Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

As a User, I want to traverse the STIX graph over TAXII in an efficient manner, so I don't waste resources #15

Open
MarkDavidson opened this issue Oct 18, 2017 · 2 comments
Open

As a User, I want to traverse the STIX graph over TAXII in an efficient manner, so I don't waste resources #15

MarkDavidson opened this issue Oct 18, 2017 · 2 comments
Labels
Need to Discuss Priority: High Type: New Feature

Comments

@MarkDavidson
Copy link

MarkDavidson commented Oct 18, 2017
edited

Key components:

  • Embedded references
  • SROs
  • Depth
  • Graph cycles/loops
  • referenced_by vs references (e.g., graph directionality)
@MarkDavidson MarkDavidson changed the title As a User, I want to travers the STIX graph in an efficient manner, so I don't waste resources As a User, I want to traverse the STIX graph in an efficient manner, so I don't waste resources Oct 18, 2017
@MarkDavidson MarkDavidson changed the title As a User, I want to traverse the STIX graph in an efficient manner, so I don't waste resources As a User, I want to traverse the STIX graph over TAXII in an efficient manner, so I don't waste resources Oct 18, 2017
@MarkDavidson
Copy link
Author

I have an indicator and I want to pull all of the sightings.

@varnerac
Copy link

varnerac commented Feb 2, 2018

So, I looked at implementing this in our database abstraction layer. The issue I ran into for directed paths is combining connectivity with Collection read permissions

It's possible that a connected STIX Object may be in another Collection where the client does not have read permissions. So, walking digraph paths becomes a non-trivial operation. It becomes more complicated with can_read which determines if the client can read the collection, meaning that can_read can vary per client for a given Collection. So, if I start walking the objects, I have to determine if connected objects:

  • are in the the collection the client requested
  • are in another collection where the client has read access

It got a little weird. This could just be our implementation issue.

@jordan2175 jordan2175 added this to To do in TAXII-2.1 Feb 22, 2018
@StephenOTT StephenOTT mentioned this issue Jan 7, 2019
Open
@jordan2175 jordan2175 removed this from To do in TAXII-2.1 Jan 22, 2019
@emmanvg emmanvg mentioned this issue Dec 10, 2019
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Need to Discuss Priority: High Type: New Feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@MarkDavidson @varnerac @jordan2175