Presentation is loading. Please wait.

Presentation is loading. Please wait.

OASIS OpenC2 Technical Committee Meeting

Published byCharla Matthews Modified over 6 years ago

Similar presentations

Presentation on theme: "OASIS OpenC2 Technical Committee Meeting"— Presentation transcript:

1 OASIS OpenC2 Technical Committee Meeting
13 July 2017

2 Agenda Time Topic Presenter 11:00 – 11:02 Call to Order and Roll Call
Joe Brule 11:02 – 11:04 Approve Minutes of Previous Meeting OpenC2 Subcommittee Reports 11:04 – 11:11 Language Jason Romano, Duncan Sparrell 11:11 – 11:18 Actuator Profile Dave Kemp, Jyoti Verma 11:18 – 11:25 Implementation Considerations Bret Jordan, David Lemire 11: :30 Status/Resolution of Actions Joyce Fai 11: :55 New Business 11: :00 New Action Item Review 12:00 Adjourn

3 Call to Order and Roll Call
Joe Brule To expedite the roll call process, kindly record your attendance for today’s meeting within Kavi If for whatever reason you are unable to do so, send the Executive Secretary a record of your attendance through and we will track your attendance onto the OASIS OpenC2 site for this meeting.

4 Approve Minutes Joe Brule OpenC2 TC Minutes for June 7 Meeting:
OpenC2 TC Kickoff Slide Deck (for reference)

5 OpenC2 Subcommittee Reports
Near term Subcommittee Tasks Transfer Artifacts from legacy OpenC2 Forum Define Tempo Recruit subject matter experts Recruit document editors and secretaries Participation in the Subcommittees is the path to success

6 Language

7 Purpose of the Language SC
This OpenC2 Language SC is responsible for the development, maintenance, and resolution of comments to the OpenC2 language documentation, including the language specification documents, use cases, JAEN specification, JSON specification, and glossary.

8 Status Held Kickoff Meeting, 7/11
Operating Tempo: Tuesdays, 13:00 ET (17:00 UTC) Current Objective: Systematic review of baseline Language Specification Use of Collaboration Tools: Google Drive: to develop working documents Slack: for informal discussions, primary channel #language GitHub Wiki: to document design decisions

9 OpenC2 Specification Approach (presented at Kickoff)
OpenC2 Language Specification Additional Artifacts Part 1: OpenC2 Core Concepts Old Sections 1-3; some parts of section 3 move into Part 2 Pointer to Actuator Profile Repository Part 2: Open C2 Actions and Targets <Property Tables – normative> Derived from old Section 4 Top Level Property Tables (Command, Response, Alert) Action Property Tables Target Property Tables (include specifiers) Response Property Table (synchronous or asynchronous) Alert Property Table Universal Modifier Property Tables Example Commands (in JSON) Foundational (not actuator specific) appear here (e.g., query, report, notify, start, stop, set, delete, update, effects-based actions ) Part 3: OpenC2 Actions and Targets (JSON Abstract Encoding Notation (JAEN)) Non-normative OPENC2 GLOSSARY (non-normative) OPENC2 ACTUATOR PROFILES Developed by Actuator Profile SC Examples Packet Filtering Firewall Router SDN Controller Endpoint Protection Scanner Sensor  Use Cases

10 Plans Future Agenda Topics Standing meeting announcement on OASIS
Abstract syntax Action property tables End-to-end use cases Standing meeting announcement on OASIS Meetings announced on Slack, #meetings and #language channels Next meeting: , 13:00 ET (17:00 UTC) Call to Action: Join the Language Subcommittee!

11 Actuator Profile

12 Scope The Actuator Profile Subcommittee is responsible for creating and maintaining actuator profiles which define the OpenC2 message elements applicable to specific cyber defense functions. Profiles for specific cyber defense functions will call out the mandatory to implement as well as optional elements meaningful to that function.

