iodef data model status
play

IODEF Data Model Status (changes from 02 to 03) - PowerPoint PPT Presentation

Nov 06, 2023 •6 likes •146 views

IODEF Data Model Status (changes from 02 to 03) <draft-ietf-inch-iodef-03> tracked @ https://rt.psg.com : inch-dm queue Roman Danyliw <rdd@cert.org> Thursday, November 11. 2004 IETF 61, Washington DC, USA Outline Changes from v02

  1. IODEF Data Model Status (changes from 02 to 03) <draft-ietf-inch-iodef-03> tracked @ https://rt.psg.com : inch-dm queue Roman Danyliw <rdd@cert.org> Thursday, November 11. 2004 IETF 61, Washington DC, USA

  2. Outline Changes from v02 to v03 November 11. 2004 IETF 61 2

  3. Editorial Changes • Compressed the ASCII-art pictures for the classes • Made UML diagrams, text description, and the DTD consistent • Re-wrote introduction (Section 1) • Simplified XML section (Section 2.1) • Simplified the Processing considerations (Section 5) • Simplified the Security considerations (Section 9) • Reference IDMEF specification for <Impact> and <Confidence> • Dropped all legacy normative references • More polished text for many of the class descriptions November 11. 2004 IETF 61 3

  4. Simplify the Data Model (#472) https://rt.psg.com/Ticket/Display.html?id=472 • Removed legacy (IDMEF) classes – File system classes: <FileList>, <File>, <inode>, etc. – Layer 7 classes: <SNMPService>, <HTTPService> – User classes: <User>, <UserId> • Removed unused classes – <number> – <LifeImpact> • Removed redundant classes – Removed <History> from <EventData> (already in <Incident>) November 11. 2004 IETF 61 4

  5. Simplify the Data Model (#472) 2 https://rt.psg.com/Ticket/Display.html?id=472 • Simplify representations when possible – Merged <IncidentData> into <Incident> – Simplified <Address> to not use <address> and <netmask> - <!ELEMENT Address (address, netmask?)> + <!ELEMENT Address (#PCDATA)> – Simplified <Service> to no longer redundantly - <!ELEMENT Service (((name?, port), portlist, protocol?)> + <!ELEMENT Service ((port | portlist), Application?)> + <!ATTLIST Service + ip_version CDATA "4" + ip_protocol CDATA #REQUIRED > – Removed NTPSTAMP (ntpstamp attribute) representation from the Time classes – Removed @restriction attribute from <Impact>, <TimeImpact>, and <MonetaryImpact> November 11. 2004 IETF 61 5

  6. Clean-up Attributes • Default value of Address@category="ipv4-addr” not "unknown“ • Dropped Contact@role="actor" enumerated value referenced in the <Expectation> class November 11. 2004 IETF 61 6

  7. Add new data • Added "asn" to %attvals.addrcat in <Address> (Issue #359) • Added "investigate" to attvals.expectcat in <Expectation> • Introduced <Application> (and replace <Process> of <System>, added to <Service>) November 11. 2004 IETF 61 7

  8. Flow Notation and Summarization Support (#360) https://rt.psg.com/Ticket/Display.html?id=360 • Added <Flow> as child of <EventData> to encapsulate <System>s • Added <Counter> to <Node> and <Service> November 11. 2004 IETF 61 8

  9. 9 Open Issues Outline IETF 61 November 11. 2004

  10. #356: Standardize extensions https://rt.psg.com/Ticket/Display.html?id=356 • Add a mandatory top-level container class to all extensions to allow an easy determination of which one is used • PROPOSAL <!ELEMENT IODEF-Extention (ANY)> <!ATTLIST IODEF-Extention name CDATA #REQUIRED source CDATA #REQUIRED version CDATA #IMPLIED > • STATUS: – Will fix with Schema trickery? How? November 11. 2004 IETF 61 10

  11. #551: Formalizing <RecordData> https://rt.psg.com/Ticket/Display.html?id=551 • Add meta-information so that in-lined logs snippets and those reference externally can be processed • PROPOSALS – Add a way to specify filter patterns and offsets into text and binary log files • STATUS: further discussion needed November 11. 2004 IETF 61 11

