Abstract Unauthorized access intended to distribute malware has been widely spread across the Internet and causing a lot of damage worldwide. In order to eliminate vulnerabilities that can be exploited by those malware and prevent unauthorized access, it is necessary to improve the way to distribute security information about computer software and hardware. In this paper, we examines how we can provide a more efficient security information distribution service for the security administrators that helps them reduce their workload related in gathering and grouping information from various sources and take care of vulnerabilities and incidents. We propose JVNRSS (JP Vendor Status Notes RSS) as a security information sharing and exchanging specification. Currently, JPCERT/CC and IPA (Information-technology Promotion Agency) are promoting a framework to handle vulnerability information in Japan. They offer JVN (JP Vendor Status Notes), a portal site to provide security information about the domestic computer software and hardware manufactured by the vendors participating in the framework. JVNRSS is one of the methods JVN has been using to distribute security information. JVNRSS is based on RSS 1.0 and uses the "<dc:relation>" field defined in the Dublin Core as a Relational ID to correlate security information issued by various sources. JVNRSS uses the reference URL specified in a security alert, for example, an URL of the Common Vulnerability Exposure, CERT Advisory, CERT Vulnerability Note, US-CERT Technical Alert and CIAC Bulletin. In this paper, firstly we will explain the specification and applications of JVNRSS. Secondly, we will introduce the result of our feasibility study on JVNRSS and lastly we will propose the RSS Extension for security information sharing through the Internet
