Issue 47: implement the stix 21 windows integrity level enumeration #103
Conversation
| @@ -168,6 +168,21 @@ gist:ThreatActorType | |||
| rdfs:subClassOf gist:StixCategoryObject ; | |||
| . | |||
|
|
|||
| gist:WindowsIntegrityLevel | |||
| ● Process (Windows Process extension) | ||
|
|
||
|
|
There was a problem hiding this comment.
Strange - a single bullet and two blank lines. Its a poor definition. I wonder if we should have a gist:stixDefinition (sub-property of skos:definition) and use it similar to how we use stixTerm. It would be a lot of work though to come up with good definitions. Here is a stab:
skos:definition "A category indicating the trustworthiness of an object in the Windows environment."^^xsd:string ;
| skos:prefLabel "System Integrity Level"^^xsd:string ; | ||
| gist:stixTerm "system"^^xsd:string ; | ||
| . | ||
|
|
There was a problem hiding this comment.
IRI - prefLabel mismatch. Should be more like:
gist:_WindowsIntegrityLevel_high
a gist:WindowsIntegrityLevel ;
skos:definition """STIX 2.1 description:
A high level of integrity."""^^xsd:string ;
skos:prefLabel "high"^^xsd:string ; <==
gist:stixTerm "high"^^xsd:string ;
.
Do like the others, for consistency.
Also, this make stixTerm repetetive, not sure what policy to adopt for this case.
There was a problem hiding this comment.
Regarding the question of sequence. If you need to order them, use gist:sequence as you did for another case (not recall which one). If so, be sure to have a note that says what low numbers mean (e.g does 1 mean lowest level or does it mean 1st rate highest level)
brett-heffelfinger
deleted the
issue-47-implement-the-stix-21-windows-integrity-level-enumeration
branch
Closes #47
Looking for feedback/suggestions on what should be used for
gist:sequenceif this is really an enumeration that should use the triple pattern, or if the current set of triples is satisfactory.Reference to the STIX 2.1 vocab source: STIX 2.1 Windows™ Integrity Level Enumeration