From 25505c2fbb9dfcf4b070a20b4358b4a5eb3f2cdd Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Thu, 9 Dec 2021 08:39:33 -0500 Subject: [PATCH 001/138] Release 1.0 metaschema adjustments (#1065) * Many fixes to the constraints in the OSCAL metaschemas to repair broken Metapaths. * fixing defects in metaschema constraints * Updating to latest Metaschema toolchain. Removed use of the "require" constraint. * updating readme with current links --- src/metaschema/oscal_control-common_metaschema.xml | 9 +++++++++ src/metaschema/oscal_profile_metaschema.xml | 2 +- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/src/metaschema/oscal_control-common_metaschema.xml b/src/metaschema/oscal_control-common_metaschema.xml index 1f3443fc8e..fca9095e27 100644 --- a/src/metaschema/oscal_control-common_metaschema.xml +++ b/src/metaschema/oscal_control-common_metaschema.xml @@ -73,6 +73,15 @@ &allowed-values-control-group-property-name; + + The assessment method to use. This typically appears on parts with the name "assessment". + + + + The process of holding discussions with individuals or groups of individuals within an organization to once again, facilitate assessor understanding, achieve clarification, or obtain evidence. + The process of reviewing, inspecting, observing, studying, or analyzing one or more assessment objects (i.e., specifications, mechanisms, or activities). + The process of exercising one or more assessment objects (i.e., activities or mechanisms) under specified conditions to compare actual with expected behavior. +

A part provides for logical partitioning of prose, and can be thought of as a grouping structure (e.g., section). A part can have child parts allowing for arbitrary nesting of prose content (e.g., statement hierarchy). A part can contain prop objects that allow for enriching prose text with structured name/value information.

diff --git a/src/metaschema/oscal_profile_metaschema.xml b/src/metaschema/oscal_profile_metaschema.xml index 7bc0733640..179e0c8fb6 100644 --- a/src/metaschema/oscal_profile_metaschema.xml +++ b/src/metaschema/oscal_profile_metaschema.xml @@ -123,7 +123,7 @@ As-Is Structuring Directive An As-is element indicates that the controls should be structured in resolution as they are structured in their source catalogs. It does not contain any elements or attributes. - + Custom grouping A Custom element frames a structure for embedding represented controls in resolution. From 929005aaeb9c4b11e42ed4fea1a733fa58085963 Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Mon, 31 Jan 2022 15:50:13 -0500 Subject: [PATCH 002/138] reverting part constraints, since these are already handled --- src/metaschema/oscal_control-common_metaschema.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/metaschema/oscal_control-common_metaschema.xml b/src/metaschema/oscal_control-common_metaschema.xml index fca9095e27..09d9a7cac3 100644 --- a/src/metaschema/oscal_control-common_metaschema.xml +++ b/src/metaschema/oscal_control-common_metaschema.xml @@ -73,7 +73,7 @@ &allowed-values-control-group-property-name; - +

A part provides for logical partitioning of prose, and can be thought of as a grouping structure (e.g., section). A part can have child parts allowing for arbitrary nesting of prose content (e.g., statement hierarchy). A part can contain prop objects that allow for enriching prose text with structured name/value information.

A part can be assigned an optional id, which allows for internal and external references to the textual concept contained within a part. A id provides a means for an OSCAL profile, or a higher layer OSCAL model to reference a specific part within a catalog. For example, an id can be used to reference or to make modifications to a control statement in a profile.

From 63def77d9dc48e7082f8d13c5ea888ab62e07af2 Mon Sep 17 00:00:00 2001 From: galtm <40716346+galtm@users.noreply.github.com> Date: Fri, 4 Feb 2022 14:15:34 -0500 Subject: [PATCH 003/138] Profile resolver selection: XSpec additions and minor XSLT enhancements (#1101) * Group scenarios and add edge case scenario * Group the scenarios that test o:glob-as-regex. * Add scenario for edge case where input is empty. * For selection, augment XSpec and update XSLT * Add XSpec tests for oscal-profile-resolve-select.xsl, mostly at the level of templates and functions. * Minor enhancements in oscal-profile-resolve-select.xsl: * Add support for with-parent-controls * Generate fatal error if resource cannot be fetched * Provide focused error message if resource has no suitable rlink * Handle missing matching pattern * Fix indentation * Fix scenario that intentionally omits pattern * Rename o:resource-or-warning as o:resource-or-error * Attributes, not elements, for "from" and "to" * Update expected value for 4a3cadf changes in catalog * The abc-full_catalog.xml file has changed, so the "Loose parameters" test scenario needs adjustment. * Reduce redundancy in expected metadata * metadata is copied verbatim, so no need to check details in multiple test scenarios for the match=profile template * Update verbiage to cross-reference with logged discussion pages --- .../oscal-profile-resolve-select.xsl | 76 +- .../testing/1_selected/catalog-no-uuid.xml | 2 + .../catalog-nonstandard-file-name-ext.xmlcat | 2 + .../testing/1_selected/glob-rewrite.xspec | 11 +- .../1_selected/resource-media-type.xml | 26 + .../1_selected/resource-multiple-rlinks.xml | 21 + .../1_selected/select-mapping-controls.xspec | 243 +++ .../testing/1_selected/select-rlink.xspec | 4 +- .../testing/1_selected/select.xspec | 1743 +++++++++++++---- 9 files changed, 1758 insertions(+), 370 deletions(-) create mode 100644 src/utils/util/resolver-pipeline/testing/1_selected/catalog-no-uuid.xml create mode 100644 src/utils/util/resolver-pipeline/testing/1_selected/catalog-nonstandard-file-name-ext.xmlcat create mode 100644 src/utils/util/resolver-pipeline/testing/1_selected/resource-media-type.xml create mode 100644 src/utils/util/resolver-pipeline/testing/1_selected/resource-multiple-rlinks.xml create mode 100644 src/utils/util/resolver-pipeline/testing/1_selected/select-mapping-controls.xspec diff --git a/src/utils/util/resolver-pipeline/oscal-profile-resolve-select.xsl b/src/utils/util/resolver-pipeline/oscal-profile-resolve-select.xsl index f4654e1009..d8ca35000a 100644 --- a/src/utils/util/resolver-pipeline/oscal-profile-resolve-select.xsl +++ b/src/utils/util/resolver-pipeline/oscal-profile-resolve-select.xsl @@ -1,5 +1,5 @@ - - + @@ -94,7 +93,16 @@ - + + + + + + Document not acquired for resource with uuid {@uuid + }: No rlink with media-type='xml' or href ending with '.xml' + + @@ -104,7 +112,7 @@ - + @@ -118,10 +126,11 @@ - + + + select="concat(opr:catalog-identifier($context/root()/o:catalog), '#', $context/(@id, generate-id())[1])"/> @@ -131,7 +140,7 @@ - + @@ -174,22 +183,30 @@ + - - + + + - - + + @@ -200,26 +217,19 @@ - - + + + + + + + - - - - - - - - Document not acquired: ' - - ' resolved as ' - - ' (as OSCAL XML) - - - - + Document not acquired: {$href} resolved as { + $resolved-href} (as OSCAL XML) + @@ -237,7 +247,7 @@ - + diff --git a/src/utils/util/resolver-pipeline/testing/1_selected/catalog-no-uuid.xml b/src/utils/util/resolver-pipeline/testing/1_selected/catalog-no-uuid.xml new file mode 100644 index 0000000000..78beab5883 --- /dev/null +++ b/src/utils/util/resolver-pipeline/testing/1_selected/catalog-no-uuid.xml @@ -0,0 +1,2 @@ + + diff --git a/src/utils/util/resolver-pipeline/testing/1_selected/catalog-nonstandard-file-name-ext.xmlcat b/src/utils/util/resolver-pipeline/testing/1_selected/catalog-nonstandard-file-name-ext.xmlcat new file mode 100644 index 0000000000..a506f84570 --- /dev/null +++ b/src/utils/util/resolver-pipeline/testing/1_selected/catalog-nonstandard-file-name-ext.xmlcat @@ -0,0 +1,2 @@ + + diff --git a/src/utils/util/resolver-pipeline/testing/1_selected/glob-rewrite.xspec b/src/utils/util/resolver-pipeline/testing/1_selected/glob-rewrite.xspec index add11d3ed1..e417e4641e 100644 --- a/src/utils/util/resolver-pipeline/testing/1_selected/glob-rewrite.xspec +++ b/src/utils/util/resolver-pipeline/testing/1_selected/glob-rewrite.xspec @@ -1,12 +1,10 @@ - -]> + ac @@ -30,5 +28,12 @@ ac-1(*) + + + + + + + diff --git a/src/utils/util/resolver-pipeline/testing/1_selected/resource-media-type.xml b/src/utils/util/resolver-pipeline/testing/1_selected/resource-media-type.xml new file mode 100644 index 0000000000..5db7281637 --- /dev/null +++ b/src/utils/util/resolver-pipeline/testing/1_selected/resource-media-type.xml @@ -0,0 +1,26 @@ + + + + + + Test Profile with Nonstandard File Name Extension in resource/rlink + 2020-05-30T14:39:37.3-04:00 + 1.0 + 1.0.0-rc2 + + + + + + + + + + + + + + + diff --git a/src/utils/util/resolver-pipeline/testing/1_selected/resource-multiple-rlinks.xml b/src/utils/util/resolver-pipeline/testing/1_selected/resource-multiple-rlinks.xml new file mode 100644 index 0000000000..1f41a36168 --- /dev/null +++ b/src/utils/util/resolver-pipeline/testing/1_selected/resource-multiple-rlinks.xml @@ -0,0 +1,21 @@ + + + + + + Test Profile with Nonstandard File Name Extension in resource/rlink + 2020-05-30T14:39:37.3-04:00 + 1.0 + 1.0.0-rc2 + + + + + + + + + + + diff --git a/src/utils/util/resolver-pipeline/testing/1_selected/select-mapping-controls.xspec b/src/utils/util/resolver-pipeline/testing/1_selected/select-mapping-controls.xspec new file mode 100644 index 0000000000..950e4a241f --- /dev/null +++ b/src/utils/util/resolver-pipeline/testing/1_selected/select-mapping-controls.xspec @@ -0,0 +1,243 @@ + + + + + + + + + + + + + + + + x1 + + + + + + + + + + + ... + + Group X of XYZ + + Control X1 + + + ... + ... + + + + + + + + + x1 + + + + + + + + + + x1 + + + + + + + + + + + ... + + Group X of XYZ + + Control X1 + + + ... + ... + + + ... + + Group X of XYZ + + Control X1 + + + ... + ... + + + + + + + + z3 + + + + + + + + + + Control Z3 + Control Z3-A + Control Z3-A-1 + + + + + + + + + z3 + + + + + + + + + + Control Z3 + Control Z3-A + Control Z3-A-1 + + + + + + + + + x1 + + + + + + + + + + + + + + + + x1 + + + + + + + + + + + + + + + + x1 + + + map-x1 + + + + + + + + + + + + + + + x1 + + + + + + + + + + + + + + + x1 + + + + + + + + + + + + + diff --git a/src/utils/util/resolver-pipeline/testing/1_selected/select-rlink.xspec b/src/utils/util/resolver-pipeline/testing/1_selected/select-rlink.xspec index 65f5006cf9..9abe119234 100644 --- a/src/utils/util/resolver-pipeline/testing/1_selected/select-rlink.xspec +++ b/src/utils/util/resolver-pipeline/testing/1_selected/select-rlink.xspec @@ -1,6 +1,6 @@ + ]> - + diff --git a/src/utils/util/resolver-pipeline/testing/1_selected/select.xspec b/src/utils/util/resolver-pipeline/testing/1_selected/select.xspec index 7df1cae86a..b14ce0adef 100644 --- a/src/utils/util/resolver-pipeline/testing/1_selected/select.xspec +++ b/src/utils/util/resolver-pipeline/testing/1_selected/select.xspec @@ -1,367 +1,1446 @@ - -]> - - - - + xmlns:xs="http://www.w3.org/2001/XMLSchema" + stylesheet="../../oscal-profile-resolve-select.xsl" + xslt-version="3.0"> - - - - - - - - - - + + - - - - - XYZ Tiny Catalog - 2020-05-30T14:51:42.355-04:00 - 1.0 - 1.0.0-rc2 - - - Group X of XYZ - - - Group Y of XYZ - - - Group Z of XYZ - - - - + + + + + ... + ... + ... + ... + + + + + + text + + + + + + + + + - - - - - - - - - - - - - XYZ Tiny Catalog - 2020-05-30T14:51:42.355-04:00 - 1.0 - 1.0.0-rc2 - - - Group X of XYZ - Control X1 - Control X2 - Control X3 - - - Group Y of XYZ - Control Y1 - Control Y2 - Control Y3 - - - Group Z of XYZ - Control Z1 - Control Z2 - Control Z3 - Control Z3-A - Control Z3-A-1 - - - - - - + + + + + + + + + + - - - - - - x1 - - - - - - - - - XYZ Tiny Catalog - 2020-05-30T14:51:42.355-04:00 - 1.0 - 1.0.0-rc2 - - + + + + + + + + + + + + + + + + + + + + + + XYZ Tiny Catalog + 2020-05-30T14:51:42.355-04:00 + 1.0 + 1.0.0-rc2 + + + Group X of XYZ + + + Group Y of XYZ + + + Group Z of XYZ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ... + + Group X of XYZ + Control X1 + Control X2 + Control X3 + + + Group Y of XYZ + Control Y1 + Control Y2 + Control Y3 + + + Group Z of XYZ + Control Z1 + Control Z2 + Control Z3 + Control Z3-A + Control Z3-A-1 + + + + + + + + + + + + + + + + + + x1 + + + + + + + + + ... + Group X of XYZ Control X1 Group Y of XYZ Group Z of XYZ - - + + + + + + + + + + + + + + + + + + + + ... + + Group X of XYZ + Control X1 + Control X2 + Control X3 + + Group Y of XYZ + Group Z of XYZ + + + + + + + + + + + + x1 + y1 + z1 + + + + + + + + + ... + + Group X of XYZ + Control X2 + Control X3 + + + Group Y of XYZ + Control Y2 + Control Y3 + + + Group Z of XYZ + Control Z2 + Control Z3 + Control Z3-A + Control Z3-A-1 + + + + + + + + + + + + + + z3 + + + + + + + + + ... + + Group X of XYZ + + + Group Y of XYZ + + + Group Z of XYZ + Control Z3 + Control Z3-A + Control Z3-A-1 + + + + + + + + + + + + + + x1 + + + + + y1 + + + + + + + + + ... + + Group X of XYZ + Control X1 + + Group Y of XYZ + Group Z of XYZ + + + ... + + Group X of XYZ + + + Group Y of XYZ + Control Y1 + + Group Z of XYZ + + + + + + + + + + + + + + a1 + b1 + + + + + + + + + ... + + Group A of C + + + A.a value + + + + + + Control A1 + + + a1.a value + + + +

A1 aaaaa aaaaaaaaaa

+

Parameter A.a is set:

+

Parameter a1.a is set:

+
+
+
+ + Group B of C + + Control B1 + + +

B1 bbbb bbbbbbb.

+
+
+
+ + Group C of C + + + + + A citation to an out of line document. + + + + + A citation to an out of line document. + + + + + + A citation to an out of line document. + + + +
+
+
+
- - - - - - - - - - - + + + + + + + + + + + + + + ... + + + - - - - - XYZ Tiny Catalog - 2020-05-30T14:51:42.355-04:00 - 1.0 - 1.0.0-rc2 - - - Group X of XYZ - Control X1 - Control X2 - Control X3 - - Group Y of XYZ - Group Z of XYZ - - - + + + + + + + + + + + + + + + + + - - - - - - - x1 - y1 - z1 - - - - + + + + + + + + + ... + ... + + + + + + + + + + - - - - - XYZ Tiny Catalog - 2020-05-30T14:51:42.355-04:00 - 1.0 - 1.0.0-rc2 - - - Group X of XYZ - Control X2 - Control X3 - - - Group Y of XYZ - Control Y2 - Control Y3 - - - Group Z of XYZ - Control Z2 - Control Z3 - Control Z3-A - Control Z3-A-1 - - - - - - + + + + + + + + + + + + + + ... + + + + + + ... + + + + + + + + + Document not acquired for resource with uuid foo: No rlink with media-type='xml' or href ending with '.xml' + + + + - - - - - - z3 - - - - + + + + + + + + + + + + + + + + + + - - - - - XYZ Tiny Catalog - 2020-05-30T14:51:42.355-04:00 - 1.0 - 1.0.0-rc2 - - - Group X of XYZ - - - Group Y of XYZ - - - Group Z of XYZ - Control Z3 - Control Z3-A - Control Z3-A-1 - - - - - + + + + + Group X of XYZ + + + + + + Group X of XYZ + - - - - - - x1 - - - - - y1 - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - - - - - XYZ Tiny Catalog - 2020-05-30T14:51:42.355-04:00 - 1.0 - 1.0.0-rc2 - - - Group X of XYZ - Control X1 - - Group Y of XYZ - Group Z of XYZ - - - - XYZ Tiny Catalog - 2020-05-30T14:51:42.355-04:00 - 1.0 - 1.0.0-rc2 - - - Group X of XYZ - - - Group Y of XYZ - Control Y1 - - Group Z of XYZ - - - + + + + + + + + ... + + + + + + + + + + + - - - - - - a1 - b1 - - - + + + + + + Control A1 + + + + + - - - - - - ABC Catalog - 2020-05-30T14:51:38.311-04:00 - 1.0 - 1.0.0-rc2 - - - Group A of C - - - A.a value - - - - - - Control A1 - - - a1.a value - - - -

A1 aaaaa aaaaaaaaaa

-

Parameter A.a is set: ...

-

Parameter a1.a is set: ...

-

Also, we refer to a citation.

-
-
-
- - Group B of C - - Control B1 - - -

B1 bbbb bbbbbbb.

-
-
-
- - Group C of C - - - - - A citation to an out of line document. - - - -
-
+ + + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + abc + + + + + + + + + + + + + + + abc + + + + + + + + + + + + + + + level-four + + + + + + + + + + + + + level-four + + + + + + + + + + + + + level-four + + + + + + + + + + + + + level-two + + + + + + + + + + + + + level-two + + + + + + + + + + + + + level-two + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + level-four + + + level-three + + + + + + + + + + + + + level-two + + + level-three + + + + + + + + + + + + + + + + + + + + + + + + + + + abc + + + + + + + + + + + + + + + + abc + + + + + + + + + + + + + + + + level-four + + + + + + + + + + + + + + level-four + + + + + + + + + + + + + + level-four + + + + + + + + + + + + + + level-two + + + + + + + + + + + + + + level-two + + + + + + + + + + + + + + level-two + + + + + + + + + + + + + level-two + + + level-three + + + + + + + + + + + + + level-two + + + level-three + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + level-four + + + + + + + + + + + + + + + + level-four + + + + + + + + + + + + + + level-four + + + level-four + + + + + + + + + + + + + level-four + + + level-four + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ... + + +
From dd090864f96e1af7601aba9cfbf47ec9f424f359 Mon Sep 17 00:00:00 2001 From: galtm <40716346+galtm@users.noreply.github.com> Date: Mon, 28 Feb 2022 17:33:20 -0500 Subject: [PATCH 004/138] Use XSpec variable instead of entity (#1136) For consistency with select.xspec, use XSpec variable instead of entity for the path to the profile resolution examples. --- .../testing/1_selected/select-rlink.xspec | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/src/utils/util/resolver-pipeline/testing/1_selected/select-rlink.xspec b/src/utils/util/resolver-pipeline/testing/1_selected/select-rlink.xspec index 9abe119234..cb70e55295 100644 --- a/src/utils/util/resolver-pipeline/testing/1_selected/select-rlink.xspec +++ b/src/utils/util/resolver-pipeline/testing/1_selected/select-rlink.xspec @@ -1,15 +1,18 @@ - -]> + + + + - + z3 @@ -50,7 +53,7 @@ Tiny Catalog - + @@ -95,8 +98,8 @@ Tiny Catalog - - + +
From 9d0cbb3f0c94631e4b95a87ffc10714fada52a39 Mon Sep 17 00:00:00 2001 From: galtm <40716346+galtm@users.noreply.github.com> Date: Mon, 28 Feb 2022 17:33:57 -0500 Subject: [PATCH 005/138] Nonrecursive UUID functions plus XSpec tests (#1158) random-util.xsl provides r:make-uuid and r:make-uuid-sequence for creating one or more random UUIDs. The r:make-random-string-sequence function supports more flexible random patterns. Implementations here use the XPath function, random-number-generator. random-util.xspec provides template- and function-level tests for code in random-util.xsl. --- .../util/resolver-pipeline/random-util.xsl | 86 +++++--- .../testing/2_metadata/random-util.xspec | 207 ++++++++++++++++++ 2 files changed, 257 insertions(+), 36 deletions(-) create mode 100644 src/utils/util/resolver-pipeline/testing/2_metadata/random-util.xspec diff --git a/src/utils/util/resolver-pipeline/random-util.xsl b/src/utils/util/resolver-pipeline/random-util.xsl index 25e7701df8..4c2d40971c 100644 --- a/src/utils/util/resolver-pipeline/random-util.xsl +++ b/src/utils/util/resolver-pipeline/random-util.xsl @@ -27,8 +27,8 @@ v4 UUID --> - + @@ -49,49 +49,63 @@ v4 UUID
- + + - - - - - - - - - - - + - - + + - + + ________-____-4___-=___-____________ + + - - + + + + - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + - ________-____-4___-=___-____________ - - - diff --git a/src/utils/util/resolver-pipeline/testing/2_metadata/random-util.xspec b/src/utils/util/resolver-pipeline/testing/2_metadata/random-util.xspec new file mode 100644 index 0000000000..daa5ea4471 --- /dev/null +++ b/src/utils/util/resolver-pipeline/testing/2_metadata/random-util.xspec @@ -0,0 +1,207 @@ + + + + + x + + ^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - + + + + + + + {codepoints-to-string($ov:charnum)} + + + + + + + + + + + + + + + + + + + + + + From 79db795de0e59c88dfeef98bc1377dae80e57be4 Mon Sep 17 00:00:00 2001 From: galtm <40716346+galtm@users.noreply.github.com> Date: Tue, 29 Mar 2022 17:41:50 -0400 Subject: [PATCH 006/138] Iterate over sequence of characters, not positions (#1163) Implementing an idea from @wendellpiez: Instead of iterating over a numeric sequence that represents the position of each character in a long string, iterate over the sequence of characters. This change is in the implementation only, not in the function output. I used ad hoc modifications of the label="seq-length=10000" scenario in the XSpec test to check that the original and modified functions produce the same UUID sequence. --- src/utils/util/resolver-pipeline/random-util.xsl | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/src/utils/util/resolver-pipeline/random-util.xsl b/src/utils/util/resolver-pipeline/random-util.xsl index 4c2d40971c..3fe4bdd665 100644 --- a/src/utils/util/resolver-pipeline/random-util.xsl +++ b/src/utils/util/resolver-pipeline/random-util.xsl @@ -83,14 +83,15 @@ v4 UUID - + + - + - - + From 3e16c9d17c69110419bcc1a1432dd5f3773645e3 Mon Sep 17 00:00:00 2001 From: galtm <40716346+galtm@users.noreply.github.com> Date: Fri, 15 Apr 2022 14:58:07 -0500 Subject: [PATCH 007/138] Profile resolver: Metadata tests and way of determining top UUID (#1175) - Metadata tests and way of determining top UUID - Remove global parameter assign-uuid (note backward incompatibility - is it OK?) - Instead, support global parameters uuid-method and top-uuid, in uuid-method-choice.xsl - Support global parameter hide-source-profile-uri - Stub of opr:oscal-version function - Stub of message handler template, using xsl:message for now - Add XSpec tests - Add table of parameters and clarify testing folder content - Change "home" from global param to global variable; does not need to be set from outside --- .../example-set.xspec | 3 +- .../resolver-pipeline/message-handler.xsl | 19 + .../oscal-profile-RESOLVE.xsl | 51 +- .../oscal-profile-resolve-metadata.xsl | 76 ++- src/utils/util/resolver-pipeline/readme.md | 46 +- .../testing/2_metadata/metadata.xspec | 437 +++++++++++++----- .../2_metadata/uuid-method-choice.xspec | 86 ++++ .../testing/2_metadata/uuid-value.txt | 1 + .../resolver-pipeline/uuid-method-choice.xsl | 89 ++++ 9 files changed, 621 insertions(+), 187 deletions(-) create mode 100644 src/utils/util/resolver-pipeline/message-handler.xsl create mode 100644 src/utils/util/resolver-pipeline/testing/2_metadata/uuid-method-choice.xspec create mode 100644 src/utils/util/resolver-pipeline/testing/2_metadata/uuid-value.txt create mode 100644 src/utils/util/resolver-pipeline/uuid-method-choice.xsl diff --git a/src/specifications/profile-resolution/profile-resolution-examples/example-set.xspec b/src/specifications/profile-resolution/profile-resolution-examples/example-set.xspec index b5d8326d73..e17d79042b 100644 --- a/src/specifications/profile-resolution/profile-resolution-examples/example-set.xspec +++ b/src/specifications/profile-resolution/profile-resolution-examples/example-set.xspec @@ -3,7 +3,8 @@ xmlns:opr="http://csrc.nist.gov/ns/oscal/profile-resolution" stylesheet="../../../utils/util/resolver-pipeline/oscal-profile-RESOLVE.xsl" run-as="external"> - + + + + { + string-join(($message-type, $error-code, $text),': ') + } + + +
\ No newline at end of file diff --git a/src/utils/util/resolver-pipeline/oscal-profile-RESOLVE.xsl b/src/utils/util/resolver-pipeline/oscal-profile-RESOLVE.xsl index 025a5785a9..e4ba2066ba 100644 --- a/src/utils/util/resolver-pipeline/oscal-profile-RESOLVE.xsl +++ b/src/utils/util/resolver-pipeline/oscal-profile-RESOLVE.xsl @@ -1,11 +1,10 @@ + + off - - - - - - - ^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$ - - - - - - - - - - - - - - - - - - 00000000-0000-4000-B000-000000000000 - - - + - + + + + @@ -109,8 +86,10 @@ - - + + + + diff --git a/src/utils/util/resolver-pipeline/oscal-profile-resolve-metadata.xsl b/src/utils/util/resolver-pipeline/oscal-profile-resolve-metadata.xsl index 2f45c909bd..da67371d88 100644 --- a/src/utils/util/resolver-pipeline/oscal-profile-resolve-metadata.xsl +++ b/src/utils/util/resolver-pipeline/oscal-profile-resolve-metadata.xsl @@ -6,29 +6,53 @@ xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:math="http://www.w3.org/2005/xpath-functions/math" xmlns:opr="http://csrc.nist.gov/ns/oscal/profile-resolution" - exclude-result-prefixes="xs math o opr" + xmlns:u="http://csrc.nist.gov/ns/uuid" + exclude-result-prefixes="xs math o opr u" xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0" > - + + + + + + + + + + + urn:UNKNOWN - - - - ^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$ + + - - - + + + + + + - + @@ -55,13 +80,34 @@ + + + + + + + + + + + + + + - + - + diff --git a/src/utils/util/resolver-pipeline/readme.md b/src/utils/util/resolver-pipeline/readme.md index aa9cadeb67..0e8913a01b 100644 --- a/src/utils/util/resolver-pipeline/readme.md +++ b/src/utils/util/resolver-pipeline/readme.md @@ -1,33 +1,49 @@ -## Resolver pipeline +## Profile Resolver Pipeline -Profile resolution is implemented here as a set of XSLT transformations to be performed in sequence, applied to defined inputs (a **source profile** with imported **catalog** sources) to produce defined outputs (a **profile resolution result** in the form of a catalog). The word **baseline** is also used to refer to a particular profile in application, whether in its unprocessed form or its resolved, serialized form. +Profile resolution is implemented here as a sequence of XSLT transformations. The sequence applies to defined inputs (a **source profile** with imported **catalog** sources) and produces defined outputs (a **profile resolution result** in the form of a catalog). The word **baseline** also refers to a particular profile in application, whether in its unprocessed form or its resolved, serialized form. -The sequence reflects and roughly corresponds to the three steps in profile resolution described for OSCAL in the [Profile Resolution Specification](https://pages.nist.gov/OSCAL/concepts/processing/profile-resolution/): +The sequence of XSLT transformations reflects and roughly corresponds to the steps in profile resolution described for OSCAL in the [Profile Resolution Specification](https://pages.nist.gov/OSCAL/concepts/processing/profile-resolution/): -- **selection** (importing catalogs or profiles and selecting controls from them) +- **selection**: importing catalogs or profiles, and selecting controls from them -- **organization (merging)** i.e. specifying how selected controls are to be organized in representation +- **organization (merging)**: organizing the selected controls for the output representation -- **modification** - setting parameters and potentially supplementing, amending or editing control text +- **modification**: setting parameters and potentially supplementing, amending or editing control text -For demonstration, the expected interim results for test files are kept in the testing/\* folders +### Tests for this Implementation -Note that these interim results are *not always valid to any OSCAL schema* while at the same time they are quite close to OSCAL profile and catalog syntax. +The `testing/*` folders contain XSpec tests that indicate expected interim results of each XSLT transformation in the sequence. -Testing files for profile resolution in general are kept [with the specification](../../../specifications/profile-resolution). The testing files in this subdirectory are only for this implementation. +Note that these interim results are *not necessarily valid to any OSCAL schema*, although they are quite close to OSCAL profile and catalog syntax. -### Invoking the XSLT: +The files in `testing/*` are only for this implementation. Implementation-independent tests and sample files for profile resolution are [with the specification](../../../specifications/profile-resolution). -Use a recent version of Saxon for best results -- although we would also be *very interested* to hear from users of other XSLT engines conformant to the 3.1 family of XML standards (XSLT/XPath/XDM/XQuery). +### Invoking the XSLT -The main entry point for the transformation pipeline is the dynamic build XSLT called `oscal-profile-RESOLVE.xsl`, which invokes the core transformation steps in sequence, taking the source profile document as primary input. Load Saxon with your document and this stylesheet as follows (for example): +Use a recent version of Saxon for best results — although we would also be *very interested* to hear from users of other XSLT engines conformant to the 3.1 family of XML standards (XSLT/XPath/XDM/XQuery). + +The entry point for the transformation pipeline is `oscal-profile-RESOLVE.xsl`, which invokes the transformation steps in sequence, taking the source profile document as primary input. Load Saxon with your document and this stylesheet as follows (for example): ```bash > java -cp saxon-he-10.0.jar net.sf.saxon.Transform -t -s:YOUR_PROFILE_DOCUMENT.xml -xsl:path/to/oscal-profile-RESOLVE.xsl -o:YOUR_RESULT_BASELINE.xml ``` -Alternatively, set up the bindings in an IDE or programmed environment that has XSLT 3.1 support. +You can optionally set one or more of the parameters listed in the following table, using syntax `name=value` at the end of the command above. The sequence of parameters is not significant. + +For example, +```bash +> java -cp saxon-he-10.0.jar net.sf.saxon.Transform -t -s:YOUR_PROFILE_DOCUMENT.xml -xsl:path/to/oscal-profile-RESOLVE.xsl -o:YOUR_RESULT_BASELINE.xml uuid-method=random-xslt hide-source-profile-uri=true +``` +| Name | Description | Default | +|---|---|---| +| `hide-source-profile-uri` | If `true`, the output catalog's metadata does not record the source profile's URI. | `false` | +| `path-to-source` | Path from output catalog to location of source profile. | None | +| `top-uuid` | UUID value for top-level element in output catalog, if `uuid-method` is `user-provided`. | None | +| `uuid-method` | Method for computing UUID of top-level element in output catalog. Valid values are: `random-xslt`, in which case the `random-number-generator` XPath function must be available; `random-java`, in which case the `java.util.UUID.randomUUID()` Java method must be available; `user-provided`, in which case you must specify the `top-uuid` parameter; `web-service`, referring to the `uuid-service` parameter value; and `fixed`. | `fixed`| +| `uuid-service` | URI for a web service that produces a UUID, if `uuid-method` is `web-service`.| `https://www.uuidgenerator.net/api/version4`| + +Alternatively, set up the bindings in an IDE or programming environment that has XSLT 3.1 support. -Note that URIs (addresses) given in a profile document must link correctly as absolute or relative paths to their imported catalogs, as demonstrated in examples. +Note that URIs (addresses) given in a profile document must link correctly as absolute or relative paths to their imported catalogs, as demonstrated in [examples](../../../specifications/profile-resolution/profile-resolution-examples). -A captured and serialized profile resolution will take the form of an OSCAL catalog, and be valid to the catalog schema for correctly formed inputs. +A serialized output of profile resolution takes the form of an OSCAL catalog. Assuming inputs are correctly formed, the output is valid to the catalog schema. diff --git a/src/utils/util/resolver-pipeline/testing/2_metadata/metadata.xspec b/src/utils/util/resolver-pipeline/testing/2_metadata/metadata.xspec index a670f3b298..2cb9d2fade 100644 --- a/src/utils/util/resolver-pipeline/testing/2_metadata/metadata.xspec +++ b/src/utils/util/resolver-pipeline/testing/2_metadata/metadata.xspec @@ -1,162 +1,359 @@ - - - - - - - - - + + - - - + + + + Test Profile + 2021-05-30T14:39:35.84-04:00 + 1.3 + 1.0.1 + + - Small Profile for Testing - 2019-11-13T12:13:58.517-05:00 + XYZ Tiny Catalog + 2020-05-30T14:51:42.355-04:00 1.0 - 1.0-rc2 + 1.0.0 + + Internal link within catalog - - + + Group X of XYZ + + + + - - - - Small Profile for Testing - ... - 1.0 - 1.0-rc2 - - - - + + + text + + + + + + + + + - + + + + - + + + + + + + + + + + + + + + + + + - Pathological Profile - 2019-11-13T12:41:07.061-05:00 - 1.0 - 1.0-rc2 + Test Profile + ... + 1.3 + ... + + - + + + + + + - ABC Catalog - 2019-11-01T10:16:22.939-04:00 + Pathological Profile + 2019-11-13T12:41:07.061-05:00 + 2019-11-13T12:41:07.061-05:00 1.0 1.0-rc2 + ...doi... + + + Standing Committee + + - - - - - - + + + - Pathological Profile + ... + 2019-11-13T12:41:07.061-05:00 ... - 1.0 - 1.0-rc2 - - - - - - - - - - - Pathological Profile - 2019-11-13T12:41:07.061-05:00 - 1.0 - 1.0-rc2 + ... + ... + ...doi... + + Standing Committee - + + + + + - ABC Catalog - 2019-11-01T10:16:22.939-04:00 + Pathological Profile + 2019-11-13T12:41:07.061-05:00 1.0 1.0-rc2 + + - - - - - - + + + - Pathological Profile + ... ... - 1.0 - 1.0-rc2 - - - - Standing Committee - - - - - - - - - - - - Pathological Profile - 2019-11-13T12:41:07.061-05:00 - 1.0 - 1.0-rc2 - Internal link - - - Standing Committee - - + ... + ... + + + + - + + + + + - ABC Catalog - 2019-11-01T10:16:22.939-04:00 + Pathological Profile + 2019-11-13T12:41:07.061-05:00 1.0 1.0-rc2 + Internal link - - - - - - + + + - Pathological Profile + ... ... - 1.0 - 1.0-rc2 - + ... + ... + + Internal link - - - Standing Committee - - - - - + + + + + + + + + + + + + + + + ... + + + + + + + + + + + + + + + + + + + + 1.3 + + + + + ... + + + + + + + + 1.0.3 + + + + + 1.0.1 + + + + + 1.0.4 + + + + + 1.0.2 + + + + + + 1.0.4 + + + + + + + 1.0.4 + + + + 1.0.1 + + + + + + 1.0.4 + + + + + + + 1.4.0 + + + + 1.2.0 + + + + + + 1.1.0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/utils/util/resolver-pipeline/testing/2_metadata/uuid-method-choice.xspec b/src/utils/util/resolver-pipeline/testing/2_metadata/uuid-method-choice.xspec new file mode 100644 index 0000000000..f1a5f6b8e3 --- /dev/null +++ b/src/utils/util/resolver-pipeline/testing/2_metadata/uuid-method-choice.xspec @@ -0,0 +1,86 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/utils/util/resolver-pipeline/testing/2_metadata/uuid-value.txt b/src/utils/util/resolver-pipeline/testing/2_metadata/uuid-value.txt new file mode 100644 index 0000000000..a8e02be099 --- /dev/null +++ b/src/utils/util/resolver-pipeline/testing/2_metadata/uuid-value.txt @@ -0,0 +1 @@ +309deb03-491b-4677-9148-bc1b79a21c9c \ No newline at end of file diff --git a/src/utils/util/resolver-pipeline/uuid-method-choice.xsl b/src/utils/util/resolver-pipeline/uuid-method-choice.xsl new file mode 100644 index 0000000000..97c028fb55 --- /dev/null +++ b/src/utils/util/resolver-pipeline/uuid-method-choice.xsl @@ -0,0 +1,89 @@ + + + + + + + + + + + + + + + + + + + + + ^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$ + 00000000-0000-4000-B000-000000000000 + + + + + + + + Warning + top-uuid value, '{$top-uuid}', does not meet UUID requirements. Using default UUID instead. + + + + + + + + + + + + + + Warning + uuid-method, '{$uuid-method}', is not available. Using default UUID instead. + + + + + + + + + Warning + uuid-service, '{$uuid-service}', is not available. Using default UUID instead. + + + + + + + + + Warning + uuid-method, '{$uuid-method}', is not recognized. Using default UUID instead. + + + + + + + \ No newline at end of file From 395e743e20429d756e85ba03b00cef7570b2eff0 Mon Sep 17 00:00:00 2001 From: galtm <40716346+galtm@users.noreply.github.com> Date: Wed, 4 May 2022 11:50:57 -0400 Subject: [PATCH 008/138] Test merge phase, plus minor XSLT enhancements (#1207) XSLT - Move some code from oscal-profile-resolve-select.xsl to new file, select-or-custom-merge.xsl, and share it between Selection phase and Merge phase. - Add error checking for multiple structuring directives. - Finish the incomplete support for `insert-controls/@order`. - Fix bug in support for `@with-parent-controls` in Selection phase. XSpec - In select.xspec, add test for order of controls matching imported document, not profile document. Also, add test for `@with-parent-controls` bug fix. - Create merge-combine.xspec for testing combine-elements and mode="o:combine-elements" templates. - Organize tests among merge.xspec, merge-combine.xspec, merge-as-is.xspec, and merge-custom.xspec. - Integrate back-matter testing into template-level tests in merge.xspec and merge-as-is.xspec, and delete merge-back-matter.xspec. --- .../oscal-profile-resolve-merge.xsl | 153 ++-- .../oscal-profile-resolve-select.xsl | 80 +- .../select-or-custom-merge.xsl | 97 +++ .../testing/1_selected/select.xspec | 79 +- .../testing/3_merged/merge-as-is.xspec | 764 +++++++++++++----- .../testing/3_merged/merge-back-matter.xspec | 154 ---- .../testing/3_merged/merge-combine.xspec | 275 +++++++ .../testing/3_merged/merge-custom.xspec | 668 ++++++++++++--- .../testing/3_merged/merge.xspec | 756 +++++++++++++++-- 9 files changed, 2364 insertions(+), 662 deletions(-) create mode 100644 src/utils/util/resolver-pipeline/select-or-custom-merge.xsl delete mode 100644 src/utils/util/resolver-pipeline/testing/3_merged/merge-back-matter.xspec create mode 100644 src/utils/util/resolver-pipeline/testing/3_merged/merge-combine.xspec diff --git a/src/utils/util/resolver-pipeline/oscal-profile-resolve-merge.xsl b/src/utils/util/resolver-pipeline/oscal-profile-resolve-merge.xsl index d6464f5506..89099f6f9f 100644 --- a/src/utils/util/resolver-pipeline/oscal-profile-resolve-merge.xsl +++ b/src/utils/util/resolver-pipeline/oscal-profile-resolve-merge.xsl @@ -1,6 +1,7 @@ - - + + + @@ -25,34 +28,43 @@ templates not this one. --> - + + - + + - + - + - + - + + + - - - + + + - + @@ -64,7 +76,8 @@ - + + @@ -77,18 +90,34 @@ - - - + + + + + + + + Found multiple structuring directives. Choose at most one from: flat (default), as-is, custom. + Error + + + + + + + + - + - + + - + @@ -96,64 +125,58 @@ - - - - - - - - + + - + - - + + - - - - - - + - - + + + + + + + - + - + + - + + - - - - - - --> - - + + - + @@ -177,6 +200,7 @@ + @@ -194,15 +218,26 @@ - - ... elements of different types combining ... + + + + + + Combining elements of different types is not supported. + Error + + + - + - @@ -219,7 +254,7 @@ - + diff --git a/src/utils/util/resolver-pipeline/oscal-profile-resolve-select.xsl b/src/utils/util/resolver-pipeline/oscal-profile-resolve-select.xsl index d8ca35000a..52ea10a3b2 100644 --- a/src/utils/util/resolver-pipeline/oscal-profile-resolve-select.xsl +++ b/src/utils/util/resolver-pipeline/oscal-profile-resolve-select.xsl @@ -95,7 +95,7 @@ - + - - - - - - - - - - - - - - - - - - - - - - - @@ -170,58 +146,6 @@ --> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -232,7 +156,7 @@ - + diff --git a/src/utils/util/resolver-pipeline/select-or-custom-merge.xsl b/src/utils/util/resolver-pipeline/select-or-custom-merge.xsl new file mode 100644 index 0000000000..62c652ffd3 --- /dev/null +++ b/src/utils/util/resolver-pipeline/select-or-custom-merge.xsl @@ -0,0 +1,97 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/utils/util/resolver-pipeline/testing/1_selected/select.xspec b/src/utils/util/resolver-pipeline/testing/1_selected/select.xspec index b14ce0adef..7f94a578ef 100644 --- a/src/utils/util/resolver-pipeline/testing/1_selected/select.xspec +++ b/src/utils/util/resolver-pipeline/testing/1_selected/select.xspec @@ -156,29 +156,36 @@ test="$x:result/o:selection/@uuid = $ov:catalog_uuid"/> - + + x2 x1 - - - + + + ... Group X of XYZ Control X1 + Control X2 Group Y of XYZ Group Z of XYZ + + + @@ -286,6 +293,70 @@ + + + + + + z3.a-1 + + + + + + + + + ... + + Group X of XYZ + + + Group Y of XYZ + + + Group Z of XYZ + Control Z3 + Control Z3-A + Control Z3-A-1 + + + + + + + + + + + + + + z3.a-1 + + + + + + + + + ... + + Group X of XYZ + + + Group Y of XYZ + + + Group Z of XYZ + Control Z3-A-1 + + + + + + diff --git a/src/utils/util/resolver-pipeline/testing/3_merged/merge-as-is.xspec b/src/utils/util/resolver-pipeline/testing/3_merged/merge-as-is.xspec index f262452115..f08929c155 100644 --- a/src/utils/util/resolver-pipeline/testing/3_merged/merge-as-is.xspec +++ b/src/utils/util/resolver-pipeline/testing/3_merged/merge-as-is.xspec @@ -1,52 +1,46 @@ - - - - + stylesheet="../../oscal-profile-resolve-merge.xsl" + xslt-version="3.0"> - - - - - - - - - - Group X of XYZ - Control X1 - Control X2 - Control X3 - - - Group Y of XYZ - Control Y1 - Control Y2 - Control Y3 - - - Group Z of XYZ - Control Z1 - Control Z2 - Control Z3 - Control Z3-A - Control Z3-A-1 + + + + + + + Group X of XYZ + Control X1 + Control X2 + Control X3 + + + Group Y of XYZ + Control Y1 + Control Y2 + Control Y3 + + + Group Z of XYZ + Control Z1 + Control Z2 + Control Z3 + Control Z3-A + Control Z3-A-1 + - - - - - true - - - - - - + + + + true + + + + + Group X of XYZ Control X1 @@ -69,182 +63,568 @@ - - - - - - - - + + + + + + + + + Group X of XYZ + Control X1 + + + Group Z of XYZ + Control Z1 + Control Z3 + Control Z3-A + Control Z3-A-1 + + + + + + + Group X of XYZ + Control X1 + Control X2 + + + Group Y of XYZ + Control Y1 + Control Y2 + Control Y3 + + + Group Z of XYZ + Control Z3 + Control Z3-A + Control Z3-A-1 + + + + + + true + + + + + + Group X of XYZ - Control X1 + Control X1 + Control X1 + Control X2 - + Group Z of XYZ - Control Z1 - Control Z3 - Control Z3-A - Control Z3-A-1 + Control Z1 + Control Z3 + Control Z3-A + Control Z3-A-1 + + + Control Z3 + Control Z3-A + Control Z3-A-1 - - - - Group X of XYZ - Control X1 - Control X2 - - + Group Y of XYZ - Control Y1 - Control Y2 - Control Y3 + Control Y1 + Control Y2 + Control Y3 - - Group Z of XYZ - Control Z3 - Control Z3-A - Control Z3-A-1 - - + + + + + + + + + Group X of XYZ + + + + no control + + Control X1 + + + + + Group X of XYZ + + + + + Control X1 + Control X2 + + + + true + + + + + + + Group X of XYZ + + + + + no control + + + + + Control X1 + Control X1 + Control X2 - - - true - - - - - - - Group X of XYZ + + + + + + + + Test Profile + 2019-11-13T12:41:07.061-05:00 + 1.3 + 1.0.2 + + + + + Control X1 + + + true + + + + + +

at least every 3 years

+
+
+
+
+
+
+ + + + Test Profile + 2019-11-13T12:41:07.061-05:00 + 1.3 + 1.0.2 + + + Control X1 + + + + +

at least every 3 years

+
+
+
+
+
+
+
+ + + + + Control X1 + + + Ref BBB + + Bbb bbbbb Bbb b. + + + + + + + true + + + + Ref AAA + + Aaaa aaaa aaaa + + + + + + + + Control X1 - Control X2 - - - Group Z of XYZ - Control Z1 - Control Z3 - Control Z3-A - Control Z3-A-1 - - - Control Z3 - Control Z3-A - Control Z3-A-1 - - - - - Group Y of XYZ - Control Y1 - Control Y2 - Control Y3 - - - + + + Ref BBB + + Bbb bbbbb Bbb b. + + + + + Ref AAA + + Aaaa aaaa aaaa + + + + + + + - - - - - + + + + + + + uuid a + uuid a again + opr:id b + opr:id b again + uuid c + opr:id c + + + + uuid a + opr:id b + uuid c + + + + + + + + + + + no control + + Control X1 + + + Ref AAA + + + + + true + + + + + + + + + + + Ref AAA + + + + + no control + + Control X1 + + + + + + + + + + Group X of XYZ + Control X1 + + + + Ref AAA + + + + + true + + + + + + + + + + Ref AAA + + + + Group X of XYZ + Control X1 + + + + + + + + + + + Group X of XYZ + + + + true + + + + + + + + + + + + + + + Group X of XYZ + + Group XX + Control X1 + + + + + true + + + + + + + + Group X of XYZ + + Group XX + Control X1 + + + + + + + + + + + + + no control + + Control X1 + + + + + no control + + Control X1 + + + true + + + + + + + + + + no control + + Control X1 + + + + + + + + + id a + id a again + opr:id b + opr:id b again + id c + opr:id c + + + + id a + opr:id b + id c + + + + + + + + + Group X of XYZ + + + + no control + + Control X1 + + + Group Y of XYZ + Control Y1 + + + + true + + + + + + Group X of XYZ no control - Control X1 + Control X1 - - Group Z of XYZ - Control Z1 - Control Z3 - Control Z3-A - Control Z3-A-1 - - + + Group Y of XYZ + Control Y1 - - - + + + + + + + + + Group X of XYZ + + + + no control + + Control X1 + + + Group Y of XYZ + + Group YY + Control Y1 + + + + + true + + + + + + Group X of XYZ - + + no control - Control X1 - Control X2 + Control X1 - + Group Y of XYZ - Control Y1 - Control Y2 - Control Y3 + + Group YY + Control Y1 + - - Group Z of XYZ - Control Z3 - Control Z3-A - Control Z3-A-1 - - + + + + + + + + + Group X of XYZ + + Group XX + Control X1 + + + + + true + + + + + + + Group X of XYZ + + Group XX + Control X1 + - - - true - - - - - - - Group X of XYZ - - - - - no control - - - - - Control X1 - Control X1 - Control X2 - - - Group Z of XYZ - Control Z1 - Control Z3 - Control Z3-A - Control Z3-A-1 - - - Control Z3 - Control Z3-A - Control Z3-A-1 - - - - - Group Y of XYZ - Control Y1 - Control Y2 - Control Y3 - - - + + + + + + + + + - diff --git a/src/utils/util/resolver-pipeline/testing/3_merged/merge-back-matter.xspec b/src/utils/util/resolver-pipeline/testing/3_merged/merge-back-matter.xspec deleted file mode 100644 index 3c1e92ee7c..0000000000 --- a/src/utils/util/resolver-pipeline/testing/3_merged/merge-back-matter.xspec +++ /dev/null @@ -1,154 +0,0 @@ - - - - - - - - - - - - - - - - - Group X of XYZ - Control X1 - - - Group Z of XYZ - Control Z1 - Control Z3 - Control Z3-A - Control Z3-A-1 - - - - - - Ref AAA - - Aaaa aaaa aaaa - - - - - Ref BBB - - Bbb bbbbb Bbb b. - - - - - - - - - - - Control X1 - Control Z1 - Control Z3 - Control Z3-A - - Control Z3-A-1 - - - - - Ref AAA - - Aaaa aaaa aaaa - - - - - Ref BBB - - Bbb bbbbb Bbb b. - - - - - - - - - - - - - - Group X of XYZ - Control X1 - - - Group Z of XYZ - Control Z1 - Control Z3 - Control Z3-A - Control Z3-A-1 - - - - - - Ref AAA - - Aaaa aaaa aaaa - - - - - Ref BBB - - Bbb bbbbb Bbb b. - - - - - - - true - - - - - - - Group X of XYZ - Control X1 - - - Group Z of XYZ - Control Z1 - Control Z3 - Control Z3-A - - Control Z3-A-1 - - - - - - Ref AAA - - Aaaa aaaa aaaa - - - - - Ref BBB - - Bbb bbbbb Bbb b. - - - - - - - - diff --git a/src/utils/util/resolver-pipeline/testing/3_merged/merge-combine.xspec b/src/utils/util/resolver-pipeline/testing/3_merged/merge-combine.xspec new file mode 100644 index 0000000000..6a514161b1 --- /dev/null +++ b/src/utils/util/resolver-pipeline/testing/3_merged/merge-combine.xspec @@ -0,0 +1,275 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Control A + Control B + Control A1 + + + + + + + + + + + Control A + Control A1 + + Control B + + + + + + + + + Control A + + + + + + + + + Control A + Control B + Control A1 + + + + + + + + + + + + + + + + + + + + + + + + + + Control A + Control A1 + + + + Control A + Control A1 + + + + + + + Control A + Control B + Control A1 + + + + + + Control A + Control A1 + + + Control B + + + + + + + + Control A + Control B + Control A1 + + + + + + Control A + Control A1 + + + Control B + + + + + + + + + + + + + + + + + + + + + + + + + + + + Control A + Control A1 + + + + + + Control A + + + + + + + + Control A + Control B + Control A1 + + + + + + Control A + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Control A + Control A1 + + + + + Control A + Control A1 + + + + + + + Control A + Control B + Control A1 + + + + + Control A + Control B + Control A1 + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/utils/util/resolver-pipeline/testing/3_merged/merge-custom.xspec b/src/utils/util/resolver-pipeline/testing/3_merged/merge-custom.xspec index 10ec033a70..4cf7ba997a 100644 --- a/src/utils/util/resolver-pipeline/testing/3_merged/merge-custom.xspec +++ b/src/utils/util/resolver-pipeline/testing/3_merged/merge-custom.xspec @@ -1,28 +1,16 @@ - - - - - - - - - - - - - - - + + + + + Group X of XYZ Control X1 @@ -49,7 +37,7 @@ - + New Group 1 @@ -59,8 +47,8 @@ - - New Group 1 + + New Group 2 x2 @@ -71,93 +59,577 @@ - - - - - - New Group 1 - Control X1 - Control Y1 - Control Z1 - - - New Group 1 - Control X2 - Control Y2 - Control Z2 - - - + + + + + ... + ... + + + - - - - - - Group X of XYZ - Control X1 + + + + + + + + + + + + + + + + + + Group X of XYZ + Control X1 + Control X2 + Control X3 + + + Group Y of XYZ + Control Y1 + Control Y2 + Control Y3 + + + Group Z of XYZ + Control Z1 + Control Z2 + Control Z3 + Control Z3-A + + Control Z3-A-1 + + + + + + + + New Group 1 + + + x1 + y1 + z1 + + + + + New Group 2 + + + x2 + y2 + z2 + + + + + + + + + + New Group 1 + Control X1 + Control Y1 + Control Z1 - - Group Z of XYZ - Control Z1 - Control Z3 - Control Z3-A - Control Z3-A-1 + + New Group 2 + Control X2 + Control Y2 + Control Z2 + + + + + + + + + Group X of XYZ + Control X1 + Control X2 + Control X3 + + + + + Parent of Group Y + + Group Y of XYZ + Control Y1 + Control Y2 + Control Y3 + + + + + Control Z1 + Control Z2 + Control Z3 + Control Z3-A + + Control Z3-A-1 + - + + + + + New Group 1 + + + x1 + y1 + z1 + + + + + New Group 2 + + + x2 + y2 + z2 + + + + + + + + + + New Group 1 + Control X1 + Control Y1 + Control Z1 - - - - Group X of XYZ - - Control X1 - - - Control X2 + + New Group 2 + Control X2 + Control Y2 + Control Z2 - - Group Y of XYZ - Control Y1 - Control Y2 - Control Y3 + + + + + + + Control X1 + Control X2 + Control X3 + + + + + Group A + + + + x2 + + + + + Group B + + + x2 + + + + + + + + + + Group A + Control X1 + Control X3 - - Group Z of XYZ - Control Z3 - Control Z3-A - Control Z3-A-1 - - + + + + Group B + Control X2 + + + + + + + Control X1 + Control X2 + Control X3 + + + + + Group A + + Group A.1 + + + x2 + nonexistent + + + + + + Group B + + Group B.1 + + + q* + + + + + + + + + + + Group A + + Group A.1 + Control X2 + + + + + + Group B + + Group B.1 + + + + + + + + + + + + + Control X1 + Control X2 + Control X3 + + + + + + + x2 + + + + + + + + + Control X3 + + + + + + + Control X1 + Control X2 + Control X3 + + + + + + + nonexistent + + + + + + + + + + + + + Control X3 + Control X1 + Control X2 + + + + + + + Control X2 + Control X1 + Control X3 + + + + + + + + Control X1 + Control X2 + Control X3 + + + + + + + Control X1 + Control X2 + Control X3 + + + + + + + + + Control X1 + Control X2 + Control X3 + + + + + x1 + x3 + ax2 + + + + - - - Control X1 - Control Z1 - Control Z3 - Control Z3-A - Control Z3-A-1 - - - - Control X1 - + + + + + + + + + + + + + + + + a1 + + + + + + + + + + + + + + + + + + + + + nonexistent + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + a1 + + + + + + + + + + + + + + + + + + + + + + + a1 + + + + + + + + + - Control X2 - Control Y1 - Control Y2 - Control Y3 - Control Z3 - Control Z3-A - Control Z3-A-1 - + + + + + + + + + + + + + + + a1.1 + + + + + + + + + - - + + + + + + + + + + + + + + + a1.1 + + + + + + + + + + + + + + + + x1 + + + diff --git a/src/utils/util/resolver-pipeline/testing/3_merged/merge.xspec b/src/utils/util/resolver-pipeline/testing/3_merged/merge.xspec index c4619ccbea..d9e44c873d 100644 --- a/src/utils/util/resolver-pipeline/testing/3_merged/merge.xspec +++ b/src/utils/util/resolver-pipeline/testing/3_merged/merge.xspec @@ -1,17 +1,57 @@ - - + + + + + + + + text + + + + + + + + + + + + + + - + + + - - + + + + + + + + + + + - - - - + + + + + + + Group X of XYZ Control X1 @@ -36,29 +76,206 @@ - - - - - - Control X1 - Control X2 - Control X3 - Control Y1 - Control Y2 - Control Y3 - Control Z1 - Control Z2 - Control Z3 - Control Z3-A - Control Z3-A-1 + + + + + + Control X1 + Control X2 + Control X3 + Control Y1 + Control Y2 + Control Y3 + Control Z1 + Control Z2 + Control Z3 + Control Z3-A + Control Z3-A-1 + - - - + + + + + + + + + Group X of XYZ + Control X1 + + + Group Z of XYZ + Control Z1 + Control Z3 + Control Z3-A + Control Z3-A-1 + + + + + + + Group X of XYZ + + Control X1 + + + Control X2 + + + Group Y of XYZ + Control Y1 + Control Y2 + Control Y3 + + + Group Z of XYZ + Control Z3 + Control Z3-A + Control Z3-A-1 + + + + + + + + + + Control X1 + Control Z1 + Control Z3 + Control Z3-A + Control Z3-A-1 + + + + Control X1 + + + Control X2 + Control Y1 + Control Y2 + Control Y3 + Control Z3 + Control Z3-A + Control Z3-A-1 + + + + + + + + + + Test Profile + 2019-11-13T12:41:07.061-05:00 + 1.3 + 1.0.2 + + + + + Control X1 + + + + + + +

at least every 3 years

+
+
+
+
+
+
+ + + + Test Profile + 2019-11-13T12:41:07.061-05:00 + 1.3 + 1.0.2 + + + + Control X1 + + + + +

at least every 3 years

+
+
+
+
+
+
+
+ + + + + Control X1 + + + Ref BBB + + Bbb bbbbb Bbb b. + + + + + + + + + Ref AAA + + Aaaa aaaa aaaa + + + + + + + + + Control X1 + + + Ref BBB + + Bbb bbbbb Bbb b. + + + + + Ref AAA + + Aaaa aaaa aaaa + + + + + + + + + 0 + + + + + + - + @@ -66,65 +283,450 @@ Group X of XYZ Control X1 - - Group Z of XYZ - Control Z1 - Control Z3 - Control Z3-A - Control Z3-A-1 - - - - - - - Group X of XYZ - - Control X1 - - - Control X2 - Group Y of XYZ Control Y1 - Control Y2 - Control Y3 - - - Group Z of XYZ - Control Z3 - Control Z3-A - Control Z3-A-1 - - + + {$ov:as-is-content} + - + Control X1 - Control Z1 - Control Z3 - Control Z3-A - Control Z3-A-1 - - - - Control X1 - - - Control X2 Control Y1 - Control Y2 - Control Y3 - Control Z3 - Control Z3-A - Control Z3-A-1 - - + + + + + + + + + + + 1 + + + + + + + + + + + + true + + + + + + + + + + + true + 1 + + + + + + + + + + + + 1 + + + + + + + + + + + + + + + Ref CCC + + + Ref BBB + + + Ref AAA + + + + + + + + + Ref CCC + + + Ref BBB + + + Ref AAA + + + + + + + + + Control X1 + + + Ref CCC + + + Ref BBB + + + + + Control X2 + + + Ref AAA + + + + + + + + + + Ref CCC + + + Ref BBB + + + Ref AAA + + + + + + + + + Control X1 + + + Ref CCC + + + Ref BBB, first + + + Ref AAA + + + + + Control X2 + + + Ref CCC + + + Ref BBB, second + + + Ref AAA + + + + + + Ref CCC + + + Ref BBB, third + + + Ref AAA + + + + + + + + + Ref CCC + + + Ref BBB, third + + + Ref AAA + + + Ref CCC + + + Ref CCC + + + + + + + + + + + + + + + + + + + + + + + + + + + no control + + + Group X of XYZ + + + no control + + + + no control + + + Group X2 + + + no control + + + + no control + + + + + + + + + + no control + + + + no control + + + + no control + + + + no control + + + + no control + + + + + + + + Control A + + Group X of XYZ + Control X1 + Control Y1 + + Group X2 + Control X2 + Control Y2 + + + + + + + Control A + Control X1 + Control Y1 + Control X2 + Control Y2 + + + + + + + + + no control + + Control A + + Group X of XYZ + + + no control + + Control X1 + + + + + + ... + ... + ... + ... + + + + + + + + + Control X1 + + + + + + Control X1 + + + + + + + + + + + + + + + + + + + + + Control X1 + + + + + + + + + + + + + + + + + + + + + + + Control X1 + + + + + + + + + + + + + + + + + + + + + + + Control X1 + + + + + + + + + + + + + + + + + + + + + + + + + + + +
From c022f30e2561ae6c754772b2b68dac8d74b55899 Mon Sep 17 00:00:00 2001 From: david-waltermire-nist Date: Tue, 17 May 2022 12:17:35 +0000 Subject: [PATCH 009/138] Publishing generated metaschema resources [ci skip] --- xml/schema/oscal_complete_schema.xsd | 2 +- xml/schema/oscal_profile_schema.xsd | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/xml/schema/oscal_complete_schema.xsd b/xml/schema/oscal_complete_schema.xsd index 0ed7f73115..41569c3f27 100644 --- a/xml/schema/oscal_complete_schema.xsd +++ b/xml/schema/oscal_complete_schema.xsd @@ -1847,7 +1847,7 @@ - + diff --git a/xml/schema/oscal_profile_schema.xsd b/xml/schema/oscal_profile_schema.xsd index e27d43d1e0..9337de97f1 100644 --- a/xml/schema/oscal_profile_schema.xsd +++ b/xml/schema/oscal_profile_schema.xsd @@ -154,7 +154,7 @@ - + From 3b6d09bfae4774b2b6d7eb9fa3491e9787deb816 Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Tue, 5 Jul 2022 17:35:43 -0400 Subject: [PATCH 010/138] Support for control mapping (#1150) * Added mapping model supporting mapping controls and control statements between two catalogs. * Adjusted relationships based on PR #1150 discussions. Added type enumerations. * Included a simple example --- .../examples/cis-sp-800-53-mapping.xml | 37 ++++++ .../examples/computer-build_metaschema.xml | 57 -------- src/metaschema/oscal_catalog_metaschema.xml | 17 +++ src/metaschema/oscal_complete_metaschema.xml | 1 + .../oscal_mapping-common_metaschema.xml | 123 ++++++++++++++++++ src/metaschema/oscal_mapping_metaschema.xml | 66 ++++++++++ 6 files changed, 244 insertions(+), 57 deletions(-) create mode 100644 src/metaschema/examples/cis-sp-800-53-mapping.xml delete mode 100644 src/metaschema/examples/computer-build_metaschema.xml create mode 100644 src/metaschema/oscal_mapping-common_metaschema.xml create mode 100644 src/metaschema/oscal_mapping_metaschema.xml diff --git a/src/metaschema/examples/cis-sp-800-53-mapping.xml b/src/metaschema/examples/cis-sp-800-53-mapping.xml new file mode 100644 index 0000000000..c2407e36c7 --- /dev/null +++ b/src/metaschema/examples/cis-sp-800-53-mapping.xml @@ -0,0 +1,37 @@ + + + + + Example mapping between CIS controls and SP 800-53 rev5 + 2022-04-13T08:37:21.323321800-04:00 + 0.0.1 + 1.1.0 + + + + + + + subset-of + + + + + + + +

The combination of SP 800-53 CM-8 and CM-8(1) describe similar implementation requirements to CIS 1.1.

+
+
+
+ + + + + + + + +
\ No newline at end of file diff --git a/src/metaschema/examples/computer-build_metaschema.xml b/src/metaschema/examples/computer-build_metaschema.xml deleted file mode 100644 index 41416466d7..0000000000 --- a/src/metaschema/examples/computer-build_metaschema.xml +++ /dev/null @@ -1,57 +0,0 @@ - - - - - - Computer Build - 1.0 - computer-build - http://csrc.nist.gov/ns/computer-build/1.0 - http://csrc.nist.gov/ns/computer-build/1.0 - - - Computer Build - A description of the components used to build a computer. - - Computer Build Identifier - A unique id for a given build - - - - - - - - - - Computer Component - A description of a component used to build a computer. - - Computer Component Identifier - A unique id for a given component - - - - - - - - - - Component Name - A name of a component used to build a computer. - - - - Description - A description of a component used in a computer build. - - - - Model - The model code of a computer component. - - diff --git a/src/metaschema/oscal_catalog_metaschema.xml b/src/metaschema/oscal_catalog_metaschema.xml index de9d579653..085650df48 100644 --- a/src/metaschema/oscal_catalog_metaschema.xml +++ b/src/metaschema/oscal_catalog_metaschema.xml @@ -19,6 +19,7 @@
+ Catalog A collection of controls. @@ -173,6 +174,22 @@ + + Mapping + A mapping between the containing control and another resource. + + Mapping Identifier + The unique identifier for the mapping. + + + + target-resource + + + + + + diff --git a/src/metaschema/oscal_complete_metaschema.xml b/src/metaschema/oscal_complete_metaschema.xml index 7a916ef79b..09ab98b223 100644 --- a/src/metaschema/oscal_complete_metaschema.xml +++ b/src/metaschema/oscal_complete_metaschema.xml @@ -15,6 +15,7 @@

This format represents a combination of all of the OSCAL models.

+ diff --git a/src/metaschema/oscal_mapping-common_metaschema.xml b/src/metaschema/oscal_mapping-common_metaschema.xml new file mode 100644 index 0000000000..6372a9d035 --- /dev/null +++ b/src/metaschema/oscal_mapping-common_metaschema.xml @@ -0,0 +1,123 @@ + + + + OSCAL Mapping Model -- Common Models + 1.0.0 + oscal-mapping-common + http://csrc.nist.gov/ns/oscal/1.0 + http://csrc.nist.gov/ns/oscal + + + + + Mapping Entry + A relationship-based mapping between a source and target set consisting of members (i.e., controls, control statements) from the respective source and target. + + Mapping Entry Identifier + The unique identifier for the mapping entry. + + + + + + + + + + Mapping Entry Relationship + The relationship type for the mapping entry, which describes the relationship between the effective requirements of the specified source and target sets. + + Relationship Value Namespace + A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name. + +

An organization MUST use a URI that they have control over. e.g., a domain registered to the organization in a URI, a registered uniform resource names (URN) namespace.

+

When a ns is not provided, its value should be assumed to be http://csrc.nist.gov/ns/oscal and the name should be a name defined by the associated OSCAL model.

+
+
+ + + The effective requirements of the source is equivalent in semantic meaning to the effective requirements of the target. The words may differ, but both mapped sets convey similar information with the same effective meaning. This relationship may be reversed, since `A equivalent-to B` also means that `B equivalent-to A`. + The actual requirements of the source are the same as the actual requirements target. Differences in capitalization, spelling, and grammar can be ignored, if these differences do not change the meaning. This relationship may be reversed, since `A equal-to B` also means that `B equal-to A`. + The effective requirements of the source is a semantic subset of the effective requirements of the target. This relationship may be reversed as a `superset-of`, since `A subset-of B` also means that `B superset-of A`. + The effective requirements of the source is a semantic superset of the effective requirements of the target. This relationship may be reversed as a `subset-of`, since `A superset-of B` also means that `B subset-of A`. + The effective requirements of the source and target have some semantic equivalence, but not all effective requirements from each are contained within the other. This relationship may be reversed, since `A intersects-with B` also means that `B intersects-with A`. A lower granularity mapping, such as a statement level mapping using 'equivalent-to', 'subset-of', and/or 'superset-of', may provide a more functional mapping that allows for more inference than using this relationship type. + + + +

When establishing relationships, mapping SHOULD be done at the control statement level where possible. This approach allows for more use of 'equivalent-to', which represents a stronger relationship than the other relationship types.

+
+
+ + source + + + + target + + + +
+
+ + Mapping Entry Item (source or target) + Identifies a specific edge within a source or target that is the subject of a mapping. + + Subject Type + The semantic type of the subject. + + + A control as defined by OSCAL. + A textual element of a control that defines part of the control's requirements. + + + + + Subject Type + The semantic type of the subject. + + + + + + + + + + + + + + Mapped Resource Reference + A reference to a back-matter resource that is either the source or target of a mapping. + + Resource Type + The semantic type of the resource. + + + The mapped resource is a control catalog. + + + + + Catalog or Profile Reference + A resolvable URL reference to the base catalog or profile that this profile is tailoring. + +

The value of the href can be an internet resource, or a local reference using a fragment e.g. #fragment that points to a back-matter + resource in the same document.

+ +

If a local reference using a fragment is used, this will be indicated by a fragment "#" followed by an identifier which references an identified resource in the document's back-matter or another object that is within the scope of the containing OSCAL document.

+

If an internet resource is used, the href value will be an absolute or relative URL pointing to the location of the referenced resource. A relative URL will be resolved relative to the location of the document containing the link.

+
+
+ + + + + + + + + +
+
\ No newline at end of file diff --git a/src/metaschema/oscal_mapping_metaschema.xml b/src/metaschema/oscal_mapping_metaschema.xml new file mode 100644 index 0000000000..8ba99643c8 --- /dev/null +++ b/src/metaschema/oscal_mapping_metaschema.xml @@ -0,0 +1,66 @@ + + + + + +]> + + OSCAL Control Mapping Model + 1.0.3 + oscal-mapping + http://csrc.nist.gov/ns/oscal/1.0 + http://csrc.nist.gov/ns/oscal + +

The OSCAL Control mapping format can be used to describe how a collection of security controls and related control enhancements relate to another collection of controls. The root of the Control Catalog format is mapping-collection. +

+
+ + + + + Mapping Collection + A collection of relationship-based control and/or control statement mappings. + mapping-collection + + Mapping Collection Universally Unique Identifier + A globally unique identifier with cross-instance scope for this catalog instance. This UUID should be changed when this document is revised. + + + + + + + + + +

Back matter including references and resources.

+
+
+
+ +

A mapping collection affirmatively declares the relationships that exist between sets of controls and/or control statements in a source and target. It is expected that inferences can be made based on what is mapped; however, no inferences should be made based on what is not mapped, since it is impossible to quantify how complete or granular a given mapping is.

+
+
+ + Control Mapping + A mapping between two target resources. + + Mapping Universally Unique Identifier + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document. + + + + source-resource + + + target-resource + + + + + + +
From c3f071fb6e434bf3aa8afa32d5a63cf5ecf10c8d Mon Sep 17 00:00:00 2001 From: david-waltermire-nist Date: Tue, 5 Jul 2022 21:39:28 +0000 Subject: [PATCH 011/138] Publishing generated metaschema resources [ci skip] --- .../oscal_catalog_xml-to-json-converter.xsl | 404 +++- .../oscal_complete_xml-to-json-converter.xsl | 1794 ++++++++++++++-- json/schema/oscal_catalog_schema.json | 152 ++ json/schema/oscal_complete_schema.json | 215 ++ .../oscal_catalog_json-to-xml-converter.xsl | 394 ++++ .../oscal_complete_json-to-xml-converter.xsl | 1890 ++++++++++++++++- xml/schema/oscal_catalog_schema.xsd | 221 ++ xml/schema/oscal_complete_schema.xsd | 292 +++ 8 files changed, 5157 insertions(+), 205 deletions(-) diff --git a/json/convert/oscal_catalog_xml-to-json-converter.xsl b/json/convert/oscal_catalog_xml-to-json-converter.xsl index 79755a4050..d6dcc01e33 100644 --- a/json/convert/oscal_catalog_xml-to-json-converter.xsl +++ b/json/convert/oscal_catalog_xml-to-json-converter.xsl @@ -76,7 +76,7 @@ - + @@ -505,6 +505,7 @@ + @@ -562,6 +563,116 @@ + + + + + target-resource + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -982,6 +1093,79 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -2145,6 +2329,115 @@ + + + + + mapping + + + + + + + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + + + + + + relationship + + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + @@ -2531,6 +2824,115 @@ + + + + + mapping + + + + + + + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + + + + + + relationship + + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + diff --git a/json/convert/oscal_complete_xml-to-json-converter.xsl b/json/convert/oscal_complete_xml-to-json-converter.xsl index 7e59b556c6..edd10c0b31 100644 --- a/json/convert/oscal_complete_xml-to-json-converter.xsl +++ b/json/convert/oscal_complete_xml-to-json-converter.xsl @@ -76,7 +76,7 @@ - + @@ -505,6 +505,7 @@ + @@ -610,6 +611,146 @@ + + + + + target-resource + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + target + + + + + + + + + + + + + + + + + + + + + + + + @@ -728,6 +869,77 @@ + + + + + mapping-collection + + + http://csrc.nist.gov/ns/oscal/1.0 + + + + + + + + + + + + + + + + + + mapping + + + + + + + + + + + + + + + + + + source-resource + + + + + + + + + + + + + + + + + + + + @@ -2500,36 +2712,6 @@ - - - - - target - - - - - - - - - - - - - - - - - - - - - - - - @@ -2893,7 +3075,7 @@ - - - - - - + - + name="type" + key="type" + gi="type"> - + + + + + - - + - + as-type="token" + name="type" + key="type" + gi="type"> - + name="id-ref" + key="id-ref" + gi="id-ref"> - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - + + + + + + + + + + @@ -5669,6 +5946,115 @@ + + + + + mapping + + + + + + + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + + + + + + relationship + + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + @@ -6055,103 +6441,212 @@ - - + + + mapping + - - - - - - - - - - - - - - - - - - - + + + - - - - title + text - - - description + text - - - - + + - - - + as-type="token" + name="relationship" + key="relationship" + gi="relationship"> + + relationship + + + - - + - citation + text - + + + + + + + + + + text + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + title + + + + + + + + + + + description + + + + + + + + + + + + + + + + + + + + + + citation + + @@ -6239,6 +6734,1065 @@ + + + + + title + + + + + + + + + + + published + + + + + + + + + + + last-modified + + + + + + + + + + + version + + + + + + + + + + + oscal-version + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + revisions + + + + + + + + + title + + + + + + + + + + + published + + + + + + + + + + + last-modified + + + + + + + + + + + version + + + + + + + + + + + oscal-version + + + + + + + + + + + text + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + title + + + + + + + + + + + short-name + + + + + + + + + + + description + + + + + + + + + + + + + text + + + + + + + + + + + title + + + + + + + + + + + address + + + + + + + + + + + + + + + + + + + + + + + + + + + + city + + + + + + + + + + + state + + + + + + + + + + + postal-code + + + + + + + + + + + country + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + name + + + + + + + + + + + short-name + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + city + + + + + + + + + + + state + + + + + + + + + + + postal-code + + + + + + + + + + + country + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + + + + + + relationship + + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + title + + + + + + + + + + + description + + + + + + + + + + + + + + + + + + + + + + citation + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + + + + + + + + + + + + + + + + + + + + base64 + + + + + + + + diff --git a/json/schema/oscal_catalog_schema.json b/json/schema/oscal_catalog_schema.json index d8f414547a..9f2233a78a 100644 --- a/json/schema/oscal_catalog_schema.json +++ b/json/schema/oscal_catalog_schema.json @@ -131,6 +131,28 @@ "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-catalog-common_part" } }, + "mapping" : + { "title" : "Mapping", + "description" : "A mapping between the containing control and another resource.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Mapping Identifier", + "description" : "The unique identifier for the mapping.", + "type" : "string", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "target-resource" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-resource-reference" }, + "maps" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping-common_map" } } }, + "required" : + [ "uuid", + "target-resource", + "maps" ], + "additionalProperties" : false }, "controls" : { "type" : "array", "minItems" : 1, @@ -1002,6 +1024,136 @@ { "type" : "string" } }, "required" : [ "identifier" ], + "additionalProperties" : false }, + "oscal-catalog-oscal-mapping-common:map" : + { "title" : "Mapping Entry", + "description" : "A relationship-based mapping between a source and target set consisting of members (i.e., controls, control statements) from the respective source and target.", + "$id" : "#assembly_oscal-mapping-common_map", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Mapping Entry Identifier", + "description" : "The unique identifier for the mapping entry.", + "type" : "string", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "relationship" : + { "title" : "Mapping Entry Relationship", + "description" : "The relationship type for the mapping entry, which describes the relationship between the effective requirements of the specified source and target sets.", + "type" : "object", + "properties" : + { "ns" : + { "title" : "Relationship Value Namespace", + "description" : "A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name.", + "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "STRVALUE" : + { "type" : "string" } }, + "required" : + [ "STRVALUE" ], + "additionalProperties" : false, + "enum" : + [ "equivalent-to", + "equal-to", + "subset-of", + "superset-of", + "intersects-with" ] }, + "sources" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-item" } }, + "targets" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-item" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "relationship", + "sources", + "targets" ], + "additionalProperties" : false }, + "oscal-catalog-oscal-mapping-common:mapping-item" : + { "title" : "Mapping Entry Item (source or target)", + "description" : "Identifies a specific edge within a source or target that is the subject of a mapping.", + "$id" : "#assembly_oscal-mapping-common_mapping-item", + "type" : "object", + "properties" : + { "type" : + { "title" : "Subject Type", + "description" : "The semantic type of the subject.", + "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", + "enum" : + [ "control", + "statement" ] }, + "id-ref" : + { "title" : "Subject Type", + "description" : "The semantic type of the subject.", + "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "type", + "id-ref" ], + "additionalProperties" : false }, + "oscal-catalog-oscal-mapping-common:mapping-resource-reference" : + { "title" : "Mapped Resource Reference", + "description" : "A reference to a back-matter resource that is either the source or target of a mapping.", + "$id" : "#assembly_oscal-mapping-common_mapping-resource-reference", + "type" : "object", + "properties" : + { "type" : + { "title" : "Resource Type", + "description" : "The semantic type of the resource.", + "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", + "enum" : + [ "catalog" ] }, + "href" : + { "title" : "Catalog or Profile Reference", + "description" : "A resolvable URL reference to the base catalog or profile that this profile is tailoring.", + "type" : "string", + "format" : "uri-reference" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "type", + "href" ], "additionalProperties" : false } }, "properties" : { "catalog" : diff --git a/json/schema/oscal_complete_schema.json b/json/schema/oscal_complete_schema.json index a5f15493cb..71a2657f22 100644 --- a/json/schema/oscal_complete_schema.json +++ b/json/schema/oscal_complete_schema.json @@ -131,6 +131,28 @@ "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-catalog-common_part" } }, + "mapping" : + { "title" : "Mapping", + "description" : "A mapping between the containing control and another resource.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Mapping Identifier", + "description" : "The unique identifier for the mapping.", + "type" : "string", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "target-resource" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-resource-reference" }, + "maps" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping-common_map" } } }, + "required" : + [ "uuid", + "target-resource", + "maps" ], + "additionalProperties" : false }, "controls" : { "type" : "array", "minItems" : 1, @@ -1003,6 +1025,191 @@ "required" : [ "identifier" ], "additionalProperties" : false }, + "oscal-complete-oscal-mapping-common:map" : + { "title" : "Mapping Entry", + "description" : "A relationship-based mapping between a source and target set consisting of members (i.e., controls, control statements) from the respective source and target.", + "$id" : "#assembly_oscal-mapping-common_map", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Mapping Entry Identifier", + "description" : "The unique identifier for the mapping entry.", + "type" : "string", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "relationship" : + { "title" : "Mapping Entry Relationship", + "description" : "The relationship type for the mapping entry, which describes the relationship between the effective requirements of the specified source and target sets.", + "type" : "object", + "properties" : + { "ns" : + { "title" : "Relationship Value Namespace", + "description" : "A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name.", + "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "STRVALUE" : + { "type" : "string" } }, + "required" : + [ "STRVALUE" ], + "additionalProperties" : false, + "enum" : + [ "equivalent-to", + "equal-to", + "subset-of", + "superset-of", + "intersects-with" ] }, + "sources" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-item" } }, + "targets" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-item" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "relationship", + "sources", + "targets" ], + "additionalProperties" : false }, + "oscal-complete-oscal-mapping-common:mapping-item" : + { "title" : "Mapping Entry Item (source or target)", + "description" : "Identifies a specific edge within a source or target that is the subject of a mapping.", + "$id" : "#assembly_oscal-mapping-common_mapping-item", + "type" : "object", + "properties" : + { "type" : + { "title" : "Subject Type", + "description" : "The semantic type of the subject.", + "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", + "enum" : + [ "control", + "statement" ] }, + "id-ref" : + { "title" : "Subject Type", + "description" : "The semantic type of the subject.", + "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "type", + "id-ref" ], + "additionalProperties" : false }, + "oscal-complete-oscal-mapping-common:mapping-resource-reference" : + { "title" : "Mapped Resource Reference", + "description" : "A reference to a back-matter resource that is either the source or target of a mapping.", + "$id" : "#assembly_oscal-mapping-common_mapping-resource-reference", + "type" : "object", + "properties" : + { "type" : + { "title" : "Resource Type", + "description" : "The semantic type of the resource.", + "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", + "enum" : + [ "catalog" ] }, + "href" : + { "title" : "Catalog or Profile Reference", + "description" : "A resolvable URL reference to the base catalog or profile that this profile is tailoring.", + "type" : "string", + "format" : "uri-reference" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "type", + "href" ], + "additionalProperties" : false }, + "oscal-complete-oscal-mapping:mapping-collection" : + { "title" : "Mapping Collection", + "description" : "A collection of relationship-based control and/or control statement mappings.", + "$id" : "#assembly_oscal-mapping_mapping-collection", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Mapping Collection Universally Unique Identifier", + "description" : "A globally unique identifier with cross-instance scope for this catalog instance. This UUID should be changed when this document is revised.", + "type" : "string", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "metadata" : + { "$ref" : "#assembly_oscal-metadata_metadata" }, + "mappings" : + { "anyOf" : + [ + { "$ref" : "#assembly_oscal-mapping_mapping" }, + + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping_mapping" } } ] }, + "back-matter" : + { "$ref" : "#assembly_oscal-metadata_back-matter" } }, + "required" : + [ "uuid", + "metadata", + "mappings" ], + "additionalProperties" : false }, + "oscal-complete-oscal-mapping:mapping" : + { "title" : "Control Mapping", + "description" : "A mapping between two target resources.", + "$id" : "#assembly_oscal-mapping_mapping", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Mapping Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document.", + "type" : "string", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "source-resource" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-resource-reference" }, + "target-resource" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-resource-reference" }, + "maps" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping-common_map" } } }, + "required" : + [ "uuid", + "source-resource", + "target-resource", + "maps" ], + "additionalProperties" : false }, "oscal-complete-oscal-profile:profile" : { "title" : "Profile", "description" : "Each OSCAL profile is defined by a Profile element", @@ -5002,6 +5209,14 @@ "additionalProperties" : false, "maxProperties" : 1 }, + { "properties" : + { "mapping-collection" : + { "$ref" : "#assembly_oscal-mapping_mapping-collection" } }, + "required" : + [ "mapping-collection" ], + "additionalProperties" : false, + "maxProperties" : 1 }, + { "properties" : { "profile" : { "$ref" : "#assembly_oscal-profile_profile" } }, diff --git a/xml/convert/oscal_catalog_json-to-xml-converter.xsl b/xml/convert/oscal_catalog_json-to-xml-converter.xsl index e0a647346f..1a1d9522ae 100644 --- a/xml/convert/oscal_catalog_json-to-xml-converter.xsl +++ b/xml/convert/oscal_catalog_json-to-xml-converter.xsl @@ -264,6 +264,7 @@ + @@ -282,6 +283,57 @@ + + + + + + target-resource + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -721,6 +773,92 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -2212,6 +2350,134 @@ + + + + + + mapping + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + relationship + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + @@ -2782,6 +3048,134 @@ + + + + + + mapping + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + relationship + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + diff --git a/xml/convert/oscal_complete_json-to-xml-converter.xsl b/xml/convert/oscal_complete_json-to-xml-converter.xsl index 10fd4d71f7..19a2397ad6 100644 --- a/xml/convert/oscal_complete_json-to-xml-converter.xsl +++ b/xml/convert/oscal_complete_json-to-xml-converter.xsl @@ -264,6 +264,7 @@ + @@ -297,6 +298,75 @@ + + + + + + target-resource + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + target + + + + + + + + + + + + @@ -337,6 +407,53 @@ + + + + + + mapping-collection + + + http://csrc.nist.gov/ns/oscal/1.0 + + + + + + + + + + + + + mapping + + + + + + + + + + + + + source-resource + + + + + + + + @@ -1174,24 +1291,6 @@ - - - - - - target - - - - - - - - - - - - @@ -1555,8 +1654,8 @@ - + - @@ -1589,7 +1688,7 @@ - + - - + - - + - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -1795,8 +1980,8 @@ - + - - + - - + - - + - - + - + + + + + + + + + + + + - + - - + - - - + + + + mapping + + + + + + + + + - title + text - + priority="9"> - + - + - + priority="10"> - + - + + + + relationship + + + + + + + + + + + + + + - label + text - + priority="12"> - + - - + - usage + text - - + priority="12"> + - + - + + + + title + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + label + + + + + + + + + + + + + + + usage + + + + + + + + + + + + + + + + + + mapping + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + relationship + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + @@ -5683,6 +6152,1259 @@ + + + + + + title + + + + + + + + + + + + + + + published + + + + + + + + + + + + + + + last-modified + + + + + + + + + + + + + + + version + + + + + + + + + + + + + + + oscal-version + + + + + + + + + + + + + + + + + + + + + + + + + + + + + revisions + + + + + + + + + + title + + + + + + + + + + + + + + + published + + + + + + + + + + + + + + + last-modified + + + + + + + + + + + + + + + version + + + + + + + + + + + + + + + oscal-version + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + title + + + + + + + + + + + + + + + short-name + + + + + + + + + + + + + + + description + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + title + + + + + + + + + + + + + + + address + + + + + + + + + + + + + + + + + + + + + + + + + + + city + + + + + + + + + + + + + + + state + + + + + + + + + + + + + + + postal-code + + + + + + + + + + + + + + + country + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + name + + + + + + + + + + + + + + + short-name + + + + + + + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + city + + + + + + + + + + + + + + + state + + + + + + + + + + + + + + + postal-code + + + + + + + + + + + + + + + country + + + + + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + relationship + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + title + + + + + + + + + + + + + + + description + + + + + + + + + + + + + + + + + + + + + + + + + + + + + citation + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + + + + + + + + + + base64 + + + + + + + + + + + + diff --git a/xml/schema/oscal_catalog_schema.xsd b/xml/schema/oscal_catalog_schema.xsd index 538504cc75..888bfa2f68 100644 --- a/xml/schema/oscal_catalog_schema.xsd +++ b/xml/schema/oscal_catalog_schema.xsd @@ -174,6 +174,38 @@ type="oscal-catalog:oscal-catalog-common-part-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> + + + + + Mapping + A mapping between the containing control and another resource. + + + Mapping: A mapping between the containing control and another resource. + + + + + + + + + Mapping Identifier + The unique identifier for the mapping. + + + Mapping Identifier: The unique identifier for the mapping. + + + + + + + + Mapping Entry + A relationship-based mapping between a source and target set consisting of members (i.e., controls, control statements) from the respective source and target. + + + Mapping Entry: A relationship-based mapping between a source and target set consisting of members (i.e., controls, control statements) from the respective source and target. + + + + + + + + + Mapping Entry Relationship + The relationship type for the mapping entry, which describes the relationship between the effective requirements of the specified source and target sets. + + + Mapping Entry Relationship: The relationship type for the mapping entry, which describes the relationship between the effective requirements of the specified source and target sets. + + + + + + + Relationship Value Namespace + A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name. + + + Relationship Value Namespace: A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name. + + + + + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Mapping Entry Identifier + The unique identifier for the mapping entry. + + + Mapping Entry Identifier: The unique identifier for the mapping entry. + + + + + + + Mapping Entry Item (source or target) + Identifies a specific edge within a source or target that is the subject of a mapping. + + + Mapping Entry Item (source or target): Identifies a specific edge within a source or target that is the subject of a mapping. + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Subject Type + The semantic type of the subject. + + + Subject Type: The semantic type of the subject. + + + + + + Subject Type + The semantic type of the subject. + + + Subject Type: The semantic type of the subject. + + + + + + + Mapped Resource Reference + A reference to a back-matter resource that is either the source or target of a mapping. + + + Mapped Resource Reference: A reference to a back-matter resource that is either the source or target of a mapping. + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Resource Type + The semantic type of the resource. + + + Resource Type: The semantic type of the resource. + + + + + + Catalog or Profile Reference + A resolvable URL reference to the base catalog or profile that this profile is tailoring. + + + Catalog or Profile Reference: A resolvable URL reference to the base catalog or profile that this profile is tailoring. + + + diff --git a/xml/schema/oscal_complete_schema.xsd b/xml/schema/oscal_complete_schema.xsd index 41569c3f27..dd9c04f1f1 100644 --- a/xml/schema/oscal_complete_schema.xsd +++ b/xml/schema/oscal_complete_schema.xsd @@ -15,6 +15,7 @@

This format represents a combination of all of the OSCAL models.