  12. Other Issues • Rename and redesign Analyzer (drop <pid>, <path>, <Process>); make it more similar to <Application> • Should <Application> be added to <Method>? (i.e., how to represent attack tools? Is using the System/Service/Application sufficient?) • Decide whether <Contact>/<name> requires its own class since it is formatted as PERSON, but in other uses of <name> it is STRING. • Representing OS of <System> November 11. 2004 IETF 61 12

  13. TODO • To be written – IODEF Schema (done for v02, needs update for v03) – IANA Considerations – Examples and description of XML-Signature and XML-Encryption in Security Considerations • Define sane default values for all attributes • Specify format of the TIMEZONE data- type November 11. 2004 IETF 61 13

  14. Moving Forward • Release an 04 draft using Schema within a month Comments? November 11. 2004 IETF 61 14

Recommend

IODEF Data Model Status &lt;draft-ietf-inch-iodef-02&gt; Roman Danyliw &lt;rdd@cert.org&gt;

IODEF Data Model Status &lt;draft-ietf-inch-iodef-02&gt; Roman Danyliw &lt;rdd@cert.org&gt;

IODEF Data Model Status &lt;draft-ietf-inch-iodef-02&gt; Roman Danyliw &lt;rdd@cert.org&gt; 1300-1500, Thursday, March 4. 2004 IETF 59, Seoul, Korea XML Schema Migration http://www.uazone.org/demch/projects/iodef/ STATUS Release a

332 views • 12 slides
IODEF Data Model Status (progress from -04) &lt;draft-ietf-inch-iodef-05&gt; tracked @

IODEF Data Model Status (progress from -04) &lt;draft-ietf-inch-iodef-05&gt; tracked @

IODEF Data Model Status (progress from -04) &lt;draft-ietf-inch-iodef-05&gt; tracked @ https://rt.psg.com : inch-dm queue Roman Danyliw &lt;rdd@cert.org&gt; Wednesday, November 9. 2005 IETF 64, Vancouver, Canada Status of Issues -05

632 views • 13 slides
IODEF Data Model Status (progress from 03) &lt;draft-ietf-inch-iodef-03&gt; tracked @

IODEF Data Model Status (progress from 03) &lt;draft-ietf-inch-iodef-03&gt; tracked @

IODEF Data Model Status (progress from 03) &lt;draft-ietf-inch-iodef-03&gt; tracked @ https://rt.psg.com : inch-dm queue Roman Danyliw &lt;rdd@cert.org&gt; Wednesday, March 9. 2005 IETF 62, Minneapolis, USA Progress on issues from v03

297 views • 16 slides
IODEF Extensions for Phishing and Other E-Crimeware Patrick Cain Latest Status New draft

IODEF Extensions for Phishing and Other E-Crimeware Patrick Cain Latest Status New draft

IODEF Extensions for Phishing and Other E-Crimeware Patrick Cain Latest Status New draft out. Missed deadline by a little; should show up in repository soon. draft-ietf-inch-phishingextns-02 One Technical change Many

452 views • 5 slides
IODEF Incident object description and exchange format Developed within Terenas TF-CSIRT This

IODEF Incident object description and exchange format Developed within Terenas TF-CSIRT This

IODEF Incident object description and exchange format Developed within Terenas TF-CSIRT This material is public :) Jan Meijer &lt;jan.meijer@surfnet.nl&gt; IODEF: what is it about? Problem statement: define a common data format for sharing

320 views • 9 slides
One Data Model SDF: A brief tutorial and status T2TRG summary meeting @ IETF 107+, April 14, 2020

One Data Model SDF: A brief tutorial and status T2TRG summary meeting @ IETF 107+, April 14, 2020

One Data Model SDF: A brief tutorial and status T2TRG summary meeting @ IETF 107+, April 14, 2020 Carsten Bormann 1 The need for One Data Model IoT standardization is dominated by ecosystem -specific SDOs Each ecosystem has their own

294 views • 14 slides
Model Status Update July 01, 2015 Agenda Purpose Model Development Update Model

Model Status Update July 01, 2015 Agenda Purpose Model Development Update Model

Model Status Update July 01, 2015 Agenda Purpose Model Development Update Model Calibration Status Next Steps Schedule Public Input Purpose Inform stakeholders on status of model development Provide more detailed

