Simplify structure for Controlled Vocabularies

[sbarnum]

Simplify model and implementation structures for using Controlled Vocabularies such that use of terms from the default vocabulary is as simple as possible while still supporting assertions of values from non-default controlled vocabularies and ad-hoc terms that are not from any controlled vocabulary.

[athiasjerome]

For reference: https://datatracker.ietf.org/doc/rfc7495/

[packet-rat]

@athiasjerome: It's not clear what the intended outcome/action was in sharing the reference link to "Enumeration Reference Format for the Incident Object Description Exchange Format (IODEF)" aka RFC 7495.

[athiasjerome]

My last email regarding this to the IETF SACM WG:
In XORCISM I am managing the enumerations using what I call Vocabularies:
Vocabulary has a relationship to Organisation(s) (Asset(s))
(Gives you the name space)

Vocabulary has versioning

Vocabulary supports various enumerations hierarchy

Vocabulary's enumeration could be deprecated (better than just deleting one item, and in case you don't want to increase the version)

Vocabularies have a mapping (when needed) allowing switching or direct retrieval of equivalents (v1/v2 or org1/org2, etc.)

So potentially I would suggest to look at XORCISM. (while the Vocabulary model is embedded, it makes me difficult to invest time to extract it)

[athiasjerome]

Note another approach as Triple tags:
https://github.com/MISP/misp-taxonomies

[athiasjerome]

Maybe it could help https://github.com/daedafusion/cyber-ontology/blob/master/vocab/vocabulary_common.rdf