13 Status So far, the OpenC2 Forum drafted the following artifacts:
A generic template for actuator profiles Firewall profile Router profile SDN profile Firewall Profile Introduction and MTI sections complete Data Modeling in process Router Profile Industry to provide initial draft SDN Profile Rework Draft based on earlier work performed by SPAWAR

14 Plans Refine / Prioritize List of Actuator Profiles
Bi-Monthly Meetings announced: Via OASIS on Slack #meetings channel Schedule: 2nd and 4th Wednesday of Every Month First Meeting: 26 July 2017, 1300 ET (1700 UTC) WebEx Details: TBD Identify Editors / working groups Transform current draft actuator profiles into OASIS specifications Refine/Prioritize list of additional profiles based on community feedback Establish processes for validating profiles Call to Action: Join the Actuator Profile Subcommittee! Refine / Prioritize List of Actuator Profiles Identify Editors / working groups Feedback loops Prototype Implementers Language Description Document Management Repository / version control

15 Potential Actuator Profiles
15 Actuator –Capability Description External-notification Machine to human notifications to supports use cases that require human in the loop or human on the loop. Privilege-management Manage level of access to system, devices, files etc. to support mitigation of compromised users and/or device use cases DAR-analytics Task analytic engines to evaluate data at rest such as configuration files, tables, servers etc. to support data enrichment use cases DIT-analytics Task analytic engines to evaluate data in transit to support data enrichment use cases Router Manage layer 2 frame switching and layer 3 packet routing functions Isolation Create an isolated environment Configuration Query and/or modify the configuration of assets. Used in data enrichment and isolation use cases Firewall First generation packet filter Application-proxy OPENC2 ACTUATOR PROFILES Packet Filtering Firewall Router SDN Controller Endpoint Protection (Broad Scope?) Scanner (maps to analytics?) Sensor (maps to analytics?)

16 Actuator Profile Outline
Section One: Introduction Purpose/ Scope Applicability Section Two: Language Binding Commands: MTI and Optional Actions, Targets, Modifiers Responses Datatype Definitions Section Three: Command Summary Description of each action in context JSON example commands Section Four: Abstract Schema Use cases provided in a separate repository

17 Implementation Considerations

18 Scope Vision: The OpenC2 Implementation Considerations SC (IC-SC) will develop implementation recommendations for OpenC2 by identifying, investigating, and recommending solutions to OpenC2 security, transport, and interoperability issues. From Charter: Implementation aspects such as message transport, and information assurance (IA) Leverage existing standards Identify gaps in cyber defense C2 Maintain repository of prototype / reference implementations

19 Background OpenC2 language “factored out” implementation to focus on core capabilities of the language “Implementation” == Transport Layer Information Assurance Authentication Authorization Integrity Availability Confidentiality Message Prioritization Message Identification/ Acknowledgment Other topics TBD

20 Status IS-SC Charter approved on TC Ballot
Co-Chairs elected at TC kickoff David Lemire Bret Jordan Existing Contributions Draft IA Implementation Considerations document Various implementations in OpenC2 Forum GitHub

21 Transport Specification
Goal: Identify message fabric requirements for OpenC2 interoperability Intent: Identify or develop a transport specification for OpenC2 Work Plan: Identify communications use cases Review available options Develop a recommendation or specification for OpenC2

22 IA Implementation Considerations
Goal: Clarify OpenC2 requirements for IA features Identify IA interoperability considerations Start from existing IA Considerations doc Work plan: Conversion to OASIS format SC and TC Review

23 Plans Monthly Meetings, announced:
Via OASIS on Slack #meetings and #implementation channels Schedule: First Wednesday of Every Month First Meeting: 2 August 2017, 1300 ET (1700 UTC) WebEx Details: TBD Initial Focus: SC organization Discuss SC Scope and Work Plans Initial look at IA Implementation Considerations Call to Action: Join the IC-SC!