catalog + mapping-collection profile component-definition system-security-plan @@ -180,6 +181,38 @@ type="oscal-complete:oscal-catalog-common-part-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> + + + + + Mapping + A mapping between the containing control and another resource. + + + Mapping: A mapping between the containing control and another resource. + + + + + + + + + Mapping Identifier + The unique identifier for the mapping. + + + Mapping Identifier: The unique identifier for the mapping. + + + + + + + + Mapping Entry + A relationship-based mapping between a source and target set consisting of members (i.e., controls, control statements) from the respective source and target. + + + Mapping Entry: A relationship-based mapping between a source and target set consisting of members (i.e., controls, control statements) from the respective source and target. + + + + + + + + + Mapping Entry Relationship + The relationship type for the mapping entry, which describes the relationship between the effective requirements of the specified source and target sets. + + + Mapping Entry Relationship: The relationship type for the mapping entry, which describes the relationship between the effective requirements of the specified source and target sets. + + + + + + + Relationship Value Namespace + A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name. + + + Relationship Value Namespace: A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name. + + + + + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Mapping Entry Identifier + The unique identifier for the mapping entry. + + + Mapping Entry Identifier: The unique identifier for the mapping entry. + + + + + + + Mapping Entry Item (source or target) + Identifies a specific edge within a source or target that is the subject of a mapping. + + + Mapping Entry Item (source or target): Identifies a specific edge within a source or target that is the subject of a mapping. + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Subject Type + The semantic type of the subject. + + + Subject Type: The semantic type of the subject. + + + + + + Subject Type + The semantic type of the subject. + + + Subject Type: The semantic type of the subject. + + + + + + + Mapped Resource Reference + A reference to a back-matter resource that is either the source or target of a mapping. + + + Mapped Resource Reference: A reference to a back-matter resource that is either the source or target of a mapping. + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Resource Type + The semantic type of the resource. + + + Resource Type: The semantic type of the resource. + + + + + + Catalog or Profile Reference + A resolvable URL reference to the base catalog or profile that this profile is tailoring. + + + Catalog or Profile Reference: A resolvable URL reference to the base catalog or profile that this profile is tailoring. + + + + + + + + Mapping Collection + A collection of relationship-based control and/or control statement mappings. + + + Mapping Collection: A collection of relationship-based control and/or control statement mappings. + + + + + + + + + + Mapping Collection Universally Unique Identifier + A globally unique identifier with cross-instance scope for this catalog instance. This UUID should be changed when this document is revised. + + + Mapping Collection Universally Unique Identifier: A globally unique identifier with cross-instance scope for this catalog instance. This UUID should be changed when this document is revised. + + + + + + + Control Mapping + A mapping between two target resources. + + + Control Mapping: A mapping between two target resources. + + + + + + + + + + Mapping Universally Unique Identifier + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document. + + + Mapping Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document. + + + From e435681af7458a53d8b5a3ee0afcbdc4b353f730 Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Wed, 6 Jul 2022 13:13:25 -0400 Subject: [PATCH 012/138] Update metaschema Adding the mapping model to the metaschema CI build. --- build/ci-cd/config/metaschema | 1 + 1 file changed, 1 insertion(+) diff --git a/build/ci-cd/config/metaschema b/build/ci-cd/config/metaschema index 68e57645d2..0a7c112089 100644 --- a/build/ci-cd/config/metaschema +++ b/build/ci-cd/config/metaschema @@ -7,3 +7,4 @@ src/metaschema/oscal_ssp_metaschema.xml|xml,json|xml,json|xml,json src/metaschema/oscal_poam_metaschema.xml|xml,json|xml,json|xml,json src/metaschema/oscal_assessment-plan_metaschema.xml|xml,json|xml,json|xml,json src/metaschema/oscal_assessment-results_metaschema.xml|xml,json|xml,json|xml,json +src/metaschema/oscal_mapping_metaschema.xml|xml,json|xml,json|xml,json From 30bbdbace90373b40fddf5e1b39caa77de8dc396 Mon Sep 17 00:00:00 2001 From: david-waltermire-nist Date: Wed, 6 Jul 2022 17:17:35 +0000 Subject: [PATCH 013/138] Publishing generated metaschema resources [ci skip] --- .../oscal_mapping_xml-to-json-converter.xsl | 2412 ++++++++++++++++ json/schema/oscal_mapping_schema.json | 871 ++++++ .../oscal_mapping_json-to-xml-converter.xsl | 2416 +++++++++++++++++ xml/schema/oscal_mapping_schema.xsd | 1781 ++++++++++++ 4 files changed, 7480 insertions(+) create mode 100644 json/convert/oscal_mapping_xml-to-json-converter.xsl create mode 100644 json/schema/oscal_mapping_schema.json create mode 100644 xml/convert/oscal_mapping_json-to-xml-converter.xsl create mode 100644 xml/schema/oscal_mapping_schema.xsd diff --git a/json/convert/oscal_mapping_xml-to-json-converter.xsl b/json/convert/oscal_mapping_xml-to-json-converter.xsl new file mode 100644 index 0000000000..d1648ad879 --- /dev/null +++ b/json/convert/oscal_mapping_xml-to-json-converter.xsl @@ -0,0 +1,2412 @@ + + + + + + + + json + no + + + + + + + + + + + + + + + { $err:description } + + + + + + + + + + + + + + + + + + + + + + + + + + + + { $err:description } + + + + + + + + + + + + + + + + + + + + + + mapping-collection + + + http://csrc.nist.gov/ns/oscal/1.0 + + + + + + + + + + + + + + + + + + metadata + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + mapping + + + + + + + + + + + + + + + + + + source-resource + + + + + + + + + + + + + + + + + + + + + + + + + target-resource + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + back-matter + + + + + + + + + + + + + + + remarks + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + title + + + + + + + + + + + published + + + + + + + + + + + last-modified + + + + + + + + + + + version + + + + + + + + + + + oscal-version + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + revisions + + + + + + + + + title + + + + + + + + + + + published + + + + + + + + + + + last-modified + + + + + + + + + + + version + + + + + + + + + + + oscal-version + + + + + + + + + + + text + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + title + + + + + + + + + + + short-name + + + + + + + + + + + description + + + + + + + + + + + + + text + + + + + + + + + + + title + + + + + + + + + + + address + + + + + + + + + + + + + + + + + + + + + + + + + + + + city + + + + + + + + + + + state + + + + + + + + + + + postal-code + + + + + + + + + + + country + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + name + + + + + + + + + + + short-name + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + city + + + + + + + + + + + state + + + + + + + + + + + postal-code + + + + + + + + + + + country + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + + + + + + relationship + + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + title + + + + + + + + + + + description + + + + + + + + + + + + + + + + + + + + + + citation + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + + + + + + + + + + + + + + + + + + + + base64 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + # + ## + ### + #### + ##### + ###### + + + + + + + + + + + | + + --- | + + + + + + | + + + | + + + + ``` + + + + ``` + + + + + + + + + + + + + + + * + + + + + + + + + 1. + + + + + ` + + ` + + + * + + * + + + ** + + ** + + + " + + " + + + {{ insert: + + }} + + + [ + + ] + ( + + ) + + + ![ + + ] + ( + + + "{.}" + + ) + + diff --git a/json/schema/oscal_mapping_schema.json b/json/schema/oscal_mapping_schema.json new file mode 100644 index 0000000000..9b41f3cd0e --- /dev/null +++ b/json/schema/oscal_mapping_schema.json @@ -0,0 +1,871 @@ + + { "$schema" : "http://json-schema.org/draft-07/schema#", + "$id" : "http://csrc.nist.gov/ns/oscal/1.0.3/oscal-mapping-schema.json", + "$comment" : "OSCAL Control Mapping Model: JSON Schema", + "type" : "object", + "definitions" : + { "oscal-mapping-oscal-mapping:mapping-collection" : + { "title" : "Mapping Collection", + "description" : "A collection of relationship-based control and/or control statement mappings.", + "$id" : "#assembly_oscal-mapping_mapping-collection", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Mapping Collection Universally Unique Identifier", + "description" : "A globally unique identifier with cross-instance scope for this catalog instance. This UUID should be changed when this document is revised.", + "type" : "string", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "metadata" : + { "$ref" : "#assembly_oscal-metadata_metadata" }, + "mappings" : + { "anyOf" : + [ + { "$ref" : "#assembly_oscal-mapping_mapping" }, + + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping_mapping" } } ] }, + "back-matter" : + { "$ref" : "#assembly_oscal-metadata_back-matter" } }, + "required" : + [ "uuid", + "metadata", + "mappings" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-mapping:mapping" : + { "title" : "Control Mapping", + "description" : "A mapping between two target resources.", + "$id" : "#assembly_oscal-mapping_mapping", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Mapping Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document.", + "type" : "string", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "source-resource" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-resource-reference" }, + "target-resource" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-resource-reference" }, + "maps" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping-common_map" } } }, + "required" : + [ "uuid", + "source-resource", + "target-resource", + "maps" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:metadata" : + { "title" : "Publication metadata", + "description" : "Provides information about the publication and availability of the containing document.", + "$id" : "#assembly_oscal-metadata_metadata", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "revisions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_revision" } }, + "document-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_document-id" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_role" } }, + "locations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_location" } }, + "parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_party" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "title", + "last-modified", + "version", + "oscal-version" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:revision" : + { "title" : "Revision History Entry", + "description" : "An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first).", + "$id" : "#assembly_oscal-metadata_revision", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "version" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:location" : + { "title" : "Location", + "description" : "A location, with associated metadata that can be referenced.", + "$id" : "#assembly_oscal-metadata_location", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Location Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "type" : "string", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "title" : + { "title" : "Location Title", + "description" : "A name given to the location, which may be used by a tool for display and navigation.", + "type" : "string" }, + "address" : + { "$ref" : "#assembly_oscal-metadata_address" }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "urls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location URL", + "description" : "The uniform resource locator (URL) for a web site or Internet presence associated with the location.", + "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "address" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:location-uuid" : + { "title" : "Location Reference", + "description" : "A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + "$id" : "#field_oscal-metadata_location-uuid", + "type" : "string", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "oscal-mapping-oscal-metadata:party" : + { "title" : "Party (organization or person)", + "description" : "A responsible entity which is either a person or an organization.", + "$id" : "#assembly_oscal-metadata_party", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Party Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "type" : "string", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "type" : + { "title" : "Party Type", + "description" : "A category describing the kind of party the object describes.", + "type" : "string", + "pattern" : "^\\S(.*\\S)?$", + "enum" : + [ "person", + "organization" ] }, + "name" : + { "title" : "Party Name", + "description" : "The full name of the party. This is typically the legal name associated with the party.", + "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "short-name" : + { "title" : "Party Short Name", + "description" : "A short common name, abbreviation, or acronym for the party.", + "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "external-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party External Identifier", + "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID)", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "External Identifier Schema", + "description" : "Indicates the type of external identifier.", + "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id", + "scheme" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_address" } }, + "location-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_location-uuid" } }, + "member-of-organizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Organizational Affiliation", + "description" : "A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + "type" : "string", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:party-uuid" : + { "title" : "Party Reference", + "description" : "A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + "$id" : "#field_oscal-metadata_party-uuid", + "type" : "string", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "oscal-mapping-oscal-metadata:role" : + { "title" : "Role", + "description" : "Defines a function assumed or expected to be assumed by a party in a specific situation.", + "$id" : "#assembly_oscal-metadata_role", + "type" : "object", + "properties" : + { "id" : + { "title" : "Role Identifier", + "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "title" : + { "title" : "Role Title", + "description" : "A name given to the role, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "Role Short Name", + "description" : "A short common name, abbreviation, or acronym for the role.", + "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "description" : + { "title" : "Role Description", + "description" : "A summary of the role's purpose and associated responsibilities.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id", + "title" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:role-id" : + { "title" : "Role Identifier Reference", + "description" : "A human-oriented identifier reference to roles served by the user.", + "$id" : "#field_oscal-metadata_role-id", + "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "oscal-mapping-oscal-metadata:back-matter" : + { "title" : "Back matter", + "description" : "A collection of resources, which may be included directly or by reference.", + "$id" : "#assembly_oscal-metadata_back-matter", + "type" : "object", + "properties" : + { "resources" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Resource", + "description" : "A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Resource Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "type" : "string", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "title" : + { "title" : "Resource Title", + "description" : "A name given to the resource, which may be used by a tool for display and navigation.", + "type" : "string" }, + "description" : + { "title" : "Resource Description", + "description" : "A short summary of the resource used to indicate the purpose of the resource.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "document-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_document-id" } }, + "citation" : + { "title" : "Citation", + "description" : "A citation consisting of end note text and optional structured bibliographic data.", + "type" : "object", + "properties" : + { "text" : + { "title" : "Citation Text", + "description" : "A line of citation text.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "text" ], + "additionalProperties" : false }, + "rlinks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Resource link", + "description" : "A pointer to an external resource with an optional hash for verification and change detection.", + "type" : "object", + "properties" : + { "href" : + { "title" : "Hypertext Reference", + "description" : "A resolvable URI reference to a resource.", + "type" : "string", + "format" : "uri-reference" }, + "media-type" : + { "title" : "Media Type", + "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "hashes" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_hash" } } }, + "required" : + [ "href" ], + "additionalProperties" : false } }, + "base64" : + { "title" : "Base64", + "description" : "The Base64 alphabet in RFC 2045 - aligned with XSD.", + "type" : "object", + "properties" : + { "filename" : + { "title" : "File Name", + "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", + "type" : "string", + "format" : "uri-reference" }, + "media-type" : + { "title" : "Media Type", + "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "value" : + { "type" : "string" } }, + "required" : + [ "value" ], + "additionalProperties" : false }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } } }, + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:property" : + { "title" : "Property", + "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values.", + "$id" : "#assembly_oscal-metadata_property", + "type" : "object", + "properties" : + { "name" : + { "title" : "Property Name", + "description" : "A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", + "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "uuid" : + { "title" : "Property Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "type" : "string", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "ns" : + { "title" : "Property Namespace", + "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", + "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "value" : + { "title" : "Property Value", + "description" : "Indicates the value of the attribute, characteristic, or quality.", + "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "class" : + { "title" : "Property Class", + "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", + "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "name", + "value" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:link" : + { "title" : "Link", + "description" : "A reference to a local or remote resource", + "$id" : "#assembly_oscal-metadata_link", + "type" : "object", + "properties" : + { "href" : + { "title" : "Hypertext Reference", + "description" : "A resolvable URL reference to a resource.", + "type" : "string", + "format" : "uri-reference" }, + "rel" : + { "title" : "Relation", + "description" : "Describes the type of relationship provided by the link. This can be an indicator of the link's purpose.", + "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "media-type" : + { "title" : "Media Type", + "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "text" : + { "title" : "Link Text", + "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", + "type" : "string" } }, + "required" : + [ "href" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:responsible-party" : + { "title" : "Responsible Party", + "description" : "A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object.", + "$id" : "#assembly_oscal-metadata_responsible-party", + "type" : "object", + "properties" : + { "role-id" : + { "title" : "Responsible Role", + "description" : "A human-oriented identifier reference to roles served by the user.", + "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "party-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_party-uuid" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "role-id", + "party-uuids" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:responsible-role" : + { "title" : "Responsible Role", + "description" : "A reference to one or more roles with responsibility for performing a function relative to the containing object.", + "$id" : "#assembly_oscal-metadata_responsible-role", + "type" : "object", + "properties" : + { "role-id" : + { "title" : "Responsible Role ID", + "description" : "A human-oriented identifier reference to roles responsible for the business function.", + "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "party-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_party-uuid" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "role-id" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:hash" : + { "title" : "Hash", + "description" : "A representation of a cryptographic digest generated over a resource using a specified hash algorithm.", + "$id" : "#field_oscal-metadata_hash", + "type" : "object", + "properties" : + { "algorithm" : + { "title" : "Hash algorithm", + "description" : "Method by which a hash is derived", + "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "value" : + { "type" : "string" } }, + "required" : + [ "value", + "algorithm" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:remarks" : + { "title" : "Remarks", + "description" : "Additional commentary on the containing object.", + "$id" : "#field_oscal-metadata_remarks", + "type" : "string" }, + "oscal-mapping-oscal-metadata:published" : + { "title" : "Publication Timestamp", + "description" : "The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", + "$id" : "#field_oscal-metadata_published", + "type" : "string", + "format" : "date-time", + "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "oscal-mapping-oscal-metadata:last-modified" : + { "title" : "Last Modified Timestamp", + "description" : "The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", + "$id" : "#field_oscal-metadata_last-modified", + "type" : "string", + "format" : "date-time", + "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "oscal-mapping-oscal-metadata:version" : + { "title" : "Document Version", + "description" : "A string used to distinguish the current version of the document from other previous (and future) versions.", + "$id" : "#field_oscal-metadata_version", + "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "oscal-mapping-oscal-metadata:oscal-version" : + { "title" : "OSCAL version", + "description" : "The OSCAL model version the document was authored against.", + "$id" : "#field_oscal-metadata_oscal-version", + "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "oscal-mapping-oscal-metadata:email-address" : + { "title" : "Email Address", + "description" : "An email address as defined by RFC 5322 Section 3.4.1.", + "$id" : "#field_oscal-metadata_email-address", + "type" : "string", + "format" : "email", + "pattern" : "^.+@.+$" }, + "oscal-mapping-oscal-metadata:telephone-number" : + { "title" : "Telephone Number", + "description" : "Contact number by telephone.", + "$id" : "#field_oscal-metadata_telephone-number", + "type" : "object", + "properties" : + { "type" : + { "title" : "type flag", + "description" : "Indicates the type of phone number.", + "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "number" : + { "type" : "string" } }, + "required" : + [ "number" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:address" : + { "title" : "Address", + "description" : "A postal address for the location.", + "$id" : "#assembly_oscal-metadata_address", + "type" : "object", + "properties" : + { "type" : + { "title" : "Address Type", + "description" : "Indicates the type of address.", + "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "addr-lines" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_addr-line" } }, + "city" : + { "title" : "City", + "description" : "City, town or geographical region for the mailing address.", + "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "state" : + { "title" : "State", + "description" : "State, province or analogous geographical region for mailing address", + "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "postal-code" : + { "title" : "Postal Code", + "description" : "Postal or ZIP code for mailing address", + "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "country" : + { "title" : "Country Code", + "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", + "type" : "string", + "pattern" : "^\\S(.*\\S)?$" } }, + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:addr-line" : + { "title" : "Address line", + "description" : "A single line of an address.", + "$id" : "#field_oscal-metadata_addr-line", + "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "oscal-mapping-oscal-metadata:document-id" : + { "title" : "Document Identifier", + "description" : "A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of \"document-id\" is equal to the value of the \"uuid\" flag of the top-level root element.", + "$id" : "#field_oscal-metadata_document-id", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "Document Identification Scheme", + "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", + "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "identifier" : + { "type" : "string" } }, + "required" : + [ "identifier" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-mapping-common:map" : + { "title" : "Mapping Entry", + "description" : "A relationship-based mapping between a source and target set consisting of members (i.e., controls, control statements) from the respective source and target.", + "$id" : "#assembly_oscal-mapping-common_map", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Mapping Entry Identifier", + "description" : "The unique identifier for the mapping entry.", + "type" : "string", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "relationship" : + { "title" : "Mapping Entry Relationship", + "description" : "The relationship type for the mapping entry, which describes the relationship between the effective requirements of the specified source and target sets.", + "type" : "object", + "properties" : + { "ns" : + { "title" : "Relationship Value Namespace", + "description" : "A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name.", + "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "STRVALUE" : + { "type" : "string" } }, + "required" : + [ "STRVALUE" ], + "additionalProperties" : false, + "enum" : + [ "equivalent-to", + "equal-to", + "subset-of", + "superset-of", + "intersects-with" ] }, + "sources" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-item" } }, + "targets" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-item" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "relationship", + "sources", + "targets" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-mapping-common:mapping-item" : + { "title" : "Mapping Entry Item (source or target)", + "description" : "Identifies a specific edge within a source or target that is the subject of a mapping.", + "$id" : "#assembly_oscal-mapping-common_mapping-item", + "type" : "object", + "properties" : + { "type" : + { "title" : "Subject Type", + "description" : "The semantic type of the subject.", + "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", + "enum" : + [ "control", + "statement" ] }, + "id-ref" : + { "title" : "Subject Type", + "description" : "The semantic type of the subject.", + "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "type", + "id-ref" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-mapping-common:mapping-resource-reference" : + { "title" : "Mapped Resource Reference", + "description" : "A reference to a back-matter resource that is either the source or target of a mapping.", + "$id" : "#assembly_oscal-mapping-common_mapping-resource-reference", + "type" : "object", + "properties" : + { "type" : + { "title" : "Resource Type", + "description" : "The semantic type of the resource.", + "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", + "enum" : + [ "catalog" ] }, + "href" : + { "title" : "Catalog or Profile Reference", + "description" : "A resolvable URL reference to the base catalog or profile that this profile is tailoring.", + "type" : "string", + "format" : "uri-reference" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "type", + "href" ], + "additionalProperties" : false } }, + "properties" : + { "mapping-collection" : + { "$ref" : "#assembly_oscal-mapping_mapping-collection" } }, + "required" : + [ "mapping-collection" ], + "additionalProperties" : false, + "maxProperties" : 1 } \ No newline at end of file diff --git a/xml/convert/oscal_mapping_json-to-xml-converter.xsl b/xml/convert/oscal_mapping_json-to-xml-converter.xsl new file mode 100644 index 0000000000..6c3e51529b --- /dev/null +++ b/xml/convert/oscal_mapping_json-to-xml-converter.xsl @@ -0,0 +1,2416 @@ + + + + + + + + + + + xml + + + No file found at { $file } + + + + + + + {{ $err:description }} + + + + + + + {{ $err:description }} + + + + + + + + + + + + Error in XSLT invocation - an initial template (-it) is expected ('from-json' or 'from-xdm-json-xml'), but none is given + + + + + + + + { $err:description } + + + + + + + + + + No XPath (XML) JSON found at { $file } - using syntax of http://www.w3.org/2005/xpath-functions + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + mapping-collection + + + http://csrc.nist.gov/ns/oscal/1.0 + + + + + + + + + + + + + metadata + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + mapping + + + + + + + + + + + + + source-resource + + + + + + + + + + + + + + target-resource + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + back-matter + + + + + + + + + + remarks + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + title + + + + + + + + + + + + + + + published + + + + + + + + + + + + + + + last-modified + + + + + + + + + + + + + + + version + + + + + + + + + + + + + + + oscal-version + + + + + + + + + + + + + + + + + + + + + + + + + + + + + revisions + + + + + + + + + + title + + + + + + + + + + + + + + + published + + + + + + + + + + + + + + + last-modified + + + + + + + + + + + + + + + version + + + + + + + + + + + + + + + oscal-version + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + title + + + + + + + + + + + + + + + short-name + + + + + + + + + + + + + + + description + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + title + + + + + + + + + + + + + + + address + + + + + + + + + + + + + + + + + + + + + + + + + + + city + + + + + + + + + + + + + + + state + + + + + + + + + + + + + + + postal-code + + + + + + + + + + + + + + + country + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + name + + + + + + + + + + + + + + + short-name + + + + + + + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + city + + + + + + + + + + + + + + + state + + + + + + + + + + + + + + + postal-code + + + + + + + + + + + + + + + country + + + + + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + relationship + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + title + + + + + + + + + + + + + + + description + + + + + + + + + + + + + + + + + + + + + + + + + + + + + citation + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + + + + + + + + + + base64 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

+ + + + + +

+
+
+ + + + + + + + + + + + + + + + +
+ + + + + + + +
+         
+            language-{.}
+         
+         
+      
+
+ + +

+ + +

+
+
+ + + + + + + + + + + + + + + + + + + +
+
+ + + + + + + + + + + + + + + + + + + + + +

+ +

+
+ ^\s*(\*|\d+\.)\s + + + +
  • + + +
    +
    + +
    +
  • +
    +
    +
    + + + + + + + + + + + + + + + + + + + +
  • + + + + + + + + +
  • +
    + + +
  • + + + + + +
  • +
    +
    +
    +
    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + &amp; + &lt; + + &quot; + + &#x2A; + &#x60; + &#x7E; + &#x5E; + + + + + + + + + + + + + + + + + + + "" + !\[{{$noclosebracket}}\] + \{\{\s*insert: ,\s*\s*\}\} + \(\) + `` + + \*\*\*\*\*\* + + \*\*\*\* + \*\* + ~~ + \^\^ + + + + + + + + + + + + + + + + (.*?) + + + (\i\c*?) + + + ([^{ @not }]*?) + + + + < + + + xmlns="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + + + > + + </ + + > + + + $1 + + + + <insert xmlns="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + + + /> + + + type='$1' + + + id-ref='$2' + + + href='$2' + + + + alt='$1' + + + + src='$2' + + + { insertion } + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    diff --git a/xml/schema/oscal_mapping_schema.xsd b/xml/schema/oscal_mapping_schema.xsd new file mode 100644 index 0000000000..f43fabe7d8 --- /dev/null +++ b/xml/schema/oscal_mapping_schema.xsd @@ -0,0 +1,1781 @@ + + + + + OSCAL Control Mapping Model + 1.0.3 + oscal-mapping + +

    The OSCAL Control mapping format can be used to describe how a collection of security controls and related control enhancements relate to another collection of controls. The root of the Control Catalog format is mapping-collection.