325 views • 30 slides
STATUS OF DATA STATUS OF DATA GENERATI ON I N KENYA GENERATI ON I N KENYA ON MI NOR USES ON MI

STATUS OF DATA STATUS OF DATA GENERATI ON I N KENYA GENERATI ON I N KENYA ON MI NOR USES ON MI

STATUS OF DATA STATUS OF DATA GENERATI ON I N KENYA GENERATI ON I N KENYA ON MI NOR USES ON MI NOR USES GLOBAL MINOR USE SUMMIT, 3-7 DECEMBER 2007 ROME ITALY Lucy M. Namu, Chief Analytical Chemist Kenya Plant Health Inspectorate Service

450 views • 26 slides
Model Status Update February 03, 2016 Agenda Land Surface Elevation Updates Baseflows

Model Status Update February 03, 2016 Agenda Land Surface Elevation Updates Baseflows

Model Status Update February 03, 2016 Agenda Land Surface Elevation Updates Baseflows Latest Model Results Model Calibration Status Water Supply Plan Model Scenarios Next Steps Public Input Progress-to-Date Model

388 views • 26 slides
Implementing the IODEF at the CERT/CC Roman Danyliw &lt;rdd@cert.org&gt; INCH IETF 55

Implementing the IODEF at the CERT/CC Roman Danyliw &lt;rdd@cert.org&gt; INCH IETF 55

Implementing the IODEF at the CERT/CC Roman Danyliw &lt;rdd@cert.org&gt; INCH IETF 55 Incident Reporting Forms CERT Coordination Center (CERT/CC) Federal Computer Incident Response Capability (FedCIRC) National

437 views • 9 slides
January 25, 2016 Overview Status of NFSEG Steady-State Model Calibration NFSEG Model

January 25, 2016 Overview Status of NFSEG Steady-State Model Calibration NFSEG Model

Fatih Gordu, PE (SJRWMD) Trey Grubbs (SRWMD) Douglas Durden, PE (SJRWMD) Ron Basso, PG (SWFWMD) January 25, 2016 Overview Status of NFSEG Steady-State Model Calibration NFSEG Model Simulations NFSEG Transient Model Development Status

585 views • 15 slides
Model Status Update February 10, 2016 Agenda Major Reasons for Delay Latest Model Results

Model Status Update February 10, 2016 Agenda Major Reasons for Delay Latest Model Results

Model Status Update February 10, 2016 Agenda Major Reasons for Delay Latest Model Results Model Calibration Status Water Supply Plan Model Scenarios Next Steps Public Input Major Reasons for Delay Land Surface

439 views • 9 slides
DHPT 1.2 Status DEPFET-TB Sep 27. 2016 Status DHPT 1.2 has a major bug: On the 20 bit data

DHPT 1.2 Status DEPFET-TB Sep 27. 2016 Status DHPT 1.2 has a major bug: On the 20 bit data

DHPT 1.2 Status DEPFET-TB Sep 27. 2016 Status DHPT 1.2 has a major bug: On the 20 bit data bus connecting the core to the serializer bits D[0], D[18], and D[19] are shorted to ground. The data link puts out invalid symbols rendering

427 views • 11 slides
RID Draft Update Migrating to IODEF Kathleen M. Moriarty IETF INCH Working Group 04 March 2004

RID Draft Update Migrating to IODEF Kathleen M. Moriarty IETF INCH Working Group 04 March 2004

RID Draft Update Migrating to IODEF Kathleen M. Moriarty IETF INCH Working Group 04 March 2004 This work was sponsored by the Air Force under Air Force Contract Number F19628-00-C-0002. &quot;Opinions, interpretations, conclusions, and

365 views • 8 slides
Relational Model of Data Thomas Schwarz, SJ Data Model Notation for describing data 1.

Relational Model of Data Thomas Schwarz, SJ Data Model Notation for describing data 1.

