Skip to content

Ontology

This page is not normative

This page is not considered a core part of the Vultron Protocol as proposed in the main documentation. Although within the page we might provide guidance in terms of SHOULD, MUST, etc., the content here is not normative.

The Vultron Protocol does not make its appearance in uncharted territory, where no existing CVD systems or processes exist. Rather, we propose it as an improvement to interactions among humans, systems, and business processes that already perform MPCVD around the world every day. Thus, for adoption to occur, it will be necessary to map existing systems and processes into the semantics (and eventually, the syntax) of whatever protocol emerges as a descendant of our proposal.

Combined with the abstract case class model, an ontology (e.g., using OWL) could accelerate the semantic interoperability between independent Participant processes and tools that we set out to improve at the beginning of this effort.

We have provided an example of a Vultron Protocol OWL Ontology that is intended to be a starting point for further discussion and refinement.

It is currently unclear how this work might intersect with the NIST Vulnerability Data Ontology (a.k.a. Vulntology), but we anticipate that there may be some opportunity for further collaboration. Also, we recognize that the OASIS Common Security Advisory Framework is addressing a different abstraction of a closely related problem (representing vulnerability reports and advisories), so we believe that there may be some opportunity for collaboration there as well.