    +
    + mapping-collection +
    +
    + + + + + Mapping Collection + A collection of relationship-based control and/or control statement mappings. + + + Mapping Collection: A collection of relationship-based control and/or control statement mappings. + + + + + + + + + + Mapping Collection Universally Unique Identifier + A globally unique identifier with cross-instance scope for this catalog instance. This UUID should be changed when this document is revised. + + + Mapping Collection Universally Unique Identifier: A globally unique identifier with cross-instance scope for this catalog instance. This UUID should be changed when this document is revised. + + + + + + + Control Mapping + A mapping between two target resources. + + + Control Mapping: A mapping between two target resources. + + + + + + + + + + Mapping Universally Unique Identifier + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document. + + + Mapping Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document. + + + + + + + Publication metadata + Provides information about the publication and availability of the containing document. + + + Publication metadata: Provides information about the publication and availability of the containing document. + + + + + + + Document Title + A name given to the document, which may be used by a tool for display and navigation. + + + Document Title: A name given to the document, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + + Revision History Entry + An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first). + + + Revision History Entry: An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first). + + + + + + + Document Title + A name given to the document revision, which may be used by a tool for display and navigation. + + + Document Title: A name given to the document revision, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + + Location + A location, with associated metadata that can be referenced. + + + Location: A location, with associated metadata that can be referenced. + + + + + + + Location Title + A name given to the location, which may be used by a tool for display and navigation. + + + Location Title: A name given to the location, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + Location URL + The uniform resource locator (URL) for a web site or Internet presence associated with the location. + + + Location URL: The uniform resource locator (URL) for a web site or Internet presence associated with the location. + + + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Location Universally Unique Identifier + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + + + Location Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + + + + + + + Location Reference + A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + + + Location Reference: A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + + + + + + + Party (organization or person) + A responsible entity which is either a person or an organization. + + + Party (organization or person): A responsible entity which is either a person or an organization. + + + + + + + Party Name + The full name of the party. This is typically the legal name associated with the party. + + + Party Name: The full name of the party. This is typically the legal name associated with the party. + + + + + + + + + Party Short Name + A short common name, abbreviation, or acronym for the party. + + + Party Short Name: A short common name, abbreviation, or acronym for the party. + + + + + + + + + Party External Identifier + An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) + + + Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) + + + + + + + External Identifier Schema + Indicates the type of external identifier. + + + External Identifier Schema: Indicates the type of external identifier. + + + + + + + + + + + + + + + + + + + Organizational Affiliation + A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + + + Organizational Affiliation: A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Party Universally Unique Identifier + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + + + Party Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + + + + + + Party Type + A category describing the kind of party the object describes. + + + Party Type: A category describing the kind of party the object describes. + + + + + + + Party Reference + A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + + + Party Reference: A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + + + + + + + Role + Defines a function assumed or expected to be assumed by a party in a specific situation. + + + Role: Defines a function assumed or expected to be assumed by a party in a specific situation. + + + + + + + Role Title + A name given to the role, which may be used by a tool for display and navigation. + + + Role Title: A name given to the role, which may be used by a tool for display and navigation. + + + + + + + + + + + Role Short Name + A short common name, abbreviation, or acronym for the role. + + + Role Short Name: A short common name, abbreviation, or acronym for the role. + + + + + + + + + Role Description + A summary of the role's purpose and associated responsibilities. + + + Role Description: A summary of the role's purpose and associated responsibilities. + + + + + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Role Identifier + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + + + Role Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + + + + + + + Back matter + A collection of resources, which may be included directly or by reference. + + + Back matter: A collection of resources, which may be included directly or by reference. + + + + + + + Resource + A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources. + + + Resource: A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources. + + + + + + + Resource Title + A name given to the resource, which may be used by a tool for display and navigation. + + + Resource Title: A name given to the resource, which may be used by a tool for display and navigation. + + + + + + + + + + + Resource Description + A short summary of the resource used to indicate the purpose of the resource. + + + Resource Description: A short summary of the resource used to indicate the purpose of the resource. + + + + + + + + + + + + + Citation + A citation consisting of end note text and optional structured bibliographic data. + + + Citation: A citation consisting of end note text and optional structured bibliographic data. + + + + + + + Citation Text + A line of citation text. + + + Citation Text: A line of citation text. + + + + + + + + + + + + + + + + Resource link + A pointer to an external resource with an optional hash for verification and change detection. + + + Resource link: A pointer to an external resource with an optional hash for verification and change detection. + + + + + + + + Hypertext Reference + A resolvable URI reference to a resource. + + + Hypertext Reference: A resolvable URI reference to a resource. + + + + + + Media Type + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + + + Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + + + + + + + + + Base64 + The Base64 alphabet in RFC 2045 - aligned with XSD. + + + Base64: The Base64 alphabet in RFC 2045 - aligned with XSD. + + + + + + + File Name + Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. + + + File Name: Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. + + + + + + Media Type + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + + + Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + + + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Resource Universally Unique Identifier + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + + + Resource Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + + + + + + + + + + Property + An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values. + + + Property: An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values. + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Property Name + A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. + + + Property Name: A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. + + + + + + Property Universally Unique Identifier + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + + + Property Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + + + + + + Property Namespace + A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name. + + + Property Namespace: A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name. + + + + + + Property Value + Indicates the value of the attribute, characteristic, or quality. + + + Property Value: Indicates the value of the attribute, characteristic, or quality. + + + + + + Property Class + A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + + + Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + + + + + + + Link + A reference to a local or remote resource + + + Link: A reference to a local or remote resource + + + + + + + Link Text + A textual label to associate with the link, which may be used for presentation in a tool. + + + Link Text: A textual label to associate with the link, which may be used for presentation in a tool. + + + + + + + + + + + Hypertext Reference + A resolvable URL reference to a resource. + + + Hypertext Reference: A resolvable URL reference to a resource. + + + + + + Relation + Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. + + + Relation: Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. + + + + + + Media Type + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + + + Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + + + + + + + Responsible Party + A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object. + + + Responsible Party: A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object. + + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Responsible Role + A human-oriented identifier reference to roles served by the user. + + + Responsible Role: A human-oriented identifier reference to roles served by the user. + + + + + + + Responsible Role + A reference to one or more roles with responsibility for performing a function relative to the containing object. + + + Responsible Role: A reference to one or more roles with responsibility for performing a function relative to the containing object. + + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Responsible Role ID + A human-oriented identifier reference to roles responsible for the business function. + + + Responsible Role ID: A human-oriented identifier reference to roles responsible for the business function. + + + + + + + Hash + A representation of a cryptographic digest generated over a resource using a specified hash algorithm. + + + Hash: A representation of a cryptographic digest generated over a resource using a specified hash algorithm. + + + + + + + Hash algorithm + Method by which a hash is derived + + + Hash algorithm: Method by which a hash is derived + + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + Publication Timestamp + The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + + + Publication Timestamp: The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + + + + + + + Last Modified Timestamp + The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + + + Last Modified Timestamp: The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + + + + + + + Document Version + A string used to distinguish the current version of the document from other previous (and future) versions. + + + Document Version: A string used to distinguish the current version of the document from other previous (and future) versions. + + + + + + + OSCAL version + The OSCAL model version the document was authored against. + + + OSCAL version: The OSCAL model version the document was authored against. + + + + + + + Email Address + An email address as defined by RFC 5322 Section 3.4.1. + + + Email Address: An email address as defined by RFC 5322 Section 3.4.1. + + + + + + + Telephone Number + Contact number by telephone. + + + Telephone Number: Contact number by telephone. + + + + + + + type flag + Indicates the type of phone number. + + + type flag: Indicates the type of phone number. + + + + + + + + + Address + A postal address for the location. + + + Address: A postal address for the location. + + + + + + + + City + City, town or geographical region for the mailing address. + + + City: City, town or geographical region for the mailing address. + + + + + + + + + State + State, province or analogous geographical region for mailing address + + + State: State, province or analogous geographical region for mailing address + + + + + + + + + Postal Code + Postal or ZIP code for mailing address + + + Postal Code: Postal or ZIP code for mailing address + + + + + + + + + Country Code + The ISO 3166-1 alpha-2 country code for the mailing address. + + + Country Code: The ISO 3166-1 alpha-2 country code for the mailing address. + + + + + + + + + Address Type + Indicates the type of address. + + + Address Type: Indicates the type of address. + + + + + + + Address line + A single line of an address. + + + Address line: A single line of an address. + + + + + + + Document Identifier + A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + + + Document Identifier: A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + + + + + + + Document Identification Scheme + Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. + + + Document Identification Scheme: Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. + + + + + + + + + Mapping Entry + A relationship-based mapping between a source and target set consisting of members (i.e., controls, control statements) from the respective source and target. + + + Mapping Entry: A relationship-based mapping between a source and target set consisting of members (i.e., controls, control statements) from the respective source and target. + + + + + + + + + Mapping Entry Relationship + The relationship type for the mapping entry, which describes the relationship between the effective requirements of the specified source and target sets. + + + Mapping Entry Relationship: The relationship type for the mapping entry, which describes the relationship between the effective requirements of the specified source and target sets. + + + + + + + Relationship Value Namespace + A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name. + + + Relationship Value Namespace: A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name. + + + + + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Mapping Entry Identifier + The unique identifier for the mapping entry. + + + Mapping Entry Identifier: The unique identifier for the mapping entry. + + + + + + + Mapping Entry Item (source or target) + Identifies a specific edge within a source or target that is the subject of a mapping. + + + Mapping Entry Item (source or target): Identifies a specific edge within a source or target that is the subject of a mapping. + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Subject Type + The semantic type of the subject. + + + Subject Type: The semantic type of the subject. + + + + + + Subject Type + The semantic type of the subject. + + + Subject Type: The semantic type of the subject. + + + + + + + Mapped Resource Reference + A reference to a back-matter resource that is either the source or target of a mapping. + + + Mapped Resource Reference: A reference to a back-matter resource that is either the source or target of a mapping. + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Resource Type + The semantic type of the resource. + + + Resource Type: The semantic type of the resource. + + + + + + Catalog or Profile Reference + A resolvable URL reference to the base catalog or profile that this profile is tailoring. + + + Catalog or Profile Reference: A resolvable URL reference to the base catalog or profile that this profile is tailoring. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + The content model is the same as blockElementType, but line endings need + to be preserved, since this is preformatted. + + + + + + + + + The content model is the same as blockElementType, but line endings need + to be preserved, since this is preformatted. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + An insert can be used to identify a placeholder for dynamically inserting text related to a specific object, which is referenced by the object's identifier using an id-ref. This insert mechanism allows the selection of which text value from the object to dynamically include based on the application's display requirements. + + + + The type of object to include from (e.g., parameter, control, component, role, etc.) + + + + + The identity of the object to insert a value for. The identity will be selected from the index of objects of the specified type. The specific value to include is based on the application's display requirements, which will likely use a specific data element associated with the type (e.g., title, identifier, value, etc.) that is appropriate for the application. + + + + + + + + A string, but not empty and not whitespace-only (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) + + + + + + The xs:dateTime with a required timezone. + + + + + + An email address + + + + + + A URI + + + + + + A URI reference, such as a relative URL + + + + + + A Type 4 ('random' or 'pseudorandom' UUID per RFC 4122 + + + + + + A string token following the rules of XML "no colon" names, with no whitespace. (XML names are single alphabetic characters + followed by alphanumeric characters, periods, underscores or dashes.) + + + + + + + + A trimmed string, at least one character with no + leading or trailing whitespace. + + + + + + + + + + + + The xs:date with a required timezone. + + + + + + + + + + + + + The xs:dateTime with a required timezone. + + + + + + + + An email address + + + + + Need a better pattern. + + + + + + + A host name + + + + + + The ip-v4-address type specifies an IPv4 address in + dot decimal notation. + + + + + + + + The ip-v6-address type specifies an IPv6 address + represented in 8 hextets separated by colons. + This is based on the pattern provided here: + https://stackoverflow.com/questions/53497/regular-expression-that-matches-valid-ipv6-addresses + with some customizations. + + + + + + + + + + + A trimmed string, at least one character with no + leading or trailing whitespace. + + + + + + + A string, but not empty and not whitespace-only + (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) + + + + The OSCAL 'string' datatype restricts the XSD type by prohibiting leading + and trailing whitespace, and something (not only whitespace) is required. + + + + + A trimmed string, at least one character with no + leading or trailing whitespace. + + + + + + + A URI + + + + + Requires a scheme with colon per RFC 3986. + + + + + + + A URI reference, such as a relative URL + + + + + + A trimmed URI, at least one character with no + leading or trailing whitespace. + + + + + + + A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC + 4122. + + + + + A sequence of 8-4-4-4-12 hex digits, with extra + constraints in the 13th and 17-18th places for version 4 and 5 + + + + + +
    From b580c29dbd5da6c89ce8f67fdfed26bd09139bf2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Jul 2022 17:43:07 -0400 Subject: [PATCH 014/138] Bump ajv-cli from 4.2.0 to 5.0.0 in /build (#1354) Bumps [ajv-cli](https://github.com/ajv-validator/ajv-cli) from 4.2.0 to 5.0.0. - [Release notes](https://github.com/ajv-validator/ajv-cli/releases) - [Commits](https://github.com/ajv-validator/ajv-cli/compare/v4.2.0...v5.0.0) --- updated-dependencies: - dependency-name: ajv-cli dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- build/package-lock.json | 78 +++++++++++++---------------------------- build/package.json | 2 +- 2 files changed, 26 insertions(+), 54 deletions(-) diff --git a/build/package-lock.json b/build/package-lock.json index db9b460796..eef671fd86 100644 --- a/build/package-lock.json +++ b/build/package-lock.json @@ -8,7 +8,7 @@ "name": "ci-cd-packages", "version": "1.0.0", "dependencies": { - "ajv-cli": "^4.0.x", + "ajv-cli": "^5.0.x", "ajv-formats": "^2.1.x", "markdown-link-check": "^3.10.3", "yaml-convert": "^1.0.x" @@ -20,9 +20,9 @@ "integrity": "sha512-rr+OQyAjxze7GgWrSaJwydHStIhHq2lvY3BOC2Mj7KnzI7XK0Uw1TOOdI9lDoajEbSWLiYgoo4f1R51erQfhPQ==" }, "node_modules/ajv": { - "version": "7.2.4", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-7.2.4.tgz", - "integrity": "sha512-nBeQgg/ZZA3u3SYxyaDvpvDtgZ/EZPF547ARgZBrG9Bhu1vKDwAIjtIf+sDtJUKa2zOcEbmRLBRSyMraS/Oy1A==", + "version": "8.11.0", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.11.0.tgz", + "integrity": "sha512-wGgprdCvMalC0BztXvitD2hC04YffAvtsUn93JbGXYLAtCUO4xd17mCCZQxUOItiBwZvJScWo8NIvQMQ71rdpg==", "dependencies": { "fast-deep-equal": "^3.1.1", "json-schema-traverse": "^1.0.0", @@ -35,15 +35,15 @@ } }, "node_modules/ajv-cli": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/ajv-cli/-/ajv-cli-4.2.0.tgz", - "integrity": "sha512-3Ab8Kuh7QnyXxg+v4NFzah1LLBHgYBUVtJZC8bOaDAdl766kT6Usw5f+g8UcFN+24lYIbchaQBQ+uUntYpBEyQ==", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/ajv-cli/-/ajv-cli-5.0.0.tgz", + "integrity": "sha512-LY4m6dUv44HTyhV+u2z5uX4EhPYTM38Iv1jdgDJJJCyOOuqB8KtZEGjPZ2T+sh5ZIJrXUfgErYx/j3gLd3+PlQ==", "dependencies": { - "ajv": "^7.2.1", + "ajv": "^8.0.0", "fast-json-patch": "^2.0.0", "glob": "^7.1.0", "js-yaml": "^3.14.0", - "json-schema-migrate": "^1.1.0", + "json-schema-migrate": "^2.0.0", "json5": "^2.1.3", "minimist": "^1.2.0" }, @@ -75,21 +75,6 @@ } } }, - "node_modules/ajv-formats/node_modules/ajv": { - "version": "8.10.0", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.10.0.tgz", - "integrity": "sha512-bzqAEZOjkrUMl2afH8dknrq5KEk2SrwdBROR+vH1EKVQTqaUbJVPdc/gEdggTMM0Se+s+Ja4ju4TlNcStKl2Hw==", - "dependencies": { - "fast-deep-equal": "^3.1.1", - "json-schema-traverse": "^1.0.0", - "require-from-string": "^2.0.2", - "uri-js": "^4.2.2" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" - } - }, "node_modules/ansi-regex": { "version": "5.0.1", "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", @@ -525,11 +510,11 @@ } }, "node_modules/json-schema-migrate": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/json-schema-migrate/-/json-schema-migrate-1.1.0.tgz", - "integrity": "sha512-PggRuqHB+k1OMz0N1vXCMmwwr8cAsKWVOG5jZh1I2xSyePpRoBG6xOlWG50qe2Ca3hxfWWqZHLEYqJw2/4765g==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/json-schema-migrate/-/json-schema-migrate-2.0.0.tgz", + "integrity": "sha512-r38SVTtojDRp4eD6WsCqiE0eNDt4v1WalBXb9cyZYw9ai5cGtBwzRNWjHzJl38w6TxFkXAIA7h+fyX3tnrAFhQ==", "dependencies": { - "ajv": "^7.0.0-beta.9" + "ajv": "^8.0.0" } }, "node_modules/json-schema-traverse": { @@ -865,9 +850,9 @@ "integrity": "sha512-rr+OQyAjxze7GgWrSaJwydHStIhHq2lvY3BOC2Mj7KnzI7XK0Uw1TOOdI9lDoajEbSWLiYgoo4f1R51erQfhPQ==" }, "ajv": { - "version": "7.2.4", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-7.2.4.tgz", - "integrity": "sha512-nBeQgg/ZZA3u3SYxyaDvpvDtgZ/EZPF547ARgZBrG9Bhu1vKDwAIjtIf+sDtJUKa2zOcEbmRLBRSyMraS/Oy1A==", + "version": "8.11.0", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.11.0.tgz", + "integrity": "sha512-wGgprdCvMalC0BztXvitD2hC04YffAvtsUn93JbGXYLAtCUO4xd17mCCZQxUOItiBwZvJScWo8NIvQMQ71rdpg==", "requires": { "fast-deep-equal": "^3.1.1", "json-schema-traverse": "^1.0.0", @@ -876,15 +861,15 @@ } }, "ajv-cli": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/ajv-cli/-/ajv-cli-4.2.0.tgz", - "integrity": "sha512-3Ab8Kuh7QnyXxg+v4NFzah1LLBHgYBUVtJZC8bOaDAdl766kT6Usw5f+g8UcFN+24lYIbchaQBQ+uUntYpBEyQ==", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/ajv-cli/-/ajv-cli-5.0.0.tgz", + "integrity": "sha512-LY4m6dUv44HTyhV+u2z5uX4EhPYTM38Iv1jdgDJJJCyOOuqB8KtZEGjPZ2T+sh5ZIJrXUfgErYx/j3gLd3+PlQ==", "requires": { - "ajv": "^7.2.1", + "ajv": "^8.0.0", "fast-json-patch": "^2.0.0", "glob": "^7.1.0", "js-yaml": "^3.14.0", - "json-schema-migrate": "^1.1.0", + "json-schema-migrate": "^2.0.0", "json5": "^2.1.3", "minimist": "^1.2.0" } @@ -895,19 +880,6 @@ "integrity": "sha512-Wx0Kx52hxE7C18hkMEggYlEifqWZtYaRgouJor+WMdPnQyEK13vgEWyVNup7SoeeoLMsr4kf5h6dOW11I15MUA==", "requires": { "ajv": "^8.0.0" - }, - "dependencies": { - "ajv": { - "version": "8.10.0", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.10.0.tgz", - "integrity": "sha512-bzqAEZOjkrUMl2afH8dknrq5KEk2SrwdBROR+vH1EKVQTqaUbJVPdc/gEdggTMM0Se+s+Ja4ju4TlNcStKl2Hw==", - "requires": { - "fast-deep-equal": "^3.1.1", - "json-schema-traverse": "^1.0.0", - "require-from-string": "^2.0.2", - "uri-js": "^4.2.2" - } - } } }, "ansi-regex": { @@ -1228,11 +1200,11 @@ } }, "json-schema-migrate": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/json-schema-migrate/-/json-schema-migrate-1.1.0.tgz", - "integrity": "sha512-PggRuqHB+k1OMz0N1vXCMmwwr8cAsKWVOG5jZh1I2xSyePpRoBG6xOlWG50qe2Ca3hxfWWqZHLEYqJw2/4765g==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/json-schema-migrate/-/json-schema-migrate-2.0.0.tgz", + "integrity": "sha512-r38SVTtojDRp4eD6WsCqiE0eNDt4v1WalBXb9cyZYw9ai5cGtBwzRNWjHzJl38w6TxFkXAIA7h+fyX3tnrAFhQ==", "requires": { - "ajv": "^7.0.0-beta.9" + "ajv": "^8.0.0" } }, "json-schema-traverse": { diff --git a/build/package.json b/build/package.json index 3078f8ec38..b96ad4b3a6 100644 --- a/build/package.json +++ b/build/package.json @@ -2,7 +2,7 @@ "name": "ci-cd-packages", "version": "1.0.0", "dependencies": { - "ajv-cli": "^4.0.x", + "ajv-cli": "^5.0.x", "ajv-formats": "^2.1.x", "markdown-link-check": "^3.10.3", "yaml-convert": "^1.0.x" From 93fba71ec4bf27e7ab9761bd03fdaeff03be9994 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Jul 2022 17:44:06 -0400 Subject: [PATCH 015/138] Bump peter-evans/create-issue-from-file from 3.0.0 to 4 (#1355) Bumps [peter-evans/create-issue-from-file](https://github.com/peter-evans/create-issue-from-file) from 3.0.0 to 4. - [Release notes](https://github.com/peter-evans/create-issue-from-file/releases) - [Commits](https://github.com/peter-evans/create-issue-from-file/compare/97e6f902a416aac38834e23fa52e166aad0437d2...99b87c35610e986ad2034a7b0518a9b3ebea541b) --- updated-dependencies: - dependency-name: peter-evans/create-issue-from-file dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-validate-repo-markdown.yml | 2 +- .github/workflows/workflow-validate-website-content.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-validate-repo-markdown.yml b/.github/workflows/workflow-validate-repo-markdown.yml index d33c217b81..5bb4c01222 100644 --- a/.github/workflows/workflow-validate-repo-markdown.yml +++ b/.github/workflows/workflow-validate-repo-markdown.yml @@ -61,7 +61,7 @@ jobs: id: linkchecker - name: Create issue if bad links detected in repo if: failure() && inputs.create_issue == true - uses: peter-evans/create-issue-from-file@97e6f902a416aac38834e23fa52e166aad0437d2 # v3.0.0 + uses: peter-evans/create-issue-from-file@99b87c35610e986ad2034a7b0518a9b3ebea541b # v3.0.0 with: title: Scheduled Check of Markdown Documents Found Bad Hyperlinks content-filepath: mlc_report.log diff --git a/.github/workflows/workflow-validate-website-content.yml b/.github/workflows/workflow-validate-website-content.yml index 5f2a16ca02..9f4ca2b91e 100644 --- a/.github/workflows/workflow-validate-website-content.yml +++ b/.github/workflows/workflow-validate-website-content.yml @@ -40,7 +40,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Create issue if bad links detected if: steps.linkchecker.outputs.exit_code != 0 && inputs.create_issue - uses: peter-evans/create-issue-from-file@97e6f902a416aac38834e23fa52e166aad0437d2 + uses: peter-evans/create-issue-from-file@99b87c35610e986ad2034a7b0518a9b3ebea541b with: title: Scheduled Check of Website Content Found Bad Hyperlinks content-filepath: ./lychee/out.md From 1fe199edd4ee174f9f02334d8c8f91f2e0a63faa Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Jul 2022 17:46:36 -0400 Subject: [PATCH 016/138] Bump actions/setup-java from 2 to 3 (#1360) Bumps [actions/setup-java](https://github.com/actions/setup-java) from 2 to 3. - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](https://github.com/actions/setup-java/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-metaschema-resources.yml | 2 +- .github/workflows/workflow-generate-website-reference.yml | 2 +- .github/workflows/workflow-generate-website.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/workflow-generate-metaschema-resources.yml b/.github/workflows/workflow-generate-metaschema-resources.yml index f1a4fb6dfc..2483654b9c 100644 --- a/.github/workflows/workflow-generate-metaschema-resources.yml +++ b/.github/workflows/workflow-generate-metaschema-resources.yml @@ -66,7 +66,7 @@ jobs: # ------------------------- # Java JDK 11 - name: Set up JDK - uses: actions/setup-java@f0bb91606209742fe3ea40199be2f3ef195ecabf + uses: actions/setup-java@2c7a4878f5d120bd643426d54ae1209b29cc01a3 with: java-version: 11 distribution: 'temurin' diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index 8180877942..cc8991da4c 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -82,7 +82,7 @@ jobs: # ------------------------- # Java JDK 11 - name: Set up JDK - uses: actions/setup-java@f0bb91606209742fe3ea40199be2f3ef195ecabf + uses: actions/setup-java@2c7a4878f5d120bd643426d54ae1209b29cc01a3 with: java-version: 11 distribution: 'temurin' diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index 612f42c7da..c212ad7c03 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -76,7 +76,7 @@ jobs: # ------------------------- # Java JDK 11 - name: Set up JDK - uses: actions/setup-java@f0bb91606209742fe3ea40199be2f3ef195ecabf + uses: actions/setup-java@2c7a4878f5d120bd643426d54ae1209b29cc01a3 with: java-version: 11 distribution: 'temurin' From 8a7861e8f55be525feb04ad1afc67b58886b5123 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Jul 2022 17:46:53 -0400 Subject: [PATCH 017/138] Bump actions/setup-node from 2 to 3 (#1359) Bumps [actions/setup-node](https://github.com/actions/setup-node) from 2 to 3. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-metaschema-resources.yml | 2 +- .github/workflows/workflow-validate-repo-markdown.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-metaschema-resources.yml b/.github/workflows/workflow-generate-metaschema-resources.yml index 2483654b9c..2a3ae52850 100644 --- a/.github/workflows/workflow-generate-metaschema-resources.yml +++ b/.github/workflows/workflow-generate-metaschema-resources.yml @@ -77,7 +77,7 @@ jobs: mkdir -p "${JAVA_CLASSPATH}" mvn dependency:copy-dependencies -DoutputDirectory="${JAVA_CLASSPATH}" - name: Set up NodeJS - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@5b949b50c3461bbcd5a540b150c368278160234a with: node-version-file: '${{ env.CHECKOUT_PATH }}/build/.nvmrc' cache: 'npm' diff --git a/.github/workflows/workflow-validate-repo-markdown.yml b/.github/workflows/workflow-validate-repo-markdown.yml index 5bb4c01222..9945e2d402 100644 --- a/.github/workflows/workflow-validate-repo-markdown.yml +++ b/.github/workflows/workflow-validate-repo-markdown.yml @@ -29,7 +29,7 @@ jobs: # Setup runtime environment # ------------------------- - name: Set up NodeJS - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@5b949b50c3461bbcd5a540b150c368278160234a with: node-version-file: 'build/.nvmrc' cache: 'npm' From 68df9f14be79595a2fdc0546457d83216b80e5c0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Jul 2022 17:47:25 -0400 Subject: [PATCH 018/138] Bump stefanzweifel/git-auto-commit-action from 4.9.2 to 4.14.1 (#1357) Bumps [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action) from 4.9.2 to 4.14.1. - [Release notes](https://github.com/stefanzweifel/git-auto-commit-action/releases) - [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md) - [Commits](https://github.com/stefanzweifel/git-auto-commit-action/compare/be7095c202abcf573b09f20541e0ee2f6a3a9d9b...49620cd3ed21ee620a48530e81dba0d139c9cb80) --- updated-dependencies: - dependency-name: stefanzweifel/git-auto-commit-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-metaschema-resources.yml | 2 +- .github/workflows/workflow-generate-website-reference.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-metaschema-resources.yml b/.github/workflows/workflow-generate-metaschema-resources.yml index 2a3ae52850..e9a73d6681 100644 --- a/.github/workflows/workflow-generate-metaschema-resources.yml +++ b/.github/workflows/workflow-generate-metaschema-resources.yml @@ -130,7 +130,7 @@ jobs: - name: Publish Schemas and Converters # only do this on master if: github.event.inputs.commit_resources == 'true' || inputs.commit_resources == true - uses: stefanzweifel/git-auto-commit-action@be7095c202abcf573b09f20541e0ee2f6a3a9d9b + uses: stefanzweifel/git-auto-commit-action@49620cd3ed21ee620a48530e81dba0d139c9cb80 with: repository: ${{ env.CHECKOUT_PATH }} file_pattern: xml json diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index cc8991da4c..69d211ea23 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -153,7 +153,7 @@ jobs: - name: Publish Generated Pages # only do this on master if: github.event.inputs.commit_resources == 'true' || inputs.commit_resources == true - uses: stefanzweifel/git-auto-commit-action@be7095c202abcf573b09f20541e0ee2f6a3a9d9b + uses: stefanzweifel/git-auto-commit-action@49620cd3ed21ee620a48530e81dba0d139c9cb80 with: repository: ${{ env.MAIN_PATH }} file_pattern: docs From fecbe3cb29f2b8ce0f785ee289381dad0b612431 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Jul 2022 23:43:31 -0400 Subject: [PATCH 019/138] Bump github.com/gohugoio/hugo from 0.83.1 to 0.101.0 in /build (#1358) Bumps [github.com/gohugoio/hugo](https://github.com/gohugoio/hugo) from 0.83.1 to 0.101.0. - [Release notes](https://github.com/gohugoio/hugo/releases) - [Changelog](https://github.com/gohugoio/hugo/blob/master/goreleaser.yml) - [Commits](https://github.com/gohugoio/hugo/compare/v0.83.1...v0.101.0) --- updated-dependencies: - dependency-name: github.com/gohugoio/hugo dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- build/go.mod | 31 +++-- build/go.sum | 321 +++++---------------------------------------------- 2 files changed, 43 insertions(+), 309 deletions(-) diff --git a/build/go.mod b/build/go.mod index 1952989784..f1ddc6117c 100644 --- a/build/go.mod +++ b/build/go.mod @@ -2,7 +2,7 @@ module github.com/usnistgov/OSCAL/build go 1.18 -require github.com/gohugoio/hugo v0.83.1 +require github.com/gohugoio/hugo v0.101.0 require ( cloud.google.com/go v0.101.0 // indirect @@ -18,11 +18,9 @@ require ( github.com/Azure/go-autorest/logger v0.2.1 // indirect github.com/Azure/go-autorest/tracing v0.6.0 // indirect github.com/BurntSushi/locker v0.0.0-20171006230638-a6e239ea1c69 // indirect - github.com/BurntSushi/toml v0.3.1 // indirect github.com/PuerkitoBio/purell v1.1.1 // indirect github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect - github.com/alecthomas/chroma v0.9.1 // indirect - github.com/alecthomas/repr v0.0.0-20220113201626-b1b626ac65ae // indirect + github.com/alecthomas/chroma/v2 v2.2.0 // indirect github.com/armon/go-radix v1.0.0 // indirect github.com/aws/aws-sdk-go v1.43.5 // indirect github.com/aws/aws-sdk-go-v2 v1.9.0 // indirect @@ -34,19 +32,23 @@ require ( github.com/aws/aws-sdk-go-v2/service/sso v1.4.0 // indirect github.com/aws/aws-sdk-go-v2/service/sts v1.7.0 // indirect github.com/aws/smithy-go v1.8.0 // indirect + github.com/bep/clock v0.3.0 // indirect github.com/bep/debounce v1.2.0 // indirect github.com/bep/gitmap v1.1.2 // indirect + github.com/bep/goat v0.5.0 // indirect github.com/bep/godartsass v0.14.0 // indirect github.com/bep/golibsass v1.1.0 // indirect github.com/bep/gowebp v0.1.0 // indirect + github.com/bep/overlayfs v0.6.0 // indirect github.com/bep/tmc v0.5.1 // indirect + github.com/clbanning/mxj/v2 v2.5.6 // indirect github.com/cli/safeexec v1.0.0 // indirect github.com/cpuguy83/go-md2man/v2 v2.0.1 // indirect - github.com/danwakefield/fnmatch v0.0.0-20160403171240-cbb64ac3d964 // indirect github.com/disintegration/gift v1.2.1 // indirect github.com/dlclark/regexp2 v1.4.0 // indirect github.com/dustin/go-humanize v1.0.0 // indirect github.com/evanw/esbuild v0.14.43 // indirect + github.com/frankban/quicktest v1.14.3 // indirect github.com/fsnotify/fsnotify v1.5.4 // indirect github.com/getkin/kin-openapi v0.97.0 // indirect github.com/ghodss/yaml v1.0.0 // indirect @@ -55,6 +57,8 @@ require ( github.com/gobuffalo/flect v0.2.5 // indirect github.com/gobwas/glob v0.2.3 // indirect github.com/gohugoio/go-i18n/v2 v2.1.3-0.20210430103248-4c28c89f8013 // indirect + github.com/gohugoio/locales v0.14.0 // indirect + github.com/gohugoio/localescompressed v1.0.1 // indirect github.com/golang-jwt/jwt/v4 v4.0.0 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.2 // indirect @@ -64,28 +68,26 @@ require ( github.com/googleapis/gax-go/v2 v2.3.0 // indirect github.com/googleapis/go-type-adapters v1.0.0 // indirect github.com/gorilla/websocket v1.5.0 // indirect - github.com/hashicorp/hcl v1.0.0 // indirect + github.com/hairyhenderson/go-codeowners v0.2.3-0.20201026200250-cdc7c0759690 // indirect github.com/inconshreveable/mousetrap v1.0.0 // indirect github.com/invopop/yaml v0.1.0 // indirect github.com/jdkato/prose v1.2.1 // indirect github.com/jmespath/go-jmespath v0.4.0 // indirect + github.com/kr/pretty v0.3.0 // indirect + github.com/kr/text v0.2.0 // indirect github.com/kyokomi/emoji/v2 v2.2.9 // indirect github.com/magefile/mage v1.13.0 // indirect - github.com/magiconair/properties v1.8.1 // indirect github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e // indirect github.com/mattn/go-ieproxy v0.0.1 // indirect github.com/mattn/go-isatty v0.0.14 // indirect github.com/mattn/go-runewidth v0.0.9 // indirect - github.com/miekg/mmark v1.3.6 // indirect github.com/mitchellh/hashstructure v1.1.0 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/muesli/smartcrop v0.3.0 // indirect github.com/niklasfasching/go-org v1.6.5 // indirect github.com/olekukonko/tablewriter v0.0.5 // indirect - github.com/pelletier/go-toml v1.9.0 // indirect - github.com/pkg/errors v0.9.1 // indirect + github.com/pelletier/go-toml/v2 v2.0.2 // indirect github.com/rogpeppe/go-internal v1.8.1 // indirect - github.com/russross/blackfriday v1.6.0 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/rwcarlsen/goexif v0.0.0-20190401172101-9e8deecbddbd // indirect github.com/sanity-io/litter v1.5.5 // indirect @@ -95,14 +97,11 @@ require ( github.com/spf13/fsync v0.9.0 // indirect github.com/spf13/jwalterweatherman v1.1.0 // indirect github.com/spf13/pflag v1.0.5 // indirect - github.com/spf13/viper v1.7.1 // indirect - github.com/stretchr/testify v1.7.2 // indirect - github.com/subosito/gotenv v1.2.0 // indirect github.com/tdewolff/minify/v2 v2.11.10 // indirect github.com/tdewolff/parse/v2 v2.6.0 // indirect github.com/yuin/goldmark v1.4.12 // indirect - github.com/yuin/goldmark-highlighting v0.0.0-20200307114337-60d527fdb691 // indirect go.opencensus.io v0.23.0 // indirect + go.uber.org/atomic v1.9.0 // indirect gocloud.dev v0.24.0 // indirect golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa // indirect golang.org/x/image v0.0.0-20211028202545-6944b10bf410 // indirect @@ -111,13 +110,13 @@ require ( golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a // indirect golang.org/x/text v0.3.7 // indirect + golang.org/x/tools v0.1.11 // indirect golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f // indirect google.golang.org/api v0.76.0 // indirect google.golang.org/appengine v1.6.7 // indirect google.golang.org/genproto v0.0.0-20220426171045-31bebdecfb46 // indirect google.golang.org/grpc v1.46.0 // indirect google.golang.org/protobuf v1.28.0 // indirect - gopkg.in/ini.v1 v1.51.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/build/go.sum b/build/go.sum index 6a77b38bce..4423dc7cf2 100644 --- a/build/go.sum +++ b/build/go.sum @@ -2,7 +2,6 @@ bazil.org/fuse v0.0.0-20180421153158-65cc252bf669/go.mod h1:Xbm+BRKSBEpa4q4hTSxo cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= -cloud.google.com/go v0.39.0/go.mod h1:rVLT6fkc8chs9sfPtFc1SBH6em7n+ZoXaG+87tDISts= cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= cloud.google.com/go v0.44.3/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= @@ -12,10 +11,8 @@ cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6T cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4= cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M= cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc= -cloud.google.com/go v0.55.0/go.mod h1:ZHmoY+/lIMNkN2+fBmuTiqZ4inFhvQad8ft7MT8IV5Y= cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk= cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs= -cloud.google.com/go v0.58.0/go.mod h1:W+9FnSUw6nhVwXlFcp1eL+krq5+HQUJeUogSeJZZiWg= cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc= cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI= @@ -55,8 +52,6 @@ cloud.google.com/go/compute v1.6.1 h1:2sMmt8prCn7DPaG4Pmh0N3Inmc8cT8ae5k1M6VJ9Wq cloud.google.com/go/compute v1.6.1/go.mod h1:g85FgpzFvNULZ+S8AYq87axRKuf2Kh7deLqV/jJ3thU= cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= -cloud.google.com/go/firestore v1.1.0/go.mod h1:ulACoGHTpvq5r8rxGJ4ddJZBZqakUQqClKRT5SZwBmk= -cloud.google.com/go/firestore v1.2.0/go.mod h1:iISCjWnTpnoJT1R287xRdjvQHJrxQOpeah4phb5D3h0= cloud.google.com/go/firestore v1.5.0/go.mod h1:c4nNYR1qdq7eaZ+jSc5fonrQN2k3M7sWATcYTiakjEo= cloud.google.com/go/iam v0.3.0 h1:exkAomrVUuzx9kWFI1wm3KI0uoDeUFPB4kKGzx6x+Gc= cloud.google.com/go/iam v0.3.0/go.mod h1:XzJPvDayI+9zsASAFO68Hk07u3z+f+JrT2xXNdp4bnY= @@ -72,54 +67,35 @@ cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiy cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= -cloud.google.com/go/storage v1.9.0/go.mod h1:m+/etGaqZbylxaNT876QGXqEHp4PR2Rq5GMqICWb9bU= cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo= cloud.google.com/go/storage v1.16.1/go.mod h1:LaNorbty3ehnU3rEjXSNV/NRgQA0O8Y+uh6bPe5UOk4= cloud.google.com/go/storage v1.22.0 h1:NUV0NNp9nkBuW66BFRLuMgldN60C57ET3dhbwLIYio8= cloud.google.com/go/storage v1.22.0/go.mod h1:GbaLEoMqbVm6sx3Z0R++gSiBlgMv6yUi2q1DeGFKQgE= cloud.google.com/go/trace v0.1.0/go.mod h1:wxEwsoeRVPbeSkt7ZC9nWCgmoKQRAoySN7XHW2AmI7g= -contrib.go.opencensus.io/exporter/aws v0.0.0-20181029163544-2befc13012d0/go.mod h1:uu1P0UCM/6RbsMrgPa98ll8ZcHM858i/AD06a9aLRCA= contrib.go.opencensus.io/exporter/aws v0.0.0-20200617204711-c478e41e60e9/go.mod h1:uu1P0UCM/6RbsMrgPa98ll8ZcHM858i/AD06a9aLRCA= -contrib.go.opencensus.io/exporter/stackdriver v0.12.1/go.mod h1:iwB6wGarfphGGe/e5CWqyUk/cLzKnWsOKPVW3no6OTw= contrib.go.opencensus.io/exporter/stackdriver v0.13.8/go.mod h1:huNtlWx75MwO7qMs0KrMxPZXzNNWebav1Sq/pm02JdQ= -contrib.go.opencensus.io/integrations/ocsql v0.1.4/go.mod h1:8DsSdjz3F+APR+0z0WkU1aRorQCFfRxvqjUUPMbF3fE= contrib.go.opencensus.io/integrations/ocsql v0.1.7/go.mod h1:8DsSdjz3F+APR+0z0WkU1aRorQCFfRxvqjUUPMbF3fE= -contrib.go.opencensus.io/resource v0.1.1/go.mod h1:F361eGI91LCmW1I/Saf+rX0+OFcigGlFvXwEGEnkRLA= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= -github.com/Azure/azure-amqp-common-go/v3 v3.0.0/go.mod h1:SY08giD/XbhTz07tJdpw1SoxQXHPN30+DI3Z04SYqyg= github.com/Azure/azure-amqp-common-go/v3 v3.1.0/go.mod h1:PBIGdzcO1teYoufTKMcGibdKaYZv4avS+O6LNIp8bq0= github.com/Azure/azure-amqp-common-go/v3 v3.1.1/go.mod h1:YsDaPfaO9Ub2XeSKdIy2DfwuiQlHQCauHJwSqtrkECI= -github.com/Azure/azure-pipeline-go v0.2.1/go.mod h1:UGSo8XybXnIGZ3epmeBw7Jdz+HiUVpqIlpz/HKHylF4= -github.com/Azure/azure-pipeline-go v0.2.2/go.mod h1:4rQ/NZncSvGqNkkOsNpOU1tgoNuIlp9AfUH5G1tvCHc= github.com/Azure/azure-pipeline-go v0.2.3 h1:7U9HBg1JFK3jHl5qmo4CTZKFTVgMwdFHMVtCdfBE21U= github.com/Azure/azure-pipeline-go v0.2.3/go.mod h1:x841ezTBIMG6O3lAcl8ATHnsOPVl2bqk7S3ta6S6u4k= -github.com/Azure/azure-sdk-for-go v37.1.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/azure-sdk-for-go v51.1.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/azure-sdk-for-go v57.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-service-bus-go v0.10.1/go.mod h1:E/FOceuKAFUfpbIJDKWz/May6guE+eGibfGT6q+n1to= github.com/Azure/azure-service-bus-go v0.10.16/go.mod h1:MlkLwGGf1ewcx5jZadn0gUEty+tTg0RaElr6bPf+QhI= -github.com/Azure/azure-storage-blob-go v0.9.0/go.mod h1:8UBPbiOhrMQ4pLPi3gA1tXnpjrS76UYE/fo5A40vf4g= github.com/Azure/azure-storage-blob-go v0.14.0 h1:1BCg74AmVdYwO3dlKwtFU1V0wU2PZdREkXvAmZJRUlM= github.com/Azure/azure-storage-blob-go v0.14.0/go.mod h1:SMqIBi+SuiQH32bvyjngEewEeXoPfKMgWlBDaYf6fck= -github.com/Azure/go-amqp v0.12.6/go.mod h1:qApuH6OFTSKZFmCOxccvAv5rLizBQf4v8pRmG138DPo= -github.com/Azure/go-amqp v0.12.7/go.mod h1:qApuH6OFTSKZFmCOxccvAv5rLizBQf4v8pRmG138DPo= github.com/Azure/go-amqp v0.13.0/go.mod h1:qj+o8xPCz9tMSbQ83Vp8boHahuRDl5mkNHyt1xlxUTs= github.com/Azure/go-amqp v0.13.11/go.mod h1:D5ZrjQqB1dyp1A+G73xeL/kNn7D5qHJIIsNNps7YNmk= github.com/Azure/go-amqp v0.13.12/go.mod h1:D5ZrjQqB1dyp1A+G73xeL/kNn7D5qHJIIsNNps7YNmk= github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest/autorest v0.9.0/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI= -github.com/Azure/go-autorest/autorest v0.9.3/go.mod h1:GsRuLYvwzLjjjRoWEIyMUaYq8GNUx2nRB378IPt/1p0= github.com/Azure/go-autorest/autorest v0.11.3/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw= github.com/Azure/go-autorest/autorest v0.11.17/go.mod h1:eipySxLmqSyC5s5k1CLupqet0PSENBEDP93LQ9a8QYw= github.com/Azure/go-autorest/autorest v0.11.18/go.mod h1:dSiJPy22c3u0OtOKDNttNgqpNFY/GeWa7GH/Pz56QRA= github.com/Azure/go-autorest/autorest v0.11.20 h1:s8H1PbCZSqg/DH7JMlOz6YMig6htWLNPsjDdlLqCx3M= github.com/Azure/go-autorest/autorest v0.11.20/go.mod h1:o3tqFY+QR40VOlk+pV4d77mORO64jOXSgEnPQgLK6JY= -github.com/Azure/go-autorest/autorest/adal v0.5.0/go.mod h1:8Z9fGy2MpX0PvDjB1pEgQTmVqjGhiHBW7RJJEciWzS0= -github.com/Azure/go-autorest/autorest/adal v0.8.0/go.mod h1:Z6vX6WXXuyieHAXwMj0S6HY6e6wcHn37qQMBQlvY3lc= -github.com/Azure/go-autorest/autorest/adal v0.8.1/go.mod h1:ZjhuQClTqx435SRJ2iMlOxPYt3d2C/T/7TiQCVZSn3Q= -github.com/Azure/go-autorest/autorest/adal v0.8.3/go.mod h1:ZjhuQClTqx435SRJ2iMlOxPYt3d2C/T/7TiQCVZSn3Q= github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg= github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A= github.com/Azure/go-autorest/autorest/adal v0.9.11/go.mod h1:nBKAnTomx8gDtl+3ZCJv2v0KACFHWTB2drffI1B68Pk= @@ -127,32 +103,21 @@ github.com/Azure/go-autorest/autorest/adal v0.9.13/go.mod h1:W/MM4U6nLxnIskrw4Uw github.com/Azure/go-autorest/autorest/adal v0.9.14/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= github.com/Azure/go-autorest/autorest/adal v0.9.15 h1:X+p2GF0GWyOiSmqohIaEeuNFNDY4I4EOlVuUQvFdWMk= github.com/Azure/go-autorest/autorest/adal v0.9.15/go.mod h1:tGMin8I49Yij6AQ+rvV+Xa/zwxYQB5hmsd6DkfAx2+A= -github.com/Azure/go-autorest/autorest/azure/auth v0.4.2/go.mod h1:90gmfKdlmKgfjUpnCEpOJzsUEjrWDSLwHIG73tSXddM= github.com/Azure/go-autorest/autorest/azure/auth v0.5.8 h1:TzPg6B6fTZ0G1zBf3T54aI7p3cAT6u//TOXGPmFMOXg= github.com/Azure/go-autorest/autorest/azure/auth v0.5.8/go.mod h1:kxyKZTSfKh8OVFWPAgOgQ/frrJgeYQJPyR5fLFmXko4= -github.com/Azure/go-autorest/autorest/azure/cli v0.3.1/go.mod h1:ZG5p860J94/0kI9mNJVoIoLgXcirM2gF5i2kWloofxw= github.com/Azure/go-autorest/autorest/azure/cli v0.4.2/go.mod h1:7qkJkT+j6b+hIpzMOwPChJhTqS8VbsqqgULzMNRugoM= github.com/Azure/go-autorest/autorest/azure/cli v0.4.3 h1:DOhB+nXkF7LN0JfBGB5YtCF6QLK8mLe4psaHF7ZQEKM= github.com/Azure/go-autorest/autorest/azure/cli v0.4.3/go.mod h1:yAQ2b6eP/CmLPnmLvxtT1ALIY3OR1oFcCqVBi8vHiTc= -github.com/Azure/go-autorest/autorest/date v0.1.0/go.mod h1:plvfp3oPSKwf2DNjlBjWF/7vwR+cUD/ELuzDCXwHUVA= -github.com/Azure/go-autorest/autorest/date v0.2.0/go.mod h1:vcORJHLJEh643/Ioh9+vPmf1Ij9AEBM5FuBIXLmIy0g= github.com/Azure/go-autorest/autorest/date v0.3.0 h1:7gUk1U5M/CQbp9WoqinNzJar+8KY+LPI6wiWrP/myHw= github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= -github.com/Azure/go-autorest/autorest/mocks v0.1.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= -github.com/Azure/go-autorest/autorest/mocks v0.2.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= -github.com/Azure/go-autorest/autorest/mocks v0.3.0/go.mod h1:a8FDP3DYzQ4RYfVAxAN3SVSiiO77gL2j2ronKKP0syM= github.com/Azure/go-autorest/autorest/mocks v0.4.0/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= github.com/Azure/go-autorest/autorest/mocks v0.4.1 h1:K0laFcLE6VLTOwNgSxaGbUcLPuGXlNkbVvq4cW4nIHk= github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= -github.com/Azure/go-autorest/autorest/to v0.3.0/go.mod h1:MgwOyqaIuKdG4TL/2ywSsIWKAfJfgHDo8ObuUk3t5sA= github.com/Azure/go-autorest/autorest/to v0.4.0/go.mod h1:fE8iZBn7LQR7zH/9XU2NcPR4o9jEImooCeWJcYV/zLE= -github.com/Azure/go-autorest/autorest/validation v0.2.0/go.mod h1:3EEqHnBxQGHXRYq3HT1WyXAvT7LLY3tl70hw6tQIbjI= github.com/Azure/go-autorest/autorest/validation v0.3.1/go.mod h1:yhLgjC0Wda5DYXl6JAsWyUe4KVNffhoDhG0zVzUMo3E= -github.com/Azure/go-autorest/logger v0.1.0/go.mod h1:oExouG+K6PryycPJfVSxi/koC6LSNgds39diKLz7Vrc= github.com/Azure/go-autorest/logger v0.2.0/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= github.com/Azure/go-autorest/logger v0.2.1 h1:IG7i4p/mDa2Ce4TRyAO8IHnVhAVF3RFU+ZtXWSmf4Tg= github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= -github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbtp2fGCgRFtBroKn4Dk= github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo= github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/BurntSushi/locker v0.0.0-20171006230638-a6e239ea1c69 h1:+tu3HOoMXB7RXEINRVIpxJCT+KdYiI7LAEAUrOw3dIU= @@ -160,45 +125,20 @@ github.com/BurntSushi/locker v0.0.0-20171006230638-a6e239ea1c69/go.mod h1:L1AbZd github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/GeertJohan/go.incremental v1.0.0/go.mod h1:6fAjUhbVuX1KcMD3c8TEgVUqmo4seqhv0i0kdATSkM0= -github.com/GeertJohan/go.rice v1.0.0/go.mod h1:eH6gbSOAUv07dQuZVnBmoDP8mgsM1rtixis4Tib9if0= -github.com/GoogleCloudPlatform/cloudsql-proxy v0.0.0-20191009163259-e802c2cb94ae/go.mod h1:mjwGPas4yKduTyubHvD1Atl9r1rUq8DfVy+gkVvZ+oo= github.com/GoogleCloudPlatform/cloudsql-proxy v1.24.0/go.mod h1:3tx938GhY4FC+E1KT/jNjDw7Z5qxAEtIiERJ2sXjnII= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/PuerkitoBio/purell v1.1.1 h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tNFfI= github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV/sSk/8dngufqelfh6jnri85riMAaF/M= github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= -github.com/akavel/rsrc v0.8.0/go.mod h1:uLoCtb9J+EyAqh+26kdrTgmzRBFPGOolLWKpdxkKq+c= -github.com/alecthomas/assert v0.0.0-20170929043011-405dbfeb8e38 h1:smF2tmSOzy2Mm+0dGI2AIUHY+w0BUc+4tn40djz7+6U= -github.com/alecthomas/assert v0.0.0-20170929043011-405dbfeb8e38/go.mod h1:r7bzyVFMNntcxPZXK3/+KdruV1H5KSlyVY0gc+NgInI= -github.com/alecthomas/chroma v0.7.2-0.20200305040604-4f3623dce67a/go.mod h1:fv5SzZPFJbwp2NXJWpFIX7DZS4HgV1K4ew4Pc2OZD9s= -github.com/alecthomas/chroma v0.8.2/go.mod h1:sko8vR34/90zvl5QdcUdvzL3J8NKjAUx9va9jPuFNoM= -github.com/alecthomas/chroma v0.9.1 h1:cBmvQqRImzR5aWqdMxYZByND4S7BCS/g0svZb28h0Dc= -github.com/alecthomas/chroma v0.9.1/go.mod h1:eMuEnpA18XbG/WhOWtCzJHS7WqEtDAI+HxdwoW0nVSk= -github.com/alecthomas/colour v0.0.0-20160524082231-60882d9e2721 h1:JHZL0hZKJ1VENNfmXvHbgYlbUOvpzYzvy2aZU5gXVeo= -github.com/alecthomas/colour v0.0.0-20160524082231-60882d9e2721/go.mod h1:QO9JBoKquHd+jz9nshCh40fOfO+JzsoXy8qTHF68zU0= -github.com/alecthomas/kong v0.1.17-0.20190424132513-439c674f7ae0/go.mod h1:+inYUSluD+p4L8KdviBSgzcqEjUQOfC5fQDRFuc36lI= -github.com/alecthomas/kong v0.2.1-0.20190708041108-0548c6b1afae/go.mod h1:+inYUSluD+p4L8KdviBSgzcqEjUQOfC5fQDRFuc36lI= -github.com/alecthomas/kong v0.2.4/go.mod h1:kQOmtJgV+Lb4aj+I2LEn40cbtawdWJ9Y8QLq+lElKxE= -github.com/alecthomas/kong-hcl v0.1.8-0.20190615233001-b21fea9723c8/go.mod h1:MRgZdU3vrFd05IQ89AxUZ0aYdF39BYoNFa324SodPCA= -github.com/alecthomas/repr v0.0.0-20180818092828-117648cd9897/go.mod h1:xTS7Pm1pD1mvyM075QCDSRqH6qRLXylzS24ZTpRiSzQ= -github.com/alecthomas/repr v0.0.0-20181024024818-d37bc2a10ba1/go.mod h1:xTS7Pm1pD1mvyM075QCDSRqH6qRLXylzS24ZTpRiSzQ= +github.com/alecthomas/chroma/v2 v2.2.0 h1:Aten8jfQwUqEdadVFFjNyjx7HTexhKP0XuqBG67mRDY= +github.com/alecthomas/chroma/v2 v2.2.0/go.mod h1:vf4zrexSH54oEjJ7EdB65tGNHmH3pGZmVkgTP5RHvAs= github.com/alecthomas/repr v0.0.0-20220113201626-b1b626ac65ae h1:zzGwJfFlFGD94CyyYwCJeSuD32Gj9GTaSi5y9hoVzdY= -github.com/alecthomas/repr v0.0.0-20220113201626-b1b626ac65ae/go.mod h1:2kn6fqh/zIyPLmm3ugklbEi5hg5wS435eygvNfaDQL8= -github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= -github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= -github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= -github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/aws/aws-sdk-go v1.15.27/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= -github.com/aws/aws-sdk-go v1.19.18/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= -github.com/aws/aws-sdk-go v1.31.13/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0= github.com/aws/aws-sdk-go v1.37.0/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro= -github.com/aws/aws-sdk-go v1.38.23/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro= github.com/aws/aws-sdk-go v1.40.34/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q= github.com/aws/aws-sdk-go v1.43.5 h1:N7arnx54E4QyW69c45UW5o8j2DCSjzpoxzJW3yU6OSo= github.com/aws/aws-sdk-go v1.43.5/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= @@ -224,25 +164,26 @@ github.com/aws/aws-sdk-go-v2/service/sts v1.7.0/go.mod h1:0qcSMCyASQPN2sk/1KQLQ2 github.com/aws/smithy-go v1.8.0 h1:AEwwwXQZtUwP5Mz506FeXXrKBe0jA8gVM+1gEcSRooc= github.com/aws/smithy-go v1.8.0/go.mod h1:SObp3lf9smib00L/v3U2eAKG8FyQ7iLrJnQiAmR5n+E= github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= -github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= -github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= +github.com/bep/clock v0.3.0 h1:vfOA6+wVb6pPQEiXow9f/too92vNTLe9MuwO13PfI0M= +github.com/bep/clock v0.3.0/go.mod h1:6Gz2lapnJ9vxpvPxQ2u6FcXFRoj4kkiqQ6pm0ERZlwk= github.com/bep/debounce v1.2.0 h1:wXds8Kq8qRfwAOpAxHrJDbCXgC5aHSzgQb/0gKsHQqo= github.com/bep/debounce v1.2.0/go.mod h1:H8yggRPQKLUhUoqrJC1bO2xNya7vanpDl7xR3ISbCJ0= github.com/bep/gitmap v1.1.2 h1:zk04w1qc1COTZPPYWDQHvns3y1afOsdRfraFQ3qI840= github.com/bep/gitmap v1.1.2/go.mod h1:g9VRETxFUXNWzMiuxOwcudo6DfZkW9jOsOW0Ft4kYaY= -github.com/bep/godartsass v0.12.0/go.mod h1:nXQlHHk4H1ghUk6n/JkYKG5RD43yJfcfp5aHRqT/pc4= +github.com/bep/goat v0.5.0 h1:S8jLXHCVy/EHIoCY+btKkmcxcXFd34a0Q63/0D4TKeA= +github.com/bep/goat v0.5.0/go.mod h1:Md9x7gRxiWKs85yHlVTvHQw9rg86Bm+Y4SuYE8CTH7c= github.com/bep/godartsass v0.14.0 h1:pPb6XkpyDEppS+wK0veh7OXDQc4xzOJI9Qcjb743UeQ= github.com/bep/godartsass v0.14.0/go.mod h1:6LvK9RftsXMxGfsA0LDV12AGc4Jylnu6NgHL+Q5/pE8= -github.com/bep/golibsass v0.7.0/go.mod h1:DL87K8Un/+pWUS75ggYv41bliGiolxzDKWJAq3eJ1MA= github.com/bep/golibsass v1.1.0 h1:pjtXr00IJZZaOdfryNa9wARTB3Q0BmxC3/V1KNcgyTw= github.com/bep/golibsass v1.1.0/go.mod h1:DL87K8Un/+pWUS75ggYv41bliGiolxzDKWJAq3eJ1MA= github.com/bep/gowebp v0.1.0 h1:4/iQpfnxHyXs3x/aTxMMdOpLEQQhFmF6G7EieWPTQyo= github.com/bep/gowebp v0.1.0/go.mod h1:ZhFodwdiFp8ehGJpF4LdPl6unxZm9lLFjxD3z2h2AgI= +github.com/bep/overlayfs v0.6.0 h1:sgLcq/qtIzbaQNl2TldGXOkHvqeZB025sPvHOQL+DYo= +github.com/bep/overlayfs v0.6.0/go.mod h1:NFjSmn3kCqG7KX2Lmz8qT8VhPPCwZap3UNogXawoQHM= github.com/bep/tmc v0.5.1 h1:CsQnSC6MsomH64gw0cT5f+EwQDcvZz4AazKunFwTpuI= github.com/bep/tmc v0.5.1/go.mod h1:tGYHN8fS85aJPhDLgXETVKp+PR382OvFi2+q2GkGsq0= -github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= -github.com/bketelsen/crypt v0.0.3-0.20200106085610-5cbc8cc4026c/go.mod h1:MKsuJmJgSg28kpZDP6UIiPt0e0Oz0kqKNGyRaWEPv84= -github.com/census-instrumentation/opencensus-proto v0.2.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/bep/workers v1.0.0 h1:U+H8YmEaBCEaFZBst7GcRVEoqeRC9dzH2dWOwGmOchg= +github.com/bep/workers v1.0.0/go.mod h1:7kIESOB86HfR2379pwoMWNy8B50D7r99fRLUyPSNyCs= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/census-instrumentation/opencensus-proto v0.3.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= @@ -251,6 +192,8 @@ github.com/cheekybits/is v0.0.0-20150225183255-68e9c0620927/go.mod h1:h/aW8ynjgk github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= +github.com/clbanning/mxj/v2 v2.5.6 h1:Jm4VaCI/+Ug5Q57IzEoZbwx4iQFA6wkXv72juUSeK+g= +github.com/clbanning/mxj/v2 v2.5.6/go.mod h1:hNiWqW14h+kc+MdF9C6/YoRfjEJoR3ou6tn/Qo+ve2s= github.com/cli/safeexec v1.0.0 h1:0VngyaIyqACHdcMNWfo6+KdUYnqEr2Sg+bSP1pdF+dI= github.com/cli/safeexec v1.0.0/go.mod h1:Z/D4tTN8Vs5gXYHDCbaM1S/anmEDnJb1iW0+EJ5zx3Q= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= @@ -263,19 +206,10 @@ github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWH github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= -github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= -github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= -github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= -github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.1 h1:r/myEWzV9lfsM1tFLgDyu0atFtJ1fXn261LKYj/3DxU= github.com/cpuguy83/go-md2man/v2 v2.0.1/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/daaku/go.zipexe v1.0.0/go.mod h1:z8IiR6TsVLEYKwXAoE/I+8ys/sDkgTzSL0CLnGVd57E= -github.com/danwakefield/fnmatch v0.0.0-20160403171240-cbb64ac3d964 h1:y5HC9v93H5EPKqaS1UYVg1uYah5Xf51mBfIoWehClUQ= -github.com/danwakefield/fnmatch v0.0.0-20160403171240-cbb64ac3d964/go.mod h1:Xd9hchkHSWYkEqJwUGisez3G1QY8Ryz0sdWrLPMGjLk= github.com/davecgh/go-spew v0.0.0-20161028175848-04cdfd42973b/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= @@ -283,15 +217,12 @@ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/denisenkom/go-mssqldb v0.9.0/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU= github.com/devigned/tab v0.1.1/go.mod h1:XG9mPq0dFghrYvoBF3xdRrJzSTX1b7IQrvaL9mzjeJY= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= -github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= github.com/dimchansky/utfbom v1.1.0/go.mod h1:rO41eb7gLfo8SF1jd9F8HplJm1Fewwi4mQvIirEdv+8= github.com/dimchansky/utfbom v1.1.1 h1:vV6w1AhK4VMnhBno/TPVCoK9U/LP0PkLCS9tbxHdi/U= github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE= github.com/disintegration/gift v1.2.1 h1:Y005a1X4Z7Uc+0gLpSAsKhWi4qLtsdEcMIbbdvdZ6pc= github.com/disintegration/gift v1.2.1/go.mod h1:Jh2i7f7Q2BM7Ezno3PhfezbR1xpUg9dUg3/RlKGr4HI= github.com/djherbis/atime v1.1.0/go.mod h1:28OF6Y8s3NQWwacXc5eZTsEsiMzp7LF8MbXE+XJPdBE= -github.com/dlclark/regexp2 v1.1.6/go.mod h1:2pZnwuY/m+8K6iRw6wQdMtk+rH5tNGR1i55kozfMjCc= -github.com/dlclark/regexp2 v1.2.0/go.mod h1:2pZnwuY/m+8K6iRw6wQdMtk+rH5tNGR1i55kozfMjCc= github.com/dlclark/regexp2 v1.4.0 h1:F1rxgk7p4uKjwIQxBs9oAXe5CqrXlCduYEJvrF4u93E= github.com/dlclark/regexp2 v1.4.0/go.mod h1:2pZnwuY/m+8K6iRw6wQdMtk+rH5tNGR1i55kozfMjCc= github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo= @@ -306,25 +237,20 @@ github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.m github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/evanw/esbuild v0.11.16/go.mod h1:y2AFBAGVelPqPodpdtxWWqe6n2jYf5FrsJbligmRmuw= github.com/evanw/esbuild v0.14.43 h1:4WIYkAf2fLmru3KYtKUB6mdBl4dgpoVcq7hqXhXGVG0= github.com/evanw/esbuild v0.14.43/go.mod h1:GG+zjdi59yh3ehDn4ZWfPcATxjPDUH53iU4ZJbp7dkY= -github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/fortytw2/leaktest v1.3.0 h1:u8491cBMTQ8ft8aeV+adlcytMZylmA5nnwwkRZjI8vw= github.com/fortytw2/leaktest v1.3.0/go.mod h1:jDsjWgpAGjm2CA7WthBh/CdZYEPF31XHquHwclZch5g= github.com/frankban/quicktest v1.4.1/go.mod h1:36zfPVQyHxymz4cH7wlDmVwDrJuljRB60qkgn7rorfQ= github.com/frankban/quicktest v1.7.2/go.mod h1:jaStnuzAqU1AJdCO0l53JDCJrVDKcS03DbaAcR7Ks/o= -github.com/frankban/quicktest v1.11.2/go.mod h1:K+q6oSqb0W0Ininfk863uOk1lMy69l/P6txr3mVT54s= -github.com/frankban/quicktest v1.12.0/go.mod h1:qLE0fzW0VuyUAJgPU19zByoIr0HtCHN/r/VLSOOIySU= +github.com/frankban/quicktest v1.13.0/go.mod h1:qLE0fzW0VuyUAJgPU19zByoIr0HtCHN/r/VLSOOIySU= github.com/frankban/quicktest v1.14.2/go.mod h1:mgiwOwqx65TmIk1wJ6Q7wvnVMocbUorkibMOrVTHZps= github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE= -github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= +github.com/frankban/quicktest v1.14.3/go.mod h1:mgiwOwqx65TmIk1wJ6Q7wvnVMocbUorkibMOrVTHZps= github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5Ai1i3InKU= github.com/fsnotify/fsnotify v1.5.4 h1:jRbGcIw6P2Meqdwuo0H1p6JVLbL5DHKAKlYndzMwVZI= github.com/fsnotify/fsnotify v1.5.4/go.mod h1:OVB6XrOHzAwXMpEM7uPOzcehqUV2UqJxmVXmkdnm1bU= -github.com/getkin/kin-openapi v0.61.0/go.mod h1:7Yn5whZr5kJi6t+kShccXS8ae1APpYTW6yheSwk8Yi4= github.com/getkin/kin-openapi v0.97.0 h1:bsvXZeuGiCW43ZKy6xOY5qfT5fCRYmnJwierblSrHCU= github.com/getkin/kin-openapi v0.97.0/go.mod h1:w4lRPHiyOdwGbOkLIyk+P0qCwlu7TXPCHD/64nSXzgE= github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= @@ -335,9 +261,6 @@ github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9 github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-ini/ini v1.25.4/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= -github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= -github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= github.com/go-openapi/jsonpointer v0.19.5 h1:gZr+CIYByUqjcgeLXnQu2gHYQC9o73G2XUeOFYEICuY= github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= github.com/go-openapi/swag v0.19.5 h1:lTz6Ys4CmqqCQmZPBlbQENR1/GucA2bzYTE12Pw4tFY= @@ -346,10 +269,7 @@ github.com/go-playground/assert/v2 v2.0.1/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvSc github.com/go-playground/locales v0.13.0/go.mod h1:taPMhCMXrRLJO55olJkUXHZBHCxTMfnGwq/HNwmWNS8= github.com/go-playground/universal-translator v0.17.0/go.mod h1:UkSxE5sNxxRwHyU+Scu5vgOQjsIJAF8j9muTVoKLVtA= github.com/go-playground/validator/v10 v10.2.0/go.mod h1:uOYAAleCW8F/7oMFd6aG0GOhaH6EGOAJShg8Id5JGkI= -github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= -github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= -github.com/gobuffalo/flect v0.2.2/go.mod h1:vmkQwuZYhN5Pc4ljYQZzP+1sq+NEkK+lh20jmEmX3jc= github.com/gobuffalo/flect v0.2.5 h1:H6vvsv2an0lalEaCDRThvtBfmg44W/QHXBCYUXf/6S4= github.com/gobuffalo/flect v0.2.5/go.mod h1:1ZyCLIbg0YD7sDkzvFdPoOydPtD8y9JQnrOROolUcM8= github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y= @@ -358,20 +278,19 @@ github.com/gobwas/httphead v0.0.0-20180130184737-2c6c146eadee/go.mod h1:L0fX3K22 github.com/gobwas/pool v0.2.0/go.mod h1:q8bcK0KcYlCgd9e7WYLm9LpyS+YeLd8JVDW6WezmKEw= github.com/gobwas/ws v1.0.2/go.mod h1:szmBTxLgaFppYjEmNtny/v3w89xOydFnnZMcgRRu/EM= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= -github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= -github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= -github.com/gohugoio/go-i18n v2.1.3-0.20210430103248-4c28c89f8013+incompatible/go.mod h1:KyP0P5LEhJdtIq9PYxFiaxeWtFngJO5zLkDvEiqG8gI= github.com/gohugoio/go-i18n/v2 v2.1.3-0.20210430103248-4c28c89f8013 h1:Nj29Qbkt0bZ/bJl8eccfxQp3NlU/0IW1v9eyYtQ53XQ= github.com/gohugoio/go-i18n/v2 v2.1.3-0.20210430103248-4c28c89f8013/go.mod h1:3Ltoo9Banwq0gOtcOwxuHG6omk+AwsQPADyw2vQYOJQ= -github.com/gohugoio/hugo v0.83.1 h1:OPrt0wx0HYH/ZDCK6eXV7Aesqp7egZMsLc+uT5rGCQs= -github.com/gohugoio/hugo v0.83.1/go.mod h1:ilulkvLWQbuTvhe7CQRrrUQ+XH07QAS8/w8IxyqckTU= +github.com/gohugoio/hugo v0.101.0 h1:IARZnjaXCak6+x0jG9wLw7ARjB4RAu6i/5G1r0zKjFw= +github.com/gohugoio/hugo v0.101.0/go.mod h1:sqCS5HTRJmPD6ZHqIy8NVfTwWyhaPmN6gsiIP/UUD6M= +github.com/gohugoio/locales v0.14.0 h1:Q0gpsZwfv7ATHMbcTNepFd59H7GoykzWJIxi113XGDc= +github.com/gohugoio/locales v0.14.0/go.mod h1:ip8cCAv/cnmVLzzXtiTpPwgJ4xhKZranqNqtoIu0b/4= +github.com/gohugoio/localescompressed v1.0.1 h1:KTYMi8fCWYLswFyJAeOtuk/EkXR/KPTHHNN9OS+RTxo= +github.com/gohugoio/localescompressed v1.0.1/go.mod h1:jBF6q8D7a0vaEmcWPNcAjUZLJaIVNiwvM3WlmTvooB0= github.com/gohugoio/testmodBuilder/mods v0.0.0-20190520184928-c56af20f2e95 h1:sgew0XCnZwnzpWxTt3V8LLiCO7OQi3C6dycaE67wfkU= -github.com/gohugoio/testmodBuilder/mods v0.0.0-20190520184928-c56af20f2e95/go.mod h1:bOlVlCa1/RajcHpXkrUXPSHB/Re1UnlXxD1Qp8SKOd8= github.com/golang-jwt/jwt/v4 v4.0.0 h1:RAqyYixv1p7uEnocuy8P1nru5wprCh/MH2BIlW5z5/o= github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -422,10 +341,8 @@ github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE= github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg= github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-replayers/grpcreplay v0.1.0/go.mod h1:8Ig2Idjpr6gifRd6pNVggX6TC1Zw6Jx74AKp7QNH2QE= github.com/google/go-replayers/grpcreplay v1.1.0 h1:S5+I3zYyZ+GQz68OfbURDdt/+cSMqCK1wrvNx7WBzTE= github.com/google/go-replayers/grpcreplay v1.1.0/go.mod h1:qzAvJ8/wi57zq7gWqaE6AwLM6miiXUQwP1S+I9icmhk= -github.com/google/go-replayers/httpreplay v0.1.0/go.mod h1:YKZViNhiGgqdBlUbI2MwGpq4pXxNmhJLPHQ7cv2b5no= github.com/google/go-replayers/httpreplay v1.0.0 h1:8SmT8fUYM4nueF+UnXIX8LJxNTb1vpPuknXz+yTWzL4= github.com/google/go-replayers/httpreplay v1.0.0/go.mod h1:LJhKoTwS5Wy5Ld/peq8dFFG5OfJyHEz7ft+DsTUv25M= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= @@ -443,7 +360,6 @@ github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hf github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200507031123-427632fa3b1c/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= @@ -457,15 +373,12 @@ github.com/google/pprof v0.0.0-20210715191844-86eeefc3e471/go.mod h1:kpwsk12EmLe github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/subcommands v1.0.1/go.mod h1:ZjhPrFU+Olkh9WazFPsl27BQ4UPiG37m3yTrtFlrHVk= -github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/wire v0.4.0/go.mod h1:ngWDr9Qvq3yZA10YrxfyGELY/AFWGVpy9c1LTRi1EoU= github.com/google/wire v0.5.0 h1:I7ELFeVBr3yfPIcc8+MWvrjk+3VjbcSzoXm3JVa+jD8= github.com/google/wire v0.5.0/go.mod h1:ngWDr9Qvq3yZA10YrxfyGELY/AFWGVpy9c1LTRi1EoU= -github.com/googleapis/gax-go v2.0.2+incompatible/go.mod h1:SFVmujtThgffbyetf+mdk2eWhX2bMyUtNHzFKcPA9HY= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0= @@ -476,42 +389,15 @@ github.com/googleapis/gax-go/v2 v2.3.0/go.mod h1:b8LNqSzNabLiUpXKkY7HAR5jr6bIT99 github.com/googleapis/go-type-adapters v1.0.0 h1:9XdMn+d/G57qq1s8dNc5IesGCXHf6V2HZ2JwRxfA2tA= github.com/googleapis/go-type-adapters v1.0.0/go.mod h1:zHW75FOG2aur7gAO2B+MLby+cLsWGBF62rFAi7WjWO4= github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= -github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8= -github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/gorilla/csrf v1.6.0/go.mod h1:7tSf8kmjNYr7IWDCYhd3U8Ck34iQ/Yw5CJu7bAkHEGI= -github.com/gorilla/handlers v1.4.1/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ= -github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= -github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4= github.com/gorilla/websocket v1.4.1/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc= github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= -github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= -github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= -github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q= -github.com/hashicorp/consul/sdk v0.1.1/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8= -github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= -github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= -github.com/hashicorp/go-msgpack v0.5.3/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM= -github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= -github.com/hashicorp/go-rootcerts v1.0.0/go.mod h1:K6zTfqpRlCUIjkwsN4Z+hiSfzSTQa6eBIzfwKfwNnHU= -github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU= -github.com/hashicorp/go-syslog v1.0.0/go.mod h1:qPfqrKkXGihmCqbJM2mZgkZGvKG1dFdvsLplgctolz4= -github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90= +github.com/hairyhenderson/go-codeowners v0.2.3-0.20201026200250-cdc7c0759690 h1:XWjCrg/HJRLZCbvsUxS5R/9JhwiiwNctEsRvZ1Vjz5k= +github.com/hairyhenderson/go-codeowners v0.2.3-0.20201026200250-cdc7c0759690/go.mod h1:8Qu9UmnhCRunfRv365Z3w+mT/WfLGKJiK+vugY9qNCU= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= -github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= -github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ= -github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I= -github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= @@ -520,30 +406,19 @@ github.com/invopop/yaml v0.1.0 h1:YW3WGUoJEXYfzWBjn00zIlrw7brGVD0fUKRYDPAPhrc= github.com/invopop/yaml v0.1.0/go.mod h1:2XuRLgs/ouIrW3XNzuNj7J3Nvu/Dig5MXvbCEdiBN3Q= github.com/jdkato/prose v1.2.1 h1:Fp3UnJmLVISmlc57BgKUzdjr0lOtjqTZicL3PaYy6cU= github.com/jdkato/prose v1.2.1/go.mod h1:AiRHgVagnEx2JbQRQowVBKjG0bcs/vtkGCH1dYAL1rA= -github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= -github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= -github.com/jmespath/go-jmespath v0.3.0/go.mod h1:9QtRXoHjLGCJ5IBSaohpXITPlowMeeYCZ7fLUTSywik= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg= -github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= -github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= -github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo= -github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= -github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= -github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/klauspost/compress v1.10.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.13.5/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= -github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= -github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= @@ -553,153 +428,80 @@ github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= -github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= -github.com/kyokomi/emoji/v2 v2.2.8/go.mod h1:JUcn42DTdsXJo1SWanHh4HKDEyPaR5CqkmoirZZP9qE= github.com/kyokomi/emoji/v2 v2.2.9 h1:UWYkjplPZ4rMPvLxc+/e12/xTqoRcn55oUySkpZ554g= github.com/kyokomi/emoji/v2 v2.2.9/go.mod h1:JUcn42DTdsXJo1SWanHh4HKDEyPaR5CqkmoirZZP9qE= github.com/leodido/go-urn v1.2.0/go.mod h1:+8+nEpDfqqsY+g338gtMEUOtuK+4dEMhiQEgxpxOKII= -github.com/lib/pq v1.1.1/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= github.com/lib/pq v1.10.2/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= -github.com/magefile/mage v1.11.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXqQg881A= github.com/magefile/mage v1.13.0 h1:XtLJl8bcCM7EFoO8FyH8XK3t7G5hQAeK+i4tq+veT9M= github.com/magefile/mage v1.13.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXqQg881A= -github.com/magiconair/properties v1.8.1 h1:ZC2Vc7/ZFkGmsVC9KvOjumD+G5lXy2RtTKyzRKO2BQ4= -github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e h1:hB2xlXdHp/pmPZq0y3QnmWAArdw9PqbmotexnWx/FU8= github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/matryer/try v0.0.0-20161228173917-9ac251b645a2/go.mod h1:0KeJpeMD6o+O4hW7qJOT7vyQPKrWmj26uf5wMc/IiIs= -github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= -github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= -github.com/mattn/go-ieproxy v0.0.0-20190610004146-91bb50d98149/go.mod h1:31jz6HNzdxOmlERGGEc4v/dMssOfmp2p5bT/okiKFFc= -github.com/mattn/go-ieproxy v0.0.0-20190702010315-6dee0af9227d/go.mod h1:31jz6HNzdxOmlERGGEc4v/dMssOfmp2p5bT/okiKFFc= github.com/mattn/go-ieproxy v0.0.1 h1:qiyop7gCflfhwCzGyeT0gro3sF9AIg9HU98JORTkqfI= github.com/mattn/go-ieproxy v0.0.1/go.mod h1:pYabZ6IHcRpFh7vIaLfK7rdcWgFEb3SFJ6/gNWuh88E= -github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= -github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= github.com/mattn/go-runewidth v0.0.9 h1:Lm995f3rfxdpd6TSmuVCHVb/QhupuXlYr8sCI/QdE+0= github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= -github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= -github.com/miekg/mmark v1.3.6 h1:t47x5vThdwgLJzofNsbsAl7gmIiJ7kbDQN5BxwBmwvY= -github.com/miekg/mmark v1.3.6/go.mod h1:w7r9mkTvpS55jlfyn22qJ618itLryxXBhA7Jp3FIlkw= -github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= -github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= -github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= -github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS42BGNg= -github.com/mitchellh/hashstructure v1.0.0/go.mod h1:QjSHrPWS+BGUVBYkbTZWEnOh3G1DutKwClXU/ABz6AQ= github.com/mitchellh/hashstructure v1.1.0 h1:P6P1hdjqAAknpY/M1CGipelZgp+4y9ja9kmUZPXP+H0= github.com/mitchellh/hashstructure v1.1.0/go.mod h1:xUDAozZz0Wmdiufv0uyhnHkUTN6/6d8ulp4AwfLKrmA= -github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY= -github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/mitchellh/mapstructure v1.3.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/montanaflynn/stats v0.6.3/go.mod h1:wL8QJuTMNUDYhXwkmfOly8iTdp5TEcJFWZD2D7SIkUc= github.com/muesli/smartcrop v0.3.0 h1:JTlSkmxWg/oQ1TcLDoypuirdE8Y/jzNirQeLkxpA6Oc= github.com/muesli/smartcrop v0.3.0/go.mod h1:i2fCI/UorTfgEpPPLWiFBv4pye+YAG78RwcQLUkocpI= -github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/neurosnap/sentences v1.0.6/go.mod h1:pg1IapvYpWCJJm/Etxeh0+gtMf1rI1STY9S7eUCPbDc= github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646 h1:zYyBkD/k9seD2A7fsi6Oo2LfFZAehjjQMERAvZLEDnQ= -github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646/go.mod h1:jpp1/29i3P1S/RLdc7JQKbRpFeM1dOBd8T9ki5s+AY8= -github.com/niklasfasching/go-org v1.5.0/go.mod h1:sSb8ylwnAG+h8MGFDB3R1D5bxf8wA08REfhjShg3kjA= github.com/niklasfasching/go-org v1.6.5 h1:5YAIqNTdl6lAOb7lD2AyQ1RuFGPVrAKvUexphk8PGbo= github.com/niklasfasching/go-org v1.6.5/go.mod h1:ybv0eGDnxylFUfFE+ySaQc734j/L3+/ChKZ/h63a2wM= -github.com/nkovacs/streamquote v0.0.0-20170412213628-49af9bddb229/go.mod h1:0aYXnNPJ8l7uZxf45rWW1a/uME32OF0rhiYGNQ2oF2E= -github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec= github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY= -github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= -github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= -github.com/pelletier/go-toml v1.9.0 h1:NOd0BRdOKpPf0SxkL3HxSQOG7rNh+4kl6PHcBPFs7Q0= -github.com/pelletier/go-toml v1.9.0/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= +github.com/pelletier/go-toml/v2 v2.0.2 h1:+jQXlF3scKIcSEKkdHzXhCTDLPFi5r1wnK6yPS+49Gw= +github.com/pelletier/go-toml/v2 v2.0.2/go.mod h1:MovirKjgVRESsAvNZlAjtFwV867yGuwRkXbG66OzopI= github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= -github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI= github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg= github.com/pmezard/go-difflib v0.0.0-20151028094244-d8ed2627bdf0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= -github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= -github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= -github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= -github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= -github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= -github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= -github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE= github.com/rogpeppe/go-internal v1.8.1 h1:geMPLpDpQOgVyCg5z5GoRwLHepNdb71NXb67XFkP+Eg= github.com/rogpeppe/go-internal v1.8.1/go.mod h1:JeRgkft04UBgHMgCIwADu4Pn6Mtm5d4nPKWu0nJ5d+o= -github.com/russross/blackfriday v1.5.3-0.20200218234912-41c5fccfd6f6/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= -github.com/russross/blackfriday v1.6.0 h1:KqfZb0pUVN2lYqZUYRddxF4OR8ZMURnJIG5Y3VRLtww= -github.com/russross/blackfriday v1.6.0/go.mod h1:ti0ldHuxg49ri4ksnFxlkCfN+hvslNlmVHqNRXXJNAY= -github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/rwcarlsen/goexif v0.0.0-20190401172101-9e8deecbddbd h1:CmH9+J6ZSsIjUK3dcGsnCnO41eRBOnY12zwkn5qVwgc= github.com/rwcarlsen/goexif v0.0.0-20190401172101-9e8deecbddbd/go.mod h1:hPqNNc0+uJM6H+SuU8sEs5K5IQeKccPqeSjfgcKGgPk= -github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= -github.com/sanity-io/litter v1.5.0/go.mod h1:5Z71SvaYy5kcGtyglXOC9rrUi3c1E8CamFWjQsazTh0= github.com/sanity-io/litter v1.5.5 h1:iE+sBxPBzoK6uaEP5Lt3fHNgpKcHXc/A2HGETy0uJQo= github.com/sanity-io/litter v1.5.5/go.mod h1:9gzJgR2i4ZpjZHsKvUXIRQVk7P+yM3e+jAF7bU2UI5U= -github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= -github.com/sergi/go-diff v1.0.0 h1:Kpca3qRNrduNnOQeazBd0ysaKrUJiIuISHxogkT9RPQ= -github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= github.com/shogo82148/go-shuffle v0.0.0-20180218125048-27e6095f230d/go.mod h1:2htx6lmL0NGLHlO8ZCf+lQBGBHIbEujyywxJArf+2Yc= -github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= -github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= -github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d h1:zE9ykElWQ6/NYmHa3jpm/yHnI4xSofP+UP6SpjHcSeM= -github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= -github.com/smartystreets/goconvey v1.6.4 h1:fv0U8FUIMPNf1L9lnHLvLhgicrIVChEkdzIKYqbNC9s= -github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= -github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= -github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= -github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I= +github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= github.com/spf13/afero v1.8.2 h1:xehSyVa0YnHWsJ49JFljMpg1HX19V6NDZ1fkm1Xznbo= github.com/spf13/afero v1.8.2/go.mod h1:CtAatgMJh6bJEIs48Ay/FOnkljP3WeGUG0MC1RfAqwo= -github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= -github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w= github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU= -github.com/spf13/cobra v1.1.3/go.mod h1:pGADOWyqRD/YMrPZigI/zbliZ2wVD/23d+is3pSWzOo= github.com/spf13/cobra v1.4.0 h1:y+wJpx64xcgO1V+RcnwW0LEHxTKRi2ZDPSBjWnrg88Q= github.com/spf13/cobra v1.4.0/go.mod h1:Wo4iy3BUC+X2Fybo0PDqwJIv3dNRiZLHQymsfxlB84g= github.com/spf13/fsync v0.9.0 h1:f9CEt3DOB2mnHxZaftmEOFWjABEvKM/xpf3cUwJrGOY= github.com/spf13/fsync v0.9.0/go.mod h1:fNtJEfG3HiltN3y4cPOz6MLjos9+2pIEqLIgszqhp/0= -github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= github.com/spf13/jwalterweatherman v1.1.0 h1:ue6voC5bR5F8YxI5S67j9i582FU4Qvo2bmqnqMYADFk= github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo= -github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/spf13/viper v1.7.0/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg= -github.com/spf13/viper v1.7.1 h1:pM5oEahlgWv/WnHXpgbKz7iLIxRf65tye2Ci+XFK5sk= -github.com/spf13/viper v1.7.1/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= github.com/stretchr/testify v0.0.0-20161117074351-18a02ba4a312/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= @@ -710,23 +512,14 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.2 h1:4jaiDzPyXQvSd7D0EjG45355tLlV3VOECpq10pLC+8s= github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= -github.com/subosito/gotenv v1.2.0 h1:Slr1R9HxAlEKefgq5jn9U+DnETlIUa6HfgEzj0g5d7s= -github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= -github.com/tdewolff/minify/v2 v2.9.16/go.mod h1:cjMkr4ZgFjqxXAQ1kR9Fm4l1046mmONd2g6yMzGuN/w= github.com/tdewolff/minify/v2 v2.11.10 h1:2tk9nuKfc8YOTD8glZ7JF/VtE8W5HOgmepWdjcPtRro= github.com/tdewolff/minify/v2 v2.11.10/go.mod h1:dHOS3dk+nJ0M3q3uM3VlNzTb70cou+ov0ki7C4PAFgM= -github.com/tdewolff/parse/v2 v2.5.14/go.mod h1:WzaJpRSbwq++EIQHYIRTpbYKNA3gn9it1Ik++q4zyho= github.com/tdewolff/parse/v2 v2.6.0 h1:f2D7w32JtqjCv6SczWkfwK+m15et42qEtDnZXHoNY70= github.com/tdewolff/parse/v2 v2.6.0/go.mod h1:WzaJpRSbwq++EIQHYIRTpbYKNA3gn9it1Ik++q4zyho= github.com/tdewolff/test v1.0.6 h1:76mzYJQ83Op284kMT+63iCNCI7NEERsIN8dLM+RiKr4= github.com/tdewolff/test v1.0.6/go.mod h1:6DAvZliBAAnD7rhVgwaM7DE5/d9NMOAJ09SqYqeK4QE= -github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw= github.com/ugorji/go/codec v1.1.7/go.mod h1:Ax+UKWsSmolVDwsd+7N3ZtXu+yMGCf907BLYF3GoBXY= -github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= -github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8= -github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= -github.com/yuin/goldmark v1.1.22/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -734,9 +527,6 @@ github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9dec github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.12 h1:6hffw6vALvEDqJ19dOJvJKOoAOKe4NDaTqvd2sktGN0= github.com/yuin/goldmark v1.4.12/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -github.com/yuin/goldmark-highlighting v0.0.0-20200307114337-60d527fdb691 h1:VWSxtAiQNh3zgHJpdpkpVYjTPqRE3P6UZCOPa1nRDio= -github.com/yuin/goldmark-highlighting v0.0.0-20200307114337-60d527fdb691/go.mod h1:YLF3kDffRfUH/bTxOxHhV6lxwIB3Vfj91rEwNMS9MXo= -go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= go.opencensus.io v0.15.0/go.mod h1:UffZAU+4sDEINUGP/B7UfBBkq4fqLu9zXAX7ke6CHW0= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= @@ -748,28 +538,21 @@ go.opencensus.io v0.22.6/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= go.opencensus.io v0.23.0 h1:gqCw0LfLxScz8irSi8exQc7fyQ0fKQU/qnC/X8+V/1M= go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= -go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= +go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE= go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= -go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= go.uber.org/multierr v1.7.0/go.mod h1:7EAYxJLBy9rStEaz58O2t4Uvip6FSURkq8/ppBp95ak= -go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.18.1/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= -gocloud.dev v0.20.0/go.mod h1:+Y/RpSXrJthIOM8uFNzWp6MRu9pFPNFEEZrQMxpkfIc= gocloud.dev v0.24.0 h1:cNtHD07zQQiv02OiwwDyVMuHmR7iQt2RLkzoAgz7wBs= gocloud.dev v0.24.0/go.mod h1:uA+als++iBX5ShuG4upQo/3Zoz49iIPlYUWHV5mM8w8= -golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190325154230-a5d413f7728c/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= @@ -819,10 +602,6 @@ golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.5.0/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181023162649-9b4f9f5ad519/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181201002055-351d144fa1fc/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= @@ -830,11 +609,9 @@ golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20190619014844-b5b0513f8c1b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20191112182307-2180aed22343/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -847,7 +624,6 @@ golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/ golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200602114024-627f9648deb9/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= @@ -872,7 +648,6 @@ golang.org/x/net v0.0.0-20220607020251-c690dde0001d h1:4SFsTMi4UahlKoloni7L4eYzh golang.org/x/net v0.0.0-20220607020251-c690dde0001d/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20190402181905-9f3314589c9a/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -883,7 +658,6 @@ golang.org/x/oauth2 v0.0.0-20210126194326-f9ce19ea3013/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210413134643-5e61552d6c78/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210427180440-81ed05c6b58c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= @@ -906,13 +680,7 @@ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c h1:5KslGYwFpkhGh+Q16bwMP3cOontH8FOep7tGV86Y7SQ= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181026203630-95b1ffbd15a5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181128092732-4ed8d59d0b35/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -922,7 +690,6 @@ golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191112214154-59a1497f0cea/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -933,17 +700,12 @@ golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200317113312-5766fd39f98d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200413165638-669c56c373c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200501145240-bc7a7d42d5c3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200602225109-6fdc65e7d980/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200724161237-0e2f3a69832c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200828194041-157a740278f4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -960,7 +722,6 @@ golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210412220455-f1c623a9e750/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210503080704-8803ae5d1324/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -1000,14 +761,12 @@ golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxb golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190422233926-fe54fb35175b/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= @@ -1019,7 +778,6 @@ golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191112195655-aa38f8e97acc/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= @@ -1037,15 +795,10 @@ golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapK golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= -golang.org/x/tools v0.0.0-20200317043434-63da46f3035e/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8= -golang.org/x/tools v0.0.0-20200325010219-a49f79bcc224/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8= golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8= golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200601175630-2caf76543d99/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200606014950-c42cb6316fb6/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200608174601-1b747fd94509/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= @@ -1062,6 +815,8 @@ golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.11 h1:loJ25fNOEhSXfHrpoGj91eCUThwdNX6u24rO1xnNteY= +golang.org/x/tools v0.1.11/go.mod h1:SgwaegtQh8clINPpECJMqnxLv9I09HLqnW3RMqW0CA4= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -1069,7 +824,6 @@ golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f h1:GGU+dLjvlC3qDwqYgL6UgRmHXhOOgns0bZu2Ty5mm6U= golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= -google.golang.org/api v0.5.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= @@ -1082,7 +836,6 @@ google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/ google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= -google.golang.org/api v0.26.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM= google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= @@ -1092,7 +845,6 @@ google.golang.org/api v0.37.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjR google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU= google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94= -google.golang.org/api v0.45.0/go.mod h1:ISLIJCedJolbZvDfAk+Ctuq5hf+aJ33WgtUsfyFoLXA= google.golang.org/api v0.46.0/go.mod h1:ceL4oozhkAiTID8XMmJBsIxID/9wMXJVVFXPg4ylg3I= google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59tHXo= google.golang.org/api v0.48.0/go.mod h1:71Pr1vy+TAZRPkPs/xlCf5SsU8WjuAWv1Pfjbtukyy4= @@ -1125,8 +877,6 @@ google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRn google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190508193815-b515fa19cec8/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190530194941-fb225487d101/go.mod h1:z3L6/3dTEVtUr6QSP8miRzeRqwQOioJ9I66odjN4I7s= google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= @@ -1142,16 +892,12 @@ google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfG google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200317114155-1f3552e48f24/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200325114520-5b2d0af7952b/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto v0.0.0-20200603110839-e855014d5736/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= -google.golang.org/genproto v0.0.0-20200608115520-7c474a2e3482/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= @@ -1170,7 +916,6 @@ google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210329143202-679c6ae281ee/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A= google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A= -google.golang.org/genproto v0.0.0-20210413151531-c14fb6ef47c3/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A= google.golang.org/genproto v0.0.0-20210429181445-86c259c2b4ab/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A= google.golang.org/genproto v0.0.0-20210513213006-bf773b8c8384/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A= google.golang.org/genproto v0.0.0-20210517163617-5e0236093d7a/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A= @@ -1212,7 +957,6 @@ google.golang.org/genproto v0.0.0-20220426171045-31bebdecfb46 h1:G1IeWbjrqEq9ChW google.golang.org/genproto v0.0.0-20220426171045-31bebdecfb46/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= -google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= @@ -1257,23 +1001,14 @@ google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQ google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw= google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= -gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/ini.v1 v1.51.1 h1:GyboHr4UqMiLUybYjd22ZjQIKEJEpgtLXtuGbR21Oho= -gopkg.in/ini.v1 v1.51.1/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/neurosnap/sentences.v1 v1.0.6/go.mod h1:YlK+SN+fLQZj+kY3r8DkGDhDr91+S3JmTb5LSxFRQo0= -gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= -gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= -gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= From a199209c82ba2e56fcd55ba09ad33811e2b15817 Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Thu, 14 Jul 2022 15:57:48 -0400 Subject: [PATCH 020/138] Updating to latest metaschema toolchain. Resolves 1338 --- build/metaschema | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/metaschema b/build/metaschema index 973790d8c1..1c9ed1f5ee 160000 --- a/build/metaschema +++ b/build/metaschema @@ -1 +1 @@ -Subproject commit 973790d8c197123e5468a87b63f5ecdb3e7e520e +Subproject commit 1c9ed1f5eef531060d0acd3890b0e88e05c865a1 From 84d2d4659f2db3948160fb92566e56f79f922b89 Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Thu, 14 Jul 2022 16:48:05 -0400 Subject: [PATCH 021/138] Fixes to correct metaschema validation errors. --- build/ci-cd/validate-metaschema.sh | 2 +- build/metaschema | 2 +- src/metaschema/oscal_assessment-common_metaschema.xml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/build/ci-cd/validate-metaschema.sh b/build/ci-cd/validate-metaschema.sh index 6f3405638e..50a4fbf4dc 100755 --- a/build/ci-cd/validate-metaschema.sh +++ b/build/ci-cd/validate-metaschema.sh @@ -98,7 +98,7 @@ fi metaschema_toolchain="${OSCALDIR}/build/metaschema/toolchains/xslt-M4" schematron="${metaschema_toolchain}/validate/metaschema-composition-check.sch" compiled_schematron="${metaschema_toolchain}/validate/metaschema-composition-check-compiled.xsl" -metaschema_xsd="${metaschema_toolchain}/validate/metaschema.xsd" +metaschema_xsd="${OSCALDIR}/build/metaschema/schema/xml/metaschema.xsd" build_schematron "$schematron" "$compiled_schematron" cmd_exitcode=$? diff --git a/build/metaschema b/build/metaschema index 1c9ed1f5ee..8478d8b72b 160000 --- a/build/metaschema +++ b/build/metaschema @@ -1 +1 @@ -Subproject commit 1c9ed1f5eef531060d0acd3890b0e88e05c865a1 +Subproject commit 8478d8b72b432d1e87093d3389a0ffef971153bc diff --git a/src/metaschema/oscal_assessment-common_metaschema.xml b/src/metaschema/oscal_assessment-common_metaschema.xml index 6ee50bb1cc..bda02df397 100644 --- a/src/metaschema/oscal_assessment-common_metaschema.xml +++ b/src/metaschema/oscal_assessment-common_metaschema.xml @@ -1055,7 +1055,7 @@ - + status From c3674b6073bf1eca492fb86f3c1aec322201de8a Mon Sep 17 00:00:00 2001 From: david-waltermire-nist Date: Thu, 14 Jul 2022 20:54:47 +0000 Subject: [PATCH 022/138] Publishing generated metaschema resources [ci skip] --- ..._assessment-plan_xml-to-json-converter.xsl | 59 +- ...sessment-results_xml-to-json-converter.xsl | 59 +- .../oscal_catalog_xml-to-json-converter.xsl | 59 +- .../oscal_complete_xml-to-json-converter.xsl | 59 +- .../oscal_component_xml-to-json-converter.xsl | 59 +- .../oscal_mapping_xml-to-json-converter.xsl | 59 +- .../oscal_poam_xml-to-json-converter.xsl | 59 +- .../oscal_profile_xml-to-json-converter.xsl | 59 +- .../oscal_ssp_xml-to-json-converter.xsl | 59 +- json/schema/oscal_assessment-plan_schema.json | 561 ++-- .../oscal_assessment-results_schema.json | 598 ++--- json/schema/oscal_catalog_schema.json | 266 +- json/schema/oscal_complete_schema.json | 931 +++---- json/schema/oscal_component_schema.json | 337 +-- json/schema/oscal_mapping_schema.json | 214 +- json/schema/oscal_poam_schema.json | 570 ++-- json/schema/oscal_profile_schema.json | 321 +-- json/schema/oscal_ssp_schema.json | 410 ++- xml/schema/oscal_assessment-plan_schema.xsd | 1411 +++++----- .../oscal_assessment-results_schema.xsd | 1501 +++++------ xml/schema/oscal_catalog_schema.xsd | 775 +++--- xml/schema/oscal_complete_schema.xsd | 2383 ++++++++--------- xml/schema/oscal_component_schema.xsd | 976 +++---- xml/schema/oscal_mapping_schema.xsd | 665 ++--- xml/schema/oscal_poam_schema.xsd | 1434 +++++----- xml/schema/oscal_profile_schema.xsd | 819 +++--- xml/schema/oscal_ssp_schema.xsd | 1179 ++++---- 27 files changed, 6729 insertions(+), 9153 deletions(-) diff --git a/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl b/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl index 831a5d2884..276ea99eaf 100644 --- a/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl +++ b/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl @@ -4972,11 +4972,9 @@ @@ -4986,7 +4984,6 @@ @@ -4996,12 +4993,10 @@ @@ -5010,7 +5005,6 @@
    @@ -5054,7 +5046,6 @@ @@ -5063,7 +5054,6 @@ @@ -5072,7 +5062,6 @@ @@ -5085,12 +5074,10 @@ --> @@ -5101,7 +5088,6 @@ - - - - - - + + + + + + + + + @@ -5155,7 +5140,6 @@ @@ -5163,7 +5147,6 @@ @@ -5173,7 +5156,6 @@ @@ -5185,7 +5167,6 @@ @@ -5195,7 +5176,6 @@ @@ -5206,37 +5186,30 @@ # ## ### #### ##### ###### @@ -5244,7 +5217,6 @@ @@ -5261,7 +5233,6 @@ @@ -5271,7 +5242,6 @@ | ``` @@ -5314,7 +5281,6 @@ @@ -5327,7 +5293,6 @@ @@ -5336,7 +5301,6 @@ ` @@ -5345,7 +5309,6 @@ * @@ -5354,7 +5317,6 @@ ** @@ -5363,7 +5325,6 @@ " @@ -5372,7 +5333,6 @@ }} @@ -5384,7 +5344,6 @@ ) diff --git a/json/convert/oscal_assessment-results_xml-to-json-converter.xsl b/json/convert/oscal_assessment-results_xml-to-json-converter.xsl index dd34bf3353..d459ede185 100644 --- a/json/convert/oscal_assessment-results_xml-to-json-converter.xsl +++ b/json/convert/oscal_assessment-results_xml-to-json-converter.xsl @@ -9099,11 +9099,9 @@ @@ -9113,7 +9111,6 @@ @@ -9123,12 +9120,10 @@ @@ -9137,7 +9132,6 @@
    @@ -9181,7 +9173,6 @@ @@ -9190,7 +9181,6 @@ @@ -9199,7 +9189,6 @@ @@ -9212,12 +9201,10 @@ --> @@ -9228,7 +9215,6 @@ - - - - - - + + + + + + + + + @@ -9282,7 +9267,6 @@ @@ -9290,7 +9274,6 @@ @@ -9300,7 +9283,6 @@ @@ -9312,7 +9294,6 @@ @@ -9322,7 +9303,6 @@ @@ -9333,37 +9313,30 @@ # ## ### #### ##### ###### @@ -9371,7 +9344,6 @@ @@ -9388,7 +9360,6 @@ @@ -9398,7 +9369,6 @@ | ``` @@ -9441,7 +9408,6 @@ @@ -9454,7 +9420,6 @@ @@ -9463,7 +9428,6 @@ ` @@ -9472,7 +9436,6 @@ * @@ -9481,7 +9444,6 @@ ** @@ -9490,7 +9452,6 @@ " @@ -9499,7 +9460,6 @@ }} @@ -9511,7 +9471,6 @@ ) diff --git a/json/convert/oscal_catalog_xml-to-json-converter.xsl b/json/convert/oscal_catalog_xml-to-json-converter.xsl index d6dcc01e33..e6db7db99f 100644 --- a/json/convert/oscal_catalog_xml-to-json-converter.xsl +++ b/json/convert/oscal_catalog_xml-to-json-converter.xsl @@ -3129,11 +3129,9 @@ @@ -3143,7 +3141,6 @@ @@ -3153,12 +3150,10 @@ @@ -3167,7 +3162,6 @@ @@ -3211,7 +3203,6 @@ @@ -3220,7 +3211,6 @@ @@ -3229,7 +3219,6 @@ @@ -3242,12 +3231,10 @@ --> @@ -3258,7 +3245,6 @@ - - - - - - + + + + + + + + + @@ -3312,7 +3297,6 @@ @@ -3320,7 +3304,6 @@ @@ -3330,7 +3313,6 @@ @@ -3342,7 +3324,6 @@ @@ -3352,7 +3333,6 @@ @@ -3363,37 +3343,30 @@ # ## ### #### ##### ###### @@ -3401,7 +3374,6 @@ @@ -3418,7 +3390,6 @@ @@ -3428,7 +3399,6 @@ | ``` @@ -3471,7 +3438,6 @@ @@ -3484,7 +3450,6 @@ @@ -3493,7 +3458,6 @@ ` @@ -3502,7 +3466,6 @@ * @@ -3511,7 +3474,6 @@ ** @@ -3520,7 +3482,6 @@ " @@ -3529,7 +3490,6 @@ }} @@ -3541,7 +3501,6 @@ ) diff --git a/json/convert/oscal_complete_xml-to-json-converter.xsl b/json/convert/oscal_complete_xml-to-json-converter.xsl index edd10c0b31..c7880f7f6c 100644 --- a/json/convert/oscal_complete_xml-to-json-converter.xsl +++ b/json/convert/oscal_complete_xml-to-json-converter.xsl @@ -28343,11 +28343,9 @@ @@ -28357,7 +28355,6 @@ @@ -28367,12 +28364,10 @@ @@ -28381,7 +28376,6 @@ @@ -28425,7 +28417,6 @@ @@ -28434,7 +28425,6 @@ @@ -28443,7 +28433,6 @@ @@ -28456,12 +28445,10 @@ --> @@ -28472,7 +28459,6 @@ - - - - - - + + + + + + + + + @@ -28526,7 +28511,6 @@ @@ -28534,7 +28518,6 @@ @@ -28544,7 +28527,6 @@ @@ -28556,7 +28538,6 @@ @@ -28566,7 +28547,6 @@ @@ -28577,37 +28557,30 @@ # ## ### #### ##### ###### @@ -28615,7 +28588,6 @@ @@ -28632,7 +28604,6 @@ @@ -28642,7 +28613,6 @@ | ``` @@ -28685,7 +28652,6 @@ @@ -28698,7 +28664,6 @@ @@ -28707,7 +28672,6 @@ ` @@ -28716,7 +28680,6 @@ * @@ -28725,7 +28688,6 @@ ** @@ -28734,7 +28696,6 @@ " @@ -28743,7 +28704,6 @@ }} @@ -28755,7 +28715,6 @@ ) diff --git a/json/convert/oscal_component_xml-to-json-converter.xsl b/json/convert/oscal_component_xml-to-json-converter.xsl index 27966749dd..e630632c4c 100644 --- a/json/convert/oscal_component_xml-to-json-converter.xsl +++ b/json/convert/oscal_component_xml-to-json-converter.xsl @@ -2808,11 +2808,9 @@ @@ -2822,7 +2820,6 @@ @@ -2832,12 +2829,10 @@ @@ -2846,7 +2841,6 @@ @@ -2890,7 +2882,6 @@ @@ -2899,7 +2890,6 @@ @@ -2908,7 +2898,6 @@ @@ -2921,12 +2910,10 @@ --> @@ -2937,7 +2924,6 @@ - - - - - - + + + + + + + + + @@ -2991,7 +2976,6 @@ @@ -2999,7 +2983,6 @@ @@ -3009,7 +2992,6 @@ @@ -3021,7 +3003,6 @@ @@ -3031,7 +3012,6 @@ @@ -3042,37 +3022,30 @@ # ## ### #### ##### ###### @@ -3080,7 +3053,6 @@ @@ -3097,7 +3069,6 @@ @@ -3107,7 +3078,6 @@ | ``` @@ -3150,7 +3117,6 @@ @@ -3163,7 +3129,6 @@ @@ -3172,7 +3137,6 @@ ` @@ -3181,7 +3145,6 @@ * @@ -3190,7 +3153,6 @@ ** @@ -3199,7 +3161,6 @@ " @@ -3208,7 +3169,6 @@ }} @@ -3220,7 +3180,6 @@ ) diff --git a/json/convert/oscal_mapping_xml-to-json-converter.xsl b/json/convert/oscal_mapping_xml-to-json-converter.xsl index d1648ad879..2a2e20da12 100644 --- a/json/convert/oscal_mapping_xml-to-json-converter.xsl +++ b/json/convert/oscal_mapping_xml-to-json-converter.xsl @@ -1983,11 +1983,9 @@ @@ -1997,7 +1995,6 @@ @@ -2007,12 +2004,10 @@ @@ -2021,7 +2016,6 @@ @@ -2065,7 +2057,6 @@ @@ -2074,7 +2065,6 @@ @@ -2083,7 +2073,6 @@ @@ -2096,12 +2085,10 @@ --> @@ -2112,7 +2099,6 @@ - - - - - - + + + + + + + + + @@ -2166,7 +2151,6 @@ @@ -2174,7 +2158,6 @@ @@ -2184,7 +2167,6 @@ @@ -2196,7 +2178,6 @@ @@ -2206,7 +2187,6 @@ @@ -2217,37 +2197,30 @@ # ## ### #### ##### ###### @@ -2255,7 +2228,6 @@ @@ -2272,7 +2244,6 @@ @@ -2282,7 +2253,6 @@ | ``` @@ -2325,7 +2292,6 @@ @@ -2338,7 +2304,6 @@ @@ -2347,7 +2312,6 @@ ` @@ -2356,7 +2320,6 @@ * @@ -2365,7 +2328,6 @@ ** @@ -2374,7 +2336,6 @@ " @@ -2383,7 +2344,6 @@ }} @@ -2395,7 +2355,6 @@ ) diff --git a/json/convert/oscal_poam_xml-to-json-converter.xsl b/json/convert/oscal_poam_xml-to-json-converter.xsl index 541852ff1b..e4064079fb 100644 --- a/json/convert/oscal_poam_xml-to-json-converter.xsl +++ b/json/convert/oscal_poam_xml-to-json-converter.xsl @@ -5755,11 +5755,9 @@ @@ -5769,7 +5767,6 @@ @@ -5779,12 +5776,10 @@ @@ -5793,7 +5788,6 @@ @@ -5837,7 +5829,6 @@ @@ -5846,7 +5837,6 @@ @@ -5855,7 +5845,6 @@ @@ -5868,12 +5857,10 @@ --> @@ -5884,7 +5871,6 @@ - - - - - - + + + + + + + + + @@ -5938,7 +5923,6 @@ @@ -5946,7 +5930,6 @@ @@ -5956,7 +5939,6 @@ @@ -5968,7 +5950,6 @@ @@ -5978,7 +5959,6 @@ @@ -5989,37 +5969,30 @@ # ## ### #### ##### ###### @@ -6027,7 +6000,6 @@ @@ -6044,7 +6016,6 @@ @@ -6054,7 +6025,6 @@ | ``` @@ -6097,7 +6064,6 @@ @@ -6110,7 +6076,6 @@ @@ -6119,7 +6084,6 @@ ` @@ -6128,7 +6092,6 @@ * @@ -6137,7 +6100,6 @@ ** @@ -6146,7 +6108,6 @@ " @@ -6155,7 +6116,6 @@ }} @@ -6167,7 +6127,6 @@ ) diff --git a/json/convert/oscal_profile_xml-to-json-converter.xsl b/json/convert/oscal_profile_xml-to-json-converter.xsl index 14278bd995..851947825b 100644 --- a/json/convert/oscal_profile_xml-to-json-converter.xsl +++ b/json/convert/oscal_profile_xml-to-json-converter.xsl @@ -3169,11 +3169,9 @@ @@ -3183,7 +3181,6 @@ @@ -3193,12 +3190,10 @@ @@ -3207,7 +3202,6 @@ @@ -3251,7 +3243,6 @@ @@ -3260,7 +3251,6 @@ @@ -3269,7 +3259,6 @@ @@ -3282,12 +3271,10 @@ --> @@ -3298,7 +3285,6 @@ - - - - - - + + + + + + + + + @@ -3352,7 +3337,6 @@ @@ -3360,7 +3344,6 @@ @@ -3370,7 +3353,6 @@ @@ -3382,7 +3364,6 @@ @@ -3392,7 +3373,6 @@ @@ -3403,37 +3383,30 @@ # ## ### #### ##### ###### @@ -3441,7 +3414,6 @@ @@ -3458,7 +3430,6 @@ @@ -3468,7 +3439,6 @@ | ``` @@ -3511,7 +3478,6 @@ @@ -3524,7 +3490,6 @@ @@ -3533,7 +3498,6 @@ ` @@ -3542,7 +3506,6 @@ * @@ -3551,7 +3514,6 @@ ** @@ -3560,7 +3522,6 @@ " @@ -3569,7 +3530,6 @@ }} @@ -3581,7 +3541,6 @@ ) diff --git a/json/convert/oscal_ssp_xml-to-json-converter.xsl b/json/convert/oscal_ssp_xml-to-json-converter.xsl index 0bcec4cd57..1982064062 100644 --- a/json/convert/oscal_ssp_xml-to-json-converter.xsl +++ b/json/convert/oscal_ssp_xml-to-json-converter.xsl @@ -5285,11 +5285,9 @@ @@ -5299,7 +5297,6 @@ @@ -5309,12 +5306,10 @@ @@ -5323,7 +5318,6 @@ @@ -5367,7 +5359,6 @@ @@ -5376,7 +5367,6 @@ @@ -5385,7 +5375,6 @@ @@ -5398,12 +5387,10 @@ --> @@ -5414,7 +5401,6 @@ - - - - - - + + + + + + + + + @@ -5468,7 +5453,6 @@ @@ -5476,7 +5460,6 @@ @@ -5486,7 +5469,6 @@ @@ -5498,7 +5480,6 @@ @@ -5508,7 +5489,6 @@ @@ -5519,37 +5499,30 @@ # ## ### #### ##### ###### @@ -5557,7 +5530,6 @@ @@ -5574,7 +5546,6 @@ @@ -5584,7 +5555,6 @@ | ``` @@ -5627,7 +5594,6 @@ @@ -5640,7 +5606,6 @@ @@ -5649,7 +5614,6 @@ ` @@ -5658,7 +5622,6 @@ * @@ -5667,7 +5630,6 @@ ** @@ -5676,7 +5638,6 @@ " @@ -5685,7 +5646,6 @@ }} @@ -5697,7 +5657,6 @@ ) diff --git a/json/schema/oscal_assessment-plan_schema.json b/json/schema/oscal_assessment-plan_schema.json index d29edeac84..15de0b50cb 100644 --- a/json/schema/oscal_assessment-plan_schema.json +++ b/json/schema/oscal_assessment-plan_schema.json @@ -13,8 +13,7 @@ { "uuid" : { "title" : "Assessment Plan Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment plan in this or other OSCAL instances. The locally defined UUID of the assessment plan can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "metadata" : { "$ref" : "#assembly_oscal-metadata_metadata" }, "import-ssp" : @@ -193,8 +192,7 @@ { "uuid" : { "title" : "Location Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Location Title", "description" : "A name given to the location, which may be used by a tool for display and navigation.", @@ -217,9 +215,7 @@ "items" : { "title" : "Location URL", "description" : "The uniform resource locator (URL) for a web site or Internet presence associated with the location.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" } }, + "$ref" : "#/definitions/URIDatatype" } }, "props" : { "type" : "array", "minItems" : 1, @@ -240,8 +236,7 @@ { "title" : "Location Reference", "description" : "A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", "$id" : "#field_oscal-metadata_location-uuid", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "oscal-ap-oscal-metadata:party" : { "title" : "Party (organization or person)", "description" : "A responsible entity which is either a person or an organization.", @@ -251,26 +246,25 @@ { "uuid" : { "title" : "Party Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Party Type", "description" : "A category describing the kind of party the object describes.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$", - "enum" : - [ "person", - "organization" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, "name" : { "title" : "Party Name", "description" : "The full name of the party. This is typically the legal name associated with the party.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "short-name" : { "title" : "Party Short Name", "description" : "A short common name, abbreviation, or acronym for the party.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "external-ids" : { "type" : "array", "minItems" : 1, @@ -282,9 +276,7 @@ { "scheme" : { "title" : "External Identifier Schema", "description" : "Indicates the type of external identifier.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "id" : { "type" : "string" } }, "required" : @@ -327,8 +319,7 @@ "items" : { "title" : "Organizational Affiliation", "description" : "A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -339,8 +330,7 @@ { "title" : "Party Reference", "description" : "A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", "$id" : "#field_oscal-metadata_party-uuid", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "oscal-ap-oscal-metadata:role" : { "title" : "Role", "description" : "Defines a function assumed or expected to be assumed by a party in a specific situation.", @@ -350,8 +340,7 @@ { "id" : { "title" : "Role Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Role Title", "description" : "A name given to the role, which may be used by a tool for display and navigation.", @@ -359,8 +348,7 @@ "short-name" : { "title" : "Role Short Name", "description" : "A short common name, abbreviation, or acronym for the role.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "description" : { "title" : "Role Description", "description" : "A summary of the role's purpose and associated responsibilities.", @@ -385,8 +373,7 @@ { "title" : "Role Identifier Reference", "description" : "A human-oriented identifier reference to roles served by the user.", "$id" : "#field_oscal-metadata_role-id", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "oscal-ap-oscal-metadata:back-matter" : { "title" : "Back matter", "description" : "A collection of resources, which may be included directly or by reference.", @@ -404,8 +391,7 @@ { "uuid" : { "title" : "Resource Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Resource Title", "description" : "A name given to the resource, which may be used by a tool for display and navigation.", @@ -457,13 +443,11 @@ { "href" : { "title" : "Hypertext Reference", "description" : "A resolvable URI reference to a resource.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "hashes" : { "type" : "array", "minItems" : 1, @@ -480,13 +464,11 @@ { "filename" : { "title" : "File Name", "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, "required" : @@ -507,29 +489,23 @@ { "name" : { "title" : "Property Name", "description" : "A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "uuid" : { "title" : "Property Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "ns" : { "title" : "Property Namespace", "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "value" : { "title" : "Property Value", "description" : "Indicates the value of the attribute, characteristic, or quality.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "class" : { "title" : "Property Class", "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -545,18 +521,15 @@ { "href" : { "title" : "Hypertext Reference", "description" : "A resolvable URL reference to a resource.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "rel" : { "title" : "Relation", "description" : "Describes the type of relationship provided by the link. This can be an indicator of the link's purpose.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", @@ -573,8 +546,7 @@ { "role-id" : { "title" : "Responsible Role", "description" : "A human-oriented identifier reference to roles served by the user.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "party-uuids" : { "type" : "array", "minItems" : 1, @@ -605,8 +577,7 @@ { "role-id" : { "title" : "Responsible Role ID", "description" : "A human-oriented identifier reference to roles responsible for the business function.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -636,8 +607,7 @@ { "algorithm" : { "title" : "Hash algorithm", "description" : "Method by which a hash is derived", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, "required" : @@ -653,35 +623,27 @@ { "title" : "Publication Timestamp", "description" : "The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", "$id" : "#field_oscal-metadata_published", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-ap-oscal-metadata:last-modified" : { "title" : "Last Modified Timestamp", "description" : "The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", "$id" : "#field_oscal-metadata_last-modified", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-ap-oscal-metadata:version" : { "title" : "Document Version", "description" : "A string used to distinguish the current version of the document from other previous (and future) versions.", "$id" : "#field_oscal-metadata_version", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-ap-oscal-metadata:oscal-version" : { "title" : "OSCAL version", "description" : "The OSCAL model version the document was authored against.", "$id" : "#field_oscal-metadata_oscal-version", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-ap-oscal-metadata:email-address" : { "title" : "Email Address", "description" : "An email address as defined by RFC 5322 Section 3.4.1.", "$id" : "#field_oscal-metadata_email-address", - "type" : "string", - "format" : "email", - "pattern" : "^.+@.+$" }, + "$ref" : "#/definitions/EmailAddressDatatype" }, "oscal-ap-oscal-metadata:telephone-number" : { "title" : "Telephone Number", "description" : "Contact number by telephone.", @@ -691,8 +653,7 @@ { "type" : { "title" : "type flag", "description" : "Indicates the type of phone number.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "number" : { "type" : "string" } }, "required" : @@ -707,8 +668,7 @@ { "type" : { "title" : "Address Type", "description" : "Indicates the type of address.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "addr-lines" : { "type" : "array", "minItems" : 1, @@ -717,30 +677,25 @@ "city" : { "title" : "City", "description" : "City, town or geographical region for the mailing address.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "state" : { "title" : "State", "description" : "State, province or analogous geographical region for mailing address", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "postal-code" : { "title" : "Postal Code", "description" : "Postal or ZIP code for mailing address", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "country" : { "title" : "Country Code", "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } }, + "$ref" : "#/definitions/StringDatatype" } }, "additionalProperties" : false }, "oscal-ap-oscal-metadata:addr-line" : { "title" : "Address line", "description" : "A single line of an address.", "$id" : "#field_oscal-metadata_addr-line", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-ap-oscal-metadata:document-id" : { "title" : "Document Identifier", "description" : "A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of \"document-id\" is equal to the value of the \"uuid\" flag of the top-level root element.", @@ -750,9 +705,7 @@ { "scheme" : { "title" : "Document Identification Scheme", "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "identifier" : { "type" : "string" } }, "required" : @@ -767,8 +720,7 @@ { "href" : { "title" : "System Security Plan Reference", "description" : "A resolvable URL reference to the system security plan for the system being assessed.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -783,8 +735,7 @@ { "control-id" : { "title" : "Control Identifier Reference", "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "description" : { "title" : "Objective Description", "description" : "A human-readable description of this control objective.", @@ -819,8 +770,7 @@ { "uuid" : { "title" : "Assessment Method Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Assessment Method Description", "description" : "A human-readable description of this assessment method.", @@ -852,8 +802,7 @@ { "uuid" : { "title" : "Assessment Activity Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Included Activity Title", "description" : "The title for this included activity.", @@ -883,8 +832,7 @@ { "uuid" : { "title" : "Step Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Step Title", "description" : "The title for this step.", @@ -938,13 +886,11 @@ { "uuid" : { "title" : "Task Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Task Type", "description" : "The type of task.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Task Title", "description" : "The title for this task.", @@ -976,9 +922,7 @@ { "date" : { "title" : "On Date Condition", "description" : "The task must occur on the specified date.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" } }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, "required" : [ "date" ], "additionalProperties" : false }, @@ -990,15 +934,11 @@ { "start" : { "title" : "Start Date Condition", "description" : "The task must occur on or after the specified date.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "end" : { "title" : "End Date Condition", "description" : "The task must occur on or before the specified date.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" } }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, "required" : [ "start", "end" ], @@ -1011,21 +951,21 @@ { "period" : { "title" : "Period", "description" : "The task must occur after the specified period has elapsed.", - "type" : "integer", - "multipleOf" : 1, - "minimum" : 1 }, + "$ref" : "#/definitions/PositiveIntegerDatatype" }, "unit" : { "title" : "Time Unit", "description" : "The unit of time for the period.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$", - "enum" : - [ "seconds", - "minutes", - "hours", - "days", - "months", - "years" ] } }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "seconds", + "minutes", + "hours", + "days", + "months", + "years" ] } ] } }, "required" : [ "period", "unit" ], @@ -1042,8 +982,7 @@ { "task-uuid" : { "title" : "Task Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a unique task.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1065,8 +1004,7 @@ { "activity-uuid" : { "title" : "Activity Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to an activity defined in the list of activities.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1218,16 +1156,14 @@ { "control-id" : { "title" : "Control Identifier Reference", "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "statement-ids" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Include Specific Statements", "description" : "Used to constrain the selection to only specificity identified statements.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" } } }, + "$ref" : "#/definitions/TokenDatatype" } } }, "required" : [ "control-id" ], "additionalProperties" : false }, @@ -1240,8 +1176,7 @@ { "objective-id" : { "title" : "Objective ID", "description" : "Points to an assessment objective.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" } }, + "$ref" : "#/definitions/TokenDatatype" } }, "required" : [ "objective-id" ], "additionalProperties" : false }, @@ -1254,8 +1189,7 @@ { "uuid" : { "title" : "Assessment Subject Placeholder Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Assessment Subject Placeholder Description", "description" : "A human-readable description of intent of this assessment subject placeholder.", @@ -1271,8 +1205,7 @@ { "task-uuid" : { "title" : "Task Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "required" : [ "task-uuid" ], "additionalProperties" : false } }, @@ -1301,8 +1234,7 @@ { "type" : { "title" : "Subject Type", "description" : "Indicates the type of assessment subject, such as a component, inventory, item, location, or party represented by this selection statement.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "description" : { "title" : "Include Subjects Description", "description" : "A human-readable description of the collection of subjects being included in this assessment.", @@ -1343,13 +1275,11 @@ { "subject-uuid" : { "title" : "Subject Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Subject Universally Unique Identifier Reference Type", "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1375,13 +1305,11 @@ { "subject-uuid" : { "title" : "Subject Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Subject Universally Unique Identifier Reference Type", "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Subject Reference Title", "description" : "The title or name for the referenced subject.", @@ -1424,8 +1352,7 @@ { "uuid" : { "title" : "Assessment Platform Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Assessment Platform Title", "description" : "The title or name for the assessment platform.", @@ -1451,8 +1378,7 @@ { "component-uuid" : { "title" : "Component Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1490,16 +1416,17 @@ { "type" : { "title" : "Finding Target Type", "description" : "Identifies the type of the target.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$", - "enum" : - [ "statement-id", - "objective-id" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "statement-id", + "objective-id" ] } ] }, "target-id" : { "title" : "Finding Target Identifier Reference", "description" : "A machine-oriented identifier reference for a specific target qualified by the type.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Objective Status Title", "description" : "The title for this objective status.", @@ -1526,16 +1453,17 @@ { "state" : { "title" : "Objective Status State", "description" : "An indication as to whether the objective is satisfied or not.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "satisfied", - "not-satisfied" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "satisfied", + "not-satisfied" ] } ] }, "reason" : { "title" : "Objective Status Reason", "description" : "The reason the objective was given it's status.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1559,8 +1487,7 @@ { "uuid" : { "title" : "Observation Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Observation Title", "description" : "The title for this observation.", @@ -1585,16 +1512,14 @@ "items" : { "title" : "Observation Method", "description" : "Identifies how the observation was made.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } }, + "$ref" : "#/definitions/StringDatatype" } }, "types" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Observation Type", "description" : "Identifies the nature of the observation. More than one may be used to further qualify and enable filtering.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" } }, + "$ref" : "#/definitions/TokenDatatype" } }, "origins" : { "type" : "array", "minItems" : 1, @@ -1616,8 +1541,7 @@ { "href" : { "title" : "Relevant Evidence Reference", "description" : "A resolvable URL reference to relevant evidence.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "description" : { "title" : "Relevant Evidence Description", "description" : "A human-readable description of this evidence.", @@ -1640,15 +1564,11 @@ "collected" : { "title" : "Collected Field", "description" : "Date/time stamp identifying when the finding information was collected.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "expires" : { "title" : "Expires Field", "description" : "Date/time identifying when the finding information is out-of-date and no longer valid. Typically used with continuous assessment scenarios.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1685,22 +1605,22 @@ { "type" : { "title" : "Actor Type", "description" : "The kind of actor.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "tool", - "assessment-platform", - "party" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "tool", + "assessment-platform", + "party" ] } ] }, "actor-uuid" : { "title" : "Actor Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to the tool or person based on the associated type.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "role-id" : { "title" : "Actor Role", "description" : "For a party, this can optionally be used to specify the role the actor was performing.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1724,8 +1644,7 @@ { "task-uuid" : { "title" : "Task Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a unique task.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1754,8 +1673,7 @@ { "subject-placeholder-uuid" : { "title" : "Assessment Subject Placeholder Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "subjects" : { "type" : "array", "minItems" : 1, @@ -1779,14 +1697,11 @@ { "system" : { "title" : "Threat Type Identification System", "description" : "Specifies the source of the threat information.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "href" : { "title" : "Threat Information Resource Reference", "description" : "An optional location for the threat data, from which this ID originates.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "id" : { "type" : "string" } }, "required" : @@ -1802,8 +1717,7 @@ { "uuid" : { "title" : "Risk Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Risk Title", "description" : "The title for this risk.", @@ -1854,13 +1768,11 @@ { "uuid" : { "title" : "Mitigating Factor Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "implementation-uuid" : { "title" : "Implementation UUID", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Mitigating Factor Description", "description" : "A human-readable description of this mitigating factor.", @@ -1887,9 +1799,7 @@ "deadline" : { "title" : "Risk Resolution Deadline", "description" : "The date/time by which the risk must be resolved.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "remediations" : { "type" : "array", "minItems" : 1, @@ -1911,8 +1821,7 @@ { "uuid" : { "title" : "Risk Log Entry Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Title", "description" : "The title for this risk log entry.", @@ -1924,15 +1833,11 @@ "start" : { "title" : "Start", "description" : "Identifies the start date and time of the event.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "end" : { "title" : "End", "description" : "Identifies the end date and time of the event. If the event is a point in time, the start and end will be the same date and time.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1961,8 +1866,7 @@ { "response-uuid" : { "title" : "Response Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a unique risk response.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -2003,8 +1907,7 @@ { "observation-uuid" : { "title" : "Observation Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "required" : [ "observation-uuid" ], "additionalProperties" : false } } }, @@ -2024,13 +1927,11 @@ { "party-uuid" : { "title" : "Party UUID Reference", "description" : "A machine-oriented identifier reference to the party who is making the log entry.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "role-id" : { "title" : "Actor Role", "description" : "A point to the role-id of the role in which the party is making the log entry.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" } }, + "$ref" : "#/definitions/TokenDatatype" } }, "required" : [ "party-uuid" ], "additionalProperties" : false }, @@ -2038,8 +1939,7 @@ { "title" : "Risk Status", "description" : "Describes the status of the associated risk.", "$id" : "#field_oscal-assessment-common_risk-status", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "oscal-ap-oscal-assessment-common:characterization" : { "title" : "Characterization", "description" : "A collection of descriptive data about the containing object from a specific origin.", @@ -2069,19 +1969,15 @@ { "name" : { "title" : "Facet Name", "description" : "The name of the risk metric within the specified system.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "system" : { "title" : "Naming System", "description" : "Specifies the naming system under which this risk metric is organized, which allows for the same names to be used in different systems controlled by different parties. This avoids the potential of a name clash.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "value" : { "title" : "Facet Value", "description" : "Indicates the value of the facet.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -2112,13 +2008,11 @@ { "uuid" : { "title" : "Remediation Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "lifecycle" : { "title" : "Remediation Intent", "description" : "Identifies whether this is a recommendation, such as from an assessor or tool, or an actual plan accepted by the system owner.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Response Title", "description" : "The title for this response activity.", @@ -2153,8 +2047,7 @@ { "uuid" : { "title" : "Required Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "subjects" : { "type" : "array", "minItems" : 1, @@ -2206,24 +2099,19 @@ { "uuid" : { "title" : "Part Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "name" : { "title" : "Part Name", "description" : "A textual label that uniquely identifies the part's semantic type.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "ns" : { "title" : "Part Namespace", "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "class" : { "title" : "Part Class", "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Part Title", "description" : "A name given to the part, which may be used by a tool for display and navigation.", @@ -2259,24 +2147,19 @@ { "id" : { "title" : "Part Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "name" : { "title" : "Part Name", "description" : "A textual label that uniquely identifies the part's semantic type.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "ns" : { "title" : "Part Namespace", "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "class" : { "title" : "Part Class", "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Part Title", "description" : "A name given to the part, which may be used by a tool for display and navigation.", @@ -2312,18 +2195,15 @@ { "id" : { "title" : "Parameter Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Parameter Class", "description" : "A textual label that provides a characterization of the parameter.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "depends-on" : { "title" : "Depends on", "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -2385,8 +2265,7 @@ { "expression" : { "title" : "Constraint test", "description" : "A formal (executable) expression of a constraint", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -2410,8 +2289,7 @@ { "title" : "Parameter Value", "description" : "A parameter value or set of values.", "$id" : "#field_oscal-catalog-common_parameter-value", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-ap-oscal-catalog-common:parameter-selection" : { "title" : "Selection", "description" : "Presenting a choice among alternatives", @@ -2421,11 +2299,13 @@ { "how-many" : { "title" : "Parameter Cardinality", "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "one", - "one-or-more" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "one", + "one-or-more" ] } ] }, "choice" : { "type" : "array", "minItems" : 1, @@ -2449,13 +2329,11 @@ { "uuid" : { "title" : "Component Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Component Type", "description" : "A category describing the purpose of the component.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "title" : { "title" : "Component Title", "description" : "A human readable name for the system component.", @@ -2486,13 +2364,15 @@ { "state" : { "title" : "State", "description" : "The operational status.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "under-development", - "operational", - "disposition", - "other" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "under-development", + "operational", + "disposition", + "other" ] } ] }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -2526,13 +2406,11 @@ { "uuid" : { "title" : "Service Protocol Information Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "name" : { "title" : "Protocol Name", "description" : "The common name of the protocol, which should be the appropriate \"service name\" from the IANA Service Name and Transport Protocol Port Number Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "title" : { "title" : "Protocol Title", "description" : "A human readable name for the protocol (e.g., Transport Layer Security).", @@ -2554,23 +2432,21 @@ { "start" : { "title" : "Start", "description" : "Indicates the starting port number in a port range", - "type" : "integer", - "multipleOf" : 1, - "minimum" : 0 }, + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, "end" : { "title" : "End", "description" : "Indicates the ending port number in a port range", - "type" : "integer", - "multipleOf" : 1, - "minimum" : 0 }, + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, "transport" : { "title" : "Transport", "description" : "Indicates the transport type.