and > implementations within Japan's ICT security > community, will be present in Beijing for the IETF > meeting, and we hope can contribute to the SCAP BOF. > > An introduction to CYBEX is attached that was presented > last week to the Japan ICT security technical community > hosted by ISOG-J prior to the ITU-T Interim Meeting. > > --tony rutkowski, ITU-T Q.4/17 (cybersecurity) Rapporteur > > > > _______________________________________________ > scap_interest mailing list > scap_interest@ietf.org > https://www.ietf.org/mailman/listinfo/scap_interest
- [scap_interest] IETF SCAP and ITU-T CYBEX synergi… Tony Rutkowski
- Re: [scap_interest] IETF SCAP and ITU-T CYBEX syn… Sean Turner
- Re: [scap_interest] IETF SCAP and ITU-T CYBEX syn… Michael Chernin
- Re: [scap_interest] IETF SCAP and ITU-T CYBEX syn… Tony Rutkowski