2019-01-07 21:49:20 +01:00
{
"namespace" : "information-security-data-source" ,
"description" : "Taxonomy to classify the information security data sources." ,
"refs" : [
"https://www.sciencedirect.com/science/article/pii/S0167404818304978"
] ,
"version" : 1 ,
"predicates" : [
2019-01-22 16:26:11 +01:00
{
"value" : "type-of-information" ,
"expanded" : "Type of information" ,
"description" : "Type of provided information"
} ,
2019-01-07 21:49:20 +01:00
{
"value" : "originality" ,
"expanded" : "Originality" ,
"description" : "Originality and novelty of the provided information"
} ,
{
"value" : "timeliness-sharing-behavior" ,
"expanded" : "Timeliness sharing behavior" ,
"description" : "Timeliness of the provided information"
} ,
{
"value" : "integrability-format" ,
"expanded" : "Integrability format" ,
"description" : "Level of integrability format for the provided information"
} ,
{
"value" : "integrability-interface" ,
"expanded" : "Integrability interface" ,
"description" : "Level of integrability interface for the provided information"
} ,
{
"value" : "trustworthiness-creditabilily" ,
"expanded" : "Trustworthiness creditability" ,
"description" : "Source of the creditability"
} ,
{
"value" : "trustworthiness-traceability" ,
"expanded" : "Trustworthiness traceability" ,
"description" : "Traceability of the provided information"
} ,
{
"value" : "trustworthiness-feedback-mechanism" ,
"expanded" : "Trustworthiness feedback mechanism" ,
"description" : "Feedback such as user ratings or comments regarding the usefulness of the provided information"
2019-01-22 16:26:11 +01:00
} ,
{
"value" : "type-of-source" ,
"expanded" : "Type of source" ,
"description" : "Types of information security data source"
2019-01-07 21:49:20 +01:00
}
] ,
"values" : [
{
"predicate" : "type-of-information" ,
"entry" : [
{
"value" : "vulnerability" ,
"expanded" : "Vulnerability" ,
2019-01-07 21:58:59 +01:00
"description" : "Information regarding a weakness of an asset which might be exploited by a threat"
2019-01-07 21:49:20 +01:00
} ,
{
"value" : "threat" ,
"expanded" : "Threat" ,
2019-01-07 21:58:59 +01:00
"description" : "Information regarding the potential cause on an unwanted incident"
2019-01-07 21:49:20 +01:00
} ,
{
"value" : "countermeasure" ,
"expanded" : "Countermeasure" ,
2019-01-07 21:58:59 +01:00
"description" : "Information regarding any administrative, managerial, technical or legal control that is used to counteract an information security risk"
2019-01-07 21:49:20 +01:00
} ,
{
"value" : "attack" ,
"expanded" : "Attack" ,
2019-01-07 21:58:59 +01:00
"description" : "Information regarding any unauthorized attempt to access, alter or destroy an asset"
2019-01-07 21:49:20 +01:00
} ,
{
"value" : "risk" ,
"expanded" : "Risk" ,
2019-01-07 21:58:59 +01:00
"description" : "Information describing the consequences of a potential event, such as an attack"
2019-01-07 21:49:20 +01:00
} ,
{
"value" : "asset" ,
"expanded" : "Asset" ,
2019-01-07 21:58:59 +01:00
"description" : "Information regarding any object or characteristic that has value to an organization"
2019-01-07 21:49:20 +01:00
}
]
2019-01-07 22:05:04 +01:00
} ,
{
"predicate" : "originality" ,
"entry" : [
{
"value" : "original-source" ,
"expanded" : "Original source" ,
"description" : "Information originates from the data sources which publish their own information"
} ,
{
"value" : "secondary-source" ,
"expanded" : "Secondary source" ,
"description" : "Information is integrated or copied from another information security data source"
}
]
2019-01-08 07:45:23 +01:00
} ,
{
"predicate" : "timeliness-sharing-behavior" ,
"entry" : [
{