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "TCP", - "UDP" ] } }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "TCP", + "UDP" ] } ] } }, "additionalProperties" : false }, "oscal-ap-oscal-implementation-common:implementation-status" : { "title" : "Implementation Status", @@ -2581,8 +2457,7 @@ { "state" : { "title" : "Implementation State", "description" : "Identifies the implementation status of the control or control objective.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -2597,8 +2472,7 @@ { "uuid" : { "title" : "User Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "User Title", "description" : "A name given to the user, which may be used by a tool for display and navigation.", @@ -2606,8 +2480,7 @@ "short-name" : { "title" : "User Short Name", "description" : "A short common name, abbreviation, or acronym for the user.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "description" : { "title" : "User Description", "description" : "A summary of the user's purpose within the system.", @@ -2664,8 +2537,7 @@ { "title" : "Functions Performed", "description" : "Describes a function performed for a given authorized privilege by this user class.", "$id" : "#field_oscal-implementation-common_function-performed", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-ap-oscal-implementation-common:inventory-item" : { "title" : "Inventory Item", "description" : "A single managed inventory item within the system.", @@ -2675,8 +2547,7 @@ { "uuid" : { "title" : "Inventory Item Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Inventory Item Description", "description" : "A summary of the inventory item stating its purpose within the system.", @@ -2707,8 +2578,7 @@ { "component-uuid" : { "title" : "Component Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -2744,16 +2614,14 @@ { "param-id" : { "title" : "Parameter ID", "description" : "A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "values" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Parameter Value", "description" : "A parameter value or set of values.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } }, + "$ref" : "#/definitions/StringDatatype" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -2769,14 +2637,57 @@ { "identifier-type" : { "title" : "Identification System Type", "description" : "Identifies the identification system from which the provided identifier was assigned.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "id" : { "type" : "string" } }, "required" : [ "id" ], - "additionalProperties" : false } }, + "additionalProperties" : false }, + "Base64Datatype" : + { "type" : "string", + "pattern" : "^[0-9A-Fa-f]+$", + "contentEncoding" : "base64" }, + "DateTimeWithTimezoneDatatype" : + { "type" : "string", + "format" : "date-time", + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "EmailAddressDatatype" : + { "type" : "string", + "format" : "email", + "pattern" : "^.+@.+$" }, + "IntegerDatatype" : + { "type" : "integer" }, + "NonNegativeIntegerDatatype" : + { "allOf" : + [ + { "$ref" : "#/definitions/IntegerDatatype" }, + + { "minimum" : 0, + "type" : "number" } ] }, + "PositiveIntegerDatatype" : + { "allOf" : + [ + { "$ref" : "#/definitions/IntegerDatatype" }, + + { "minimum" : 1, + "type" : "number" } ] }, + "StringDatatype" : + { "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "TokenDatatype" : + { "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "URIDatatype" : + { "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "URIReferenceDatatype" : + { "type" : "string", + "format" : "uri-reference" }, + "UUIDDatatype" : + { "type" : "string", + "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, "properties" : { "assessment-plan" : { "$ref" : "#assembly_oscal-ap_assessment-plan" } }, diff --git a/json/schema/oscal_assessment-results_schema.json b/json/schema/oscal_assessment-results_schema.json index 3de238ca15..c06b908971 100644 --- a/json/schema/oscal_assessment-results_schema.json +++ b/json/schema/oscal_assessment-results_schema.json @@ -13,8 +13,7 @@ { "uuid" : { "title" : "Assessment Results Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment results instance in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "metadata" : { "$ref" : "#assembly_oscal-metadata_metadata" }, "import-ap" : @@ -59,8 +58,7 @@ { "uuid" : { "title" : "Results Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this set of results in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Results Title", "description" : "The title for this set of results.", @@ -72,15 +70,11 @@ "start" : { "title" : "start field", "description" : "Date/time stamp identifying the start of the evidence collection reflected in these results.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "end" : { "title" : "end field", "description" : "Date/time stamp identifying the end of the evidence collection reflected in these results. In a continuous motoring scenario, this may contain the same value as start if appropriate.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -158,8 +152,7 @@ { "uuid" : { "title" : "Assessment Log Entry Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference an assessment event in this or other OSCAL instances. The locally defined UUID of the assessment log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Action Title", "description" : "The title for this event.", @@ -171,15 +164,11 @@ "start" : { "title" : "Start", "description" : "Identifies the start date and time of an event.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "end" : { "title" : "End", "description" : "Identifies the end date and time of an event. If the event is a point in time, the start and end will be the same date and time.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -242,8 +231,7 @@ { "uuid" : { "title" : "Finding Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Finding Title", "description" : "The title for this finding.", @@ -272,8 +260,7 @@ "implementation-statement-uuid" : { "title" : "Implementation Statement UUID", "description" : "A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "related-observations" : { "type" : "array", "minItems" : 1, @@ -285,8 +272,7 @@ { "observation-uuid" : { "title" : "Observation Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "required" : [ "observation-uuid" ], "additionalProperties" : false } }, @@ -301,8 +287,7 @@ { "risk-uuid" : { "title" : "Risk Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a risk defined in the list of risks.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "required" : [ "risk-uuid" ], "additionalProperties" : false } }, @@ -323,8 +308,7 @@ { "href" : { "title" : "Assessment Plan Reference", "description" : "A resolvable URL reference to the assessment plan governing the assessment activities.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -438,8 +422,7 @@ { "uuid" : { "title" : "Location Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Location Title", "description" : "A name given to the location, which may be used by a tool for display and navigation.", @@ -462,9 +445,7 @@ "items" : { "title" : "Location URL", "description" : "The uniform resource locator (URL) for a web site or Internet presence associated with the location.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" } }, + "$ref" : "#/definitions/URIDatatype" } }, "props" : { "type" : "array", "minItems" : 1, @@ -485,8 +466,7 @@ { "title" : "Location Reference", "description" : "A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", "$id" : "#field_oscal-metadata_location-uuid", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "oscal-ar-oscal-metadata:party" : { "title" : "Party (organization or person)", "description" : "A responsible entity which is either a person or an organization.", @@ -496,26 +476,25 @@ { "uuid" : { "title" : "Party Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Party Type", "description" : "A category describing the kind of party the object describes.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$", - "enum" : - [ "person", - "organization" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, "name" : { "title" : "Party Name", "description" : "The full name of the party. This is typically the legal name associated with the party.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "short-name" : { "title" : "Party Short Name", "description" : "A short common name, abbreviation, or acronym for the party.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "external-ids" : { "type" : "array", "minItems" : 1, @@ -527,9 +506,7 @@ { "scheme" : { "title" : "External Identifier Schema", "description" : "Indicates the type of external identifier.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "id" : { "type" : "string" } }, "required" : @@ -572,8 +549,7 @@ "items" : { "title" : "Organizational Affiliation", "description" : "A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -584,8 +560,7 @@ { "title" : "Party Reference", "description" : "A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", "$id" : "#field_oscal-metadata_party-uuid", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "oscal-ar-oscal-metadata:role" : { "title" : "Role", "description" : "Defines a function assumed or expected to be assumed by a party in a specific situation.", @@ -595,8 +570,7 @@ { "id" : { "title" : "Role Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Role Title", "description" : "A name given to the role, which may be used by a tool for display and navigation.", @@ -604,8 +578,7 @@ "short-name" : { "title" : "Role Short Name", "description" : "A short common name, abbreviation, or acronym for the role.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "description" : { "title" : "Role Description", "description" : "A summary of the role's purpose and associated responsibilities.", @@ -630,8 +603,7 @@ { "title" : "Role Identifier Reference", "description" : "A human-oriented identifier reference to roles served by the user.", "$id" : "#field_oscal-metadata_role-id", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "oscal-ar-oscal-metadata:back-matter" : { "title" : "Back matter", "description" : "A collection of resources, which may be included directly or by reference.", @@ -649,8 +621,7 @@ { "uuid" : { "title" : "Resource Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Resource Title", "description" : "A name given to the resource, which may be used by a tool for display and navigation.", @@ -702,13 +673,11 @@ { "href" : { "title" : "Hypertext Reference", "description" : "A resolvable URI reference to a resource.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "hashes" : { "type" : "array", "minItems" : 1, @@ -725,13 +694,11 @@ { "filename" : { "title" : "File Name", "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, "required" : @@ -752,29 +719,23 @@ { "name" : { "title" : "Property Name", "description" : "A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "uuid" : { "title" : "Property Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "ns" : { "title" : "Property Namespace", "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "value" : { "title" : "Property Value", "description" : "Indicates the value of the attribute, characteristic, or quality.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "class" : { "title" : "Property Class", "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -790,18 +751,15 @@ { "href" : { "title" : "Hypertext Reference", "description" : "A resolvable URL reference to a resource.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "rel" : { "title" : "Relation", "description" : "Describes the type of relationship provided by the link. This can be an indicator of the link's purpose.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", @@ -818,8 +776,7 @@ { "role-id" : { "title" : "Responsible Role", "description" : "A human-oriented identifier reference to roles served by the user.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "party-uuids" : { "type" : "array", "minItems" : 1, @@ -850,8 +807,7 @@ { "role-id" : { "title" : "Responsible Role ID", "description" : "A human-oriented identifier reference to roles responsible for the business function.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -881,8 +837,7 @@ { "algorithm" : { "title" : "Hash algorithm", "description" : "Method by which a hash is derived", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, "required" : @@ -898,35 +853,27 @@ { "title" : "Publication Timestamp", "description" : "The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", "$id" : "#field_oscal-metadata_published", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-ar-oscal-metadata:last-modified" : { "title" : "Last Modified Timestamp", "description" : "The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", "$id" : "#field_oscal-metadata_last-modified", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-ar-oscal-metadata:version" : { "title" : "Document Version", "description" : "A string used to distinguish the current version of the document from other previous (and future) versions.", "$id" : "#field_oscal-metadata_version", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-ar-oscal-metadata:oscal-version" : { "title" : "OSCAL version", "description" : "The OSCAL model version the document was authored against.", "$id" : "#field_oscal-metadata_oscal-version", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-ar-oscal-metadata:email-address" : { "title" : "Email Address", "description" : "An email address as defined by RFC 5322 Section 3.4.1.", "$id" : "#field_oscal-metadata_email-address", - "type" : "string", - "format" : "email", - "pattern" : "^.+@.+$" }, + "$ref" : "#/definitions/EmailAddressDatatype" }, "oscal-ar-oscal-metadata:telephone-number" : { "title" : "Telephone Number", "description" : "Contact number by telephone.", @@ -936,8 +883,7 @@ { "type" : { "title" : "type flag", "description" : "Indicates the type of phone number.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "number" : { "type" : "string" } }, "required" : @@ -952,8 +898,7 @@ { "type" : { "title" : "Address Type", "description" : "Indicates the type of address.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "addr-lines" : { "type" : "array", "minItems" : 1, @@ -962,30 +907,25 @@ "city" : { "title" : "City", "description" : "City, town or geographical region for the mailing address.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "state" : { "title" : "State", "description" : "State, province or analogous geographical region for mailing address", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "postal-code" : { "title" : "Postal Code", "description" : "Postal or ZIP code for mailing address", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "country" : { "title" : "Country Code", "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } }, + "$ref" : "#/definitions/StringDatatype" } }, "additionalProperties" : false }, "oscal-ar-oscal-metadata:addr-line" : { "title" : "Address line", "description" : "A single line of an address.", "$id" : "#field_oscal-metadata_addr-line", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-ar-oscal-metadata:document-id" : { "title" : "Document Identifier", "description" : "A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of \"document-id\" is equal to the value of the \"uuid\" flag of the top-level root element.", @@ -995,9 +935,7 @@ { "scheme" : { "title" : "Document Identification Scheme", "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "identifier" : { "type" : "string" } }, "required" : @@ -1012,8 +950,7 @@ { "href" : { "title" : "System Security Plan Reference", "description" : "A resolvable URL reference to the system security plan for the system being assessed.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1028,8 +965,7 @@ { "control-id" : { "title" : "Control Identifier Reference", "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "description" : { "title" : "Objective Description", "description" : "A human-readable description of this control objective.", @@ -1064,8 +1000,7 @@ { "uuid" : { "title" : "Assessment Method Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Assessment Method Description", "description" : "A human-readable description of this assessment method.", @@ -1097,8 +1032,7 @@ { "uuid" : { "title" : "Assessment Activity Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Included Activity Title", "description" : "The title for this included activity.", @@ -1128,8 +1062,7 @@ { "uuid" : { "title" : "Step Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Step Title", "description" : "The title for this step.", @@ -1183,13 +1116,11 @@ { "uuid" : { "title" : "Task Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Task Type", "description" : "The type of task.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Task Title", "description" : "The title for this task.", @@ -1221,9 +1152,7 @@ { "date" : { "title" : "On Date Condition", "description" : "The task must occur on the specified date.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" } }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, "required" : [ "date" ], "additionalProperties" : false }, @@ -1235,15 +1164,11 @@ { "start" : { "title" : "Start Date Condition", "description" : "The task must occur on or after the specified date.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "end" : { "title" : "End Date Condition", "description" : "The task must occur on or before the specified date.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" } }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, "required" : [ "start", "end" ], @@ -1256,21 +1181,21 @@ { "period" : { "title" : "Period", "description" : "The task must occur after the specified period has elapsed.", - "type" : "integer", - "multipleOf" : 1, - "minimum" : 1 }, + "$ref" : "#/definitions/PositiveIntegerDatatype" }, "unit" : { "title" : "Time Unit", "description" : "The unit of time for the period.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$", - "enum" : - [ "seconds", - "minutes", - "hours", - "days", - "months", - "years" ] } }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "seconds", + "minutes", + "hours", + "days", + "months", + "years" ] } ] } }, "required" : [ "period", "unit" ], @@ -1287,8 +1212,7 @@ { "task-uuid" : { "title" : "Task Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a unique task.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1310,8 +1234,7 @@ { "activity-uuid" : { "title" : "Activity Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to an activity defined in the list of activities.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1463,16 +1386,14 @@ { "control-id" : { "title" : "Control Identifier Reference", "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "statement-ids" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Include Specific Statements", "description" : "Used to constrain the selection to only specificity identified statements.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" } } }, + "$ref" : "#/definitions/TokenDatatype" } } }, "required" : [ "control-id" ], "additionalProperties" : false }, @@ -1485,8 +1406,7 @@ { "objective-id" : { "title" : "Objective ID", "description" : "Points to an assessment objective.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" } }, + "$ref" : "#/definitions/TokenDatatype" } }, "required" : [ "objective-id" ], "additionalProperties" : false }, @@ -1499,8 +1419,7 @@ { "uuid" : { "title" : "Assessment Subject Placeholder Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Assessment Subject Placeholder Description", "description" : "A human-readable description of intent of this assessment subject placeholder.", @@ -1516,8 +1435,7 @@ { "task-uuid" : { "title" : "Task Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "required" : [ "task-uuid" ], "additionalProperties" : false } }, @@ -1546,8 +1464,7 @@ { "type" : { "title" : "Subject Type", "description" : "Indicates the type of assessment subject, such as a component, inventory, item, location, or party represented by this selection statement.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "description" : { "title" : "Include Subjects Description", "description" : "A human-readable description of the collection of subjects being included in this assessment.", @@ -1588,13 +1505,11 @@ { "subject-uuid" : { "title" : "Subject Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Subject Universally Unique Identifier Reference Type", "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1620,13 +1535,11 @@ { "subject-uuid" : { "title" : "Subject Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Subject Universally Unique Identifier Reference Type", "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Subject Reference Title", "description" : "The title or name for the referenced subject.", @@ -1669,8 +1582,7 @@ { "uuid" : { "title" : "Assessment Platform Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Assessment Platform Title", "description" : "The title or name for the assessment platform.", @@ -1696,8 +1608,7 @@ { "component-uuid" : { "title" : "Component Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1735,16 +1646,17 @@ { "type" : { "title" : "Finding Target Type", "description" : "Identifies the type of the target.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$", - "enum" : - [ "statement-id", - "objective-id" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "statement-id", + "objective-id" ] } ] }, "target-id" : { "title" : "Finding Target Identifier Reference", "description" : "A machine-oriented identifier reference for a specific target qualified by the type.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Objective Status Title", "description" : "The title for this objective status.", @@ -1771,16 +1683,17 @@ { "state" : { "title" : "Objective Status State", "description" : "An indication as to whether the objective is satisfied or not.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "satisfied", - "not-satisfied" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "satisfied", + "not-satisfied" ] } ] }, "reason" : { "title" : "Objective Status Reason", "description" : "The reason the objective was given it's status.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1804,8 +1717,7 @@ { "uuid" : { "title" : "Observation Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Observation Title", "description" : "The title for this observation.", @@ -1830,16 +1742,14 @@ "items" : { "title" : "Observation Method", "description" : "Identifies how the observation was made.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } }, + "$ref" : "#/definitions/StringDatatype" } }, "types" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Observation Type", "description" : "Identifies the nature of the observation. More than one may be used to further qualify and enable filtering.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" } }, + "$ref" : "#/definitions/TokenDatatype" } }, "origins" : { "type" : "array", "minItems" : 1, @@ -1861,8 +1771,7 @@ { "href" : { "title" : "Relevant Evidence Reference", "description" : "A resolvable URL reference to relevant evidence.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "description" : { "title" : "Relevant Evidence Description", "description" : "A human-readable description of this evidence.", @@ -1885,15 +1794,11 @@ "collected" : { "title" : "Collected Field", "description" : "Date/time stamp identifying when the finding information was collected.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "expires" : { "title" : "Expires Field", "description" : "Date/time identifying when the finding information is out-of-date and no longer valid. Typically used with continuous assessment scenarios.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1930,22 +1835,22 @@ { "type" : { "title" : "Actor Type", "description" : "The kind of actor.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "tool", - "assessment-platform", - "party" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "tool", + "assessment-platform", + "party" ] } ] }, "actor-uuid" : { "title" : "Actor Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to the tool or person based on the associated type.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "role-id" : { "title" : "Actor Role", "description" : "For a party, this can optionally be used to specify the role the actor was performing.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1969,8 +1874,7 @@ { "task-uuid" : { "title" : "Task Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a unique task.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1999,8 +1903,7 @@ { "subject-placeholder-uuid" : { "title" : "Assessment Subject Placeholder Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "subjects" : { "type" : "array", "minItems" : 1, @@ -2024,14 +1927,11 @@ { "system" : { "title" : "Threat Type Identification System", "description" : "Specifies the source of the threat information.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "href" : { "title" : "Threat Information Resource Reference", "description" : "An optional location for the threat data, from which this ID originates.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "id" : { "type" : "string" } }, "required" : @@ -2047,8 +1947,7 @@ { "uuid" : { "title" : "Risk Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Risk Title", "description" : "The title for this risk.", @@ -2099,13 +1998,11 @@ { "uuid" : { "title" : "Mitigating Factor Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "implementation-uuid" : { "title" : "Implementation UUID", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Mitigating Factor Description", "description" : "A human-readable description of this mitigating factor.", @@ -2132,9 +2029,7 @@ "deadline" : { "title" : "Risk Resolution Deadline", "description" : "The date/time by which the risk must be resolved.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "remediations" : { "type" : "array", "minItems" : 1, @@ -2156,8 +2051,7 @@ { "uuid" : { "title" : "Risk Log Entry Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Title", "description" : "The title for this risk log entry.", @@ -2169,15 +2063,11 @@ "start" : { "title" : "Start", "description" : "Identifies the start date and time of the event.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "end" : { "title" : "End", "description" : "Identifies the end date and time of the event. If the event is a point in time, the start and end will be the same date and time.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -2206,8 +2096,7 @@ { "response-uuid" : { "title" : "Response Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a unique risk response.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -2248,8 +2137,7 @@ { "observation-uuid" : { "title" : "Observation Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "required" : [ "observation-uuid" ], "additionalProperties" : false } } }, @@ -2269,13 +2157,11 @@ { "party-uuid" : { "title" : "Party UUID Reference", "description" : "A machine-oriented identifier reference to the party who is making the log entry.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "role-id" : { "title" : "Actor Role", "description" : "A point to the role-id of the role in which the party is making the log entry.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" } }, + "$ref" : "#/definitions/TokenDatatype" } }, "required" : [ "party-uuid" ], "additionalProperties" : false }, @@ -2283,8 +2169,7 @@ { "title" : "Risk Status", "description" : "Describes the status of the associated risk.", "$id" : "#field_oscal-assessment-common_risk-status", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "oscal-ar-oscal-assessment-common:characterization" : { "title" : "Characterization", "description" : "A collection of descriptive data about the containing object from a specific origin.", @@ -2314,19 +2199,15 @@ { "name" : { "title" : "Facet Name", "description" : "The name of the risk metric within the specified system.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "system" : { "title" : "Naming System", "description" : "Specifies the naming system under which this risk metric is organized, which allows for the same names to be used in different systems controlled by different parties. This avoids the potential of a name clash.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "value" : { "title" : "Facet Value", "description" : "Indicates the value of the facet.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -2357,13 +2238,11 @@ { "uuid" : { "title" : "Remediation Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "lifecycle" : { "title" : "Remediation Intent", "description" : "Identifies whether this is a recommendation, such as from an assessor or tool, or an actual plan accepted by the system owner.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Response Title", "description" : "The title for this response activity.", @@ -2398,8 +2277,7 @@ { "uuid" : { "title" : "Required Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "subjects" : { "type" : "array", "minItems" : 1, @@ -2451,24 +2329,19 @@ { "uuid" : { "title" : "Part Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "name" : { "title" : "Part Name", "description" : "A textual label that uniquely identifies the part's semantic type.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "ns" : { "title" : "Part Namespace", "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "class" : { "title" : "Part Class", "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Part Title", "description" : "A name given to the part, which may be used by a tool for display and navigation.", @@ -2504,24 +2377,19 @@ { "id" : { "title" : "Part Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "name" : { "title" : "Part Name", "description" : "A textual label that uniquely identifies the part's semantic type.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "ns" : { "title" : "Part Namespace", "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "class" : { "title" : "Part Class", "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Part Title", "description" : "A name given to the part, which may be used by a tool for display and navigation.", @@ -2557,18 +2425,15 @@ { "id" : { "title" : "Parameter Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Parameter Class", "description" : "A textual label that provides a characterization of the parameter.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "depends-on" : { "title" : "Depends on", "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -2630,8 +2495,7 @@ { "expression" : { "title" : "Constraint test", "description" : "A formal (executable) expression of a constraint", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -2655,8 +2519,7 @@ { "title" : "Parameter Value", "description" : "A parameter value or set of values.", "$id" : "#field_oscal-catalog-common_parameter-value", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-ar-oscal-catalog-common:parameter-selection" : { "title" : "Selection", "description" : "Presenting a choice among alternatives", @@ -2666,11 +2529,13 @@ { "how-many" : { "title" : "Parameter Cardinality", "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "one", - "one-or-more" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "one", + "one-or-more" ] } ] }, "choice" : { "type" : "array", "minItems" : 1, @@ -2694,13 +2559,11 @@ { "uuid" : { "title" : "Component Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Component Type", "description" : "A category describing the purpose of the component.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "title" : { "title" : "Component Title", "description" : "A human readable name for the system component.", @@ -2731,13 +2594,15 @@ { "state" : { "title" : "State", "description" : "The operational status.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "under-development", - "operational", - "disposition", - "other" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "under-development", + "operational", + "disposition", + "other" ] } ] }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -2771,13 +2636,11 @@ { "uuid" : { "title" : "Service Protocol Information Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "name" : { "title" : "Protocol Name", "description" : "The common name of the protocol, which should be the appropriate \"service name\" from the IANA Service Name and Transport Protocol Port Number Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "title" : { "title" : "Protocol Title", "description" : "A human readable name for the protocol (e.g., Transport Layer Security).", @@ -2799,23 +2662,21 @@ { "start" : { "title" : "Start", "description" : "Indicates the starting port number in a port range", - "type" : "integer", - "multipleOf" : 1, - "minimum" : 0 }, + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, "end" : { "title" : "End", "description" : "Indicates the ending port number in a port range", - "type" : "integer", - "multipleOf" : 1, - "minimum" : 0 }, + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, "transport" : { "title" : "Transport", "description" : "Indicates the transport type.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "TCP", - "UDP" ] } }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "TCP", + "UDP" ] } ] } }, "additionalProperties" : false }, "oscal-ar-oscal-implementation-common:implementation-status" : { "title" : "Implementation Status", @@ -2826,8 +2687,7 @@ { "state" : { "title" : "Implementation State", "description" : "Identifies the implementation status of the control or control objective.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -2842,8 +2702,7 @@ { "uuid" : { "title" : "User Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "User Title", "description" : "A name given to the user, which may be used by a tool for display and navigation.", @@ -2851,8 +2710,7 @@ "short-name" : { "title" : "User Short Name", "description" : "A short common name, abbreviation, or acronym for the user.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "description" : { "title" : "User Description", "description" : "A summary of the user's purpose within the system.", @@ -2909,8 +2767,7 @@ { "title" : "Functions Performed", "description" : "Describes a function performed for a given authorized privilege by this user class.", "$id" : "#field_oscal-implementation-common_function-performed", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-ar-oscal-implementation-common:inventory-item" : { "title" : "Inventory Item", "description" : "A single managed inventory item within the system.", @@ -2920,8 +2777,7 @@ { "uuid" : { "title" : "Inventory Item Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Inventory Item Description", "description" : "A summary of the inventory item stating its purpose within the system.", @@ -2952,8 +2808,7 @@ { "component-uuid" : { "title" : "Component Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -2989,16 +2844,14 @@ { "param-id" : { "title" : "Parameter ID", "description" : "A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "values" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Parameter Value", "description" : "A parameter value or set of values.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } }, + "$ref" : "#/definitions/StringDatatype" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -3014,14 +2867,57 @@ { "identifier-type" : { "title" : "Identification System Type", "description" : "Identifies the identification system from which the provided identifier was assigned.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "id" : { "type" : "string" } }, "required" : [ "id" ], - "additionalProperties" : false } }, + "additionalProperties" : false }, + "Base64Datatype" : + { "type" : "string", + "pattern" : "^[0-9A-Fa-f]+$", + "contentEncoding" : "base64" }, + "DateTimeWithTimezoneDatatype" : + { "type" : "string", + "format" : "date-time", + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "EmailAddressDatatype" : + { "type" : "string", + "format" : "email", + "pattern" : "^.+@.+$" }, + "IntegerDatatype" : + { "type" : "integer" }, + "NonNegativeIntegerDatatype" : + { "allOf" : + [ + { "$ref" : "#/definitions/IntegerDatatype" }, + + { "minimum" : 0, + "type" : "number" } ] }, + "PositiveIntegerDatatype" : + { "allOf" : + [ + { "$ref" : "#/definitions/IntegerDatatype" }, + + { "minimum" : 1, + "type" : "number" } ] }, + "StringDatatype" : + { "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "TokenDatatype" : + { "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "URIDatatype" : + { "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "URIReferenceDatatype" : + { "type" : "string", + "format" : "uri-reference" }, + "UUIDDatatype" : + { "type" : "string", + "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, "properties" : { "assessment-results" : { "$ref" : "#assembly_oscal-ar_assessment-results" } }, diff --git a/json/schema/oscal_catalog_schema.json b/json/schema/oscal_catalog_schema.json index 9f2233a78a..8e4a05e4f2 100644 --- a/json/schema/oscal_catalog_schema.json +++ b/json/schema/oscal_catalog_schema.json @@ -13,8 +13,7 @@ { "uuid" : { "title" : "Catalog Universally Unique Identifier", "description" : "A globally unique identifier with cross-instance scope for this catalog instance. This UUID should be changed when this document is revised.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "metadata" : { "$ref" : "#assembly_oscal-metadata_metadata" }, "params" : @@ -47,13 +46,11 @@ { "id" : { "title" : "Group Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Group Class", "description" : "A textual label that provides a sub-type or characterization of the group.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Group Title", "description" : "A name given to the group, which may be used by a tool for display and navigation.", @@ -100,13 +97,11 @@ { "id" : { "title" : "Control Identifier", "description" : "A human-oriented, locally unique identifier with instance scope that can be used to reference this control elsewhere in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same control across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Control Class", "description" : "A textual label that provides a sub-type or characterization of the control.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Control Title", "description" : "A name given to the control, which may be used by a tool for display and navigation.", @@ -139,8 +134,7 @@ { "uuid" : { "title" : "Mapping Identifier", "description" : "The unique identifier for the mapping.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "target-resource" : { "$ref" : "#assembly_oscal-mapping-common_mapping-resource-reference" }, "maps" : @@ -171,24 +165,19 @@ { "id" : { "title" : "Part Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "name" : { "title" : "Part Name", "description" : "A textual label that uniquely identifies the part's semantic type.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "ns" : { "title" : "Part Namespace", "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "class" : { "title" : "Part Class", "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Part Title", "description" : "A name given to the part, which may be used by a tool for display and navigation.", @@ -224,18 +213,15 @@ { "id" : { "title" : "Parameter Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Parameter Class", "description" : "A textual label that provides a characterization of the parameter.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "depends-on" : { "title" : "Depends on", "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -297,8 +283,7 @@ { "expression" : { "title" : "Constraint test", "description" : "A formal (executable) expression of a constraint", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -322,8 +307,7 @@ { "title" : "Parameter Value", "description" : "A parameter value or set of values.", "$id" : "#field_oscal-catalog-common_parameter-value", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-catalog-oscal-catalog-common:parameter-selection" : { "title" : "Selection", "description" : "Presenting a choice among alternatives", @@ -333,11 +317,13 @@ { "how-many" : { "title" : "Parameter Cardinality", "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "one", - "one-or-more" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "one", + "one-or-more" ] } ] }, "choice" : { "type" : "array", "minItems" : 1, @@ -460,8 +446,7 @@ { "uuid" : { "title" : "Location Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Location Title", "description" : "A name given to the location, which may be used by a tool for display and navigation.", @@ -484,9 +469,7 @@ "items" : { "title" : "Location URL", "description" : "The uniform resource locator (URL) for a web site or Internet presence associated with the location.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" } }, + "$ref" : "#/definitions/URIDatatype" } }, "props" : { "type" : "array", "minItems" : 1, @@ -507,8 +490,7 @@ { "title" : "Location Reference", "description" : "A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", "$id" : "#field_oscal-metadata_location-uuid", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "oscal-catalog-oscal-metadata:party" : { "title" : "Party (organization or person)", "description" : "A responsible entity which is either a person or an organization.", @@ -518,26 +500,25 @@ { "uuid" : { "title" : "Party Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Party Type", "description" : "A category describing the kind of party the object describes.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$", - "enum" : - [ "person", - "organization" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, "name" : { "title" : "Party Name", "description" : "The full name of the party. This is typically the legal name associated with the party.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "short-name" : { "title" : "Party Short Name", "description" : "A short common name, abbreviation, or acronym for the party.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "external-ids" : { "type" : "array", "minItems" : 1, @@ -549,9 +530,7 @@ { "scheme" : { "title" : "External Identifier Schema", "description" : "Indicates the type of external identifier.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "id" : { "type" : "string" } }, "required" : @@ -594,8 +573,7 @@ "items" : { "title" : "Organizational Affiliation", "description" : "A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -606,8 +584,7 @@ { "title" : "Party Reference", "description" : "A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", "$id" : "#field_oscal-metadata_party-uuid", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "oscal-catalog-oscal-metadata:role" : { "title" : "Role", "description" : "Defines a function assumed or expected to be assumed by a party in a specific situation.", @@ -617,8 +594,7 @@ { "id" : { "title" : "Role Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Role Title", "description" : "A name given to the role, which may be used by a tool for display and navigation.", @@ -626,8 +602,7 @@ "short-name" : { "title" : "Role Short Name", "description" : "A short common name, abbreviation, or acronym for the role.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "description" : { "title" : "Role Description", "description" : "A summary of the role's purpose and associated responsibilities.", @@ -652,8 +627,7 @@ { "title" : "Role Identifier Reference", "description" : "A human-oriented identifier reference to roles served by the user.", "$id" : "#field_oscal-metadata_role-id", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "oscal-catalog-oscal-metadata:back-matter" : { "title" : "Back matter", "description" : "A collection of resources, which may be included directly or by reference.", @@ -671,8 +645,7 @@ { "uuid" : { "title" : "Resource Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Resource Title", "description" : "A name given to the resource, which may be used by a tool for display and navigation.", @@ -724,13 +697,11 @@ { "href" : { "title" : "Hypertext Reference", "description" : "A resolvable URI reference to a resource.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "hashes" : { "type" : "array", "minItems" : 1, @@ -747,13 +718,11 @@ { "filename" : { "title" : "File Name", "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, "required" : @@ -774,29 +743,23 @@ { "name" : { "title" : "Property Name", "description" : "A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "uuid" : { "title" : "Property Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "ns" : { "title" : "Property Namespace", "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "value" : { "title" : "Property Value", "description" : "Indicates the value of the attribute, characteristic, or quality.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "class" : { "title" : "Property Class", "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -812,18 +775,15 @@ { "href" : { "title" : "Hypertext Reference", "description" : "A resolvable URL reference to a resource.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "rel" : { "title" : "Relation", "description" : "Describes the type of relationship provided by the link. This can be an indicator of the link's purpose.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", @@ -840,8 +800,7 @@ { "role-id" : { "title" : "Responsible Role", "description" : "A human-oriented identifier reference to roles served by the user.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "party-uuids" : { "type" : "array", "minItems" : 1, @@ -872,8 +831,7 @@ { "role-id" : { "title" : "Responsible Role ID", "description" : "A human-oriented identifier reference to roles responsible for the business function.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -903,8 +861,7 @@ { "algorithm" : { "title" : "Hash algorithm", "description" : "Method by which a hash is derived", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, "required" : @@ -920,35 +877,27 @@ { "title" : "Publication Timestamp", "description" : "The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", "$id" : "#field_oscal-metadata_published", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-catalog-oscal-metadata:last-modified" : { "title" : "Last Modified Timestamp", "description" : "The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", "$id" : "#field_oscal-metadata_last-modified", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-catalog-oscal-metadata:version" : { "title" : "Document Version", "description" : "A string used to distinguish the current version of the document from other previous (and future) versions.", "$id" : "#field_oscal-metadata_version", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-catalog-oscal-metadata:oscal-version" : { "title" : "OSCAL version", "description" : "The OSCAL model version the document was authored against.", "$id" : "#field_oscal-metadata_oscal-version", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-catalog-oscal-metadata:email-address" : { "title" : "Email Address", "description" : "An email address as defined by RFC 5322 Section 3.4.1.", "$id" : "#field_oscal-metadata_email-address", - "type" : "string", - "format" : "email", - "pattern" : "^.+@.+$" }, + "$ref" : "#/definitions/EmailAddressDatatype" }, "oscal-catalog-oscal-metadata:telephone-number" : { "title" : "Telephone Number", "description" : "Contact number by telephone.", @@ -958,8 +907,7 @@ { "type" : { "title" : "type flag", "description" : "Indicates the type of phone number.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "number" : { "type" : "string" } }, "required" : @@ -974,8 +922,7 @@ { "type" : { "title" : "Address Type", "description" : "Indicates the type of address.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "addr-lines" : { "type" : "array", "minItems" : 1, @@ -984,30 +931,25 @@ "city" : { "title" : "City", "description" : "City, town or geographical region for the mailing address.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "state" : { "title" : "State", "description" : "State, province or analogous geographical region for mailing address", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "postal-code" : { "title" : "Postal Code", "description" : "Postal or ZIP code for mailing address", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "country" : { "title" : "Country Code", "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } }, + "$ref" : "#/definitions/StringDatatype" } }, "additionalProperties" : false }, "oscal-catalog-oscal-metadata:addr-line" : { "title" : "Address line", "description" : "A single line of an address.", "$id" : "#field_oscal-metadata_addr-line", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-catalog-oscal-metadata:document-id" : { "title" : "Document Identifier", "description" : "A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of \"document-id\" is equal to the value of the \"uuid\" flag of the top-level root element.", @@ -1017,9 +959,7 @@ { "scheme" : { "title" : "Document Identification Scheme", "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "identifier" : { "type" : "string" } }, "required" : @@ -1034,8 +974,7 @@ { "uuid" : { "title" : "Mapping Entry Identifier", "description" : "The unique identifier for the mapping entry.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1054,9 +993,7 @@ { "ns" : { "title" : "Relationship Value Namespace", "description" : "A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "STRVALUE" : { "type" : "string" } }, "required" : @@ -1095,16 +1032,17 @@ { "type" : { "title" : "Subject Type", "description" : "The semantic type of the subject.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "control", - "statement" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "control", + "statement" ] } ] }, "id-ref" : { "title" : "Subject Type", "description" : "The semantic type of the subject.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1130,15 +1068,16 @@ { "type" : { "title" : "Resource Type", "description" : "The semantic type of the resource.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "catalog" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "catalog" ] } ] }, "href" : { "title" : "Catalog or Profile Reference", "description" : "A resolvable URL reference to the base catalog or profile that this profile is tailoring.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1154,7 +1093,36 @@ "required" : [ "type", "href" ], - "additionalProperties" : false } }, + "additionalProperties" : false }, + "Base64Datatype" : + { "type" : "string", + "pattern" : "^[0-9A-Fa-f]+$", + "contentEncoding" : "base64" }, + "DateTimeWithTimezoneDatatype" : + { "type" : "string", + "format" : "date-time", + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "EmailAddressDatatype" : + { "type" : "string", + "format" : "email", + "pattern" : "^.+@.+$" }, + "StringDatatype" : + { "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "TokenDatatype" : + { "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "URIDatatype" : + { "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "URIReferenceDatatype" : + { "type" : "string", + "format" : "uri-reference" }, + "UUIDDatatype" : + { "type" : "string", + "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, "properties" : { "catalog" : { "$ref" : "#assembly_oscal-catalog_catalog" } }, diff --git a/json/schema/oscal_complete_schema.json b/json/schema/oscal_complete_schema.json index 71a2657f22..933567b602 100644 --- a/json/schema/oscal_complete_schema.json +++ b/json/schema/oscal_complete_schema.json @@ -13,8 +13,7 @@ { "uuid" : { "title" : "Catalog Universally Unique Identifier", "description" : "A globally unique identifier with cross-instance scope for this catalog instance. This UUID should be changed when this document is revised.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "metadata" : { "$ref" : "#assembly_oscal-metadata_metadata" }, "params" : @@ -47,13 +46,11 @@ { "id" : { "title" : "Group Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Group Class", "description" : "A textual label that provides a sub-type or characterization of the group.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Group Title", "description" : "A name given to the group, which may be used by a tool for display and navigation.", @@ -100,13 +97,11 @@ { "id" : { "title" : "Control Identifier", "description" : "A human-oriented, locally unique identifier with instance scope that can be used to reference this control elsewhere in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same control across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Control Class", "description" : "A textual label that provides a sub-type or characterization of the control.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Control Title", "description" : "A name given to the control, which may be used by a tool for display and navigation.", @@ -139,8 +134,7 @@ { "uuid" : { "title" : "Mapping Identifier", "description" : "The unique identifier for the mapping.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "target-resource" : { "$ref" : "#assembly_oscal-mapping-common_mapping-resource-reference" }, "maps" : @@ -171,24 +165,19 @@ { "id" : { "title" : "Part Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "name" : { "title" : "Part Name", "description" : "A textual label that uniquely identifies the part's semantic type.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "ns" : { "title" : "Part Namespace", "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "class" : { "title" : "Part Class", "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Part Title", "description" : "A name given to the part, which may be used by a tool for display and navigation.", @@ -224,18 +213,15 @@ { "id" : { "title" : "Parameter Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Parameter Class", "description" : "A textual label that provides a characterization of the parameter.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "depends-on" : { "title" : "Depends on", "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -297,8 +283,7 @@ { "expression" : { "title" : "Constraint test", "description" : "A formal (executable) expression of a constraint", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -322,8 +307,7 @@ { "title" : "Parameter Value", "description" : "A parameter value or set of values.", "$id" : "#field_oscal-catalog-common_parameter-value", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-complete-oscal-catalog-common:parameter-selection" : { "title" : "Selection", "description" : "Presenting a choice among alternatives", @@ -333,11 +317,13 @@ { "how-many" : { "title" : "Parameter Cardinality", "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "one", - "one-or-more" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "one", + "one-or-more" ] } ] }, "choice" : { "type" : "array", "minItems" : 1, @@ -460,8 +446,7 @@ { "uuid" : { "title" : "Location Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Location Title", "description" : "A name given to the location, which may be used by a tool for display and navigation.", @@ -484,9 +469,7 @@ "items" : { "title" : "Location URL", "description" : "The uniform resource locator (URL) for a web site or Internet presence associated with the location.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" } }, + "$ref" : "#/definitions/URIDatatype" } }, "props" : { "type" : "array", "minItems" : 1, @@ -507,8 +490,7 @@ { "title" : "Location Reference", "description" : "A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", "$id" : "#field_oscal-metadata_location-uuid", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "oscal-complete-oscal-metadata:party" : { "title" : "Party (organization or person)", "description" : "A responsible entity which is either a person or an organization.", @@ -518,26 +500,25 @@ { "uuid" : { "title" : "Party Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Party Type", "description" : "A category describing the kind of party the object describes.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$", - "enum" : - [ "person", - "organization" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, "name" : { "title" : "Party Name", "description" : "The full name of the party. This is typically the legal name associated with the party.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "short-name" : { "title" : "Party Short Name", "description" : "A short common name, abbreviation, or acronym for the party.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "external-ids" : { "type" : "array", "minItems" : 1, @@ -549,9 +530,7 @@ { "scheme" : { "title" : "External Identifier Schema", "description" : "Indicates the type of external identifier.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "id" : { "type" : "string" } }, "required" : @@ -594,8 +573,7 @@ "items" : { "title" : "Organizational Affiliation", "description" : "A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -606,8 +584,7 @@ { "title" : "Party Reference", "description" : "A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", "$id" : "#field_oscal-metadata_party-uuid", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "oscal-complete-oscal-metadata:role" : { "title" : "Role", "description" : "Defines a function assumed or expected to be assumed by a party in a specific situation.", @@ -617,8 +594,7 @@ { "id" : { "title" : "Role Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Role Title", "description" : "A name given to the role, which may be used by a tool for display and navigation.", @@ -626,8 +602,7 @@ "short-name" : { "title" : "Role Short Name", "description" : "A short common name, abbreviation, or acronym for the role.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "description" : { "title" : "Role Description", "description" : "A summary of the role's purpose and associated responsibilities.", @@ -652,8 +627,7 @@ { "title" : "Role Identifier Reference", "description" : "A human-oriented identifier reference to roles served by the user.", "$id" : "#field_oscal-metadata_role-id", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "oscal-complete-oscal-metadata:back-matter" : { "title" : "Back matter", "description" : "A collection of resources, which may be included directly or by reference.", @@ -671,8 +645,7 @@ { "uuid" : { "title" : "Resource Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Resource Title", "description" : "A name given to the resource, which may be used by a tool for display and navigation.", @@ -724,13 +697,11 @@ { "href" : { "title" : "Hypertext Reference", "description" : "A resolvable URI reference to a resource.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "hashes" : { "type" : "array", "minItems" : 1, @@ -747,13 +718,11 @@ { "filename" : { "title" : "File Name", "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, "required" : @@ -774,29 +743,23 @@ { "name" : { "title" : "Property Name", "description" : "A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "uuid" : { "title" : "Property Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "ns" : { "title" : "Property Namespace", "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "value" : { "title" : "Property Value", "description" : "Indicates the value of the attribute, characteristic, or quality.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "class" : { "title" : "Property Class", "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -812,18 +775,15 @@ { "href" : { "title" : "Hypertext Reference", "description" : "A resolvable URL reference to a resource.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "rel" : { "title" : "Relation", "description" : "Describes the type of relationship provided by the link. This can be an indicator of the link's purpose.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", @@ -840,8 +800,7 @@ { "role-id" : { "title" : "Responsible Role", "description" : "A human-oriented identifier reference to roles served by the user.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "party-uuids" : { "type" : "array", "minItems" : 1, @@ -872,8 +831,7 @@ { "role-id" : { "title" : "Responsible Role ID", "description" : "A human-oriented identifier reference to roles responsible for the business function.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -903,8 +861,7 @@ { "algorithm" : { "title" : "Hash algorithm", "description" : "Method by which a hash is derived", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, "required" : @@ -920,35 +877,27 @@ { "title" : "Publication Timestamp", "description" : "The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", "$id" : "#field_oscal-metadata_published", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-complete-oscal-metadata:last-modified" : { "title" : "Last Modified Timestamp", "description" : "The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", "$id" : "#field_oscal-metadata_last-modified", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-complete-oscal-metadata:version" : { "title" : "Document Version", "description" : "A string used to distinguish the current version of the document from other previous (and future) versions.", "$id" : "#field_oscal-metadata_version", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-complete-oscal-metadata:oscal-version" : { "title" : "OSCAL version", "description" : "The OSCAL model version the document was authored against.", "$id" : "#field_oscal-metadata_oscal-version", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-complete-oscal-metadata:email-address" : { "title" : "Email Address", "description" : "An email address as defined by RFC 5322 Section 3.4.1.", "$id" : "#field_oscal-metadata_email-address", - "type" : "string", - "format" : "email", - "pattern" : "^.+@.+$" }, + "$ref" : "#/definitions/EmailAddressDatatype" }, "oscal-complete-oscal-metadata:telephone-number" : { "title" : "Telephone Number", "description" : "Contact number by telephone.", @@ -958,8 +907,7 @@ { "type" : { "title" : "type flag", "description" : "Indicates the type of phone number.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "number" : { "type" : "string" } }, "required" : @@ -974,8 +922,7 @@ { "type" : { "title" : "Address Type", "description" : "Indicates the type of address.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "addr-lines" : { "type" : "array", "minItems" : 1, @@ -984,30 +931,25 @@ "city" : { "title" : "City", "description" : "City, town or geographical region for the mailing address.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "state" : { "title" : "State", "description" : "State, province or analogous geographical region for mailing address", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "postal-code" : { "title" : "Postal Code", "description" : "Postal or ZIP code for mailing address", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "country" : { "title" : "Country Code", "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } }, + "$ref" : "#/definitions/StringDatatype" } }, "additionalProperties" : false }, "oscal-complete-oscal-metadata:addr-line" : { "title" : "Address line", "description" : "A single line of an address.", "$id" : "#field_oscal-metadata_addr-line", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-complete-oscal-metadata:document-id" : { "title" : "Document Identifier", "description" : "A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of \"document-id\" is equal to the value of the \"uuid\" flag of the top-level root element.", @@ -1017,9 +959,7 @@ { "scheme" : { "title" : "Document Identification Scheme", "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "identifier" : { "type" : "string" } }, "required" : @@ -1034,8 +974,7 @@ { "uuid" : { "title" : "Mapping Entry Identifier", "description" : "The unique identifier for the mapping entry.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1054,9 +993,7 @@ { "ns" : { "title" : "Relationship Value Namespace", "description" : "A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "STRVALUE" : { "type" : "string" } }, "required" : @@ -1095,16 +1032,17 @@ { "type" : { "title" : "Subject Type", "description" : "The semantic type of the subject.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "control", - "statement" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "control", + "statement" ] } ] }, "id-ref" : { "title" : "Subject Type", "description" : "The semantic type of the subject.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1130,15 +1068,16 @@ { "type" : { "title" : "Resource Type", "description" : "The semantic type of the resource.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "catalog" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "catalog" ] } ] }, "href" : { "title" : "Catalog or Profile Reference", "description" : "A resolvable URL reference to the base catalog or profile that this profile is tailoring.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1164,8 +1103,7 @@ { "uuid" : { "title" : "Mapping Collection Universally Unique Identifier", "description" : "A globally unique identifier with cross-instance scope for this catalog instance. This UUID should be changed when this document is revised.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "metadata" : { "$ref" : "#assembly_oscal-metadata_metadata" }, "mappings" : @@ -1193,8 +1131,7 @@ { "uuid" : { "title" : "Mapping Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "source-resource" : { "$ref" : "#assembly_oscal-mapping-common_mapping-resource-reference" }, "target-resource" : @@ -1219,8 +1156,7 @@ { "uuid" : { "title" : "Profile Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this profile elsewhere in this or other OSCAL instances. The locally defined UUID of the profile can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This identifier should be assigned per-subject, which means it should be consistently used to identify the same profile across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "metadata" : { "$ref" : "#assembly_oscal-metadata_metadata" }, "imports" : @@ -1248,8 +1184,7 @@ { "href" : { "title" : "Catalog or Profile Reference", "description" : "A resolvable URL reference to the base catalog or profile that this profile is tailoring.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "include-all" : { "$ref" : "#assembly_oscal-catalog-common_include-all" }, "include-controls" : @@ -1279,12 +1214,14 @@ { "method" : { "title" : "Combination method", "description" : "How clashing controls should be handled", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$", - "enum" : - [ "use-first", - "merge", - "keep" ] } }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "use-first", + "merge", + "keep" ] } ] } }, "additionalProperties" : false }, "flat" : { "title" : "Flat", @@ -1294,7 +1231,7 @@ "as-is" : { "title" : "As-Is Structuring Directive", "description" : "An As-is element indicates that the controls should be structured in resolution as they are structured in their source catalogs. It does not contain any elements or attributes.", - "type" : "boolean" }, + "$ref" : "#/definitions/BooleanDatatype" }, "custom" : { "title" : "Custom grouping", "description" : "A Custom element frames a structure for embedding represented controls in resolution.", @@ -1321,13 +1258,11 @@ { "id" : { "title" : "Group Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Group Class", "description" : "A textual label that provides a sub-type or characterization of the group.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Group Title", "description" : "A name given to the group, which may be used by a tool for display and navigation.", @@ -1382,18 +1317,15 @@ { "param-id" : { "title" : "Parameter ID", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Parameter Class", "description" : "A textual label that provides a characterization of the parameter.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "depends-on" : { "title" : "Depends on", "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1447,12 +1379,14 @@ { "order" : { "title" : "Order", "description" : "A designation of how a selection of controls in a profile is to be ordered.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "keep", - "ascending", - "descending" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "keep", + "ascending", + "descending" ] } ] }, "include-all" : { "$ref" : "#assembly_oscal-catalog-common_include-all" }, "include-controls" : @@ -1475,19 +1409,20 @@ { "with-child-controls" : { "title" : "Include contained controls with control", "description" : "When a control is included, whether its child (dependent) controls are also included.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "yes", - "no" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "yes", + "no" ] } ] }, "with-ids" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Match Controls by Identifier", "description" : "", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" } }, + "$ref" : "#/definitions/TokenDatatype" } }, "matching" : { "type" : "array", "minItems" : 1, @@ -1499,8 +1434,7 @@ { "pattern" : { "title" : "Pattern", "description" : "A glob expression matching the IDs of one or more controls to be selected.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } }, + "$ref" : "#/definitions/StringDatatype" } }, "additionalProperties" : false } } }, "additionalProperties" : false }, "oscal-complete-oscal-profile:alter" : @@ -1512,8 +1446,7 @@ { "control-id" : { "title" : "Control Identifier Reference", "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "removes" : { "type" : "array", "minItems" : 1, @@ -1536,28 +1469,23 @@ { "by-name" : { "title" : "Reference by (assigned) name", "description" : "Identify items to remove by matching their assigned name", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "by-class" : { "title" : "Reference by class", "description" : "Identify items to remove by matching their class.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "by-id" : { "title" : "Reference by ID", "description" : "Identify items to remove indicated by their id.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "by-item-name" : { "title" : "Item Name Reference", "description" : "Identify items to remove by the name of the item's information element name, e.g. title or prop", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "by-ns" : { "title" : "Item Namespace Reference", "description" : "Identify items to remove by the item's ns, which is the namespace associated with a part, or prop.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" } }, + "$ref" : "#/definitions/TokenDatatype" } }, "additionalProperties" : false }, "oscal-complete-oscal-profile:add" : { "title" : "Addition", @@ -1568,18 +1496,19 @@ { "position" : { "title" : "Position", "description" : "Where to add the new content with respect to the targeted element (beside it or inside it)", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "before", - "after", - "starting", - "ending" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "before", + "after", + "starting", + "ending" ] } ] }, "by-id" : { "title" : "Reference by ID", "description" : "Target location of the addition.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Title Change", "description" : "A name given to the control, which may be used by a tool for display and navigation.", @@ -1614,8 +1543,7 @@ { "uuid" : { "title" : "Component Definition Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component definition elsewhere in this or other OSCAL instances. The locally defined UUID of the component definition can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "metadata" : { "$ref" : "#assembly_oscal-metadata_metadata" }, "import-component-definitions" : @@ -1648,8 +1576,7 @@ { "href" : { "title" : "Hyperlink Reference", "description" : "A link to a resource that defines a set of components and/or capabilities to import into this collection.", - "type" : "string", - "format" : "uri-reference" } }, + "$ref" : "#/definitions/URIReferenceDatatype" } }, "required" : [ "href" ], "additionalProperties" : false }, @@ -1662,13 +1589,11 @@ { "uuid" : { "title" : "Component Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Component Type", "description" : "A category describing the purpose of the component.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "title" : { "title" : "Component Title", "description" : "A human readable name for the component.", @@ -1723,13 +1648,11 @@ { "uuid" : { "title" : "Capability Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this capability elsewhere in this or other OSCAL instances. The locally defined UUID of the capability can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "name" : { "title" : "Capability Name", "description" : "The capability's human-readable name.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "description" : { "title" : "Capability Description", "description" : "A summary of the capability.", @@ -1770,8 +1693,7 @@ { "component-uuid" : { "title" : "Component Reference", "description" : "A machine-oriented identifier reference to a component.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Component Description", "description" : "A description of the component, including information about its function.", @@ -1789,13 +1711,11 @@ { "uuid" : { "title" : "Control Implementation Set Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a set of implemented controls elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation set can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "source" : { "title" : "Source Resource Reference", "description" : "A reference to an OSCAL catalog or profile providing the referenced control or subcontrol definition.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "description" : { "title" : "Control Implementation Description", "description" : "A description of how the specified set of controls are implemented for the containing component or capability.", @@ -1835,13 +1755,11 @@ { "uuid" : { "title" : "Control Implementation Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a specific control implementation elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "control-id" : { "title" : "Control Identifier Reference", "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "description" : { "title" : "Control Implementation Description", "description" : "A suggestion for how the specified control may be implemented if the containing component or capability is instantiated in a system security plan.", @@ -1887,13 +1805,11 @@ { "statement-id" : { "title" : "Control Statement Reference", "description" : "A human-oriented identifier reference to a control statement.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "uuid" : { "title" : "Control Statement Reference Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Statement Implementation Description", "description" : "A summary of how the containing control statement is implemented by the component or capability.", @@ -1929,13 +1845,11 @@ { "uuid" : { "title" : "Component Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Component Type", "description" : "A category describing the purpose of the component.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "title" : { "title" : "Component Title", "description" : "A human readable name for the system component.", @@ -1966,13 +1880,15 @@ { "state" : { "title" : "State", "description" : "The operational status.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "under-development", - "operational", - "disposition", - "other" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "under-development", + "operational", + "disposition", + "other" ] } ] }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -2006,13 +1922,11 @@ { "uuid" : { "title" : "Service Protocol Information Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "name" : { "title" : "Protocol Name", "description" : "The common name of the protocol, which should be the appropriate \"service name\" from the IANA Service Name and Transport Protocol Port Number Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "title" : { "title" : "Protocol Title", "description" : "A human readable name for the protocol (e.g., Transport Layer Security).", @@ -2034,23 +1948,21 @@ { "start" : { "title" : "Start", "description" : "Indicates the starting port number in a port range", - "type" : "integer", - "multipleOf" : 1, - "minimum" : 0 }, + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, "end" : { "title" : "End", "description" : "Indicates the ending port number in a port range", - "type" : "integer", - "multipleOf" : 1, - "minimum" : 0 }, + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, "transport" : { "title" : "Transport", "description" : "Indicates the transport type.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "TCP", - "UDP" ] } }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "TCP", + "UDP" ] } ] } }, "additionalProperties" : false }, "oscal-complete-oscal-implementation-common:implementation-status" : { "title" : "Implementation Status", @@ -2061,8 +1973,7 @@ { "state" : { "title" : "Implementation State", "description" : "Identifies the implementation status of the control or control objective.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -2077,8 +1988,7 @@ { "uuid" : { "title" : "User Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "User Title", "description" : "A name given to the user, which may be used by a tool for display and navigation.", @@ -2086,8 +1996,7 @@ "short-name" : { "title" : "User Short Name", "description" : "A short common name, abbreviation, or acronym for the user.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "description" : { "title" : "User Description", "description" : "A summary of the user's purpose within the system.", @@ -2144,8 +2053,7 @@ { "title" : "Functions Performed", "description" : "Describes a function performed for a given authorized privilege by this user class.", "$id" : "#field_oscal-implementation-common_function-performed", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-complete-oscal-implementation-common:inventory-item" : { "title" : "Inventory Item", "description" : "A single managed inventory item within the system.", @@ -2155,8 +2063,7 @@ { "uuid" : { "title" : "Inventory Item Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Inventory Item Description", "description" : "A summary of the inventory item stating its purpose within the system.", @@ -2187,8 +2094,7 @@ { "component-uuid" : { "title" : "Component Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -2224,16 +2130,14 @@ { "param-id" : { "title" : "Parameter ID", "description" : "A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "values" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Parameter Value", "description" : "A parameter value or set of values.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } }, + "$ref" : "#/definitions/StringDatatype" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -2249,9 +2153,7 @@ { "identifier-type" : { "title" : "Identification System Type", "description" : "Identifies the identification system from which the provided identifier was assigned.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "id" : { "type" : "string" } }, "required" : @@ -2266,8 +2168,7 @@ { "uuid" : { "title" : "System Security Plan Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this system security plan (SSP) elsewhere in this or other OSCAL instances. The locally defined UUID of the SSP can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "metadata" : { "$ref" : "#assembly_oscal-metadata_metadata" }, "import-profile" : @@ -2297,8 +2198,7 @@ { "href" : { "title" : "Profile Reference", "description" : "A resolvable URL reference to the profile or catalog to use as the system's control baseline.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -2318,13 +2218,11 @@ "system-name" : { "title" : "System Name - Full", "description" : "The full name of the system.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "system-name-short" : { "title" : "System Name - Short", "description" : "A short name for the system, such as an acronym, that is suitable for display in a data table or summary list.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "description" : { "title" : "System Description", "description" : "A summary of the system.", @@ -2344,8 +2242,7 @@ "security-sensitivity-level" : { "title" : "Security Sensitivity Level", "description" : "The overall information system sensitivity categorization, such as defined by FIPS-199.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "system-information" : { "$ref" : "#assembly_oscal-ssp_system-information" }, "security-impact-level" : @@ -2402,8 +2299,7 @@ { "uuid" : { "title" : "Information Type Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this information type elsewhere in this or other OSCAL instances. The locally defined UUID of the information type can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "title field", "description" : "A human readable name for the information type. This title should be meaningful within the context of the system.", @@ -2423,17 +2319,14 @@ { "system" : { "title" : "Information Type Identification System", "description" : "Specifies the information type identification system used.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "information-type-ids" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Information Type Systematized Identifier", "description" : "A human-oriented, globally unique identifier qualified by the given identification system used, such as NIST SP 800-60. This identifier has cross-instance scope and can be used to reference this system elsewhere in this or other OSCAL instances. This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } } }, + "$ref" : "#/definitions/StringDatatype" } } }, "required" : [ "system" ], "additionalProperties" : false } }, @@ -2533,14 +2426,12 @@ { "title" : "Base Level (Confidentiality, Integrity, or Availability)", "description" : "The prescribed base (Confidentiality, Integrity, or Availability) security impact level.", "$id" : "#field_oscal-ssp_base", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-complete-oscal-ssp:selected" : { "title" : "Selected Level (Confidentiality, Integrity, or Availability)", "description" : "The selected (Confidentiality, Integrity, or Availability) security impact level.", "$id" : "#field_oscal-ssp_selected", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-complete-oscal-ssp:adjustment-justification" : { "title" : "Adjustment Justification", "description" : "If the selected security level is different from the base security level, this contains the justification for the change.", @@ -2555,18 +2446,15 @@ { "security-objective-confidentiality" : { "title" : "Security Objective: Confidentiality", "description" : "A target-level of confidentiality for the system, based on the sensitivity of information within the system.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "security-objective-integrity" : { "title" : "Security Objective: Integrity", "description" : "A target-level of integrity for the system, based on the sensitivity of information within the system.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "security-objective-availability" : { "title" : "Security Objective: Availability", "description" : "A target-level of availability for the system, based on the sensitivity of information within the system.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } }, + "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "security-objective-confidentiality", "security-objective-integrity", @@ -2581,14 +2469,16 @@ { "state" : { "title" : "State", "description" : "The current operating status.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$", - "enum" : - [ "operational", - "under-development", - "under-major-modification", - "disposition", - "other" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "operational", + "under-development", + "under-major-modification", + "disposition", + "other" ] } ] }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -2598,8 +2488,7 @@ { "title" : "System Authorization Date", "description" : "The date the system received its authorization.", "$id" : "#field_oscal-ssp_date-authorized", - "type" : "string", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))(Z|[+-][0-9]{2}:[0-9]{2})?$" }, + "$ref" : "#/definitions/DateDatatype" }, "oscal-complete-oscal-ssp:authorization-boundary" : { "title" : "Authorization Boundary", "description" : "A description of this system's authorization boundary, optionally supplemented by diagrams that illustrate the authorization boundary.", @@ -2639,8 +2528,7 @@ { "uuid" : { "title" : "Diagram ID", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this diagram elsewhere in this or other OSCAL instances. The locally defined UUID of the diagram can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Diagram Description", "description" : "A summary of the diagram.", @@ -2751,8 +2639,7 @@ { "uuid" : { "title" : "Leveraged Authorization Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope and can be used to reference this leveraged authorization elsewhere in this or other OSCAL instances. The locally defined UUID of the leveraged authorization can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "title field", "description" : "A human readable name for the leveraged authorization in the context of the system.", @@ -2770,8 +2657,7 @@ "party-uuid" : { "title" : "party-uuid field", "description" : "A machine-oriented identifier reference to the party that manages the leveraged system.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "date-authorized" : { "$ref" : "#field_oscal-ssp_date-authorized" }, "remarks" : @@ -2836,13 +2722,11 @@ { "uuid" : { "title" : "Control Requirement Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control requirement elsewhere in this or other OSCAL instances. The locally defined UUID of the control requirement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "control-id" : { "title" : "Control Identifier Reference", "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -2888,13 +2772,11 @@ { "statement-id" : { "title" : "Control Statement Reference", "description" : "A human-oriented identifier reference to a control statement.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "uuid" : { "title" : "Control Statement Reference Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -2930,13 +2812,11 @@ { "component-uuid" : { "title" : "Component Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to the component that is implemeting a given control.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "uuid" : { "title" : "By-Component Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this by-component entry elsewhere in this or other OSCAL instances. The locally defined UUID of the by-component entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Control Implementation Description", "description" : "An implementation statement that describes how a control or a control statement is implemented within the referenced system component.", @@ -2988,8 +2868,7 @@ { "uuid" : { "title" : "Provided Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this provided entry elsewhere in this or other OSCAL instances. The locally defined UUID of the provided entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Provided Control Implementation Description", "description" : "An implementation statement that describes the aspects of the control or control statement implementation that can be provided to another system leveraging this system.", @@ -3026,13 +2905,11 @@ { "uuid" : { "title" : "Responsibility Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this responsibility elsewhere in this or other OSCAL instances. The locally defined UUID of the responsibility can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "provided-uuid" : { "title" : "Provided UUID", "description" : "A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Control Implementation Responsibility Description", "description" : "An implementation statement that describes the aspects of the control or control statement implementation that a leveraging system must implement to satisfy the control provided by a leveraged system.", @@ -3072,13 +2949,11 @@ { "uuid" : { "title" : "Inherited Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inherited entry elsewhere in this or other OSCAL instances. The locally defined UUID of the inherited control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "provided-uuid" : { "title" : "Provided UUID", "description" : "A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Inherited Control Implementation Description", "description" : "An implementation statement that describes the aspects of a control or control statement implementation that a leveraging system is inheriting from a leveraged system.", @@ -3113,13 +2988,11 @@ { "uuid" : { "title" : "Satisfied Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this satisfied control implementation entry elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "responsibility-uuid" : { "title" : "Responsibility UUID", "description" : "A machine-oriented identifier reference to a control implementation that satisfies a responsibility imposed by a leveraged system.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Satisfied Control Implementation Responsibility Description", "description" : "An implementation statement that describes the aspects of a control or control statement implementation that a leveraging system is implementing based on a requirement from a leveraged system.", @@ -3166,8 +3039,7 @@ { "uuid" : { "title" : "Assessment Plan Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment plan in this or other OSCAL instances. The locally defined UUID of the assessment plan can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "metadata" : { "$ref" : "#assembly_oscal-metadata_metadata" }, "import-ssp" : @@ -3247,8 +3119,7 @@ { "href" : { "title" : "System Security Plan Reference", "description" : "A resolvable URL reference to the system security plan for the system being assessed.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -3263,8 +3134,7 @@ { "control-id" : { "title" : "Control Identifier Reference", "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "description" : { "title" : "Objective Description", "description" : "A human-readable description of this control objective.", @@ -3299,8 +3169,7 @@ { "uuid" : { "title" : "Assessment Method Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Assessment Method Description", "description" : "A human-readable description of this assessment method.", @@ -3332,8 +3201,7 @@ { "uuid" : { "title" : "Assessment Activity Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Included Activity Title", "description" : "The title for this included activity.", @@ -3363,8 +3231,7 @@ { "uuid" : { "title" : "Step Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Step Title", "description" : "The title for this step.", @@ -3418,13 +3285,11 @@ { "uuid" : { "title" : "Task Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Task Type", "description" : "The type of task.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Task Title", "description" : "The title for this task.", @@ -3456,9 +3321,7 @@ { "date" : { "title" : "On Date Condition", "description" : "The task must occur on the specified date.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" } }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, "required" : [ "date" ], "additionalProperties" : false }, @@ -3470,15 +3333,11 @@ { "start" : { "title" : "Start Date Condition", "description" : "The task must occur on or after the specified date.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "end" : { "title" : "End Date Condition", "description" : "The task must occur on or before the specified date.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" } }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, "required" : [ "start", "end" ], @@ -3491,21 +3350,21 @@ { "period" : { "title" : "Period", "description" : "The task must occur after the specified period has elapsed.", - "type" : "integer", - "multipleOf" : 1, - "minimum" : 1 }, + "$ref" : "#/definitions/PositiveIntegerDatatype" }, "unit" : { "title" : "Time Unit", "description" : "The unit of time for the period.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$", - "enum" : - [ "seconds", - "minutes", - "hours", - "days", - "months", - "years" ] } }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "seconds", + "minutes", + "hours", + "days", + "months", + "years" ] } ] } }, "required" : [ "period", "unit" ], @@ -3522,8 +3381,7 @@ { "task-uuid" : { "title" : "Task Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a unique task.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -3545,8 +3403,7 @@ { "activity-uuid" : { "title" : "Activity Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to an activity defined in the list of activities.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -3698,16 +3555,14 @@ { "control-id" : { "title" : "Control Identifier Reference", "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "statement-ids" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Include Specific Statements", "description" : "Used to constrain the selection to only specificity identified statements.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" } } }, + "$ref" : "#/definitions/TokenDatatype" } } }, "required" : [ "control-id" ], "additionalProperties" : false }, @@ -3720,8 +3575,7 @@ { "objective-id" : { "title" : "Objective ID", "description" : "Points to an assessment objective.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" } }, + "$ref" : "#/definitions/TokenDatatype" } }, "required" : [ "objective-id" ], "additionalProperties" : false }, @@ -3734,8 +3588,7 @@ { "uuid" : { "title" : "Assessment Subject Placeholder Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Assessment Subject Placeholder Description", "description" : "A human-readable description of intent of this assessment subject placeholder.", @@ -3751,8 +3604,7 @@ { "task-uuid" : { "title" : "Task Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "required" : [ "task-uuid" ], "additionalProperties" : false } }, @@ -3781,8 +3633,7 @@ { "type" : { "title" : "Subject Type", "description" : "Indicates the type of assessment subject, such as a component, inventory, item, location, or party represented by this selection statement.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "description" : { "title" : "Include Subjects Description", "description" : "A human-readable description of the collection of subjects being included in this assessment.", @@ -3823,13 +3674,11 @@ { "subject-uuid" : { "title" : "Subject Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Subject Universally Unique Identifier Reference Type", "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -3855,13 +3704,11 @@ { "subject-uuid" : { "title" : "Subject Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Subject Universally Unique Identifier Reference Type", "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Subject Reference Title", "description" : "The title or name for the referenced subject.", @@ -3904,8 +3751,7 @@ { "uuid" : { "title" : "Assessment Platform Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Assessment Platform Title", "description" : "The title or name for the assessment platform.", @@ -3931,8 +3777,7 @@ { "component-uuid" : { "title" : "Component Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -3970,16 +3815,17 @@ { "type" : { "title" : "Finding Target Type", "description" : "Identifies the type of the target.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$", - "enum" : - [ "statement-id", - "objective-id" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "statement-id", + "objective-id" ] } ] }, "target-id" : { "title" : "Finding Target Identifier Reference", "description" : "A machine-oriented identifier reference for a specific target qualified by the type.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Objective Status Title", "description" : "The title for this objective status.", @@ -4006,16 +3852,17 @@ { "state" : { "title" : "Objective Status State", "description" : "An indication as to whether the objective is satisfied or not.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "satisfied", - "not-satisfied" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "satisfied", + "not-satisfied" ] } ] }, "reason" : { "title" : "Objective Status Reason", "description" : "The reason the objective was given it's status.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -4039,8 +3886,7 @@ { "uuid" : { "title" : "Observation Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Observation Title", "description" : "The title for this observation.", @@ -4065,16 +3911,14 @@ "items" : { "title" : "Observation Method", "description" : "Identifies how the observation was made.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } }, + "$ref" : "#/definitions/StringDatatype" } }, "types" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Observation Type", "description" : "Identifies the nature of the observation. More than one may be used to further qualify and enable filtering.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" } }, + "$ref" : "#/definitions/TokenDatatype" } }, "origins" : { "type" : "array", "minItems" : 1, @@ -4096,8 +3940,7 @@ { "href" : { "title" : "Relevant Evidence Reference", "description" : "A resolvable URL reference to relevant evidence.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "description" : { "title" : "Relevant Evidence Description", "description" : "A human-readable description of this evidence.", @@ -4120,15 +3963,11 @@ "collected" : { "title" : "Collected Field", "description" : "Date/time stamp identifying when the finding information was collected.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "expires" : { "title" : "Expires Field", "description" : "Date/time identifying when the finding information is out-of-date and no longer valid. Typically used with continuous assessment scenarios.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -4165,22 +4004,22 @@ { "type" : { "title" : "Actor Type", "description" : "The kind of actor.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "tool", - "assessment-platform", - "party" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "tool", + "assessment-platform", + "party" ] } ] }, "actor-uuid" : { "title" : "Actor Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to the tool or person based on the associated type.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "role-id" : { "title" : "Actor Role", "description" : "For a party, this can optionally be used to specify the role the actor was performing.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -4204,8 +4043,7 @@ { "task-uuid" : { "title" : "Task Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a unique task.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -4234,8 +4072,7 @@ { "subject-placeholder-uuid" : { "title" : "Assessment Subject Placeholder Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "subjects" : { "type" : "array", "minItems" : 1, @@ -4259,14 +4096,11 @@ { "system" : { "title" : "Threat Type Identification System", "description" : "Specifies the source of the threat information.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "href" : { "title" : "Threat Information Resource Reference", "description" : "An optional location for the threat data, from which this ID originates.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "id" : { "type" : "string" } }, "required" : @@ -4282,8 +4116,7 @@ { "uuid" : { "title" : "Risk Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Risk Title", "description" : "The title for this risk.", @@ -4334,13 +4167,11 @@ { "uuid" : { "title" : "Mitigating Factor Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "implementation-uuid" : { "title" : "Implementation UUID", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Mitigating Factor Description", "description" : "A human-readable description of this mitigating factor.", @@ -4367,9 +4198,7 @@ "deadline" : { "title" : "Risk Resolution Deadline", "description" : "The date/time by which the risk must be resolved.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "remediations" : { "type" : "array", "minItems" : 1, @@ -4391,8 +4220,7 @@ { "uuid" : { "title" : "Risk Log Entry Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Title", "description" : "The title for this risk log entry.", @@ -4404,15 +4232,11 @@ "start" : { "title" : "Start", "description" : "Identifies the start date and time of the event.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "end" : { "title" : "End", "description" : "Identifies the end date and time of the event. If the event is a point in time, the start and end will be the same date and time.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -4441,8 +4265,7 @@ { "response-uuid" : { "title" : "Response Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a unique risk response.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -4483,8 +4306,7 @@ { "observation-uuid" : { "title" : "Observation Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "required" : [ "observation-uuid" ], "additionalProperties" : false } } }, @@ -4504,13 +4326,11 @@ { "party-uuid" : { "title" : "Party UUID Reference", "description" : "A machine-oriented identifier reference to the party who is making the log entry.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "role-id" : { "title" : "Actor Role", "description" : "A point to the role-id of the role in which the party is making the log entry.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" } }, + "$ref" : "#/definitions/TokenDatatype" } }, "required" : [ "party-uuid" ], "additionalProperties" : false }, @@ -4518,8 +4338,7 @@ { "title" : "Risk Status", "description" : "Describes the status of the associated risk.", "$id" : "#field_oscal-assessment-common_risk-status", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "oscal-complete-oscal-assessment-common:characterization" : { "title" : "Characterization", "description" : "A collection of descriptive data about the containing object from a specific origin.", @@ -4549,19 +4368,15 @@ { "name" : { "title" : "Facet Name", "description" : "The name of the risk metric within the specified system.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "system" : { "title" : "Naming System", "description" : "Specifies the naming system under which this risk metric is organized, which allows for the same names to be used in different systems controlled by different parties. This avoids the potential of a name clash.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "value" : { "title" : "Facet Value", "description" : "Indicates the value of the facet.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -4592,13 +4407,11 @@ { "uuid" : { "title" : "Remediation Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "lifecycle" : { "title" : "Remediation Intent", "description" : "Identifies whether this is a recommendation, such as from an assessor or tool, or an actual plan accepted by the system owner.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Response Title", "description" : "The title for this response activity.", @@ -4633,8 +4446,7 @@ { "uuid" : { "title" : "Required Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "subjects" : { "type" : "array", "minItems" : 1, @@ -4686,24 +4498,19 @@ { "uuid" : { "title" : "Part Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "name" : { "title" : "Part Name", "description" : "A textual label that uniquely identifies the part's semantic type.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "ns" : { "title" : "Part Namespace", "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "class" : { "title" : "Part Class", "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Part Title", "description" : "A name given to the part, which may be used by a tool for display and navigation.", @@ -4739,8 +4546,7 @@ { "uuid" : { "title" : "Assessment Results Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment results instance in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "metadata" : { "$ref" : "#assembly_oscal-metadata_metadata" }, "import-ap" : @@ -4785,8 +4591,7 @@ { "uuid" : { "title" : "Results Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this set of results in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Results Title", "description" : "The title for this set of results.", @@ -4798,15 +4603,11 @@ "start" : { "title" : "start field", "description" : "Date/time stamp identifying the start of the evidence collection reflected in these results.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "end" : { "title" : "end field", "description" : "Date/time stamp identifying the end of the evidence collection reflected in these results. In a continuous motoring scenario, this may contain the same value as start if appropriate.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -4884,8 +4685,7 @@ { "uuid" : { "title" : "Assessment Log Entry Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference an assessment event in this or other OSCAL instances. The locally defined UUID of the assessment log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Action Title", "description" : "The title for this event.", @@ -4897,15 +4697,11 @@ "start" : { "title" : "Start", "description" : "Identifies the start date and time of an event.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "end" : { "title" : "End", "description" : "Identifies the end date and time of an event. If the event is a point in time, the start and end will be the same date and time.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -4968,8 +4764,7 @@ { "uuid" : { "title" : "Finding Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Finding Title", "description" : "The title for this finding.", @@ -4998,8 +4793,7 @@ "implementation-statement-uuid" : { "title" : "Implementation Statement UUID", "description" : "A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "related-observations" : { "type" : "array", "minItems" : 1, @@ -5011,8 +4805,7 @@ { "observation-uuid" : { "title" : "Observation Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "required" : [ "observation-uuid" ], "additionalProperties" : false } }, @@ -5027,8 +4820,7 @@ { "risk-uuid" : { "title" : "Risk Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a risk defined in the list of risks.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "required" : [ "risk-uuid" ], "additionalProperties" : false } }, @@ -5049,8 +4841,7 @@ { "href" : { "title" : "Assessment Plan Reference", "description" : "A resolvable URL reference to the assessment plan governing the assessment activities.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -5065,8 +4856,7 @@ { "uuid" : { "title" : "POA&M Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with instancescope that can be used to reference this POA&M instance in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "metadata" : { "$ref" : "#assembly_oscal-metadata_metadata" }, "import-ssp" : @@ -5125,8 +4915,7 @@ { "uuid" : { "title" : "POA&M Item Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with instance scope that can be used to reference this POA&M item entry in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "POA&M Item Title", "description" : "The title or name for this POA&M item .", @@ -5172,8 +4961,7 @@ { "observation-uuid" : { "title" : "Observation Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "required" : [ "observation-uuid" ], "additionalProperties" : false } }, @@ -5188,8 +4976,7 @@ { "risk-uuid" : { "title" : "Risk Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a risk defined in the list of risks.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "required" : [ "risk-uuid" ], "additionalProperties" : false } }, @@ -5198,7 +4985,57 @@ "required" : [ "title", "description" ], - "additionalProperties" : false } }, + "additionalProperties" : false }, + "Base64Datatype" : + { "type" : "string", + "pattern" : "^[0-9A-Fa-f]+$", + "contentEncoding" : "base64" }, + "BooleanDatatype" : + { "type" : "boolean" }, + "DateDatatype" : + { "type" : "string", + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))(Z|[+-][0-9]{2}:[0-9]{2})?$" }, + "DateTimeWithTimezoneDatatype" : + { "type" : "string", + "format" : "date-time", + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "EmailAddressDatatype" : + { "type" : "string", + "format" : "email", + "pattern" : "^.+@.+$" }, + "IntegerDatatype" : + { "type" : "integer" }, + "NonNegativeIntegerDatatype" : + { "allOf" : + [ + { "$ref" : "#/definitions/IntegerDatatype" }, + + { "minimum" : 0, + "type" : "number" } ] }, + "PositiveIntegerDatatype" : + { "allOf" : + [ + { "$ref" : "#/definitions/IntegerDatatype" }, + + { "minimum" : 1, + "type" : "number" } ] }, + "StringDatatype" : + { "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "TokenDatatype" : + { "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "URIDatatype" : + { "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "URIReferenceDatatype" : + { "type" : "string", + "format" : "uri-reference" }, + "UUIDDatatype" : + { "type" : "string", + "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, "oneOf" : [ { "properties" : diff --git a/json/schema/oscal_component_schema.json b/json/schema/oscal_component_schema.json index 1b44be3eee..c118204cdd 100644 --- a/json/schema/oscal_component_schema.json +++ b/json/schema/oscal_component_schema.json @@ -13,8 +13,7 @@ { "uuid" : { "title" : "Component Definition Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component definition elsewhere in this or other OSCAL instances. The locally defined UUID of the component definition can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "metadata" : { "$ref" : "#assembly_oscal-metadata_metadata" }, "import-component-definitions" : @@ -47,8 +46,7 @@ { "href" : { "title" : "Hyperlink Reference", "description" : "A link to a resource that defines a set of components and/or capabilities to import into this collection.", - "type" : "string", - "format" : "uri-reference" } }, + "$ref" : "#/definitions/URIReferenceDatatype" } }, "required" : [ "href" ], "additionalProperties" : false }, @@ -61,13 +59,11 @@ { "uuid" : { "title" : "Component Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Component Type", "description" : "A category describing the purpose of the component.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "title" : { "title" : "Component Title", "description" : "A human readable name for the component.", @@ -122,13 +118,11 @@ { "uuid" : { "title" : "Capability Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this capability elsewhere in this or other OSCAL instances. The locally defined UUID of the capability can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "name" : { "title" : "Capability Name", "description" : "The capability's human-readable name.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "description" : { "title" : "Capability Description", "description" : "A summary of the capability.", @@ -169,8 +163,7 @@ { "component-uuid" : { "title" : "Component Reference", "description" : "A machine-oriented identifier reference to a component.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Component Description", "description" : "A description of the component, including information about its function.", @@ -188,13 +181,11 @@ { "uuid" : { "title" : "Control Implementation Set Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a set of implemented controls elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation set can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "source" : { "title" : "Source Resource Reference", "description" : "A reference to an OSCAL catalog or profile providing the referenced control or subcontrol definition.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "description" : { "title" : "Control Implementation Description", "description" : "A description of how the specified set of controls are implemented for the containing component or capability.", @@ -234,13 +225,11 @@ { "uuid" : { "title" : "Control Implementation Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a specific control implementation elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "control-id" : { "title" : "Control Identifier Reference", "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "description" : { "title" : "Control Implementation Description", "description" : "A suggestion for how the specified control may be implemented if the containing component or capability is instantiated in a system security plan.", @@ -286,13 +275,11 @@ { "statement-id" : { "title" : "Control Statement Reference", "description" : "A human-oriented identifier reference to a control statement.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "uuid" : { "title" : "Control Statement Reference Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Statement Implementation Description", "description" : "A summary of how the containing control statement is implemented by the component or capability.", @@ -328,13 +315,11 @@ { "uuid" : { "title" : "Component Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Component Type", "description" : "A category describing the purpose of the component.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "title" : { "title" : "Component Title", "description" : "A human readable name for the system component.", @@ -365,13 +350,15 @@ { "state" : { "title" : "State", "description" : "The operational status.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "under-development", - "operational", - "disposition", - "other" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "under-development", + "operational", + "disposition", + "other" ] } ] }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -405,13 +392,11 @@ { "uuid" : { "title" : "Service Protocol Information Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "name" : { "title" : "Protocol Name", "description" : "The common name of the protocol, which should be the appropriate \"service name\" from the IANA Service Name and Transport Protocol Port Number Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "title" : { "title" : "Protocol Title", "description" : "A human readable name for the protocol (e.g., Transport Layer Security).", @@ -433,23 +418,21 @@ { "start" : { "title" : "Start", "description" : "Indicates the starting port number in a port range", - "type" : "integer", - "multipleOf" : 1, - "minimum" : 0 }, + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, "end" : { "title" : "End", "description" : "Indicates the ending port number in a port range", - "type" : "integer", - "multipleOf" : 1, - "minimum" : 0 }, + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, "transport" : { "title" : "Transport", "description" : "Indicates the transport type.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "TCP", - "UDP" ] } }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "TCP", + "UDP" ] } ] } }, "additionalProperties" : false }, "oscal-component-definition-oscal-implementation-common:implementation-status" : { "title" : "Implementation Status", @@ -460,8 +443,7 @@ { "state" : { "title" : "Implementation State", "description" : "Identifies the implementation status of the control or control objective.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -476,8 +458,7 @@ { "uuid" : { "title" : "User Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "User Title", "description" : "A name given to the user, which may be used by a tool for display and navigation.", @@ -485,8 +466,7 @@ "short-name" : { "title" : "User Short Name", "description" : "A short common name, abbreviation, or acronym for the user.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "description" : { "title" : "User Description", "description" : "A summary of the user's purpose within the system.", @@ -543,8 +523,7 @@ { "title" : "Functions Performed", "description" : "Describes a function performed for a given authorized privilege by this user class.", "$id" : "#field_oscal-implementation-common_function-performed", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-component-definition-oscal-implementation-common:inventory-item" : { "title" : "Inventory Item", "description" : "A single managed inventory item within the system.", @@ -554,8 +533,7 @@ { "uuid" : { "title" : "Inventory Item Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Inventory Item Description", "description" : "A summary of the inventory item stating its purpose within the system.", @@ -586,8 +564,7 @@ { "component-uuid" : { "title" : "Component Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -623,16 +600,14 @@ { "param-id" : { "title" : "Parameter ID", "description" : "A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "values" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Parameter Value", "description" : "A parameter value or set of values.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } }, + "$ref" : "#/definitions/StringDatatype" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -648,9 +623,7 @@ { "identifier-type" : { "title" : "Identification System Type", "description" : "Identifies the identification system from which the provided identifier was assigned.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "id" : { "type" : "string" } }, "required" : @@ -764,8 +737,7 @@ { "uuid" : { "title" : "Location Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Location Title", "description" : "A name given to the location, which may be used by a tool for display and navigation.", @@ -788,9 +760,7 @@ "items" : { "title" : "Location URL", "description" : "The uniform resource locator (URL) for a web site or Internet presence associated with the location.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" } }, + "$ref" : "#/definitions/URIDatatype" } }, "props" : { "type" : "array", "minItems" : 1, @@ -811,8 +781,7 @@ { "title" : "Location Reference", "description" : "A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", "$id" : "#field_oscal-metadata_location-uuid", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "oscal-component-definition-oscal-metadata:party" : { "title" : "Party (organization or person)", "description" : "A responsible entity which is either a person or an organization.", @@ -822,26 +791,25 @@ { "uuid" : { "title" : "Party Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Party Type", "description" : "A category describing the kind of party the object describes.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$", - "enum" : - [ "person", - "organization" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, "name" : { "title" : "Party Name", "description" : "The full name of the party. This is typically the legal name associated with the party.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "short-name" : { "title" : "Party Short Name", "description" : "A short common name, abbreviation, or acronym for the party.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "external-ids" : { "type" : "array", "minItems" : 1, @@ -853,9 +821,7 @@ { "scheme" : { "title" : "External Identifier Schema", "description" : "Indicates the type of external identifier.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "id" : { "type" : "string" } }, "required" : @@ -898,8 +864,7 @@ "items" : { "title" : "Organizational Affiliation", "description" : "A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -910,8 +875,7 @@ { "title" : "Party Reference", "description" : "A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", "$id" : "#field_oscal-metadata_party-uuid", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "oscal-component-definition-oscal-metadata:role" : { "title" : "Role", "description" : "Defines a function assumed or expected to be assumed by a party in a specific situation.", @@ -921,8 +885,7 @@ { "id" : { "title" : "Role Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Role Title", "description" : "A name given to the role, which may be used by a tool for display and navigation.", @@ -930,8 +893,7 @@ "short-name" : { "title" : "Role Short Name", "description" : "A short common name, abbreviation, or acronym for the role.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "description" : { "title" : "Role Description", "description" : "A summary of the role's purpose and associated responsibilities.", @@ -956,8 +918,7 @@ { "title" : "Role Identifier Reference", "description" : "A human-oriented identifier reference to roles served by the user.", "$id" : "#field_oscal-metadata_role-id", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "oscal-component-definition-oscal-metadata:back-matter" : { "title" : "Back matter", "description" : "A collection of resources, which may be included directly or by reference.", @@ -975,8 +936,7 @@ { "uuid" : { "title" : "Resource Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Resource Title", "description" : "A name given to the resource, which may be used by a tool for display and navigation.", @@ -1028,13 +988,11 @@ { "href" : { "title" : "Hypertext Reference", "description" : "A resolvable URI reference to a resource.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "hashes" : { "type" : "array", "minItems" : 1, @@ -1051,13 +1009,11 @@ { "filename" : { "title" : "File Name", "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, "required" : @@ -1078,29 +1034,23 @@ { "name" : { "title" : "Property Name", "description" : "A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "uuid" : { "title" : "Property Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "ns" : { "title" : "Property Namespace", "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "value" : { "title" : "Property Value", "description" : "Indicates the value of the attribute, characteristic, or quality.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "class" : { "title" : "Property Class", "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1116,18 +1066,15 @@ { "href" : { "title" : "Hypertext Reference", "description" : "A resolvable URL reference to a resource.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "rel" : { "title" : "Relation", "description" : "Describes the type of relationship provided by the link. This can be an indicator of the link's purpose.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", @@ -1144,8 +1091,7 @@ { "role-id" : { "title" : "Responsible Role", "description" : "A human-oriented identifier reference to roles served by the user.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "party-uuids" : { "type" : "array", "minItems" : 1, @@ -1176,8 +1122,7 @@ { "role-id" : { "title" : "Responsible Role ID", "description" : "A human-oriented identifier reference to roles responsible for the business function.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1207,8 +1152,7 @@ { "algorithm" : { "title" : "Hash algorithm", "description" : "Method by which a hash is derived", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, "required" : @@ -1224,35 +1168,27 @@ { "title" : "Publication Timestamp", "description" : "The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", "$id" : "#field_oscal-metadata_published", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-component-definition-oscal-metadata:last-modified" : { "title" : "Last Modified Timestamp", "description" : "The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", "$id" : "#field_oscal-metadata_last-modified", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-component-definition-oscal-metadata:version" : { "title" : "Document Version", "description" : "A string used to distinguish the current version of the document from other previous (and future) versions.", "$id" : "#field_oscal-metadata_version", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-component-definition-oscal-metadata:oscal-version" : { "title" : "OSCAL version", "description" : "The OSCAL model version the document was authored against.", "$id" : "#field_oscal-metadata_oscal-version", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-component-definition-oscal-metadata:email-address" : { "title" : "Email Address", "description" : "An email address as defined by RFC 5322 Section 3.4.1.", "$id" : "#field_oscal-metadata_email-address", - "type" : "string", - "format" : "email", - "pattern" : "^.+@.+$" }, + "$ref" : "#/definitions/EmailAddressDatatype" }, "oscal-component-definition-oscal-metadata:telephone-number" : { "title" : "Telephone Number", "description" : "Contact number by telephone.", @@ -1262,8 +1198,7 @@ { "type" : { "title" : "type flag", "description" : "Indicates the type of phone number.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "number" : { "type" : "string" } }, "required" : @@ -1278,8 +1213,7 @@ { "type" : { "title" : "Address Type", "description" : "Indicates the type of address.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "addr-lines" : { "type" : "array", "minItems" : 1, @@ -1288,30 +1222,25 @@ "city" : { "title" : "City", "description" : "City, town or geographical region for the mailing address.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "state" : { "title" : "State", "description" : "State, province or analogous geographical region for mailing address", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "postal-code" : { "title" : "Postal Code", "description" : "Postal or ZIP code for mailing address", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "country" : { "title" : "Country Code", "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } }, + "$ref" : "#/definitions/StringDatatype" } }, "additionalProperties" : false }, "oscal-component-definition-oscal-metadata:addr-line" : { "title" : "Address line", "description" : "A single line of an address.", "$id" : "#field_oscal-metadata_addr-line", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-component-definition-oscal-metadata:document-id" : { "title" : "Document Identifier", "description" : "A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of \"document-id\" is equal to the value of the \"uuid\" flag of the top-level root element.", @@ -1321,9 +1250,7 @@ { "scheme" : { "title" : "Document Identification Scheme", "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "identifier" : { "type" : "string" } }, "required" : @@ -1338,24 +1265,19 @@ { "id" : { "title" : "Part Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "name" : { "title" : "Part Name", "description" : "A textual label that uniquely identifies the part's semantic type.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "ns" : { "title" : "Part Namespace", "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "class" : { "title" : "Part Class", "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Part Title", "description" : "A name given to the part, which may be used by a tool for display and navigation.", @@ -1391,18 +1313,15 @@ { "id" : { "title" : "Parameter Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Parameter Class", "description" : "A textual label that provides a characterization of the parameter.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "depends-on" : { "title" : "Depends on", "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1464,8 +1383,7 @@ { "expression" : { "title" : "Constraint test", "description" : "A formal (executable) expression of a constraint", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1489,8 +1407,7 @@ { "title" : "Parameter Value", "description" : "A parameter value or set of values.", "$id" : "#field_oscal-catalog-common_parameter-value", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-component-definition-oscal-catalog-common:parameter-selection" : { "title" : "Selection", "description" : "Presenting a choice among alternatives", @@ -1500,11 +1417,13 @@ { "how-many" : { "title" : "Parameter Cardinality", "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "one", - "one-or-more" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "one", + "one-or-more" ] } ] }, "choice" : { "type" : "array", "minItems" : 1, @@ -1518,7 +1437,45 @@ "description" : "Include all controls from the imported catalog or profile resources.", "$id" : "#assembly_oscal-catalog-common_include-all", "type" : "object", - "additionalProperties" : false } }, + "additionalProperties" : false }, + "Base64Datatype" : + { "type" : "string", + "pattern" : "^[0-9A-Fa-f]+$", + "contentEncoding" : "base64" }, + "DateTimeWithTimezoneDatatype" : + { "type" : "string", + "format" : "date-time", + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "EmailAddressDatatype" : + { "type" : "string", + "format" : "email", + "pattern" : "^.