24 Status/Resolution of Actions

25 Implementation Considerations
Action Items Status Action Item #0000: OpenC2 Subcommittee Tempos As amended at the kickoff  Technical Committee as a whole 2nd Thurs of the month at 11:00 Eastern (60 minutes)  Language Description Document First and 3rd Wednesday at 11:00 Eastern (60 minutes)  Actuator Profile 2nd and 4th Wednesday at 11:00 Eastern (60 minutes)  Implementation Considerations First and Third Tuesday at 11:00 Eastern (60 minutes) Revised OpenC2 Subcommittee Tempos Tues Wed Thurs Week 1 13:00 ET Language Implementation Considerations Week 2 11:00 ET  OpenC2 TC Actuator Week 3 CTI TC Language  21:00 ET Week 4

26 Action Items Status (cont.)
Action Item #0001: Establish OpenC2 Subcommittees Resolutions Passed Work items to create subcommittees submitted to OASIS Initial meetings took place or scheduled

27 Closed Ballots Resolution Vote Status Yes No Abstain
Resolution to Form Language Subcommittee 31 Passed Resolution to Form Actuator Profile Subcommittee 29 Resolution to Form Implementation Considerations Subcommittee 30 Standing Rule #1:, Suspension of Standing rules for Duration of Meeting 18 3 Failed Standing Rule #3, Consideration of Agenda Items for Committee Meetings 14 4

28 OpenC2 Google Docs Setup
OpenC2 TC Access Control Rules Anyone on the Internet can find and view. SC chairs and designees can edit. When a file is ready for comment, TC Members can comment. Special folder ~incoming TC Members can upload and edit files. Maintaining Permissions For files that have enabled commenting, comment permissions will be reapplied (via script) every two weeks to ensure that only TC Members are allowed to comment. An Edit Permission Report will be generated every two weeks to ensure that only authorized TC Members are allowed to directly edit documents. After creating or uploading files to standard folders, SC chairs and designees must transfer ownership to “openc2.oasis”. An Ownership Report will be generated every two weeks to identify files that need to have their ownership transferred to “openc2.oasis”. GitHub Codebase for prototypes, schema’s etc. Existing codebase to remain in place New codebase to be housed in OASIS Slack Informal discussion space All current TC members will be added and members checked biweekly GoogleDocs To be managed by chairs of SC Drafts and Works in progress. OASIS Wiki Repository for Documents accepted by Technical Committee House constructs (issue resolution) House general Information JIRA or GitHub House the action items (change control, what is opened, closed, short summary, pointer to fuller explanation)

29 OpenC2 Google Docs Setup (cont.)
Current Edit Permissions FOLDER DESCRIPTION WHO CAN EDIT admin Administrative folders Joe Brule Sounil Yu Joyce Fai implementation Implementation Considerations Subcommittee Bret Jordan Dave Lemire language Language Subcommittee Jason Romano Duncan Sparrell profile Actuator Profiles Subcommittee Dave Kemp (Jyoti Verma) ~incoming Member upload folder All TC Members scripts Management and reporting scripts openc2.oasis GitHub Codebase for prototypes, schema’s etc. Existing codebase to remain in place New codebase to be housed in OASIS Slack Informal discussion space All current TC members will be added and members checked biweekly GoogleDocs To be managed by chairs of SC Drafts and Works in progress. OASIS Wiki Repository for Documents accepted by Technical Committee House constructs (issue resolution) House general Information JIRA or GitHub House the action items (change control, what is opened, closed, short summary, pointer to fuller explanation)

30 New Business Face to Face Tiger Team Standing Rules
Standing Rule One: Suspension of Standing Rules Standing Rule Three: Consideration of Agenda Items OpenC2 TC/SC Meeting Times

31 Face to Face Tiger Team Legacy OpenC2 Forum held Quarterly Face to Face Meetings with the purpose of: speeding up the resolution of challenging issues sharing progress on the implementation of OpenC2 discussing OpenC2 use cases Solidifying and strengthening working relationships A motion to stand up a Tiger Team: OASIS OPENC2 TECHNICAL COMMITTEE FACE TO FACE MEETINGS: Resolved; The OpenC2 Technical committee will stand up a tiger team to investigate OpenC2 face to face meetings to include: i. if such meetings are warranted ii. and if so, recommendations on how to proceed. The tiger team will present its initial findings to the Technical Committee on August 8, 2017.

