Ballot Details: CTI-TC Open Repositories (CLOSED)

Ballot Question Do you approve requesting OASIS to create an Open Repository for a CybOX Schema and the Tools described below?
Ballot Description ***********CybOX Schemas***********************************


Purpose Statement: The CybOX schemas repository will contain non-normative JSON schemas and examples for CybOX 3. The examples will include short examples of particular objects and more complete use-case examples. The repository will contain JSON schemas and JSON CybOX documents.

Initial Maintainers: Ivan Kirillov & Trey Darley

Open Source License: BSD-3-Clause License

GitHub Name: cti-cybox3-json-schemas

Short Description: OASIS Open Repository: Non-normative schemas and examples for CybOX 3

*******************TOOLS & UTILITIES******************************

*********** STIX/CybOX Pattern Validator Repository **************

Purpose Statement: The pattern-validator is a software tool for checking the syntax of the Cyber Threat Intelligence (CTI) STIX/CybOX Patterning expressions, which are used within STIX to express conditions (represented with the CybOX data model) that indicate particular cyber threat activity. The repository contains source code, an ANTLR grammar, automated tests and associated documentation for the tool. The pattern-validator can be used as a command-line tool or as a Python library which can be included in other applications.

Initial Maintainers: Greg Back & Ivan Kirillov

Open Source License: BSD-3-Clause License

GitHub Name: cti-pattern-validator

Short Description: OASIS Open Repository: Validate patterns used to express CybOX content in STIX Indicators


*********** STIX Marking-Prototype Repository ********************

Purpose Statement: The marking-prototype is a prototype implementation of granular data markings in STIX. It provides a potential API that can be used to create and process the markings, in order to examine the utility, usability, and completeness of how the granular data markings are specified. After the markings are added to the STIX specification, the code in this library may be used as reference, or incorporated directly into other libraries, but is not intended to be released as a standalone tool or library.

Initial Maintainers: Greg Back & Ivan Kirillov

Open Source License: BSD-3-Clause License

GitHub Name: cti-marking-prototype

Short Description: OASIS Open Repository: Prototype for processing granular data markings in STIX


*********** STIX Visualization Repository ************************

Purpose Statement: The STIX visualization is meant to provide producers and consumers of STIX content with a rapid way to visualize the objects in a STIX JSON file, and the relationships between those objects. The visualization is implemented in HTML, CSS, and JavaScript (using the D3.js library), and is suitable for standalone use--either on a hosted server or as a local file--or embedded into other applications. Regardless of how deployed, the JavaScript code in this repository does not transmit STIX data to any server; it is strictly processed within the browser in which the code is running, so it is suitable for data which the user does not wish to share.

Initial Maintainers: Greg Back & Ivan Kirillov

Open Source License: BSD-3-Clause License

GitHub Name: cti-stix-visualization

Short Description: OASIS Open Repository: Lightweight visualization for STIX 2.0 objects and relationships


*********** STIX Validator Repository ******************************

Purpose Statement: The STIX validator checks that STIX JSON content conforms to the requirements specified in the STIX 2.0 specification. In addition to checking conformance with the JSON schemas, the validator checks conformance with requirements that cannot be specified in JSON schema, as well as with established "best practices". This validator is non-normative; in cases of conflict with the STIX 2.0 specification, the specification takes precedence.

Initial Maintainers: Greg Back & Ivan Kirillov

Open Source License: BSD-3-Clause License

GitHub Name: cti-stix-validator

Short Description: OASIS Open Repository: Validator for STIX 2.0 JSON normative requirements and best practices


****** Documentation Repository [ STIX | CybOX | TAXII]**********

Purpose Statement: This repository is a GitHub Pages site storing non-normative information about the work of the CTI Technical Committee.

Initial Maintainer: Greg Back

Open Source License: BSD-3-Clause License

GitHub Name: cti-documentation

Short Description: OASIS Open Repository: GitHub Pages site for STIX, CybOX, and TAXII
Ballot Options
VOTING CLOSED: Saturday, 10 September 2016 @ 11:59 pm EDT
Yes 30 100
No 0 0
Abstain 0
Open Date Friday, 2 September 2016 @ 1:00 pm EDT
Close Date Saturday, 10 September 2016 @ 11:59 pm EDT
Ballot Type Official, as defined by organization policies and procedures

Voting Statistics

Number of votes cast (excluding abstentions) 30
Eligible members who have voted 30 of 59 50.847%
Eligible members who have not voted 29 of 59 49.153%

Voting Summary by Option

Options with highest number of votes are bold
Option # Votes % of Total
Yes 30 100%
No 0 0%
Abstain 0