+@.+$" }, + "IntegerDatatype" : + { "type" : "integer" }, + "NonNegativeIntegerDatatype" : + { "allOf" : + [ + { "$ref" : "#/definitions/IntegerDatatype" }, + + { "minimum" : 0, + "type" : "number" } ] }, + "StringDatatype" : + { "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "TokenDatatype" : + { "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "URIDatatype" : + { "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "URIReferenceDatatype" : + { "type" : "string", + "format" : "uri-reference" }, + "UUIDDatatype" : + { "type" : "string", + "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, "properties" : { "component-definition" : { "$ref" : "#assembly_oscal-component-definition_component-definition" } }, diff --git a/json/schema/oscal_mapping_schema.json b/json/schema/oscal_mapping_schema.json index 9b41f3cd0e..bf7c2493fb 100644 --- a/json/schema/oscal_mapping_schema.json +++ b/json/schema/oscal_mapping_schema.json @@ -13,8 +13,7 @@ { "uuid" : { "title" : "Mapping Collection Universally Unique Identifier", "description" : "A globally unique identifier with cross-instance scope for this catalog instance. This UUID should be changed when this document is revised.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "metadata" : { "$ref" : "#assembly_oscal-metadata_metadata" }, "mappings" : @@ -42,8 +41,7 @@ { "uuid" : { "title" : "Mapping Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "source-resource" : { "$ref" : "#assembly_oscal-mapping-common_mapping-resource-reference" }, "target-resource" : @@ -167,8 +165,7 @@ { "uuid" : { "title" : "Location Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Location Title", "description" : "A name given to the location, which may be used by a tool for display and navigation.", @@ -191,9 +188,7 @@ "items" : { "title" : "Location URL", "description" : "The uniform resource locator (URL) for a web site or Internet presence associated with the location.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" } }, + "$ref" : "#/definitions/URIDatatype" } }, "props" : { "type" : "array", "minItems" : 1, @@ -214,8 +209,7 @@ { "title" : "Location Reference", "description" : "A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", "$id" : "#field_oscal-metadata_location-uuid", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "oscal-mapping-oscal-metadata:party" : { "title" : "Party (organization or person)", "description" : "A responsible entity which is either a person or an organization.", @@ -225,26 +219,25 @@ { "uuid" : { "title" : "Party Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Party Type", "description" : "A category describing the kind of party the object describes.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$", - "enum" : - [ "person", - "organization" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, "name" : { "title" : "Party Name", "description" : "The full name of the party. This is typically the legal name associated with the party.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "short-name" : { "title" : "Party Short Name", "description" : "A short common name, abbreviation, or acronym for the party.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "external-ids" : { "type" : "array", "minItems" : 1, @@ -256,9 +249,7 @@ { "scheme" : { "title" : "External Identifier Schema", "description" : "Indicates the type of external identifier.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "id" : { "type" : "string" } }, "required" : @@ -301,8 +292,7 @@ "items" : { "title" : "Organizational Affiliation", "description" : "A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -313,8 +303,7 @@ { "title" : "Party Reference", "description" : "A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", "$id" : "#field_oscal-metadata_party-uuid", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "oscal-mapping-oscal-metadata:role" : { "title" : "Role", "description" : "Defines a function assumed or expected to be assumed by a party in a specific situation.", @@ -324,8 +313,7 @@ { "id" : { "title" : "Role Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Role Title", "description" : "A name given to the role, which may be used by a tool for display and navigation.", @@ -333,8 +321,7 @@ "short-name" : { "title" : "Role Short Name", "description" : "A short common name, abbreviation, or acronym for the role.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "description" : { "title" : "Role Description", "description" : "A summary of the role's purpose and associated responsibilities.", @@ -359,8 +346,7 @@ { "title" : "Role Identifier Reference", "description" : "A human-oriented identifier reference to roles served by the user.", "$id" : "#field_oscal-metadata_role-id", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "oscal-mapping-oscal-metadata:back-matter" : { "title" : "Back matter", "description" : "A collection of resources, which may be included directly or by reference.", @@ -378,8 +364,7 @@ { "uuid" : { "title" : "Resource Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Resource Title", "description" : "A name given to the resource, which may be used by a tool for display and navigation.", @@ -431,13 +416,11 @@ { "href" : { "title" : "Hypertext Reference", "description" : "A resolvable URI reference to a resource.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "hashes" : { "type" : "array", "minItems" : 1, @@ -454,13 +437,11 @@ { "filename" : { "title" : "File Name", "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, "required" : @@ -481,29 +462,23 @@ { "name" : { "title" : "Property Name", "description" : "A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "uuid" : { "title" : "Property Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "ns" : { "title" : "Property Namespace", "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "value" : { "title" : "Property Value", "description" : "Indicates the value of the attribute, characteristic, or quality.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "class" : { "title" : "Property Class", "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -519,18 +494,15 @@ { "href" : { "title" : "Hypertext Reference", "description" : "A resolvable URL reference to a resource.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "rel" : { "title" : "Relation", "description" : "Describes the type of relationship provided by the link. This can be an indicator of the link's purpose.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", @@ -547,8 +519,7 @@ { "role-id" : { "title" : "Responsible Role", "description" : "A human-oriented identifier reference to roles served by the user.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "party-uuids" : { "type" : "array", "minItems" : 1, @@ -579,8 +550,7 @@ { "role-id" : { "title" : "Responsible Role ID", "description" : "A human-oriented identifier reference to roles responsible for the business function.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -610,8 +580,7 @@ { "algorithm" : { "title" : "Hash algorithm", "description" : "Method by which a hash is derived", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, "required" : @@ -627,35 +596,27 @@ { "title" : "Publication Timestamp", "description" : "The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", "$id" : "#field_oscal-metadata_published", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-mapping-oscal-metadata:last-modified" : { "title" : "Last Modified Timestamp", "description" : "The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", "$id" : "#field_oscal-metadata_last-modified", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-mapping-oscal-metadata:version" : { "title" : "Document Version", "description" : "A string used to distinguish the current version of the document from other previous (and future) versions.", "$id" : "#field_oscal-metadata_version", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-mapping-oscal-metadata:oscal-version" : { "title" : "OSCAL version", "description" : "The OSCAL model version the document was authored against.", "$id" : "#field_oscal-metadata_oscal-version", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-mapping-oscal-metadata:email-address" : { "title" : "Email Address", "description" : "An email address as defined by RFC 5322 Section 3.4.1.", "$id" : "#field_oscal-metadata_email-address", - "type" : "string", - "format" : "email", - "pattern" : "^.+@.+$" }, + "$ref" : "#/definitions/EmailAddressDatatype" }, "oscal-mapping-oscal-metadata:telephone-number" : { "title" : "Telephone Number", "description" : "Contact number by telephone.", @@ -665,8 +626,7 @@ { "type" : { "title" : "type flag", "description" : "Indicates the type of phone number.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "number" : { "type" : "string" } }, "required" : @@ -681,8 +641,7 @@ { "type" : { "title" : "Address Type", "description" : "Indicates the type of address.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "addr-lines" : { "type" : "array", "minItems" : 1, @@ -691,30 +650,25 @@ "city" : { "title" : "City", "description" : "City, town or geographical region for the mailing address.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "state" : { "title" : "State", "description" : "State, province or analogous geographical region for mailing address", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "postal-code" : { "title" : "Postal Code", "description" : "Postal or ZIP code for mailing address", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "country" : { "title" : "Country Code", "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } }, + "$ref" : "#/definitions/StringDatatype" } }, "additionalProperties" : false }, "oscal-mapping-oscal-metadata:addr-line" : { "title" : "Address line", "description" : "A single line of an address.", "$id" : "#field_oscal-metadata_addr-line", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-mapping-oscal-metadata:document-id" : { "title" : "Document Identifier", "description" : "A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of \"document-id\" is equal to the value of the \"uuid\" flag of the top-level root element.", @@ -724,9 +678,7 @@ { "scheme" : { "title" : "Document Identification Scheme", "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "identifier" : { "type" : "string" } }, "required" : @@ -741,8 +693,7 @@ { "uuid" : { "title" : "Mapping Entry Identifier", "description" : "The unique identifier for the mapping entry.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -761,9 +712,7 @@ { "ns" : { "title" : "Relationship Value Namespace", "description" : "A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "STRVALUE" : { "type" : "string" } }, "required" : @@ -802,16 +751,17 @@ { "type" : { "title" : "Subject Type", "description" : "The semantic type of the subject.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "control", - "statement" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "control", + "statement" ] } ] }, "id-ref" : { "title" : "Subject Type", "description" : "The semantic type of the subject.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -837,15 +787,16 @@ { "type" : { "title" : "Resource Type", "description" : "The semantic type of the resource.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "catalog" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "catalog" ] } ] }, "href" : { "title" : "Catalog or Profile Reference", "description" : "A resolvable URL reference to the base catalog or profile that this profile is tailoring.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -861,7 +812,36 @@ "required" : [ "type", "href" ], - "additionalProperties" : false } }, + "additionalProperties" : false }, + "Base64Datatype" : + { "type" : "string", + "pattern" : "^[0-9A-Fa-f]+$", + "contentEncoding" : "base64" }, + "DateTimeWithTimezoneDatatype" : + { "type" : "string", + "format" : "date-time", + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "EmailAddressDatatype" : + { "type" : "string", + "format" : "email", + "pattern" : "^.+@.+$" }, + "StringDatatype" : + { "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "TokenDatatype" : + { "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "URIDatatype" : + { "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "URIReferenceDatatype" : + { "type" : "string", + "format" : "uri-reference" }, + "UUIDDatatype" : + { "type" : "string", + "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, "properties" : { "mapping-collection" : { "$ref" : "#assembly_oscal-mapping_mapping-collection" } }, diff --git a/json/schema/oscal_poam_schema.json b/json/schema/oscal_poam_schema.json index 125ed58663..3ceab3f009 100644 --- a/json/schema/oscal_poam_schema.json +++ b/json/schema/oscal_poam_schema.json @@ -13,8 +13,7 @@ { "uuid" : { "title" : "POA&M Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with instancescope that can be used to reference this POA&M instance in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "metadata" : { "$ref" : "#assembly_oscal-metadata_metadata" }, "import-ssp" : @@ -73,8 +72,7 @@ { "uuid" : { "title" : "POA&M Item Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with instance scope that can be used to reference this POA&M item entry in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "POA&M Item Title", "description" : "The title or name for this POA&M item .", @@ -120,8 +118,7 @@ { "observation-uuid" : { "title" : "Observation Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "required" : [ "observation-uuid" ], "additionalProperties" : false } }, @@ -136,8 +133,7 @@ { "risk-uuid" : { "title" : "Risk Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a risk defined in the list of risks.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "required" : [ "risk-uuid" ], "additionalProperties" : false } }, @@ -255,8 +251,7 @@ { "uuid" : { "title" : "Location Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Location Title", "description" : "A name given to the location, which may be used by a tool for display and navigation.", @@ -279,9 +274,7 @@ "items" : { "title" : "Location URL", "description" : "The uniform resource locator (URL) for a web site or Internet presence associated with the location.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" } }, + "$ref" : "#/definitions/URIDatatype" } }, "props" : { "type" : "array", "minItems" : 1, @@ -302,8 +295,7 @@ { "title" : "Location Reference", "description" : "A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", "$id" : "#field_oscal-metadata_location-uuid", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "oscal-poam-oscal-metadata:party" : { "title" : "Party (organization or person)", "description" : "A responsible entity which is either a person or an organization.", @@ -313,26 +305,25 @@ { "uuid" : { "title" : "Party Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Party Type", "description" : "A category describing the kind of party the object describes.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$", - "enum" : - [ "person", - "organization" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, "name" : { "title" : "Party Name", "description" : "The full name of the party. This is typically the legal name associated with the party.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "short-name" : { "title" : "Party Short Name", "description" : "A short common name, abbreviation, or acronym for the party.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "external-ids" : { "type" : "array", "minItems" : 1, @@ -344,9 +335,7 @@ { "scheme" : { "title" : "External Identifier Schema", "description" : "Indicates the type of external identifier.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "id" : { "type" : "string" } }, "required" : @@ -389,8 +378,7 @@ "items" : { "title" : "Organizational Affiliation", "description" : "A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -401,8 +389,7 @@ { "title" : "Party Reference", "description" : "A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", "$id" : "#field_oscal-metadata_party-uuid", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "oscal-poam-oscal-metadata:role" : { "title" : "Role", "description" : "Defines a function assumed or expected to be assumed by a party in a specific situation.", @@ -412,8 +399,7 @@ { "id" : { "title" : "Role Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Role Title", "description" : "A name given to the role, which may be used by a tool for display and navigation.", @@ -421,8 +407,7 @@ "short-name" : { "title" : "Role Short Name", "description" : "A short common name, abbreviation, or acronym for the role.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "description" : { "title" : "Role Description", "description" : "A summary of the role's purpose and associated responsibilities.", @@ -447,8 +432,7 @@ { "title" : "Role Identifier Reference", "description" : "A human-oriented identifier reference to roles served by the user.", "$id" : "#field_oscal-metadata_role-id", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "oscal-poam-oscal-metadata:back-matter" : { "title" : "Back matter", "description" : "A collection of resources, which may be included directly or by reference.", @@ -466,8 +450,7 @@ { "uuid" : { "title" : "Resource Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Resource Title", "description" : "A name given to the resource, which may be used by a tool for display and navigation.", @@ -519,13 +502,11 @@ { "href" : { "title" : "Hypertext Reference", "description" : "A resolvable URI reference to a resource.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "hashes" : { "type" : "array", "minItems" : 1, @@ -542,13 +523,11 @@ { "filename" : { "title" : "File Name", "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, "required" : @@ -569,29 +548,23 @@ { "name" : { "title" : "Property Name", "description" : "A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "uuid" : { "title" : "Property Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "ns" : { "title" : "Property Namespace", "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "value" : { "title" : "Property Value", "description" : "Indicates the value of the attribute, characteristic, or quality.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "class" : { "title" : "Property Class", "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -607,18 +580,15 @@ { "href" : { "title" : "Hypertext Reference", "description" : "A resolvable URL reference to a resource.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "rel" : { "title" : "Relation", "description" : "Describes the type of relationship provided by the link. This can be an indicator of the link's purpose.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", @@ -635,8 +605,7 @@ { "role-id" : { "title" : "Responsible Role", "description" : "A human-oriented identifier reference to roles served by the user.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "party-uuids" : { "type" : "array", "minItems" : 1, @@ -667,8 +636,7 @@ { "role-id" : { "title" : "Responsible Role ID", "description" : "A human-oriented identifier reference to roles responsible for the business function.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -698,8 +666,7 @@ { "algorithm" : { "title" : "Hash algorithm", "description" : "Method by which a hash is derived", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, "required" : @@ -715,35 +682,27 @@ { "title" : "Publication Timestamp", "description" : "The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", "$id" : "#field_oscal-metadata_published", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-poam-oscal-metadata:last-modified" : { "title" : "Last Modified Timestamp", "description" : "The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", "$id" : "#field_oscal-metadata_last-modified", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-poam-oscal-metadata:version" : { "title" : "Document Version", "description" : "A string used to distinguish the current version of the document from other previous (and future) versions.", "$id" : "#field_oscal-metadata_version", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-poam-oscal-metadata:oscal-version" : { "title" : "OSCAL version", "description" : "The OSCAL model version the document was authored against.", "$id" : "#field_oscal-metadata_oscal-version", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-poam-oscal-metadata:email-address" : { "title" : "Email Address", "description" : "An email address as defined by RFC 5322 Section 3.4.1.", "$id" : "#field_oscal-metadata_email-address", - "type" : "string", - "format" : "email", - "pattern" : "^.+@.+$" }, + "$ref" : "#/definitions/EmailAddressDatatype" }, "oscal-poam-oscal-metadata:telephone-number" : { "title" : "Telephone Number", "description" : "Contact number by telephone.", @@ -753,8 +712,7 @@ { "type" : { "title" : "type flag", "description" : "Indicates the type of phone number.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "number" : { "type" : "string" } }, "required" : @@ -769,8 +727,7 @@ { "type" : { "title" : "Address Type", "description" : "Indicates the type of address.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "addr-lines" : { "type" : "array", "minItems" : 1, @@ -779,30 +736,25 @@ "city" : { "title" : "City", "description" : "City, town or geographical region for the mailing address.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "state" : { "title" : "State", "description" : "State, province or analogous geographical region for mailing address", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "postal-code" : { "title" : "Postal Code", "description" : "Postal or ZIP code for mailing address", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "country" : { "title" : "Country Code", "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } }, + "$ref" : "#/definitions/StringDatatype" } }, "additionalProperties" : false }, "oscal-poam-oscal-metadata:addr-line" : { "title" : "Address line", "description" : "A single line of an address.", "$id" : "#field_oscal-metadata_addr-line", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-poam-oscal-metadata:document-id" : { "title" : "Document Identifier", "description" : "A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of \"document-id\" is equal to the value of the \"uuid\" flag of the top-level root element.", @@ -812,9 +764,7 @@ { "scheme" : { "title" : "Document Identification Scheme", "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "identifier" : { "type" : "string" } }, "required" : @@ -829,13 +779,11 @@ { "uuid" : { "title" : "Component Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Component Type", "description" : "A category describing the purpose of the component.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "title" : { "title" : "Component Title", "description" : "A human readable name for the system component.", @@ -866,13 +814,15 @@ { "state" : { "title" : "State", "description" : "The operational status.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "under-development", - "operational", - "disposition", - "other" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "under-development", + "operational", + "disposition", + "other" ] } ] }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -906,13 +856,11 @@ { "uuid" : { "title" : "Service Protocol Information Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "name" : { "title" : "Protocol Name", "description" : "The common name of the protocol, which should be the appropriate \"service name\" from the IANA Service Name and Transport Protocol Port Number Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "title" : { "title" : "Protocol Title", "description" : "A human readable name for the protocol (e.g., Transport Layer Security).", @@ -934,23 +882,21 @@ { "start" : { "title" : "Start", "description" : "Indicates the starting port number in a port range", - "type" : "integer", - "multipleOf" : 1, - "minimum" : 0 }, + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, "end" : { "title" : "End", "description" : "Indicates the ending port number in a port range", - "type" : "integer", - "multipleOf" : 1, - "minimum" : 0 }, + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, "transport" : { "title" : "Transport", "description" : "Indicates the transport type.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "TCP", - "UDP" ] } }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "TCP", + "UDP" ] } ] } }, "additionalProperties" : false }, "oscal-poam-oscal-implementation-common:implementation-status" : { "title" : "Implementation Status", @@ -961,8 +907,7 @@ { "state" : { "title" : "Implementation State", "description" : "Identifies the implementation status of the control or control objective.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -977,8 +922,7 @@ { "uuid" : { "title" : "User Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "User Title", "description" : "A name given to the user, which may be used by a tool for display and navigation.", @@ -986,8 +930,7 @@ "short-name" : { "title" : "User Short Name", "description" : "A short common name, abbreviation, or acronym for the user.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "description" : { "title" : "User Description", "description" : "A summary of the user's purpose within the system.", @@ -1044,8 +987,7 @@ { "title" : "Functions Performed", "description" : "Describes a function performed for a given authorized privilege by this user class.", "$id" : "#field_oscal-implementation-common_function-performed", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-poam-oscal-implementation-common:inventory-item" : { "title" : "Inventory Item", "description" : "A single managed inventory item within the system.", @@ -1055,8 +997,7 @@ { "uuid" : { "title" : "Inventory Item Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Inventory Item Description", "description" : "A summary of the inventory item stating its purpose within the system.", @@ -1087,8 +1028,7 @@ { "component-uuid" : { "title" : "Component Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1124,16 +1064,14 @@ { "param-id" : { "title" : "Parameter ID", "description" : "A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "values" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Parameter Value", "description" : "A parameter value or set of values.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } }, + "$ref" : "#/definitions/StringDatatype" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1149,9 +1087,7 @@ { "identifier-type" : { "title" : "Identification System Type", "description" : "Identifies the identification system from which the provided identifier was assigned.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "id" : { "type" : "string" } }, "required" : @@ -1166,24 +1102,19 @@ { "id" : { "title" : "Part Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "name" : { "title" : "Part Name", "description" : "A textual label that uniquely identifies the part's semantic type.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "ns" : { "title" : "Part Namespace", "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "class" : { "title" : "Part Class", "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Part Title", "description" : "A name given to the part, which may be used by a tool for display and navigation.", @@ -1219,18 +1150,15 @@ { "id" : { "title" : "Parameter Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Parameter Class", "description" : "A textual label that provides a characterization of the parameter.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "depends-on" : { "title" : "Depends on", "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1292,8 +1220,7 @@ { "expression" : { "title" : "Constraint test", "description" : "A formal (executable) expression of a constraint", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1317,8 +1244,7 @@ { "title" : "Parameter Value", "description" : "A parameter value or set of values.", "$id" : "#field_oscal-catalog-common_parameter-value", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-poam-oscal-catalog-common:parameter-selection" : { "title" : "Selection", "description" : "Presenting a choice among alternatives", @@ -1328,11 +1254,13 @@ { "how-many" : { "title" : "Parameter Cardinality", "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "one", - "one-or-more" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "one", + "one-or-more" ] } ] }, "choice" : { "type" : "array", "minItems" : 1, @@ -1356,8 +1284,7 @@ { "href" : { "title" : "System Security Plan Reference", "description" : "A resolvable URL reference to the system security plan for the system being assessed.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1372,8 +1299,7 @@ { "control-id" : { "title" : "Control Identifier Reference", "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "description" : { "title" : "Objective Description", "description" : "A human-readable description of this control objective.", @@ -1408,8 +1334,7 @@ { "uuid" : { "title" : "Assessment Method Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Assessment Method Description", "description" : "A human-readable description of this assessment method.", @@ -1441,8 +1366,7 @@ { "uuid" : { "title" : "Assessment Activity Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Included Activity Title", "description" : "The title for this included activity.", @@ -1472,8 +1396,7 @@ { "uuid" : { "title" : "Step Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Step Title", "description" : "The title for this step.", @@ -1527,13 +1450,11 @@ { "uuid" : { "title" : "Task Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Task Type", "description" : "The type of task.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Task Title", "description" : "The title for this task.", @@ -1565,9 +1486,7 @@ { "date" : { "title" : "On Date Condition", "description" : "The task must occur on the specified date.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" } }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, "required" : [ "date" ], "additionalProperties" : false }, @@ -1579,15 +1498,11 @@ { "start" : { "title" : "Start Date Condition", "description" : "The task must occur on or after the specified date.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "end" : { "title" : "End Date Condition", "description" : "The task must occur on or before the specified date.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" } }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, "required" : [ "start", "end" ], @@ -1600,21 +1515,21 @@ { "period" : { "title" : "Period", "description" : "The task must occur after the specified period has elapsed.", - "type" : "integer", - "multipleOf" : 1, - "minimum" : 1 }, + "$ref" : "#/definitions/PositiveIntegerDatatype" }, "unit" : { "title" : "Time Unit", "description" : "The unit of time for the period.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$", - "enum" : - [ "seconds", - "minutes", - "hours", - "days", - "months", - "years" ] } }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "seconds", + "minutes", + "hours", + "days", + "months", + "years" ] } ] } }, "required" : [ "period", "unit" ], @@ -1631,8 +1546,7 @@ { "task-uuid" : { "title" : "Task Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a unique task.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1654,8 +1568,7 @@ { "activity-uuid" : { "title" : "Activity Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to an activity defined in the list of activities.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1807,16 +1720,14 @@ { "control-id" : { "title" : "Control Identifier Reference", "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "statement-ids" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Include Specific Statements", "description" : "Used to constrain the selection to only specificity identified statements.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" } } }, + "$ref" : "#/definitions/TokenDatatype" } } }, "required" : [ "control-id" ], "additionalProperties" : false }, @@ -1829,8 +1740,7 @@ { "objective-id" : { "title" : "Objective ID", "description" : "Points to an assessment objective.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" } }, + "$ref" : "#/definitions/TokenDatatype" } }, "required" : [ "objective-id" ], "additionalProperties" : false }, @@ -1843,8 +1753,7 @@ { "uuid" : { "title" : "Assessment Subject Placeholder Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Assessment Subject Placeholder Description", "description" : "A human-readable description of intent of this assessment subject placeholder.", @@ -1860,8 +1769,7 @@ { "task-uuid" : { "title" : "Task Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "required" : [ "task-uuid" ], "additionalProperties" : false } }, @@ -1890,8 +1798,7 @@ { "type" : { "title" : "Subject Type", "description" : "Indicates the type of assessment subject, such as a component, inventory, item, location, or party represented by this selection statement.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "description" : { "title" : "Include Subjects Description", "description" : "A human-readable description of the collection of subjects being included in this assessment.", @@ -1932,13 +1839,11 @@ { "subject-uuid" : { "title" : "Subject Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Subject Universally Unique Identifier Reference Type", "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1964,13 +1869,11 @@ { "subject-uuid" : { "title" : "Subject Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Subject Universally Unique Identifier Reference Type", "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Subject Reference Title", "description" : "The title or name for the referenced subject.", @@ -2013,8 +1916,7 @@ { "uuid" : { "title" : "Assessment Platform Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Assessment Platform Title", "description" : "The title or name for the assessment platform.", @@ -2040,8 +1942,7 @@ { "component-uuid" : { "title" : "Component Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -2079,16 +1980,17 @@ { "type" : { "title" : "Finding Target Type", "description" : "Identifies the type of the target.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$", - "enum" : - [ "statement-id", - "objective-id" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "statement-id", + "objective-id" ] } ] }, "target-id" : { "title" : "Finding Target Identifier Reference", "description" : "A machine-oriented identifier reference for a specific target qualified by the type.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Objective Status Title", "description" : "The title for this objective status.", @@ -2115,16 +2017,17 @@ { "state" : { "title" : "Objective Status State", "description" : "An indication as to whether the objective is satisfied or not.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "satisfied", - "not-satisfied" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "satisfied", + "not-satisfied" ] } ] }, "reason" : { "title" : "Objective Status Reason", "description" : "The reason the objective was given it's status.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -2148,8 +2051,7 @@ { "uuid" : { "title" : "Observation Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Observation Title", "description" : "The title for this observation.", @@ -2174,16 +2076,14 @@ "items" : { "title" : "Observation Method", "description" : "Identifies how the observation was made.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } }, + "$ref" : "#/definitions/StringDatatype" } }, "types" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Observation Type", "description" : "Identifies the nature of the observation. More than one may be used to further qualify and enable filtering.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" } }, + "$ref" : "#/definitions/TokenDatatype" } }, "origins" : { "type" : "array", "minItems" : 1, @@ -2205,8 +2105,7 @@ { "href" : { "title" : "Relevant Evidence Reference", "description" : "A resolvable URL reference to relevant evidence.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "description" : { "title" : "Relevant Evidence Description", "description" : "A human-readable description of this evidence.", @@ -2229,15 +2128,11 @@ "collected" : { "title" : "Collected Field", "description" : "Date/time stamp identifying when the finding information was collected.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "expires" : { "title" : "Expires Field", "description" : "Date/time identifying when the finding information is out-of-date and no longer valid. Typically used with continuous assessment scenarios.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -2274,22 +2169,22 @@ { "type" : { "title" : "Actor Type", "description" : "The kind of actor.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "tool", - "assessment-platform", - "party" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "tool", + "assessment-platform", + "party" ] } ] }, "actor-uuid" : { "title" : "Actor Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to the tool or person based on the associated type.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "role-id" : { "title" : "Actor Role", "description" : "For a party, this can optionally be used to specify the role the actor was performing.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -2313,8 +2208,7 @@ { "task-uuid" : { "title" : "Task Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a unique task.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -2343,8 +2237,7 @@ { "subject-placeholder-uuid" : { "title" : "Assessment Subject Placeholder Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "subjects" : { "type" : "array", "minItems" : 1, @@ -2368,14 +2261,11 @@ { "system" : { "title" : "Threat Type Identification System", "description" : "Specifies the source of the threat information.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "href" : { "title" : "Threat Information Resource Reference", "description" : "An optional location for the threat data, from which this ID originates.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "id" : { "type" : "string" } }, "required" : @@ -2391,8 +2281,7 @@ { "uuid" : { "title" : "Risk Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Risk Title", "description" : "The title for this risk.", @@ -2443,13 +2332,11 @@ { "uuid" : { "title" : "Mitigating Factor Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "implementation-uuid" : { "title" : "Implementation UUID", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Mitigating Factor Description", "description" : "A human-readable description of this mitigating factor.", @@ -2476,9 +2363,7 @@ "deadline" : { "title" : "Risk Resolution Deadline", "description" : "The date/time by which the risk must be resolved.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "remediations" : { "type" : "array", "minItems" : 1, @@ -2500,8 +2385,7 @@ { "uuid" : { "title" : "Risk Log Entry Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Title", "description" : "The title for this risk log entry.", @@ -2513,15 +2397,11 @@ "start" : { "title" : "Start", "description" : "Identifies the start date and time of the event.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "end" : { "title" : "End", "description" : "Identifies the end date and time of the event. If the event is a point in time, the start and end will be the same date and time.", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -2550,8 +2430,7 @@ { "response-uuid" : { "title" : "Response Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a unique risk response.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -2592,8 +2471,7 @@ { "observation-uuid" : { "title" : "Observation Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "required" : [ "observation-uuid" ], "additionalProperties" : false } } }, @@ -2613,13 +2491,11 @@ { "party-uuid" : { "title" : "Party UUID Reference", "description" : "A machine-oriented identifier reference to the party who is making the log entry.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "role-id" : { "title" : "Actor Role", "description" : "A point to the role-id of the role in which the party is making the log entry.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" } }, + "$ref" : "#/definitions/TokenDatatype" } }, "required" : [ "party-uuid" ], "additionalProperties" : false }, @@ -2627,8 +2503,7 @@ { "title" : "Risk Status", "description" : "Describes the status of the associated risk.", "$id" : "#field_oscal-assessment-common_risk-status", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "oscal-poam-oscal-assessment-common:characterization" : { "title" : "Characterization", "description" : "A collection of descriptive data about the containing object from a specific origin.", @@ -2658,19 +2533,15 @@ { "name" : { "title" : "Facet Name", "description" : "The name of the risk metric within the specified system.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "system" : { "title" : "Naming System", "description" : "Specifies the naming system under which this risk metric is organized, which allows for the same names to be used in different systems controlled by different parties. This avoids the potential of a name clash.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "value" : { "title" : "Facet Value", "description" : "Indicates the value of the facet.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -2701,13 +2572,11 @@ { "uuid" : { "title" : "Remediation Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "lifecycle" : { "title" : "Remediation Intent", "description" : "Identifies whether this is a recommendation, such as from an assessor or tool, or an actual plan accepted by the system owner.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Response Title", "description" : "The title for this response activity.", @@ -2742,8 +2611,7 @@ { "uuid" : { "title" : "Required Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "subjects" : { "type" : "array", "minItems" : 1, @@ -2795,24 +2663,19 @@ { "uuid" : { "title" : "Part Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "name" : { "title" : "Part Name", "description" : "A textual label that uniquely identifies the part's semantic type.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "ns" : { "title" : "Part Namespace", "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "class" : { "title" : "Part Class", "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Part Title", "description" : "A name given to the part, which may be used by a tool for display and navigation.", @@ -2838,7 +2701,52 @@ { "$ref" : "#assembly_oscal-metadata_link" } } }, "required" : [ "name" ], - "additionalProperties" : false } }, + "additionalProperties" : false }, + "Base64Datatype" : + { "type" : "string", + "pattern" : "^[0-9A-Fa-f]+$", + "contentEncoding" : "base64" }, + "DateTimeWithTimezoneDatatype" : + { "type" : "string", + "format" : "date-time", + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "EmailAddressDatatype" : + { "type" : "string", + "format" : "email", + "pattern" : "^.+@.+$" }, + "IntegerDatatype" : + { "type" : "integer" }, + "NonNegativeIntegerDatatype" : + { "allOf" : + [ + { "$ref" : "#/definitions/IntegerDatatype" }, + + { "minimum" : 0, + "type" : "number" } ] }, + "PositiveIntegerDatatype" : + { "allOf" : + [ + { "$ref" : "#/definitions/IntegerDatatype" }, + + { "minimum" : 1, + "type" : "number" } ] }, + "StringDatatype" : + { "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "TokenDatatype" : + { "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "URIDatatype" : + { "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "URIReferenceDatatype" : + { "type" : "string", + "format" : "uri-reference" }, + "UUIDDatatype" : + { "type" : "string", + "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, "properties" : { "plan-of-action-and-milestones" : { "$ref" : "#assembly_oscal-poam_plan-of-action-and-milestones" } }, diff --git a/json/schema/oscal_profile_schema.json b/json/schema/oscal_profile_schema.json index 6c9724de11..7c782b5961 100644 --- a/json/schema/oscal_profile_schema.json +++ b/json/schema/oscal_profile_schema.json @@ -13,8 +13,7 @@ { "uuid" : { "title" : "Profile Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this profile elsewhere in this or other OSCAL instances. The locally defined UUID of the profile can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This identifier should be assigned per-subject, which means it should be consistently used to identify the same profile across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "metadata" : { "$ref" : "#assembly_oscal-metadata_metadata" }, "imports" : @@ -42,8 +41,7 @@ { "href" : { "title" : "Catalog or Profile Reference", "description" : "A resolvable URL reference to the base catalog or profile that this profile is tailoring.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "include-all" : { "$ref" : "#assembly_oscal-catalog-common_include-all" }, "include-controls" : @@ -73,12 +71,14 @@ { "method" : { "title" : "Combination method", "description" : "How clashing controls should be handled", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$", - "enum" : - [ "use-first", - "merge", - "keep" ] } }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "use-first", + "merge", + "keep" ] } ] } }, "additionalProperties" : false }, "flat" : { "title" : "Flat", @@ -88,7 +88,7 @@ "as-is" : { "title" : "As-Is Structuring Directive", "description" : "An As-is element indicates that the controls should be structured in resolution as they are structured in their source catalogs. It does not contain any elements or attributes.", - "type" : "boolean" }, + "$ref" : "#/definitions/BooleanDatatype" }, "custom" : { "title" : "Custom grouping", "description" : "A Custom element frames a structure for embedding represented controls in resolution.", @@ -115,13 +115,11 @@ { "id" : { "title" : "Group Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Group Class", "description" : "A textual label that provides a sub-type or characterization of the group.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Group Title", "description" : "A name given to the group, which may be used by a tool for display and navigation.", @@ -176,18 +174,15 @@ { "param-id" : { "title" : "Parameter ID", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Parameter Class", "description" : "A textual label that provides a characterization of the parameter.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "depends-on" : { "title" : "Depends on", "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -241,12 +236,14 @@ { "order" : { "title" : "Order", "description" : "A designation of how a selection of controls in a profile is to be ordered.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "keep", - "ascending", - "descending" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "keep", + "ascending", + "descending" ] } ] }, "include-all" : { "$ref" : "#assembly_oscal-catalog-common_include-all" }, "include-controls" : @@ -269,19 +266,20 @@ { "with-child-controls" : { "title" : "Include contained controls with control", "description" : "When a control is included, whether its child (dependent) controls are also included.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "yes", - "no" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "yes", + "no" ] } ] }, "with-ids" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Match Controls by Identifier", "description" : "", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" } }, + "$ref" : "#/definitions/TokenDatatype" } }, "matching" : { "type" : "array", "minItems" : 1, @@ -293,8 +291,7 @@ { "pattern" : { "title" : "Pattern", "description" : "A glob expression matching the IDs of one or more controls to be selected.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } }, + "$ref" : "#/definitions/StringDatatype" } }, "additionalProperties" : false } } }, "additionalProperties" : false }, "oscal-profile-oscal-profile:alter" : @@ -306,8 +303,7 @@ { "control-id" : { "title" : "Control Identifier Reference", "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "removes" : { "type" : "array", "minItems" : 1, @@ -330,28 +326,23 @@ { "by-name" : { "title" : "Reference by (assigned) name", "description" : "Identify items to remove by matching their assigned name", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "by-class" : { "title" : "Reference by class", "description" : "Identify items to remove by matching their class.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "by-id" : { "title" : "Reference by ID", "description" : "Identify items to remove indicated by their id.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "by-item-name" : { "title" : "Item Name Reference", "description" : "Identify items to remove by the name of the item's information element name, e.g. title or prop", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "by-ns" : { "title" : "Item Namespace Reference", "description" : "Identify items to remove by the item's ns, which is the namespace associated with a part, or prop.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" } }, + "$ref" : "#/definitions/TokenDatatype" } }, "additionalProperties" : false }, "oscal-profile-oscal-profile:add" : { "title" : "Addition", @@ -362,18 +353,19 @@ { "position" : { "title" : "Position", "description" : "Where to add the new content with respect to the targeted element (beside it or inside it)", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "before", - "after", - "starting", - "ending" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "before", + "after", + "starting", + "ending" ] } ] }, "by-id" : { "title" : "Reference by ID", "description" : "Target location of the addition.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Title Change", "description" : "A name given to the control, which may be used by a tool for display and navigation.", @@ -507,8 +499,7 @@ { "uuid" : { "title" : "Location Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Location Title", "description" : "A name given to the location, which may be used by a tool for display and navigation.", @@ -531,9 +522,7 @@ "items" : { "title" : "Location URL", "description" : "The uniform resource locator (URL) for a web site or Internet presence associated with the location.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" } }, + "$ref" : "#/definitions/URIDatatype" } }, "props" : { "type" : "array", "minItems" : 1, @@ -554,8 +543,7 @@ { "title" : "Location Reference", "description" : "A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", "$id" : "#field_oscal-metadata_location-uuid", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "oscal-profile-oscal-metadata:party" : { "title" : "Party (organization or person)", "description" : "A responsible entity which is either a person or an organization.", @@ -565,26 +553,25 @@ { "uuid" : { "title" : "Party Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Party Type", "description" : "A category describing the kind of party the object describes.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$", - "enum" : - [ "person", - "organization" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, "name" : { "title" : "Party Name", "description" : "The full name of the party. This is typically the legal name associated with the party.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "short-name" : { "title" : "Party Short Name", "description" : "A short common name, abbreviation, or acronym for the party.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "external-ids" : { "type" : "array", "minItems" : 1, @@ -596,9 +583,7 @@ { "scheme" : { "title" : "External Identifier Schema", "description" : "Indicates the type of external identifier.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "id" : { "type" : "string" } }, "required" : @@ -641,8 +626,7 @@ "items" : { "title" : "Organizational Affiliation", "description" : "A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -653,8 +637,7 @@ { "title" : "Party Reference", "description" : "A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", "$id" : "#field_oscal-metadata_party-uuid", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "oscal-profile-oscal-metadata:role" : { "title" : "Role", "description" : "Defines a function assumed or expected to be assumed by a party in a specific situation.", @@ -664,8 +647,7 @@ { "id" : { "title" : "Role Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Role Title", "description" : "A name given to the role, which may be used by a tool for display and navigation.", @@ -673,8 +655,7 @@ "short-name" : { "title" : "Role Short Name", "description" : "A short common name, abbreviation, or acronym for the role.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "description" : { "title" : "Role Description", "description" : "A summary of the role's purpose and associated responsibilities.", @@ -699,8 +680,7 @@ { "title" : "Role Identifier Reference", "description" : "A human-oriented identifier reference to roles served by the user.", "$id" : "#field_oscal-metadata_role-id", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "oscal-profile-oscal-metadata:back-matter" : { "title" : "Back matter", "description" : "A collection of resources, which may be included directly or by reference.", @@ -718,8 +698,7 @@ { "uuid" : { "title" : "Resource Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Resource Title", "description" : "A name given to the resource, which may be used by a tool for display and navigation.", @@ -771,13 +750,11 @@ { "href" : { "title" : "Hypertext Reference", "description" : "A resolvable URI reference to a resource.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "hashes" : { "type" : "array", "minItems" : 1, @@ -794,13 +771,11 @@ { "filename" : { "title" : "File Name", "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, "required" : @@ -821,29 +796,23 @@ { "name" : { "title" : "Property Name", "description" : "A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "uuid" : { "title" : "Property Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "ns" : { "title" : "Property Namespace", "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "value" : { "title" : "Property Value", "description" : "Indicates the value of the attribute, characteristic, or quality.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "class" : { "title" : "Property Class", "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -859,18 +828,15 @@ { "href" : { "title" : "Hypertext Reference", "description" : "A resolvable URL reference to a resource.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "rel" : { "title" : "Relation", "description" : "Describes the type of relationship provided by the link. This can be an indicator of the link's purpose.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", @@ -887,8 +853,7 @@ { "role-id" : { "title" : "Responsible Role", "description" : "A human-oriented identifier reference to roles served by the user.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "party-uuids" : { "type" : "array", "minItems" : 1, @@ -919,8 +884,7 @@ { "role-id" : { "title" : "Responsible Role ID", "description" : "A human-oriented identifier reference to roles responsible for the business function.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -950,8 +914,7 @@ { "algorithm" : { "title" : "Hash algorithm", "description" : "Method by which a hash is derived", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, "required" : @@ -967,35 +930,27 @@ { "title" : "Publication Timestamp", "description" : "The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", "$id" : "#field_oscal-metadata_published", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-profile-oscal-metadata:last-modified" : { "title" : "Last Modified Timestamp", "description" : "The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", "$id" : "#field_oscal-metadata_last-modified", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-profile-oscal-metadata:version" : { "title" : "Document Version", "description" : "A string used to distinguish the current version of the document from other previous (and future) versions.", "$id" : "#field_oscal-metadata_version", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-profile-oscal-metadata:oscal-version" : { "title" : "OSCAL version", "description" : "The OSCAL model version the document was authored against.", "$id" : "#field_oscal-metadata_oscal-version", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-profile-oscal-metadata:email-address" : { "title" : "Email Address", "description" : "An email address as defined by RFC 5322 Section 3.4.1.", "$id" : "#field_oscal-metadata_email-address", - "type" : "string", - "format" : "email", - "pattern" : "^.+@.+$" }, + "$ref" : "#/definitions/EmailAddressDatatype" }, "oscal-profile-oscal-metadata:telephone-number" : { "title" : "Telephone Number", "description" : "Contact number by telephone.", @@ -1005,8 +960,7 @@ { "type" : { "title" : "type flag", "description" : "Indicates the type of phone number.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "number" : { "type" : "string" } }, "required" : @@ -1021,8 +975,7 @@ { "type" : { "title" : "Address Type", "description" : "Indicates the type of address.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "addr-lines" : { "type" : "array", "minItems" : 1, @@ -1031,30 +984,25 @@ "city" : { "title" : "City", "description" : "City, town or geographical region for the mailing address.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "state" : { "title" : "State", "description" : "State, province or analogous geographical region for mailing address", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "postal-code" : { "title" : "Postal Code", "description" : "Postal or ZIP code for mailing address", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "country" : { "title" : "Country Code", "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } }, + "$ref" : "#/definitions/StringDatatype" } }, "additionalProperties" : false }, "oscal-profile-oscal-metadata:addr-line" : { "title" : "Address line", "description" : "A single line of an address.", "$id" : "#field_oscal-metadata_addr-line", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-profile-oscal-metadata:document-id" : { "title" : "Document Identifier", "description" : "A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of \"document-id\" is equal to the value of the \"uuid\" flag of the top-level root element.", @@ -1064,9 +1012,7 @@ { "scheme" : { "title" : "Document Identification Scheme", "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "identifier" : { "type" : "string" } }, "required" : @@ -1081,24 +1027,19 @@ { "id" : { "title" : "Part Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "name" : { "title" : "Part Name", "description" : "A textual label that uniquely identifies the part's semantic type.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "ns" : { "title" : "Part Namespace", "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "class" : { "title" : "Part Class", "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Part Title", "description" : "A name given to the part, which may be used by a tool for display and navigation.", @@ -1134,18 +1075,15 @@ { "id" : { "title" : "Parameter Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Parameter Class", "description" : "A textual label that provides a characterization of the parameter.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "depends-on" : { "title" : "Depends on", "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1207,8 +1145,7 @@ { "expression" : { "title" : "Constraint test", "description" : "A formal (executable) expression of a constraint", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1232,8 +1169,7 @@ { "title" : "Parameter Value", "description" : "A parameter value or set of values.", "$id" : "#field_oscal-catalog-common_parameter-value", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-profile-oscal-catalog-common:parameter-selection" : { "title" : "Selection", "description" : "Presenting a choice among alternatives", @@ -1243,11 +1179,13 @@ { "how-many" : { "title" : "Parameter Cardinality", "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "one", - "one-or-more" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "one", + "one-or-more" ] } ] }, "choice" : { "type" : "array", "minItems" : 1, @@ -1261,7 +1199,38 @@ "description" : "Include all controls from the imported catalog or profile resources.", "$id" : "#assembly_oscal-catalog-common_include-all", "type" : "object", - "additionalProperties" : false } }, + "additionalProperties" : false }, + "Base64Datatype" : + { "type" : "string", + "pattern" : "^[0-9A-Fa-f]+$", + "contentEncoding" : "base64" }, + "BooleanDatatype" : + { "type" : "boolean" }, + "DateTimeWithTimezoneDatatype" : + { "type" : "string", + "format" : "date-time", + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "EmailAddressDatatype" : + { "type" : "string", + "format" : "email", + "pattern" : "^.+@.+$" }, + "StringDatatype" : + { "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "TokenDatatype" : + { "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "URIDatatype" : + { "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "URIReferenceDatatype" : + { "type" : "string", + "format" : "uri-reference" }, + "UUIDDatatype" : + { "type" : "string", + "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, "properties" : { "profile" : { "$ref" : "#assembly_oscal-profile_profile" } }, diff --git a/json/schema/oscal_ssp_schema.json b/json/schema/oscal_ssp_schema.json index d86cfb7d51..48fc6c9adb 100644 --- a/json/schema/oscal_ssp_schema.json +++ b/json/schema/oscal_ssp_schema.json @@ -13,8 +13,7 @@ { "uuid" : { "title" : "System Security Plan Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this system security plan (SSP) elsewhere in this or other OSCAL instances. The locally defined UUID of the SSP can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "metadata" : { "$ref" : "#assembly_oscal-metadata_metadata" }, "import-profile" : @@ -44,8 +43,7 @@ { "href" : { "title" : "Profile Reference", "description" : "A resolvable URL reference to the profile or catalog to use as the system's control baseline.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -65,13 +63,11 @@ "system-name" : { "title" : "System Name - Full", "description" : "The full name of the system.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "system-name-short" : { "title" : "System Name - Short", "description" : "A short name for the system, such as an acronym, that is suitable for display in a data table or summary list.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "description" : { "title" : "System Description", "description" : "A summary of the system.", @@ -91,8 +87,7 @@ "security-sensitivity-level" : { "title" : "Security Sensitivity Level", "description" : "The overall information system sensitivity categorization, such as defined by FIPS-199.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "system-information" : { "$ref" : "#assembly_oscal-ssp_system-information" }, "security-impact-level" : @@ -149,8 +144,7 @@ { "uuid" : { "title" : "Information Type Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this information type elsewhere in this or other OSCAL instances. The locally defined UUID of the information type can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "title field", "description" : "A human readable name for the information type. This title should be meaningful within the context of the system.", @@ -170,17 +164,14 @@ { "system" : { "title" : "Information Type Identification System", "description" : "Specifies the information type identification system used.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "information-type-ids" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Information Type Systematized Identifier", "description" : "A human-oriented, globally unique identifier qualified by the given identification system used, such as NIST SP 800-60. This identifier has cross-instance scope and can be used to reference this system elsewhere in this or other OSCAL instances. This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } } }, + "$ref" : "#/definitions/StringDatatype" } } }, "required" : [ "system" ], "additionalProperties" : false } }, @@ -280,14 +271,12 @@ { "title" : "Base Level (Confidentiality, Integrity, or Availability)", "description" : "The prescribed base (Confidentiality, Integrity, or Availability) security impact level.", "$id" : "#field_oscal-ssp_base", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-ssp-oscal-ssp:selected" : { "title" : "Selected Level (Confidentiality, Integrity, or Availability)", "description" : "The selected (Confidentiality, Integrity, or Availability) security impact level.", "$id" : "#field_oscal-ssp_selected", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-ssp-oscal-ssp:adjustment-justification" : { "title" : "Adjustment Justification", "description" : "If the selected security level is different from the base security level, this contains the justification for the change.", @@ -302,18 +291,15 @@ { "security-objective-confidentiality" : { "title" : "Security Objective: Confidentiality", "description" : "A target-level of confidentiality for the system, based on the sensitivity of information within the system.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "security-objective-integrity" : { "title" : "Security Objective: Integrity", "description" : "A target-level of integrity for the system, based on the sensitivity of information within the system.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "security-objective-availability" : { "title" : "Security Objective: Availability", "description" : "A target-level of availability for the system, based on the sensitivity of information within the system.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } }, + "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "security-objective-confidentiality", "security-objective-integrity", @@ -328,14 +314,16 @@ { "state" : { "title" : "State", "description" : "The current operating status.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$", - "enum" : - [ "operational", - "under-development", - "under-major-modification", - "disposition", - "other" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "operational", + "under-development", + "under-major-modification", + "disposition", + "other" ] } ] }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -345,8 +333,7 @@ { "title" : "System Authorization Date", "description" : "The date the system received its authorization.", "$id" : "#field_oscal-ssp_date-authorized", - "type" : "string", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))(Z|[+-][0-9]{2}:[0-9]{2})?$" }, + "$ref" : "#/definitions/DateDatatype" }, "oscal-ssp-oscal-ssp:authorization-boundary" : { "title" : "Authorization Boundary", "description" : "A description of this system's authorization boundary, optionally supplemented by diagrams that illustrate the authorization boundary.", @@ -386,8 +373,7 @@ { "uuid" : { "title" : "Diagram ID", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this diagram elsewhere in this or other OSCAL instances. The locally defined UUID of the diagram can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Diagram Description", "description" : "A summary of the diagram.", @@ -498,8 +484,7 @@ { "uuid" : { "title" : "Leveraged Authorization Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope and can be used to reference this leveraged authorization elsewhere in this or other OSCAL instances. The locally defined UUID of the leveraged authorization can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "title field", "description" : "A human readable name for the leveraged authorization in the context of the system.", @@ -517,8 +502,7 @@ "party-uuid" : { "title" : "party-uuid field", "description" : "A machine-oriented identifier reference to the party that manages the leveraged system.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "date-authorized" : { "$ref" : "#field_oscal-ssp_date-authorized" }, "remarks" : @@ -583,13 +567,11 @@ { "uuid" : { "title" : "Control Requirement Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control requirement elsewhere in this or other OSCAL instances. The locally defined UUID of the control requirement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "control-id" : { "title" : "Control Identifier Reference", "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -635,13 +617,11 @@ { "statement-id" : { "title" : "Control Statement Reference", "description" : "A human-oriented identifier reference to a control statement.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "uuid" : { "title" : "Control Statement Reference Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -677,13 +657,11 @@ { "component-uuid" : { "title" : "Component Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to the component that is implemeting a given control.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "uuid" : { "title" : "By-Component Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this by-component entry elsewhere in this or other OSCAL instances. The locally defined UUID of the by-component entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Control Implementation Description", "description" : "An implementation statement that describes how a control or a control statement is implemented within the referenced system component.", @@ -735,8 +713,7 @@ { "uuid" : { "title" : "Provided Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this provided entry elsewhere in this or other OSCAL instances. The locally defined UUID of the provided entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Provided Control Implementation Description", "description" : "An implementation statement that describes the aspects of the control or control statement implementation that can be provided to another system leveraging this system.", @@ -773,13 +750,11 @@ { "uuid" : { "title" : "Responsibility Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this responsibility elsewhere in this or other OSCAL instances. The locally defined UUID of the responsibility can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "provided-uuid" : { "title" : "Provided UUID", "description" : "A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Control Implementation Responsibility Description", "description" : "An implementation statement that describes the aspects of the control or control statement implementation that a leveraging system must implement to satisfy the control provided by a leveraged system.", @@ -819,13 +794,11 @@ { "uuid" : { "title" : "Inherited Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inherited entry elsewhere in this or other OSCAL instances. The locally defined UUID of the inherited control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "provided-uuid" : { "title" : "Provided UUID", "description" : "A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Inherited Control Implementation Description", "description" : "An implementation statement that describes the aspects of a control or control statement implementation that a leveraging system is inheriting from a leveraged system.", @@ -860,13 +833,11 @@ { "uuid" : { "title" : "Satisfied Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this satisfied control implementation entry elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "responsibility-uuid" : { "title" : "Responsibility UUID", "description" : "A machine-oriented identifier reference to a control implementation that satisfies a responsibility imposed by a leveraged system.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Satisfied Control Implementation Responsibility Description", "description" : "An implementation statement that describes the aspects of a control or control statement implementation that a leveraging system is implementing based on a requirement from a leveraged system.", @@ -1012,8 +983,7 @@ { "uuid" : { "title" : "Location Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Location Title", "description" : "A name given to the location, which may be used by a tool for display and navigation.", @@ -1036,9 +1006,7 @@ "items" : { "title" : "Location URL", "description" : "The uniform resource locator (URL) for a web site or Internet presence associated with the location.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" } }, + "$ref" : "#/definitions/URIDatatype" } }, "props" : { "type" : "array", "minItems" : 1, @@ -1059,8 +1027,7 @@ { "title" : "Location Reference", "description" : "A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", "$id" : "#field_oscal-metadata_location-uuid", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "oscal-ssp-oscal-metadata:party" : { "title" : "Party (organization or person)", "description" : "A responsible entity which is either a person or an organization.", @@ -1070,26 +1037,25 @@ { "uuid" : { "title" : "Party Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Party Type", "description" : "A category describing the kind of party the object describes.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$", - "enum" : - [ "person", - "organization" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, "name" : { "title" : "Party Name", "description" : "The full name of the party. This is typically the legal name associated with the party.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "short-name" : { "title" : "Party Short Name", "description" : "A short common name, abbreviation, or acronym for the party.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "external-ids" : { "type" : "array", "minItems" : 1, @@ -1101,9 +1067,7 @@ { "scheme" : { "title" : "External Identifier Schema", "description" : "Indicates the type of external identifier.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "id" : { "type" : "string" } }, "required" : @@ -1146,8 +1110,7 @@ "items" : { "title" : "Organizational Affiliation", "description" : "A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "$ref" : "#/definitions/UUIDDatatype" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1158,8 +1121,7 @@ { "title" : "Party Reference", "description" : "A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", "$id" : "#field_oscal-metadata_party-uuid", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "oscal-ssp-oscal-metadata:role" : { "title" : "Role", "description" : "Defines a function assumed or expected to be assumed by a party in a specific situation.", @@ -1169,8 +1131,7 @@ { "id" : { "title" : "Role Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Role Title", "description" : "A name given to the role, which may be used by a tool for display and navigation.", @@ -1178,8 +1139,7 @@ "short-name" : { "title" : "Role Short Name", "description" : "A short common name, abbreviation, or acronym for the role.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "description" : { "title" : "Role Description", "description" : "A summary of the role's purpose and associated responsibilities.", @@ -1204,8 +1164,7 @@ { "title" : "Role Identifier Reference", "description" : "A human-oriented identifier reference to roles served by the user.", "$id" : "#field_oscal-metadata_role-id", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "oscal-ssp-oscal-metadata:back-matter" : { "title" : "Back matter", "description" : "A collection of resources, which may be included directly or by reference.", @@ -1223,8 +1182,7 @@ { "uuid" : { "title" : "Resource Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Resource Title", "description" : "A name given to the resource, which may be used by a tool for display and navigation.", @@ -1276,13 +1234,11 @@ { "href" : { "title" : "Hypertext Reference", "description" : "A resolvable URI reference to a resource.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "hashes" : { "type" : "array", "minItems" : 1, @@ -1299,13 +1255,11 @@ { "filename" : { "title" : "File Name", "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, "required" : @@ -1326,29 +1280,23 @@ { "name" : { "title" : "Property Name", "description" : "A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "uuid" : { "title" : "Property Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "ns" : { "title" : "Property Namespace", "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "value" : { "title" : "Property Value", "description" : "Indicates the value of the attribute, characteristic, or quality.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "class" : { "title" : "Property Class", "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1364,18 +1312,15 @@ { "href" : { "title" : "Hypertext Reference", "description" : "A resolvable URL reference to a resource.", - "type" : "string", - "format" : "uri-reference" }, + "$ref" : "#/definitions/URIReferenceDatatype" }, "rel" : { "title" : "Relation", "description" : "Describes the type of relationship provided by the link. This can be an indicator of the link's purpose.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", @@ -1392,8 +1337,7 @@ { "role-id" : { "title" : "Responsible Role", "description" : "A human-oriented identifier reference to roles served by the user.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "party-uuids" : { "type" : "array", "minItems" : 1, @@ -1424,8 +1368,7 @@ { "role-id" : { "title" : "Responsible Role ID", "description" : "A human-oriented identifier reference to roles responsible for the business function.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1455,8 +1398,7 @@ { "algorithm" : { "title" : "Hash algorithm", "description" : "Method by which a hash is derived", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, "required" : @@ -1472,35 +1414,27 @@ { "title" : "Publication Timestamp", "description" : "The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", "$id" : "#field_oscal-metadata_published", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-ssp-oscal-metadata:last-modified" : { "title" : "Last Modified Timestamp", "description" : "The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", "$id" : "#field_oscal-metadata_last-modified", - "type" : "string", - "format" : "date-time", - "pattern" : "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-ssp-oscal-metadata:version" : { "title" : "Document Version", "description" : "A string used to distinguish the current version of the document from other previous (and future) versions.", "$id" : "#field_oscal-metadata_version", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-ssp-oscal-metadata:oscal-version" : { "title" : "OSCAL version", "description" : "The OSCAL model version the document was authored against.", "$id" : "#field_oscal-metadata_oscal-version", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-ssp-oscal-metadata:email-address" : { "title" : "Email Address", "description" : "An email address as defined by RFC 5322 Section 3.4.1.", "$id" : "#field_oscal-metadata_email-address", - "type" : "string", - "format" : "email", - "pattern" : "^.+@.+$" }, + "$ref" : "#/definitions/EmailAddressDatatype" }, "oscal-ssp-oscal-metadata:telephone-number" : { "title" : "Telephone Number", "description" : "Contact number by telephone.", @@ -1510,8 +1444,7 @@ { "type" : { "title" : "type flag", "description" : "Indicates the type of phone number.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "number" : { "type" : "string" } }, "required" : @@ -1526,8 +1459,7 @@ { "type" : { "title" : "Address Type", "description" : "Indicates the type of address.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "addr-lines" : { "type" : "array", "minItems" : 1, @@ -1536,30 +1468,25 @@ "city" : { "title" : "City", "description" : "City, town or geographical region for the mailing address.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "state" : { "title" : "State", "description" : "State, province or analogous geographical region for mailing address", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "postal-code" : { "title" : "Postal Code", "description" : "Postal or ZIP code for mailing address", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "country" : { "title" : "Country Code", "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } }, + "$ref" : "#/definitions/StringDatatype" } }, "additionalProperties" : false }, "oscal-ssp-oscal-metadata:addr-line" : { "title" : "Address line", "description" : "A single line of an address.", "$id" : "#field_oscal-metadata_addr-line", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-ssp-oscal-metadata:document-id" : { "title" : "Document Identifier", "description" : "A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of \"document-id\" is equal to the value of the \"uuid\" flag of the top-level root element.", @@ -1569,9 +1496,7 @@ { "scheme" : { "title" : "Document Identification Scheme", "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "identifier" : { "type" : "string" } }, "required" : @@ -1586,13 +1511,11 @@ { "uuid" : { "title" : "Component Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Component Type", "description" : "A category describing the purpose of the component.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "title" : { "title" : "Component Title", "description" : "A human readable name for the system component.", @@ -1623,13 +1546,15 @@ { "state" : { "title" : "State", "description" : "The operational status.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "under-development", - "operational", - "disposition", - "other" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "under-development", + "operational", + "disposition", + "other" ] } ] }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1663,13 +1588,11 @@ { "uuid" : { "title" : "Service Protocol Information Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "name" : { "title" : "Protocol Name", "description" : "The common name of the protocol, which should be the appropriate \"service name\" from the IANA Service Name and Transport Protocol Port Number Registry.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "title" : { "title" : "Protocol Title", "description" : "A human readable name for the protocol (e.g., Transport Layer Security).", @@ -1691,23 +1614,21 @@ { "start" : { "title" : "Start", "description" : "Indicates the starting port number in a port range", - "type" : "integer", - "multipleOf" : 1, - "minimum" : 0 }, + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, "end" : { "title" : "End", "description" : "Indicates the ending port number in a port range", - "type" : "integer", - "multipleOf" : 1, - "minimum" : 0 }, + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, "transport" : { "title" : "Transport", "description" : "Indicates the transport type.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "TCP", - "UDP" ] } }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "TCP", + "UDP" ] } ] } }, "additionalProperties" : false }, "oscal-ssp-oscal-implementation-common:implementation-status" : { "title" : "Implementation Status", @@ -1718,8 +1639,7 @@ { "state" : { "title" : "Implementation State", "description" : "Identifies the implementation status of the control or control objective.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1734,8 +1654,7 @@ { "uuid" : { "title" : "User Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "User Title", "description" : "A name given to the user, which may be used by a tool for display and navigation.", @@ -1743,8 +1662,7 @@ "short-name" : { "title" : "User Short Name", "description" : "A short common name, abbreviation, or acronym for the user.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "description" : { "title" : "User Description", "description" : "A summary of the user's purpose within the system.", @@ -1801,8 +1719,7 @@ { "title" : "Functions Performed", "description" : "Describes a function performed for a given authorized privilege by this user class.", "$id" : "#field_oscal-implementation-common_function-performed", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-ssp-oscal-implementation-common:inventory-item" : { "title" : "Inventory Item", "description" : "A single managed inventory item within the system.", @@ -1812,8 +1729,7 @@ { "uuid" : { "title" : "Inventory Item Universally Unique Identifier", "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "description" : { "title" : "Inventory Item Description", "description" : "A summary of the inventory item stating its purpose within the system.", @@ -1844,8 +1760,7 @@ { "component-uuid" : { "title" : "Component Universally Unique Identifier Reference", "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", - "type" : "string", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" }, + "$ref" : "#/definitions/UUIDDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -1881,16 +1796,14 @@ { "param-id" : { "title" : "Parameter ID", "description" : "A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "values" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Parameter Value", "description" : "A parameter value or set of values.", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" } }, + "$ref" : "#/definitions/StringDatatype" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1906,9 +1819,7 @@ { "identifier-type" : { "title" : "Identification System Type", "description" : "Identifies the identification system from which the provided identifier was assigned.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "id" : { "type" : "string" } }, "required" : @@ -1923,24 +1834,19 @@ { "id" : { "title" : "Part Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "name" : { "title" : "Part Name", "description" : "A textual label that uniquely identifies the part's semantic type.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "ns" : { "title" : "Part Namespace", "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", - "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "$ref" : "#/definitions/URIDatatype" }, "class" : { "title" : "Part Class", "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Part Title", "description" : "A name given to the part, which may be used by a tool for display and navigation.", @@ -1976,18 +1882,15 @@ { "id" : { "title" : "Parameter Identifier", "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Parameter Class", "description" : "A textual label that provides a characterization of the parameter.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "depends-on" : { "title" : "Depends on", "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", "minItems" : 1, @@ -2049,8 +1952,7 @@ { "expression" : { "title" : "Constraint test", "description" : "A formal (executable) expression of a constraint", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -2074,8 +1976,7 @@ { "title" : "Parameter Value", "description" : "A parameter value or set of values.", "$id" : "#field_oscal-catalog-common_parameter-value", - "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, + "$ref" : "#/definitions/StringDatatype" }, "oscal-ssp-oscal-catalog-common:parameter-selection" : { "title" : "Selection", "description" : "Presenting a choice among alternatives", @@ -2085,11 +1986,13 @@ { "how-many" : { "title" : "Parameter Cardinality", "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", - "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$", - "enum" : - [ "one", - "one-or-more" ] }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "one", + "one-or-more" ] } ] }, "choice" : { "type" : "array", "minItems" : 1, @@ -2103,7 +2006,48 @@ "description" : "Include all controls from the imported catalog or profile resources.", "$id" : "#assembly_oscal-catalog-common_include-all", "type" : "object", - "additionalProperties" : false } }, + "additionalProperties" : false }, + "Base64Datatype" : + { "type" : "string", + "pattern" : "^[0-9A-Fa-f]+$", + "contentEncoding" : "base64" }, + "DateDatatype" : + { "type" : "string", + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))(Z|[+-][0-9]{2}:[0-9]{2})?$" }, + "DateTimeWithTimezoneDatatype" : + { "type" : "string", + "format" : "date-time", + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "EmailAddressDatatype" : + { "type" : "string", + "format" : "email", + "pattern" : "^.+@.+$" }, + "IntegerDatatype" : + { "type" : "integer" }, + "NonNegativeIntegerDatatype" : + { "allOf" : + [ + { "$ref" : "#/definitions/IntegerDatatype" }, + + { "minimum" : 0, + "type" : "number" } ] }, + "StringDatatype" : + { "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "TokenDatatype" : + { "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "URIDatatype" : + { "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "URIReferenceDatatype" : + { "type" : "string", + "format" : "uri-reference" }, + "UUIDDatatype" : + { "type" : "string", + "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, "properties" : { "system-security-plan" : { "$ref" : "#assembly_oscal-ssp_system-security-plan" } }, diff --git a/xml/schema/oscal_assessment-plan_schema.xsd b/xml/schema/oscal_assessment-plan_schema.xsd index c6302e48a6..8c289a3c34 100644 --- a/xml/schema/oscal_assessment-plan_schema.xsd +++ b/xml/schema/oscal_assessment-plan_schema.xsd @@ -1,8 +1,8 @@ - @@ -18,8 +18,7 @@ assessment-plan - + @@ -31,11 +30,11 @@ @@ -50,23 +49,23 @@ @@ -79,9 +78,7 @@ Remarks: Additional commentary on the containing object. - + @@ -99,38 +96,38 @@ - + Assessment Plan Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment plan in this or other OSCAL instances. The locally defined UUID of the assessment plan can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment plan in this or other OSCAL instances. The locally defined UUID of the assessment plan can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Plan Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment plan in this or other OSCAL instances. The locally defined UUID of the assessment plan can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -158,62 +155,62 @@ Document Title: A name given to the document, which may be used by a tool for display and navigation. - + @@ -226,9 +223,7 @@ Remarks: Additional commentary on the containing object. - + @@ -254,32 +249,32 @@ Document Title: A name given to the document revision, which may be used by a tool for display and navigation. - + @@ -292,9 +287,7 @@ Remarks: Additional commentary on the containing object. - + @@ -320,20 +313,20 @@ Location Title: A name given to the location, which may be used by a tool for display and navigation. - + @@ -346,15 +339,15 @@ Location URL: The uniform resource locator (URL) for a web site or Internet presence associated with the location. - + @@ -367,17 +360,15 @@ Remarks: Additional commentary on the containing object. - + - + Location Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Location Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -388,12 +379,12 @@ Location Reference - A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Location Reference: A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -415,7 +406,7 @@ Party Name: The full name of the party. This is typically the legal name associated with the party. - + @@ -428,7 +419,7 @@ Party Short Name: A short common name, abbreviation, or acronym for the party. - + @@ -442,8 +433,8 @@ Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) - - + + External Identifier Schema @@ -458,28 +449,28 @@ @@ -488,12 +479,12 @@ Organizational Affiliation - A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Organizational Affiliation: A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -506,23 +497,21 @@ Remarks: Additional commentary on the containing object. - + - + Party Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Party Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Party Type @@ -537,12 +526,12 @@ Party Reference - A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Party Reference: A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -565,7 +554,7 @@ Role Title: A name given to the role, which may be used by a tool for display and navigation. - + @@ -579,7 +568,7 @@ Role Short Name: A short common name, abbreviation, or acronym for the role. - + @@ -593,16 +582,16 @@ Role Description: A summary of the role's purpose and associated responsibilities. - + @@ -615,17 +604,15 @@ Remarks: Additional commentary on the containing object. - + - + Role Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Role Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -636,12 +623,12 @@ Role Identifier Reference - A human-oriented identifier reference to roles served by the user. + A human-oriented identifier reference to roles served by the user. Role Identifier Reference: A human-oriented identifier reference to roles served by the user. - + @@ -675,7 +662,7 @@ Resource Title: A name given to the resource, which may be used by a tool for display and navigation. - + @@ -690,16 +677,16 @@ Resource Description: A short summary of the resource used to indicate the purpose of the resource. - + @@ -724,16 +711,16 @@ Citation Text: A line of citation text. - + @@ -751,11 +738,11 @@ - + Hypertext Reference @@ -765,11 +752,11 @@ Hypertext Reference: A resolvable URI reference to a resource. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -788,22 +775,22 @@ Base64: The Base64 alphabet in RFC 2045 - aligned with XSD. - - + + File Name - Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. + Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. File Name: Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -823,17 +810,15 @@ Remarks: Additional commentary on the containing object. - + - + Resource Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Resource Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -863,13 +848,11 @@ Remarks: Additional commentary on the containing object. - + - + Property Name @@ -879,17 +862,17 @@ Property Name: A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. - + Property Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Property Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Property Namespace @@ -899,7 +882,7 @@ Property Namespace: A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name. - + Property Value @@ -909,11 +892,11 @@ Property Value: Indicates the value of the attribute, characteristic, or quality. - + Property Class - A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. @@ -941,12 +924,12 @@ Link Text: A textual label to associate with the link, which may be used for presentation in a tool. - + - + Hypertext Reference @@ -956,7 +939,7 @@ Hypertext Reference: A resolvable URL reference to a resource. - + Relation @@ -966,11 +949,11 @@ Relation: Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -988,15 +971,15 @@ @@ -1009,17 +992,15 @@ Remarks: Additional commentary on the containing object. - + - + Responsible Role - A human-oriented identifier reference to roles served by the user. + A human-oriented identifier reference to roles served by the user. Responsible Role: A human-oriented identifier reference to roles served by the user. @@ -1037,15 +1018,15 @@ @@ -1058,17 +1039,15 @@ Remarks: Additional commentary on the containing object. - + - + Responsible Role ID - A human-oriented identifier reference to roles responsible for the business function. + A human-oriented identifier reference to roles responsible for the business function. Responsible Role ID: A human-oriented identifier reference to roles responsible for the business function. @@ -1085,8 +1064,8 @@ Hash: A representation of a cryptographic digest generated over a resource using a specified hash algorithm. - - + + Hash algorithm @@ -1109,30 +1088,30 @@ Remarks: Additional commentary on the containing object. - + Publication Timestamp - The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. Publication Timestamp: The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. - + Last Modified Timestamp - The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. Last Modified Timestamp: The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. - + @@ -1143,7 +1122,7 @@ Document Version: A string used to distinguish the current version of the document from other previous (and future) versions. - + @@ -1154,18 +1133,18 @@ OSCAL version: The OSCAL model version the document was authored against. - + Email Address - An email address as defined by RFC 5322 Section 3.4.1. + An email address as defined by RFC 5322 Section 3.4.1. Email Address: An email address as defined by RFC 5322 Section 3.4.1. - + @@ -1177,8 +1156,8 @@ Telephone Number: Contact number by telephone. - - + + type flag @@ -1202,7 +1181,7 @@ @@ -1215,7 +1194,7 @@ City: City, town or geographical region for the mailing address. - + @@ -1228,7 +1207,7 @@ State: State, province or analogous geographical region for mailing address - + @@ -1241,7 +1220,7 @@ Postal Code: Postal or ZIP code for mailing address - + @@ -1254,11 +1233,11 @@ Country Code: The ISO 3166-1 alpha-2 country code for the mailing address. - + - + Address Type @@ -1278,20 +1257,20 @@ Address line: A single line of an address. - + Document Identifier - A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. Document Identifier: A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. - - + + Document Identification Scheme @@ -1324,13 +1303,11 @@ Remarks: Additional commentary on the containing object. - + - + System Security Plan Reference @@ -1362,20 +1339,20 @@ Objective Description: A human-readable description of this control objective. - + @@ -1388,17 +1365,15 @@ Remarks: Additional commentary on the containing object. - + - + Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -1426,20 +1401,20 @@ Assessment Method Description: A human-readable description of this assessment method. - + @@ -1452,17 +1427,15 @@ Remarks: Additional commentary on the containing object. - + - + Assessment Method Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Method Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1490,7 +1463,7 @@ Included Activity Title: The title for this included activity. - + @@ -1505,16 +1478,16 @@ Included Activity Description: A human-readable description of this included activity. - + @@ -1539,7 +1512,7 @@ Step Title: The title for this step. - + @@ -1554,24 +1527,24 @@ Step Description: A human-readable description of this step. - + @@ -1584,17 +1557,15 @@ Remarks: Additional commentary on the containing object. - + - + Step Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Step Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1603,11 +1574,11 @@ @@ -1620,17 +1591,15 @@ Remarks: Additional commentary on the containing object. - + - + Assessment Activity Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Activity Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1658,7 +1627,7 @@ Task Title: The title for this task. - + @@ -1673,16 +1642,16 @@ Task Description: A human-readable description of this task. - + @@ -1707,7 +1676,7 @@ On Date Condition: The task is intended to occur on the specified date. - + On Date Condition @@ -1729,7 +1698,7 @@ On Date Range Condition: The task is intended to occur within the specified date range. - + Start Date Condition @@ -1739,7 +1708,7 @@ Start Date Condition: The task must occur on or after the specified date. - + End Date Condition @@ -1761,7 +1730,7 @@ Frequency Condition: The task is intended to occur at the specified frequency. - + Period @@ -1771,7 +1740,7 @@ Period: The task must occur after the specified period has elapsed. - + Time Unit @@ -1808,17 +1777,15 @@ Remarks: Additional commentary on the containing object. - + - + Task Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique task. + A machine-oriented identifier reference to a unique task. Task Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique task. @@ -1827,7 +1794,7 @@ @@ -1842,19 +1809,19 @@ @@ -1867,17 +1834,15 @@ Remarks: Additional commentary on the containing object. - + - + Activity Universally Unique Identifier Reference - A machine-oriented identifier reference to an activity defined in the list of activities. + A machine-oriented identifier reference to an activity defined in the list of activities. Activity Universally Unique Identifier Reference: A machine-oriented identifier reference to an activity defined in the list of activities. @@ -1886,11 +1851,11 @@ @@ -1903,23 +1868,21 @@ Remarks: Additional commentary on the containing object. - + - + Task Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Task Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Task Type @@ -1951,16 +1914,16 @@ Control Objective Description: A human-readable description of control objectives. - + @@ -1985,30 +1948,30 @@ Assessed Controls Description: A human-readable description of in-scope controls specified for assessment. - + @@ -2021,9 +1984,7 @@ Remarks: Additional commentary on the containing object. - + @@ -2053,30 +2014,30 @@ Control Objectives Description: A human-readable description of this collection of control objectives. - + @@ -2089,9 +2050,7 @@ Remarks: Additional commentary on the containing object. - + @@ -2107,9 +2066,7 @@ Remarks: Additional commentary on the containing object. - + @@ -2134,15 +2091,15 @@ Include Specific Statements: Used to constrain the selection to only specificity identified statements. - + - + Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -2158,7 +2115,7 @@ Select Objective: Used to select a control objective for inclusion/exclusion based on the control objective's identifier. - + Objective ID @@ -2190,7 +2147,7 @@ Assessment Subject Placeholder Description: A human-readable description of intent of this assessment subject placeholder. - + @@ -2204,11 +2161,11 @@ Assessment Subject Source: Assessment subjects will be identified while conducting the referenced activity-instance. - + Task Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Task Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2217,11 +2174,11 @@ @@ -2234,17 +2191,15 @@ Remarks: Additional commentary on the containing object. - + - + Assessment Subject Placeholder Universally Unique Identifier - A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Subject Placeholder Universally Unique Identifier: A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2272,30 +2227,30 @@ Include Subjects Description: A human-readable description of the collection of subjects being included in this assessment. - + @@ -2308,13 +2263,11 @@ Remarks: Additional commentary on the containing object. - + - + Subject Type @@ -2336,11 +2289,11 @@ @@ -2353,27 +2306,25 @@ Remarks: Additional commentary on the containing object. - + - + Subject Universally Unique Identifier Reference - A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. + A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. Subject Universally Unique Identifier Reference: A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. - + Subject Universally Unique Identifier Reference Type - Used to indicate the type of object pointed to by the uuid-ref within a subject. + Used to indicate the type of object pointed to by the uuid-ref within a subject. Subject Universally Unique Identifier Reference Type: Used to indicate the type of object pointed to by the uuid-ref within a subject. @@ -2384,7 +2335,7 @@ Identifies the Subject - A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. + A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. Identifies the Subject: A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. @@ -2401,16 +2352,16 @@ Subject Reference Title: The title or name for the referenced subject. - + @@ -2423,27 +2374,25 @@ Remarks: Additional commentary on the containing object. - + - + Subject Universally Unique Identifier Reference - A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. + A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. Subject Universally Unique Identifier Reference: A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. - + Subject Universally Unique Identifier Reference Type - Used to indicate the type of object pointed to by the uuid-ref within a subject. + Used to indicate the type of object pointed to by the uuid-ref within a subject. Subject Universally Unique Identifier Reference Type: Used to indicate the type of object pointed to by the uuid-ref within a subject. @@ -2461,7 +2410,7 @@ @@ -2486,16 +2435,16 @@ Assessment Platform Title: The title or name for the assessment platform. - + @@ -2510,15 +2459,15 @@ @@ -2531,17 +2480,15 @@ Remarks: Additional commentary on the containing object. - + - + Component Universally Unique Identifier Reference - A machine-oriented identifier reference to a component that is implemented as part of an inventory item. + A machine-oriented identifier reference to a component that is implemented as part of an inventory item. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to a component that is implemented as part of an inventory item. @@ -2559,17 +2506,15 @@ Remarks: Additional commentary on the containing object. - + - + Assessment Platform Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Platform Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2600,7 +2545,7 @@ Objective Status Title: The title for this objective status. - + @@ -2615,16 +2560,16 @@ Objective Status Description: A human-readable description of the assessor's conclusions regarding the degree to which an objective is satisfied. - + @@ -2648,13 +2593,11 @@ Remarks: Additional commentary on the containing object. - + - + Objective Status State @@ -2664,7 +2607,7 @@ Objective Status State: An indication as to whether the objective is satisfied or not. - + Objective Status Reason @@ -2677,7 +2620,7 @@ @@ -2690,13 +2633,11 @@ Remarks: Additional commentary on the containing object. - + - + Finding Target Type @@ -2706,11 +2647,11 @@ Finding Target Type: Identifies the type of the target. - + Finding Target Identifier Reference - A machine-oriented identifier reference for a specific target qualified by the type. + A machine-oriented identifier reference for a specific target qualified by the type. Finding Target Identifier Reference: A machine-oriented identifier reference for a specific target qualified by the type. @@ -2738,7 +2679,7 @@ Observation Title: The title for this observation. - + @@ -2753,16 +2694,16 @@ Observation Description: A human-readable description of this assessment observation. - + @@ -2775,7 +2716,7 @@ Observation Method: Identifies how the observation was made. - + @@ -2788,15 +2729,15 @@ Observation Type: Identifies the nature of the observation. More than one may be used to further qualify and enable filtering. - + @@ -2821,16 +2762,16 @@ Relevant Evidence Description: A human-readable description of this evidence. - + @@ -2843,13 +2784,11 @@ Remarks: Additional commentary on the containing object. - + - + Relevant Evidence Reference @@ -2871,7 +2810,7 @@ Collected Field: Date/time stamp identifying when the finding information was collected. - + @@ -2884,7 +2823,7 @@ Expires Field: Date/time identifying when the finding information is out-of-date and no longer valid. Typically used with continuous assessment scenarios. - + @@ -2897,17 +2836,15 @@ Remarks: Additional commentary on the containing object. - + - + Observation Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Observation Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2925,11 +2862,11 @@ @@ -2945,15 +2882,15 @@ - + Actor Type @@ -2963,17 +2900,17 @@ Actor Type: The kind of actor. - + Actor Universally Unique Identifier Reference - A machine-oriented identifier reference to the tool or person based on the associated type. + A machine-oriented identifier reference to the tool or person based on the associated type. Actor Universally Unique Identifier Reference: A machine-oriented identifier reference to the tool or person based on the associated type. - + Actor Role @@ -2995,19 +2932,19 @@ @@ -3022,15 +2959,15 @@ - + Assessment Subject Placeholder Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. + A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. Assessment Subject Placeholder Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. @@ -3048,17 +2985,15 @@ Remarks: Additional commentary on the containing object. - + - + Task Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique task. + A machine-oriented identifier reference to a unique task. Task Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique task. @@ -3075,8 +3010,8 @@ Threat ID: A pointer, by ID, to an externally-defined threat. - - + + Threat Type Identification System @@ -3086,7 +3021,7 @@ Threat Type Identification System: Specifies the source of the threat information. - + Threat Information Resource Reference @@ -3120,7 +3055,7 @@ Risk Title: The title for this risk. - + @@ -3135,7 +3070,7 @@ Risk Description: A human-readable summary of the identified risk, to include a statement of how the risk impacts the system. - + @@ -3150,32 +3085,32 @@ Risk Statement: An summary of impact for how the risk affects the system. - + @@ -3200,38 +3135,38 @@ Mitigating Factor Description: A human-readable description of this mitigating factor. - + - + Mitigating Factor Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Mitigating Factor Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Implementation UUID - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Implementation UUID: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3249,11 +3184,11 @@ Risk Resolution Deadline: The date/time by which the risk must be resolved. - + @@ -3289,7 +3224,7 @@ Title: The title for this risk log entry. - + @@ -3304,7 +3239,7 @@ Risk Task Description: A human-readable description of what was done regarding the risk. - + @@ -3318,7 +3253,7 @@ Start: Identifies the start date and time of the event. - + @@ -3331,23 +3266,23 @@ End: Identifies the end date and time of the event. If the event is a point in time, the start and end will be the same date and time. - + @@ -3362,15 +3297,15 @@ @@ -3383,17 +3318,15 @@ Remarks: Additional commentary on the containing object. - + - + Response Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique risk response. + A machine-oriented identifier reference to a unique risk response. Response Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique risk response. @@ -3411,17 +3344,15 @@ Remarks: Additional commentary on the containing object. - + - + Risk Log Entry Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Risk Log Entry Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3442,11 +3373,11 @@ Related Observation: Relates the finding to a set of referenced observations that were used to determine the finding. - + Observation Universally Unique Identifier Reference - A machine-oriented identifier reference to an observation defined in the list of observations. + A machine-oriented identifier reference to an observation defined in the list of observations. Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. @@ -3455,11 +3386,11 @@ - + Risk Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Risk Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3475,17 +3406,17 @@ Logged By: Used to indicate who created a log entry in what role. - + Party UUID Reference - A machine-oriented identifier reference to the party who is making the log entry. + A machine-oriented identifier reference to the party who is making the log entry. Party UUID Reference: A machine-oriented identifier reference to the party who is making the log entry. - + Actor Role @@ -3505,7 +3436,7 @@ Risk Status: Describes the status of the associated risk. - + @@ -3518,15 +3449,15 @@ @@ -3541,11 +3472,11 @@ @@ -3558,13 +3489,11 @@ Remarks: Additional commentary on the containing object. - + - + Facet Name @@ -3574,7 +3503,7 @@ Facet Name: The name of the risk metric within the specified system. - + Naming System @@ -3584,7 +3513,7 @@ Naming System: Specifies the naming system under which this risk metric is organized, which allows for the same names to be used in different systems controlled by different parties. This avoids the potential of a name clash. - + Facet Value @@ -3619,7 +3548,7 @@ Response Title: The title for this response activity. - + @@ -3634,20 +3563,20 @@ Response Description: A human-readable description of this response plan. - + @@ -3662,7 +3591,7 @@ @@ -3676,7 +3605,7 @@ Title for Required Asset: The title for this required asset. - + @@ -3691,16 +3620,16 @@ Description of Required Asset: A human-readable description of this required asset. - + @@ -3713,17 +3642,15 @@ Remarks: Additional commentary on the containing object. - + - + Required Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Required Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3732,7 +3659,7 @@ @@ -3745,23 +3672,21 @@ Remarks: Additional commentary on the containing object. - + - + Remediation Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Remediation Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Remediation Intent @@ -3793,37 +3718,35 @@ Part Title: A name given to the part, which may be used by a tool for display and navigation. - + - + - + Part Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Part Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Part Name @@ -3833,7 +3756,7 @@ Part Name: A textual label that uniquely identifies the part's semantic type. - + Part Namespace @@ -3843,11 +3766,11 @@ Part Namespace: A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. - + Part Class - A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. Part Class: A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. @@ -3875,37 +3798,35 @@ Part Title: A name given to the part, which may be used by a tool for display and navigation. - + - + - + Part Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Part Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Part Name @@ -3915,7 +3836,7 @@ Part Name: A textual label that uniquely identifies the part's semantic type. - + Part Namespace @@ -3925,11 +3846,11 @@ Part Namespace: A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. - + Part Class - A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. Part Class: A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. @@ -3947,11 +3868,11 @@ @@ -3959,13 +3880,13 @@ Parameter Label - A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. + A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. Parameter Label: A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. - + @@ -3980,25 +3901,25 @@ Parameter Usage Description: Describes the purpose and use of a parameter - + @@ -4012,23 +3933,21 @@ Remarks: Additional commentary on the containing object. - + - + Parameter Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Parameter Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Parameter Class @@ -4038,7 +3957,7 @@ Parameter Class: A textual label that provides a characterization of the parameter. - + Depends on @@ -4070,7 +3989,7 @@ Constraint Description: A textual summary of the constraint to be applied. - + @@ -4095,7 +4014,7 @@ Constraint test: A formal (executable) expression of a constraint - + @@ -4108,9 +4027,7 @@ Remarks: Additional commentary on the containing object. - + @@ -4128,9 +4045,7 @@ Guideline: A prose statement that provides a recommendation for the use of a parameter. - + @@ -4142,7 +4057,7 @@ Parameter Value: A parameter value or set of values. - + @@ -4165,12 +4080,12 @@ Choice: A value selection among several such options - + - + Parameter Cardinality @@ -4212,7 +4127,7 @@ Component Title: A human readable name for the system component. - + @@ -4227,7 +4142,7 @@ Component Description: A description of the component, including information about its function. - + @@ -4242,16 +4157,16 @@ Purpose: A summary of the technological or business purpose of the component. - + @@ -4275,13 +4190,11 @@ Remarks: Additional commentary on the containing object. - + - + State @@ -4294,11 +4207,11 @@ @@ -4311,23 +4224,21 @@ Remarks: Additional commentary on the containing object. - + - + Component Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Component Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Component Type @@ -4359,30 +4270,30 @@ Protocol Title: A human readable name for the protocol (e.g., Transport Layer Security). - + - + Service Protocol Information Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Service Protocol Information Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Protocol Name - The common name of the protocol, which should be the appropriate "service name" from the IANA Service Name and Transport Protocol Port Number Registry. + The common name of the protocol, which should be the appropriate "service name" from the IANA Service Name and Transport Protocol Port Number Registry. Protocol Name: The common name of the protocol, which should be the appropriate "service name" from the IANA Service Name and Transport Protocol Port Number Registry. @@ -4398,7 +4309,7 @@ Port Range: Where applicable this is the IPv4 port range on which the service operates. - + Start @@ -4408,7 +4319,7 @@ Start: Indicates the starting port number in a port range - + End @@ -4418,7 +4329,7 @@ End: Indicates the ending port number in a port range - + Transport @@ -4449,13 +4360,11 @@ Remarks: Additional commentary on the containing object. - + - + Implementation State @@ -4487,7 +4396,7 @@ User Title: A name given to the user, which may be used by a tool for display and navigation. - + @@ -4501,7 +4410,7 @@ User Short Name: A short common name, abbreviation, or acronym for the user. - + @@ -4515,24 +4424,24 @@ User Description: A summary of the user's purpose within the system. - + @@ -4545,17 +4454,15 @@ Remarks: Additional commentary on the containing object. - + - + User Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. User Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4583,7 +4490,7 @@ Privilege Title: A human readable name for the privilege. - + @@ -4598,12 +4505,12 @@ Privilege Description: A summary of the privilege's purpose within the system. - + @@ -4617,7 +4524,7 @@ Functions Performed: Describes a function performed for a given authorized privilege by this user class. - + @@ -4640,20 +4547,20 @@ Inventory Item Description: A summary of the inventory item stating its purpose within the system. - + @@ -4668,15 +4575,15 @@ @@ -4689,17 +4596,15 @@ Remarks: Additional commentary on the containing object. - + - + Component Universally Unique Identifier Reference - A machine-oriented identifier reference to a component that is implemented as part of an inventory item. + A machine-oriented identifier reference to a component that is implemented as part of an inventory item. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to a component that is implemented as part of an inventory item. @@ -4717,17 +4622,15 @@ Remarks: Additional commentary on the containing object. - + - + Inventory Item Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Inventory Item Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4754,7 +4657,7 @@ Parameter Value: A parameter value or set of values. - + @@ -4767,17 +4670,15 @@ Remarks: Additional commentary on the containing object. - + - + Parameter ID - A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. + A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. Parameter ID: A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. @@ -4788,14 +4689,14 @@ System Identification - A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. + A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. System Identification: A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. - - + + Identification System Type @@ -4808,55 +4709,38 @@ - - - - - + + + + - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + - - - - - - - - - The content model is the same as blockElementType, but line endings need - to be preserved, since this is preformatted. - - - + + + + - + - The content model is the same as blockElementType, but line endings need + The content model is the same as inlineType, but line endings need to be preserved, since this is preformatted. @@ -4865,34 +4749,39 @@ + - - - + + + - + - - - - + + + + + - + - - + + + + + @@ -4901,49 +4790,55 @@ - - - - - - - - + + + + + + + + + + + + - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + - + + + - + + + + - - An insert can be used to identify a placeholder for dynamically inserting text related to a specific object, which is referenced by the object's identifier using an id-ref. This insert mechanism allows the selection of which text value from the object to dynamically include based on the application's display requirements. + An insert can be used to identify a placeholder for dynamically inserting text related to a specific object, which is referenced by the object's identifier using an id-ref. This insert mechanism allows the selection of which text value from the object to dynamically include based on the application's display requirements. @@ -4952,95 +4847,25 @@ - The identity of the object to insert a value for. The identity will be selected from the index of objects of the specified type. The specific value to include is based on the application's display requirements, which will likely use a specific data element associated with the type (e.g., title, identifier, value, etc.) that is appropriate for the application. + The identity of the object to insert a value for. The identity will be selected from the index of objects of the specified type. The specific value to include is based on the application's display requirements, which will likely use a specific data element associated with the type (e.g., title, identifier, value, etc.) that is appropriate for the application. - - - - - A string, but not empty and not whitespace-only (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) - - - - - - The xs:dateTime with a required timezone. - - - - - - An email address - - - - - - A URI - - - - - - A URI reference, such as a relative URL - - - - - - A Type 4 ('random' or 'pseudorandom' UUID per RFC 4122 - - - - - - A string token following the rules of XML "no colon" names, with no whitespace. (XML names are single alphabetic characters - followed by alphanumeric characters, periods, underscores or dashes.) - - - A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. - - - - - - - - The xs:date with a required timezone. - - - - - - - - - - The xs:dateTime with a required timezone. - + @@ -5048,7 +4873,7 @@ An email address - + Need a better pattern. @@ -5056,32 +4881,14 @@ - - - A host name - - - - - - The ip-v4-address type specifies an IPv4 address in - dot decimal notation. - - - - - - - - The ip-v6-address type specifies an IPv6 address - represented in 8 hextets separated by colons. - This is based on the pattern provided here: - https://stackoverflow.com/questions/53497/regular-expression-that-matches-valid-ipv6-addresses - with some customizations. - - - - + + + + + A trimmed string, at least one character with no + leading or trailing whitespace. + + @@ -5089,7 +4896,7 @@ A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. @@ -5097,18 +4904,38 @@ A string, but not empty and not whitespace-only - (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) + (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) The OSCAL 'string' datatype restricts the XSD type by prohibiting leading - and trailing whitespace, and something (not only whitespace) is required. + and trailing whitespace, and something (not only whitespace) is required. A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. + + + + + + + + A string token following the rules of XML "no + colon" names, with no whitespace. (XML names are single alphabetic + characters followed by alphanumeric characters, periods, underscores or dashes.) + + + + + + + + A single token may not contain whitespace. + @@ -5128,13 +4955,13 @@ A URI reference, such as a relative URL - + A trimmed URI, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. @@ -5142,14 +4969,14 @@ A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC - 4122. + 4122. - + A sequence of 8-4-4-4-12 hex digits, with extra - constraints in the 13th and 17-18th places for version 4 and 5 - + constraints in the 13th and 17-18th places for version 4 and 5 + diff --git a/xml/schema/oscal_assessment-results_schema.xsd b/xml/schema/oscal_assessment-results_schema.xsd index 42c377f09b..f2f559d2d8 100644 --- a/xml/schema/oscal_assessment-results_schema.xsd +++ b/xml/schema/oscal_assessment-results_schema.xsd @@ -1,8 +1,8 @@ - @@ -18,8 +18,7 @@ assessment-results - + @@ -31,11 +30,11 @@ @@ -50,11 +49,11 @@ @@ -67,28 +66,26 @@ Remarks: Additional commentary on the containing object. - + - + Assessment Results Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment results instance in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment results instance in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Results Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment results instance in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -116,7 +113,7 @@ Results Title: The title for this set of results. - + @@ -131,7 +128,7 @@ Results Description: A human-readable description of this set of test results. - + @@ -145,7 +142,7 @@ start field: Date/time stamp identifying the start of the evidence collection reflected in these results. - + @@ -158,15 +155,15 @@ end field: Date/time stamp identifying the end of the evidence collection reflected in these results. In a continuous motoring scenario, this may contain the same value as start if appropriate. - + @@ -181,30 +178,30 @@ @@ -219,11 +216,11 @@ @@ -262,7 +259,7 @@ Action Title: The title for this event. - + @@ -277,7 +274,7 @@ Action Description: A human-readable description of this event. - + @@ -291,7 +288,7 @@ Start: Identifies the start date and time of an event. - + @@ -304,23 +301,23 @@ End: Identifies the end date and time of an event. If the event is a point in time, the start and end will be the same date and time. - + @@ -333,17 +330,15 @@ Remarks: Additional commentary on the containing object. - + - + Assessment Log Entry Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference an assessment event in this or other OSCAL instances. The locally defined UUID of the assessment log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference an assessment event in this or other OSCAL instances. The locally defined UUID of the assessment log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Log Entry Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference an assessment event in this or other OSCAL instances. The locally defined UUID of the assessment log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -355,15 +350,15 @@ @@ -376,17 +371,15 @@ Remarks: Additional commentary on the containing object. - + - + Results Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this set of results in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this set of results in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Results Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this set of results in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -414,7 +407,7 @@ Finding Title: The title for this finding. - + @@ -429,24 +422,24 @@ Finding Description: A human-readable description of this finding. - + @@ -454,12 +447,12 @@ Implementation Statement UUID - A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. + A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. Implementation Statement UUID: A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. - + @@ -472,11 +465,11 @@ Related Observation: Relates the finding to a set of referenced observations that were used to determine the finding. - + Observation Universally Unique Identifier Reference - A machine-oriented identifier reference to an observation defined in the list of observations. + A machine-oriented identifier reference to an observation defined in the list of observations. Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. @@ -494,11 +487,11 @@ Associated Risk: Relates the finding to a set of referenced risks that were used to determine the finding. - + Risk Universally Unique Identifier Reference - A machine-oriented identifier reference to a risk defined in the list of risks. + A machine-oriented identifier reference to a risk defined in the list of risks. Risk Universally Unique Identifier Reference: A machine-oriented identifier reference to a risk defined in the list of risks. @@ -516,17 +509,15 @@ Remarks: Additional commentary on the containing object. - + - + Finding Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Finding Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -553,13 +544,11 @@ Remarks: Additional commentary on the containing object. - + - + Assessment Plan Reference @@ -591,62 +580,62 @@ Document Title: A name given to the document, which may be used by a tool for display and navigation. - + @@ -659,9 +648,7 @@ Remarks: Additional commentary on the containing object. - + @@ -687,32 +674,32 @@ Document Title: A name given to the document revision, which may be used by a tool for display and navigation. - + @@ -725,9 +712,7 @@ Remarks: Additional commentary on the containing object. - + @@ -753,20 +738,20 @@ Location Title: A name given to the location, which may be used by a tool for display and navigation. - + @@ -779,15 +764,15 @@ Location URL: The uniform resource locator (URL) for a web site or Internet presence associated with the location. - + @@ -800,17 +785,15 @@ Remarks: Additional commentary on the containing object. - + - + Location Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Location Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -821,12 +804,12 @@ Location Reference - A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Location Reference: A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -848,7 +831,7 @@ Party Name: The full name of the party. This is typically the legal name associated with the party. - + @@ -861,7 +844,7 @@ Party Short Name: A short common name, abbreviation, or acronym for the party. - + @@ -875,8 +858,8 @@ Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) - - + + External Identifier Schema @@ -891,28 +874,28 @@ @@ -921,12 +904,12 @@ Organizational Affiliation - A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Organizational Affiliation: A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -939,23 +922,21 @@ Remarks: Additional commentary on the containing object. - + - + Party Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Party Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Party Type @@ -970,12 +951,12 @@ Party Reference - A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Party Reference: A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -998,7 +979,7 @@ Role Title: A name given to the role, which may be used by a tool for display and navigation. - + @@ -1012,7 +993,7 @@ Role Short Name: A short common name, abbreviation, or acronym for the role. - + @@ -1026,16 +1007,16 @@ Role Description: A summary of the role's purpose and associated responsibilities. - + @@ -1048,17 +1029,15 @@ Remarks: Additional commentary on the containing object. - + - + Role Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Role Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1069,12 +1048,12 @@ Role Identifier Reference - A human-oriented identifier reference to roles served by the user. + A human-oriented identifier reference to roles served by the user. Role Identifier Reference: A human-oriented identifier reference to roles served by the user. - + @@ -1108,7 +1087,7 @@ Resource Title: A name given to the resource, which may be used by a tool for display and navigation. - + @@ -1123,16 +1102,16 @@ Resource Description: A short summary of the resource used to indicate the purpose of the resource. - + @@ -1157,16 +1136,16 @@ Citation Text: A line of citation text. - + @@ -1184,11 +1163,11 @@ - + Hypertext Reference @@ -1198,11 +1177,11 @@ Hypertext Reference: A resolvable URI reference to a resource. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -1221,22 +1200,22 @@ Base64: The Base64 alphabet in RFC 2045 - aligned with XSD. - - + + File Name - Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. + Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. File Name: Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -1256,17 +1235,15 @@ Remarks: Additional commentary on the containing object. - + - + Resource Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Resource Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1296,13 +1273,11 @@ Remarks: Additional commentary on the containing object. - + - + Property Name @@ -1312,17 +1287,17 @@ Property Name: A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. - + Property Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Property Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Property Namespace @@ -1332,7 +1307,7 @@ Property Namespace: A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name. - + Property Value @@ -1342,11 +1317,11 @@ Property Value: Indicates the value of the attribute, characteristic, or quality. - + Property Class - A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. @@ -1374,12 +1349,12 @@ Link Text: A textual label to associate with the link, which may be used for presentation in a tool. - + - + Hypertext Reference @@ -1389,7 +1364,7 @@ Hypertext Reference: A resolvable URL reference to a resource. - + Relation @@ -1399,11 +1374,11 @@ Relation: Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -1421,15 +1396,15 @@ @@ -1442,17 +1417,15 @@ Remarks: Additional commentary on the containing object. - + - + Responsible Role - A human-oriented identifier reference to roles served by the user. + A human-oriented identifier reference to roles served by the user. Responsible Role: A human-oriented identifier reference to roles served by the user. @@ -1470,15 +1443,15 @@ @@ -1491,17 +1464,15 @@ Remarks: Additional commentary on the containing object. - + - + Responsible Role ID - A human-oriented identifier reference to roles responsible for the business function. + A human-oriented identifier reference to roles responsible for the business function. Responsible Role ID: A human-oriented identifier reference to roles responsible for the business function. @@ -1518,8 +1489,8 @@ Hash: A representation of a cryptographic digest generated over a resource using a specified hash algorithm. - - + + Hash algorithm @@ -1542,30 +1513,30 @@ Remarks: Additional commentary on the containing object. - + Publication Timestamp - The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. Publication Timestamp: The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. - + Last Modified Timestamp - The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. Last Modified Timestamp: The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. - + @@ -1576,7 +1547,7 @@ Document Version: A string used to distinguish the current version of the document from other previous (and future) versions. - + @@ -1587,18 +1558,18 @@ OSCAL version: The OSCAL model version the document was authored against. - + Email Address - An email address as defined by RFC 5322 Section 3.4.1. + An email address as defined by RFC 5322 Section 3.4.1. Email Address: An email address as defined by RFC 5322 Section 3.4.1. - + @@ -1610,8 +1581,8 @@ Telephone Number: Contact number by telephone. - - + + type flag @@ -1635,7 +1606,7 @@ @@ -1648,7 +1619,7 @@ City: City, town or geographical region for the mailing address. - + @@ -1661,7 +1632,7 @@ State: State, province or analogous geographical region for mailing address - + @@ -1674,7 +1645,7 @@ Postal Code: Postal or ZIP code for mailing address - + @@ -1687,11 +1658,11 @@ Country Code: The ISO 3166-1 alpha-2 country code for the mailing address. - + - + Address Type @@ -1711,20 +1682,20 @@ Address line: A single line of an address. - + Document Identifier - A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. Document Identifier: A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. - - + + Document Identification Scheme @@ -1757,13 +1728,11 @@ Remarks: Additional commentary on the containing object. - + - + System Security Plan Reference @@ -1795,20 +1764,20 @@ Objective Description: A human-readable description of this control objective. - + @@ -1821,17 +1790,15 @@ Remarks: Additional commentary on the containing object. - + - + Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -1859,20 +1826,20 @@ Assessment Method Description: A human-readable description of this assessment method. - + @@ -1885,17 +1852,15 @@ Remarks: Additional commentary on the containing object. - + - + Assessment Method Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Method Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1923,7 +1888,7 @@ Included Activity Title: The title for this included activity. - + @@ -1938,16 +1903,16 @@ Included Activity Description: A human-readable description of this included activity. - + @@ -1972,7 +1937,7 @@ Step Title: The title for this step. - + @@ -1987,24 +1952,24 @@ Step Description: A human-readable description of this step. - + @@ -2017,17 +1982,15 @@ Remarks: Additional commentary on the containing object. - + - + Step Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Step Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2036,11 +1999,11 @@ @@ -2053,17 +2016,15 @@ Remarks: Additional commentary on the containing object. - + - + Assessment Activity Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Activity Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2091,7 +2052,7 @@ Task Title: The title for this task. - + @@ -2106,16 +2067,16 @@ Task Description: A human-readable description of this task. - + @@ -2140,7 +2101,7 @@ On Date Condition: The task is intended to occur on the specified date. - + On Date Condition @@ -2162,7 +2123,7 @@ On Date Range Condition: The task is intended to occur within the specified date range. - + Start Date Condition @@ -2172,7 +2133,7 @@ Start Date Condition: The task must occur on or after the specified date. - + End Date Condition @@ -2194,7 +2155,7 @@ Frequency Condition: The task is intended to occur at the specified frequency. - + Period @@ -2204,7 +2165,7 @@ Period: The task must occur after the specified period has elapsed. - + Time Unit @@ -2241,17 +2202,15 @@ Remarks: Additional commentary on the containing object. - + - + Task Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique task. + A machine-oriented identifier reference to a unique task. Task Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique task. @@ -2260,7 +2219,7 @@ @@ -2275,19 +2234,19 @@ @@ -2300,17 +2259,15 @@ Remarks: Additional commentary on the containing object. - + - + Activity Universally Unique Identifier Reference - A machine-oriented identifier reference to an activity defined in the list of activities. + A machine-oriented identifier reference to an activity defined in the list of activities. Activity Universally Unique Identifier Reference: A machine-oriented identifier reference to an activity defined in the list of activities. @@ -2319,11 +2276,11 @@ @@ -2336,23 +2293,21 @@ Remarks: Additional commentary on the containing object. - + - + Task Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Task Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Task Type @@ -2384,16 +2339,16 @@ Control Objective Description: A human-readable description of control objectives. - + @@ -2418,30 +2373,30 @@ Assessed Controls Description: A human-readable description of in-scope controls specified for assessment. - + @@ -2454,9 +2409,7 @@ Remarks: Additional commentary on the containing object. - + @@ -2486,30 +2439,30 @@ Control Objectives Description: A human-readable description of this collection of control objectives. - + @@ -2522,9 +2475,7 @@ Remarks: Additional commentary on the containing object. - + @@ -2540,9 +2491,7 @@ Remarks: Additional commentary on the containing object. - + @@ -2567,15 +2516,15 @@ Include Specific Statements: Used to constrain the selection to only specificity identified statements. - + - + Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -2591,7 +2540,7 @@ Select Objective: Used to select a control objective for inclusion/exclusion based on the control objective's identifier. - + Objective ID @@ -2623,7 +2572,7 @@ Assessment Subject Placeholder Description: A human-readable description of intent of this assessment subject placeholder. - + @@ -2637,11 +2586,11 @@ Assessment Subject Source: Assessment subjects will be identified while conducting the referenced activity-instance. - + Task Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Task Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2650,11 +2599,11 @@ @@ -2667,17 +2616,15 @@ Remarks: Additional commentary on the containing object. - + - + Assessment Subject Placeholder Universally Unique Identifier - A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Subject Placeholder Universally Unique Identifier: A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2705,30 +2652,30 @@ Include Subjects Description: A human-readable description of the collection of subjects being included in this assessment. - + @@ -2741,13 +2688,11 @@ Remarks: Additional commentary on the containing object. - + - + Subject Type @@ -2769,11 +2714,11 @@ @@ -2786,27 +2731,25 @@ Remarks: Additional commentary on the containing object. - + - + Subject Universally Unique Identifier Reference - A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. + A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. Subject Universally Unique Identifier Reference: A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. - + Subject Universally Unique Identifier Reference Type - Used to indicate the type of object pointed to by the uuid-ref within a subject. + Used to indicate the type of object pointed to by the uuid-ref within a subject. Subject Universally Unique Identifier Reference Type: Used to indicate the type of object pointed to by the uuid-ref within a subject. @@ -2817,7 +2760,7 @@ Identifies the Subject - A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. + A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. Identifies the Subject: A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. @@ -2834,16 +2777,16 @@ Subject Reference Title: The title or name for the referenced subject. - + @@ -2856,27 +2799,25 @@ Remarks: Additional commentary on the containing object. - + - + Subject Universally Unique Identifier Reference - A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. + A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. Subject Universally Unique Identifier Reference: A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. - + Subject Universally Unique Identifier Reference Type - Used to indicate the type of object pointed to by the uuid-ref within a subject. + Used to indicate the type of object pointed to by the uuid-ref within a subject. Subject Universally Unique Identifier Reference Type: Used to indicate the type of object pointed to by the uuid-ref within a subject. @@ -2894,7 +2835,7 @@ @@ -2919,16 +2860,16 @@ Assessment Platform Title: The title or name for the assessment platform. - + @@ -2943,15 +2884,15 @@ @@ -2964,17 +2905,15 @@ Remarks: Additional commentary on the containing object. - + - + Component Universally Unique Identifier Reference - A machine-oriented identifier reference to a component that is implemented as part of an inventory item. + A machine-oriented identifier reference to a component that is implemented as part of an inventory item. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to a component that is implemented as part of an inventory item. @@ -2992,17 +2931,15 @@ Remarks: Additional commentary on the containing object. - + - + Assessment Platform Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Platform Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3033,7 +2970,7 @@ Objective Status Title: The title for this objective status. - + @@ -3048,16 +2985,16 @@ Objective Status Description: A human-readable description of the assessor's conclusions regarding the degree to which an objective is satisfied. - + @@ -3081,13 +3018,11 @@ Remarks: Additional commentary on the containing object. - + - + Objective Status State @@ -3097,7 +3032,7 @@ Objective Status State: An indication as to whether the objective is satisfied or not. - + Objective Status Reason @@ -3110,7 +3045,7 @@ @@ -3123,13 +3058,11 @@ Remarks: Additional commentary on the containing object. - + - + Finding Target Type @@ -3139,11 +3072,11 @@ Finding Target Type: Identifies the type of the target. - + Finding Target Identifier Reference - A machine-oriented identifier reference for a specific target qualified by the type. + A machine-oriented identifier reference for a specific target qualified by the type. Finding Target Identifier Reference: A machine-oriented identifier reference for a specific target qualified by the type. @@ -3171,7 +3104,7 @@ Observation Title: The title for this observation. - + @@ -3186,16 +3119,16 @@ Observation Description: A human-readable description of this assessment observation. - + @@ -3208,7 +3141,7 @@ Observation Method: Identifies how the observation was made. - + @@ -3221,15 +3154,15 @@ Observation Type: Identifies the nature of the observation. More than one may be used to further qualify and enable filtering. - + @@ -3254,16 +3187,16 @@ Relevant Evidence Description: A human-readable description of this evidence. - + @@ -3276,13 +3209,11 @@ Remarks: Additional commentary on the containing object. - + - + Relevant Evidence Reference @@ -3304,7 +3235,7 @@ Collected Field: Date/time stamp identifying when the finding information was collected. - + @@ -3317,7 +3248,7 @@ Expires Field: Date/time identifying when the finding information is out-of-date and no longer valid. Typically used with continuous assessment scenarios. - + @@ -3330,17 +3261,15 @@ Remarks: Additional commentary on the containing object. - + - + Observation Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Observation Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3358,11 +3287,11 @@ @@ -3378,15 +3307,15 @@ - + Actor Type @@ -3396,17 +3325,17 @@ Actor Type: The kind of actor. - + Actor Universally Unique Identifier Reference - A machine-oriented identifier reference to the tool or person based on the associated type. + A machine-oriented identifier reference to the tool or person based on the associated type. Actor Universally Unique Identifier Reference: A machine-oriented identifier reference to the tool or person based on the associated type. - + Actor Role @@ -3428,19 +3357,19 @@ @@ -3455,15 +3384,15 @@ - + Assessment Subject Placeholder Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. + A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. Assessment Subject Placeholder Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. @@ -3481,17 +3410,15 @@ Remarks: Additional commentary on the containing object. - + - + Task Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique task. + A machine-oriented identifier reference to a unique task. Task Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique task. @@ -3508,8 +3435,8 @@ Threat ID: A pointer, by ID, to an externally-defined threat. - - + + Threat Type Identification System @@ -3519,7 +3446,7 @@ Threat Type Identification System: Specifies the source of the threat information. - + Threat Information Resource Reference @@ -3553,7 +3480,7 @@ Risk Title: The title for this risk. - + @@ -3568,7 +3495,7 @@ Risk Description: A human-readable summary of the identified risk, to include a statement of how the risk impacts the system. - + @@ -3583,32 +3510,32 @@ Risk Statement: An summary of impact for how the risk affects the system. - + @@ -3633,38 +3560,38 @@ Mitigating Factor Description: A human-readable description of this mitigating factor. - + - + Mitigating Factor Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Mitigating Factor Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Implementation UUID - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Implementation UUID: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3682,11 +3609,11 @@ Risk Resolution Deadline: The date/time by which the risk must be resolved. - + @@ -3722,7 +3649,7 @@ Title: The title for this risk log entry. - + @@ -3737,7 +3664,7 @@ Risk Task Description: A human-readable description of what was done regarding the risk. - + @@ -3751,7 +3678,7 @@ Start: Identifies the start date and time of the event. - + @@ -3764,23 +3691,23 @@ End: Identifies the end date and time of the event. If the event is a point in time, the start and end will be the same date and time. - + @@ -3795,15 +3722,15 @@ @@ -3816,17 +3743,15 @@ Remarks: Additional commentary on the containing object. - + - + Response Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique risk response. + A machine-oriented identifier reference to a unique risk response. Response Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique risk response. @@ -3844,17 +3769,15 @@ Remarks: Additional commentary on the containing object. - + - + Risk Log Entry Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Risk Log Entry Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3875,11 +3798,11 @@ Related Observation: Relates the finding to a set of referenced observations that were used to determine the finding. - + Observation Universally Unique Identifier Reference - A machine-oriented identifier reference to an observation defined in the list of observations. + A machine-oriented identifier reference to an observation defined in the list of observations. Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. @@ -3888,11 +3811,11 @@ - + Risk Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Risk Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3908,17 +3831,17 @@ Logged By: Used to indicate who created a log entry in what role. - + Party UUID Reference - A machine-oriented identifier reference to the party who is making the log entry. + A machine-oriented identifier reference to the party who is making the log entry. Party UUID Reference: A machine-oriented identifier reference to the party who is making the log entry. - + Actor Role @@ -3938,7 +3861,7 @@ Risk Status: Describes the status of the associated risk. - + @@ -3951,15 +3874,15 @@ @@ -3974,11 +3897,11 @@ @@ -3991,13 +3914,11 @@ Remarks: Additional commentary on the containing object. - + - + Facet Name @@ -4007,7 +3928,7 @@ Facet Name: The name of the risk metric within the specified system. - + Naming System @@ -4017,7 +3938,7 @@ Naming System: Specifies the naming system under which this risk metric is organized, which allows for the same names to be used in different systems controlled by different parties. This avoids the potential of a name clash. - + Facet Value @@ -4052,7 +3973,7 @@ Response Title: The title for this response activity. - + @@ -4067,20 +3988,20 @@ Response Description: A human-readable description of this response plan. - + @@ -4095,7 +4016,7 @@ @@ -4109,7 +4030,7 @@ Title for Required Asset: The title for this required asset. - + @@ -4124,16 +4045,16 @@ Description of Required Asset: A human-readable description of this required asset. - + @@ -4146,17 +4067,15 @@ Remarks: Additional commentary on the containing object. - + - + Required Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Required Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4165,7 +4084,7 @@ @@ -4178,23 +4097,21 @@ Remarks: Additional commentary on the containing object. - + - + Remediation Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Remediation Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Remediation Intent @@ -4226,37 +4143,35 @@ Part Title: A name given to the part, which may be used by a tool for display and navigation. - + - + - + Part Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Part Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Part Name @@ -4266,7 +4181,7 @@ Part Name: A textual label that uniquely identifies the part's semantic type. - + Part Namespace @@ -4276,11 +4191,11 @@ Part Namespace: A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. - + Part Class - A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. Part Class: A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. @@ -4308,37 +4223,35 @@ Part Title: A name given to the part, which may be used by a tool for display and navigation. - + - + - + Part Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Part Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Part Name @@ -4348,7 +4261,7 @@ Part Name: A textual label that uniquely identifies the part's semantic type. - + Part Namespace @@ -4358,11 +4271,11 @@ Part Namespace: A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. - + Part Class - A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. Part Class: A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. @@ -4380,11 +4293,11 @@ @@ -4392,13 +4305,13 @@ Parameter Label - A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. + A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. Parameter Label: A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. - + @@ -4413,25 +4326,25 @@ Parameter Usage Description: Describes the purpose and use of a parameter - + @@ -4445,23 +4358,21 @@ Remarks: Additional commentary on the containing object. - + - + Parameter Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Parameter Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Parameter Class @@ -4471,7 +4382,7 @@ Parameter Class: A textual label that provides a characterization of the parameter. - + Depends on @@ -4503,7 +4414,7 @@ Constraint Description: A textual summary of the constraint to be applied. - + @@ -4528,7 +4439,7 @@ Constraint test: A formal (executable) expression of a constraint - + @@ -4541,9 +4452,7 @@ Remarks: Additional commentary on the containing object. - + @@ -4561,9 +4470,7 @@ Guideline: A prose statement that provides a recommendation for the use of a parameter. - + @@ -4575,7 +4482,7 @@ Parameter Value: A parameter value or set of values. - + @@ -4598,12 +4505,12 @@ Choice: A value selection among several such options - + - + Parameter Cardinality @@ -4645,7 +4552,7 @@ Component Title: A human readable name for the system component. - + @@ -4660,7 +4567,7 @@ Component Description: A description of the component, including information about its function. - + @@ -4675,16 +4582,16 @@ Purpose: A summary of the technological or business purpose of the component. - + @@ -4708,13 +4615,11 @@ Remarks: Additional commentary on the containing object. - + - + State @@ -4727,11 +4632,11 @@ @@ -4744,23 +4649,21 @@ Remarks: Additional commentary on the containing object. - + - + Component Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Component Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Component Type @@ -4792,30 +4695,30 @@ Protocol Title: A human readable name for the protocol (e.g., Transport Layer Security). - + - + Service Protocol Information Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Service Protocol Information Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Protocol Name - The common name of the protocol, which should be the appropriate "service name" from the IANA Service Name and Transport Protocol Port Number Registry. + The common name of the protocol, which should be the appropriate "service name" from the IANA Service Name and Transport Protocol Port Number Registry. Protocol Name: The common name of the protocol, which should be the appropriate "service name" from the IANA Service Name and Transport Protocol Port Number Registry. @@ -4831,7 +4734,7 @@ Port Range: Where applicable this is the IPv4 port range on which the service operates. - + Start @@ -4841,7 +4744,7 @@ Start: Indicates the starting port number in a port range - + End @@ -4851,7 +4754,7 @@ End: Indicates the ending port number in a port range - + Transport @@ -4882,13 +4785,11 @@ Remarks: Additional commentary on the containing object. - + - + Implementation State @@ -4920,7 +4821,7 @@ User Title: A name given to the user, which may be used by a tool for display and navigation. - + @@ -4934,7 +4835,7 @@ User Short Name: A short common name, abbreviation, or acronym for the user. - + @@ -4948,24 +4849,24 @@ User Description: A summary of the user's purpose within the system. - + @@ -4978,17 +4879,15 @@ Remarks: Additional commentary on the containing object. - + - + User Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. User Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -5016,7 +4915,7 @@ Privilege Title: A human readable name for the privilege. - + @@ -5031,12 +4930,12 @@ Privilege Description: A summary of the privilege's purpose within the system. - + @@ -5050,7 +4949,7 @@ Functions Performed: Describes a function performed for a given authorized privilege by this user class. - + @@ -5073,20 +4972,20 @@ Inventory Item Description: A summary of the inventory item stating its purpose within the system. - + @@ -5101,15 +5000,15 @@ @@ -5122,17 +5021,15 @@ Remarks: Additional commentary on the containing object. - + - + Component Universally Unique Identifier Reference - A machine-oriented identifier reference to a component that is implemented as part of an inventory item. + A machine-oriented identifier reference to a component that is implemented as part of an inventory item. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to a component that is implemented as part of an inventory item. @@ -5150,17 +5047,15 @@ Remarks: Additional commentary on the containing object. - + - + Inventory Item Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Inventory Item Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -5187,7 +5082,7 @@ Parameter Value: A parameter value or set of values. - + @@ -5200,17 +5095,15 @@ Remarks: Additional commentary on the containing object. - + - + Parameter ID - A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. + A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. Parameter ID: A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. @@ -5221,14 +5114,14 @@ System Identification - A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. + A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. System Identification: A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. - - + + Identification System Type @@ -5241,55 +5134,38 @@ - - - - - + + + + - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + - - - - - - - - - The content model is the same as blockElementType, but line endings need - to be preserved, since this is preformatted. - - - + + + + - + - The content model is the same as blockElementType, but line endings need + The content model is the same as inlineType, but line endings need to be preserved, since this is preformatted. @@ -5298,34 +5174,39 @@ + - - - + + + - + - - - - + + + + + - + - - + + + + + @@ -5334,49 +5215,55 @@ - - - - - - - - + + + + + + + + + + + + - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + - + + + - + + + + - - An insert can be used to identify a placeholder for dynamically inserting text related to a specific object, which is referenced by the object's identifier using an id-ref. This insert mechanism allows the selection of which text value from the object to dynamically include based on the application's display requirements. + An insert can be used to identify a placeholder for dynamically inserting text related to a specific object, which is referenced by the object's identifier using an id-ref. This insert mechanism allows the selection of which text value from the object to dynamically include based on the application's display requirements. @@ -5385,95 +5272,25 @@ - The identity of the object to insert a value for. The identity will be selected from the index of objects of the specified type. The specific value to include is based on the application's display requirements, which will likely use a specific data element associated with the type (e.g., title, identifier, value, etc.) that is appropriate for the application. + The identity of the object to insert a value for. The identity will be selected from the index of objects of the specified type. The specific value to include is based on the application's display requirements, which will likely use a specific data element associated with the type (e.g., title, identifier, value, etc.) that is appropriate for the application. - - - - - A string, but not empty and not whitespace-only (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) - - - - - - The xs:dateTime with a required timezone. - - - - - - An email address - - - - - - A URI - - - - - - A URI reference, such as a relative URL - - - - - - A Type 4 ('random' or 'pseudorandom' UUID per RFC 4122 - - - - - - A string token following the rules of XML "no colon" names, with no whitespace. (XML names are single alphabetic characters - followed by alphanumeric characters, periods, underscores or dashes.) - - - A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. - - - - - - - - The xs:date with a required timezone. - - - - - - - - - - The xs:dateTime with a required timezone. - + @@ -5481,7 +5298,7 @@ An email address - + Need a better pattern. @@ -5489,32 +5306,14 @@ - - - A host name - - - - - - The ip-v4-address type specifies an IPv4 address in - dot decimal notation. - - - - - - - - The ip-v6-address type specifies an IPv6 address - represented in 8 hextets separated by colons. - This is based on the pattern provided here: - https://stackoverflow.com/questions/53497/regular-expression-that-matches-valid-ipv6-addresses - with some customizations. - - - - + + + + + A trimmed string, at least one character with no + leading or trailing whitespace. + + @@ -5522,7 +5321,7 @@ A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. @@ -5530,18 +5329,38 @@ A string, but not empty and not whitespace-only - (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) + (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) The OSCAL 'string' datatype restricts the XSD type by prohibiting leading - and trailing whitespace, and something (not only whitespace) is required. + and trailing whitespace, and something (not only whitespace) is required. A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. + + + + + + + + A string token following the rules of XML "no + colon" names, with no whitespace. (XML names are single alphabetic + characters followed by alphanumeric characters, periods, underscores or dashes.) + + + + + + + + A single token may not contain whitespace. + @@ -5561,13 +5380,13 @@ A URI reference, such as a relative URL - + A trimmed URI, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. @@ -5575,14 +5394,14 @@ A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC - 4122. + 4122. - + A sequence of 8-4-4-4-12 hex digits, with extra - constraints in the 13th and 17-18th places for version 4 and 5 - + constraints in the 13th and 17-18th places for version 4 and 5 + diff --git a/xml/schema/oscal_catalog_schema.xsd b/xml/schema/oscal_catalog_schema.xsd index 888bfa2f68..ae63aa40b2 100644 --- a/xml/schema/oscal_catalog_schema.xsd +++ b/xml/schema/oscal_catalog_schema.xsd @@ -1,8 +1,8 @@ - @@ -17,7 +17,7 @@ catalog - + @@ -29,27 +29,27 @@ - + Catalog Universally Unique Identifier @@ -81,48 +81,48 @@ Group Title: A name given to the group, which may be used by a tool for display and navigation. - + - + Group Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document. Group Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document. - + Group Class @@ -154,24 +154,24 @@ Control Title: A name given to the control, which may be used by a tool for display and navigation. - + @@ -186,15 +186,15 @@ - + Mapping Identifier @@ -207,21 +207,21 @@ - + Control Identifier - A human-oriented, locally unique identifier with instance scope that can be used to reference this control elsewhere in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same control across revisions of the document. + A human-oriented, locally unique identifier with instance scope that can be used to reference this control elsewhere in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same control across revisions of the document. Control Identifier: A human-oriented, locally unique identifier with instance scope that can be used to reference this control elsewhere in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same control across revisions of the document. - + Control Class @@ -253,37 +253,35 @@ Part Title: A name given to the part, which may be used by a tool for display and navigation. - + - + - + Part Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Part Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Part Name @@ -293,7 +291,7 @@ Part Name: A textual label that uniquely identifies the part's semantic type. - + Part Namespace @@ -303,11 +301,11 @@ Part Namespace: A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. - + Part Class - A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. Part Class: A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. @@ -325,11 +323,11 @@ @@ -337,13 +335,13 @@ Parameter Label - A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. + A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. Parameter Label: A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. - + @@ -358,25 +356,25 @@ Parameter Usage Description: Describes the purpose and use of a parameter - + @@ -390,23 +388,21 @@ Remarks: Additional commentary on the containing object. - + - + Parameter Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Parameter Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Parameter Class @@ -416,7 +412,7 @@ Parameter Class: A textual label that provides a characterization of the parameter. - + Depends on @@ -448,7 +444,7 @@ Constraint Description: A textual summary of the constraint to be applied. - + @@ -473,7 +469,7 @@ Constraint test: A formal (executable) expression of a constraint - + @@ -486,9 +482,7 @@ Remarks: Additional commentary on the containing object. - + @@ -506,9 +500,7 @@ Guideline: A prose statement that provides a recommendation for the use of a parameter. - + @@ -520,7 +512,7 @@ Parameter Value: A parameter value or set of values. - + @@ -543,12 +535,12 @@ Choice: A value selection among several such options - + - + Parameter Cardinality @@ -590,62 +582,62 @@ Document Title: A name given to the document, which may be used by a tool for display and navigation. - + @@ -658,9 +650,7 @@ Remarks: Additional commentary on the containing object. - + @@ -686,32 +676,32 @@ Document Title: A name given to the document revision, which may be used by a tool for display and navigation. - + @@ -724,9 +714,7 @@ Remarks: Additional commentary on the containing object. - + @@ -752,20 +740,20 @@ Location Title: A name given to the location, which may be used by a tool for display and navigation. - + @@ -778,15 +766,15 @@ Location URL: The uniform resource locator (URL) for a web site or Internet presence associated with the location. - + @@ -799,17 +787,15 @@ Remarks: Additional commentary on the containing object. - + - + Location Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Location Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -820,12 +806,12 @@ Location Reference - A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Location Reference: A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -847,7 +833,7 @@ Party Name: The full name of the party. This is typically the legal name associated with the party. - + @@ -860,7 +846,7 @@ Party Short Name: A short common name, abbreviation, or acronym for the party. - + @@ -874,8 +860,8 @@ Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) - - + + External Identifier Schema @@ -890,28 +876,28 @@ @@ -920,12 +906,12 @@ Organizational Affiliation - A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Organizational Affiliation: A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -938,23 +924,21 @@ Remarks: Additional commentary on the containing object. - + - + Party Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Party Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Party Type @@ -969,12 +953,12 @@ Party Reference - A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Party Reference: A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -997,7 +981,7 @@ Role Title: A name given to the role, which may be used by a tool for display and navigation. - + @@ -1011,7 +995,7 @@ Role Short Name: A short common name, abbreviation, or acronym for the role. - + @@ -1025,16 +1009,16 @@ Role Description: A summary of the role's purpose and associated responsibilities. - + @@ -1047,23 +1031,32 @@ Remarks: Additional commentary on the containing object. - + - + Role Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Role Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + + + + Role Identifier Reference + A human-oriented identifier reference to roles served by the user. + + + Role Identifier Reference: A human-oriented identifier reference to roles served by the user. + + + @@ -1096,7 +1089,7 @@ Resource Title: A name given to the resource, which may be used by a tool for display and navigation. - + @@ -1111,16 +1104,16 @@ Resource Description: A short summary of the resource used to indicate the purpose of the resource. - + @@ -1145,16 +1138,16 @@ Citation Text: A line of citation text. - + @@ -1172,11 +1165,11 @@ - + Hypertext Reference @@ -1186,11 +1179,11 @@ Hypertext Reference: A resolvable URI reference to a resource. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -1209,22 +1202,22 @@ Base64: The Base64 alphabet in RFC 2045 - aligned with XSD. - - + + File Name - Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. + Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. File Name: Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -1244,17 +1237,15 @@ Remarks: Additional commentary on the containing object. - + - + Resource Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Resource Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1284,13 +1275,11 @@ Remarks: Additional commentary on the containing object. - + - + Property Name @@ -1300,17 +1289,17 @@ Property Name: A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. - + Property Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Property Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Property Namespace @@ -1320,7 +1309,7 @@ Property Namespace: A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name. - + Property Value @@ -1330,11 +1319,11 @@ Property Value: Indicates the value of the attribute, characteristic, or quality. - + Property Class - A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. @@ -1362,12 +1351,12 @@ Link Text: A textual label to associate with the link, which may be used for presentation in a tool. - + - + Hypertext Reference @@ -1377,7 +1366,7 @@ Hypertext Reference: A resolvable URL reference to a resource. - + Relation @@ -1387,11 +1376,11 @@ Relation: Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -1409,15 +1398,15 @@ @@ -1430,17 +1419,15 @@ Remarks: Additional commentary on the containing object. - + - + Responsible Role - A human-oriented identifier reference to roles served by the user. + A human-oriented identifier reference to roles served by the user. Responsible Role: A human-oriented identifier reference to roles served by the user. @@ -1458,15 +1445,15 @@ @@ -1479,17 +1466,15 @@ Remarks: Additional commentary on the containing object. - + - + Responsible Role ID - A human-oriented identifier reference to roles responsible for the business function. + A human-oriented identifier reference to roles responsible for the business function. Responsible Role ID: A human-oriented identifier reference to roles responsible for the business function. @@ -1506,8 +1491,8 @@ Hash: A representation of a cryptographic digest generated over a resource using a specified hash algorithm. - - + + Hash algorithm @@ -1530,30 +1515,30 @@ Remarks: Additional commentary on the containing object. - + Publication Timestamp - The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. Publication Timestamp: The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. - + Last Modified Timestamp - The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. Last Modified Timestamp: The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. - + @@ -1564,7 +1549,7 @@ Document Version: A string used to distinguish the current version of the document from other previous (and future) versions. - + @@ -1575,18 +1560,18 @@ OSCAL version: The OSCAL model version the document was authored against. - + Email Address - An email address as defined by RFC 5322 Section 3.4.1. + An email address as defined by RFC 5322 Section 3.4.1. Email Address: An email address as defined by RFC 5322 Section 3.4.1. - + @@ -1598,8 +1583,8 @@ Telephone Number: Contact number by telephone. - - + + type flag @@ -1623,7 +1608,7 @@ @@ -1636,7 +1621,7 @@ City: City, town or geographical region for the mailing address. - + @@ -1649,7 +1634,7 @@ State: State, province or analogous geographical region for mailing address - + @@ -1662,7 +1647,7 @@ Postal Code: Postal or ZIP code for mailing address - + @@ -1675,11 +1660,11 @@ Country Code: The ISO 3166-1 alpha-2 country code for the mailing address. - + - + Address Type @@ -1699,20 +1684,20 @@ Address line: A single line of an address. - + Document Identifier - A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. Document Identifier: A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. - - + + Document Identification Scheme @@ -1736,11 +1721,11 @@ @@ -1754,8 +1739,8 @@ Mapping Entry Relationship: The relationship type for the mapping entry, which describes the relationship between the effective requirements of the specified source and target sets. - - + + Relationship Value Namespace @@ -1770,11 +1755,11 @@ @@ -1787,13 +1772,11 @@ Remarks: Additional commentary on the containing object. - + - + Mapping Entry Identifier @@ -1815,11 +1798,11 @@ @@ -1832,13 +1815,11 @@ Remarks: Additional commentary on the containing object. - + - + Subject Type @@ -1848,7 +1829,7 @@ Subject Type: The semantic type of the subject. - + Subject Type @@ -1870,11 +1851,11 @@ @@ -1887,13 +1868,11 @@ Remarks: Additional commentary on the containing object. - + - + Resource Type @@ -1903,7 +1882,7 @@ Resource Type: The semantic type of the resource. - + Catalog or Profile Reference @@ -1914,55 +1893,38 @@ - - - - - + + + + - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + - - - - - - - - - The content model is the same as blockElementType, but line endings need - to be preserved, since this is preformatted. - - - + + + + - + - The content model is the same as blockElementType, but line endings need + The content model is the same as inlineType, but line endings need to be preserved, since this is preformatted. @@ -1971,34 +1933,39 @@ + - - - + + + - + - - - - + + + + + - + - - + + + + + @@ -2007,49 +1974,55 @@ - - - - - - - - + + + + + + + + + + + + - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + - + + + - + + + + - - An insert can be used to identify a placeholder for dynamically inserting text related to a specific object, which is referenced by the object's identifier using an id-ref. This insert mechanism allows the selection of which text value from the object to dynamically include based on the application's display requirements. + An insert can be used to identify a placeholder for dynamically inserting text related to a specific object, which is referenced by the object's identifier using an id-ref. This insert mechanism allows the selection of which text value from the object to dynamically include based on the application's display requirements. @@ -2058,95 +2031,25 @@ - The identity of the object to insert a value for. The identity will be selected from the index of objects of the specified type. The specific value to include is based on the application's display requirements, which will likely use a specific data element associated with the type (e.g., title, identifier, value, etc.) that is appropriate for the application. + The identity of the object to insert a value for. The identity will be selected from the index of objects of the specified type. The specific value to include is based on the application's display requirements, which will likely use a specific data element associated with the type (e.g., title, identifier, value, etc.) that is appropriate for the application. - - - - - A string, but not empty and not whitespace-only (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) - - - - - - The xs:dateTime with a required timezone. - - - - - - An email address - - - - - - A URI - - - - - - A URI reference, such as a relative URL - - - - - - A Type 4 ('random' or 'pseudorandom' UUID per RFC 4122 - - - - - - A string token following the rules of XML "no colon" names, with no whitespace. (XML names are single alphabetic characters - followed by alphanumeric characters, periods, underscores or dashes.) - - - A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. - - - - - - - - The xs:date with a required timezone. - - - - - - - - - - The xs:dateTime with a required timezone. - + @@ -2154,7 +2057,7 @@ An email address - + Need a better pattern. @@ -2162,59 +2065,41 @@ - - - A host name - - - - - - The ip-v4-address type specifies an IPv4 address in - dot decimal notation. - - - - - - + - The ip-v6-address type specifies an IPv6 address - represented in 8 hextets separated by colons. - This is based on the pattern provided here: - https://stackoverflow.com/questions/53497/regular-expression-that-matches-valid-ipv6-addresses - with some customizations. + A string, but not empty and not whitespace-only + (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) - - - - - - + + The OSCAL 'string' datatype restricts the XSD type by prohibiting leading + and trailing whitespace, and something (not only whitespace) is required. + + A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. - + - A string, but not empty and not whitespace-only - (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) + + A string token following the rules of XML "no + colon" names, with no whitespace. (XML names are single alphabetic + characters followed by alphanumeric characters, periods, underscores or dashes.) + - - - The OSCAL 'string' datatype restricts the XSD type by prohibiting leading - and trailing whitespace, and something (not only whitespace) is required. - - - + + + - A trimmed string, at least one character with no - leading or trailing whitespace. + + A single token may not contain whitespace. + @@ -2234,13 +2119,13 @@ A URI reference, such as a relative URL - + A trimmed URI, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. @@ -2248,14 +2133,14 @@ A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC - 4122. + 4122. - + A sequence of 8-4-4-4-12 hex digits, with extra - constraints in the 13th and 17-18th places for version 4 and 5 - + constraints in the 13th and 17-18th places for version 4 and 5 + diff --git a/xml/schema/oscal_complete_schema.xsd b/xml/schema/oscal_complete_schema.xsd index dd9c04f1f1..37b392106d 100644 --- a/xml/schema/oscal_complete_schema.xsd +++ b/xml/schema/oscal_complete_schema.xsd @@ -1,8 +1,8 @@ - @@ -24,7 +24,7 @@ plan-of-action-and-milestones - + @@ -36,27 +36,27 @@ - + Catalog Universally Unique Identifier @@ -88,48 +88,48 @@ Group Title: A name given to the group, which may be used by a tool for display and navigation. - + - + Group Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document. Group Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document. - + Group Class @@ -161,24 +161,24 @@ Control Title: A name given to the control, which may be used by a tool for display and navigation. - + @@ -193,15 +193,15 @@ - + Mapping Identifier @@ -214,21 +214,21 @@ - + Control Identifier - A human-oriented, locally unique identifier with instance scope that can be used to reference this control elsewhere in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same control across revisions of the document. + A human-oriented, locally unique identifier with instance scope that can be used to reference this control elsewhere in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same control across revisions of the document. Control Identifier: A human-oriented, locally unique identifier with instance scope that can be used to reference this control elsewhere in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same control across revisions of the document. - + Control Class @@ -260,37 +260,35 @@ Part Title: A name given to the part, which may be used by a tool for display and navigation. - + - + - + Part Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Part Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Part Name @@ -300,7 +298,7 @@ Part Name: A textual label that uniquely identifies the part's semantic type. - + Part Namespace @@ -310,11 +308,11 @@ Part Namespace: A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. - + Part Class - A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. Part Class: A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. @@ -332,11 +330,11 @@ @@ -344,13 +342,13 @@ Parameter Label - A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. + A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. Parameter Label: A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. - + @@ -365,25 +363,25 @@ Parameter Usage Description: Describes the purpose and use of a parameter - + @@ -397,23 +395,21 @@ Remarks: Additional commentary on the containing object. - + - + Parameter Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Parameter Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Parameter Class @@ -423,7 +419,7 @@ Parameter Class: A textual label that provides a characterization of the parameter. - + Depends on @@ -455,7 +451,7 @@ Constraint Description: A textual summary of the constraint to be applied. - + @@ -480,7 +476,7 @@ Constraint test: A formal (executable) expression of a constraint - + @@ -493,9 +489,7 @@ Remarks: Additional commentary on the containing object. - + @@ -513,9 +507,7 @@ Guideline: A prose statement that provides a recommendation for the use of a parameter. - + @@ -527,7 +519,7 @@ Parameter Value: A parameter value or set of values. - + @@ -550,12 +542,12 @@ Choice: A value selection among several such options - + - + Parameter Cardinality @@ -597,62 +589,62 @@ Document Title: A name given to the document, which may be used by a tool for display and navigation. - + @@ -665,9 +657,7 @@ Remarks: Additional commentary on the containing object. - + @@ -693,32 +683,32 @@ Document Title: A name given to the document revision, which may be used by a tool for display and navigation. - + @@ -731,9 +721,7 @@ Remarks: Additional commentary on the containing object. - + @@ -759,20 +747,20 @@ Location Title: A name given to the location, which may be used by a tool for display and navigation. - + @@ -785,15 +773,15 @@ Location URL: The uniform resource locator (URL) for a web site or Internet presence associated with the location. - + @@ -806,17 +794,15 @@ Remarks: Additional commentary on the containing object. - + - + Location Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Location Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -827,12 +813,12 @@ Location Reference - A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Location Reference: A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -854,7 +840,7 @@ Party Name: The full name of the party. This is typically the legal name associated with the party. - + @@ -867,7 +853,7 @@ Party Short Name: A short common name, abbreviation, or acronym for the party. - + @@ -881,8 +867,8 @@ Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) - - + + External Identifier Schema @@ -897,28 +883,28 @@ @@ -927,12 +913,12 @@ Organizational Affiliation - A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Organizational Affiliation: A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -945,23 +931,21 @@ Remarks: Additional commentary on the containing object. - + - + Party Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Party Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Party Type @@ -976,12 +960,12 @@ Party Reference - A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Party Reference: A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -1004,7 +988,7 @@ Role Title: A name given to the role, which may be used by a tool for display and navigation. - + @@ -1018,7 +1002,7 @@ Role Short Name: A short common name, abbreviation, or acronym for the role. - + @@ -1032,16 +1016,16 @@ Role Description: A summary of the role's purpose and associated responsibilities. - + @@ -1054,17 +1038,15 @@ Remarks: Additional commentary on the containing object. - + - + Role Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Role Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1075,12 +1057,12 @@ Role Identifier Reference - A human-oriented identifier reference to roles served by the user. + A human-oriented identifier reference to roles served by the user. Role Identifier Reference: A human-oriented identifier reference to roles served by the user. - + @@ -1114,7 +1096,7 @@ Resource Title: A name given to the resource, which may be used by a tool for display and navigation. - + @@ -1129,16 +1111,16 @@ Resource Description: A short summary of the resource used to indicate the purpose of the resource. - + @@ -1163,16 +1145,16 @@ Citation Text: A line of citation text. - + @@ -1190,11 +1172,11 @@ - + Hypertext Reference @@ -1204,11 +1186,11 @@ Hypertext Reference: A resolvable URI reference to a resource. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -1227,22 +1209,22 @@ Base64: The Base64 alphabet in RFC 2045 - aligned with XSD. - - + + File Name - Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. + Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. File Name: Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -1262,17 +1244,15 @@ Remarks: Additional commentary on the containing object. - + - + Resource Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Resource Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1302,13 +1282,11 @@ Remarks: Additional commentary on the containing object. - + - + Property Name @@ -1318,17 +1296,17 @@ Property Name: A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. - + Property Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Property Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Property Namespace @@ -1338,7 +1316,7 @@ Property Namespace: A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name. - + Property Value @@ -1348,11 +1326,11 @@ Property Value: Indicates the value of the attribute, characteristic, or quality. - + Property Class - A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. @@ -1380,12 +1358,12 @@ Link Text: A textual label to associate with the link, which may be used for presentation in a tool. - + - + Hypertext Reference @@ -1395,7 +1373,7 @@ Hypertext Reference: A resolvable URL reference to a resource. - + Relation @@ -1405,11 +1383,11 @@ Relation: Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -1427,15 +1405,15 @@ @@ -1448,17 +1426,15 @@ Remarks: Additional commentary on the containing object. - + - + Responsible Role - A human-oriented identifier reference to roles served by the user. + A human-oriented identifier reference to roles served by the user. Responsible Role: A human-oriented identifier reference to roles served by the user. @@ -1476,15 +1452,15 @@ @@ -1497,17 +1473,15 @@ Remarks: Additional commentary on the containing object. - + - + Responsible Role ID - A human-oriented identifier reference to roles responsible for the business function. + A human-oriented identifier reference to roles responsible for the business function. Responsible Role ID: A human-oriented identifier reference to roles responsible for the business function. @@ -1524,8 +1498,8 @@ Hash: A representation of a cryptographic digest generated over a resource using a specified hash algorithm. - - + + Hash algorithm @@ -1548,30 +1522,30 @@ Remarks: Additional commentary on the containing object. - + Publication Timestamp - The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. Publication Timestamp: The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. - + Last Modified Timestamp - The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. Last Modified Timestamp: The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. - + @@ -1582,7 +1556,7 @@ Document Version: A string used to distinguish the current version of the document from other previous (and future) versions. - + @@ -1593,18 +1567,18 @@ OSCAL version: The OSCAL model version the document was authored against. - + Email Address - An email address as defined by RFC 5322 Section 3.4.1. + An email address as defined by RFC 5322 Section 3.4.1. Email Address: An email address as defined by RFC 5322 Section 3.4.1. - + @@ -1616,8 +1590,8 @@ Telephone Number: Contact number by telephone. - - + + type flag @@ -1641,7 +1615,7 @@ @@ -1654,7 +1628,7 @@ City: City, town or geographical region for the mailing address. - + @@ -1667,7 +1641,7 @@ State: State, province or analogous geographical region for mailing address - + @@ -1680,7 +1654,7 @@ Postal Code: Postal or ZIP code for mailing address - + @@ -1693,11 +1667,11 @@ Country Code: The ISO 3166-1 alpha-2 country code for the mailing address. - + - + Address Type @@ -1717,20 +1691,20 @@ Address line: A single line of an address. - + Document Identifier - A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. Document Identifier: A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. - - + + Document Identification Scheme @@ -1754,11 +1728,11 @@ @@ -1772,8 +1746,8 @@ Mapping Entry Relationship: The relationship type for the mapping entry, which describes the relationship between the effective requirements of the specified source and target sets. - - + + Relationship Value Namespace @@ -1788,11 +1762,11 @@ @@ -1805,13 +1779,11 @@ Remarks: Additional commentary on the containing object. - + - + Mapping Entry Identifier @@ -1833,11 +1805,11 @@ @@ -1850,13 +1822,11 @@ Remarks: Additional commentary on the containing object. - + - + Subject Type @@ -1866,7 +1836,7 @@ Subject Type: The semantic type of the subject. - + Subject Type @@ -1888,11 +1858,11 @@ @@ -1905,13 +1875,11 @@ Remarks: Additional commentary on the containing object. - + - + Resource Type @@ -1921,7 +1889,7 @@ Resource Type: The semantic type of the resource. - + Catalog or Profile Reference @@ -1933,7 +1901,7 @@ + type="oscal-mapping-mapping-collection-ASSEMBLY"/> @@ -1945,19 +1913,19 @@ - + Mapping Collection Universally Unique Identifier @@ -1979,30 +1947,30 @@ - + Mapping Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document. Mapping Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document. - + @@ -2014,31 +1982,31 @@ - + Profile Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this profile elsewhere in this or other OSCAL instances. The locally defined UUID of the profile can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This identifier should be assigned per-subject, which means it should be consistently used to identify the same profile across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this profile elsewhere in this or other OSCAL instances. The locally defined UUID of the profile can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This identifier should be assigned per-subject, which means it should be consistently used to identify the same profile across revisions of the document. Profile Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this profile elsewhere in this or other OSCAL instances. The locally defined UUID of the profile can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This identifier should be assigned per-subject, which means it should be consistently used to identify the same profile across revisions of the document. @@ -2049,7 +2017,7 @@ Import resource - The import designates a catalog or profile to be included (referenced and potentially modified) by this profile. The import also identifies which controls to select using the include-all, include-controls, and exclude-controls directives. + The import designates a catalog or profile to be included (referenced and potentially modified) by this profile. The import also identifies which controls to select using the include-all, include-controls, and exclude-controls directives. Import resource: The import designates a catalog or profile to be included (referenced and potentially modified) by this profile. The import also identifies which controls to select using the include-all, include-controls, and exclude-controls directives. @@ -2057,20 +2025,20 @@ - + Catalog or Profile Reference @@ -2101,7 +2069,7 @@ Combination rule: A Combine element defines how to combine multiple (competing) versions of the same control. - + Combination method @@ -2136,7 +2104,7 @@ As-Is Structuring Directive: An As-is element indicates that the controls should be structured in resolution as they are structured in their source catalogs. It does not contain any elements or attributes. - + @@ -2151,11 +2119,11 @@ @@ -2185,48 +2153,48 @@ Group Title: A name given to the group, which may be used by a tool for display and navigation. - + - + Group Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document. Group Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document. - + Group Class @@ -2259,11 +2227,11 @@ @@ -2271,13 +2239,13 @@ Parameter Label - A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. + A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. Parameter Label: A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. - + @@ -2292,40 +2260,40 @@ Parameter Usage Description: Describes the purpose and use of a parameter - + - + Parameter ID - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Parameter ID: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Parameter Class @@ -2335,7 +2303,7 @@ Parameter Class: A textual label that provides a characterization of the parameter. - + Depends on @@ -2348,7 +2316,7 @@ @@ -2365,20 +2333,20 @@ - + Order @@ -2409,7 +2377,7 @@ Match Controls by Identifier: - + @@ -2422,11 +2390,11 @@ Match Controls by Pattern: Select controls by (regular expression) match on ID - + Pattern - A glob expression matching the IDs of one or more controls to be selected. + A glob expression matching the IDs of one or more controls to be selected. Pattern: A glob expression matching the IDs of one or more controls to be selected. @@ -2435,7 +2403,7 @@ - + Include contained controls with control @@ -2457,19 +2425,19 @@ - + Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -2485,7 +2453,7 @@ Removal: Specifies objects to be removed from a control based on specific aspects of the object that must all match. - + Reference by (assigned) name @@ -2495,42 +2463,42 @@ Reference by (assigned) name: Identify items to remove by matching their assigned name - + Reference by class - Identify items to remove by matching their class. + Identify items to remove by matching their class. Reference by class: Identify items to remove by matching their class. - + Reference by ID - Identify items to remove indicated by their id. + Identify items to remove indicated by their id. Reference by ID: Identify items to remove indicated by their id. - + Item Name Reference - Identify items to remove by the name of the item's information element name, e.g. title or prop + Identify items to remove by the name of the item's information element name, e.g. title or prop Item Name Reference: Identify items to remove by the name of the item's information element name, e.g. title or prop - + Item Namespace Reference - Identify items to remove by the item's ns, which is the namespace associated with a part, or prop. + Identify items to remove by the item's ns, which is the namespace associated with a part, or prop. Item Namespace Reference: Identify items to remove by the item's ns, which is the namespace associated with a part, or prop. @@ -2558,28 +2526,28 @@ Title Change: A name given to the control, which may be used by a tool for display and navigation. - + - + Position @@ -2589,7 +2557,7 @@ Position: Where to add the new content with respect to the targeted element (beside it or inside it) - + Reference by ID @@ -2601,7 +2569,7 @@ + type="oscal-component-definition-component-definition-ASSEMBLY"/> @@ -2613,31 +2581,31 @@ - + Component Definition Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component definition elsewhere in this or other OSCAL instances. The locally defined UUID of the component definition can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component definition elsewhere in this or other OSCAL instances. The locally defined UUID of the component definition can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Component Definition Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component definition elsewhere in this or other OSCAL instances. The locally defined UUID of the component definition can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2653,7 +2621,7 @@ Import Component Definition: Loads a component definition from another resource. - + Hyperlink Reference @@ -2685,7 +2653,7 @@ Component Title: A human readable name for the component. - + @@ -2700,7 +2668,7 @@ Component Description: A description of the component, including information about its function. - + @@ -2715,28 +2683,28 @@ Purpose: A summary of the technological or business purpose of the component. - + @@ -2749,23 +2717,21 @@ Remarks: Additional commentary on the containing object. - + - + Component Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Component Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Component Type @@ -2797,24 +2763,24 @@ Capability Description: A summary of the capability. - + @@ -2827,23 +2793,21 @@ Remarks: Additional commentary on the containing object. - + - + Capability Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this capability elsewhere in this or other OSCAL instances. The locally defined UUID of the capability can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this capability elsewhere in this or other OSCAL instances. The locally defined UUID of the capability can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Capability Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this capability elsewhere in this or other OSCAL instances. The locally defined UUID of the capability can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Capability Name @@ -2875,16 +2839,16 @@ Component Description: A description of the component, including information about its function. - + - + Component Reference - A machine-oriented identifier reference to a component. + A machine-oriented identifier reference to a component. Component Reference: A machine-oriented identifier reference to a component. @@ -2912,38 +2876,38 @@ Control Implementation Description: A description of how the specified set of controls are implemented for the containing component or capability. - + - + Control Implementation Set Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a set of implemented controls elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation set can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a set of implemented controls elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation set can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Control Implementation Set Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a set of implemented controls elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation set can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Source Resource Reference @@ -2975,28 +2939,28 @@ Control Implementation Description: A suggestion for how the specified control may be implemented if the containing component or capability is instantiated in a system security plan. - + @@ -3009,27 +2973,25 @@ Remarks: Additional commentary on the containing object. - + - + Control Implementation Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a specific control implementation elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a specific control implementation elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Control Implementation Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a specific control implementation elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -3057,20 +3019,20 @@ Statement Implementation Description: A summary of how the containing control statement is implemented by the component or capability. - + @@ -3083,27 +3045,25 @@ Remarks: Additional commentary on the containing object. - + - + Control Statement Reference - A human-oriented identifier reference to a control statement. + A human-oriented identifier reference to a control statement. Control Statement Reference: A human-oriented identifier reference to a control statement. - + Control Statement Reference Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Control Statement Reference Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). @@ -3131,7 +3091,7 @@ Component Title: A human readable name for the system component. - + @@ -3146,7 +3106,7 @@ Component Description: A description of the component, including information about its function. - + @@ -3161,16 +3121,16 @@ Purpose: A summary of the technological or business purpose of the component. - + @@ -3194,13 +3154,11 @@ Remarks: Additional commentary on the containing object. - + - + State @@ -3213,11 +3171,11 @@ @@ -3230,23 +3188,21 @@ Remarks: Additional commentary on the containing object. - + - + Component Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Component Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Component Type @@ -3278,30 +3234,30 @@ Protocol Title: A human readable name for the protocol (e.g., Transport Layer Security). - + - + Service Protocol Information Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Service Protocol Information Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Protocol Name - The common name of the protocol, which should be the appropriate "service name" from the IANA Service Name and Transport Protocol Port Number Registry. + The common name of the protocol, which should be the appropriate "service name" from the IANA Service Name and Transport Protocol Port Number Registry. Protocol Name: The common name of the protocol, which should be the appropriate "service name" from the IANA Service Name and Transport Protocol Port Number Registry. @@ -3317,7 +3273,7 @@ Port Range: Where applicable this is the IPv4 port range on which the service operates. - + Start @@ -3327,7 +3283,7 @@ Start: Indicates the starting port number in a port range - + End @@ -3337,7 +3293,7 @@ End: Indicates the ending port number in a port range - + Transport @@ -3368,13 +3324,11 @@ Remarks: Additional commentary on the containing object. - + - + Implementation State @@ -3406,7 +3360,7 @@ User Title: A name given to the user, which may be used by a tool for display and navigation. - + @@ -3420,7 +3374,7 @@ User Short Name: A short common name, abbreviation, or acronym for the user. - + @@ -3434,24 +3388,24 @@ User Description: A summary of the user's purpose within the system. - + @@ -3464,17 +3418,15 @@ Remarks: Additional commentary on the containing object. - + - + User Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. User Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3502,7 +3454,7 @@ Privilege Title: A human readable name for the privilege. - + @@ -3517,12 +3469,12 @@ Privilege Description: A summary of the privilege's purpose within the system. - + @@ -3536,7 +3488,7 @@ Functions Performed: Describes a function performed for a given authorized privilege by this user class. - + @@ -3559,20 +3511,20 @@ Inventory Item Description: A summary of the inventory item stating its purpose within the system. - + @@ -3587,15 +3539,15 @@ @@ -3608,17 +3560,15 @@ Remarks: Additional commentary on the containing object. - + - + Component Universally Unique Identifier Reference - A machine-oriented identifier reference to a component that is implemented as part of an inventory item. + A machine-oriented identifier reference to a component that is implemented as part of an inventory item. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to a component that is implemented as part of an inventory item. @@ -3636,17 +3586,15 @@ Remarks: Additional commentary on the containing object. - + - + Inventory Item Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Inventory Item Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3673,7 +3621,7 @@ Parameter Value: A parameter value or set of values. - + @@ -3686,17 +3634,15 @@ Remarks: Additional commentary on the containing object. - + - + Parameter ID - A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. + A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. Parameter ID: A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. @@ -3707,14 +3653,14 @@ System Identification - A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. + A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. System Identification: A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. - - + + Identification System Type @@ -3728,7 +3674,7 @@ + type="oscal-ssp-system-security-plan-ASSEMBLY"/> @@ -3740,35 +3686,35 @@ - + System Security Plan Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this system security plan (SSP) elsewhere in this or other OSCAL instances. The locally defined UUID of the SSP can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this system security plan (SSP) elsewhere in this or other OSCAL instances. The locally defined UUID of the SSP can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. System Security Plan Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this system security plan (SSP) elsewhere in this or other OSCAL instances. The locally defined UUID of the SSP can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3795,13 +3741,11 @@ Remarks: Additional commentary on the containing object. - + - + Profile Reference @@ -3823,7 +3767,7 @@ @@ -3836,7 +3780,7 @@ System Name - Full: The full name of the system. - + @@ -3849,7 +3793,7 @@ System Name - Short: A short name for the system, such as an acronym, that is suitable for display in a data table or summary list. - + @@ -3863,20 +3807,20 @@ System Description: A summary of the system. - + @@ -3884,40 +3828,40 @@ Security Sensitivity Level - The overall information system sensitivity categorization, such as defined by FIPS-199. + The overall information system sensitivity categorization, such as defined by FIPS-199. Security Sensitivity Level: The overall information system sensitivity categorization, such as defined by FIPS-199. - + @@ -3930,9 +3874,7 @@ Remarks: Additional commentary on the containing object. - + @@ -3941,18 +3883,18 @@ System Information - Contains details about all information types that are stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. + Contains details about all information types that are stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. System Information: Contains details about all information types that are stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. @@ -3960,7 +3902,7 @@ Information Type - Contains details about one information type that is stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. + Contains details about one information type that is stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. Information Type: Contains details about one information type that is stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. @@ -3977,7 +3919,7 @@ title field: A human readable name for the information type. This title should be meaningful within the context of the system. - + @@ -3992,7 +3934,7 @@ Information Type Description: A summary of how this information type is used within the system. - + @@ -4001,7 +3943,7 @@ Information Type Categorization - A set of information type identifiers qualified by the given identification system used, such as NIST SP 800-60. + A set of information type identifiers qualified by the given identification system used, such as NIST SP 800-60. Information Type Categorization: A set of information type identifiers qualified by the given identification system used, such as NIST SP 800-60. @@ -4012,16 +3954,16 @@ Information Type Systematized Identifier - A human-oriented, globally unique identifier qualified by the given identification system used, such as NIST SP 800-60. This identifier has cross-instance scope and can be used to reference this system elsewhere in this or other OSCAL instances. This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, globally unique identifier qualified by the given identification system used, such as NIST SP 800-60. This identifier has cross-instance scope and can be used to reference this system elsewhere in this or other OSCAL instances. This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Information Type Systematized Identifier: A human-oriented, globally unique identifier qualified by the given identification system used, such as NIST SP 800-60. This identifier has cross-instance scope and can be used to reference this system elsewhere in this or other OSCAL instances. This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + - + Information Type Identification System @@ -4034,11 +3976,11 @@ @@ -4053,19 +3995,19 @@ @@ -4078,9 +4020,7 @@ Adjustment Justification: If the selected security level is different from the base security level, this contains the justification for the change. - + @@ -4098,19 +4038,19 @@ @@ -4123,9 +4063,7 @@ Adjustment Justification: If the selected security level is different from the base security level, this contains the justification for the change. - + @@ -4143,19 +4081,19 @@ @@ -4168,20 +4106,18 @@ Adjustment Justification: If the selected security level is different from the base security level, this contains the justification for the change. - + - + Information Type Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this information type elsewhere in this or other OSCAL instances. The locally defined UUID of the information type can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this information type elsewhere in this or other OSCAL instances. The locally defined UUID of the information type can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Information Type Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this information type elsewhere in this or other OSCAL instances. The locally defined UUID of the information type can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4200,7 +4136,7 @@ Base Level (Confidentiality, Integrity, or Availability): The prescribed base (Confidentiality, Integrity, or Availability) security impact level. - + @@ -4211,7 +4147,7 @@ Selected Level (Confidentiality, Integrity, or Availability): The selected (Confidentiality, Integrity, or Availability) security impact level. - + @@ -4223,7 +4159,7 @@ Adjustment Justification: If the selected security level is different from the base security level, this contains the justification for the change. - + @@ -4248,7 +4184,7 @@ Security Objective: Confidentiality: A target-level of confidentiality for the system, based on the sensitivity of information within the system. - + @@ -4261,7 +4197,7 @@ Security Objective: Integrity: A target-level of integrity for the system, based on the sensitivity of information within the system. - + @@ -4274,7 +4210,7 @@ Security Objective: Availability: A target-level of availability for the system, based on the sensitivity of information within the system. - + @@ -4299,13 +4235,11 @@ Remarks: Additional commentary on the containing object. - + - + State @@ -4325,7 +4259,7 @@ System Authorization Date: The date the system received its authorization. - + @@ -4348,20 +4282,20 @@ Authorization Boundary Description: A summary of the system's authorization boundary. - + @@ -4374,9 +4308,7 @@ Remarks: Additional commentary on the containing object. - + @@ -4402,16 +4334,16 @@ Diagram Description: A summary of the diagram. - + @@ -4425,7 +4357,7 @@ Caption: A brief caption to annotate the diagram. - + @@ -4439,17 +4371,15 @@ Remarks: Additional commentary on the containing object. - + - + Diagram ID - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this diagram elsewhere in this or other OSCAL instances. The locally defined UUID of the diagram can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this diagram elsewhere in this or other OSCAL instances. The locally defined UUID of the diagram can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Diagram ID: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this diagram elsewhere in this or other OSCAL instances. The locally defined UUID of the diagram can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4477,20 +4407,20 @@ Network Architecture Description: A summary of the system's network architecture. - + @@ -4503,9 +4433,7 @@ Remarks: Additional commentary on the containing object. - + @@ -4531,20 +4459,20 @@ Data Flow Description: A summary of the system's data flow. - + @@ -4557,9 +4485,7 @@ Remarks: Additional commentary on the containing object. - + @@ -4575,11 +4501,11 @@ @@ -4587,7 +4513,7 @@ Leveraged Authorization - A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a common control provider. + A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a common control provider. Leveraged Authorization: A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a common control provider. @@ -4604,16 +4530,16 @@ title field: A human readable name for the leveraged authorization in the context of the system. - + @@ -4621,16 +4547,16 @@ party-uuid field - A machine-oriented identifier reference to the party that manages the leveraged system. + A machine-oriented identifier reference to the party that manages the leveraged system. party-uuid field: A machine-oriented identifier reference to the party that manages the leveraged system. - + @@ -4643,17 +4569,15 @@ Remarks: Additional commentary on the containing object. - + - + Leveraged Authorization Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope and can be used to reference this leveraged authorization elsewhere in this or other OSCAL instances. The locally defined UUID of the leveraged authorization can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope and can be used to reference this leveraged authorization elsewhere in this or other OSCAL instances. The locally defined UUID of the leveraged authorization can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Leveraged Authorization Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope and can be used to reference this leveraged authorization elsewhere in this or other OSCAL instances. The locally defined UUID of the leveraged authorization can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4662,15 +4586,15 @@ @@ -4683,9 +4607,7 @@ Remarks: Additional commentary on the containing object. - + @@ -4711,16 +4633,16 @@ Control Implementation Description: A statement describing important things to know about how this set of control satisfaction documentation is approached. - + @@ -4736,27 +4658,27 @@ @@ -4769,27 +4691,25 @@ Remarks: Additional commentary on the containing object. - + - + Control Requirement Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control requirement elsewhere in this or other OSCAL instances. The locally defined UUID of the control requirement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control requirement elsewhere in this or other OSCAL instances. The locally defined UUID of the control requirement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Control Requirement Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control requirement elsewhere in this or other OSCAL instances. The locally defined UUID of the control requirement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -4807,19 +4727,19 @@ @@ -4832,27 +4752,25 @@ Remarks: Additional commentary on the containing object. - + - + Control Statement Reference - A human-oriented identifier reference to a control statement. + A human-oriented identifier reference to a control statement. Control Statement Reference: A human-oriented identifier reference to a control statement. - + Control Statement Reference Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Control Statement Reference Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). @@ -4880,24 +4798,24 @@ Control Implementation Description: An implementation statement that describes how a control or a control statement is implemented within the referenced system component. - + @@ -4922,16 +4840,16 @@ Control Implementation Export Description: An implementation statement that describes the aspects of the control or control statement implementation that can be available to another system leveraging this system. - + @@ -4956,20 +4874,20 @@ Provided Control Implementation Description: An implementation statement that describes the aspects of the control or control statement implementation that can be provided to another system leveraging this system. - + @@ -4982,17 +4900,15 @@ Remarks: Additional commentary on the containing object. - + - + Provided Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this provided entry elsewhere in this or other OSCAL instances. The locally defined UUID of the provided entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this provided entry elsewhere in this or other OSCAL instances. The locally defined UUID of the provided entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Provided Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this provided entry elsewhere in this or other OSCAL instances. The locally defined UUID of the provided entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -5022,20 +4938,20 @@ Control Implementation Responsibility Description: An implementation statement that describes the aspects of the control or control statement implementation that a leveraging system must implement to satisfy the control provided by a leveraged system. - + @@ -5048,27 +4964,25 @@ Remarks: Additional commentary on the containing object. - + - + Responsibility Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this responsibility elsewhere in this or other OSCAL instances. The locally defined UUID of the responsibility can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this responsibility elsewhere in this or other OSCAL instances. The locally defined UUID of the responsibility can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Responsibility Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this responsibility elsewhere in this or other OSCAL instances. The locally defined UUID of the responsibility can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Provided UUID - A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. + A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. Provided UUID: A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. @@ -5086,9 +5000,7 @@ Remarks: Additional commentary on the containing object. - + @@ -5116,38 +5028,38 @@ Inherited Control Implementation Description: An implementation statement that describes the aspects of a control or control statement implementation that a leveraging system is inheriting from a leveraged system. - + - + Inherited Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inherited entry elsewhere in this or other OSCAL instances. The locally defined UUID of the inherited control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inherited entry elsewhere in this or other OSCAL instances. The locally defined UUID of the inherited control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Inherited Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inherited entry elsewhere in this or other OSCAL instances. The locally defined UUID of the inherited control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Provided UUID - A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. + A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. Provided UUID: A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. @@ -5177,20 +5089,20 @@ Satisfied Control Implementation Responsibility Description: An implementation statement that describes the aspects of a control or control statement implementation that a leveraging system is implementing based on a requirement from a leveraged system. - + @@ -5203,27 +5115,25 @@ Remarks: Additional commentary on the containing object. - + - + Satisfied Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this satisfied control implementation entry elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this satisfied control implementation entry elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Satisfied Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this satisfied control implementation entry elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Responsibility UUID - A machine-oriented identifier reference to a control implementation that satisfies a responsibility imposed by a leveraged system. + A machine-oriented identifier reference to a control implementation that satisfies a responsibility imposed by a leveraged system. Responsibility UUID: A machine-oriented identifier reference to a control implementation that satisfies a responsibility imposed by a leveraged system. @@ -5232,7 +5142,7 @@ @@ -5245,35 +5155,32 @@ Remarks: Additional commentary on the containing object. - + - + Component Universally Unique Identifier Reference - A machine-oriented identifier reference to the component that is implemeting a given control. + A machine-oriented identifier reference to the component that is implemeting a given control. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to the component that is implemeting a given control. - + By-Component Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this by-component entry elsewhere in this or other OSCAL instances. The locally defined UUID of the by-component entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this by-component entry elsewhere in this or other OSCAL instances. The locally defined UUID of the by-component entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. By-Component Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this by-component entry elsewhere in this or other OSCAL instances. The locally defined UUID of the by-component entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + @@ -5285,11 +5192,11 @@ @@ -5304,23 +5211,23 @@ @@ -5333,9 +5240,7 @@ Remarks: Additional commentary on the containing object. - + @@ -5353,38 +5258,38 @@ - + Assessment Plan Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment plan in this or other OSCAL instances. The locally defined UUID of the assessment plan can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment plan in this or other OSCAL instances. The locally defined UUID of the assessment plan can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Plan Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment plan in this or other OSCAL instances. The locally defined UUID of the assessment plan can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -5411,13 +5316,11 @@ Remarks: Additional commentary on the containing object. - + - + System Security Plan Reference @@ -5449,20 +5352,20 @@ Objective Description: A human-readable description of this control objective. - + @@ -5475,17 +5378,15 @@ Remarks: Additional commentary on the containing object. - + - + Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -5513,20 +5414,20 @@ Assessment Method Description: A human-readable description of this assessment method. - + @@ -5539,17 +5440,15 @@ Remarks: Additional commentary on the containing object. - + - + Assessment Method Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Method Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -5577,7 +5476,7 @@ Included Activity Title: The title for this included activity. - + @@ -5592,16 +5491,16 @@ Included Activity Description: A human-readable description of this included activity. - + @@ -5626,7 +5525,7 @@ Step Title: The title for this step. - + @@ -5641,24 +5540,24 @@ Step Description: A human-readable description of this step. - + @@ -5671,17 +5570,15 @@ Remarks: Additional commentary on the containing object. - + - + Step Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Step Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -5690,11 +5587,11 @@ @@ -5707,17 +5604,15 @@ Remarks: Additional commentary on the containing object. - + - + Assessment Activity Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Activity Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -5745,7 +5640,7 @@ Task Title: The title for this task. - + @@ -5760,16 +5655,16 @@ Task Description: A human-readable description of this task. - + @@ -5794,9 +5689,7 @@ On Date Condition: The task is intended to occur on the specified date. - + On Date Condition @@ -5818,9 +5711,7 @@ On Date Range Condition: The task is intended to occur within the specified date range. - + Start Date Condition @@ -5830,9 +5721,7 @@ Start Date Condition: The task must occur on or after the specified date. - + End Date Condition @@ -5854,7 +5743,7 @@ Frequency Condition: The task is intended to occur at the specified frequency. - + Period @@ -5864,7 +5753,7 @@ Period: The task must occur after the specified period has elapsed. - + Time Unit @@ -5901,17 +5790,15 @@ Remarks: Additional commentary on the containing object. - + - + Task Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique task. + A machine-oriented identifier reference to a unique task. Task Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique task. @@ -5920,7 +5807,7 @@ @@ -5935,19 +5822,19 @@ @@ -5960,17 +5847,15 @@ Remarks: Additional commentary on the containing object. - + - + Activity Universally Unique Identifier Reference - A machine-oriented identifier reference to an activity defined in the list of activities. + A machine-oriented identifier reference to an activity defined in the list of activities. Activity Universally Unique Identifier Reference: A machine-oriented identifier reference to an activity defined in the list of activities. @@ -5979,11 +5864,11 @@ @@ -5996,23 +5881,21 @@ Remarks: Additional commentary on the containing object. - + - + Task Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Task Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Task Type @@ -6044,16 +5927,16 @@ Control Objective Description: A human-readable description of control objectives. - + @@ -6078,30 +5961,30 @@ Assessed Controls Description: A human-readable description of in-scope controls specified for assessment. - + @@ -6114,9 +5997,7 @@ Remarks: Additional commentary on the containing object. - + @@ -6146,30 +6027,30 @@ Control Objectives Description: A human-readable description of this collection of control objectives. - + @@ -6182,9 +6063,7 @@ Remarks: Additional commentary on the containing object. - + @@ -6200,9 +6079,7 @@ Remarks: Additional commentary on the containing object. - + @@ -6227,15 +6104,15 @@ Include Specific Statements: Used to constrain the selection to only specificity identified statements. - + - + Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -6251,7 +6128,7 @@ Select Objective: Used to select a control objective for inclusion/exclusion based on the control objective's identifier. - + Objective ID @@ -6283,7 +6160,7 @@ Assessment Subject Placeholder Description: A human-readable description of intent of this assessment subject placeholder. - + @@ -6297,11 +6174,11 @@ Assessment Subject Source: Assessment subjects will be identified while conducting the referenced activity-instance. - + Task Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Task Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -6310,11 +6187,11 @@ @@ -6327,17 +6204,15 @@ Remarks: Additional commentary on the containing object. - + - + Assessment Subject Placeholder Universally Unique Identifier - A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Subject Placeholder Universally Unique Identifier: A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -6365,30 +6240,30 @@ Include Subjects Description: A human-readable description of the collection of subjects being included in this assessment. - + @@ -6401,13 +6276,11 @@ Remarks: Additional commentary on the containing object. - + - + Subject Type @@ -6429,11 +6302,11 @@ @@ -6446,27 +6319,25 @@ Remarks: Additional commentary on the containing object. - + - + Subject Universally Unique Identifier Reference - A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. + A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. Subject Universally Unique Identifier Reference: A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. - + Subject Universally Unique Identifier Reference Type - Used to indicate the type of object pointed to by the uuid-ref within a subject. + Used to indicate the type of object pointed to by the uuid-ref within a subject. Subject Universally Unique Identifier Reference Type: Used to indicate the type of object pointed to by the uuid-ref within a subject. @@ -6477,7 +6348,7 @@ Identifies the Subject - A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. + A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. Identifies the Subject: A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. @@ -6494,16 +6365,16 @@ Subject Reference Title: The title or name for the referenced subject. - + @@ -6516,27 +6387,25 @@ Remarks: Additional commentary on the containing object. - + - + Subject Universally Unique Identifier Reference - A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. + A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. Subject Universally Unique Identifier Reference: A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. - + Subject Universally Unique Identifier Reference Type - Used to indicate the type of object pointed to by the uuid-ref within a subject. + Used to indicate the type of object pointed to by the uuid-ref within a subject. Subject Universally Unique Identifier Reference Type: Used to indicate the type of object pointed to by the uuid-ref within a subject. @@ -6554,7 +6423,7 @@ @@ -6579,16 +6448,16 @@ Assessment Platform Title: The title or name for the assessment platform. - + @@ -6603,15 +6472,15 @@ @@ -6624,17 +6493,15 @@ Remarks: Additional commentary on the containing object. - + - + Component Universally Unique Identifier Reference - A machine-oriented identifier reference to a component that is implemented as part of an inventory item. + A machine-oriented identifier reference to a component that is implemented as part of an inventory item. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to a component that is implemented as part of an inventory item. @@ -6652,17 +6519,15 @@ Remarks: Additional commentary on the containing object. - + - + Assessment Platform Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Platform Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -6693,7 +6558,7 @@ Objective Status Title: The title for this objective status. - + @@ -6708,16 +6573,16 @@ Objective Status Description: A human-readable description of the assessor's conclusions regarding the degree to which an objective is satisfied. - + @@ -6741,13 +6606,11 @@ Remarks: Additional commentary on the containing object. - + - + Objective Status State @@ -6757,7 +6620,7 @@ Objective Status State: An indication as to whether the objective is satisfied or not. - + Objective Status Reason @@ -6770,7 +6633,7 @@ @@ -6783,13 +6646,11 @@ Remarks: Additional commentary on the containing object. - + - + Finding Target Type @@ -6799,11 +6660,11 @@ Finding Target Type: Identifies the type of the target. - + Finding Target Identifier Reference - A machine-oriented identifier reference for a specific target qualified by the type. + A machine-oriented identifier reference for a specific target qualified by the type. Finding Target Identifier Reference: A machine-oriented identifier reference for a specific target qualified by the type. @@ -6831,7 +6692,7 @@ Observation Title: The title for this observation. - + @@ -6846,16 +6707,16 @@ Observation Description: A human-readable description of this assessment observation. - + @@ -6868,7 +6729,7 @@ Observation Method: Identifies how the observation was made. - + @@ -6881,15 +6742,15 @@ Observation Type: Identifies the nature of the observation. More than one may be used to further qualify and enable filtering. - + @@ -6914,16 +6775,16 @@ Relevant Evidence Description: A human-readable description of this evidence. - + @@ -6936,13 +6797,11 @@ Remarks: Additional commentary on the containing object. - + - + Relevant Evidence Reference @@ -6964,7 +6823,7 @@ Collected Field: Date/time stamp identifying when the finding information was collected. - + @@ -6977,7 +6836,7 @@ Expires Field: Date/time identifying when the finding information is out-of-date and no longer valid. Typically used with continuous assessment scenarios. - + @@ -6990,17 +6849,15 @@ Remarks: Additional commentary on the containing object. - + - + Observation Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Observation Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -7018,11 +6875,11 @@ @@ -7038,15 +6895,15 @@ - + Actor Type @@ -7056,17 +6913,17 @@ Actor Type: The kind of actor. - + Actor Universally Unique Identifier Reference - A machine-oriented identifier reference to the tool or person based on the associated type. + A machine-oriented identifier reference to the tool or person based on the associated type. Actor Universally Unique Identifier Reference: A machine-oriented identifier reference to the tool or person based on the associated type. - + Actor Role @@ -7088,19 +6945,19 @@ @@ -7115,17 +6972,15 @@ - + Assessment Subject Placeholder Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. + A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. Assessment Subject Placeholder Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. @@ -7143,17 +6998,15 @@ Remarks: Additional commentary on the containing object. - + - + Task Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique task. + A machine-oriented identifier reference to a unique task. Task Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique task. @@ -7170,8 +7023,8 @@ Threat ID: A pointer, by ID, to an externally-defined threat. - - + + Threat Type Identification System @@ -7181,7 +7034,7 @@ Threat Type Identification System: Specifies the source of the threat information. - + Threat Information Resource Reference @@ -7215,7 +7068,7 @@ Risk Title: The title for this risk. - + @@ -7230,7 +7083,7 @@ Risk Description: A human-readable summary of the identified risk, to include a statement of how the risk impacts the system. - + @@ -7245,32 +7098,32 @@ Risk Statement: An summary of impact for how the risk affects the system. - + @@ -7295,38 +7148,38 @@ Mitigating Factor Description: A human-readable description of this mitigating factor. - + - + Mitigating Factor Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Mitigating Factor Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Implementation UUID - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Implementation UUID: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -7344,11 +7197,11 @@ Risk Resolution Deadline: The date/time by which the risk must be resolved. - + @@ -7384,7 +7237,7 @@ Title: The title for this risk log entry. - + @@ -7399,7 +7252,7 @@ Risk Task Description: A human-readable description of what was done regarding the risk. - + @@ -7413,7 +7266,7 @@ Start: Identifies the start date and time of the event. - + @@ -7426,23 +7279,23 @@ End: Identifies the end date and time of the event. If the event is a point in time, the start and end will be the same date and time. - + @@ -7457,15 +7310,15 @@ @@ -7478,17 +7331,15 @@ Remarks: Additional commentary on the containing object. - + - + Response Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique risk response. + A machine-oriented identifier reference to a unique risk response. Response Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique risk response. @@ -7506,17 +7357,15 @@ Remarks: Additional commentary on the containing object. - + - + Risk Log Entry Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Risk Log Entry Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -7537,11 +7386,11 @@ Related Observation: Relates the finding to a set of referenced observations that were used to determine the finding. - + Observation Universally Unique Identifier Reference - A machine-oriented identifier reference to an observation defined in the list of observations. + A machine-oriented identifier reference to an observation defined in the list of observations. Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. @@ -7550,11 +7399,11 @@ - + Risk Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Risk Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -7570,17 +7419,17 @@ Logged By: Used to indicate who created a log entry in what role. - + Party UUID Reference - A machine-oriented identifier reference to the party who is making the log entry. + A machine-oriented identifier reference to the party who is making the log entry. Party UUID Reference: A machine-oriented identifier reference to the party who is making the log entry. - + Actor Role @@ -7600,7 +7449,7 @@ Risk Status: Describes the status of the associated risk. - + @@ -7613,15 +7462,15 @@ @@ -7636,11 +7485,11 @@ @@ -7653,13 +7502,11 @@ Remarks: Additional commentary on the containing object. - + - + Facet Name @@ -7669,7 +7516,7 @@ Facet Name: The name of the risk metric within the specified system. - + Naming System @@ -7679,7 +7526,7 @@ Naming System: Specifies the naming system under which this risk metric is organized, which allows for the same names to be used in different systems controlled by different parties. This avoids the potential of a name clash. - + Facet Value @@ -7714,7 +7561,7 @@ Response Title: The title for this response activity. - + @@ -7729,20 +7576,20 @@ Response Description: A human-readable description of this response plan. - + @@ -7757,7 +7604,7 @@ @@ -7771,7 +7618,7 @@ Title for Required Asset: The title for this required asset. - + @@ -7786,16 +7633,16 @@ Description of Required Asset: A human-readable description of this required asset. - + @@ -7808,17 +7655,15 @@ Remarks: Additional commentary on the containing object. - + - + Required Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Required Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -7827,7 +7672,7 @@ @@ -7840,23 +7685,21 @@ Remarks: Additional commentary on the containing object. - + - + Remediation Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Remediation Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Remediation Intent @@ -7888,37 +7731,35 @@ Part Title: A name given to the part, which may be used by a tool for display and navigation. - + - + - + Part Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Part Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Part Name @@ -7928,7 +7769,7 @@ Part Name: A textual label that uniquely identifies the part's semantic type. - + Part Namespace @@ -7938,19 +7779,18 @@ Part Namespace: A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. - + Part Class - A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. Part Class: A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. - + @@ -7962,11 +7802,11 @@ @@ -7981,11 +7821,11 @@ @@ -7998,28 +7838,26 @@ Remarks: Additional commentary on the containing object. - + - + Assessment Results Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment results instance in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment results instance in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Results Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment results instance in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -8047,7 +7885,7 @@ Results Title: The title for this set of results. - + @@ -8062,7 +7900,7 @@ Results Description: A human-readable description of this set of test results. - + @@ -8076,7 +7914,7 @@ start field: Date/time stamp identifying the start of the evidence collection reflected in these results. - + @@ -8089,15 +7927,15 @@ end field: Date/time stamp identifying the end of the evidence collection reflected in these results. In a continuous motoring scenario, this may contain the same value as start if appropriate. - + @@ -8112,30 +7950,30 @@ @@ -8150,11 +7988,11 @@ @@ -8193,7 +8031,7 @@ Action Title: The title for this event. - + @@ -8208,7 +8046,7 @@ Action Description: A human-readable description of this event. - + @@ -8222,7 +8060,7 @@ Start: Identifies the start date and time of an event. - + @@ -8235,23 +8073,23 @@ End: Identifies the end date and time of an event. If the event is a point in time, the start and end will be the same date and time. - + @@ -8264,17 +8102,15 @@ Remarks: Additional commentary on the containing object. - + - + Assessment Log Entry Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference an assessment event in this or other OSCAL instances. The locally defined UUID of the assessment log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference an assessment event in this or other OSCAL instances. The locally defined UUID of the assessment log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Log Entry Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference an assessment event in this or other OSCAL instances. The locally defined UUID of the assessment log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -8286,15 +8122,15 @@ @@ -8307,17 +8143,15 @@ Remarks: Additional commentary on the containing object. - + - + Results Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this set of results in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this set of results in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Results Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this set of results in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -8345,7 +8179,7 @@ Finding Title: The title for this finding. - + @@ -8360,24 +8194,24 @@ Finding Description: A human-readable description of this finding. - + @@ -8385,12 +8219,12 @@ Implementation Statement UUID - A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. + A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. Implementation Statement UUID: A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. - + @@ -8403,11 +8237,11 @@ Related Observation: Relates the finding to a set of referenced observations that were used to determine the finding. - + Observation Universally Unique Identifier Reference - A machine-oriented identifier reference to an observation defined in the list of observations. + A machine-oriented identifier reference to an observation defined in the list of observations. Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. @@ -8425,11 +8259,11 @@ Associated Risk: Relates the finding to a set of referenced risks that were used to determine the finding. - + Risk Universally Unique Identifier Reference - A machine-oriented identifier reference to a risk defined in the list of risks. + A machine-oriented identifier reference to a risk defined in the list of risks. Risk Universally Unique Identifier Reference: A machine-oriented identifier reference to a risk defined in the list of risks. @@ -8447,17 +8281,15 @@ Remarks: Additional commentary on the containing object. - + - + Finding Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Finding Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -8484,13 +8316,11 @@ Remarks: Additional commentary on the containing object. - + - + Assessment Plan Reference @@ -8502,7 +8332,7 @@ + type="oscal-poam-plan-of-action-and-milestones-ASSEMBLY"/> @@ -8514,43 +8344,43 @@ - + POA&M Universally Unique Identifier - A machine-oriented, globally unique identifier with instancescope that can be used to reference this POA&M instance in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with instancescope that can be used to reference this POA&M instance in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. POA&M Universally Unique Identifier: A machine-oriented, globally unique identifier with instancescope that can be used to reference this POA&M instance in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -8568,11 +8398,11 @@ @@ -8585,9 +8415,7 @@ Remarks: Additional commentary on the containing object. - + @@ -8613,7 +8441,7 @@ POA&M Item Title: The title or name for this POA&M item . - + @@ -8628,16 +8456,16 @@ POA&M Item Description: A human-readable description of POA&M item. - + @@ -8652,7 +8480,7 @@ @@ -8668,11 +8496,11 @@ Related Observation: Relates the poam-item to a set of referenced observations that were used to determine the finding. - + Observation Universally Unique Identifier Reference - A machine-oriented identifier reference to an observation defined in the list of observations. + A machine-oriented identifier reference to an observation defined in the list of observations. Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. @@ -8690,11 +8518,11 @@ Associated Risk: Relates the finding to a set of referenced risks that were used to determine the finding. - + Risk Universally Unique Identifier Reference - A machine-oriented identifier reference to a risk defined in the list of risks. + A machine-oriented identifier reference to a risk defined in the list of risks. Risk Universally Unique Identifier Reference: A machine-oriented identifier reference to a risk defined in the list of risks. @@ -8712,72 +8540,53 @@ Remarks: Additional commentary on the containing object. - + - + POA&M Item Universally Unique Identifier - A machine-oriented, globally unique identifier with instance scope that can be used to reference this POA&M item entry in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with instance scope that can be used to reference this POA&M item entry in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. POA&M Item Universally Unique Identifier: A machine-oriented, globally unique identifier with instance scope that can be used to reference this POA&M item entry in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - - - + + + + - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + - - - - - - - - - The content model is the same as blockElementType, but line endings need - to be preserved, since this is preformatted. - - - + + + + - + - The content model is the same as blockElementType, but line endings need + The content model is the same as inlineType, but line endings need to be preserved, since this is preformatted. @@ -8786,34 +8595,39 @@ + - - - + + + - + - - - - + + + + + - + - - + + + + + @@ -8822,49 +8636,55 @@ - - - - - - - - + + + + + + + + + + + + - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + - + + + - + + + + - - An insert can be used to identify a placeholder for dynamically inserting text related to a specific object, which is referenced by the object's identifier using an id-ref. This insert mechanism allows the selection of which text value from the object to dynamically include based on the application's display requirements. + An insert can be used to identify a placeholder for dynamically inserting text related to a specific object, which is referenced by the object's identifier using an id-ref. This insert mechanism allows the selection of which text value from the object to dynamically include based on the application's display requirements. @@ -8873,68 +8693,26 @@ - The identity of the object to insert a value for. The identity will be selected from the index of objects of the specified type. The specific value to include is based on the application's display requirements, which will likely use a specific data element associated with the type (e.g., title, identifier, value, etc.) that is appropriate for the application. + The identity of the object to insert a value for. The identity will be selected from the index of objects of the specified type. The specific value to include is based on the application's display requirements, which will likely use a specific data element associated with the type (e.g., title, identifier, value, etc.) that is appropriate for the application. - - - - - A string, but not empty and not whitespace-only (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) - - - - - - The xs:dateTime with a required timezone. - - - - - - An email address - - - - - - A URI - - - - - - A URI reference, such as a relative URL - - - - - - A Type 4 ('random' or 'pseudorandom' UUID per RFC 4122 - - - - - - A string token following the rules of XML "no colon" names, with no whitespace. (XML names are single alphabetic characters - followed by alphanumeric characters, periods, underscores or dashes.) - - - A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. + + + + + + + + + A trimmed string, at least one character with no + leading or trailing whitespace. @@ -8944,24 +8722,11 @@ - - - The xs:date with a required timezone. - - - - - - - - - - The xs:dateTime with a required timezone. - + @@ -8969,7 +8734,7 @@ An email address - + Need a better pattern. @@ -8977,32 +8742,14 @@ - - - A host name - - - - - - The ip-v4-address type specifies an IPv4 address in - dot decimal notation. - - - - - - - - The ip-v6-address type specifies an IPv6 address - represented in 8 hextets separated by colons. - This is based on the pattern provided here: - https://stackoverflow.com/questions/53497/regular-expression-that-matches-valid-ipv6-addresses - with some customizations. - - - - + + + + + A trimmed string, at least one character with no + leading or trailing whitespace. + + @@ -9010,7 +8757,7 @@ A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. @@ -9018,18 +8765,38 @@ A string, but not empty and not whitespace-only - (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) + (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) The OSCAL 'string' datatype restricts the XSD type by prohibiting leading - and trailing whitespace, and something (not only whitespace) is required. + and trailing whitespace, and something (not only whitespace) is required. A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. + + + + + + + + A string token following the rules of XML "no + colon" names, with no whitespace. (XML names are single alphabetic + characters followed by alphanumeric characters, periods, underscores or dashes.) + + + + + + + + A single token may not contain whitespace. + @@ -9049,13 +8816,13 @@ A URI reference, such as a relative URL - + A trimmed URI, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. @@ -9063,14 +8830,14 @@ A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC - 4122. + 4122. - + A sequence of 8-4-4-4-12 hex digits, with extra - constraints in the 13th and 17-18th places for version 4 and 5 - + constraints in the 13th and 17-18th places for version 4 and 5 + diff --git a/xml/schema/oscal_component_schema.xsd b/xml/schema/oscal_component_schema.xsd index e5c9cbc334..f690eb7fc6 100644 --- a/xml/schema/oscal_component_schema.xsd +++ b/xml/schema/oscal_component_schema.xsd @@ -1,8 +1,8 @@ - @@ -20,7 +20,7 @@ + type="oscal-component-definition-component-definition-ASSEMBLY"/> @@ -32,31 +32,31 @@ - + Component Definition Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component definition elsewhere in this or other OSCAL instances. The locally defined UUID of the component definition can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component definition elsewhere in this or other OSCAL instances. The locally defined UUID of the component definition can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Component Definition Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component definition elsewhere in this or other OSCAL instances. The locally defined UUID of the component definition can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -72,9 +72,7 @@ Import Component Definition: Loads a component definition from another resource. - + Hyperlink Reference @@ -106,7 +104,7 @@ Component Title: A human readable name for the component. - + @@ -121,7 +119,7 @@ Component Description: A description of the component, including information about its function. - + @@ -136,28 +134,28 @@ Purpose: A summary of the technological or business purpose of the component. - + @@ -170,23 +168,21 @@ Remarks: Additional commentary on the containing object. - + - + Component Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Component Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Component Type @@ -218,24 +214,24 @@ Capability Description: A summary of the capability. - + @@ -248,23 +244,21 @@ Remarks: Additional commentary on the containing object. - + - + Capability Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this capability elsewhere in this or other OSCAL instances. The locally defined UUID of the capability can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this capability elsewhere in this or other OSCAL instances. The locally defined UUID of the capability can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Capability Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this capability elsewhere in this or other OSCAL instances. The locally defined UUID of the capability can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Capability Name @@ -296,18 +290,16 @@ Component Description: A description of the component, including information about its function. - + - + Component Reference - A machine-oriented identifier reference to a component. + A machine-oriented identifier reference to a component. Component Reference: A machine-oriented identifier reference to a component. @@ -335,40 +327,38 @@ Control Implementation Description: A description of how the specified set of controls are implemented for the containing component or capability. - + - + Control Implementation Set Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a set of implemented controls elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation set can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a set of implemented controls elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation set can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Control Implementation Set Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a set of implemented controls elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation set can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Source Resource Reference @@ -400,28 +390,28 @@ Control Implementation Description: A suggestion for how the specified control may be implemented if the containing component or capability is instantiated in a system security plan. - + @@ -434,29 +424,25 @@ Remarks: Additional commentary on the containing object. - + - + Control Implementation Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a specific control implementation elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a specific control implementation elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Control Implementation Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a specific control implementation elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -484,20 +470,20 @@ Statement Implementation Description: A summary of how the containing control statement is implemented by the component or capability. - + @@ -510,29 +496,25 @@ Remarks: Additional commentary on the containing object. - + - + Control Statement Reference - A human-oriented identifier reference to a control statement. + A human-oriented identifier reference to a control statement. Control Statement Reference: A human-oriented identifier reference to a control statement. - + Control Statement Reference Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Control Statement Reference Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). @@ -560,7 +542,7 @@ Component Title: A human readable name for the system component. - + @@ -575,7 +557,7 @@ Component Description: A description of the component, including information about its function. - + @@ -590,16 +572,16 @@ Purpose: A summary of the technological or business purpose of the component. - + @@ -623,13 +605,11 @@ Remarks: Additional commentary on the containing object. - + - + State @@ -642,11 +622,11 @@ @@ -659,23 +639,21 @@ Remarks: Additional commentary on the containing object. - + - + Component Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Component Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Component Type @@ -707,30 +685,30 @@ Protocol Title: A human readable name for the protocol (e.g., Transport Layer Security). - + - + Service Protocol Information Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Service Protocol Information Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Protocol Name - The common name of the protocol, which should be the appropriate "service name" from the IANA Service Name and Transport Protocol Port Number Registry. + The common name of the protocol, which should be the appropriate "service name" from the IANA Service Name and Transport Protocol Port Number Registry. Protocol Name: The common name of the protocol, which should be the appropriate "service name" from the IANA Service Name and Transport Protocol Port Number Registry. @@ -746,7 +724,7 @@ Port Range: Where applicable this is the IPv4 port range on which the service operates. - + Start @@ -756,7 +734,7 @@ Start: Indicates the starting port number in a port range - + End @@ -766,7 +744,7 @@ End: Indicates the ending port number in a port range - + Transport @@ -797,13 +775,11 @@ Remarks: Additional commentary on the containing object. - + - + Implementation State @@ -835,7 +811,7 @@ User Title: A name given to the user, which may be used by a tool for display and navigation. - + @@ -849,7 +825,7 @@ User Short Name: A short common name, abbreviation, or acronym for the user. - + @@ -863,24 +839,24 @@ User Description: A summary of the user's purpose within the system. - + @@ -893,17 +869,15 @@ Remarks: Additional commentary on the containing object. - + - + User Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. User Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -931,7 +905,7 @@ Privilege Title: A human readable name for the privilege. - + @@ -946,12 +920,12 @@ Privilege Description: A summary of the privilege's purpose within the system. - + @@ -965,7 +939,7 @@ Functions Performed: Describes a function performed for a given authorized privilege by this user class. - + @@ -988,20 +962,20 @@ Inventory Item Description: A summary of the inventory item stating its purpose within the system. - + @@ -1016,15 +990,15 @@ @@ -1037,19 +1011,15 @@ Remarks: Additional commentary on the containing object. - + - + Component Universally Unique Identifier Reference - A machine-oriented identifier reference to a component that is implemented as part of an inventory item. + A machine-oriented identifier reference to a component that is implemented as part of an inventory item. