Otupy：一个灵活的、可移植的、可扩展的框架，用于远程控制安全功能

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security Pub Date : 2025-08-21 DOI:10.1016/j.cose.2025.104597

Matteo Repetto

{"title":"Otupy：一个灵活的、可移植的、可扩展的框架，用于远程控制安全功能","authors":"Matteo Repetto","doi":"10.1016/j.cose.2025.104597","DOIUrl":null,"url":null,"abstract":"<div><div>The growing proliferation of heterogeneous security functions ensures diversity, robustness, and adaptivity in addressing cyber-threats, but also poses management and integration challenges. OpenC2 defines a vendor- and application-agnostic abstract language for remote command and control of cyber-defense technologies. Its architecture supports multiple encoding and transfer options, but this might complicate its implementation and usage.</div><div>This paper describes Otupy, a flexible and extensible implementation of the OpenC2 language specification. Otupy defines an Application Programming Interface (API) that allows programmers to focus on the control and business logic of security functions, rather than the communication syntax, protocol, and encoding. The design of Otupy leverages an abstract data notation, an inheritance model, and meta-serialization to simplify the development of extensions for specific <em>profiles</em> of security functions, as well as additional encoding and transfer protocols. We evaluate the correctness of our implementation by validating its output against both a syntax schema and external good and bad samples provided by a third party. Our analysis points out unclear and ambiguous aspects of OpenC2 that deserve further attention by its technical committee.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"158 ","pages":"Article 104597"},"PeriodicalIF":5.4000,"publicationDate":"2025-08-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Otupy: A flexible, portable, and extensible framework for remote control of security functions\",\"authors\":\"Matteo Repetto\",\"doi\":\"10.1016/j.cose.2025.104597\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>The growing proliferation of heterogeneous security functions ensures diversity, robustness, and adaptivity in addressing cyber-threats, but also poses management and integration challenges. OpenC2 defines a vendor- and application-agnostic abstract language for remote command and control of cyber-defense technologies. Its architecture supports multiple encoding and transfer options, but this might complicate its implementation and usage.</div><div>This paper describes Otupy, a flexible and extensible implementation of the OpenC2 language specification. Otupy defines an Application Programming Interface (API) that allows programmers to focus on the control and business logic of security functions, rather than the communication syntax, protocol, and encoding. The design of Otupy leverages an abstract data notation, an inheritance model, and meta-serialization to simplify the development of extensions for specific <em>profiles</em> of security functions, as well as additional encoding and transfer protocols. We evaluate the correctness of our implementation by validating its output against both a syntax schema and external good and bad samples provided by a third party. Our analysis points out unclear and ambiguous aspects of OpenC2 that deserve further attention by its technical committee.</div></div>\",\"PeriodicalId\":51004,\"journal\":{\"name\":\"Computers & Security\",\"volume\":\"158 \",\"pages\":\"Article 104597\"},\"PeriodicalIF\":5.4000,\"publicationDate\":\"2025-08-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computers & Security\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S016740482500286X\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S016740482500286X","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

异构安全功能的激增确保了应对网络威胁的多样性、鲁棒性和适应性，但也带来了管理和集成方面的挑战。OpenC2定义了一种与供应商和应用程序无关的抽象语言，用于远程命令和控制网络防御技术。它的体系结构支持多种编码和传输选项，但这可能会使其实现和使用变得复杂。本文介绍了OpenC2语言规范的灵活可扩展实现Otupy。Otupy定义了一个应用程序编程接口（API），它允许程序员专注于安全功能的控制和业务逻辑，而不是通信语法、协议和编码。Otupy的设计利用了抽象数据符号、继承模型和元序列化来简化针对特定安全功能配置文件的扩展开发，以及额外的编码和传输协议。我们通过对照语法模式和第三方提供的外部好样例和坏样例验证其输出来评估实现的正确性。我们的分析指出了OpenC2不明确和模棱两可的方面，值得其技术委员会进一步关注。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Otupy: A flexible, portable, and extensible framework for remote control of security functions

The growing proliferation of heterogeneous security functions ensures diversity, robustness, and adaptivity in addressing cyber-threats, but also poses management and integration challenges. OpenC2 defines a vendor- and application-agnostic abstract language for remote command and control of cyber-defense technologies. Its architecture supports multiple encoding and transfer options, but this might complicate its implementation and usage.

This paper describes Otupy, a flexible and extensible implementation of the OpenC2 language specification. Otupy defines an Application Programming Interface (API) that allows programmers to focus on the control and business logic of security functions, rather than the communication syntax, protocol, and encoding. The design of Otupy leverages an abstract data notation, an inheritance model, and meta-serialization to simplify the development of extensions for specific profiles of security functions, as well as additional encoding and transfer protocols. We evaluate the correctness of our implementation by validating its output against both a syntax schema and external good and bad samples provided by a third party. Our analysis points out unclear and ambiguous aspects of OpenC2 that deserve further attention by its technical committee.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.