In my opinion, the Device_Object and Product_Object seem to overlap each others area too much. The fact that a hardware device can be described by both the Device and Produce objects could produce confusion, as it did for me initially. I'd like to propose a modification to minimise the confusion, and hopefully better describe current generation devices with their many and varied connectivity types and functionality, and to help more accurately describe portable devices within CybOX.
My suggestion is as follows:
The Product_Object could be renamed Software_Object to better reflect its software specific nature, and could contain:
Software_Object:
- Vendor
- Product
- Edition
- Major_Version
- Minor_Version
- Build_Version
- Revision_Version
- Language
The Device_Object could be modified to include an array of network interfaces to reflect the multitude of network interfaces that devices currently have, and could include a portable true/false indicator to allow for the differences in portability. There can also be an array of software, so that firmware, operating system, and default apps can be included, and an array of functions, which could include things like phone functionality, text functionality, and similar. The object could be similar to the following:
Device_Object:
- Manufacturer
- Model
- Serial_Number
- Portable
- ArrayOfNetworkInterface_Obhect
- ArrayOfSoftware_Object
- ArrayOfFunction_Object
Next if we created a NetworkInterface_Object as a base object, we could extend the base object to include different types of network interfaces, such as DECT, WCDMA, 802.11N, NFC, Bluetooth and others. We would then be able to describe devices such as iPad, Mobiles Phones, routers, cordless telephones and even MP3 players. I've listed some network interface types as an example.
WCDMA_NetworkInterface_Object (extended from NetworkInterface_Object)
- IMEI
- IMSI
- Socket_Address_Object
- Network_Operator_Object
IEEE802.11n_NetworkInterface_Object (extended from NetworkInterface_Object)
- MAC_Address
- Socket_Address_Object
- Channel
IEEE802.3ah_NetworkInterface_Object (extended from NetworkInterface_Object)
- MAC_Address
- Socket_Address_Object
- Full_Duplex
- Interface_Connector
NFC_NetworkInterface_Object (extended from NetworkInterface_Object)
- NFC mac
- Socket_Address_Object
Bluetooth_NetworkInterface_Object (extended from NetworkInterface_Object)
- NFC mac
- Socket_Address_Object
DECT6.0_NetworkInterface_Object (extended from NetworkInterface_Object)
802.11N_NetworkInterface_Object (extended from NetworkInterface_Object)
- MAC_Address
- Socket_Address_Object
We could also create a Network Operator Object to enable reuse within different networks
Network_Operator_Object:
- Operator ID
- Country
- Abuse_Email_Address
Lastly, there is the different functions that the device can have. I was thinking of things such as being a phone, video phone, SMS, MMS, File Server, multimedia server, POS terminal, etc.
Phone_Function_Object (extended from Device_Function_Object )
- Phone_Number
- Country_Code
So.... does that look useable? As its breaking functionality it could only be added as part of CybOX v3.0.
In my opinion, the Device_Object and Product_Object seem to overlap each others area too much. The fact that a hardware device can be described by both the Device and Produce objects could produce confusion, as it did for me initially. I'd like to propose a modification to minimise the confusion, and hopefully better describe current generation devices with their many and varied connectivity types and functionality, and to help more accurately describe portable devices within CybOX.
My suggestion is as follows:
The Product_Object could be renamed Software_Object to better reflect its software specific nature, and could contain:
Software_Object:
The Device_Object could be modified to include an array of network interfaces to reflect the multitude of network interfaces that devices currently have, and could include a portable true/false indicator to allow for the differences in portability. There can also be an array of software, so that firmware, operating system, and default apps can be included, and an array of functions, which could include things like phone functionality, text functionality, and similar. The object could be similar to the following:
Device_Object:
Next if we created a NetworkInterface_Object as a base object, we could extend the base object to include different types of network interfaces, such as DECT, WCDMA, 802.11N, NFC, Bluetooth and others. We would then be able to describe devices such as iPad, Mobiles Phones, routers, cordless telephones and even MP3 players. I've listed some network interface types as an example.
WCDMA_NetworkInterface_Object (extended from NetworkInterface_Object)
IEEE802.11n_NetworkInterface_Object (extended from NetworkInterface_Object)
IEEE802.3ah_NetworkInterface_Object (extended from NetworkInterface_Object)
NFC_NetworkInterface_Object (extended from NetworkInterface_Object)
Bluetooth_NetworkInterface_Object (extended from NetworkInterface_Object)
DECT6.0_NetworkInterface_Object (extended from NetworkInterface_Object)
802.11N_NetworkInterface_Object (extended from NetworkInterface_Object)
We could also create a Network Operator Object to enable reuse within different networks
Network_Operator_Object:
Lastly, there is the different functions that the device can have. I was thinking of things such as being a phone, video phone, SMS, MMS, File Server, multimedia server, POS terminal, etc.
Phone_Function_Object (extended from Device_Function_Object )
So.... does that look useable? As its breaking functionality it could only be added as part of CybOX v3.0.