Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

A New SCAP Information Model and Data Model for Content Authors

Published

Author(s)

Joshua Lubell

Abstract

The Security Content Automation Protocol (SCAP) data model for source data stream collections standardizes the packaging of security content into self-contained bundles for easy deployment. But no single data model can satisfy all requirements. The source data stream collection data model is not intended to meet the needs of SCAP content authors, and its implementation- specific syntax lacks the ability to express packaging subtleties critical to software developers and content authors alike. This paper defines a new implementation-neutral information model that is both easier to understand and does a better job expressing relationships between objects comprising a source data stream collection. A new authoring data model, derived from the information model, for facilitating implementation of SCAP content development software applications is also defined. Additionally, the paper discusses an application implementing the authoring data model that enables SCAP content developers to create source data stream collections using a friendly and intuitive syntax, which is then transformed into SCAP standard-conforming content.
Citation
Critical Infrastructure XII
Volume
542
Publisher Info
Springer, Cham, -1

Keywords

Security Content Automation Protocol, SCAP, Darwin Information Typing Architecture, DITA, cybersecurity, Industrial Control System, Industrial Internet of Things, information model, data model

Citation

Lubell, J. (2018), A New SCAP Information Model and Data Model for Content Authors, Critical Infrastructure XII, Springer, Cham, -1, [online], https://doi.org/10.1007/978-3-030-04537-1_8 (Accessed November 21, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created December 18, 2018, Updated April 27, 2020