SIX OVAL

Currently, the code is hosted on Google Code.

Latest News

2010-11-05: version 0.6.0 released
2010-10-05: version 0.5.0 released

About

SIX OVAL is a Java class library for Open Vulnerability and Assessment Language (OVAL®) which includes:

Domain Model:
- Java classes representing the OVAL data model, including the Definition, System Characteristics, and Results.
Data Mapping:
- Object-XML mapping (OXM) and Object-Relational mapping (ORM) functions.
Interpreter Driving:
- Java classes to configure and execute the OVAL Interpreter.
- downloading and uploading the OVAL Definitions and Results respectively, via HTTP in the REST style.

This software is intended for developers of applications like vulnerability assessment, policy compliance management, configuration management, etc. accross the enterprise. Also, system administrators can use several off-the-shelf utilities immediately.

Figure: SIX OVAL supports network-enabled OVAL lifecycle

SIX-OVAL-Interpreter

License

SIX OVAL is an open source software, licensed under the GNU General Public License (GPL) version 3, and an intellectual property of AIST: Registered Number H22PRO-1124.

Download

The distribution archive includes complete Java source code and documents.

Release Notes
Version 0.6.0 (2010-11-05): six-oval-0.6.0.zip on Google Code
Version 0.5.0 (2010-10-05): six-oval-0.5.0.zip on Google Code
Version 0.4.0 (2010-04-19): six-oval-0.4.0.zip [MD5]

Requirements and Limitations

Please refer to the release notes to find the external dependent components and limitations of the versions. Note that some additional components may be required for indirect dependency.

Documentation

Resources

document version: $Id: index.html 1250 2011-01-13 10:25:15Z akihito $

Akihito Nakamura, <nakamura-akihito @ aist.go.jp >

National Institute of Advanced Industrial Science and Technology (AIST)
Information Technology Research Institute
AIST Tsukuba Central 2, 1-1, Umezono 1-Chome, Tsukuba-shi, Ibaraki-ken, 305-8568 JAPAN