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to a component that is implemented as part of an inventory item. @@ -1067,17 +1037,15 @@ Remarks: Additional commentary on the containing object. - + - + Inventory Item Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Inventory Item Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1104,7 +1072,7 @@ Parameter Value: A parameter value or set of values. - + @@ -1117,19 +1085,15 @@ Remarks: Additional commentary on the containing object. - + - + Parameter ID - A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. + A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. Parameter ID: A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. @@ -1140,14 +1104,14 @@ System Identification - A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. + A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. System Identification: A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. - - + + Identification System Type @@ -1181,62 +1145,62 @@ Document Title: A name given to the document, which may be used by a tool for display and navigation. - + @@ -1249,9 +1213,7 @@ Remarks: Additional commentary on the containing object. - + @@ -1277,32 +1239,32 @@ Document Title: A name given to the document revision, which may be used by a tool for display and navigation. - + @@ -1315,9 +1277,7 @@ Remarks: Additional commentary on the containing object. - + @@ -1343,20 +1303,20 @@ Location Title: A name given to the location, which may be used by a tool for display and navigation. - + @@ -1369,15 +1329,15 @@ Location URL: The uniform resource locator (URL) for a web site or Internet presence associated with the location. - + @@ -1390,17 +1350,15 @@ Remarks: Additional commentary on the containing object. - + - + Location Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Location Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1411,12 +1369,12 @@ Location Reference - A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Location Reference: A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -1438,7 +1396,7 @@ Party Name: The full name of the party. This is typically the legal name associated with the party. - + @@ -1451,7 +1409,7 @@ Party Short Name: A short common name, abbreviation, or acronym for the party. - + @@ -1465,8 +1423,8 @@ Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) - - + + External Identifier Schema @@ -1481,28 +1439,28 @@ @@ -1511,12 +1469,12 @@ Organizational Affiliation - A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Organizational Affiliation: A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -1529,23 +1487,21 @@ Remarks: Additional commentary on the containing object. - + - + Party Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Party Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Party Type @@ -1560,12 +1516,12 @@ Party Reference - A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Party Reference: A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -1588,7 +1544,7 @@ Role Title: A name given to the role, which may be used by a tool for display and navigation. - + @@ -1602,7 +1558,7 @@ Role Short Name: A short common name, abbreviation, or acronym for the role. - + @@ -1616,16 +1572,16 @@ Role Description: A summary of the role's purpose and associated responsibilities. - + @@ -1638,17 +1594,15 @@ Remarks: Additional commentary on the containing object. - + - + Role Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Role Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1659,12 +1613,12 @@ Role Identifier Reference - A human-oriented identifier reference to roles served by the user. + A human-oriented identifier reference to roles served by the user. Role Identifier Reference: A human-oriented identifier reference to roles served by the user. - + @@ -1698,7 +1652,7 @@ Resource Title: A name given to the resource, which may be used by a tool for display and navigation. - + @@ -1713,16 +1667,16 @@ Resource Description: A short summary of the resource used to indicate the purpose of the resource. - + @@ -1747,16 +1701,16 @@ Citation Text: A line of citation text. - + @@ -1774,13 +1728,11 @@ - + Hypertext Reference @@ -1790,11 +1742,11 @@ Hypertext Reference: A resolvable URI reference to a resource. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -1813,22 +1765,22 @@ Base64: The Base64 alphabet in RFC 2045 - aligned with XSD. - - + + File Name - Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. + Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. File Name: Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -1848,17 +1800,15 @@ Remarks: Additional commentary on the containing object. - + - + Resource Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Resource Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1888,13 +1838,11 @@ Remarks: Additional commentary on the containing object. - + - + Property Name @@ -1904,17 +1852,17 @@ Property Name: A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. - + Property Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Property Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Property Namespace @@ -1924,9 +1872,7 @@ Property Namespace: A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name. - + Property Value @@ -1936,11 +1882,11 @@ Property Value: Indicates the value of the attribute, characteristic, or quality. - + Property Class - A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. @@ -1968,14 +1914,12 @@ Link Text: A textual label to associate with the link, which may be used for presentation in a tool. - + - + Hypertext Reference @@ -1985,7 +1929,7 @@ Hypertext Reference: A resolvable URL reference to a resource. - + Relation @@ -1995,11 +1939,11 @@ Relation: Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -2017,15 +1961,15 @@ @@ -2038,19 +1982,15 @@ Remarks: Additional commentary on the containing object. - + - + Responsible Role - A human-oriented identifier reference to roles served by the user. + A human-oriented identifier reference to roles served by the user. Responsible Role: A human-oriented identifier reference to roles served by the user. @@ -2068,15 +2008,15 @@ @@ -2089,19 +2029,15 @@ Remarks: Additional commentary on the containing object. - + - + Responsible Role ID - A human-oriented identifier reference to roles responsible for the business function. + A human-oriented identifier reference to roles responsible for the business function. Responsible Role ID: A human-oriented identifier reference to roles responsible for the business function. @@ -2118,10 +2054,8 @@ Hash: A representation of a cryptographic digest generated over a resource using a specified hash algorithm. - - + + Hash algorithm @@ -2144,30 +2078,30 @@ Remarks: Additional commentary on the containing object. - + Publication Timestamp - The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. Publication Timestamp: The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. - + Last Modified Timestamp - The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. Last Modified Timestamp: The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. - + @@ -2178,7 +2112,7 @@ Document Version: A string used to distinguish the current version of the document from other previous (and future) versions. - + @@ -2189,18 +2123,18 @@ OSCAL version: The OSCAL model version the document was authored against. - + Email Address - An email address as defined by RFC 5322 Section 3.4.1. + An email address as defined by RFC 5322 Section 3.4.1. Email Address: An email address as defined by RFC 5322 Section 3.4.1. - + @@ -2212,8 +2146,8 @@ Telephone Number: Contact number by telephone. - - + + type flag @@ -2237,7 +2171,7 @@ @@ -2250,7 +2184,7 @@ City: City, town or geographical region for the mailing address. - + @@ -2263,7 +2197,7 @@ State: State, province or analogous geographical region for mailing address - + @@ -2276,7 +2210,7 @@ Postal Code: Postal or ZIP code for mailing address - + @@ -2289,11 +2223,11 @@ Country Code: The ISO 3166-1 alpha-2 country code for the mailing address. - + - + Address Type @@ -2313,20 +2247,20 @@ Address line: A single line of an address. - + Document Identifier - A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. Document Identifier: A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. - - + + Document Identification Scheme @@ -2360,37 +2294,35 @@ Part Title: A name given to the part, which may be used by a tool for display and navigation. - + - + - + Part Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Part Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Part Name @@ -2400,7 +2332,7 @@ Part Name: A textual label that uniquely identifies the part's semantic type. - + Part Namespace @@ -2410,11 +2342,11 @@ Part Namespace: A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. - + Part Class - A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. Part Class: A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. @@ -2432,11 +2364,11 @@ @@ -2444,13 +2376,13 @@ Parameter Label - A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. + A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. Parameter Label: A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. - + @@ -2465,25 +2397,25 @@ Parameter Usage Description: Describes the purpose and use of a parameter - + @@ -2497,23 +2429,21 @@ Remarks: Additional commentary on the containing object. - + - + Parameter Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Parameter Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Parameter Class @@ -2523,7 +2453,7 @@ Parameter Class: A textual label that provides a characterization of the parameter. - + Depends on @@ -2555,7 +2485,7 @@ Constraint Description: A textual summary of the constraint to be applied. - + @@ -2580,7 +2510,7 @@ Constraint test: A formal (executable) expression of a constraint - + @@ -2593,9 +2523,7 @@ Remarks: Additional commentary on the containing object. - + @@ -2613,9 +2541,7 @@ Guideline: A prose statement that provides a recommendation for the use of a parameter. - + @@ -2627,7 +2553,7 @@ Parameter Value: A parameter value or set of values. - + @@ -2650,12 +2576,12 @@ Choice: A value selection among several such options - + - + Parameter Cardinality @@ -2676,55 +2602,38 @@ Include All: Include all controls from the imported catalog or profile resources. - - - - - + + + + - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + - - - - - - - - - The content model is the same as blockElementType, but line endings need - to be preserved, since this is preformatted. - - - + + + + - + - The content model is the same as blockElementType, but line endings need + The content model is the same as inlineType, but line endings need to be preserved, since this is preformatted. @@ -2733,42 +2642,39 @@ + - - - + + + - + - - - - + + + + + - + - - + + + + + @@ -2777,65 +2683,55 @@ - - - - - - - - + + + + + + + + + + + + - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + - + + + - + + + + - - An insert can be used to identify a placeholder for dynamically inserting text related to a specific object, which is referenced by the object's identifier using an id-ref. This insert mechanism allows the selection of which text value from the object to dynamically include based on the application's display requirements. + An insert can be used to identify a placeholder for dynamically inserting text related to a specific object, which is referenced by the object's identifier using an id-ref. This insert mechanism allows the selection of which text value from the object to dynamically include based on the application's display requirements. @@ -2844,95 +2740,25 @@ - The identity of the object to insert a value for. The identity will be selected from the index of objects of the specified type. The specific value to include is based on the application's display requirements, which will likely use a specific data element associated with the type (e.g., title, identifier, value, etc.) that is appropriate for the application. + The identity of the object to insert a value for. The identity will be selected from the index of objects of the specified type. The specific value to include is based on the application's display requirements, which will likely use a specific data element associated with the type (e.g., title, identifier, value, etc.) that is appropriate for the application. - - - - - A string, but not empty and not whitespace-only (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) - - - - - - The xs:dateTime with a required timezone. - - - - - - An email address - - - - - - A URI - - - - - - A URI reference, such as a relative URL - - - - - - A Type 4 ('random' or 'pseudorandom' UUID per RFC 4122 - - - - - - A string token following the rules of XML "no colon" names, with no whitespace. (XML names are single alphabetic characters - followed by alphanumeric characters, periods, underscores or dashes.) - - - A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. - - - - - - - - The xs:date with a required timezone. - - - - - - - - - - The xs:dateTime with a required timezone. - + @@ -2940,7 +2766,7 @@ An email address - + Need a better pattern. @@ -2948,40 +2774,12 @@ - - - A host name - - - - - - The ip-v4-address type specifies an IPv4 address in - dot decimal notation. - - - - - - - - The ip-v6-address type specifies an IPv6 address - represented in 8 hextets separated by colons. - This is based on the pattern provided here: - https://stackoverflow.com/questions/53497/regular-expression-that-matches-valid-ipv6-addresses - with some customizations. - - - - - - - - + + A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. @@ -2989,18 +2787,38 @@ A string, but not empty and not whitespace-only - (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) + (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) The OSCAL 'string' datatype restricts the XSD type by prohibiting leading - and trailing whitespace, and something (not only whitespace) is required. + and trailing whitespace, and something (not only whitespace) is required. A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. + + + + + + + + A string token following the rules of XML "no + colon" names, with no whitespace. (XML names are single alphabetic + characters followed by alphanumeric characters, periods, underscores or dashes.) + + + + + + + + A single token may not contain whitespace. + @@ -3020,13 +2838,13 @@ A URI reference, such as a relative URL - + A trimmed URI, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. @@ -3034,14 +2852,14 @@ A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC - 4122. + 4122. - + A sequence of 8-4-4-4-12 hex digits, with extra - constraints in the 13th and 17-18th places for version 4 and 5 - + constraints in the 13th and 17-18th places for version 4 and 5 + diff --git a/xml/schema/oscal_mapping_schema.xsd b/xml/schema/oscal_mapping_schema.xsd index f43fabe7d8..4ee462849e 100644 --- a/xml/schema/oscal_mapping_schema.xsd +++ b/xml/schema/oscal_mapping_schema.xsd @@ -1,8 +1,8 @@ - @@ -18,7 +18,7 @@ + type="oscal-mapping-mapping-collection-ASSEMBLY"/> @@ -30,19 +30,19 @@ - + Mapping Collection Universally Unique Identifier @@ -64,23 +64,23 @@ - + Mapping Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document. Mapping Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document. @@ -108,62 +108,62 @@ Document Title: A name given to the document, which may be used by a tool for display and navigation. - + @@ -176,9 +176,7 @@ Remarks: Additional commentary on the containing object. - + @@ -204,32 +202,32 @@ Document Title: A name given to the document revision, which may be used by a tool for display and navigation. - + @@ -242,9 +240,7 @@ Remarks: Additional commentary on the containing object. - + @@ -270,20 +266,20 @@ Location Title: A name given to the location, which may be used by a tool for display and navigation. - + @@ -296,15 +292,15 @@ Location URL: The uniform resource locator (URL) for a web site or Internet presence associated with the location. - + @@ -317,17 +313,15 @@ Remarks: Additional commentary on the containing object. - + - + Location Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Location Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -338,12 +332,12 @@ Location Reference - A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Location Reference: A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -365,7 +359,7 @@ Party Name: The full name of the party. This is typically the legal name associated with the party. - + @@ -378,7 +372,7 @@ Party Short Name: A short common name, abbreviation, or acronym for the party. - + @@ -392,8 +386,8 @@ Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) - - + + External Identifier Schema @@ -408,28 +402,28 @@ @@ -438,12 +432,12 @@ Organizational Affiliation - A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Organizational Affiliation: A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -456,23 +450,21 @@ Remarks: Additional commentary on the containing object. - + - + Party Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Party Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Party Type @@ -487,12 +479,12 @@ Party Reference - A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Party Reference: A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -515,7 +507,7 @@ Role Title: A name given to the role, which may be used by a tool for display and navigation. - + @@ -529,7 +521,7 @@ Role Short Name: A short common name, abbreviation, or acronym for the role. - + @@ -543,16 +535,16 @@ Role Description: A summary of the role's purpose and associated responsibilities. - + @@ -565,23 +557,32 @@ Remarks: Additional commentary on the containing object. - + - + Role Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Role Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + + + + Role Identifier Reference + A human-oriented identifier reference to roles served by the user. + + + Role Identifier Reference: A human-oriented identifier reference to roles served by the user. + + + @@ -614,7 +615,7 @@ Resource Title: A name given to the resource, which may be used by a tool for display and navigation. - + @@ -629,16 +630,16 @@ Resource Description: A short summary of the resource used to indicate the purpose of the resource. - + @@ -663,16 +664,16 @@ Citation Text: A line of citation text. - + @@ -690,11 +691,11 @@ - + Hypertext Reference @@ -704,11 +705,11 @@ Hypertext Reference: A resolvable URI reference to a resource. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -727,22 +728,22 @@ Base64: The Base64 alphabet in RFC 2045 - aligned with XSD. - - + + File Name - Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. + Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. File Name: Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -762,17 +763,15 @@ Remarks: Additional commentary on the containing object. - + - + Resource Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Resource Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -802,13 +801,11 @@ Remarks: Additional commentary on the containing object. - + - + Property Name @@ -818,17 +815,17 @@ Property Name: A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. - + Property Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Property Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Property Namespace @@ -838,7 +835,7 @@ Property Namespace: A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name. - + Property Value @@ -848,11 +845,11 @@ Property Value: Indicates the value of the attribute, characteristic, or quality. - + Property Class - A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. @@ -880,12 +877,12 @@ Link Text: A textual label to associate with the link, which may be used for presentation in a tool. - + - + Hypertext Reference @@ -895,7 +892,7 @@ Hypertext Reference: A resolvable URL reference to a resource. - + Relation @@ -905,11 +902,11 @@ Relation: Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -927,15 +924,15 @@ @@ -948,17 +945,15 @@ Remarks: Additional commentary on the containing object. - + - + Responsible Role - A human-oriented identifier reference to roles served by the user. + A human-oriented identifier reference to roles served by the user. Responsible Role: A human-oriented identifier reference to roles served by the user. @@ -976,15 +971,15 @@ @@ -997,17 +992,15 @@ Remarks: Additional commentary on the containing object. - + - + Responsible Role ID - A human-oriented identifier reference to roles responsible for the business function. + A human-oriented identifier reference to roles responsible for the business function. Responsible Role ID: A human-oriented identifier reference to roles responsible for the business function. @@ -1024,8 +1017,8 @@ Hash: A representation of a cryptographic digest generated over a resource using a specified hash algorithm. - - + + Hash algorithm @@ -1048,30 +1041,30 @@ Remarks: Additional commentary on the containing object. - + Publication Timestamp - The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. Publication Timestamp: The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. - + Last Modified Timestamp - The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. Last Modified Timestamp: The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. - + @@ -1082,7 +1075,7 @@ Document Version: A string used to distinguish the current version of the document from other previous (and future) versions. - + @@ -1093,18 +1086,18 @@ OSCAL version: The OSCAL model version the document was authored against. - + Email Address - An email address as defined by RFC 5322 Section 3.4.1. + An email address as defined by RFC 5322 Section 3.4.1. Email Address: An email address as defined by RFC 5322 Section 3.4.1. - + @@ -1116,8 +1109,8 @@ Telephone Number: Contact number by telephone. - - + + type flag @@ -1141,7 +1134,7 @@ @@ -1154,7 +1147,7 @@ City: City, town or geographical region for the mailing address. - + @@ -1167,7 +1160,7 @@ State: State, province or analogous geographical region for mailing address - + @@ -1180,7 +1173,7 @@ Postal Code: Postal or ZIP code for mailing address - + @@ -1193,11 +1186,11 @@ Country Code: The ISO 3166-1 alpha-2 country code for the mailing address. - + - + Address Type @@ -1217,20 +1210,20 @@ Address line: A single line of an address. - + Document Identifier - A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. Document Identifier: A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. - - + + Document Identification Scheme @@ -1254,11 +1247,11 @@ @@ -1272,8 +1265,8 @@ Mapping Entry Relationship: The relationship type for the mapping entry, which describes the relationship between the effective requirements of the specified source and target sets. - - + + Relationship Value Namespace @@ -1288,11 +1281,11 @@ @@ -1305,13 +1298,11 @@ Remarks: Additional commentary on the containing object. - + - + Mapping Entry Identifier @@ -1333,11 +1324,11 @@ @@ -1350,13 +1341,11 @@ Remarks: Additional commentary on the containing object. - + - + Subject Type @@ -1366,7 +1355,7 @@ Subject Type: The semantic type of the subject. - + Subject Type @@ -1388,11 +1377,11 @@ @@ -1405,13 +1394,11 @@ Remarks: Additional commentary on the containing object. - + - + Resource Type @@ -1421,7 +1408,7 @@ Resource Type: The semantic type of the resource. - + Catalog or Profile Reference @@ -1432,55 +1419,38 @@ - - - - - + + + + - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + - - - - - - - - - The content model is the same as blockElementType, but line endings need - to be preserved, since this is preformatted. - - - + + + + - + - The content model is the same as blockElementType, but line endings need + The content model is the same as inlineType, but line endings need to be preserved, since this is preformatted. @@ -1489,34 +1459,39 @@ + - - - + + + - + - - - - + + + + + - + - - + + + + + @@ -1525,49 +1500,55 @@ - - - - - - - - + + + + + + + + + + + + - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + - + + + - + + + + - - An insert can be used to identify a placeholder for dynamically inserting text related to a specific object, which is referenced by the object's identifier using an id-ref. This insert mechanism allows the selection of which text value from the object to dynamically include based on the application's display requirements. + An insert can be used to identify a placeholder for dynamically inserting text related to a specific object, which is referenced by the object's identifier using an id-ref. This insert mechanism allows the selection of which text value from the object to dynamically include based on the application's display requirements. @@ -1576,95 +1557,25 @@ - The identity of the object to insert a value for. The identity will be selected from the index of objects of the specified type. The specific value to include is based on the application's display requirements, which will likely use a specific data element associated with the type (e.g., title, identifier, value, etc.) that is appropriate for the application. + The identity of the object to insert a value for. The identity will be selected from the index of objects of the specified type. The specific value to include is based on the application's display requirements, which will likely use a specific data element associated with the type (e.g., title, identifier, value, etc.) that is appropriate for the application. - - - - - A string, but not empty and not whitespace-only (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) - - - - - - The xs:dateTime with a required timezone. - - - - - - An email address - - - - - - A URI - - - - - - A URI reference, such as a relative URL - - - - - - A Type 4 ('random' or 'pseudorandom' UUID per RFC 4122 - - - - - - A string token following the rules of XML "no colon" names, with no whitespace. (XML names are single alphabetic characters - followed by alphanumeric characters, periods, underscores or dashes.) - - - A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. - - - - - - - - The xs:date with a required timezone. - - - - - - - - - - The xs:dateTime with a required timezone. - + @@ -1672,7 +1583,7 @@ An email address - + Need a better pattern. @@ -1680,59 +1591,41 @@ - - - A host name - - - - - - The ip-v4-address type specifies an IPv4 address in - dot decimal notation. - - - - - - + - The ip-v6-address type specifies an IPv6 address - represented in 8 hextets separated by colons. - This is based on the pattern provided here: - https://stackoverflow.com/questions/53497/regular-expression-that-matches-valid-ipv6-addresses - with some customizations. + A string, but not empty and not whitespace-only + (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) - - - - - - + + The OSCAL 'string' datatype restricts the XSD type by prohibiting leading + and trailing whitespace, and something (not only whitespace) is required. + + A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. - + - A string, but not empty and not whitespace-only - (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) + + A string token following the rules of XML "no + colon" names, with no whitespace. (XML names are single alphabetic + characters followed by alphanumeric characters, periods, underscores or dashes.) + - - - The OSCAL 'string' datatype restricts the XSD type by prohibiting leading - and trailing whitespace, and something (not only whitespace) is required. - - - + + + - A trimmed string, at least one character with no - leading or trailing whitespace. + + A single token may not contain whitespace. + @@ -1752,13 +1645,13 @@ A URI reference, such as a relative URL - + A trimmed URI, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. @@ -1766,14 +1659,14 @@ A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC - 4122. + 4122. - + A sequence of 8-4-4-4-12 hex digits, with extra - constraints in the 13th and 17-18th places for version 4 and 5 - + constraints in the 13th and 17-18th places for version 4 and 5 + diff --git a/xml/schema/oscal_poam_schema.xsd b/xml/schema/oscal_poam_schema.xsd index f774b7a8a4..26893e17bb 100644 --- a/xml/schema/oscal_poam_schema.xsd +++ b/xml/schema/oscal_poam_schema.xsd @@ -1,8 +1,8 @@ - @@ -19,7 +19,7 @@ + type="oscal-poam-plan-of-action-and-milestones-ASSEMBLY"/> @@ -31,43 +31,43 @@ - + POA&M Universally Unique Identifier - A machine-oriented, globally unique identifier with instancescope that can be used to reference this POA&M instance in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with instancescope that can be used to reference this POA&M instance in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. POA&M Universally Unique Identifier: A machine-oriented, globally unique identifier with instancescope that can be used to reference this POA&M instance in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -85,11 +85,11 @@ @@ -102,9 +102,7 @@ Remarks: Additional commentary on the containing object. - + @@ -130,7 +128,7 @@ POA&M Item Title: The title or name for this POA&M item . - + @@ -145,16 +143,16 @@ POA&M Item Description: A human-readable description of POA&M item. - + @@ -169,7 +167,7 @@ @@ -185,11 +183,11 @@ Related Observation: Relates the poam-item to a set of referenced observations that were used to determine the finding. - + Observation Universally Unique Identifier Reference - A machine-oriented identifier reference to an observation defined in the list of observations. + A machine-oriented identifier reference to an observation defined in the list of observations. Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. @@ -207,11 +205,11 @@ Associated Risk: Relates the finding to a set of referenced risks that were used to determine the finding. - + Risk Universally Unique Identifier Reference - A machine-oriented identifier reference to a risk defined in the list of risks. + A machine-oriented identifier reference to a risk defined in the list of risks. Risk Universally Unique Identifier Reference: A machine-oriented identifier reference to a risk defined in the list of risks. @@ -229,17 +227,15 @@ Remarks: Additional commentary on the containing object. - + - + POA&M Item Universally Unique Identifier - A machine-oriented, globally unique identifier with instance scope that can be used to reference this POA&M item entry in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with instance scope that can be used to reference this POA&M item entry in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. POA&M Item Universally Unique Identifier: A machine-oriented, globally unique identifier with instance scope that can be used to reference this POA&M item entry in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -267,62 +263,62 @@ Document Title: A name given to the document, which may be used by a tool for display and navigation. - + @@ -335,9 +331,7 @@ Remarks: Additional commentary on the containing object. - + @@ -363,32 +357,32 @@ Document Title: A name given to the document revision, which may be used by a tool for display and navigation. - + @@ -401,9 +395,7 @@ Remarks: Additional commentary on the containing object. - + @@ -429,20 +421,20 @@ Location Title: A name given to the location, which may be used by a tool for display and navigation. - + @@ -455,15 +447,15 @@ Location URL: The uniform resource locator (URL) for a web site or Internet presence associated with the location. - + @@ -476,17 +468,15 @@ Remarks: Additional commentary on the containing object. - + - + Location Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Location Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -497,12 +487,12 @@ Location Reference - A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Location Reference: A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -524,7 +514,7 @@ Party Name: The full name of the party. This is typically the legal name associated with the party. - + @@ -537,7 +527,7 @@ Party Short Name: A short common name, abbreviation, or acronym for the party. - + @@ -551,8 +541,8 @@ Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) - - + + External Identifier Schema @@ -567,28 +557,28 @@ @@ -597,12 +587,12 @@ Organizational Affiliation - A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Organizational Affiliation: A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -615,23 +605,21 @@ Remarks: Additional commentary on the containing object. - + - + Party Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Party Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Party Type @@ -646,12 +634,12 @@ Party Reference - A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Party Reference: A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -674,7 +662,7 @@ Role Title: A name given to the role, which may be used by a tool for display and navigation. - + @@ -688,7 +676,7 @@ Role Short Name: A short common name, abbreviation, or acronym for the role. - + @@ -702,16 +690,16 @@ Role Description: A summary of the role's purpose and associated responsibilities. - + @@ -724,17 +712,15 @@ Remarks: Additional commentary on the containing object. - + - + Role Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Role Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -745,12 +731,12 @@ Role Identifier Reference - A human-oriented identifier reference to roles served by the user. + A human-oriented identifier reference to roles served by the user. Role Identifier Reference: A human-oriented identifier reference to roles served by the user. - + @@ -784,7 +770,7 @@ Resource Title: A name given to the resource, which may be used by a tool for display and navigation. - + @@ -799,16 +785,16 @@ Resource Description: A short summary of the resource used to indicate the purpose of the resource. - + @@ -833,16 +819,16 @@ Citation Text: A line of citation text. - + @@ -860,11 +846,11 @@ - + Hypertext Reference @@ -874,11 +860,11 @@ Hypertext Reference: A resolvable URI reference to a resource. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -897,22 +883,22 @@ Base64: The Base64 alphabet in RFC 2045 - aligned with XSD. - - + + File Name - Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. + Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. File Name: Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -932,17 +918,15 @@ Remarks: Additional commentary on the containing object. - + - + Resource Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Resource Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -972,13 +956,11 @@ Remarks: Additional commentary on the containing object. - + - + Property Name @@ -988,17 +970,17 @@ Property Name: A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. - + Property Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Property Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Property Namespace @@ -1008,7 +990,7 @@ Property Namespace: A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name. - + Property Value @@ -1018,11 +1000,11 @@ Property Value: Indicates the value of the attribute, characteristic, or quality. - + Property Class - A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. @@ -1050,12 +1032,12 @@ Link Text: A textual label to associate with the link, which may be used for presentation in a tool. - + - + Hypertext Reference @@ -1065,7 +1047,7 @@ Hypertext Reference: A resolvable URL reference to a resource. - + Relation @@ -1075,11 +1057,11 @@ Relation: Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -1097,15 +1079,15 @@ @@ -1118,17 +1100,15 @@ Remarks: Additional commentary on the containing object. - + - + Responsible Role - A human-oriented identifier reference to roles served by the user. + A human-oriented identifier reference to roles served by the user. Responsible Role: A human-oriented identifier reference to roles served by the user. @@ -1146,15 +1126,15 @@ @@ -1167,17 +1147,15 @@ Remarks: Additional commentary on the containing object. - + - + Responsible Role ID - A human-oriented identifier reference to roles responsible for the business function. + A human-oriented identifier reference to roles responsible for the business function. Responsible Role ID: A human-oriented identifier reference to roles responsible for the business function. @@ -1194,8 +1172,8 @@ Hash: A representation of a cryptographic digest generated over a resource using a specified hash algorithm. - - + + Hash algorithm @@ -1218,30 +1196,30 @@ Remarks: Additional commentary on the containing object. - + Publication Timestamp - The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. Publication Timestamp: The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. - + Last Modified Timestamp - The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. Last Modified Timestamp: The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. - + @@ -1252,7 +1230,7 @@ Document Version: A string used to distinguish the current version of the document from other previous (and future) versions. - + @@ -1263,18 +1241,18 @@ OSCAL version: The OSCAL model version the document was authored against. - + Email Address - An email address as defined by RFC 5322 Section 3.4.1. + An email address as defined by RFC 5322 Section 3.4.1. Email Address: An email address as defined by RFC 5322 Section 3.4.1. - + @@ -1286,8 +1264,8 @@ Telephone Number: Contact number by telephone. - - + + type flag @@ -1311,7 +1289,7 @@ @@ -1324,7 +1302,7 @@ City: City, town or geographical region for the mailing address. - + @@ -1337,7 +1315,7 @@ State: State, province or analogous geographical region for mailing address - + @@ -1350,7 +1328,7 @@ Postal Code: Postal or ZIP code for mailing address - + @@ -1363,11 +1341,11 @@ Country Code: The ISO 3166-1 alpha-2 country code for the mailing address. - + - + Address Type @@ -1387,20 +1365,20 @@ Address line: A single line of an address. - + Document Identifier - A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. Document Identifier: A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. - - + + Document Identification Scheme @@ -1434,7 +1412,7 @@ Component Title: A human readable name for the system component. - + @@ -1449,7 +1427,7 @@ Component Description: A description of the component, including information about its function. - + @@ -1464,16 +1442,16 @@ Purpose: A summary of the technological or business purpose of the component. - + @@ -1497,13 +1475,11 @@ Remarks: Additional commentary on the containing object. - + - + State @@ -1516,11 +1492,11 @@ @@ -1533,23 +1509,21 @@ Remarks: Additional commentary on the containing object. - + - + Component Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Component Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Component Type @@ -1581,30 +1555,30 @@ Protocol Title: A human readable name for the protocol (e.g., Transport Layer Security). - + - + Service Protocol Information Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Service Protocol Information Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Protocol Name - The common name of the protocol, which should be the appropriate "service name" from the IANA Service Name and Transport Protocol Port Number Registry. + The common name of the protocol, which should be the appropriate "service name" from the IANA Service Name and Transport Protocol Port Number Registry. Protocol Name: The common name of the protocol, which should be the appropriate "service name" from the IANA Service Name and Transport Protocol Port Number Registry. @@ -1620,7 +1594,7 @@ Port Range: Where applicable this is the IPv4 port range on which the service operates. - + Start @@ -1630,7 +1604,7 @@ Start: Indicates the starting port number in a port range - + End @@ -1640,7 +1614,7 @@ End: Indicates the ending port number in a port range - + Transport @@ -1671,13 +1645,11 @@ Remarks: Additional commentary on the containing object. - + - + Implementation State @@ -1709,7 +1681,7 @@ User Title: A name given to the user, which may be used by a tool for display and navigation. - + @@ -1723,7 +1695,7 @@ User Short Name: A short common name, abbreviation, or acronym for the user. - + @@ -1737,24 +1709,24 @@ User Description: A summary of the user's purpose within the system. - + @@ -1767,17 +1739,15 @@ Remarks: Additional commentary on the containing object. - + - + User Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. User Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1805,7 +1775,7 @@ Privilege Title: A human readable name for the privilege. - + @@ -1820,12 +1790,12 @@ Privilege Description: A summary of the privilege's purpose within the system. - + @@ -1839,7 +1809,7 @@ Functions Performed: Describes a function performed for a given authorized privilege by this user class. - + @@ -1862,20 +1832,20 @@ Inventory Item Description: A summary of the inventory item stating its purpose within the system. - + @@ -1890,15 +1860,15 @@ @@ -1911,17 +1881,15 @@ Remarks: Additional commentary on the containing object. - + - + Component Universally Unique Identifier Reference - A machine-oriented identifier reference to a component that is implemented as part of an inventory item. + A machine-oriented identifier reference to a component that is implemented as part of an inventory item. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to a component that is implemented as part of an inventory item. @@ -1939,17 +1907,15 @@ Remarks: Additional commentary on the containing object. - + - + Inventory Item Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Inventory Item Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1976,7 +1942,7 @@ Parameter Value: A parameter value or set of values. - + @@ -1989,17 +1955,15 @@ Remarks: Additional commentary on the containing object. - + - + Parameter ID - A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. + A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. Parameter ID: A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. @@ -2010,14 +1974,14 @@ System Identification - A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. + A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. System Identification: A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. - - + + Identification System Type @@ -2051,37 +2015,35 @@ Part Title: A name given to the part, which may be used by a tool for display and navigation. - + - + - + Part Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Part Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Part Name @@ -2091,7 +2053,7 @@ Part Name: A textual label that uniquely identifies the part's semantic type. - + Part Namespace @@ -2101,11 +2063,11 @@ Part Namespace: A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. - + Part Class - A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. Part Class: A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. @@ -2123,11 +2085,11 @@ @@ -2135,13 +2097,13 @@ Parameter Label - A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. + A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. Parameter Label: A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. - + @@ -2156,25 +2118,25 @@ Parameter Usage Description: Describes the purpose and use of a parameter - + @@ -2188,23 +2150,21 @@ Remarks: Additional commentary on the containing object. - + - + Parameter Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Parameter Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Parameter Class @@ -2214,7 +2174,7 @@ Parameter Class: A textual label that provides a characterization of the parameter. - + Depends on @@ -2246,7 +2206,7 @@ Constraint Description: A textual summary of the constraint to be applied. - + @@ -2271,7 +2231,7 @@ Constraint test: A formal (executable) expression of a constraint - + @@ -2284,9 +2244,7 @@ Remarks: Additional commentary on the containing object. - + @@ -2304,9 +2262,7 @@ Guideline: A prose statement that provides a recommendation for the use of a parameter. - + @@ -2318,7 +2274,7 @@ Parameter Value: A parameter value or set of values. - + @@ -2341,12 +2297,12 @@ Choice: A value selection among several such options - + - + Parameter Cardinality @@ -2387,13 +2343,11 @@ Remarks: Additional commentary on the containing object. - + - + System Security Plan Reference @@ -2425,20 +2379,20 @@ Objective Description: A human-readable description of this control objective. - + @@ -2451,17 +2405,15 @@ Remarks: Additional commentary on the containing object. - + - + Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -2489,20 +2441,20 @@ Assessment Method Description: A human-readable description of this assessment method. - + @@ -2515,17 +2467,15 @@ Remarks: Additional commentary on the containing object. - + - + Assessment Method Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Method Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2553,7 +2503,7 @@ Included Activity Title: The title for this included activity. - + @@ -2568,16 +2518,16 @@ Included Activity Description: A human-readable description of this included activity. - + @@ -2602,7 +2552,7 @@ Step Title: The title for this step. - + @@ -2617,24 +2567,24 @@ Step Description: A human-readable description of this step. - + @@ -2647,17 +2597,15 @@ Remarks: Additional commentary on the containing object. - + - + Step Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Step Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2666,11 +2614,11 @@ @@ -2683,17 +2631,15 @@ Remarks: Additional commentary on the containing object. - + - + Assessment Activity Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Activity Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2721,7 +2667,7 @@ Task Title: The title for this task. - + @@ -2736,16 +2682,16 @@ Task Description: A human-readable description of this task. - + @@ -2770,7 +2716,7 @@ On Date Condition: The task is intended to occur on the specified date. - + On Date Condition @@ -2792,9 +2738,7 @@ On Date Range Condition: The task is intended to occur within the specified date range. - + Start Date Condition @@ -2804,7 +2748,7 @@ Start Date Condition: The task must occur on or after the specified date. - + End Date Condition @@ -2826,7 +2770,7 @@ Frequency Condition: The task is intended to occur at the specified frequency. - + Period @@ -2836,7 +2780,7 @@ Period: The task must occur after the specified period has elapsed. - + Time Unit @@ -2873,17 +2817,15 @@ Remarks: Additional commentary on the containing object. - + - + Task Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique task. + A machine-oriented identifier reference to a unique task. Task Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique task. @@ -2892,7 +2834,7 @@ @@ -2907,19 +2849,19 @@ @@ -2932,17 +2874,15 @@ Remarks: Additional commentary on the containing object. - + - + Activity Universally Unique Identifier Reference - A machine-oriented identifier reference to an activity defined in the list of activities. + A machine-oriented identifier reference to an activity defined in the list of activities. Activity Universally Unique Identifier Reference: A machine-oriented identifier reference to an activity defined in the list of activities. @@ -2951,11 +2891,11 @@ @@ -2968,23 +2908,21 @@ Remarks: Additional commentary on the containing object. - + - + Task Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Task Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Task Type @@ -3016,16 +2954,16 @@ Control Objective Description: A human-readable description of control objectives. - + @@ -3050,30 +2988,30 @@ Assessed Controls Description: A human-readable description of in-scope controls specified for assessment. - + @@ -3086,9 +3024,7 @@ Remarks: Additional commentary on the containing object. - + @@ -3118,30 +3054,30 @@ Control Objectives Description: A human-readable description of this collection of control objectives. - + @@ -3154,9 +3090,7 @@ Remarks: Additional commentary on the containing object. - + @@ -3172,9 +3106,7 @@ Remarks: Additional commentary on the containing object. - + @@ -3199,15 +3131,15 @@ Include Specific Statements: Used to constrain the selection to only specificity identified statements. - + - + Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -3223,7 +3155,7 @@ Select Objective: Used to select a control objective for inclusion/exclusion based on the control objective's identifier. - + Objective ID @@ -3255,7 +3187,7 @@ Assessment Subject Placeholder Description: A human-readable description of intent of this assessment subject placeholder. - + @@ -3269,11 +3201,11 @@ Assessment Subject Source: Assessment subjects will be identified while conducting the referenced activity-instance. - + Task Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Task Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3282,11 +3214,11 @@ @@ -3299,17 +3231,15 @@ Remarks: Additional commentary on the containing object. - + - + Assessment Subject Placeholder Universally Unique Identifier - A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Subject Placeholder Universally Unique Identifier: A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3337,30 +3267,30 @@ Include Subjects Description: A human-readable description of the collection of subjects being included in this assessment. - + @@ -3373,13 +3303,11 @@ Remarks: Additional commentary on the containing object. - + - + Subject Type @@ -3401,11 +3329,11 @@ @@ -3418,27 +3346,25 @@ Remarks: Additional commentary on the containing object. - + - + Subject Universally Unique Identifier Reference - A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. + A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. Subject Universally Unique Identifier Reference: A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. - + Subject Universally Unique Identifier Reference Type - Used to indicate the type of object pointed to by the uuid-ref within a subject. + Used to indicate the type of object pointed to by the uuid-ref within a subject. Subject Universally Unique Identifier Reference Type: Used to indicate the type of object pointed to by the uuid-ref within a subject. @@ -3449,7 +3375,7 @@ Identifies the Subject - A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. + A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. Identifies the Subject: A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. @@ -3466,16 +3392,16 @@ Subject Reference Title: The title or name for the referenced subject. - + @@ -3488,27 +3414,25 @@ Remarks: Additional commentary on the containing object. - + - + Subject Universally Unique Identifier Reference - A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. + A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. Subject Universally Unique Identifier Reference: A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. - + Subject Universally Unique Identifier Reference Type - Used to indicate the type of object pointed to by the uuid-ref within a subject. + Used to indicate the type of object pointed to by the uuid-ref within a subject. Subject Universally Unique Identifier Reference Type: Used to indicate the type of object pointed to by the uuid-ref within a subject. @@ -3526,7 +3450,7 @@ @@ -3551,16 +3475,16 @@ Assessment Platform Title: The title or name for the assessment platform. - + @@ -3575,15 +3499,15 @@ @@ -3596,17 +3520,15 @@ Remarks: Additional commentary on the containing object. - + - + Component Universally Unique Identifier Reference - A machine-oriented identifier reference to a component that is implemented as part of an inventory item. + A machine-oriented identifier reference to a component that is implemented as part of an inventory item. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to a component that is implemented as part of an inventory item. @@ -3624,17 +3546,15 @@ Remarks: Additional commentary on the containing object. - + - + Assessment Platform Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Platform Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3665,7 +3585,7 @@ Objective Status Title: The title for this objective status. - + @@ -3680,16 +3600,16 @@ Objective Status Description: A human-readable description of the assessor's conclusions regarding the degree to which an objective is satisfied. - + @@ -3713,13 +3633,11 @@ Remarks: Additional commentary on the containing object. - + - + Objective Status State @@ -3729,7 +3647,7 @@ Objective Status State: An indication as to whether the objective is satisfied or not. - + Objective Status Reason @@ -3742,7 +3660,7 @@ @@ -3755,13 +3673,11 @@ Remarks: Additional commentary on the containing object. - + - + Finding Target Type @@ -3771,11 +3687,11 @@ Finding Target Type: Identifies the type of the target. - + Finding Target Identifier Reference - A machine-oriented identifier reference for a specific target qualified by the type. + A machine-oriented identifier reference for a specific target qualified by the type. Finding Target Identifier Reference: A machine-oriented identifier reference for a specific target qualified by the type. @@ -3803,7 +3719,7 @@ Observation Title: The title for this observation. - + @@ -3818,16 +3734,16 @@ Observation Description: A human-readable description of this assessment observation. - + @@ -3840,7 +3756,7 @@ Observation Method: Identifies how the observation was made. - + @@ -3853,15 +3769,15 @@ Observation Type: Identifies the nature of the observation. More than one may be used to further qualify and enable filtering. - + @@ -3886,16 +3802,16 @@ Relevant Evidence Description: A human-readable description of this evidence. - + @@ -3908,13 +3824,11 @@ Remarks: Additional commentary on the containing object. - + - + Relevant Evidence Reference @@ -3936,7 +3850,7 @@ Collected Field: Date/time stamp identifying when the finding information was collected. - + @@ -3949,7 +3863,7 @@ Expires Field: Date/time identifying when the finding information is out-of-date and no longer valid. Typically used with continuous assessment scenarios. - + @@ -3962,17 +3876,15 @@ Remarks: Additional commentary on the containing object. - + - + Observation Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Observation Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3990,11 +3902,11 @@ @@ -4010,15 +3922,15 @@ - + Actor Type @@ -4028,17 +3940,17 @@ Actor Type: The kind of actor. - + Actor Universally Unique Identifier Reference - A machine-oriented identifier reference to the tool or person based on the associated type. + A machine-oriented identifier reference to the tool or person based on the associated type. Actor Universally Unique Identifier Reference: A machine-oriented identifier reference to the tool or person based on the associated type. - + Actor Role @@ -4060,19 +3972,19 @@ @@ -4087,17 +3999,15 @@ - + Assessment Subject Placeholder Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. + A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. Assessment Subject Placeholder Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. @@ -4115,17 +4025,15 @@ Remarks: Additional commentary on the containing object. - + - + Task Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique task. + A machine-oriented identifier reference to a unique task. Task Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique task. @@ -4142,8 +4050,8 @@ Threat ID: A pointer, by ID, to an externally-defined threat. - - + + Threat Type Identification System @@ -4153,7 +4061,7 @@ Threat Type Identification System: Specifies the source of the threat information. - + Threat Information Resource Reference @@ -4187,7 +4095,7 @@ Risk Title: The title for this risk. - + @@ -4202,7 +4110,7 @@ Risk Description: A human-readable summary of the identified risk, to include a statement of how the risk impacts the system. - + @@ -4217,32 +4125,32 @@ Risk Statement: An summary of impact for how the risk affects the system. - + @@ -4267,38 +4175,38 @@ Mitigating Factor Description: A human-readable description of this mitigating factor. - + - + Mitigating Factor Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Mitigating Factor Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Implementation UUID - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Implementation UUID: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4316,11 +4224,11 @@ Risk Resolution Deadline: The date/time by which the risk must be resolved. - + @@ -4356,7 +4264,7 @@ Title: The title for this risk log entry. - + @@ -4371,7 +4279,7 @@ Risk Task Description: A human-readable description of what was done regarding the risk. - + @@ -4385,7 +4293,7 @@ Start: Identifies the start date and time of the event. - + @@ -4398,23 +4306,23 @@ End: Identifies the end date and time of the event. If the event is a point in time, the start and end will be the same date and time. - + @@ -4429,15 +4337,15 @@ @@ -4450,17 +4358,15 @@ Remarks: Additional commentary on the containing object. - + - + Response Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique risk response. + A machine-oriented identifier reference to a unique risk response. Response Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique risk response. @@ -4478,17 +4384,15 @@ Remarks: Additional commentary on the containing object. - + - + Risk Log Entry Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Risk Log Entry Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4509,11 +4413,11 @@ Related Observation: Relates the finding to a set of referenced observations that were used to determine the finding. - + Observation Universally Unique Identifier Reference - A machine-oriented identifier reference to an observation defined in the list of observations. + A machine-oriented identifier reference to an observation defined in the list of observations. Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. @@ -4522,11 +4426,11 @@ - + Risk Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Risk Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4542,17 +4446,17 @@ Logged By: Used to indicate who created a log entry in what role. - + Party UUID Reference - A machine-oriented identifier reference to the party who is making the log entry. + A machine-oriented identifier reference to the party who is making the log entry. Party UUID Reference: A machine-oriented identifier reference to the party who is making the log entry. - + Actor Role @@ -4572,7 +4476,7 @@ Risk Status: Describes the status of the associated risk. - + @@ -4585,15 +4489,15 @@ @@ -4608,11 +4512,11 @@ @@ -4625,13 +4529,11 @@ Remarks: Additional commentary on the containing object. - + - + Facet Name @@ -4641,7 +4543,7 @@ Facet Name: The name of the risk metric within the specified system. - + Naming System @@ -4651,7 +4553,7 @@ Naming System: Specifies the naming system under which this risk metric is organized, which allows for the same names to be used in different systems controlled by different parties. This avoids the potential of a name clash. - + Facet Value @@ -4686,7 +4588,7 @@ Response Title: The title for this response activity. - + @@ -4701,20 +4603,20 @@ Response Description: A human-readable description of this response plan. - + @@ -4729,7 +4631,7 @@ @@ -4743,7 +4645,7 @@ Title for Required Asset: The title for this required asset. - + @@ -4758,16 +4660,16 @@ Description of Required Asset: A human-readable description of this required asset. - + @@ -4780,17 +4682,15 @@ Remarks: Additional commentary on the containing object. - + - + Required Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Required Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4799,7 +4699,7 @@ @@ -4812,23 +4712,21 @@ Remarks: Additional commentary on the containing object. - + - + Remediation Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Remediation Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Remediation Intent @@ -4860,37 +4758,35 @@ Part Title: A name given to the part, which may be used by a tool for display and navigation. - + - + - + Part Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Part Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Part Name @@ -4900,7 +4796,7 @@ Part Name: A textual label that uniquely identifies the part's semantic type. - + Part Namespace @@ -4910,66 +4806,49 @@ Part Namespace: A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. - + Part Class - A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. Part Class: A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. - - - - - + + + + - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + - - - - - - - - - The content model is the same as blockElementType, but line endings need - to be preserved, since this is preformatted. - - - + + + + - + - The content model is the same as blockElementType, but line endings need + The content model is the same as inlineType, but line endings need to be preserved, since this is preformatted. @@ -4978,34 +4857,39 @@ + - - - + + + - + - - - - + + + + + - + - - + + + + + @@ -5014,49 +4898,55 @@ - - - - - - - - + + + + + + + + + + + + - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + - + + + - + + + + - - An insert can be used to identify a placeholder for dynamically inserting text related to a specific object, which is referenced by the object's identifier using an id-ref. This insert mechanism allows the selection of which text value from the object to dynamically include based on the application's display requirements. + An insert can be used to identify a placeholder for dynamically inserting text related to a specific object, which is referenced by the object's identifier using an id-ref. This insert mechanism allows the selection of which text value from the object to dynamically include based on the application's display requirements. @@ -5065,95 +4955,25 @@ - The identity of the object to insert a value for. The identity will be selected from the index of objects of the specified type. The specific value to include is based on the application's display requirements, which will likely use a specific data element associated with the type (e.g., title, identifier, value, etc.) that is appropriate for the application. + The identity of the object to insert a value for. The identity will be selected from the index of objects of the specified type. The specific value to include is based on the application's display requirements, which will likely use a specific data element associated with the type (e.g., title, identifier, value, etc.) that is appropriate for the application. - - - - - A string, but not empty and not whitespace-only (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) - - - - - - The xs:dateTime with a required timezone. - - - - - - An email address - - - - - - A URI - - - - - - A URI reference, such as a relative URL - - - - - - A Type 4 ('random' or 'pseudorandom' UUID per RFC 4122 - - - - - - A string token following the rules of XML "no colon" names, with no whitespace. (XML names are single alphabetic characters - followed by alphanumeric characters, periods, underscores or dashes.) - - - A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. - - - - - - - - The xs:date with a required timezone. - - - - - - - - - - The xs:dateTime with a required timezone. - + @@ -5161,7 +4981,7 @@ An email address - + Need a better pattern. @@ -5169,32 +4989,14 @@ - - - A host name - - - - - - The ip-v4-address type specifies an IPv4 address in - dot decimal notation. - - - - - - - - The ip-v6-address type specifies an IPv6 address - represented in 8 hextets separated by colons. - This is based on the pattern provided here: - https://stackoverflow.com/questions/53497/regular-expression-that-matches-valid-ipv6-addresses - with some customizations. - - - - + + + + + A trimmed string, at least one character with no + leading or trailing whitespace. + + @@ -5202,7 +5004,7 @@ A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. @@ -5210,18 +5012,38 @@ A string, but not empty and not whitespace-only - (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) + (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) The OSCAL 'string' datatype restricts the XSD type by prohibiting leading - and trailing whitespace, and something (not only whitespace) is required. + and trailing whitespace, and something (not only whitespace) is required. A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. + + + + + + + + A string token following the rules of XML "no + colon" names, with no whitespace. (XML names are single alphabetic + characters followed by alphanumeric characters, periods, underscores or dashes.) + + + + + + + + A single token may not contain whitespace. + @@ -5241,13 +5063,13 @@ A URI reference, such as a relative URL - + A trimmed URI, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. @@ -5255,14 +5077,14 @@ A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC - 4122. + 4122. - + A sequence of 8-4-4-4-12 hex digits, with extra - constraints in the 13th and 17-18th places for version 4 and 5 - + constraints in the 13th and 17-18th places for version 4 and 5 + diff --git a/xml/schema/oscal_profile_schema.xsd b/xml/schema/oscal_profile_schema.xsd index 9337de97f1..dc2156394b 100644 --- a/xml/schema/oscal_profile_schema.xsd +++ b/xml/schema/oscal_profile_schema.xsd @@ -1,8 +1,8 @@ - @@ -17,7 +17,7 @@ profile - + @@ -29,31 +29,31 @@ - + Profile Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this profile elsewhere in this or other OSCAL instances. The locally defined UUID of the profile can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This identifier should be assigned per-subject, which means it should be consistently used to identify the same profile across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this profile elsewhere in this or other OSCAL instances. The locally defined UUID of the profile can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This identifier should be assigned per-subject, which means it should be consistently used to identify the same profile across revisions of the document. Profile Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this profile elsewhere in this or other OSCAL instances. The locally defined UUID of the profile can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This identifier should be assigned per-subject, which means it should be consistently used to identify the same profile across revisions of the document. @@ -64,7 +64,7 @@ Import resource - The import designates a catalog or profile to be included (referenced and potentially modified) by this profile. The import also identifies which controls to select using the include-all, include-controls, and exclude-controls directives. + The import designates a catalog or profile to be included (referenced and potentially modified) by this profile. The import also identifies which controls to select using the include-all, include-controls, and exclude-controls directives. Import resource: The import designates a catalog or profile to be included (referenced and potentially modified) by this profile. The import also identifies which controls to select using the include-all, include-controls, and exclude-controls directives. @@ -72,20 +72,20 @@ - + Catalog or Profile Reference @@ -116,7 +116,7 @@ Combination rule: A Combine element defines how to combine multiple (competing) versions of the same control. - + Combination method @@ -151,7 +151,7 @@ As-Is Structuring Directive: An As-is element indicates that the controls should be structured in resolution as they are structured in their source catalogs. It does not contain any elements or attributes. - + @@ -166,11 +166,11 @@ @@ -200,48 +200,48 @@ Group Title: A name given to the group, which may be used by a tool for display and navigation. - + - + Group Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document. Group Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document. - + Group Class @@ -274,11 +274,11 @@ @@ -286,13 +286,13 @@ Parameter Label - A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. + A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. Parameter Label: A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. - + @@ -307,40 +307,40 @@ Parameter Usage Description: Describes the purpose and use of a parameter - + - + Parameter ID - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Parameter ID: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Parameter Class @@ -350,7 +350,7 @@ Parameter Class: A textual label that provides a characterization of the parameter. - + Depends on @@ -363,7 +363,7 @@ @@ -380,20 +380,20 @@ - + Order @@ -424,7 +424,7 @@ Match Controls by Identifier: - + @@ -437,11 +437,11 @@ Match Controls by Pattern: Select controls by (regular expression) match on ID - + Pattern - A glob expression matching the IDs of one or more controls to be selected. + A glob expression matching the IDs of one or more controls to be selected. Pattern: A glob expression matching the IDs of one or more controls to be selected. @@ -450,7 +450,7 @@ - + Include contained controls with control @@ -472,19 +472,19 @@ - + Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -500,7 +500,7 @@ Removal: Specifies objects to be removed from a control based on specific aspects of the object that must all match. - + Reference by (assigned) name @@ -510,42 +510,42 @@ Reference by (assigned) name: Identify items to remove by matching their assigned name - + Reference by class - Identify items to remove by matching their class. + Identify items to remove by matching their class. Reference by class: Identify items to remove by matching their class. - + Reference by ID - Identify items to remove indicated by their id. + Identify items to remove indicated by their id. Reference by ID: Identify items to remove indicated by their id. - + Item Name Reference - Identify items to remove by the name of the item's information element name, e.g. title or prop + Identify items to remove by the name of the item's information element name, e.g. title or prop Item Name Reference: Identify items to remove by the name of the item's information element name, e.g. title or prop - + Item Namespace Reference - Identify items to remove by the item's ns, which is the namespace associated with a part, or prop. + Identify items to remove by the item's ns, which is the namespace associated with a part, or prop. Item Namespace Reference: Identify items to remove by the item's ns, which is the namespace associated with a part, or prop. @@ -573,28 +573,28 @@ Title Change: A name given to the control, which may be used by a tool for display and navigation. - + - + Position @@ -604,7 +604,7 @@ Position: Where to add the new content with respect to the targeted element (beside it or inside it) - + Reference by ID @@ -636,62 +636,62 @@ Document Title: A name given to the document, which may be used by a tool for display and navigation. - + @@ -704,9 +704,7 @@ Remarks: Additional commentary on the containing object. - + @@ -732,32 +730,32 @@ Document Title: A name given to the document revision, which may be used by a tool for display and navigation. - + @@ -770,9 +768,7 @@ Remarks: Additional commentary on the containing object. - + @@ -798,20 +794,20 @@ Location Title: A name given to the location, which may be used by a tool for display and navigation. - + @@ -824,15 +820,15 @@ Location URL: The uniform resource locator (URL) for a web site or Internet presence associated with the location. - + @@ -845,17 +841,15 @@ Remarks: Additional commentary on the containing object. - + - + Location Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Location Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -866,12 +860,12 @@ Location Reference - A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Location Reference: A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -893,7 +887,7 @@ Party Name: The full name of the party. This is typically the legal name associated with the party. - + @@ -906,7 +900,7 @@ Party Short Name: A short common name, abbreviation, or acronym for the party. - + @@ -920,8 +914,8 @@ Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) - - + + External Identifier Schema @@ -936,28 +930,28 @@ @@ -966,12 +960,12 @@ Organizational Affiliation - A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Organizational Affiliation: A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -984,23 +978,21 @@ Remarks: Additional commentary on the containing object. - + - + Party Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Party Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Party Type @@ -1015,12 +1007,12 @@ Party Reference - A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Party Reference: A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -1043,7 +1035,7 @@ Role Title: A name given to the role, which may be used by a tool for display and navigation. - + @@ -1057,7 +1049,7 @@ Role Short Name: A short common name, abbreviation, or acronym for the role. - + @@ -1071,16 +1063,16 @@ Role Description: A summary of the role's purpose and associated responsibilities. - + @@ -1093,23 +1085,32 @@ Remarks: Additional commentary on the containing object. - + - + Role Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Role Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + + + + Role Identifier Reference + A human-oriented identifier reference to roles served by the user. + + + Role Identifier Reference: A human-oriented identifier reference to roles served by the user. + + + @@ -1142,7 +1143,7 @@ Resource Title: A name given to the resource, which may be used by a tool for display and navigation. - + @@ -1157,16 +1158,16 @@ Resource Description: A short summary of the resource used to indicate the purpose of the resource. - + @@ -1191,16 +1192,16 @@ Citation Text: A line of citation text. - + @@ -1218,11 +1219,11 @@ - + Hypertext Reference @@ -1232,11 +1233,11 @@ Hypertext Reference: A resolvable URI reference to a resource. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -1255,22 +1256,22 @@ Base64: The Base64 alphabet in RFC 2045 - aligned with XSD. - - + + File Name - Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. + Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. File Name: Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -1290,17 +1291,15 @@ Remarks: Additional commentary on the containing object. - + - + Resource Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Resource Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1330,13 +1329,11 @@ Remarks: Additional commentary on the containing object. - + - + Property Name @@ -1346,17 +1343,17 @@ Property Name: A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. - + Property Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Property Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Property Namespace @@ -1366,7 +1363,7 @@ Property Namespace: A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name. - + Property Value @@ -1376,11 +1373,11 @@ Property Value: Indicates the value of the attribute, characteristic, or quality. - + Property Class - A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. @@ -1408,12 +1405,12 @@ Link Text: A textual label to associate with the link, which may be used for presentation in a tool. - + - + Hypertext Reference @@ -1423,7 +1420,7 @@ Hypertext Reference: A resolvable URL reference to a resource. - + Relation @@ -1433,11 +1430,11 @@ Relation: Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -1455,15 +1452,15 @@ @@ -1476,17 +1473,15 @@ Remarks: Additional commentary on the containing object. - + - + Responsible Role - A human-oriented identifier reference to roles served by the user. + A human-oriented identifier reference to roles served by the user. Responsible Role: A human-oriented identifier reference to roles served by the user. @@ -1504,15 +1499,15 @@ @@ -1525,17 +1520,15 @@ Remarks: Additional commentary on the containing object. - + - + Responsible Role ID - A human-oriented identifier reference to roles responsible for the business function. + A human-oriented identifier reference to roles responsible for the business function. Responsible Role ID: A human-oriented identifier reference to roles responsible for the business function. @@ -1552,8 +1545,8 @@ Hash: A representation of a cryptographic digest generated over a resource using a specified hash algorithm. - - + + Hash algorithm @@ -1576,30 +1569,30 @@ Remarks: Additional commentary on the containing object. - + Publication Timestamp - The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. Publication Timestamp: The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. - + Last Modified Timestamp - The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. Last Modified Timestamp: The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. - + @@ -1610,7 +1603,7 @@ Document Version: A string used to distinguish the current version of the document from other previous (and future) versions. - + @@ -1621,18 +1614,18 @@ OSCAL version: The OSCAL model version the document was authored against. - + Email Address - An email address as defined by RFC 5322 Section 3.4.1. + An email address as defined by RFC 5322 Section 3.4.1. Email Address: An email address as defined by RFC 5322 Section 3.4.1. - + @@ -1644,8 +1637,8 @@ Telephone Number: Contact number by telephone. - - + + type flag @@ -1669,7 +1662,7 @@ @@ -1682,7 +1675,7 @@ City: City, town or geographical region for the mailing address. - + @@ -1695,7 +1688,7 @@ State: State, province or analogous geographical region for mailing address - + @@ -1708,7 +1701,7 @@ Postal Code: Postal or ZIP code for mailing address - + @@ -1721,11 +1714,11 @@ Country Code: The ISO 3166-1 alpha-2 country code for the mailing address. - + - + Address Type @@ -1745,20 +1738,20 @@ Address line: A single line of an address. - + Document Identifier - A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. Document Identifier: A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. - - + + Document Identification Scheme @@ -1792,37 +1785,35 @@ Part Title: A name given to the part, which may be used by a tool for display and navigation. - + - + - + Part Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Part Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Part Name @@ -1832,7 +1823,7 @@ Part Name: A textual label that uniquely identifies the part's semantic type. - + Part Namespace @@ -1842,11 +1833,11 @@ Part Namespace: A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. - + Part Class - A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. Part Class: A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. @@ -1864,11 +1855,11 @@ @@ -1876,13 +1867,13 @@ Parameter Label - A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. + A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. Parameter Label: A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. - + @@ -1897,25 +1888,25 @@ Parameter Usage Description: Describes the purpose and use of a parameter - + @@ -1929,23 +1920,21 @@ Remarks: Additional commentary on the containing object. - + - + Parameter Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Parameter Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Parameter Class @@ -1955,7 +1944,7 @@ Parameter Class: A textual label that provides a characterization of the parameter. - + Depends on @@ -1987,7 +1976,7 @@ Constraint Description: A textual summary of the constraint to be applied. - + @@ -2012,7 +2001,7 @@ Constraint test: A formal (executable) expression of a constraint - + @@ -2025,9 +2014,7 @@ Remarks: Additional commentary on the containing object. - + @@ -2045,9 +2032,7 @@ Guideline: A prose statement that provides a recommendation for the use of a parameter. - + @@ -2059,7 +2044,7 @@ Parameter Value: A parameter value or set of values. - + @@ -2082,12 +2067,12 @@ Choice: A value selection among several such options - + - + Parameter Cardinality @@ -2108,55 +2093,38 @@ Include All: Include all controls from the imported catalog or profile resources. - - - - - + + + + - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + - - - - - - - - - The content model is the same as blockElementType, but line endings need - to be preserved, since this is preformatted. - - - + + + + - + - The content model is the same as blockElementType, but line endings need + The content model is the same as inlineType, but line endings need to be preserved, since this is preformatted. @@ -2165,34 +2133,39 @@ + - - - + + + - + - - - - + + + + + - + - - + + + + + @@ -2201,49 +2174,55 @@ - - - - - - - - + + + + + + + + + + + + - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + - + + + - + + + + - - An insert can be used to identify a placeholder for dynamically inserting text related to a specific object, which is referenced by the object's identifier using an id-ref. This insert mechanism allows the selection of which text value from the object to dynamically include based on the application's display requirements. + An insert can be used to identify a placeholder for dynamically inserting text related to a specific object, which is referenced by the object's identifier using an id-ref. This insert mechanism allows the selection of which text value from the object to dynamically include based on the application's display requirements. @@ -2252,95 +2231,35 @@ - The identity of the object to insert a value for. The identity will be selected from the index of objects of the specified type. The specific value to include is based on the application's display requirements, which will likely use a specific data element associated with the type (e.g., title, identifier, value, etc.) that is appropriate for the application. + The identity of the object to insert a value for. The identity will be selected from the index of objects of the specified type. The specific value to include is based on the application's display requirements, which will likely use a specific data element associated with the type (e.g., title, identifier, value, etc.) that is appropriate for the application. - - - - - A string, but not empty and not whitespace-only (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) - - - - - - The xs:dateTime with a required timezone. - - - - - - An email address - - - - - - A URI - - - - - - A URI reference, such as a relative URL - - - - - - A Type 4 ('random' or 'pseudorandom' UUID per RFC 4122 - - - - - - A string token following the rules of XML "no colon" names, with no whitespace. (XML names are single alphabetic characters - followed by alphanumeric characters, periods, underscores or dashes.) - - - A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. - - - - - - - - The xs:date with a required timezone. - - - - - - - - + + + + + A trimmed string, at least one character with no + leading or trailing whitespace. + + The xs:dateTime with a required timezone. - + @@ -2348,7 +2267,7 @@ An email address - + Need a better pattern. @@ -2356,59 +2275,41 @@ - - - A host name - - - - - - The ip-v4-address type specifies an IPv4 address in - dot decimal notation. - - - - - - + - The ip-v6-address type specifies an IPv6 address - represented in 8 hextets separated by colons. - This is based on the pattern provided here: - https://stackoverflow.com/questions/53497/regular-expression-that-matches-valid-ipv6-addresses - with some customizations. + A string, but not empty and not whitespace-only + (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) - - - - - - + + The OSCAL 'string' datatype restricts the XSD type by prohibiting leading + and trailing whitespace, and something (not only whitespace) is required. + + A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. - + - A string, but not empty and not whitespace-only - (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) + + A string token following the rules of XML "no + colon" names, with no whitespace. (XML names are single alphabetic + characters followed by alphanumeric characters, periods, underscores or dashes.) + - - - The OSCAL 'string' datatype restricts the XSD type by prohibiting leading - and trailing whitespace, and something (not only whitespace) is required. - - - + + + - A trimmed string, at least one character with no - leading or trailing whitespace. + + A single token may not contain whitespace. + @@ -2428,13 +2329,13 @@ A URI reference, such as a relative URL - + A trimmed URI, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. @@ -2442,14 +2343,14 @@ A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC - 4122. + 4122. - + A sequence of 8-4-4-4-12 hex digits, with extra - constraints in the 13th and 17-18th places for version 4 and 5 - + constraints in the 13th and 17-18th places for version 4 and 5 + diff --git a/xml/schema/oscal_ssp_schema.xsd b/xml/schema/oscal_ssp_schema.xsd index 05ea0adf8d..33fd2193af 100644 --- a/xml/schema/oscal_ssp_schema.xsd +++ b/xml/schema/oscal_ssp_schema.xsd @@ -1,8 +1,8 @@ - @@ -19,7 +19,7 @@ + type="oscal-ssp-system-security-plan-ASSEMBLY"/> @@ -31,35 +31,35 @@ - + System Security Plan Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this system security plan (SSP) elsewhere in this or other OSCAL instances. The locally defined UUID of the SSP can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this system security plan (SSP) elsewhere in this or other OSCAL instances. The locally defined UUID of the SSP can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. System Security Plan Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this system security plan (SSP) elsewhere in this or other OSCAL instances. The locally defined UUID of the SSP can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -86,13 +86,11 @@ Remarks: Additional commentary on the containing object. - + - + Profile Reference @@ -114,7 +112,7 @@ @@ -127,7 +125,7 @@ System Name - Full: The full name of the system. - + @@ -140,7 +138,7 @@ System Name - Short: A short name for the system, such as an acronym, that is suitable for display in a data table or summary list. - + @@ -154,20 +152,20 @@ System Description: A summary of the system. - + @@ -175,40 +173,40 @@ Security Sensitivity Level - The overall information system sensitivity categorization, such as defined by FIPS-199. + The overall information system sensitivity categorization, such as defined by FIPS-199. Security Sensitivity Level: The overall information system sensitivity categorization, such as defined by FIPS-199. - + @@ -221,9 +219,7 @@ Remarks: Additional commentary on the containing object. - + @@ -232,18 +228,18 @@ System Information - Contains details about all information types that are stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. + Contains details about all information types that are stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. System Information: Contains details about all information types that are stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. @@ -251,7 +247,7 @@ Information Type - Contains details about one information type that is stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. + Contains details about one information type that is stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. Information Type: Contains details about one information type that is stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. @@ -268,7 +264,7 @@ title field: A human readable name for the information type. This title should be meaningful within the context of the system. - + @@ -283,7 +279,7 @@ Information Type Description: A summary of how this information type is used within the system. - + @@ -292,7 +288,7 @@ Information Type Categorization - A set of information type identifiers qualified by the given identification system used, such as NIST SP 800-60. + A set of information type identifiers qualified by the given identification system used, such as NIST SP 800-60. Information Type Categorization: A set of information type identifiers qualified by the given identification system used, such as NIST SP 800-60. @@ -303,16 +299,16 @@ Information Type Systematized Identifier - A human-oriented, globally unique identifier qualified by the given identification system used, such as NIST SP 800-60. This identifier has cross-instance scope and can be used to reference this system elsewhere in this or other OSCAL instances. This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, globally unique identifier qualified by the given identification system used, such as NIST SP 800-60. This identifier has cross-instance scope and can be used to reference this system elsewhere in this or other OSCAL instances. This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Information Type Systematized Identifier: A human-oriented, globally unique identifier qualified by the given identification system used, such as NIST SP 800-60. This identifier has cross-instance scope and can be used to reference this system elsewhere in this or other OSCAL instances. This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + - + Information Type Identification System @@ -325,11 +321,11 @@ @@ -344,19 +340,19 @@ @@ -369,9 +365,7 @@ Adjustment Justification: If the selected security level is different from the base security level, this contains the justification for the change. - + @@ -389,19 +383,19 @@ @@ -414,9 +408,7 @@ Adjustment Justification: If the selected security level is different from the base security level, this contains the justification for the change. - + @@ -434,19 +426,19 @@ @@ -459,20 +451,18 @@ Adjustment Justification: If the selected security level is different from the base security level, this contains the justification for the change. - + - + Information Type Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this information type elsewhere in this or other OSCAL instances. The locally defined UUID of the information type can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this information type elsewhere in this or other OSCAL instances. The locally defined UUID of the information type can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Information Type Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this information type elsewhere in this or other OSCAL instances. The locally defined UUID of the information type can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -491,7 +481,7 @@ Base Level (Confidentiality, Integrity, or Availability): The prescribed base (Confidentiality, Integrity, or Availability) security impact level. - + @@ -502,7 +492,7 @@ Selected Level (Confidentiality, Integrity, or Availability): The selected (Confidentiality, Integrity, or Availability) security impact level. - + @@ -514,7 +504,7 @@ Adjustment Justification: If the selected security level is different from the base security level, this contains the justification for the change. - + @@ -539,7 +529,7 @@ Security Objective: Confidentiality: A target-level of confidentiality for the system, based on the sensitivity of information within the system. - + @@ -552,7 +542,7 @@ Security Objective: Integrity: A target-level of integrity for the system, based on the sensitivity of information within the system. - + @@ -565,7 +555,7 @@ Security Objective: Availability: A target-level of availability for the system, based on the sensitivity of information within the system. - + @@ -590,13 +580,11 @@ Remarks: Additional commentary on the containing object. - + - + State @@ -616,7 +604,7 @@ System Authorization Date: The date the system received its authorization. - + @@ -639,20 +627,20 @@ Authorization Boundary Description: A summary of the system's authorization boundary. - + @@ -665,9 +653,7 @@ Remarks: Additional commentary on the containing object. - + @@ -693,16 +679,16 @@ Diagram Description: A summary of the diagram. - + @@ -716,7 +702,7 @@ Caption: A brief caption to annotate the diagram. - + @@ -730,17 +716,15 @@ Remarks: Additional commentary on the containing object. - + - + Diagram ID - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this diagram elsewhere in this or other OSCAL instances. The locally defined UUID of the diagram can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this diagram elsewhere in this or other OSCAL instances. The locally defined UUID of the diagram can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Diagram ID: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this diagram elsewhere in this or other OSCAL instances. The locally defined UUID of the diagram can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -768,20 +752,20 @@ Network Architecture Description: A summary of the system's network architecture. - + @@ -794,9 +778,7 @@ Remarks: Additional commentary on the containing object. - + @@ -822,20 +804,20 @@ Data Flow Description: A summary of the system's data flow. - + @@ -848,9 +830,7 @@ Remarks: Additional commentary on the containing object. - + @@ -866,11 +846,11 @@ @@ -878,7 +858,7 @@ Leveraged Authorization - A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a common control provider. + A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a common control provider. Leveraged Authorization: A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a common control provider. @@ -895,16 +875,16 @@ title field: A human readable name for the leveraged authorization in the context of the system. - + @@ -912,16 +892,16 @@ party-uuid field - A machine-oriented identifier reference to the party that manages the leveraged system. + A machine-oriented identifier reference to the party that manages the leveraged system. party-uuid field: A machine-oriented identifier reference to the party that manages the leveraged system. - + @@ -934,17 +914,15 @@ Remarks: Additional commentary on the containing object. - + - + Leveraged Authorization Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope and can be used to reference this leveraged authorization elsewhere in this or other OSCAL instances. The locally defined UUID of the leveraged authorization can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope and can be used to reference this leveraged authorization elsewhere in this or other OSCAL instances. The locally defined UUID of the leveraged authorization can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Leveraged Authorization Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope and can be used to reference this leveraged authorization elsewhere in this or other OSCAL instances. The locally defined UUID of the leveraged authorization can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -953,15 +931,15 @@ @@ -974,9 +952,7 @@ Remarks: Additional commentary on the containing object. - + @@ -1002,16 +978,16 @@ Control Implementation Description: A statement describing important things to know about how this set of control satisfaction documentation is approached. - + @@ -1027,27 +1003,27 @@ @@ -1060,27 +1036,25 @@ Remarks: Additional commentary on the containing object. - + - + Control Requirement Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control requirement elsewhere in this or other OSCAL instances. The locally defined UUID of the control requirement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control requirement elsewhere in this or other OSCAL instances. The locally defined UUID of the control requirement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Control Requirement Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control requirement elsewhere in this or other OSCAL instances. The locally defined UUID of the control requirement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -1098,19 +1072,19 @@ @@ -1123,27 +1097,25 @@ Remarks: Additional commentary on the containing object. - + - + Control Statement Reference - A human-oriented identifier reference to a control statement. + A human-oriented identifier reference to a control statement. Control Statement Reference: A human-oriented identifier reference to a control statement. - + Control Statement Reference Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Control Statement Reference Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). @@ -1171,24 +1143,24 @@ Control Implementation Description: An implementation statement that describes how a control or a control statement is implemented within the referenced system component. - + @@ -1213,16 +1185,16 @@ Control Implementation Export Description: An implementation statement that describes the aspects of the control or control statement implementation that can be available to another system leveraging this system. - + @@ -1247,20 +1219,20 @@ Provided Control Implementation Description: An implementation statement that describes the aspects of the control or control statement implementation that can be provided to another system leveraging this system. - + @@ -1273,17 +1245,15 @@ Remarks: Additional commentary on the containing object. - + - + Provided Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this provided entry elsewhere in this or other OSCAL instances. The locally defined UUID of the provided entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this provided entry elsewhere in this or other OSCAL instances. The locally defined UUID of the provided entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Provided Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this provided entry elsewhere in this or other OSCAL instances. The locally defined UUID of the provided entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1313,20 +1283,20 @@ Control Implementation Responsibility Description: An implementation statement that describes the aspects of the control or control statement implementation that a leveraging system must implement to satisfy the control provided by a leveraged system. - + @@ -1339,27 +1309,25 @@ Remarks: Additional commentary on the containing object. - + - + Responsibility Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this responsibility elsewhere in this or other OSCAL instances. The locally defined UUID of the responsibility can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this responsibility elsewhere in this or other OSCAL instances. The locally defined UUID of the responsibility can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Responsibility Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this responsibility elsewhere in this or other OSCAL instances. The locally defined UUID of the responsibility can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Provided UUID - A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. + A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. Provided UUID: A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. @@ -1377,9 +1345,7 @@ Remarks: Additional commentary on the containing object. - + @@ -1407,38 +1373,38 @@ Inherited Control Implementation Description: An implementation statement that describes the aspects of a control or control statement implementation that a leveraging system is inheriting from a leveraged system. - + - + Inherited Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inherited entry elsewhere in this or other OSCAL instances. The locally defined UUID of the inherited control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inherited entry elsewhere in this or other OSCAL instances. The locally defined UUID of the inherited control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Inherited Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inherited entry elsewhere in this or other OSCAL instances. The locally defined UUID of the inherited control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Provided UUID - A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. + A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. Provided UUID: A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. @@ -1468,20 +1434,20 @@ Satisfied Control Implementation Responsibility Description: An implementation statement that describes the aspects of a control or control statement implementation that a leveraging system is implementing based on a requirement from a leveraged system. - + @@ -1494,27 +1460,25 @@ Remarks: Additional commentary on the containing object. - + - + Satisfied Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this satisfied control implementation entry elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this satisfied control implementation entry elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Satisfied Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this satisfied control implementation entry elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Responsibility UUID - A machine-oriented identifier reference to a control implementation that satisfies a responsibility imposed by a leveraged system. + A machine-oriented identifier reference to a control implementation that satisfies a responsibility imposed by a leveraged system. Responsibility UUID: A machine-oriented identifier reference to a control implementation that satisfies a responsibility imposed by a leveraged system. @@ -1523,7 +1487,7 @@ @@ -1536,27 +1500,25 @@ Remarks: Additional commentary on the containing object. - + - + Component Universally Unique Identifier Reference - A machine-oriented identifier reference to the component that is implemeting a given control. + A machine-oriented identifier reference to the component that is implemeting a given control. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to the component that is implemeting a given control. - + By-Component Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this by-component entry elsewhere in this or other OSCAL instances. The locally defined UUID of the by-component entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this by-component entry elsewhere in this or other OSCAL instances. The locally defined UUID of the by-component entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. By-Component Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this by-component entry elsewhere in this or other OSCAL instances. The locally defined UUID of the by-component entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1584,62 +1546,62 @@ Document Title: A name given to the document, which may be used by a tool for display and navigation. - + @@ -1652,9 +1614,7 @@ Remarks: Additional commentary on the containing object. - + @@ -1680,32 +1640,32 @@ Document Title: A name given to the document revision, which may be used by a tool for display and navigation. - + @@ -1718,9 +1678,7 @@ Remarks: Additional commentary on the containing object. - + @@ -1746,20 +1704,20 @@ Location Title: A name given to the location, which may be used by a tool for display and navigation. - + @@ -1772,15 +1730,15 @@ Location URL: The uniform resource locator (URL) for a web site or Internet presence associated with the location. - + @@ -1793,17 +1751,15 @@ Remarks: Additional commentary on the containing object. - + - + Location Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Location Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1814,12 +1770,12 @@ Location Reference - A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Location Reference: A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -1841,7 +1797,7 @@ Party Name: The full name of the party. This is typically the legal name associated with the party. - + @@ -1854,7 +1810,7 @@ Party Short Name: A short common name, abbreviation, or acronym for the party. - + @@ -1868,8 +1824,8 @@ Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) - - + + External Identifier Schema @@ -1884,28 +1840,28 @@ @@ -1914,12 +1870,12 @@ Organizational Affiliation - A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Organizational Affiliation: A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -1932,23 +1888,21 @@ Remarks: Additional commentary on the containing object. - + - + Party Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Party Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Party Type @@ -1963,12 +1917,12 @@ Party Reference - A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Party Reference: A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + @@ -1991,7 +1945,7 @@ Role Title: A name given to the role, which may be used by a tool for display and navigation. - + @@ -2005,7 +1959,7 @@ Role Short Name: A short common name, abbreviation, or acronym for the role. - + @@ -2019,16 +1973,16 @@ Role Description: A summary of the role's purpose and associated responsibilities. - + @@ -2041,17 +1995,15 @@ Remarks: Additional commentary on the containing object. - + - + Role Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Role Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2062,12 +2014,12 @@ Role Identifier Reference - A human-oriented identifier reference to roles served by the user. + A human-oriented identifier reference to roles served by the user. Role Identifier Reference: A human-oriented identifier reference to roles served by the user. - + @@ -2101,7 +2053,7 @@ Resource Title: A name given to the resource, which may be used by a tool for display and navigation. - + @@ -2116,16 +2068,16 @@ Resource Description: A short summary of the resource used to indicate the purpose of the resource. - + @@ -2150,16 +2102,16 @@ Citation Text: A line of citation text. - + @@ -2177,11 +2129,11 @@ - + Hypertext Reference @@ -2191,11 +2143,11 @@ Hypertext Reference: A resolvable URI reference to a resource. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -2214,22 +2166,22 @@ Base64: The Base64 alphabet in RFC 2045 - aligned with XSD. - - + + File Name - Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. + Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. File Name: Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -2249,17 +2201,15 @@ Remarks: Additional commentary on the containing object. - + - + Resource Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Resource Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2289,13 +2239,11 @@ Remarks: Additional commentary on the containing object. - + - + Property Name @@ -2305,17 +2253,17 @@ Property Name: A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. - + Property Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Property Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Property Namespace @@ -2325,7 +2273,7 @@ Property Namespace: A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name. - + Property Value @@ -2335,11 +2283,11 @@ Property Value: Indicates the value of the attribute, characteristic, or quality. - + Property Class - A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. @@ -2367,12 +2315,12 @@ Link Text: A textual label to associate with the link, which may be used for presentation in a tool. - + - + Hypertext Reference @@ -2382,7 +2330,7 @@ Hypertext Reference: A resolvable URL reference to a resource. - + Relation @@ -2392,11 +2340,11 @@ Relation: Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. - + Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. @@ -2414,15 +2362,15 @@ @@ -2435,17 +2383,15 @@ Remarks: Additional commentary on the containing object. - + - + Responsible Role - A human-oriented identifier reference to roles served by the user. + A human-oriented identifier reference to roles served by the user. Responsible Role: A human-oriented identifier reference to roles served by the user. @@ -2463,15 +2409,15 @@ @@ -2484,17 +2430,15 @@ Remarks: Additional commentary on the containing object. - + - + Responsible Role ID - A human-oriented identifier reference to roles responsible for the business function. + A human-oriented identifier reference to roles responsible for the business function. Responsible Role ID: A human-oriented identifier reference to roles responsible for the business function. @@ -2511,8 +2455,8 @@ Hash: A representation of a cryptographic digest generated over a resource using a specified hash algorithm. - - + + Hash algorithm @@ -2535,30 +2479,30 @@ Remarks: Additional commentary on the containing object. - + Publication Timestamp - The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. Publication Timestamp: The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. - + Last Modified Timestamp - The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. Last Modified Timestamp: The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. - + @@ -2569,7 +2513,7 @@ Document Version: A string used to distinguish the current version of the document from other previous (and future) versions. - + @@ -2580,18 +2524,18 @@ OSCAL version: The OSCAL model version the document was authored against. - + Email Address - An email address as defined by RFC 5322 Section 3.4.1. + An email address as defined by RFC 5322 Section 3.4.1. Email Address: An email address as defined by RFC 5322 Section 3.4.1. - + @@ -2603,8 +2547,8 @@ Telephone Number: Contact number by telephone. - - + + type flag @@ -2628,7 +2572,7 @@ @@ -2641,7 +2585,7 @@ City: City, town or geographical region for the mailing address. - + @@ -2654,7 +2598,7 @@ State: State, province or analogous geographical region for mailing address - + @@ -2667,7 +2611,7 @@ Postal Code: Postal or ZIP code for mailing address - + @@ -2680,11 +2624,11 @@ Country Code: The ISO 3166-1 alpha-2 country code for the mailing address. - + - + Address Type @@ -2704,20 +2648,20 @@ Address line: A single line of an address. - + Document Identifier - A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. Document Identifier: A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. - - + + Document Identification Scheme @@ -2751,7 +2695,7 @@ Component Title: A human readable name for the system component. - + @@ -2766,7 +2710,7 @@ Component Description: A description of the component, including information about its function. - + @@ -2781,16 +2725,16 @@ Purpose: A summary of the technological or business purpose of the component. - + @@ -2814,13 +2758,11 @@ Remarks: Additional commentary on the containing object. - + - + State @@ -2833,11 +2775,11 @@ @@ -2850,23 +2792,21 @@ Remarks: Additional commentary on the containing object. - + - + Component Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Component Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Component Type @@ -2898,30 +2838,30 @@ Protocol Title: A human readable name for the protocol (e.g., Transport Layer Security). - + - + Service Protocol Information Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Service Protocol Information Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Protocol Name - The common name of the protocol, which should be the appropriate "service name" from the IANA Service Name and Transport Protocol Port Number Registry. + The common name of the protocol, which should be the appropriate "service name" from the IANA Service Name and Transport Protocol Port Number Registry. Protocol Name: The common name of the protocol, which should be the appropriate "service name" from the IANA Service Name and Transport Protocol Port Number Registry. @@ -2937,7 +2877,7 @@ Port Range: Where applicable this is the IPv4 port range on which the service operates. - + Start @@ -2947,7 +2887,7 @@ Start: Indicates the starting port number in a port range - + End @@ -2957,7 +2897,7 @@ End: Indicates the ending port number in a port range - + Transport @@ -2988,13 +2928,11 @@ Remarks: Additional commentary on the containing object. - + - + Implementation State @@ -3026,7 +2964,7 @@ User Title: A name given to the user, which may be used by a tool for display and navigation. - + @@ -3040,7 +2978,7 @@ User Short Name: A short common name, abbreviation, or acronym for the user. - + @@ -3054,24 +2992,24 @@ User Description: A summary of the user's purpose within the system. - + @@ -3084,17 +3022,15 @@ Remarks: Additional commentary on the containing object. - + - + User Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. User Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3122,7 +3058,7 @@ Privilege Title: A human readable name for the privilege. - + @@ -3137,12 +3073,12 @@ Privilege Description: A summary of the privilege's purpose within the system. - + @@ -3156,7 +3092,7 @@ Functions Performed: Describes a function performed for a given authorized privilege by this user class. - + @@ -3179,20 +3115,20 @@ Inventory Item Description: A summary of the inventory item stating its purpose within the system. - + @@ -3207,15 +3143,15 @@ @@ -3228,17 +3164,15 @@ Remarks: Additional commentary on the containing object. - + - + Component Universally Unique Identifier Reference - A machine-oriented identifier reference to a component that is implemented as part of an inventory item. + A machine-oriented identifier reference to a component that is implemented as part of an inventory item. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to a component that is implemented as part of an inventory item. @@ -3256,17 +3190,15 @@ Remarks: Additional commentary on the containing object. - + - + Inventory Item Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Inventory Item Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3293,7 +3225,7 @@ Parameter Value: A parameter value or set of values. - + @@ -3306,17 +3238,15 @@ Remarks: Additional commentary on the containing object. - + - + Parameter ID - A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. + A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. Parameter ID: A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. @@ -3327,14 +3257,14 @@ System Identification - A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. + A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. System Identification: A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. - - + + Identification System Type @@ -3368,37 +3298,35 @@ Part Title: A name given to the part, which may be used by a tool for display and navigation. - + - + - + Part Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Part Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Part Name @@ -3408,7 +3336,7 @@ Part Name: A textual label that uniquely identifies the part's semantic type. - + Part Namespace @@ -3418,11 +3346,11 @@ Part Namespace: A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. - + Part Class - A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. Part Class: A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. @@ -3440,11 +3368,11 @@ @@ -3452,13 +3380,13 @@ Parameter Label - A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. + A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. Parameter Label: A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. - + @@ -3473,25 +3401,25 @@ Parameter Usage Description: Describes the purpose and use of a parameter - + @@ -3505,23 +3433,21 @@ Remarks: Additional commentary on the containing object. - + - + Parameter Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Parameter Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - + Parameter Class @@ -3531,7 +3457,7 @@ Parameter Class: A textual label that provides a characterization of the parameter. - + Depends on @@ -3563,7 +3489,7 @@ Constraint Description: A textual summary of the constraint to be applied. - + @@ -3588,7 +3514,7 @@ Constraint test: A formal (executable) expression of a constraint - + @@ -3601,9 +3527,7 @@ Remarks: Additional commentary on the containing object. - + @@ -3621,9 +3545,7 @@ Guideline: A prose statement that provides a recommendation for the use of a parameter. - + @@ -3635,7 +3557,7 @@ Parameter Value: A parameter value or set of values. - + @@ -3658,12 +3580,12 @@ Choice: A value selection among several such options - + - + Parameter Cardinality @@ -3684,55 +3606,38 @@ Include All: Include all controls from the imported catalog or profile resources. - - - - - + + + + - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + - - - - - - - - - The content model is the same as blockElementType, but line endings need - to be preserved, since this is preformatted. - - - + + + + - + - The content model is the same as blockElementType, but line endings need + The content model is the same as inlineType, but line endings need to be preserved, since this is preformatted. @@ -3741,34 +3646,39 @@ + - - - + + + - + - - - - + + + + + - + - - + + + + + @@ -3777,49 +3687,55 @@ - - - - - - - - + + + + + + + + + + + + - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + - + + + - + + + + - - An insert can be used to identify a placeholder for dynamically inserting text related to a specific object, which is referenced by the object's identifier using an id-ref. This insert mechanism allows the selection of which text value from the object to dynamically include based on the application's display requirements. + An insert can be used to identify a placeholder for dynamically inserting text related to a specific object, which is referenced by the object's identifier using an id-ref. This insert mechanism allows the selection of which text value from the object to dynamically include based on the application's display requirements. @@ -3828,68 +3744,16 @@ - The identity of the object to insert a value for. The identity will be selected from the index of objects of the specified type. The specific value to include is based on the application's display requirements, which will likely use a specific data element associated with the type (e.g., title, identifier, value, etc.) that is appropriate for the application. + The identity of the object to insert a value for. The identity will be selected from the index of objects of the specified type. The specific value to include is based on the application's display requirements, which will likely use a specific data element associated with the type (e.g., title, identifier, value, etc.) that is appropriate for the application. - - - - - A string, but not empty and not whitespace-only (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) - - - - - - The xs:dateTime with a required timezone. - - - - - - An email address - - - - - - A URI - - - - - - A URI reference, such as a relative URL - - - - - - A Type 4 ('random' or 'pseudorandom' UUID per RFC 4122 - - - - - - A string token following the rules of XML "no colon" names, with no whitespace. (XML names are single alphabetic characters - followed by alphanumeric characters, periods, underscores or dashes.) - - - A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. @@ -3899,24 +3763,11 @@ - - - The xs:date with a required timezone. - - - - - - - - - - The xs:dateTime with a required timezone. - + @@ -3924,7 +3775,7 @@ An email address - + Need a better pattern. @@ -3932,40 +3783,12 @@ - - - A host name - - - - - - The ip-v4-address type specifies an IPv4 address in - dot decimal notation. - - - - - - - - The ip-v6-address type specifies an IPv6 address - represented in 8 hextets separated by colons. - This is based on the pattern provided here: - https://stackoverflow.com/questions/53497/regular-expression-that-matches-valid-ipv6-addresses - with some customizations. - - - - - - - - + + A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. @@ -3973,18 +3796,38 @@ A string, but not empty and not whitespace-only - (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) + (whitespace is U+9, U+10, U+32 or [ \n\t]+ ) The OSCAL 'string' datatype restricts the XSD type by prohibiting leading - and trailing whitespace, and something (not only whitespace) is required. + and trailing whitespace, and something (not only whitespace) is required. A trimmed string, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. + + + + + + + + A string token following the rules of XML "no + colon" names, with no whitespace. (XML names are single alphabetic + characters followed by alphanumeric characters, periods, underscores or dashes.) + + + + + + + + A single token may not contain whitespace. + @@ -4004,13 +3847,13 @@ A URI reference, such as a relative URL - + A trimmed URI, at least one character with no - leading or trailing whitespace. + leading or trailing whitespace. @@ -4018,14 +3861,14 @@ A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC - 4122. + 4122. - + A sequence of 8-4-4-4-12 hex digits, with extra - constraints in the 13th and 17-18th places for version 4 and 5 - + constraints in the 13th and 17-18th places for version 4 and 5 + From 29a7f7a09dde58833c2958b378509ccf9f75a634 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 15 Jul 2022 07:55:02 -0400 Subject: [PATCH 023/138] Bump Saxon-HE from 10.6 to 10.8 in /build (#1375) Bumps Saxon-HE from 10.6 to 10.8. --- updated-dependencies: - dependency-name: net.sf.saxon:Saxon-HE dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- build/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/pom.xml b/build/pom.xml index 02f5f0ecb0..e31cb30468 100644 --- a/build/pom.xml +++ b/build/pom.xml @@ -34,7 +34,7 @@ net.sf.saxon Saxon-HE - 10.6 + 10.8 com.xmlcalabash From d8181a06875228e9bd7ee13514e6a47645cf8bbe Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 15 Jul 2022 07:55:26 -0400 Subject: [PATCH 024/138] Bump actions/setup-node from 3.4.0 to 3.4.1 (#1374) Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3.4.0 to 3.4.1. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/5b949b50c3461bbcd5a540b150c368278160234a...2fddd8803e2f5c9604345a0b591c3020ee971a93) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-metaschema-resources.yml | 2 +- .github/workflows/workflow-validate-repo-markdown.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-metaschema-resources.yml b/.github/workflows/workflow-generate-metaschema-resources.yml index e9a73d6681..97220f27cd 100644 --- a/.github/workflows/workflow-generate-metaschema-resources.yml +++ b/.github/workflows/workflow-generate-metaschema-resources.yml @@ -77,7 +77,7 @@ jobs: mkdir -p "${JAVA_CLASSPATH}" mvn dependency:copy-dependencies -DoutputDirectory="${JAVA_CLASSPATH}" - name: Set up NodeJS - uses: actions/setup-node@5b949b50c3461bbcd5a540b150c368278160234a + uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93 with: node-version-file: '${{ env.CHECKOUT_PATH }}/build/.nvmrc' cache: 'npm' diff --git a/.github/workflows/workflow-validate-repo-markdown.yml b/.github/workflows/workflow-validate-repo-markdown.yml index 9945e2d402..13090a1472 100644 --- a/.github/workflows/workflow-validate-repo-markdown.yml +++ b/.github/workflows/workflow-validate-repo-markdown.yml @@ -29,7 +29,7 @@ jobs: # Setup runtime environment # ------------------------- - name: Set up NodeJS - uses: actions/setup-node@5b949b50c3461bbcd5a540b150c368278160234a + uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93 with: node-version-file: 'build/.nvmrc' cache: 'npm' From d8a7b0320633bfe32dbe3ce0d45a5d06c7de39a6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 15 Jul 2022 07:55:44 -0400 Subject: [PATCH 025/138] Bump xmlcalabash from 1.2.5-100 to 1.4.1-100 in /build (#1363) Bumps [xmlcalabash](https://github.com/ndw/xmlcalabash1) from 1.2.5-100 to 1.4.1-100. - [Release notes](https://github.com/ndw/xmlcalabash1/releases) - [Commits](https://github.com/ndw/xmlcalabash1/compare/1.2.5-100...1.4.1-100) --- updated-dependencies: - dependency-name: com.xmlcalabash:xmlcalabash dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- build/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/pom.xml b/build/pom.xml index e31cb30468..d0d5f7dd3d 100644 --- a/build/pom.xml +++ b/build/pom.xml @@ -39,7 +39,7 @@ com.xmlcalabash xmlcalabash - 1.2.5-100 + 1.4.1-100 From de301e525b8d3f089e7e5b847353612e7be130de Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 15 Jul 2022 07:56:05 -0400 Subject: [PATCH 026/138] Bump golang from 1.18.3-bullseye to 1.18.4-bullseye in /build (#1361) Bumps golang from 1.18.3-bullseye to 1.18.4-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- build/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/Dockerfile b/build/Dockerfile index 5579fbf855..7401165665 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -11,7 +11,7 @@ RUN apt-get install -y \ apt-utils build-essential git jq libxml2-utils maven nodejs npm python3-pip unzip wget && \ apt-get clean -FROM golang:1.18.3-bullseye as oscal-hugo-build +FROM golang:1.18.4-bullseye as oscal-hugo-build RUN mkdir -p /go/src/github.com/usnistgov/OSCAL/build From 4e5296a76d93da36fb17f3294d478c590ae0c45e Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Fri, 22 Jul 2022 09:54:59 -0400 Subject: [PATCH 027/138] Update metaschema-docs Add mapping model to docs collection. --- build/ci-cd/config/metaschema-docs | 1 + 1 file changed, 1 insertion(+) diff --git a/build/ci-cd/config/metaschema-docs b/build/ci-cd/config/metaschema-docs index b99a5c9307..74c0208132 100644 --- a/build/ci-cd/config/metaschema-docs +++ b/build/ci-cd/config/metaschema-docs @@ -7,3 +7,4 @@ src/metaschema/oscal_component_metaschema.xml|model-reference|component-definiti src/metaschema/oscal_assessment-plan_metaschema.xml|model-reference|assessment-plan|Assessment Plan|assessment|assessment-plan src/metaschema/oscal_assessment-results_metaschema.xml|model-reference|assessment-results|Assessment Results|assessment|assessment-results src/metaschema/oscal_poam_metaschema.xml|model-reference|plan-of-action-and-milestones|Plan of Action and Milestones|assessment|poam +src/metaschema/oscal_mapping_metaschema.xml|model-reference|mapping|Control Mapping|control|mapping From 3b5e6a2b044f2247a1bc910f32329805d3b02ab3 Mon Sep 17 00:00:00 2001 From: Wendell Piez Date: Mon, 25 Jul 2022 11:52:00 -0400 Subject: [PATCH 028/138] Profile Resolution Spec clarification: validation of imported catalogs and profiles (#1380) Addresses #1312 --- .../profile-resolution/profile-resolution-specml.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/specifications/profile-resolution/profile-resolution-specml.xml b/src/specifications/profile-resolution/profile-resolution-specml.xml index 5fcffde022..cc97b90112 100644 --- a/src/specifications/profile-resolution/profile-resolution-specml.xml +++ b/src/specifications/profile-resolution/profile-resolution-specml.xml @@ -303,7 +303,7 @@ profile: -

