diff --git a/features/fedramp_extensions.feature b/features/fedramp_extensions.feature index 29eefbf85..b16a89b71 100644 --- a/features/fedramp_extensions.feature +++ b/features/fedramp_extensions.feature @@ -113,6 +113,7 @@ Examples: | leveraged-authorization-nature-of-agreement | | marking | | missing-response-components | + | network-component-has-connection-security-prop | | network-component-has-implementation-point | | party-has-name | | privilege-level | @@ -334,6 +335,8 @@ Examples: | marking-PASS.yaml | | missing-response-components-FAIL.yaml | | missing-response-components-PASS.yaml | + | network-component-has-connection-security-prop-FAIL.yaml | + | network-component-has-connection-security-prop-PASS.yaml | | network-component-has-implementation-point-FAIL.yaml | | network-component-has-implementation-point-PASS.yaml | | party-has-name-FAIL.yaml | diff --git a/src/validations/constraints/content/ssp-all-VALID.xml b/src/validations/constraints/content/ssp-all-VALID.xml index 973e154a5..2137e2783 100644 --- a/src/validations/constraints/content/ssp-all-VALID.xml +++ b/src/validations/constraints/content/ssp-all-VALID.xml @@ -349,8 +349,10 @@

Secure connection to an external API for data enrichment.

+ - + +

Some description of the authentication method.

@@ -373,9 +375,10 @@

Briefly describe the external system.

+ - + diff --git a/src/validations/constraints/content/ssp-network-component-has-connection-security-prop-INVALID.xml b/src/validations/constraints/content/ssp-network-component-has-connection-security-prop-INVALID.xml new file mode 100644 index 000000000..1475cf502 --- /dev/null +++ b/src/validations/constraints/content/ssp-network-component-has-connection-security-prop-INVALID.xml @@ -0,0 +1,25 @@ + + + + + External API Connection + +

Secure connection to an external API for data enrichment.

+
+ + + + + + 11111111-0000-4000-9000-000000000001 + + +

This connection is used for secure data exchange with external systems.

+
+
+
+
+ \ No newline at end of file diff --git a/src/validations/constraints/fedramp-external-constraints.xml b/src/validations/constraints/fedramp-external-constraints.xml index 108afb7ee..1a520be94 100644 --- a/src/validations/constraints/fedramp-external-constraints.xml +++ b/src/validations/constraints/fedramp-external-constraints.xml @@ -535,6 +535,11 @@ Leveraged Authorization Has System Identifier A FedRAMP SSP MUST define exactly one system identifier for each leveraged authorization entry. + + + Network Component Has Connection Security Property + + All network components in a FedRAMP SSP system implementation MUST define at least one interconnection security property. Unique Asset Identifier diff --git a/src/validations/constraints/unit-tests/network-component-has-connection-security-prop-FAIL.yaml b/src/validations/constraints/unit-tests/network-component-has-connection-security-prop-FAIL.yaml new file mode 100644 index 000000000..bfebea130 --- /dev/null +++ b/src/validations/constraints/unit-tests/network-component-has-connection-security-prop-FAIL.yaml @@ -0,0 +1,9 @@ +test-case: + name: Negative Test for network-component-has-connection-security-prop + description: >- + This test case validates the behavior of constraint + network-component-has-connection-security-prop + content: ../content/ssp-network-component-has-connection-security-prop-INVALID.xml + expectations: + - constraint-id: network-component-has-connection-security-prop + result: fail diff --git a/src/validations/constraints/unit-tests/network-component-has-connection-security-prop-PASS.yaml b/src/validations/constraints/unit-tests/network-component-has-connection-security-prop-PASS.yaml new file mode 100644 index 000000000..b9987997d --- /dev/null +++ b/src/validations/constraints/unit-tests/network-component-has-connection-security-prop-PASS.yaml @@ -0,0 +1,9 @@ +test-case: + name: Positive Test for network-component-has-connection-security-prop + description: >- + This test case validates the behavior of constraint + network-component-has-connection-security-prop + content: ../content/ssp-all-VALID.xml + expectations: + - constraint-id: network-component-has-connection-security-prop + result: pass