reattempt

GSA · Dec 2, 2024 · 86ec51d · 86ec51d
2 parents 50006f9 + 433b287
commit 86ec51d
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 0 deletions.
diff --git a/features/fedramp_extensions.feature b/features/fedramp_extensions.feature
@@ -111,6 +111,7 @@ Examples:
   | leveraged-authorization-nature-of-agreement |
   | marking |
   | missing-response-components |
+  | network-component-has-connection-security-prop |
   | party-has-name |
   | privilege-level |
   | prop-response-point-has-cardinality-one |
@@ -327,6 +328,8 @@ Examples:
   | marking-PASS.yaml |
   | missing-response-components-FAIL.yaml |
   | missing-response-components-PASS.yaml |
+  | network-component-has-connection-security-prop-FAIL.yaml |
+  | network-component-has-connection-security-prop-PASS.yaml |
   | party-has-name-FAIL.yaml |
   | party-has-name-PASS.yaml |
   | privilege-level-FAIL.yaml |

diff --git a/src/validations/constraints/fedramp-external-allowed-values.xml b/src/validations/constraints/fedramp-external-allowed-values.xml
@@ -326,6 +326,26 @@
                 <enum value="https://doi.org/10.6028/NIST.SP.800-60v2r1">NIST SP 800-60 Volume 2 Revision 1</enum>
             </allowed-values>
 
+            <allowed-values id="interconnection-direction" target="system-implementation/component[@type='interconnection']/prop[@name='interconnection-direction'][@ns='https://fedramp.gov/ns/oscal']/@value" allow-other="no" level="ERROR">
+                <formal-name>Interconnection Direction</formal-name>
+                <description>Identifies the direction of information flow for the interconnection.</description>
+                <enum value="in">Incoming</enum>
+                <enum value="out">Outgoing</enum>
+                <enum value="in/out">Bi-Directional</enum>
+            </allowed-values>
+
+            <allowed-values id="interconnection-security" target="system-implementation/component[@type='interconnection']/prop[@name='interconnection-security'][@ns='https://fedramp.gov/ns/oscal']/@value" allow-other="no" level="ERROR">
+                <formal-name>Interconnection Security</formal-name>
+                <description>Identifies the type of security applied to the interconnection.</description>
+                <enum value="ipsec">IPsec</enum>
+                <enum value="vpn">Virtual Private Network</enum>
+                <enum value="tls">Transport-Layer Security</enum>
+                <enum value="dtls">Transport-Layer Security</enum>
+                <enum value="certificate">Certificate Authentication Security</enum>
+                <enum value="secure-file-transfer">Secure File Transfer</enum>
+                <enum value="other">Other</enum>
+            </allowed-values>
+
             <allowed-values id="inventory-item-allows-authenticated-scan" target="(//inventory-item | //component)/prop[@name='allows-authenticated-scan']/@value" allow-other="no" level="ERROR">
                 <formal-name>Allows Authenticated Scan</formal-name>
                 <description>Indicates if the asset is capable of having an authenticated scan.</description>