A common language for computer security incidents [report]

John D. Howard, Thomas A Longstaff
1998 unpublished
Much of the computer security information regularly gathered and disseminated by individuals and organizations cannot currently be combined or compared because a "common language" has yet to emerge in the field of computer security. A common language consists of terms and taxonomies (principles of classification) which enable the gathering, exchange and comparison of information. This paper presents the results of a project to develop such a common language for computer security incidents. This
more » ... project results from cooperation between the Security and Networking This Common Language Project was not an effort to develop a comprehensive dictionary of terms used in the field of computer security. Instead, we developed a minimum set of "high-level" terms, along with a structure indicating their relationship (a taxonomy), which can be used to classify and understand computer security incident information. We hope these "high-level" terms and their structure will gain wide acceptance, be useful, and most importantly, enable the exchange and comparison of computer security incident information. We anticipate, however, that individuals and organizations will continue to use their own terms, which may be more specific both in meaning and use. We designed the common language to enable these "lower-level" terms to be classified within the common language structure.
doi:10.2172/751004 fatcat:qnx6jgrz3fgqbokjcviyi6wafm