Relational Model of Data Thomas Schwarz, SJ Data Model Notation for describing data 1. Structure of the Data Conceptual level, not binary 2.Operations on Data Limits on operations are useful! 3.Constraints on Data Data Model In

1.27k views • 81 slides
Status of LIGO Data Analysis Status of LIGO Data Analysis Gabriela Gonzlez Department of

Status of LIGO Data Analysis Status of LIGO Data Analysis Gabriela Gonzlez Department of

Status of LIGO Data Analysis Status of LIGO Data Analysis Gabriela Gonzlez Department of Physics and Astronomy Louisiana State University for the LIGO Scientific Collaboration Dec 17, 2003 GWDAW -8 meeting LIGO schedule LIGO schedule Goal

339 views • 14 slides
Status of the GLAST BG model Status of the GLAST BG model February 6, 2008 CA-SO Workshop

Status of the GLAST BG model Status of the GLAST BG model February 6, 2008 CA-SO Workshop

GLAST_BGmodel_2008-02-06.ppt Status of the GLAST BG model Status of the GLAST BG model February 6, 2008 CA-SO Workshop Tsunefumi Mizuno (Hiroshima Univ.) mizuno@hep01.hepl.hiroshima-u.ac.jp 1 Tsunefumi Mizuno GLAST_BGmodel_2008-02-06.ppt

208 views • 16 slides
Planning for the Future: Status of Enrollment November 9, 2016 1 Discussion Points

Planning for the Future: Status of Enrollment November 9, 2016 1 Discussion Points

Planning for the Future: Status of Enrollment November 9, 2016 1 Discussion Points Enrollment and Demographics Discussion (Part 1) Planning Areas Past Enrollment Baseline Data Sophisticated Forecast Model (SFM) Model

977 views • 41 slides
The Relational Data Model Lecture 6 1 Outline Relational Data Model Functional

The Relational Data Model Lecture 6 1 Outline Relational Data Model Functional

The Relational Data Model Lecture 6 1 Outline Relational Data Model Functional Dependencies Logical Schema Design Reading Chapter 8 2 1 The Relational Data Model Relational Physical Data Schema storage Modeling Have

484 views • 30 slides
Air Quality e-Reporting: status of implementation &amp; data from AQ models EEA &amp; ETC/ACM

Air Quality e-Reporting: status of implementation &amp; data from AQ models EEA &amp; ETC/ACM

Air Quality e-Reporting: status of implementation &amp; data from AQ models EEA &amp; ETC/ACM efforts compiled by Artur Gsella FAIRMODE Plenary Meeting Baveno, 13 th of February 2015 Air Quality e-Reporting: status of implementation &amp; data

420 views • 28 slides
Model 1 proc logistic data=framing descending; model chd01 = age; run; Model Information Data

Model 1 proc logistic data=framing descending; model chd01 = age; run; Model Information Data

Model 1 proc logistic data=framing descending; model chd01 = age; run; Model Information Data Set WORK.FRAMING Response Variable chd01 Number of Response Levels 2 Model binary logit Optimization Technique Fisher's scoring Number of

677 views • 4 slides
A Common Data Model- Which? Overview of the OMOP Common Data Model Peter Rijnbeek, PhD

A Common Data Model- Which? Overview of the OMOP Common Data Model Peter Rijnbeek, PhD

A Common Data Model- Which? Overview of the OMOP Common Data Model Peter Rijnbeek, PhD Department of Medical Informatics Erasmus MC, Rotterdam, The Netherlands Observational Health Data Sciences and Informatics (OHDSI) Mission To improve

664 views • 27 slides
The Relational Data Model Chapter 3 1 Data and Its Structure Data is actually stored as

The Relational Data Model Chapter 3 1 Data and Its Structure Data is actually stored as

The Relational Data Model Chapter 3 1 Data and Its Structure Data is actually stored as bits, but it is difficult to work with data at this level. It is convenient to view data at different levels of abstraction . Schema :

705 views • 31 slides
A Common Data Model for Europe: Why? Which? How? The FDA Sentinel Common Data Model European

A Common Data Model for Europe: Why? Which? How? The FDA Sentinel Common Data Model European

A Common Data Model for Europe: Why? Which? How? The FDA Sentinel Common Data Model European Medicines Agency December 11, 2017 Jeffrey Brown, PhD info@sentinelsystem.org 1 Conflicts and Disclosures I have no conflicts of interest related

673 views • 54 slides

More recommend