Re: [scap_interest] IETF SCAP and ITU-T CYBEX synergies and cooperation

Sean Turner <turners@ieca.com> Wed, 20 October 2010 21:18 UTC

Return-Path: <turners@ieca.com>
X-Original-To: scap_interest@core3.amsl.com
Delivered-To: scap_interest@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7A2E43A67FB for <scap_interest@core3.amsl.com>; Wed, 20 Oct 2010 14:18:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.598
X-Spam-Level:
X-Spam-Status: No, score=-102.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, UNPARSEABLE_RELAY=0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kKxVjpKUTGMZ for <scap_interest@core3.amsl.com>; Wed, 20 Oct 2010 14:18:11 -0700 (PDT)
Received: from nm4-vm0.bullet.mail.ac4.yahoo.com (nm4-vm0.bullet.mail.ac4.yahoo.com [98.139.53.206]) by core3.amsl.com (Postfix) with SMTP id 8769C3A681E for <scap_interest@ietf.org>; Wed, 20 Oct 2010 14:18:10 -0700 (PDT)
Received: from [98.139.52.188] by nm4.bullet.mail.ac4.yahoo.com with NNFMP; 20 Oct 2010 21:19:41 -0000
Received: from [98.139.52.177] by tm1.bullet.mail.ac4.yahoo.com with NNFMP; 20 Oct 2010 21:19:41 -0000
Received: from [127.0.0.1] by omp1060.mail.ac4.yahoo.com with NNFMP; 20 Oct 2010 21:19:40 -0000
X-Yahoo-Newman-Id: 794612.73261.bm@omp1060.mail.ac4.yahoo.com
Received: (qmail 65519 invoked from network); 20 Oct 2010 20:48:08 -0000
Received: from thunderfish.local (turners@96.231.127.199 with plain) by smtp112.biz.mail.re2.yahoo.com with SMTP; 20 Oct 2010 13:48:08 -0700 PDT
X-Yahoo-SMTP: ZrP3VLSswBDL75pF8ymZHDSu9B.vcMfDPgLJ
X-YMail-OSG: 1Biik5cVM1mZu_V9txW556p9YKJerYHWvGINv8clP2HRl5O .CS8fbZZVyogMcG_osi6Y4LrhhjeT0sdr8LkfDT0DJLjvuD0xiij5vuDvAxp CGfn99QGdQsixQJeTpOomxskGc3aVONsRvQjkGc_4nO4ZCZRU64Xyq7IVG.Z XX734UePaxesppEKEr3zaHgcjyNpWcbJsRZPPGJSrzMPExI.YHdUs2Kcg.ye 33LI7wMNbDqY1Ftda.mV_ZfdfGimlhTTrTpb7qBQT
X-Yahoo-Newman-Property: ymail-3
Message-ID: <4CBF5589.406@ieca.com>
Date: Wed, 20 Oct 2010 16:48:09 -0400
From: Sean Turner <turners@ieca.com>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.11) Gecko/20101013 Lightning/1.0b2 Thunderbird/3.1.5
MIME-Version: 1.0
To: scap_interest@ietf.org
References: <4CBF515C.4090507@yaanatech.com>
In-Reply-To: <4CBF515C.4090507@yaanatech.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: Malcolm Johnson <Malcolm.Johnson@itu.int>, Kent_Landfield@McAfee.com
Subject: Re: [scap_interest] IETF SCAP and ITU-T CYBEX synergies and cooperation
X-BeenThere: scap_interest@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Discussion List for IETFers interested in the Security Content Automation Protocol \(SCAP\)." <scap_interest.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/scap_interest>, <mailto:scap_interest-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scap_interest>
List-Post: <mailto:scap_interest@ietf.org>
List-Help: <mailto:scap_interest-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scap_interest>, <mailto:scap_interest-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Oct 2010 21:18:14 -0000

Also note that there is the following draft:

https://datatracker.ietf.org/doc/draft-takahashi-cybex-intro/

spt

On 10/20/10 4:30 PM, Tony Rutkowski wrote:
> Dear all,
>
> At the ITU-T cybersecurity standards group (Q4/17)
> interim meeting in Tokyo last week, the participants
> noted the new effort to introduce into the IETF some of
> the systems assurance standards under the general aegis
> the SCAP BOF and this interest list.
>
> An effort leveraging the same concepts and underlying
> standardization work was started within the ITU-T last
> year among an array of industry and government
> participants and organizations for outlining ways of
> sharing and exchanging structured information, that is
> called the Cybersecurity Information Exchange Framework
> or CYBEX for short. CYBEX identified the entire array
> of information assurance, incident response, forensics
> and trust specifications - most of which were in use or
> under development in the respective communities - as
> part of this Framework. The CYBEX framework is
> scheduled for approval as as Recommendation ITU-T
> X.1500, together with CVE and CVSS as X.1520 and X.1521
> respectively. Many others are in various stages of
> maturity. The editors of X.1500 include US DHS,
> Japan's NICT, MITRE, Microsoft, FIRST, Cisco, and Yaana
> Technologies.
>
> Part of that framework of course includes the use of
> security automation schemas such as SCAP as a means
> to facilitate systems, services, devices of all kinds
> to make them "measurably" secure as to potential
> vulnerabilities and threats. The U.S. federal
> system implementation of SCAP is included as an
> example in the X.1500 appendix, as is a similar
> implementation in Japan known as JVN.
>
> The vision includes the potential development, use, and
> evolution of innumerable numbers of public and private
> security automation schemas for innumerable systems,
> services, and devices - similar in many ways to the
> deployment of network management MIBs over the past 25
> years. The IETF is one of many standards bodies that
> should be developing security content automation schemas,
> and the BOF list plus a scheduled event at the upcoming
> Beijing IETF meeting next month is an important step in
> that direction.
>
> This development was discussed at some length at the
> Tokyo Interim Meeting and there was significant
> enthusiasm for working with IETF (and many other
> standards bodies) in developing these implementations
> for their standards based protocols and services.
> Also demonstrated in Tokyo was the rather remarkable
> work demonstrated by the Japan network security
> community of a RDF-based discovery mechanism for CYBEX
> should be an essential mechanism for enabling use of
> all the many distributed instances of security
> automation schema. The platform is part of a CYBEX
> discovery specification designated X.cybex-discovery.
> In addition, an entire new OID Arc 2.48 has been
> allocated for cybersecurity information exchange
> structured identity purposes.
>
> Dr. Takehashi of NICT, as well as Q4/17 associate
> rapporteur Dr. Kadobayashi of NAIST, who have been
> developing CYBEX related concepts, tools, and
> implementations within Japan's ICT security
> community, will be present in Beijing for the IETF
> meeting, and we hope can contribute to the SCAP BOF.
>
> An introduction to CYBEX is attached that was presented
> last week to the Japan ICT security technical community
> hosted by ISOG-J prior to the ITU-T Interim Meeting.
>
> --tony rutkowski, ITU-T Q.4/17 (cybersecurity) Rapporteur
>
>
>
> _______________________________________________
> scap_interest mailing list
> scap_interest@ietf.org
> https://www.ietf.org/mailman/listinfo/scap_interest