Press Release

OriginBX Alliance for Digital Trade and STIX/TAXII Cybersecurity Standards Win Open Cup Awards

Martin Chapman, Frederick Hirsch, and Duncan Sparrell Named OASIS Distinguished Contributors

19 January 2022 — OASIS Open, the international open source and standards consortium, announced the winners of the 2021 Open Cup, which recognizes exceptional advancements within the OASIS technical community. The Cup for Outstanding New Initiative was awarded to OriginBX, an international alliance of organizations that are defining global standards for digital trade. The Open Cup for Outstanding Approved Standard was awarded to STIX v2.1 & TAXII v2.1, two widely used cybersecurity standards that enable the automated exchange of cyber threat intelligence. In addition, the consortium named Martin Chapman, Frederick Hirsch, and Duncan Sparrell as OASIS Distinguished Contributors.

Open Cup Recipients

The 2021 Outstanding New Initiative, the OriginBX OASIS Open Project, is a global alliance to advance open source product and trade data standards for facilitating digital tax and trade attestations. By reducing complexity and the cost of complying with preferential and non-preferential country of origin determinations, OriginBX OASIS seeks to increase the utilization of free trade agreements to achieve desired public policy outcomes.

“Launched in June, OriginBX has attracted organizations representing diverse stakeholders in the technology, ecommerce, and customs brokerage sectors. The OriginBX community’s vision is to help build common standards to allow for greater automation in identifying countries of origin for manufactured goods and their components,” said OASIS Executive Director Guy Martin. “We’re proud to support this innovative new project as it aims to streamline global trade.”

OriginBX was chosen as the winner in the New Initiative category that includes finalist Electronic Secure Authentication (ESAT) Technical Committee

Named the Outstanding Approved Standard was STIX v2.1 & TAXII v2.1. STIX defines a JSON-based language for sharing structured threat intelligence in a consistent, machine-readable manner, allowing organizations to better protect against, detect, and respond to cyber threats. STIX v2.1 adds new objects and capabilities, enabling it to better describe the cyber threats we confront today, as well as future-proofing STIX via STIX Extensions. As a result, STIX v2.1 creates a solid and stable foundation for vendors and consumers alike to exchange actionable CTI.

TAXII defines a transport protocol which supports the exchange of STIX data over Hyper Text Transfer Protocol Secure (HTTPS). TAXII enables machine-to-machine sharing of CTI by defining an API that supports common sharing models used by industry and Information Sharing and Analysis Organizations (ISAOs).

“The revamped version 2.1 of STIX and TAXII are fast becoming the foundation for automating information sharing to provide cybersecurity professionals with situational awareness, sophisticated threat analysis, and real-time network defense,” said Chet Ensign, OASIS Chief Technical Community Steward.

STIX v2.1 & TAXII v2.1 were chosen from a group of finalists that included:

  • OSLC (Core v3.0, Change Mgmt v3.0, Requirements Mgmt v2.1, & Query v3.0)
  • LegalRuleML Core Specification v1.0
  • BDXR (Service Metadata Publishing (SMP) v2.0 & Exchange Header Envelope (XHE) v1.0

Distinguished Contributors

Each year, the Distinguished Contributor designation is awarded to a select group of OASIS members who have made significant contributions to the advancement of open standards and/or open source projects.

Martin Chapman, Ph.D., served on the OASIS Board of Directors from 2013-2021, and his roles included Vice Chair and Board Process Committee Chair. Martin promoted open standards and interoperability across Europe, focusing on standardization activities in the areas of Web Services, SOA, Business Process, and Cloud, and became involved in many activities in organizations such as OASIS, W3C, OMG, WS-I, ISO, and ITU-T. Martin served as the OASIS Technical Advisory Board (TAB) Chair and member; the CAMP Technical Committee Chair; the Program Advisor for the OASIS Symposium series; the OASIS representative on the EU Stakeholder Cybersecurity Certification Group (SCCG); and Chair of the OASIS Open Europe Foundation.

Duncan Sparrell of sFractal Consulting serves as Chair of the OASIS Open Command and Control (OpenC2) Technical Committee and is a deeply engaged member of the Cyber Threat Intelligence (CTI) TC, the Collaborative Automated Course of Action Operations (CACAO) TC, and the Common Security Advisory Framework (CSAF) TC. Duncan is actively involved in the Open Cybersecurity Alliance (OCA), an OASIS Open Project, as a member of the Project Governing Board and the Technical Steering Committee. In addition, Duncan volunteers as the official OASIS liaison to ITU-T and is Editor of the ITU recommendation X.1144rev, which is XACML 3.0. He also served as Program Advisor to the OASIS Borderless Cyber Conference series. A seasoned network security evangelist with 40+ years of expertise in conceiving, developing and delivering state-of-the art software platforms, Duncan has published numerous articles and holds 7 patents.

Frederick Hirsch served on the OASIS Board of Directors for 18 years, from 2003-2021, and his roles included Board Chair, Treasurer and Chair of the Board Finance and Audit Committee, Chair of the OASIS Board Governance and IPR advisory committee, Vice-Chair, Board Secretary, and Technical Advisory Board Liaison. Frederick is an independent consultant focused on establishing trust in systems based on the trustworthiness characteristics of security, safety, reliability, resilience and privacy. Frederick was a member of the Privacy By Design Documentation for Software Engineers (PbD-SE) Technical Committee and previously served as an editor in the SAML, WSS and DSS Technical Committees.

Media inquiries: