Skip to content

Stix Difficulties: Interoperability is difficult if custom vocabularies are allowed #77

New issue
New issue
Open
Open
Stix Difficulties: Interoperability is difficult if custom vocabularies are allowed#77
@terrymacdonald

Description

@terrymacdonald
terrymacdonald
opened on Dec 2, 2015

PROBLEM

Default Vocabularies aren't expressive enough to accurately describe what producers want. For this reason we expect that producers will want the ability to use customer vocabularies. The problems with using custom vocabularies is that it becomes difficult for receiving implementations to processing them.

POTENTIAL ANSWER

In order to improve interoperability of solutions from different vendors, we need a way of ensuring a standard set of vocabularies. This can be achieved in two different ways.

  • Only have a single, official, centrally controlled default vocabulary. Make sure that it is extremely easy to request additional vocabulary entries, and make sure that updates are automatically distributed to vendors. The vocabularies MUST be able to be distributed independently of updates to STIX, CybOX and TAXII.
  • Have a high-level official, centrally controlled default vocabulary, and allow producers to provide their own externally referenceable custom vocabulary (housed at a reachable URI) if they wish. Doing things this way ensures that there is the high-level 'fallback' vocabulary available if the consumer doesn't have the ability to contact the publically reachable custom vocabulary URI

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions