TRnotes
We should cooperate with other Internet websites to eliminate security incidents and event information sharing is important to accomplish it. The purpose of TRnotes is to share the timeline of the events, which include the discovered date of a vulnerability, a published date of any advisories, a released date of exploit codes and a confirmed date of any worms on the vulnerability. The each web page consists of the overview, impact, the timeline of the events and related information. The characteristics of TRnotes are the followings: [1][2]
The event time is marked hourly
The state is marked hourly, not daily. Currently, in case of a mailing list, the sent or received time becomes the event time. And in case of a website, the Last-Modified in the header information defined by the HTTP protocol is used as the event time.
The event information is based on public information
It is important that the security administrators for any organizations share the same event information to eliminate the incidents on the Internet. The public information has no restriction such as non-disclosure policy and is possible to share information among more security administrators.
|
|
|
[1] Proposal of the Security Information Sharing System with RDF Site Summary, The 8th World Multi-Conference on Systemics, Cybernetics and Informatics, Vol.X, pp.40-46 (Jul.18-21, 2004)
[2] Proposal of RSS Extension for Security Information Exchange, 18th Annual FIRST Conference (June 25-30, 2006), http://www.first.org/resources/papers/conf2006.html#p187
[3] Vulnerability disclosure publications and discussion tracking, http://www.ee.oulu.fi/research/ouspg/sage/disclosure-tracking/index.html
|
|