Voting Details

Voter Name Company Vote * Time (UTC) Comments
* Anderson, John Soltra Yes 2016-09-02 17:39:00
* Back, Greg Mitre Corporation Yes 2016-09-02 17:59:00
* Baker, Jonathan Mitre Corporation Yes 2016-09-02 20:09:00
* Butt, Michael Soltra Yes 2016-09-09 20:47:00
* Casey, Tim Intel Corporation Yes 2016-09-06 15:29:00
* Coderre, Robert VeriSign Yes 2016-09-03 11:34:00
* Darley, Trey Kingfisher Operations, sprl Yes 2016-09-07 08:21:00
* Davidson, Mark Soltra Yes 2016-09-06 12:00:00
* Ginn, Jane Cyber Threat Intelligence Network, Inc. (C... Yes 2016-09-02 19:39:00 1
* Gurney, John-Mark New Context Services, Inc. Yes 2016-09-07 07:46:00
* Jordan, Bret Blue Coat Systems, Inc. Yes 2016-09-03 03:34:00
* Katz, Gary US Department of Defense (DoD) Yes 2016-09-06 13:22:00
* Kelley, Sarah Center for Internet Security (CIS) Yes 2016-09-06 11:40:00
* Kirillov, Ivan Mitre Corporation Yes 2016-09-06 14:05:00
* MacDonald, Terry Individual Yes 2016-09-05 18:34:00
* Maroney, Patrick Individual Yes 2016-09-08 06:05:00 1
* Masuoka, Ryusuke Fujitsu Limited Yes 2016-09-06 19:42:00
* Maxwell, Kyle VeriSign Yes 2016-09-06 19:11:00
* Patrick, Paul FireEye, Inc. Yes 2016-09-06 12:59:00
* Peloquin, Joey Citrix Systems Yes 2016-09-06 16:51:00
* Piazza, Richard Mitre Corporation Yes 2016-09-05 20:23:00
* Pumo, Beth Kaiser Permanente Yes 2016-09-06 15:36:00
* Sander, Tomas Hewlett Packard Enterprise (HPE) Yes 2016-09-06 20:44:00
* Terada, Masato Hitachi, Ltd. Yes 2016-09-10 18:29:00
* Thomson, Allan LookingGlass Yes 2016-09-06 08:20:00
* Truslove, Ian LookingGlass Yes 2016-09-06 14:11:00
* Urbanski, Will Dell Yes 2016-09-05 14:44:00
* Vorthman, Lee LookingGlass Yes 2016-09-06 15:23:00
* Williams, Ron IBM Yes 2016-09-05 19:20:00
* Wunder, John Mitre Corporation Yes 2016-09-06 12:29:00
* Barnum, Sean Mitre Corporation --
* Bohling, James US Department of Defense (DoD) --
* Brown, Iain United Kingdom Cabinet Office --
* Chernin, Aharon Soltra --
* Clancy, Mark Soltra --
* Eilken, David Financial Services Information Sharing and... --
* Foley, Alexander Bank of America --
* Hunt, Christian New Context Services, Inc. --
* Jones, Elysa Individual --
* Kakumaru, Takahiro NEC Corporation --
* Keckler, Raymond Soltra --
* Keirstead, Jason IBM --
* Khan, Ali Soltra --
* Kiehl, Chris Soltra --
* Mates, Jeffrey US Department of Defense (DoD) --
* McLellan, Mike United Kingdom Cabinet Office --
* Moler, James New Context Services, Inc. --
* Noguchi, Kazuo Hitachi, Ltd. --
* Pandya, Shyamal FireEye, Inc. --
* Pepin, Michael Soltra --
* Reaume, Greg TELUS --
* Riedel, Daniel New Context Services, Inc. --
* Storms, Andrew New Context Services, Inc. --
* Struse, Richard DHS Office of Cybersecurity and Communicat... --
* Suarez, Natalie Soltra --
* Taylor, Chris United Kingdom Cabinet Office --
* Thompson, Dean Australia and New Zealand Banking Group (A... --
* Thomson, Laurie United Kingdom Cabinet Office --
* Wood, Chris LookingGlass --

Voter Comments

Submitter Vote Comment
Maroney, Patrick
Individual
Yes Note that I still advocate for Version Agnostic Github repositories for the reasons stated on the list. Another key reason is to leave all options open to the CTI TC when it comes to subsuming and integrating the significant body of legacy content. However, it is important that we get these repos operational ASAP, so you have my full support.
Ginn, Jane
Cyber Threat Intelligence Network, Inc. (C...
Yes Once these are set-up I will add the links to the Wiki page on the OASIS Kavi Portal so members of the public can find them easily.