32 Standing Rules Standing Rules facilitate the day to day business of the TC Rules of Precedence Roberts Rules of Order OASIS ByLaws OpenC2 ByLaws OpenC2 Standing Rules Standing Rule Two was voted on during the Inaugural Meeting (June 7, 2017) Encourage full deliberation of issues rather than rely on votes Minimize objections is preferable to maximize support…

33 A Motion to Consider Standing Rule One
Text: SUSPENSION OF STANDING RULES FOR THE DURATION OF THE MEETING 1. The rules of OASIS or Roberts Rule of Order cannot be suspended as they are not standing rules and always apply. 2. During the course of a meeting, a standing rule may be suspended for the duration of a meeting. A motion to suspend a standing rule is not debatable and must be called to question immediately. 3. The rule will be suspended if any of the following criteria are met; i. By a vote of 2/3 majority of the voting members present without prior notice ii. By a simple majority vote of the voting members present with prior notice

34 Standing Rule One Discussion
Motivation Standing Rules are present to facilitate the day-to-day business of the TC If Standing Rules become an impediment, then need to suspend

35 A Motion to Consider Standing Rule Three
Text: CONSIDERATION OF AGENDA ITEMS FOR COMMITTEE MEETINGS 1. For items that are not artifacts as referenced in rule two, all members may propose agenda items to the technical committee by providing a summary of the item to the executive secretary no later than five days prior to the meeting. 2. All agenda items are subject to the approval of the co- chairs

36 Standing Rule Three Discussion
Motivation Provide a means for the co-chairs to review and prioritize agenda items Concerns Puts the co-chairs in a position to block agenda items Rebuttal Nothing precludes the introduction of a primary motion (thus the chair cannot stifle a topic) If the chairs are not permitted to see agenda items in advance, how will they be prioritized?

37 A Motion to Define OpenC2 Meeting Timeslots
Text: MOVE AND SET ALL OPENC2 MEETINGS TO 13:00 EASTERN All OpenC2 meetings are to be moved and set to be at 13:00 ET, regardless of the day.

38 OpenC2 TC/SC Meeting Times Discussion
Statement for: Predictability will make it easier for participants to schedule meetings, prioritize and prevent conflicts. Statement against: A formal rule puts an unnecessary constraint on the chairs of the subcommittees and tiger teams. We should permit some autonomy to the chairs with respect to scheduling Rebuttal to the statement against: The benefits having a standard time far out weigh any limitations that might occur for a SC and we need to maximize participation. The best way to do that is predictable times. Rebuttal to the statement for: The point regarding predictability is conceded and a convention of a given time slot is valuable, however standing rule or bylaw requires a formal procedure to suspend. This impedes a SC or TT’s agility, flexibility and the ability to act in a timely manner.

39 Poll for New Business On12/6 Prague Joint OASIS meeting with First.org. Does OpenC2 want a face to face?

40 Action Item Review

41 Standing Rule Two (adopted at Kickoff)
Text: CONSIDERATION OF ARTIFACTS PRESENTED BY A SUBCOMMITTEE TO THE COMMITTEE AS A WHOLE 1. All artifacts must be provided to the Executive Secretary no later than seven business days prior to the meeting of the technical committee. The topic may be added to the agenda upon approval of the co-chairs or by proposal by members of the TC as described in Rule Three of these standing rules. If approved as an agenda item, the executive secretary will provide the artifacts to the members of the TC no later than three business days prior to the meeting of the technical committee. 2. Prior to consideration, the chair will call for objections. 3. Any member present may object. An objection must include a brief reason for the objection. 4. Any other member present may support one or more objections 5. If a threshold of 25% or more of the members present object, then the committee will take it as sufficient cause to send the artifact back to the subcommittee for further deliberation. 6. If the threshold is not met then a motion to consider the artifact may proceed 7. If the artifact is called to question, the voting members present may accept, reject or send the artifact back to the subcommittee for further deliberation.

