Uploaded image for project: 'OASIS Common Security Advisory Framework (CSAF) TC'
  1. OASIS Common Security Advisory Framework (CSAF) TC
  2. CSAF-5

Analysis of "VULDEF" and any possible relation to CSAF work products

    XMLWordPrintable

    Details

    • Type: Task
    • Status: New
    • Priority: Critical
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
    • Environment:

      [New]

      Description

      This issue (task) is one of many similar formal issues formalizing the TCs process to analyse similar work.
      It deals with the analysis of "VULDEF: The VULnerability Data publication and Exchange Format data model" (cf. http://jvnrss.ise.chuo-u.ac.jp/jtg/vuldef/index.en.html ),
      which has been named explicitedly as similar work in section (2)(a) "Identification of Similar Work"
      of the "OASIS Common Security Advisory Framework (CSAF) Technical Committee Charter" (cf. http://www.oasis-open.org/committees/csaf/charter.php ).

      This issue allows us to track and document progress and findings of the CSAF TC of the following:

      1. understand and summarize VULDEF
      2. ensure synergy potentials are identified
      3. discussion of the relation to and reaction on VULDEF
      4. documentation of result

      When checked at 2016-11-24 the (HTML format) document tree root referenced (english language version) existed at the URL http://jvnrss.ise.chuo-u.ac.jp/jtg/vuldef/index.en.html and some bibliographic data identified was:

      URL = http://jvnrss.ise.chuo-u.ac.jp/jtg/vuldef/index.en.html
      Authors/Editors ==
      The members of the JVNRSS Feasibility Study Team:

      Masato Terada (IPA, JPCERT/CC)
      JVN Working Group (JPCERT/CC, IPA)

      AuthorInstitution = JVNRSS
      DocumentDate = 2008-04-28

      DocumentTitle = VULDEF: The VULnerability Data publication and Exchange Format data model
      DocumentStatus = JVNRSS V1.2-R1
      DocumentCopyright = "Copyright © 2006-2008 by the Authors."

      Abstract ==
      """ (content taken from Overview section)
      VULDEF(The VULnerability Data publication and Exchange Format data model)" is
      intended to be a format for the security information published by the vendors
      or the Computer Security Incident Response Teams (CSIRTs).
      Assuming widespread adoption of the VULDEF by the community, an organization
      can potentially benefit from the increased automation in the processing of
      security advisory data, since the commitment of vulnerability handling to
      parse free-form textual document will be reduced.
      """

      LinkedData = http://jvnrss.ise.chuo-u.ac.jp/jtg/vuldef/vuldef.cgi?lang=en
      LinkedDataDetails = Linked from entry document, contains main schema documentation bears slightly different copyright
      LinkedDataCopyright = "Copyright © 2007 by the Authors."

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              sdrees Stefan Hagen
            • Watchers:
              1 Start watching this issue

              Dates

              • Due:
                Created:
                Updated: