|
|||||
 |
 |
||||
| CPE Website is in "Archive" status — read the announcement | |||||
CPE Documents — ArchiveSpecificationsCommon Platform Enumeration (CPE) Naming Specification, Version 2.3 — NIST IR 7695Hosted on the U.S. National Institute of Standards and Technology’s (NIST) Computer Security Resource Center, the Version 2.3 CPE Naming Specification "defines the logical structure of names for IT product classes and the procedures for binding and unbinding these names to and from machine-readable encodings. This report also defines and explains the requirements that IT products must meet for conformance" with this specification. August 2011. Common Platform Enumeration (CPE) Name Matching Specification, Version 2.3 — NIST IR 7696Hosted on the U.S. National Institute of Standards and Technology’s (NIST) Computer Security Resource Center, the Version 2.3 CPE Name Matching Specification "provides a method for conducting a one-to-one comparison of a source CPE name to a target CPE name. In addition to defining the specification, this report also defines and explains the requirements that IT products must meet for conformance" with this specification. August 2011. Common Platform Enumeration (CPE) Dictionary Specification, Version 2.3 — NIST IR 7697Hosted on the U.S. National Institute of Standards and Technology’s (NIST) Computer Security Resource Center, the Version 2.3 CPE Dictionary Specification defines a CPE dictionary as a "repository of IT product names, with each name in the repository identifying a unique class of IT product in the world." The specification further "defines the semantics of the CPE Dictionary data model and the rules associated with CPE dictionary creation and management. This report also defines and explains the requirements that IT products and services, including CPE dictionaries, must meet for conformance" with this specification. August 2011. Common Platform Enumeration (CPE) Applicability Language Specification, Version 2.3 — NIST IR 7698Hosted on the U.S. National Institute of Standards and Technology’s (NIST) Computer Security Resource Center, the Version 2.3 CPE Applicability Language Specification describes how the "CPE Applicability Language data model builds on top of other CPE specifications to provide the functionality required to allow CPE users to construct complex groupings of CPE names to describe IT platforms. These groupings are referred to as applicability statements because they are used to designate which platforms particular guidance, policies, etc. apply to. This report defines the semantics of the CPE Applicability Language data model and the requirements that IT products and CPE Applicability Language must meet for conformance" with this specification." August 2011. DictionaryCPE 2.2 Dictionary SchemaHosted on the CPE Web site, the CPE Dictionary Schema Version 2.2 helps community members prepare each CPE Name submission, or bundled multiple name submissions, in valid CPE Dictionary XML form for submission to the Official CPE Dictionary. NOTE: The CPE Dictionary Schema remains at Version 2.2, while the most current version of the CPE Specification documents are Version 2.3. To review the CPE Version 2.2 Specification, visit the CPE Archive. Reference ImplementationCPE Reference ImplementationA reference implementation of the CPE Naming and Matching algorithms, as described in NIST IRs 7695 and 7696. The ZIP file contains a readme.txt file that explains how to build and run the application. September 2011. ZIP (97 KB) GeneralOverview of CPE Version 2.3, IT Security Automation Conference 2011CPE briefing slides presented at IT Security Automation Conference 2011. October 31 - November 2, 2011. PDF (747 KB) CPE Overview and Recent Developments Briefing SlidesAn overview of the CPE initiative and an introduction to CPE Version 2.3. June 2011. PDF (794 KB) CPE Introductory BrochureA brief one-page introduction to the CPE initiative. June 2012. PDF (173 KB) |
||||
