OVAL and the SACM Information Model
draft-hansbury-sacm-oval-info-model-mapping-00

Abstract

The OVAL community has spent more than ten years developing and employing the OVAL Language. During this time, the community has made a number of design decisions and learned a number of lessons that should be leveraged as next generation endpoint posture assessment is formulated. There are a number of places throughout the SACM Information Model document that could be fulfilled by portions of the OVAL Language, either in its current state or, in some cases, with modifications. Another output of the work executed under the OVAL project is a number of lessons that are applicable to the SACM work. These lessons include a clear separation of data collection and evaluation; a call to focus on ensuring both primary source vendors and third party security experts feel invited to the discussion and are empowered to leverage their unique domain knowledge; and to strive for simplicity and flexibility, where possible. Finally, the OVAL community has a set of clear recommendations with respect to which parts of OVAL should be used by SACM as a means to make best use of the efforts of those that have worked on and supported OVAL over the past ten years. Those recommendations are: o Use the OVAL System Characteristics Model as a base data model for at least one way to provide data collection. o Use the OVAL Definitions Model in parts as a base data model for both evaluation and collection guidance. o Do not use the OVAL Results Model for a data model to encode evaluation results.

Authors

mhansbury@mitre.org
Daniel Haynes
Juan Gonzalez

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)