draft-ietf-mile-implementreport-08.txt   draft-ietf-mile-implementreport-09.txt 
MILE C. Inacio MILE C. Inacio
Internet-Draft CMU Internet-Draft CMU
Intended status: Informational D. Miyamoto Intended status: Informational D. Miyamoto
Expires: December 1, 2016 UTokyo Expires: December 9, 2016 UTokyo
May 30, 2016 June 7, 2016
MILE Implementation Report MILE Implementation Report
draft-ietf-mile-implementreport-08 draft-ietf-mile-implementreport-09
Abstract Abstract
This document is a collection of implementation reports from vendors, This document is a collection of implementation reports from vendors,
consortiums, and researchers who have implemented one or more of the consortiums, and researchers who have implemented one or more of the
standards published from the IETF INCident Handling (INCH) and standards published from the IETF INCident Handling (INCH) and
Management Incident Lightweight Exchange (MILE) working groups. Management Incident Lightweight Exchange (MILE) working groups.
Status of This Memo Status of This Memo
skipping to change at page 1, line 34 skipping to change at page 1, line 34
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on December 1, 2016. This Internet-Draft will expire on December 9, 2016.
Copyright Notice Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 10, line 13 skipping to change at page 10, line 13
standard. standard.
6.2. Automated Incident Reporting - AirCERT 6.2. Automated Incident Reporting - AirCERT
AirCERT was implemented by CERT/CC of Carnegie Mellon's Software AirCERT was implemented by CERT/CC of Carnegie Mellon's Software
Engineering Institute CERT division. AirCERT was designed to be an Engineering Institute CERT division. AirCERT was designed to be an
Internet-scalable distributed system for sharing security event data. Internet-scalable distributed system for sharing security event data.
The AirCERT system was designed to be an automated collector of flow The AirCERT system was designed to be an automated collector of flow
and IDS alerts. AirCERT would collect that information into a and IDS alerts. AirCERT would collect that information into a
relational database and be able to share reporting using IODEF and relational database and be able to share reporting using IODEF and
Intrusion Detection Message Exchange Format [RFC4765]. AirCERT Intrusion Detection Message Exchange Format (RFC4765, [RFC4765]).
additionally used SNML to exchange information about the network. AirCERT additionally used Simple Network Markup Language [SNML] to
AirCERT was implemented in a combination of C and perl modules and exchange information about the network. AirCERT was implemented in a
included periodic graphing capabilities leveraging RRDTool. combination of C and perl modules and included periodic graphing
capabilities leveraging RRDTool.
AirCERT was intended for large scale distributed deployment and AirCERT was intended for large scale distributed deployment and
eventually the ability to sanitize data to be shared across eventually the ability to sanitize data to be shared across
administrative domains. The architecture was designed to allow administrative domains. The architecture was designed to allow
collection of data at a per site basis and to allow each site to collection of data at a per site basis and to allow each site to
create data sharing based on its own particular trust relationships. create data sharing based on its own particular trust relationships.
6.3. US Department of Energy CyberFed 6.3. US Department of Energy CyberFed
The CyberFed system was implemented and deployed by Argonne National The CyberFed system was implemented and deployed by Argonne National
skipping to change at page 14, line 42 skipping to change at page 14, line 42
Defense (RID) Messages over HTTP/TLS", RFC 6546, Defense (RID) Messages over HTTP/TLS", RFC 6546,
DOI 10.17487/RFC6546, April 2012, DOI 10.17487/RFC6546, April 2012,
<http://www.rfc-editor.org/info/rfc6546>. <http://www.rfc-editor.org/info/rfc6546>.
[RFC7203] Takahashi, T., Landfield, K., and Y. Kadobayashi, "An [RFC7203] Takahashi, T., Landfield, K., and Y. Kadobayashi, "An
Incident Object Description Exchange Format (IODEF) Incident Object Description Exchange Format (IODEF)
Extension for Structured Cybersecurity Information", Extension for Structured Cybersecurity Information",
RFC 7203, DOI 10.17487/RFC7203, April 2014, RFC 7203, DOI 10.17487/RFC7203, April 2014,
<http://www.rfc-editor.org/info/rfc7203>. <http://www.rfc-editor.org/info/rfc7203>.
[SNML] Trammell, B., Danyliw, R., Levy, S., and A. Kompanek,
"AirCERT: The Definitive Guide", 2005,
<http://aircert.sourceforge.net/docs/
aircert_manual-06_2005.pdf>.
[XSD:CS] Microsoft, "XML Schema Definition Tool (Xsd.exe)", [XSD:CS] Microsoft, "XML Schema Definition Tool (Xsd.exe)",
<http://www.microsoft.com/>. <http://www.microsoft.com/>.
[XSD:Cxx] CodeSynthesis, "XSD - XML Data Binding for C++", [XSD:Cxx] CodeSynthesis, "XSD - XML Data Binding for C++",
<http://www.codesynthesis.com/>. <http://www.codesynthesis.com/>.
[XSD:Java] [XSD:Java]
Project Kenai, "JAXB Reference Implementation", Project Kenai, "JAXB Reference Implementation",
<https://jaxb.java.net/>. <https://jaxb.java.net/>.
 End of changes. 5 change blocks. 
8 lines changed or deleted 14 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/