开放漏洞和评估语言 |
|
ITU-T X.1526 建议书 – 有关漏洞的公开定义和系统状态评估的语言(也称为开放漏洞和评估语言(OVAL)),包括了评估过程中的三个主要步骤:表示用于测试端点的配置信息;分析端点存在的特定机器状态(脆弱性、配置、补丁状态等);以及报告评估的结果。OVAL的目标是提供一个国际化的,信息安全领域的行业标准来促进开放和公布可行的安全内容,同时规范这些信息内容在整个安全工具和服务范围的传输。OVAL包括用于对系统细节进行编码的语言,以及整个社区持有的各类内容资料库。 |
|
Citation: |
https://handle.itu.int/11.1002/1000/12039 |
Series title: |
X series: Data networks, open system communications and security X.1500-X.1599: Cybersecurity information exchange X.1520-X.1539: Vulnerability/state exchange |
Approval date: |
2014-01-24 |
Provisional name: | X.oval |
Approval process: | TAP |
Status: |
In force |
Maintenance responsibility: |
ITU-T Study Group 17 |
Further details: |
Patent statement(s)
Development history
|
|
|
Title |
Approved on |
Download |
Guidelines for identity-based cryptosystems used for cross-domain secure communications
|
2023
|
here
|
Overview of hybrid approaches for key exchange with quantum key distribution
|
2022
|
here
|
Guidelines for security management of using artificial intelligence technology
|
2022
|
here
|
Successful use of security standards (2nd edition)
|
2020
|
here
|
Description of the incubation mechanism and ways to improve it
|
2020
|
here
|
Strategic approaches to the transformation of security studies
|
2020
|
here
|
|