42 ‘Suite’ of Tools GitHub Slack GoogleDocs OASIS Wiki JIRA or GitHub
Codebase for prototypes, schema’s etc. Existing codebase to remain in place New codebase to be housed in OASIS Slack Informal discussion space All current TC members will be added and members checked biweekly GoogleDocs To be managed by chairs of SC Drafts and Works in progress. OASIS Wiki Repository for Documents accepted by Technical Committee House constructs (issue resolution) House general Information JIRA or GitHub House the action items (change control, what is opened, closed, short summary, pointer to fuller explanation)

Download ppt "OASIS OpenC2 Technical Committee Meeting"

Similar presentations

Configuration Management Managing Change. Points to Ponder Which is more important?  stability  progress Why is change potentially dangerous?

Configuration Management Managing Change. Points to Ponder Which is more important?  stability  progress Why is change potentially dangerous?
Open Meetings Briefing for Public Body Chairpersons Presented by the Office of the University Attorney Fall 2001.

Open Meetings Briefing for Public Body Chairpersons Presented by the Office of the University Attorney Fall 2001.
3 Dec 2003Market Operations Standing Committee1 Market Rule and Change Management Consultation Process John MacKenzie / Darren Finkbeiner / Ella Kokotsis,

3 Dec 2003Market Operations Standing Committee1 Market Rule and Change Management Consultation Process John MacKenzie / Darren Finkbeiner / Ella Kokotsis,
Configuration Management Managing Change. Points to Ponder Which is more important?  stability  progress Why is change potentially dangerous?

Configuration Management Managing Change. Points to Ponder Which is more important?  stability  progress Why is change potentially dangerous?
Proposed TC Issues Process Martin Chapman. Purpose An issues driven process helps to 1.Untangle un-conflate problems 2.Narrow focus to solving particular.

Proposed TC Issues Process Martin Chapman. Purpose An issues driven process helps to 1.Untangle un-conflate problems 2.Narrow focus to solving particular.
OData Technical Committee Kick-off July 26, 2012.

OData Technical Committee Kick-off July 26, 2012.
TSG-S Project Coordination Recommendations Nick Yamasaki TSG-S Chair ABSTRACT: This document presents TSG-S recommendations for improved coordination of.

TSG-S Project Coordination Recommendations Nick Yamasaki TSG-S Chair ABSTRACT: This document presents TSG-S recommendations for improved coordination of.
Legal Citation Markup TC Inaugural Meeting 12 February 2014 02/12/14OASIS Presentation to LegalCiteM TC.

Legal Citation Markup TC Inaugural Meeting 12 February /12/14OASIS Presentation to LegalCiteM TC.
OASIS VIRTIO TC Inaugural Meeting 30 July 2013. 03/04/13 OASIS Presentation to PKCS 11 TC TC Process Overview TC Process is created by OASIS Board, carried.

OASIS VIRTIO TC Inaugural Meeting 30 July /04/13 OASIS Presentation to PKCS 11 TC TC Process Overview TC Process is created by OASIS Board, carried.
Parliamentary Procedure: Introduction

Parliamentary Procedure: Introduction
OASIS Overview TC Process & Administration

OASIS Overview TC Process & Administration
Sample Fit-Gap Kick-off

Sample Fit-Gap Kick-off
OASIS OSLC CCM TC Inaugural Meeting 04 February 2014

OASIS OSLC CCM TC Inaugural Meeting 04 February 2014
OASIS TC Process Overview

OASIS TC Process Overview
CTI STIX SC Monthly Meeting

CTI STIX SC Monthly Meeting
Use Cases Discuss the what and how of use cases: Basics Benefits

Use Cases Discuss the what and how of use cases: Basics Benefits
Working in Groups in Canvas

Working in Groups in Canvas
Chapter 11: Software Configuration Management

Chapter 11: Software Configuration Management
OASIS OPENC2 TECHNICAL COMMITTEE MEETING (Final Version)

OASIS OPENC2 TECHNICAL COMMITTEE MEETING (Final Version)
Global Grid Forum GridForge

Global Grid Forum GridForge

Similar presentations

Ads by Google