ELML summarized

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

ELML summarized

Vicente Aceituno
Hi,

I will summarize the main ideas of ELML for list members.

1.- Syntax is based on XML
2.- English is used for vocabulary.
3.- Information Systems are thought of as made of the following objects:
-- Repositories. Hold information temporarily or permanently (buffers,
RAM, files, databases...)
-- Channels. Pathways for Messages (buses, ethernet of wifi networks,
TCP connections...)
-- Interfaces. Channels endpoints (Connectors, Keyboards, Ports...)
-- Services. Processes provide value acting upon Repositories and
Messages trough Interfaces and Channels (processes, subprocesses,
threads, programs, people)
- Messages. Structured information exchanged between services
(signals, mail messages, packets).
- Sessions. Temporary relationship of trust between services. The
establishment of this relationship can require the exchange of
credentials.

Any object can bel, using general terms "Initiated", "Finalized",
"Frozen", "Unfrozen", queried about their current state, or requested
a change of their state.

Example:
Channel can be: opened, closed, hold, released, read the state, write the state.

All these objects are called "Resources"

4.- The content of an individual record might containt:
a- An individual eventID
b- A loggerID (if the service that logs the entry is not the agent or
object of the event)
c- A credentialID used by the agent of the event.
d- A sourceID identifying the agent of the event.
e- A resourceID identifying the object (a Resource) of the event.
f- A RequestType (one of "Initiated", "Finalized", "Frozen",
"Unfrozen", queried about their current state, or requested a change
of their state, as explained above)
g- The Result (success, failure, error,  source error)
h- The reason for the Result is explained as a string in the ResultText.
i- Payload contains the information necessary to perform the request.
j- DateTime is the date and time when the request is performed.
k- The digital Signature of the event using the credentialID.
l- Hash of the event. The hash of the previous event in the Record is
used to calculate it to guarantee log integrity.

And that's it, basically

My best

Vicente

Reply | Threaded
Open this post in threaded view
|

Re: ELML summarized

Raffael Marty
What is ELML? What's the scope of this standard? Could you send a sample
message?

Thanks

  -raffy

-----Original Message-----
From: Vicente Aceituno [mailto:[hidden email]]
Sent: Friday, July 06, 2007 4:01 AM
To: [hidden email]
Subject: [CEE-DISCUSSION-LIST] ELML summarized

Hi,

I will summarize the main ideas of ELML for list members.

1.- Syntax is based on XML
2.- English is used for vocabulary.
3.- Information Systems are thought of as made of the following objects:
-- Repositories. Hold information temporarily or permanently (buffers,
RAM, files, databases...)
-- Channels. Pathways for Messages (buses, ethernet of wifi networks,
TCP connections...)
-- Interfaces. Channels endpoints (Connectors, Keyboards, Ports...)
-- Services. Processes provide value acting upon Repositories and
Messages trough Interfaces and Channels (processes, subprocesses,
threads, programs, people)
- Messages. Structured information exchanged between services (signals,
mail messages, packets).
- Sessions. Temporary relationship of trust between services. The
establishment of this relationship can require the exchange of
credentials.

Any object can bel, using general terms "Initiated", "Finalized",
"Frozen", "Unfrozen", queried about their current state, or requested a
change of their state.

Example:
Channel can be: opened, closed, hold, released, read the state, write
the state.

All these objects are called "Resources"

4.- The content of an individual record might containt:
a- An individual eventID
b- A loggerID (if the service that logs the entry is not the agent or
object of the event)
c- A credentialID used by the agent of the event.
d- A sourceID identifying the agent of the event.
e- A resourceID identifying the object (a Resource) of the event.
f- A RequestType (one of "Initiated", "Finalized", "Frozen", "Unfrozen",
queried about their current state, or requested a change of their state,
as explained above)
g- The Result (success, failure, error,  source error)
h- The reason for the Result is explained as a string in the ResultText.
i- Payload contains the information necessary to perform the request.
j- DateTime is the date and time when the request is performed.
k- The digital Signature of the event using the credentialID.
l- Hash of the event. The hash of the previous event in the Record is
used to calculate it to guarantee log integrity.

And that's it, basically

My best

Vicente
________________________________________________________________
ArcSight 2007 User Conference ~ Protecting Your Business
> Register now for the best conference rate
www.arcsight.com/userconference/