Skip to main content
OSTI.GOVU.S. Department of Energy Office of Scientific and Technical Information
U.S. Department of Energy
Office of Scientific and Technical Information
 

A common language for computer security incidents

Technical Report ·
DOI:https://doi.org/10.2172/751004· OSTI ID:751004
;
Much of the computer security information regularly gathered and disseminated by individuals and organizations cannot currently be combined or compared because a common language has yet to emerge in the field of computer security. A common language consists of terms and taxonomies (principles of classification) which enable the gathering, exchange and comparison of information. This paper presents the results of a project to develop such a common language for computer security incidents. This project results from cooperation between the Security and Networking Research Group at the Sandia National Laboratories, Livermore, CA, and the CERT{reg_sign} Coordination Center at Carnegie Mellon University, Pittsburgh, PA. This Common Language Project was not an effort to develop a comprehensive dictionary of terms used in the field of computer security. Instead, the authors developed a minimum set of high-level terms, along with a structure indicating their relationship (a taxonomy), which can be used to classify and understand computer security incident information. They hope these high-level terms and their structure will gain wide acceptance, be useful, and most importantly, enable the exchange and comparison of computer security incident information. They anticipate, however, that individuals and organizations will continue to use their own terms, which may be more specific both in meaning and use. They designed the common language to enable these lower-level terms to be classified within the common language structure.
Research Organization:
Sandia National Labs., Albuquerque, NM (US); Sandia National Labs., Livermore, CA (US)
Sponsoring Organization:
US Department of Energy (US)
DOE Contract Number:
AC04-94AL85000
OSTI ID:
751004
Report Number(s):
SAND98-8667
Country of Publication:
United States
Language:
English

Similar Records

Security incidents on the Internet, 1989--1995
Conference · Sat Dec 30 23:00:00 EST 1995 · OSTI ID:677057
The computer emergency response team system (CERT-System)
Conference · Fri Oct 11 00:00:00 EDT 1991 · OSTI ID:10119407
The computer emergency response team system (CERT-System)
Conference · Fri Oct 11 00:00:00 EDT 1991 · OSTI ID:5796412

Related Subjects

99 GENERAL AND MISCELLANEOUS
COMPUTER SECURITY
COMPUTERS
INTERNET
INTERNET INCIDENTS
SECURITY
STANDARDIZED TERMINOLOGY
TAXONOMY