Balisage Paper: Integrating Top-down and Bottom-up Cybersecurity Guidance using XML
August 2 - 5, 2016
The materials listed below were provided by the speaker as supplements to a
presentation at Balisage. These materials may include the slides or visuals used in
the
presentation; supplementary material, such as code samples or a demonstration application;
and/or the paper accompanying the presentation (if it has not been provided in XML).
These
materials have been zipped for easy download and are identified by a brief description
of
the contents. The materials themselves are untouched
, that is, they
have not been tested or edited by Balisage: The Markup Conference or by Mulberry
Technologies, Inc. As such, they are included on this website AS IS
,
i.e., as provided by the speaker, with no warranties, express or otherwise, made by
Balisage
or Mulberry.
Slides and Materials
- Bal2016-LubellSlides.zip: Presentation slides in Adobe PDF.
National Institute of Standards and Technology (NIST) and United
States of America. Framework for Improving Critical Infrastructure
Cybersecurity.
(2014). http://www.nist.gov/cyberframework.
NIST Cybersecurity Framework (CSF) Reference Tool.
http://www.nist.gov/cyberframework/csf_reference_tool.cfm. Accessed April 29, 2016.
Cunha, Jacome, Joao Saraiva, and Joost Visser.
Discovery-Based Edit Assistance for Spreadsheets.
In Symposium on Visual
Languages and Human-Centric Computing (VL/HCC). 233–37. IEEE (2009). doi:https://doi.org/10.1109/VLHCC.2009.5295255.
Cunha, Jacome, Joao Saraiva, and Joost Visser. From
Spreadsheets to Relational Databases and Back.
In Proceedings of the 2009 ACM
SIGPLAN Workshop on Partial Evaluation and Program Manipulation, 179–88. Savannah,
GA, USA
(2009). doi:https://doi.org/10.1145/1480945.1480972.
Date, Chris J., and Hugh Darwen. A guide to the SQL Standard: a user's guide to the standard relational language SQL. Vol. 55822. Addison-Wesley Longman (1993).
Durusau, Patrick, and Sam Hunting.
Spreadsheets - 90+ million End User Programmers with No Comment Tracking or
Version Control.
Presented at Balisage: The Markup Conference 2015, Washington,
DC, August 11 - 14, 2015. In Proceedings of Balisage: The Markup Conference 2015.
Balisage
Series on Markup Technologies, vol. 15 (2015). doi:https://doi.org/10.4242/BalisageVol15.Durusau01.
Hung, Vu, Boualem Benatallah, and Regis Saint-Paul.
Spreadsheet-Based Complex Data Transformation.
In Proceedings of the 20th ACM
International Conference on Information and Knowledge Management, 1749–54
(2011). doi:https://doi.org/10.1145/2063576.2063829.
ISO/IEC 29500-1:2012. Information technology - Document
description and processing languages - Office Open XML File Formats - Part 1: Fundamentals
and Markup Language Reference.
Kohlhase, Andrea, Michael Kohlhase, and Ana Guseva.
Context in Spreadsheet Comprehension.
Proceedings of the Second Workshop on
Software Engineering Methods in Spreadsheets. Vol. 1355. Florence, Italy: CEUR Workshop
Proceedings, 21-27 (2015).
Linkov, Igor, Elke Anklam, Zachary A. Collier, Daniel DiMase, and
Ortwin Renn. Risk-based standards: integrating top–down and bottom–up
approaches.
Environment Systems and Decisions. 34, 134–137 (2014). doi:https://doi.org/10.1007/s10669-014-9488-3.
Lubell, Joshua. XForms User
Interfaces for Small Arcane Nontrivial Datasets.
Presented at Balisage: The Markup
Conference 2014, Washington, DC, August 5 - 8, 2014. In Proceedings of Balisage: The
Markup Conference 2014. Balisage Series on Markup Technologies, vol. 13 (2014).
doi:https://doi.org/10.4242/BalisageVol13.Lubell01.
Lubell, Joshua. Extending the Cybersecurity Digital
Thread with XForms.
Presented at Balisage: The Markup Conference 2015, Washington,
DC, August 11 - 14, 2015. In Proceedings of Balisage: The Markup Conference
2015. Balisage Series on Markup Technologies, vol. 15 (2015). doi:https://doi.org/10.4242/BalisageVol15.Lubell01.
Lubell, Joshua. Baseline Tailor User Guide.
NISTIR 8130. National Institute of Standards and Technology (2016). doi:https://doi.org/10.6028/NIST.IR.8130.
NVD - 800-53.
https://web.nvd.nist.gov/view/800-53/home. Accessed April 29, 2016.
Reference Model for an Open Archival Information System
(OAIS).
Recommended Practice CCSDS 650.0-M-2. Consultative Committee for Space Data
Systems (2012).
Pedersen, Torben Bach, Dennis Pedersen, and Karsten Riis.
On-demand multidimensional data integration: toward a semantic foundation for cloud
intelligence.
The Journal of Supercomputing. 65, 217–257 (2013). doi:https://doi.org/10.1007/s11227-011-0712-3.
Rennau, Hans-Jürgen, and Christian Grün. XQuery as a data integration
language.
Presented at Balisage: The Markup Conference 2015, Washington, DC, August
11 - 14, 2015. In Proceedings of Balisage: The Markup Conference 2015.
Balisage Series on Markup Technologies, vol. 15 (2015). doi:https://doi.org/10.4242/BalisageVol15.Rennau01.
Joint Task Force Transformation Initiative. Guide for
Conducting Risk Assessments.
NIST Special Publication 800-30. Revision 1 (2012).
doi:https://doi.org/10.6028/NIST.SP.800-30r1.
Joint Task Force Transformation Initiative. Security and
Privacy Controls for Federal Information Systems and Organizations.
NIST Special
Publication 800-53. Revision 4 (2013). doi:https://doi.org/10.6028/NIST.SP.800-53r4.
Stouffer, Keith, Victoria Pillitteri, Suzanne Lightman, Marshall Abrams, and Adam Hahn. Guide to Industrial Control Systems (ICS) Security. NIST Special Publication 800-82. Revision 2 (2015). doi:https://doi.org/10.6028/NIST.SP.800-82r2.
XForms 1.1.
W3C Recommendation (2009). http://www.w3.org/TR/xforms.
Extensible Markup Language (XML) 1.0 (Fifth Edition).
W3C Recommendation (2008). http://www.w3.org/TR/xml.
XML Path Language (XPath) 3.0.
W3C Recommendation
(2014). http://www.w3.org/TR/xpath-30.
XQuery 3.0: An XML Query Language.
W3C
Recommendation (2014). http://www.w3.org/TR/xquery-30.
XSL Transformations (XSLT) Version 2.0.
W3C
Recommendation (2007). http://www.w3.org/TR/xslt20.