"value" : "routine-sharing" ,
"expanded" : "Routine sharing" ,
"description" : "Information is published at a specific point in time on a regular basis, such as daily, weakly or monthly reports"
} ,
{
"value" : "incident-specific" ,
"expanded" : "Incident specific" ,
"description" : "Information is published whenever news are available or a new incident occurs"
}
]
} ,
{
"predicate" : "integrability-format" ,
"entry" : [
{
"value" : "structured" ,
"expanded" : "Structured" ,
"description" : "The provided security information is available in an standardized and structured data format such as MISP core format"
} ,
{
"value" : "unstructured" ,
"expanded" : "Unstructured" ,
"description" : "The provided security information is available in unstructured form without following a common data representation format"
}
]
} ,
{
"predicate" : "integrability-interface" ,
"entry" : [
{
"value" : "no-interface" ,
"expanded" : "No interface" ,
"description" : "The information security data source doesn’
} ,
{
"value" : "api" ,
"expanded" : "API" ,
"description" : "The information security data source provides an application programming interface (APIs) to obtain the provided information"
} ,
{
"value" : "rss-feeds" ,
"expanded" : "RSS Feeds" ,
"description" : "The information security data source provides an RSS Feed to keep track of the provided information"
} ,
{
"value" : "export" ,
"expanded" : "Export" ,
"description" : "The information security data source provides an interface to export contents as XML, JSON or plain text"
}
]
2019-01-09 07:45:41 +01:00
} ,
{
"predicate" : "trustworthiness-creditabilily" ,
"entry" : [
{
"value" : "vendor" ,
"expanded" : "Vendor" ,
"description" : "The publisher of the information is a vendor"
} ,
{
"value" : "government" ,
"expanded" : "Government" ,
"description" : "The publisher of the information is a government"
} ,
{
"value" : "security-expert" ,
"expanded" : "Security expert" ,
"description" : "The publisher of the information is a security expert"
} ,
{
"value" : "normal-user" ,
"expanded" : "Normal user" ,
"description" : "The publisher of the information is a normal user"
}
]
} ,
{
"predicate" : "trustworthiness-traceability" ,
"entry" : [
{
"value" : "yes" ,
"expanded" : "Yes" ,
"description" : "The provided information is classified as traceable if it can be traced back, based on meta-data, to a specific publisher and a publishing date"
} ,
{
"value" : "no" ,
"expanded" : "No" ,
"description" : "The provided information cannot be traced back (meta-data are not provided)"
}
]
} ,
{
"predicate" : "trustworthiness-feedback-mechanism" ,
"entry" : [
{
"value" : "yes" ,
"expanded" : "Yes" ,
"description" : "The provided information is validated by including user rating, comments or additional analysis"
} ,
{
"value" : "no" ,
"expanded" : "No" ,
"description" : "The provided information is not validated (a user rating, comments is not available)"
}
]
2019-01-09 08:22:11 +01:00
} ,
{
"predicate" : "type-of-source" ,
"entry" : [
{
"value" : "news-website" ,
"expanded" : "News website"
} ,
{
"value" : "expert-blog" ,
"expanded" : "Expert blog"
} ,
{
"value" : "security-product-vendor-website" ,
"expanded" : "(Security product) vendor website"
} ,
{
"value" : "vulnerability-database" ,
"expanded" : "Vulnerability database"
} ,
{
"value" : "mailing-list-archive" ,
"expanded" : "Mailing list archive"
} ,
{
"value" : "social-network" ,
"expanded" : "Social network"
} ,
{
"value" : "streaming-portal" ,
"expanded" : "Streaming portal"
} ,
{
"value" : "forum" ,
"expanded" : "Forum"
} ,
{
"value" : "other" ,
"expanded" : "Other"
}
]
2019-01-07 21:49:20 +01:00
}
]
}