    If the object fetched cannot be found or is not a valid OSCAL object, the tool MUST cease processing and provide an error.

    +

    If the object fetched cannot be found, or does not parse as an OSCAL catalog or profile, the tool MUST cease processing and provide an error.

    -

    Under this directive, colliding controls will result in invalid results, as they will both appear in the results with the same ID. Accordingly, this setting may be useful in ensuring integrity of references to controls as given in the profile: if any included control is called only once, clashing controls will not be produced and validation will succeed.

    +

    Under this directive, colliding controls will result in invalid results, as they will both appear in the results with the same ID. Accordingly, this setting may be useful in ensuring integrity of references to controls as given in the profile: if any included control is called only once, clashing controls will not be produced, disambiguating the result and avoiding validation errors.

    Date: Mon, 25 Jul 2022 12:50:01 -0400 Subject: [PATCH 029/138] Clarify how to determine target catalog `oscal-version` (#1386) * Revised text to address ambiguity around handling `oscal-version` in the generated catalog target based on the versions provided in the imports and source profile. Resolves #1272. * Adding swap space to resolve memory issue with Hugo build --- .github/workflows/workflow-generate-website-reference.yml | 5 +++++ .../profile-resolution/profile-resolution-specml.xml | 3 ++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index 69d211ea23..3be25f5eac 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -115,6 +115,11 @@ jobs: run: | cd "${{ env.BRANCH_PATH }}/build" go install -tags "extended" github.com/gohugoio/hugo + - name: Setup Swap Space + # Since Hugo is requiring more memory + uses: pierotofy/set-swap-space@49819abfb41bd9b44fb781159c033dba90353a7c + with: + swap-size-gb: 10 # Build Artifacts # --------------- - name: Generate Model Reference Documentation diff --git a/src/specifications/profile-resolution/profile-resolution-specml.xml b/src/specifications/profile-resolution/profile-resolution-specml.xml index cc97b90112..7930951bfa 100644 --- a/src/specifications/profile-resolution/profile-resolution-specml.xml +++ b/src/specifications/profile-resolution/profile-resolution-specml.xml @@ -1389,7 +1389,8 @@ control:

    The value of metadata:version in the target MUST be set with a string that identifies the version of that document. The metadata:version SHOULD be used to track updates to this specific output document.

  • -

    The value of metadata:oscal-version in the target MUST be set with a string that identifies the version of OSCAL used by this tool to resolve the profile (ex. 1.0.0). This value MUST be determined by compiling the oscal-versions from each imported document and the source profile, and taking the most recent minor version. If this version is more recent than what the resolution tool is using, then the value of oscal-version MUST be the version that the tool used internally. If any of the above OSCAL versions (imported document versions, source profile version, tool version) are of a different major version (the first digit differs), the tool SHOULD provide an error and cease processing.

    +

    The value of metadata:oscal-version in the target MUST be set to the value of the corresponding object (oscal-version) in the source profile.

    +

    If, in processing, a resolver encounters an imported profile or catalog source whose stated oscal-version denotes a version after the oscal-version of the profile, the resolver MAY report a fatal processing error and stop processing. "After" is defined according to the [precedence rules](https://semver.org/#spec-item-11) of Semantic Versioning 2.0, in which 1.0.1 is after 1.0.1-draft.

  • The value of metadata:last-modified in the target MUST be set with a valid timestamp representing the time the profile resolution completed.

    From 1212030c4957f5f2c658811724467c6326cc980e Mon Sep 17 00:00:00 2001 From: Wendell Piez Date: Mon, 25 Jul 2022 13:34:51 -0400 Subject: [PATCH 030/138] Profile Resolution spec: updated names of 'remove' directives (#1381) * Profile Resolution spec: updated names of 'remove' directives * Resolves #1246. Also repairs a few errors in surrounding copy. * Adding swap space to address Hugo memory exhaustion. Co-authored-by: David Waltermire --- .../workflows/workflow-generate-website.yml | 5 +++++ .../profile-resolution-specml.xml | 19 ++++++++++--------- 2 files changed, 15 insertions(+), 9 deletions(-) diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index c212ad7c03..17ef0679fc 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -86,6 +86,11 @@ jobs: cd "${BUILD_PATH}" mkdir -p "${JAVA_CLASSPATH}" mvn dependency:copy-dependencies -DoutputDirectory="${JAVA_CLASSPATH}" + - name: Setup Swap Space + # Since Hugo is requiring more memory + uses: pierotofy/set-swap-space@49819abfb41bd9b44fb781159c033dba90353a7c + with: + swap-size-gb: 10 # Build Artifacts # --------------- - name: Generate specification documentation diff --git a/src/specifications/profile-resolution/profile-resolution-specml.xml b/src/specifications/profile-resolution/profile-resolution-specml.xml index 7930951bfa..3b0636bdce 100644 --- a/src/specifications/profile-resolution/profile-resolution-specml.xml +++ b/src/specifications/profile-resolution/profile-resolution-specml.xml @@ -1325,27 +1325,28 @@ control:
    • - The remove directive criteria by-id MUST match an object if and only if its value is identical to the id value of that object. Because - id values are unique, this criteria will result in the remove directive removing only a single object. + The remove directive criterion by-id MUST match an object if and only if its value is identical to the id value of that object. Because + id values are unique, this criterion has the effect of removing a single object.

    • - The remove directive criteria name-ref MUST match an object if and only if its value is identical to the value of that object's name child. + The remove directive criterion by-name MUST match an object if and only if its value is identical to the value of that object's name child.

    • -

      The remove directive criteria ns-ref MUST match an object if and only if its value is identical to the value of that object's ns child.

      +

      The remove directive criterion by-ns MUST match an object if and only if its value is identical to the value of that object's ns child. This directive + is intended to be used in combination with by-name but may also be used to match all objects assigned to a given namespace (ns). Note that by-ns="http://csrc.nist.gov/ns/oscal" will address objects assigned to that namespace by default (where no explicit ns is given).

    • -

      The remove directive criteria class-ref MUST match an object if and only if its value is identical to the value of that object's class child.

      +

      The remove directive criterion by-class MUST match an object if and only if its value is identical to the value of that object's class child.

    • -

      The remove directive criteria item-name MUST match an object if and only if its value is identical to the value of that object's serialized name. For example, - remove:item-name:prop has the effect of removing all - propobjects from inside the control. +

      The remove directive criterion by-item-name MUST match an object if and only if its value is identical to the value of that object's serialized name. For example, + remove.by-item-name: "prop" has the effect of removing all + prop objects from inside the control.

      -

      In serialization formats that use arrays of objects in the OSCAL model, an object's name MUST be referenced as singular form of its containing parent array. For example, in the JSON format, remove:item-name:link would remove all of the objects inside of the links array.

      +

      In serialization formats that represent objects as (unlabeled) members of arrays, an object's name MUST be referenced in its (implicit) singular form, not the name of its containing array. For example, in the JSON format, remove.item-name: "link" would remove all members of the links array, along with the array itself (as being empty it would no longer be valid).

    From bd33bf72a02dda8894db2aadc6e6f4ef7b9eefeb Mon Sep 17 00:00:00 2001 From: galtm <40716346+galtm@users.noreply.github.com> Date: Mon, 25 Jul 2022 19:07:53 -0400 Subject: [PATCH 031/138] Test finish phase, plus minor XSLT enhancements and fixes (#1377) XSLT - Remove template that provides link to source, because metadata phase accomplished that - Add "[last()]" predicate when passing through elements that cannot appear twice - Align with schema by passing through revisions, document-id, location, and group/link but not control/annotation - Align with schema for param insertions, `` - Align with schema and spec for keeping items, `` XSpec - Add tests at the level of individual templates --- .../oscal-profile-resolve-finish.xsl | 75 +- .../testing/5_finished/finish.xspec | 701 ++++++++++++++---- 2 files changed, 591 insertions(+), 185 deletions(-) diff --git a/src/utils/util/resolver-pipeline/oscal-profile-resolve-finish.xsl b/src/utils/util/resolver-pipeline/oscal-profile-resolve-finish.xsl index 0d41da751a..b2720a86ee 100644 --- a/src/utils/util/resolver-pipeline/oscal-profile-resolve-finish.xsl +++ b/src/utils/util/resolver-pipeline/oscal-profile-resolve-finish.xsl @@ -16,17 +16,22 @@ - - - - - - - - - - + - + - - - - - - + + + + + + + + - + - + + @@ -92,20 +92,23 @@ - + + - - + - + + @@ -116,6 +119,8 @@ - + + diff --git a/src/utils/util/resolver-pipeline/testing/5_finished/finish.xspec b/src/utils/util/resolver-pipeline/testing/5_finished/finish.xspec index 7ecb1e686a..9fdca33ca1 100644 --- a/src/utils/util/resolver-pipeline/testing/5_finished/finish.xspec +++ b/src/utils/util/resolver-pipeline/testing/5_finished/finish.xspec @@ -1,171 +1,572 @@ - - - - - - - + + + + text + + + + + + + + + - - - - - Catalog - - - - - - Control A - - - - - - - Catalog - - - Control A - - - - - - - - - Catalog - - - - - - Control A - -

    goes here.

    -
    -
    -
    - - - - Catalog - - - - - - Control A - -

    goes here.

    -
    -
    -
    -
    + + + + + + + + + + + + + + + + + + Group 1 + + + Control A + +

    goes here.

    +
    +
    + + + + + + Catalog + +
    +
    + + + ... + + ... + ... + ... + ... + + +
    + + + + + Catalog X + 1.2 + + + Catalog Y + 1.3 + + + + + + + + + + + + + Catalog Y + 1.3 + + + + + + + + + + + + + Catalog + + + + + + Control A + + + + + + + Catalog + + + Control A + + + + + + + + + Catalog + + + + + + Control A + +

    goes here.

    +
    +
    +
    +
    + + + + Catalog + + + + + + Control A + +

    goes here.

    +
    +
    +
    +
    +
    +
    - - - + + + + - Catalog + + + + + + + + + + + + + + </metadata> - <control id="control_A"> - <title>Control A - A link - property - - - - - + + - Catalog - - - Control A - property - A link - - - - - - - + + <published/> + <last-modified/> + <version/> + <oscal-version/> + <revisions/> + <document-id/> + <prop/> + <link/> + <role/> + <location/> + <party/> + <responsible-party/> + <remarks/> + </metadata> + </x:expect> + </x:scenario> + <x:scenario label="Metadata with multiple elements of same type"> + <x:context> <metadata> - <title>Catalog + Title 1 + Title 2 + 2019-11-13T12:41:07.061-05:00 + 2019-11-13T12:41:07.061-05:00 + 2021-11-13T12:41:07.061-05:00 + 2021-11-13T12:41:07.061-05:00 + 1.0 + 1.0.1 + 1.1 + 1.0.2 + + + 1.0 + + + + + 1.1 + + +

    Remark 1

    +

    Remark 2

    - - citation - -
    -
    - - + + - Catalog + Title 2 + 2021-11-13T12:41:07.061-05:00 + 2021-11-13T12:41:07.061-05:00 + 1.1 + 1.0.2 + + + 1.1 + + +

    Remark 2

    -
    -
    + +
    - - - - - Catalog - - - Control A - link to good citation - - - unclaimed citation - good citation - - - - - - - Catalog - - - Control A - link to good citation - - - good citation - - - + + + + + + + + Catalog + + + Group A + A link + property + + + + + + Group A + property + A link + + + + + + + + Group A + Link Me + +

    Statement

    + +
    +
    +
    + + + Group A + + + Link Me +

    Statement

    +
    +
    +
    + + + + + + +

    goes here.

    +
    + Link Me + + + Group A +
    +
    + + + Group A + ... + + ... + ... + + + + +
    +
    + + + + Original title + Revised title + + + + + Revised title + + +
    - - - + + + + + + + + Catalog + + + Control A + A link + property + + + + + + Control A + property + A link + + + + + + + + Control A + Link Me + +

    Statement

    + +
    +
    +
    + + + Control A + + + Link Me +

    Statement

    +
    +
    +
    + + + + +

    Statement

    + Link Me + + + Control A +
    +
    + + + Control A + + + Link Me +

    Statement

    + + +
    +
    +
    + + - Control A - Link Me - -

    Statement

    - + Original title + First revision added during modify phase + Second revision added during modify phase
    -
    -
    - - + + - Control A - - - Link Me -

    Statement

    + Second revision added during modify phase
    -
    -
    + +
    +
    + + + + + + + + Group 1 + + + + + Control A + + + + + + + + + + + Group 1 + + + + + + + + Control A + +

    goes here.

    +
    +
    +
    +
    +
    + +
    + + + + + Group 1 + + + + + + Control A + + + + + + + + + + + +
    + + + + + + + Catalog + + + citation + + + + + + + + + + + + Catalog + + + Control A + link to good citation + + + unclaimed citation + good citation + + + + + + good citation + + + + + + + + Control A + + + + + + unclaimed citation + + + + + + + + + + + + + + + + + + + + + Catalog + + + Control A + link to good citation + + + + good citation + + + + +
    From 930fdacb0e6e929a9cd8a9f48a4d5aa27d2bcdac Mon Sep 17 00:00:00 2001 From: galtm <40716346+galtm@users.noreply.github.com> Date: Mon, 25 Jul 2022 19:08:36 -0400 Subject: [PATCH 032/138] Follow keep instruction for back-matter resources (#1378) If a back-matter resource has a keep instruction, the spec requirement "req-backmatter-keep" says not to replace the resource unless a later one also has a keep instruction. --- .../oscal-profile-resolve-merge.xsl | 14 +- .../testing/3_merged/merge.xspec | 121 ++++++++++++++++++ 2 files changed, 132 insertions(+), 3 deletions(-) diff --git a/src/utils/util/resolver-pipeline/oscal-profile-resolve-merge.xsl b/src/utils/util/resolver-pipeline/oscal-profile-resolve-merge.xsl index 89099f6f9f..2cc3b21aa0 100644 --- a/src/utils/util/resolver-pipeline/oscal-profile-resolve-merge.xsl +++ b/src/utils/util/resolver-pipeline/oscal-profile-resolve-merge.xsl @@ -110,10 +110,18 @@ + + + - - + + + diff --git a/src/utils/util/resolver-pipeline/testing/3_merged/merge.xspec b/src/utils/util/resolver-pipeline/testing/3_merged/merge.xspec index d9e44c873d..a20f188339 100644 --- a/src/utils/util/resolver-pipeline/testing/3_merged/merge.xspec +++ b/src/utils/util/resolver-pipeline/testing/3_merged/merge.xspec @@ -494,6 +494,127 @@ + + + + + + Control X1 + + + Ref BBB, first + + + + + + Control X2 + + + Ref BBB, second + + + + + + Ref BBB, third + + + + + + + + + Ref BBB, first + + + + Ref BBB, third + + + + + + + + + Control X1 + + + Ref BBB, first + + + + + + Control X2 + + + Ref BBB, second + + + + + + Ref BBB, third + + + + + + + + + + Ref BBB, third + + + + + + + + + + Control X1 + + + Ref BBB, first + + + + + + Control X2 + + + Ref BBB, second + + + + + + + Ref BBB, third + + + + + + + + + Ref BBB, second + + + + Ref BBB, third + + + + + From 01916eefdc2df9efca348bcbd6c90fc1605201b8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 11 Aug 2022 09:17:29 -0400 Subject: [PATCH 033/138] Bump lycheeverse/lychee-action from 1.5.0 to 1.5.1 (#1390) Bumps [lycheeverse/lychee-action](https://github.com/lycheeverse/lychee-action) from 1.5.0 to 1.5.1. - [Release notes](https://github.com/lycheeverse/lychee-action/releases) - [Commits](https://github.com/lycheeverse/lychee-action/compare/76ab977fedbeaeb32029313724a2e56a8a393548...4a5af7cd2958a2282cefbd9c10f63bdb89982d76) --- updated-dependencies: - dependency-name: lycheeverse/lychee-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-website.yml | 2 +- .github/workflows/workflow-validate-website-content.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index 17ef0679fc..13b09b7e54 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -141,7 +141,7 @@ jobs: retention-days: 5 - name: Link Checker id: linkchecker - uses: lycheeverse/lychee-action@76ab977fedbeaeb32029313724a2e56a8a393548 + uses: lycheeverse/lychee-action@4a5af7cd2958a2282cefbd9c10f63bdb89982d76 with: args: --exclude-file ./build/config/.lycheeignore --verbose --no-progress './docs/public/**/*.html' --accept 200,206,429 format: markdown diff --git a/.github/workflows/workflow-validate-website-content.yml b/.github/workflows/workflow-validate-website-content.yml index 9f4ca2b91e..158577c08d 100644 --- a/.github/workflows/workflow-validate-website-content.yml +++ b/.github/workflows/workflow-validate-website-content.yml @@ -33,7 +33,7 @@ jobs: path: ${{ inputs.site_git_ref_path }} - name: Check website HTML content links id: linkchecker - uses: lycheeverse/lychee-action@76ab977fedbeaeb32029313724a2e56a8a393548 + uses: lycheeverse/lychee-action@4a5af7cd2958a2282cefbd9c10f63bdb89982d76 with: args: --exclude-file ./build/config/.lycheeignore --verbose --no-progress --accept 200,206,429 './published/**/*.html' --exclude-mail env: From f3df74b7e2176537a74c9bcf6056aa0466e09d32 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 11 Aug 2022 09:36:59 -0400 Subject: [PATCH 034/138] Bump golang from 1.18.4-bullseye to 1.19.0-bullseye in /build (#1402) Bumps golang from 1.18.4-bullseye to 1.19.0-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- build/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/Dockerfile b/build/Dockerfile index 7401165665..d88f33ad51 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -11,7 +11,7 @@ RUN apt-get install -y \ apt-utils build-essential git jq libxml2-utils maven nodejs npm python3-pip unzip wget && \ apt-get clean -FROM golang:1.18.4-bullseye as oscal-hugo-build +FROM golang:1.19.0-bullseye as oscal-hugo-build RUN mkdir -p /go/src/github.com/usnistgov/OSCAL/build From b70886e94b3153b89e86bbfff62fabeb2995c443 Mon Sep 17 00:00:00 2001 From: Chris Compton Date: Thu, 11 Aug 2022 13:34:24 -0500 Subject: [PATCH 035/138] Add remarks field to Profile model modify.alter (add/remove). #1018 (#1404) --- src/metaschema/oscal_profile_metaschema.xml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/metaschema/oscal_profile_metaschema.xml b/src/metaschema/oscal_profile_metaschema.xml index 179e0c8fb6..24622f4de4 100644 --- a/src/metaschema/oscal_profile_metaschema.xml +++ b/src/metaschema/oscal_profile_metaschema.xml @@ -369,6 +369,9 @@ Item Namespace Reference Identify items to remove by the item's ns, which is the namespace associated with a part, or prop. + + +

    Use name-ref, class-ref, id-ref or generic-identifier to indicate class tokens or ID reference, or the formal name, of the component to be removed or erased from a control, when a catalog is resolved. The control affected is indicated by the pointer on the removal's parent (containing) alter element.

    To change an element, use remove to remove the element, then add to add it back again with changes.

    @@ -411,6 +414,7 @@ + From d93ecdb806706e44f44fb427a89c650734148b83 Mon Sep 17 00:00:00 2001 From: david-waltermire-nist Date: Thu, 11 Aug 2022 18:38:50 +0000 Subject: [PATCH 036/138] Publishing generated metaschema resources [ci skip] --- .../oscal_complete_xml-to-json-converter.xsl | 4 ++- .../oscal_profile_xml-to-json-converter.xsl | 4 ++- json/schema/oscal_complete_schema.json | 8 ++++-- json/schema/oscal_profile_schema.json | 8 ++++-- .../oscal_complete_json-to-xml-converter.xsl | 4 ++- .../oscal_profile_json-to-xml-converter.xsl | 4 ++- xml/schema/oscal_complete_schema.xsd | 28 +++++++++++++++++++ xml/schema/oscal_profile_schema.xsd | 28 +++++++++++++++++++ 8 files changed, 80 insertions(+), 8 deletions(-) diff --git a/json/convert/oscal_complete_xml-to-json-converter.xsl b/json/convert/oscal_complete_xml-to-json-converter.xsl index c7880f7f6c..546c42421f 100644 --- a/json/convert/oscal_complete_xml-to-json-converter.xsl +++ b/json/convert/oscal_complete_xml-to-json-converter.xsl @@ -1080,12 +1080,13 @@ - + + @@ -1122,6 +1123,7 @@
    +
    - + + @@ -715,6 +716,7 @@ + - + + @@ -559,6 +560,7 @@ + diff --git a/xml/convert/oscal_profile_json-to-xml-converter.xsl b/xml/convert/oscal_profile_json-to-xml-converter.xsl index 46718930c9..98f427d3d4 100644 --- a/xml/convert/oscal_profile_json-to-xml-converter.xsl +++ b/xml/convert/oscal_profile_json-to-xml-converter.xsl @@ -351,12 +351,13 @@ - + + @@ -370,6 +371,7 @@ + diff --git a/xml/schema/oscal_complete_schema.xsd b/xml/schema/oscal_complete_schema.xsd index 37b392106d..d1ad2f0d33 100644 --- a/xml/schema/oscal_complete_schema.xsd +++ b/xml/schema/oscal_complete_schema.xsd @@ -2453,6 +2453,21 @@ Removal: Specifies objects to be removed from a control based on specific aspects of the object that must all match. + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + @@ -2546,6 +2561,19 @@ type="oscal-catalog-common-part-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + diff --git a/xml/schema/oscal_profile_schema.xsd b/xml/schema/oscal_profile_schema.xsd index dc2156394b..f2b99849d2 100644 --- a/xml/schema/oscal_profile_schema.xsd +++ b/xml/schema/oscal_profile_schema.xsd @@ -500,6 +500,21 @@ Removal: Specifies objects to be removed from a control based on specific aspects of the object that must all match. + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + @@ -593,6 +608,19 @@ type="oscal-catalog-common-part-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + From b413079974071b8b3b42f8c6dc2a83077b5c2634 Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Wed, 17 Aug 2022 14:49:06 -0400 Subject: [PATCH 037/138] Profile alter model adjustments (#1418) * - Adjusted the profile metaschema to refactor the alter assemblies in a backwards-compatible way. - Enumerated the set of target item types for remove. - Fixed references to use current `by-` syntax. - Adjusted unit tests to support better add/remove testing. * Updated to latest metaschema development version * added default value `ending` for `add/@position`. --- build/metaschema | 2 +- src/metaschema/oscal_profile_metaschema.xml | 202 +++++++++--------- .../catalogs/abc-simple_catalog.xml | 4 +- .../modify-adds_profile.xml | 23 +- .../base-test_profile_RESOLVED.xml | 5 +- .../base2-test_profile_RESOLVED.xml | 5 +- .../exclude-call-test_profile_RESOLVED.xml | 5 +- .../import-twice_profile_RESOLVED.xml | 5 +- ...ll-with-children-test_profile_RESOLVED.xml | 5 +- .../merge-implicit-keep_profile_RESOLVED.xml | 10 +- .../modify-adds_profile_RESOLVED.xml | 19 +- .../profile-resolution-specml.xml | 4 +- 12 files changed, 170 insertions(+), 119 deletions(-) diff --git a/build/metaschema b/build/metaschema index 8478d8b72b..f28a588f0e 160000 --- a/build/metaschema +++ b/build/metaschema @@ -1 +1 @@ -Subproject commit 8478d8b72b432d1e87093d3389a0ffef971153bc +Subproject commit f28a588f0e9ac013125ed0f118f0fcaef4d1a6e2 diff --git a/src/metaschema/oscal_profile_metaschema.xml b/src/metaschema/oscal_profile_metaschema.xml index 24622f4de4..b801621f4d 100644 --- a/src/metaschema/oscal_profile_metaschema.xml +++ b/src/metaschema/oscal_profile_metaschema.xml @@ -258,9 +258,108 @@ - + + Alteration + An Alter element specifies changes to be made to an included control when a profile is resolved. - + + + + Removal + Specifies objects to be removed from a control based on specific aspects of the object that must all match. + + + Reference by (assigned) name + Identify items to remove by matching their assigned name + + + Reference by class + Identify items to remove by matching their class. + + + Reference by ID + Identify items to remove indicated by their id. + + + Item Name Reference + Identify items to remove by the name of the item's information element name, e.g. title or prop + + + A descendant parameter and all of its descendants. + A descendant property and all of its descendants. + A descendant link and all of its descendants. + A descendant parameter and all of its descendants. + A descendant mapping and all of its descendants. + A descendant mapping entry (map) and all of its descendants. + + + + + Item Namespace Reference + Identify items to remove by the item's ns, which is the namespace associated with a part, or prop. + + +

    Use by-name, by-class, by-id or by-item-name to indicate class tokens or ID reference, or the formal name, of the component to be removed or erased from a control, when a catalog is resolved. The control affected is indicated by the pointer on the removal's parent (containing) alter element.

    +

    To change an element, use remove to remove the element, then add to add it back again with changes.

    +
    +
    + + Addition + Specifies contents to be added into controls, in resolution + + + Position + Where to add the new content with respect to the targeted element (beside it or inside it) + + + Preceding the by-id target + Following the by-id target + Inside the control or by-id target, at the start + Inside the control or by-id target, at the end + + + + + Reference by ID + Target location of the addition. + + + + Title Change + A name given to the control, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + + + + + + &allowed-values-control-group-property-name; + + + +

    When no by-id is given, the addition is inserted into the control targeted by the alteration at the start or end as indicated by position. Only position values of "starting" or "ending" are permitted when there is no by-id.

    +

    by-id, when given, should indicate, by its ID, an element inside the control to serve as the anchor point for the addition. In this case, position value may be any of the permitted values.

    +
    +
    +
    + +

    Use @control-id to indicate the scope of alteration.

    +

    It is an error for two alter elements to apply to the same control. In practice, multiple alterations can be applied (together), but it creates confusion.

    +

    At present, no provision is made for altering many controls at once (for example, to systematically remove properties or add global properties); extending this element to match multiple control IDs could provide for this.

    +
    + @@ -328,105 +427,6 @@

    If with-child-controls is yes on the call to a control, no sibling callelements need to be used to call any controls appearing within it. Since generally, this is how control enhancements are represented (as controls within controls), this provides a way to include controls with all their dependent controls (enhancements) without having to call them individually.

    - - Alteration - An Alter element specifies changes to be made to an included control when a profile is resolved. - - - - - - - - - - -

    Use @control-id to indicate the scope of alteration.

    -

    It is an error for two alter elements to apply to the same control. In practice, multiple alterations can be applied (together), but it creates confusion.

    -

    At present, no provision is made for altering many controls at once (for example, to systematically remove properties or add global properties); extending this element to match multiple control IDs could provide for this.

    -
    -
    - - Removal - Specifies objects to be removed from a control based on specific aspects of the object that must all match. - - Reference by (assigned) name - Identify items to remove by matching their assigned name - - - Reference by class - Identify items to remove by matching their class. - - - Reference by ID - Identify items to remove indicated by their id. - - - Item Name Reference - Identify items to remove by the name of the item's information element name, e.g. title or prop - - - Item Namespace Reference - Identify items to remove by the item's ns, which is the namespace associated with a part, or prop. - - - - - -

    Use name-ref, class-ref, id-ref or generic-identifier to indicate class tokens or ID reference, or the formal name, of the component to be removed or erased from a control, when a catalog is resolved. The control affected is indicated by the pointer on the removal's parent (containing) alter element.

    -

    To change an element, use remove to remove the element, then add to add it back again with changes.

    -
    -
    - - Addition - Specifies contents to be added into controls, in resolution - - Position - Where to add the new content with respect to the targeted element (beside it or inside it) - - - Preceding the id-ref target - Following the id-ref target - Inside the control or id-ref target, at the start - Inside the control or id-ref target, at the end - - - - - Reference by ID - Target location of the addition. - - - - Title Change - A name given to the control, which may be used by a tool for display and navigation. - - - - - - - - - - - - - - - - - - - - &allowed-values-control-group-property-name; - - - -

    When no id-ref is given, the addition is inserted into the control targeted by the alteration at the start or end as indicated by position. Only position values of "starting" or "ending" are permitted when there is no id-ref.

    -

    id-ref, when given, should indicate, by its ID, an element inside the control to serve as the anchor point for the addition. In this case, position value may be any of the permitted values.

    -
    -
    Include contained controls with control When a control is included, whether its child (dependent) controls are also included. diff --git a/src/specifications/profile-resolution/profile-resolution-examples/catalogs/abc-simple_catalog.xml b/src/specifications/profile-resolution/profile-resolution-examples/catalogs/abc-simple_catalog.xml index b838be9ad0..f27dc2cd95 100644 --- a/src/specifications/profile-resolution/profile-resolution-examples/catalogs/abc-simple_catalog.xml +++ b/src/specifications/profile-resolution/profile-resolution-examples/catalogs/abc-simple_catalog.xml @@ -20,7 +20,7 @@ -

    A1 aaaaa aaaaaaaaaa

    +

    A1 aaaaa aaaaaaaaaa

    @@ -37,7 +37,7 @@ -

    A3 aaaaa aaaaaaaaaa

    +

    A3 aaaaa aaaaaaaaaa

    diff --git a/src/specifications/profile-resolution/profile-resolution-examples/modify-adds_profile.xml b/src/specifications/profile-resolution/profile-resolution-examples/modify-adds_profile.xml index c286a320c2..be71b6ce5f 100644 --- a/src/specifications/profile-resolution/profile-resolution-examples/modify-adds_profile.xml +++ b/src/specifications/profile-resolution/profile-resolution-examples/modify-adds_profile.xml @@ -34,16 +34,35 @@
    - + - + + + + + + + + + + + + +

    A1 bbbbb bbbbb

    +
    +
    + + +

    A1 ccc ccc

    +
    +
    diff --git a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/base-test_profile_RESOLVED.xml b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/base-test_profile_RESOLVED.xml index ba4c5907ae..3f2f9c65de 100644 --- a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/base-test_profile_RESOLVED.xml +++ b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/base-test_profile_RESOLVED.xml @@ -11,9 +11,12 @@ Control A1 + + + -

    A1 aaaaa aaaaaaaaaa

    +

    A1 aaaaa aaaaaaaaaa

    diff --git a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/base2-test_profile_RESOLVED.xml b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/base2-test_profile_RESOLVED.xml index 282ff94354..45889b7112 100644 --- a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/base2-test_profile_RESOLVED.xml +++ b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/base2-test_profile_RESOLVED.xml @@ -11,9 +11,12 @@ Control A1 + + + -

    A1 aaaaa aaaaaaaaaa

    +

    A1 aaaaa aaaaaaaaaa

    diff --git a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/exclude-call-test_profile_RESOLVED.xml b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/exclude-call-test_profile_RESOLVED.xml index 14b60e834b..5187371f20 100644 --- a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/exclude-call-test_profile_RESOLVED.xml +++ b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/exclude-call-test_profile_RESOLVED.xml @@ -18,9 +18,12 @@ Control A3 + + + -

    A3 aaaaa aaaaaaaaaa

    +

    A3 aaaaa aaaaaaaaaa

    diff --git a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/import-twice_profile_RESOLVED.xml b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/import-twice_profile_RESOLVED.xml index ba2af7bf12..bf17578251 100644 --- a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/import-twice_profile_RESOLVED.xml +++ b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/import-twice_profile_RESOLVED.xml @@ -11,9 +11,12 @@ Control A1 + + + -

    A1 aaaaa aaaaaaaaaa

    +

    A1 aaaaa aaaaaaaaaa

    diff --git a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/include-call-with-children-test_profile_RESOLVED.xml b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/include-call-with-children-test_profile_RESOLVED.xml index f07802e74a..a423fc51b1 100644 --- a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/include-call-with-children-test_profile_RESOLVED.xml +++ b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/include-call-with-children-test_profile_RESOLVED.xml @@ -11,9 +11,12 @@ Control A1 + + + -

    A1 aaaaa aaaaaaaaaa

    +

    A1 aaaaa aaaaaaaaaa

    diff --git a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/merge-implicit-keep_profile_RESOLVED.xml b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/merge-implicit-keep_profile_RESOLVED.xml index d4816f91ed..3b08c70d4b 100644 --- a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/merge-implicit-keep_profile_RESOLVED.xml +++ b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/merge-implicit-keep_profile_RESOLVED.xml @@ -11,9 +11,12 @@ Control A1 + + + -

    A1 aaaaa aaaaaaaaaa

    +

    A1 aaaaa aaaaaaaaaa

    @@ -25,9 +28,12 @@ Control A1 + + + -

    A1 aaaaa aaaaaaaaaa

    +

    A1 aaaaa aaaaaaaaaa

    diff --git a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/modify-adds_profile_RESOLVED.xml b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/modify-adds_profile_RESOLVED.xml index c331b3d7c4..5c50e01bf5 100644 --- a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/modify-adds_profile_RESOLVED.xml +++ b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/modify-adds_profile_RESOLVED.xml @@ -13,7 +13,12 @@ Group A of C Control A1 + + + + + @@ -22,13 +27,19 @@ - + -

    A1 aaaaa aaaaaaaaaa

    +

    A1 aaaaa aaaaaaaaaa

    + +

    A1 ccc ccc

    +
    +
    + +

    A1 bbbbb bbbbb

    @@ -41,9 +52,9 @@ - + -

    A3 aaaaa aaaaaaaaaa

    +

    A3 aaaaa aaaaaaaaaa

    diff --git a/src/specifications/profile-resolution/profile-resolution-specml.xml b/src/specifications/profile-resolution/profile-resolution-specml.xml index 3b0636bdce..763445a43b 100644 --- a/src/specifications/profile-resolution/profile-resolution-specml.xml +++ b/src/specifications/profile-resolution/profile-resolution-specml.xml @@ -1055,9 +1055,9 @@ intermediate:

    For the following objects inside the source: class, depends-on, label, usage, values, select; the object MUST be copied into the target from the source, first removing any existing objects with the same name.

  • -

    For the following objects inside the source: props, links, constraints, guidelines; the contents of the object MUST be added to the contents of the target object of the same name. If no such object exists in the target, it is created.

    +

    For the following objects inside the source: prop, link, constraint, guideline; the contents of the object MUST be added to the contents of the target object of the same name. If no such object exists in the target, it is created.

  • -
  • For the following objects inside the source: prop, link; the object MUST be copied into the target from the source, first removing any existing objects with the same distinctive ID. ().

  • +
  • For the following objects inside the source: prop, link; the object MUST be copied into the target from the source, first removing any existing objects with the same distinctive ID. ().

  • If more than one set-parameter directive is given for the same parameter, all MUST BE applied, in the sequence given in the profile. From 0c1720dee8614de5d594337d8404cb68694fbc9e Mon Sep 17 00:00:00 2001 From: david-waltermire-nist Date: Wed, 17 Aug 2022 18:53:56 +0000 Subject: [PATCH 038/138] Publishing generated metaschema resources [ci skip] --- .../oscal_complete_xml-to-json-converter.xsl | 173 ++++----- .../oscal_profile_xml-to-json-converter.xsl | 173 ++++----- json/schema/oscal_complete_schema.json | 201 +++++------ json/schema/oscal_profile_schema.json | 201 +++++------ .../oscal_complete_json-to-xml-converter.xsl | 117 +++--- .../oscal_profile_json-to-xml-converter.xsl | 117 +++--- xml/schema/oscal_complete_schema.xsd | 338 ++++++++---------- xml/schema/oscal_profile_schema.xsd | 338 ++++++++---------- 8 files changed, 798 insertions(+), 860 deletions(-) diff --git a/json/convert/oscal_complete_xml-to-json-converter.xsl b/json/convert/oscal_complete_xml-to-json-converter.xsl index 546c42421f..2663bd9176 100644 --- a/json/convert/oscal_complete_xml-to-json-converter.xsl +++ b/json/convert/oscal_complete_xml-to-json-converter.xsl @@ -1056,76 +1056,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -3559,7 +3489,7 @@ - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/json/convert/oscal_profile_xml-to-json-converter.xsl b/json/convert/oscal_profile_xml-to-json-converter.xsl index a08da118ab..47a70380bf 100644 --- a/json/convert/oscal_profile_xml-to-json-converter.xsl +++ b/json/convert/oscal_profile_xml-to-json-converter.xsl @@ -649,76 +649,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -1175,7 +1105,7 @@ - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/json/schema/oscal_complete_schema.json b/json/schema/oscal_complete_schema.json index 0e10dcf054..e17dd4d87d 100644 --- a/json/schema/oscal_complete_schema.json +++ b/json/schema/oscal_complete_schema.json @@ -1368,7 +1368,105 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-profile_alter" } } }, + { "title" : "Alteration", + "description" : "An Alter element specifies changes to be made to an included control when a profile is resolved.", + "type" : "object", + "properties" : + { "control-id" : + { "title" : "Control Identifier Reference", + "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "$ref" : "#/definitions/TokenDatatype" }, + "removes" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Removal", + "description" : "Specifies objects to be removed from a control based on specific aspects of the object that must all match.", + "type" : "object", + "properties" : + { "by-name" : + { "title" : "Reference by (assigned) name", + "description" : "Identify items to remove by matching their assigned name", + "$ref" : "#/definitions/TokenDatatype" }, + "by-class" : + { "title" : "Reference by class", + "description" : "Identify items to remove by matching their class.", + "$ref" : "#/definitions/TokenDatatype" }, + "by-id" : + { "title" : "Reference by ID", + "description" : "Identify items to remove indicated by their id.", + "$ref" : "#/definitions/TokenDatatype" }, + "by-item-name" : + { "title" : "Item Name Reference", + "description" : "Identify items to remove by the name of the item's information element name, e.g. title or prop", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "param", + "prop", + "link", + "part", + "mapping", + "map" ] } ] }, + "by-ns" : + { "title" : "Item Namespace Reference", + "description" : "Identify items to remove by the item's ns, which is the namespace associated with a part, or prop.", + "$ref" : "#/definitions/TokenDatatype" } }, + "additionalProperties" : false } }, + "adds" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Addition", + "description" : "Specifies contents to be added into controls, in resolution", + "type" : "object", + "properties" : + { "position" : + { "title" : "Position", + "description" : "Where to add the new content with respect to the targeted element (beside it or inside it)", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "before", + "after", + "starting", + "ending" ] } ] }, + "by-id" : + { "title" : "Reference by ID", + "description" : "Target location of the addition.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Title Change", + "description" : "A name given to the control, which may be used by a tool for display and navigation.", + "type" : "string" }, + "params" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-catalog-common_parameter" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-catalog-common_part" } } }, + "additionalProperties" : false } } }, + "required" : + [ "control-id" ], + "additionalProperties" : false } } }, "additionalProperties" : false }, "oscal-complete-oscal-profile:insert-controls" : { "title" : "Select controls", @@ -1437,107 +1535,6 @@ "$ref" : "#/definitions/StringDatatype" } }, "additionalProperties" : false } } }, "additionalProperties" : false }, - "oscal-complete-oscal-profile:alter" : - { "title" : "Alteration", - "description" : "An Alter element specifies changes to be made to an included control when a profile is resolved.", - "$id" : "#assembly_oscal-profile_alter", - "type" : "object", - "properties" : - { "control-id" : - { "title" : "Control Identifier Reference", - "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "$ref" : "#/definitions/TokenDatatype" }, - "removes" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-profile_remove" } }, - "adds" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-profile_add" } } }, - "required" : - [ "control-id" ], - "additionalProperties" : false }, - "oscal-complete-oscal-profile:remove" : - { "title" : "Removal", - "description" : "Specifies objects to be removed from a control based on specific aspects of the object that must all match.", - "$id" : "#assembly_oscal-profile_remove", - "type" : "object", - "properties" : - { "by-name" : - { "title" : "Reference by (assigned) name", - "description" : "Identify items to remove by matching their assigned name", - "$ref" : "#/definitions/TokenDatatype" }, - "by-class" : - { "title" : "Reference by class", - "description" : "Identify items to remove by matching their class.", - "$ref" : "#/definitions/TokenDatatype" }, - "by-id" : - { "title" : "Reference by ID", - "description" : "Identify items to remove indicated by their id.", - "$ref" : "#/definitions/TokenDatatype" }, - "by-item-name" : - { "title" : "Item Name Reference", - "description" : "Identify items to remove by the name of the item's information element name, e.g. title or prop", - "$ref" : "#/definitions/TokenDatatype" }, - "by-ns" : - { "title" : "Item Namespace Reference", - "description" : "Identify items to remove by the item's ns, which is the namespace associated with a part, or prop.", - "$ref" : "#/definitions/TokenDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "additionalProperties" : false }, - "oscal-complete-oscal-profile:add" : - { "title" : "Addition", - "description" : "Specifies contents to be added into controls, in resolution", - "$id" : "#assembly_oscal-profile_add", - "type" : "object", - "properties" : - { "position" : - { "title" : "Position", - "description" : "Where to add the new content with respect to the targeted element (beside it or inside it)", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "before", - "after", - "starting", - "ending" ] } ] }, - "by-id" : - { "title" : "Reference by ID", - "description" : "Target location of the addition.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Title Change", - "description" : "A name given to the control, which may be used by a tool for display and navigation.", - "type" : "string" }, - "params" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-catalog-common_part" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "additionalProperties" : false }, "oscal-complete-oscal-component-definition:component-definition" : { "title" : "Component Definition", "description" : "A collection of component descriptions, which may optionally be grouped by capability.", diff --git a/json/schema/oscal_profile_schema.json b/json/schema/oscal_profile_schema.json index 03764b25f7..af7fbaeddd 100644 --- a/json/schema/oscal_profile_schema.json +++ b/json/schema/oscal_profile_schema.json @@ -225,7 +225,105 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-profile_alter" } } }, + { "title" : "Alteration", + "description" : "An Alter element specifies changes to be made to an included control when a profile is resolved.", + "type" : "object", + "properties" : + { "control-id" : + { "title" : "Control Identifier Reference", + "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "$ref" : "#/definitions/TokenDatatype" }, + "removes" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Removal", + "description" : "Specifies objects to be removed from a control based on specific aspects of the object that must all match.", + "type" : "object", + "properties" : + { "by-name" : + { "title" : "Reference by (assigned) name", + "description" : "Identify items to remove by matching their assigned name", + "$ref" : "#/definitions/TokenDatatype" }, + "by-class" : + { "title" : "Reference by class", + "description" : "Identify items to remove by matching their class.", + "$ref" : "#/definitions/TokenDatatype" }, + "by-id" : + { "title" : "Reference by ID", + "description" : "Identify items to remove indicated by their id.", + "$ref" : "#/definitions/TokenDatatype" }, + "by-item-name" : + { "title" : "Item Name Reference", + "description" : "Identify items to remove by the name of the item's information element name, e.g. title or prop", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "param", + "prop", + "link", + "part", + "mapping", + "map" ] } ] }, + "by-ns" : + { "title" : "Item Namespace Reference", + "description" : "Identify items to remove by the item's ns, which is the namespace associated with a part, or prop.", + "$ref" : "#/definitions/TokenDatatype" } }, + "additionalProperties" : false } }, + "adds" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Addition", + "description" : "Specifies contents to be added into controls, in resolution", + "type" : "object", + "properties" : + { "position" : + { "title" : "Position", + "description" : "Where to add the new content with respect to the targeted element (beside it or inside it)", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "before", + "after", + "starting", + "ending" ] } ] }, + "by-id" : + { "title" : "Reference by ID", + "description" : "Target location of the addition.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Title Change", + "description" : "A name given to the control, which may be used by a tool for display and navigation.", + "type" : "string" }, + "params" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-catalog-common_parameter" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-catalog-common_part" } } }, + "additionalProperties" : false } } }, + "required" : + [ "control-id" ], + "additionalProperties" : false } } }, "additionalProperties" : false }, "oscal-profile-oscal-profile:insert-controls" : { "title" : "Select controls", @@ -294,107 +392,6 @@ "$ref" : "#/definitions/StringDatatype" } }, "additionalProperties" : false } } }, "additionalProperties" : false }, - "oscal-profile-oscal-profile:alter" : - { "title" : "Alteration", - "description" : "An Alter element specifies changes to be made to an included control when a profile is resolved.", - "$id" : "#assembly_oscal-profile_alter", - "type" : "object", - "properties" : - { "control-id" : - { "title" : "Control Identifier Reference", - "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "$ref" : "#/definitions/TokenDatatype" }, - "removes" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-profile_remove" } }, - "adds" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-profile_add" } } }, - "required" : - [ "control-id" ], - "additionalProperties" : false }, - "oscal-profile-oscal-profile:remove" : - { "title" : "Removal", - "description" : "Specifies objects to be removed from a control based on specific aspects of the object that must all match.", - "$id" : "#assembly_oscal-profile_remove", - "type" : "object", - "properties" : - { "by-name" : - { "title" : "Reference by (assigned) name", - "description" : "Identify items to remove by matching their assigned name", - "$ref" : "#/definitions/TokenDatatype" }, - "by-class" : - { "title" : "Reference by class", - "description" : "Identify items to remove by matching their class.", - "$ref" : "#/definitions/TokenDatatype" }, - "by-id" : - { "title" : "Reference by ID", - "description" : "Identify items to remove indicated by their id.", - "$ref" : "#/definitions/TokenDatatype" }, - "by-item-name" : - { "title" : "Item Name Reference", - "description" : "Identify items to remove by the name of the item's information element name, e.g. title or prop", - "$ref" : "#/definitions/TokenDatatype" }, - "by-ns" : - { "title" : "Item Namespace Reference", - "description" : "Identify items to remove by the item's ns, which is the namespace associated with a part, or prop.", - "$ref" : "#/definitions/TokenDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "additionalProperties" : false }, - "oscal-profile-oscal-profile:add" : - { "title" : "Addition", - "description" : "Specifies contents to be added into controls, in resolution", - "$id" : "#assembly_oscal-profile_add", - "type" : "object", - "properties" : - { "position" : - { "title" : "Position", - "description" : "Where to add the new content with respect to the targeted element (beside it or inside it)", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "before", - "after", - "starting", - "ending" ] } ] }, - "by-id" : - { "title" : "Reference by ID", - "description" : "Target location of the addition.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Title Change", - "description" : "A name given to the control, which may be used by a tool for display and navigation.", - "type" : "string" }, - "params" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-catalog-common_part" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "additionalProperties" : false }, "oscal-profile-oscal-metadata:metadata" : { "title" : "Publication metadata", "description" : "Provides information about the publication and availability of the containing document.", diff --git a/xml/convert/oscal_complete_json-to-xml-converter.xsl b/xml/convert/oscal_complete_json-to-xml-converter.xsl index 7fc07a82d2..dd7dc5fe81 100644 --- a/xml/convert/oscal_complete_json-to-xml-converter.xsl +++ b/xml/convert/oscal_complete_json-to-xml-converter.xsl @@ -528,41 +528,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -2220,7 +2185,7 @@ - + - - + - - + - - + - - + - - + - - + - - + - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/xml/convert/oscal_profile_json-to-xml-converter.xsl b/xml/convert/oscal_profile_json-to-xml-converter.xsl index 98f427d3d4..3979630fa6 100644 --- a/xml/convert/oscal_profile_json-to-xml-converter.xsl +++ b/xml/convert/oscal_profile_json-to-xml-converter.xsl @@ -339,41 +339,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -901,7 +866,7 @@ - + - - + - - + - - + - - + - - + - - + - - + - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/xml/schema/oscal_complete_schema.xsd b/xml/schema/oscal_complete_schema.xsd index d1ad2f0d33..55dcbf0af4 100644 --- a/xml/schema/oscal_complete_schema.xsd +++ b/xml/schema/oscal_complete_schema.xsd @@ -2315,10 +2315,158 @@ - + + + + + Alteration + An Alter element specifies changes to be made to an included control when a profile is resolved. + + + Alteration: An Alter element specifies changes to be made to an included control when a profile is resolved. + + + + + + + Removal + Specifies objects to be removed from a control based on specific aspects of the object that must all match. + + + Removal: Specifies objects to be removed from a control based on specific aspects of the object that must all match. + + + + + Reference by (assigned) name + Identify items to remove by matching their assigned name + + + Reference by (assigned) name: Identify items to remove by matching their assigned name + + + + + + Reference by class + Identify items to remove by matching their class. + + + Reference by class: Identify items to remove by matching their class. + + + + + + Reference by ID + Identify items to remove indicated by their id. + + + Reference by ID: Identify items to remove indicated by their id. + + + + + + Item Name Reference + Identify items to remove by the name of the item's information element name, e.g. title or prop + + + + Item Name Reference: Identify items to remove by the name of the item's information element name, e.g. title or prop + + + + + + Item Namespace Reference + Identify items to remove by the item's ns, which is the namespace associated with a part, or prop. + + + Item Namespace Reference: Identify items to remove by the item's ns, which is the namespace associated with a part, or prop. + + + + + + + + + Addition + Specifies contents to be added into controls, in resolution + + + Addition: Specifies contents to be added into controls, in resolution + + + + + + + Title Change + A name given to the control, which may be used by a tool for display and navigation. + + + Title Change: A name given to the control, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + + Position + Where to add the new content with respect to the targeted element (beside it or inside it) + + + Position: Where to add the new content with respect to the targeted element (beside it or inside it) + + + + + + Reference by ID + Target location of the addition. + + + Reference by ID: Target location of the addition. + + + + + + + + + Control Identifier Reference + A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + + + Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + + + + @@ -2414,188 +2562,6 @@ - - - - Alteration - An Alter element specifies changes to be made to an included control when a profile is resolved. - - - Alteration: An Alter element specifies changes to be made to an included control when a profile is resolved. - - - - - - - - - Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). - - - Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). - - - - - - - Removal - Specifies objects to be removed from a control based on specific aspects of the object that must all match. - - - Removal: Specifies objects to be removed from a control based on specific aspects of the object that must all match. - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - - - - - - - - - - Reference by (assigned) name - Identify items to remove by matching their assigned name - - - Reference by (assigned) name: Identify items to remove by matching their assigned name - - - - - - Reference by class - Identify items to remove by matching their class. - - - Reference by class: Identify items to remove by matching their class. - - - - - - Reference by ID - Identify items to remove indicated by their id. - - - Reference by ID: Identify items to remove indicated by their id. - - - - - - Item Name Reference - Identify items to remove by the name of the item's information element name, e.g. title or prop - - - - Item Name Reference: Identify items to remove by the name of the item's information element name, e.g. title or prop - - - - - - Item Namespace Reference - Identify items to remove by the item's ns, which is the namespace associated with a part, or prop. - - - Item Namespace Reference: Identify items to remove by the item's ns, which is the namespace associated with a part, or prop. - - - - - - - Addition - Specifies contents to be added into controls, in resolution - - - Addition: Specifies contents to be added into controls, in resolution - - - - - - - Title Change - A name given to the control, which may be used by a tool for display and navigation. - - - Title Change: A name given to the control, which may be used by a tool for display and navigation. - - - - - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - - - - - - - - - - Position - Where to add the new content with respect to the targeted element (beside it or inside it) - - - Position: Where to add the new content with respect to the targeted element (beside it or inside it) - - - - - - Reference by ID - Target location of the addition. - - - Reference by ID: Target location of the addition. - - - diff --git a/xml/schema/oscal_profile_schema.xsd b/xml/schema/oscal_profile_schema.xsd index f2b99849d2..01883f7e04 100644 --- a/xml/schema/oscal_profile_schema.xsd +++ b/xml/schema/oscal_profile_schema.xsd @@ -362,10 +362,158 @@ - + + + + + Alteration + An Alter element specifies changes to be made to an included control when a profile is resolved. + + + Alteration: An Alter element specifies changes to be made to an included control when a profile is resolved. + + + + + + + Removal + Specifies objects to be removed from a control based on specific aspects of the object that must all match. + + + Removal: Specifies objects to be removed from a control based on specific aspects of the object that must all match. + + + + + Reference by (assigned) name + Identify items to remove by matching their assigned name + + + Reference by (assigned) name: Identify items to remove by matching their assigned name + + + + + + Reference by class + Identify items to remove by matching their class. + + + Reference by class: Identify items to remove by matching their class. + + + + + + Reference by ID + Identify items to remove indicated by their id. + + + Reference by ID: Identify items to remove indicated by their id. + + + + + + Item Name Reference + Identify items to remove by the name of the item's information element name, e.g. title or prop + + + + Item Name Reference: Identify items to remove by the name of the item's information element name, e.g. title or prop + + + + + + Item Namespace Reference + Identify items to remove by the item's ns, which is the namespace associated with a part, or prop. + + + Item Namespace Reference: Identify items to remove by the item's ns, which is the namespace associated with a part, or prop. + + + + + + + + + Addition + Specifies contents to be added into controls, in resolution + + + Addition: Specifies contents to be added into controls, in resolution + + + + + + + Title Change + A name given to the control, which may be used by a tool for display and navigation. + + + Title Change: A name given to the control, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + + Position + Where to add the new content with respect to the targeted element (beside it or inside it) + + + Position: Where to add the new content with respect to the targeted element (beside it or inside it) + + + + + + Reference by ID + Target location of the addition. + + + Reference by ID: Target location of the addition. + + + + + + + + + Control Identifier Reference + A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + + + Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + + + + @@ -461,188 +609,6 @@ - - - - Alteration - An Alter element specifies changes to be made to an included control when a profile is resolved. - - - Alteration: An Alter element specifies changes to be made to an included control when a profile is resolved. - - - - - - - - - Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). - - - Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). - - - - - - - Removal - Specifies objects to be removed from a control based on specific aspects of the object that must all match. - - - Removal: Specifies objects to be removed from a control based on specific aspects of the object that must all match. - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - - - - - - - - - - Reference by (assigned) name - Identify items to remove by matching their assigned name - - - Reference by (assigned) name: Identify items to remove by matching their assigned name - - - - - - Reference by class - Identify items to remove by matching their class. - - - Reference by class: Identify items to remove by matching their class. - - - - - - Reference by ID - Identify items to remove indicated by their id. - - - Reference by ID: Identify items to remove indicated by their id. - - - - - - Item Name Reference - Identify items to remove by the name of the item's information element name, e.g. title or prop - - - - Item Name Reference: Identify items to remove by the name of the item's information element name, e.g. title or prop - - - - - - Item Namespace Reference - Identify items to remove by the item's ns, which is the namespace associated with a part, or prop. - - - Item Namespace Reference: Identify items to remove by the item's ns, which is the namespace associated with a part, or prop. - - - - - - - Addition - Specifies contents to be added into controls, in resolution - - - Addition: Specifies contents to be added into controls, in resolution - - - - - - - Title Change - A name given to the control, which may be used by a tool for display and navigation. - - - Title Change: A name given to the control, which may be used by a tool for display and navigation. - - - - - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - - - - - - - - - - Position - Where to add the new content with respect to the targeted element (beside it or inside it) - - - Position: Where to add the new content with respect to the targeted element (beside it or inside it) - - - - - - Reference by ID - Target location of the addition. - - - Reference by ID: Target location of the addition. - - - From 2d6886851f2d09af61a77b0c78bd9e89dcc88155 Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Thu, 18 Aug 2022 17:50:10 -0400 Subject: [PATCH 039/138] Added legacy Withdrawn status with deprecation entry (#1419) --- src/metaschema/oscal_catalog_metaschema.xml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/metaschema/oscal_catalog_metaschema.xml b/src/metaschema/oscal_catalog_metaschema.xml index 085650df48..f036a5beac 100644 --- a/src/metaschema/oscal_catalog_metaschema.xml +++ b/src/metaschema/oscal_catalog_metaschema.xml @@ -197,13 +197,14 @@ - + &allowed-values-control-group-property-name; The status of a control. For example, a value of 'withdrawn' can indicate that the control has been withdrawn and should no longer be used. The control is no longer used. + **(deprecated)*** Use 'withdrawn' instead. The link cites an external resource related to this control. @@ -218,7 +219,7 @@ A set of control implementation requirements. Additional information to consider when selecting, implementing, assessing, and monitoring a control. **(deprecated)** Use 'assessment-method' instead. - The part describes a method-based assessment over a set of assessment objects. + The part describes a method-based assessment over a set of assessment objects. An individual item within a control statement. From 967c1bcc9ca3256beadd3ad3e45781da200eb549 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 20 Aug 2022 22:32:26 -0400 Subject: [PATCH 040/138] Bump actions/github-script from 6.1.0 to 6.1.1 (#1415) Bumps [actions/github-script](https://github.com/actions/github-script) from 6.1.0 to 6.1.1. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/7a5c598405937d486b0331594b5da2b14db670da...d50f485531ba88479582bc2da03ff424389af5c1) --- updated-dependencies: - dependency-name: actions/github-script dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-website.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index 13b09b7e54..2f7885dc03 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -153,12 +153,12 @@ jobs: name: html-link-report path: html-link-report.md retention-days: 5 - - uses: actions/github-script@7a5c598405937d486b0331594b5da2b14db670da + - uses: actions/github-script@d50f485531ba88479582bc2da03ff424389af5c1 if: steps.linkchecker.outputs.exit_code != 0 with: script: | core.setFailed('Link checker detected broken or invalid links, read attached report.') - - uses: actions/github-script@7a5c598405937d486b0331594b5da2b14db670da + - uses: actions/github-script@d50f485531ba88479582bc2da03ff424389af5c1 if: steps.linkchecker.outputs.exit_code != 0 && (github.event.inputs.bad_links_fail_build == 'true' || inputs.bad_links_fail_build == true) with: script: | From 05082b179ed0bb96ffe9195fb14e5dd58c8865c5 Mon Sep 17 00:00:00 2001 From: Alexander Stein Date: Sat, 20 Aug 2022 22:39:46 -0400 Subject: [PATCH 041/138] Add grouping construct to props for usnistgov/OSCAL#1064. (#1412) --- src/metaschema/oscal_metadata_metaschema.xml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/metaschema/oscal_metadata_metaschema.xml b/src/metaschema/oscal_metadata_metaschema.xml index 59ede0c383..2ea0c03416 100644 --- a/src/metaschema/oscal_metadata_metaschema.xml +++ b/src/metaschema/oscal_metadata_metaschema.xml @@ -67,6 +67,7 @@ + @@ -644,6 +645,13 @@

    A class can be used in validation rules to express extra constraints over named items of a specific class value.

    + + Property Group + An identifier for relating distinct sets of properties. + +

    Different sets of properties may relate to separate contexts. Declare a group on a property to associate it with one or more other properties in a given context.

    +
    +
    From 6d19f8476c4ab8cb33064dd415312d04f67973ba Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Sat, 20 Aug 2022 22:42:52 -0400 Subject: [PATCH 042/138] Updates mapping model documentation to fix a copy and paste error. (#1409) --- src/metaschema/oscal_mapping-common_metaschema.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/metaschema/oscal_mapping-common_metaschema.xml b/src/metaschema/oscal_mapping-common_metaschema.xml index 6372a9d035..5330cedf9a 100644 --- a/src/metaschema/oscal_mapping-common_metaschema.xml +++ b/src/metaschema/oscal_mapping-common_metaschema.xml @@ -73,8 +73,8 @@ - Subject Type - The semantic type of the subject. + Subject Identifier Reference + A reference to an identified subject that is of the specified type. From 1b53dd9dc76b491bf2affedaf3875beeb50bc57b Mon Sep 17 00:00:00 2001 From: david-waltermire-nist Date: Sun, 21 Aug 2022 02:47:08 +0000 Subject: [PATCH 043/138] Publishing generated metaschema resources [ci skip] --- ...cal_assessment-plan_xml-to-json-converter.xsl | 12 ++++++++++++ ..._assessment-results_xml-to-json-converter.xsl | 12 ++++++++++++ .../oscal_catalog_xml-to-json-converter.xsl | 12 ++++++++++++ .../oscal_complete_xml-to-json-converter.xsl | 12 ++++++++++++ .../oscal_component_xml-to-json-converter.xsl | 12 ++++++++++++ .../oscal_mapping_xml-to-json-converter.xsl | 12 ++++++++++++ .../convert/oscal_poam_xml-to-json-converter.xsl | 12 ++++++++++++ .../oscal_profile_xml-to-json-converter.xsl | 12 ++++++++++++ json/convert/oscal_ssp_xml-to-json-converter.xsl | 12 ++++++++++++ json/schema/oscal_assessment-plan_schema.json | 4 ++++ json/schema/oscal_assessment-results_schema.json | 4 ++++ json/schema/oscal_catalog_schema.json | 8 ++++++-- json/schema/oscal_complete_schema.json | 8 ++++++-- json/schema/oscal_component_schema.json | 4 ++++ json/schema/oscal_mapping_schema.json | 8 ++++++-- json/schema/oscal_poam_schema.json | 4 ++++ json/schema/oscal_profile_schema.json | 4 ++++ json/schema/oscal_ssp_schema.json | 4 ++++ ...cal_assessment-plan_json-to-xml-converter.xsl | 13 +++++++++++++ ..._assessment-results_json-to-xml-converter.xsl | 13 +++++++++++++ .../oscal_catalog_json-to-xml-converter.xsl | 13 +++++++++++++ .../oscal_complete_json-to-xml-converter.xsl | 13 +++++++++++++ .../oscal_component_json-to-xml-converter.xsl | 13 +++++++++++++ .../oscal_mapping_json-to-xml-converter.xsl | 13 +++++++++++++ xml/convert/oscal_poam_json-to-xml-converter.xsl | 13 +++++++++++++ .../oscal_profile_json-to-xml-converter.xsl | 13 +++++++++++++ xml/convert/oscal_ssp_json-to-xml-converter.xsl | 13 +++++++++++++ xml/schema/oscal_assessment-plan_schema.xsd | 10 ++++++++++ xml/schema/oscal_assessment-results_schema.xsd | 10 ++++++++++ xml/schema/oscal_catalog_schema.xsd | 16 +++++++++++++--- xml/schema/oscal_complete_schema.xsd | 16 +++++++++++++--- xml/schema/oscal_component_schema.xsd | 10 ++++++++++ xml/schema/oscal_mapping_schema.xsd | 16 +++++++++++++--- xml/schema/oscal_poam_schema.xsd | 10 ++++++++++ xml/schema/oscal_profile_schema.xsd | 10 ++++++++++ xml/schema/oscal_ssp_schema.xsd | 10 ++++++++++ 36 files changed, 366 insertions(+), 15 deletions(-) diff --git a/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl b/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl index 276ea99eaf..cd149ddadb 100644 --- a/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl +++ b/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl @@ -188,6 +188,7 @@ + @@ -1210,6 +1211,17 @@ + + + + + diff --git a/json/convert/oscal_assessment-results_xml-to-json-converter.xsl b/json/convert/oscal_assessment-results_xml-to-json-converter.xsl index d459ede185..ee43bae3b7 100644 --- a/json/convert/oscal_assessment-results_xml-to-json-converter.xsl +++ b/json/convert/oscal_assessment-results_xml-to-json-converter.xsl @@ -180,6 +180,7 @@ + @@ -1668,6 +1669,17 @@ + + + + + diff --git a/json/convert/oscal_catalog_xml-to-json-converter.xsl b/json/convert/oscal_catalog_xml-to-json-converter.xsl index e6db7db99f..074f599465 100644 --- a/json/convert/oscal_catalog_xml-to-json-converter.xsl +++ b/json/convert/oscal_catalog_xml-to-json-converter.xsl @@ -190,6 +190,7 @@ + @@ -872,6 +873,17 @@ + + + + + diff --git a/json/convert/oscal_complete_xml-to-json-converter.xsl b/json/convert/oscal_complete_xml-to-json-converter.xsl index 2663bd9176..bcb4cc42b8 100644 --- a/json/convert/oscal_complete_xml-to-json-converter.xsl +++ b/json/convert/oscal_complete_xml-to-json-converter.xsl @@ -190,6 +190,7 @@ + @@ -2975,6 +2976,17 @@ + + + + + diff --git a/json/convert/oscal_component_xml-to-json-converter.xsl b/json/convert/oscal_component_xml-to-json-converter.xsl index e630632c4c..575225bf0f 100644 --- a/json/convert/oscal_component_xml-to-json-converter.xsl +++ b/json/convert/oscal_component_xml-to-json-converter.xsl @@ -192,6 +192,7 @@ + @@ -677,6 +678,17 @@ + + + + + diff --git a/json/convert/oscal_mapping_xml-to-json-converter.xsl b/json/convert/oscal_mapping_xml-to-json-converter.xsl index 2a2e20da12..2ad08821ab 100644 --- a/json/convert/oscal_mapping_xml-to-json-converter.xsl +++ b/json/convert/oscal_mapping_xml-to-json-converter.xsl @@ -178,6 +178,7 @@ + @@ -649,6 +650,17 @@ + + + + + diff --git a/json/convert/oscal_poam_xml-to-json-converter.xsl b/json/convert/oscal_poam_xml-to-json-converter.xsl index e4064079fb..7993ee2b5c 100644 --- a/json/convert/oscal_poam_xml-to-json-converter.xsl +++ b/json/convert/oscal_poam_xml-to-json-converter.xsl @@ -195,6 +195,7 @@ + @@ -1191,6 +1192,17 @@ + + + + + diff --git a/json/convert/oscal_profile_xml-to-json-converter.xsl b/json/convert/oscal_profile_xml-to-json-converter.xsl index 47a70380bf..4f67324198 100644 --- a/json/convert/oscal_profile_xml-to-json-converter.xsl +++ b/json/convert/oscal_profile_xml-to-json-converter.xsl @@ -178,6 +178,7 @@ + @@ -797,6 +798,17 @@ + + + + + diff --git a/json/convert/oscal_ssp_xml-to-json-converter.xsl b/json/convert/oscal_ssp_xml-to-json-converter.xsl index 1982064062..6c5b3c200a 100644 --- a/json/convert/oscal_ssp_xml-to-json-converter.xsl +++ b/json/convert/oscal_ssp_xml-to-json-converter.xsl @@ -175,6 +175,7 @@ + @@ -1082,6 +1083,17 @@ + + + + + diff --git a/json/schema/oscal_assessment-plan_schema.json b/json/schema/oscal_assessment-plan_schema.json index 15de0b50cb..c8245af5f9 100644 --- a/json/schema/oscal_assessment-plan_schema.json +++ b/json/schema/oscal_assessment-plan_schema.json @@ -506,6 +506,10 @@ { "title" : "Property Class", "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", "$ref" : "#/definitions/TokenDatatype" }, + "group" : + { "title" : "Property Group", + "description" : "An identifier for relating distinct sets of properties.", + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : diff --git a/json/schema/oscal_assessment-results_schema.json b/json/schema/oscal_assessment-results_schema.json index c06b908971..fd2f06759a 100644 --- a/json/schema/oscal_assessment-results_schema.json +++ b/json/schema/oscal_assessment-results_schema.json @@ -736,6 +736,10 @@ { "title" : "Property Class", "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", "$ref" : "#/definitions/TokenDatatype" }, + "group" : + { "title" : "Property Group", + "description" : "An identifier for relating distinct sets of properties.", + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : diff --git a/json/schema/oscal_catalog_schema.json b/json/schema/oscal_catalog_schema.json index 8e4a05e4f2..da1c077274 100644 --- a/json/schema/oscal_catalog_schema.json +++ b/json/schema/oscal_catalog_schema.json @@ -760,6 +760,10 @@ { "title" : "Property Class", "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", "$ref" : "#/definitions/TokenDatatype" }, + "group" : + { "title" : "Property Group", + "description" : "An identifier for relating distinct sets of properties.", + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1040,8 +1044,8 @@ [ "control", "statement" ] } ] }, "id-ref" : - { "title" : "Subject Type", - "description" : "The semantic type of the subject.", + { "title" : "Subject Identifier Reference", + "description" : "A reference to an identified subject that is of the specified type.", "$ref" : "#/definitions/StringDatatype" }, "props" : { "type" : "array", diff --git a/json/schema/oscal_complete_schema.json b/json/schema/oscal_complete_schema.json index e17dd4d87d..3d098c89c0 100644 --- a/json/schema/oscal_complete_schema.json +++ b/json/schema/oscal_complete_schema.json @@ -760,6 +760,10 @@ { "title" : "Property Class", "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", "$ref" : "#/definitions/TokenDatatype" }, + "group" : + { "title" : "Property Group", + "description" : "An identifier for relating distinct sets of properties.", + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1040,8 +1044,8 @@ [ "control", "statement" ] } ] }, "id-ref" : - { "title" : "Subject Type", - "description" : "The semantic type of the subject.", + { "title" : "Subject Identifier Reference", + "description" : "A reference to an identified subject that is of the specified type.", "$ref" : "#/definitions/StringDatatype" }, "props" : { "type" : "array", diff --git a/json/schema/oscal_component_schema.json b/json/schema/oscal_component_schema.json index c118204cdd..3bb46dae6d 100644 --- a/json/schema/oscal_component_schema.json +++ b/json/schema/oscal_component_schema.json @@ -1051,6 +1051,10 @@ { "title" : "Property Class", "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", "$ref" : "#/definitions/TokenDatatype" }, + "group" : + { "title" : "Property Group", + "description" : "An identifier for relating distinct sets of properties.", + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : diff --git a/json/schema/oscal_mapping_schema.json b/json/schema/oscal_mapping_schema.json index bf7c2493fb..db6a939c73 100644 --- a/json/schema/oscal_mapping_schema.json +++ b/json/schema/oscal_mapping_schema.json @@ -479,6 +479,10 @@ { "title" : "Property Class", "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", "$ref" : "#/definitions/TokenDatatype" }, + "group" : + { "title" : "Property Group", + "description" : "An identifier for relating distinct sets of properties.", + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -759,8 +763,8 @@ [ "control", "statement" ] } ] }, "id-ref" : - { "title" : "Subject Type", - "description" : "The semantic type of the subject.", + { "title" : "Subject Identifier Reference", + "description" : "A reference to an identified subject that is of the specified type.", "$ref" : "#/definitions/StringDatatype" }, "props" : { "type" : "array", diff --git a/json/schema/oscal_poam_schema.json b/json/schema/oscal_poam_schema.json index 3ceab3f009..09e7285b18 100644 --- a/json/schema/oscal_poam_schema.json +++ b/json/schema/oscal_poam_schema.json @@ -565,6 +565,10 @@ { "title" : "Property Class", "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", "$ref" : "#/definitions/TokenDatatype" }, + "group" : + { "title" : "Property Group", + "description" : "An identifier for relating distinct sets of properties.", + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : diff --git a/json/schema/oscal_profile_schema.json b/json/schema/oscal_profile_schema.json index af7fbaeddd..ef7bdfeb79 100644 --- a/json/schema/oscal_profile_schema.json +++ b/json/schema/oscal_profile_schema.json @@ -814,6 +814,10 @@ { "title" : "Property Class", "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", "$ref" : "#/definitions/TokenDatatype" }, + "group" : + { "title" : "Property Group", + "description" : "An identifier for relating distinct sets of properties.", + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : diff --git a/json/schema/oscal_ssp_schema.json b/json/schema/oscal_ssp_schema.json index 48fc6c9adb..8b56e1eb69 100644 --- a/json/schema/oscal_ssp_schema.json +++ b/json/schema/oscal_ssp_schema.json @@ -1297,6 +1297,10 @@ { "title" : "Property Class", "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", "$ref" : "#/definitions/TokenDatatype" }, + "group" : + { "title" : "Property Group", + "description" : "An identifier for relating distinct sets of properties.", + "$ref" : "#/definitions/TokenDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : diff --git a/xml/convert/oscal_assessment-plan_json-to-xml-converter.xsl b/xml/convert/oscal_assessment-plan_json-to-xml-converter.xsl index 67dbacb47b..08702529b5 100644 --- a/xml/convert/oscal_assessment-plan_json-to-xml-converter.xsl +++ b/xml/convert/oscal_assessment-plan_json-to-xml-converter.xsl @@ -142,6 +142,7 @@ + @@ -699,6 +700,18 @@ + + + + + + + @@ -925,6 +926,18 @@ + + + + + + + @@ -518,6 +519,18 @@ + + + + + + + @@ -1585,6 +1586,18 @@ + + + + + + + @@ -450,6 +451,18 @@ + + + + + + + @@ -441,6 +442,18 @@ + + + + + + + @@ -706,6 +707,18 @@ + + + + + + + @@ -508,6 +509,18 @@ + + + + + + + @@ -683,6 +684,18 @@ + + + + + + Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + + + + Property Group + An identifier for relating distinct sets of properties. + + + Property Group: An identifier for relating distinct sets of properties. + + diff --git a/xml/schema/oscal_assessment-results_schema.xsd b/xml/schema/oscal_assessment-results_schema.xsd index f2f559d2d8..8ee67e0a93 100644 --- a/xml/schema/oscal_assessment-results_schema.xsd +++ b/xml/schema/oscal_assessment-results_schema.xsd @@ -1327,6 +1327,16 @@ Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + + + + Property Group + An identifier for relating distinct sets of properties. + + + Property Group: An identifier for relating distinct sets of properties. + + diff --git a/xml/schema/oscal_catalog_schema.xsd b/xml/schema/oscal_catalog_schema.xsd index ae63aa40b2..6dbeffafa2 100644 --- a/xml/schema/oscal_catalog_schema.xsd +++ b/xml/schema/oscal_catalog_schema.xsd @@ -1329,6 +1329,16 @@ Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + + + + Property Group + An identifier for relating distinct sets of properties. + + + Property Group: An identifier for relating distinct sets of properties. + + @@ -1832,11 +1842,11 @@ - Subject Type - The semantic type of the subject. + Subject Identifier Reference + A reference to an identified subject that is of the specified type. - Subject Type: The semantic type of the subject. + Subject Identifier Reference: A reference to an identified subject that is of the specified type. diff --git a/xml/schema/oscal_complete_schema.xsd b/xml/schema/oscal_complete_schema.xsd index 55dcbf0af4..96975fb8ef 100644 --- a/xml/schema/oscal_complete_schema.xsd +++ b/xml/schema/oscal_complete_schema.xsd @@ -1336,6 +1336,16 @@ Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + + + + Property Group + An identifier for relating distinct sets of properties. + + + Property Group: An identifier for relating distinct sets of properties. + + @@ -1839,11 +1849,11 @@ - Subject Type - The semantic type of the subject. + Subject Identifier Reference + A reference to an identified subject that is of the specified type. - Subject Type: The semantic type of the subject. + Subject Identifier Reference: A reference to an identified subject that is of the specified type. diff --git a/xml/schema/oscal_component_schema.xsd b/xml/schema/oscal_component_schema.xsd index f690eb7fc6..0efd3c55a8 100644 --- a/xml/schema/oscal_component_schema.xsd +++ b/xml/schema/oscal_component_schema.xsd @@ -1892,6 +1892,16 @@ Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + + + + Property Group + An identifier for relating distinct sets of properties. + + + Property Group: An identifier for relating distinct sets of properties. + + diff --git a/xml/schema/oscal_mapping_schema.xsd b/xml/schema/oscal_mapping_schema.xsd index 4ee462849e..b5b1054a34 100644 --- a/xml/schema/oscal_mapping_schema.xsd +++ b/xml/schema/oscal_mapping_schema.xsd @@ -855,6 +855,16 @@ Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + + + + Property Group + An identifier for relating distinct sets of properties. + + + Property Group: An identifier for relating distinct sets of properties. + + @@ -1358,11 +1368,11 @@ - Subject Type - The semantic type of the subject. + Subject Identifier Reference + A reference to an identified subject that is of the specified type. - Subject Type: The semantic type of the subject. + Subject Identifier Reference: A reference to an identified subject that is of the specified type. diff --git a/xml/schema/oscal_poam_schema.xsd b/xml/schema/oscal_poam_schema.xsd index 26893e17bb..9a803bbe1a 100644 --- a/xml/schema/oscal_poam_schema.xsd +++ b/xml/schema/oscal_poam_schema.xsd @@ -1010,6 +1010,16 @@ Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + + + + Property Group + An identifier for relating distinct sets of properties. + + + Property Group: An identifier for relating distinct sets of properties. + + diff --git a/xml/schema/oscal_profile_schema.xsd b/xml/schema/oscal_profile_schema.xsd index 01883f7e04..9b3c3364ae 100644 --- a/xml/schema/oscal_profile_schema.xsd +++ b/xml/schema/oscal_profile_schema.xsd @@ -1377,6 +1377,16 @@ Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + + + + Property Group + An identifier for relating distinct sets of properties. + + + Property Group: An identifier for relating distinct sets of properties. + + diff --git a/xml/schema/oscal_ssp_schema.xsd b/xml/schema/oscal_ssp_schema.xsd index 33fd2193af..e2c3869de3 100644 --- a/xml/schema/oscal_ssp_schema.xsd +++ b/xml/schema/oscal_ssp_schema.xsd @@ -2293,6 +2293,16 @@ Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + + + + Property Group + An identifier for relating distinct sets of properties. + + + Property Group: An identifier for relating distinct sets of properties. + + From 32fbf447d4c72b7352b86a4368005af1ccbef9bd Mon Sep 17 00:00:00 2001 From: Chris Compton Date: Sat, 20 Aug 2022 22:48:01 -0500 Subject: [PATCH 044/138] Add assessment-assets assembly to local-definitions assembly in POAM model. #1291 (#1417) --- src/metaschema/oscal_poam_metaschema.xml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/metaschema/oscal_poam_metaschema.xml b/src/metaschema/oscal_poam_metaschema.xml index 2351f071db..6a4a52f7e2 100644 --- a/src/metaschema/oscal_poam_metaschema.xml +++ b/src/metaschema/oscal_poam_metaschema.xml @@ -72,6 +72,12 @@

    Used to add any inventory-items, not defined via the System Security Plan (AR->AP->SSP)

    + + + +

    Specifies components or assessment-platforms used in the assessment.

    +
    +
    From e77b4d91b2551e14f8675e95b58d0d6051dc6e0f Mon Sep 17 00:00:00 2001 From: david-waltermire-nist Date: Sun, 21 Aug 2022 03:53:01 +0000 Subject: [PATCH 045/138] Publishing generated metaschema resources [ci skip] --- .../oscal_complete_xml-to-json-converter.xsl | 266 ++++++++++++++- .../oscal_poam_xml-to-json-converter.xsl | 309 ++++++++++++++++- json/schema/oscal_complete_schema.json | 2 + json/schema/oscal_poam_schema.json | 2 + .../oscal_complete_json-to-xml-converter.xsl | 291 +++++++++++++++- .../oscal_poam_json-to-xml-converter.xsl | 314 +++++++++++++++++- xml/schema/oscal_complete_schema.xsd | 4 + xml/schema/oscal_poam_schema.xsd | 4 + 8 files changed, 1172 insertions(+), 20 deletions(-) diff --git a/json/convert/oscal_complete_xml-to-json-converter.xsl b/json/convert/oscal_complete_xml-to-json-converter.xsl index bcb4cc42b8..8806078de6 100644 --- a/json/convert/oscal_complete_xml-to-json-converter.xsl +++ b/json/convert/oscal_complete_xml-to-json-converter.xsl @@ -1151,7 +1151,7 @@ - @@ -2709,6 +2709,7 @@ + @@ -3924,7 +3925,7 @@ - - - + + + + + title + + + + + + + + + + + description + + + + + + + + + + + + + purpose + + + + + + + + + + + text + + + + + + + + + + + status + + + + + + + + + + text + + + + + + + + + + + title + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + title + + + + + + + + + + + text + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + diff --git a/json/convert/oscal_poam_xml-to-json-converter.xsl b/json/convert/oscal_poam_xml-to-json-converter.xsl index 7993ee2b5c..9d571983dd 100644 --- a/json/convert/oscal_poam_xml-to-json-converter.xsl +++ b/json/convert/oscal_poam_xml-to-json-converter.xsl @@ -76,7 +76,7 @@ - + @@ -409,6 +409,7 @@ + @@ -544,6 +545,31 @@ + + + + + assessment-assets + + + + + + + + + + + + + + + + + @@ -1372,7 +1398,7 @@ - + + + + + + + + + + @@ -2986,6 +3034,263 @@ + + + + + title + + + + + + + + + + + description + + + + + + + + + + + + + purpose + + + + + + + + + + + text + + + + + + + + + + + status + + + + + + + + + + text + + + + + + + + + + + title + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + title + + + + + + + + + + + text + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + diff --git a/json/schema/oscal_complete_schema.json b/json/schema/oscal_complete_schema.json index 3d098c89c0..56d9c060be 100644 --- a/json/schema/oscal_complete_schema.json +++ b/json/schema/oscal_complete_schema.json @@ -4908,6 +4908,8 @@ "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-implementation-common_inventory-item" } }, + "assessment-assets" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-assets" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "additionalProperties" : false }, diff --git a/json/schema/oscal_poam_schema.json b/json/schema/oscal_poam_schema.json index 09e7285b18..fc8e2c8464 100644 --- a/json/schema/oscal_poam_schema.json +++ b/json/schema/oscal_poam_schema.json @@ -60,6 +60,8 @@ "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-implementation-common_inventory-item" } }, + "assessment-assets" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-assets" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "additionalProperties" : false }, diff --git a/xml/convert/oscal_complete_json-to-xml-converter.xsl b/xml/convert/oscal_complete_json-to-xml-converter.xsl index 77a317fce8..dce34f9ba5 100644 --- a/xml/convert/oscal_complete_json-to-xml-converter.xsl +++ b/xml/convert/oscal_complete_json-to-xml-converter.xsl @@ -575,9 +575,9 @@ - + - + @@ -1293,6 +1293,7 @@ + @@ -2697,8 +2698,8 @@ - + - - + - - + - + + + + + + title + + + + + + + + + + + + + + + description + + + + + + + + + + + + + + + purpose + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + status + + + + + + + + + + + text + + + + + + + + + + + + + + + title + + + + + + + + + + + + + + + + + + + + + + + + + + + title + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + diff --git a/xml/convert/oscal_poam_json-to-xml-converter.xsl b/xml/convert/oscal_poam_json-to-xml-converter.xsl index c31a9001e7..3c4a3bcdb1 100644 --- a/xml/convert/oscal_poam_json-to-xml-converter.xsl +++ b/xml/convert/oscal_poam_json-to-xml-converter.xsl @@ -237,6 +237,7 @@ + @@ -300,6 +301,19 @@ + + + + + + assessment-assets + + + + + @@ -916,8 +930,8 @@ - + - + + + + + + + + + + + + + + + + + + title + + + + + + + + + + + + + + + description + + + + + + + + + + + + + + + purpose + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + status + + + + + + + + + + + text + + + + + + + + + + + + + + + title + + + + + + + + + + + + + + + + + + + + + + + + + + + title + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + diff --git a/xml/schema/oscal_complete_schema.xsd b/xml/schema/oscal_complete_schema.xsd index 96975fb8ef..2a52c64cef 100644 --- a/xml/schema/oscal_complete_schema.xsd +++ b/xml/schema/oscal_complete_schema.xsd @@ -8409,6 +8409,10 @@ type="oscal-implementation-common-inventory-item-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> + diff --git a/xml/schema/oscal_poam_schema.xsd b/xml/schema/oscal_poam_schema.xsd index 9a803bbe1a..b895a1f1c6 100644 --- a/xml/schema/oscal_poam_schema.xsd +++ b/xml/schema/oscal_poam_schema.xsd @@ -92,6 +92,10 @@ type="oscal-implementation-common-inventory-item-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> + From 81cd54eccd09b2cdf74956e837a6152bd7287bb7 Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Tue, 23 Aug 2022 00:16:18 -0400 Subject: [PATCH 046/138] Fixing broken links --- docs/content/concepts/layer/control/_index.md | 5 +++++ docs/content/learn/tutorials/general/extension.md | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/docs/content/concepts/layer/control/_index.md b/docs/content/concepts/layer/control/_index.md index 0375c51961..1acc63e810 100644 --- a/docs/content/concepts/layer/control/_index.md +++ b/docs/content/concepts/layer/control/_index.md @@ -11,6 +11,7 @@ toc: aliases: - /documentation/schema/catalog-layer/ - /documentation/schema/profile-layer/ + - /concepts/layer/control/mapping --- The OSCAL control layer consists of the following models. @@ -23,6 +24,10 @@ It is important to note that the OSCAL catalog model is not a catalog document f Controls must also be encoded in a standard machine-readable form. The OSCAL model gives the designers of catalogs great flexibility in the details of how controls are defined, with their constituent parts. This is described further in a page providing a high-level introductory walkthrough of an [Annotated Example](catalog/sp800-53rev5-example) of a control, as defined by NIST SP 800-53 Revision 5. +## Mapping Model + +The **[Mapping Model](mapping/)** provides a means to represent control mappings between two catalogs using a structured, machine-readable representation. The OSCAL mapping model can be represented in XML, JSON, and YAML formats. + ## Profile Model The **[Profile Model](profile/)** provides a structured, machine-readable representation of a **[baseline](../../terminology/#baseline)**. As the starting point for defining an organization's security mission and security posture, a baseline must be defined by any organization undertaking a risk-based security program or security assessment, typically by selecting and adapting controls from an authoritative catalog of controls, or from another baseline that has already been defined and described. diff --git a/docs/content/learn/tutorials/general/extension.md b/docs/content/learn/tutorials/general/extension.md index 06514ab975..ec1b20a5eb 100644 --- a/docs/content/learn/tutorials/general/extension.md +++ b/docs/content/learn/tutorials/general/extension.md @@ -595,7 +595,7 @@ Line 11 demonstrates the use of `` to point to the organization's official "text": "HSPD-12" }, { - "href": "http://federal-agency.gov/img/official-agency-logo.png", + "href": "https://federal-agency.gov/img/official-agency-logo.png", "rel": "logo", "media-type": "image/png" } From 522a9de39f6c7bc9b0f8c1b434f27998a10aea0f Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Tue, 23 Aug 2022 00:46:15 -0400 Subject: [PATCH 047/138] Fixed broken links. --- .../layer/implementation/component-definition/_index.md | 4 ++-- docs/content/learn/tutorials/general/extension.md | 2 +- docs/content/learn/tutorials/general/metadata.md | 2 +- docs/content/learn/tutorials/implementation/_index.md | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/content/concepts/layer/implementation/component-definition/_index.md b/docs/content/concepts/layer/implementation/component-definition/_index.md index fbd1a7be8a..7e09e32e8b 100644 --- a/docs/content/concepts/layer/implementation/component-definition/_index.md +++ b/docs/content/concepts/layer/implementation/component-definition/_index.md @@ -100,8 +100,8 @@ OSCAL is designed to allow capture relevant details related to independent valid The following tutorials are provided that are related to the component definition model. -- [Creating a Component Definition](/learn/tutorials/simple-component-definition/): Covers creating a basic OSCAL component definition for a software product. -- [Representing Test Validation Information](/learn/tutorials/validation-modeling/): Explains how to represent test validation information (e.g., FIPS-140-2) for a component in an OSCAL component definition. +- [Creating a Component Definition](/learn/tutorials/implementation/simple-component-definition/): Covers creating a basic OSCAL component definition for a software product. +- [Representing Test Validation Information](/learn/tutorials/implementation/validation-modeling/): Explains how to represent test validation information (e.g., FIPS-140-2) for a component in an OSCAL component definition. ## Content Examples diff --git a/docs/content/learn/tutorials/general/extension.md b/docs/content/learn/tutorials/general/extension.md index ec1b20a5eb..94485c1905 100644 --- a/docs/content/learn/tutorials/general/extension.md +++ b/docs/content/learn/tutorials/general/extension.md @@ -625,7 +625,7 @@ system-security-plan: - href: https://www.dhs.gov/homeland-security-presidential-directive-12 rel: reference text: HSPD-12 - - href: http://federal-agency.gov/img/official-agency-logo.png + - href: https://federal-agency.gov/img/official-agency-logo.png rel: logo media-type: image/png import-profile: ... diff --git a/docs/content/learn/tutorials/general/metadata.md b/docs/content/learn/tutorials/general/metadata.md index 134f358637..1e6aa98a4f 100644 --- a/docs/content/learn/tutorials/general/metadata.md +++ b/docs/content/learn/tutorials/general/metadata.md @@ -663,7 +663,7 @@ The remainder of this tutorial will briefly cover the other optional fields insi - [``](/reference/latest/catalog/xml-reference/#/catalog/metadata/responsible-party) - Explicitly declares a party that is responsible for a given role relative to the document. The `@role-id` attribute references the role that the party is fulfilling, and is either a custom role locally defined or one of the core-defined roles; see the `` section above for details. Uses a party's uuid to link the given role to the given party. -- [``]((/reference/latest/catalog/xml-reference/#/catalog/metadata/remarks)) - [markup-multiline](/reference/datatypes/#markup-data-types) formatted text providing notes and comments regarding the document. +- [``](/reference/latest/catalog/xml-reference/#/catalog/metadata/remarks) - [markup-multiline](/reference/datatypes/#markup-data-types) formatted text providing notes and comments regarding the document. {{% /tab %}} {{% tab %}} diff --git a/docs/content/learn/tutorials/implementation/_index.md b/docs/content/learn/tutorials/implementation/_index.md index ed5f2a75c6..8fa62d86c0 100644 --- a/docs/content/learn/tutorials/implementation/_index.md +++ b/docs/content/learn/tutorials/implementation/_index.md @@ -10,5 +10,5 @@ toc: The following tutorial covers topics that apply to the OSCAL [implementation layer](/concepts/layer/implementation/) models. -- [Creating a Basic Component Definition](basic-component-definition/): Teaches how to create a component-definition using the OSCAL [component definition](/concepts/layer/implementation/component-definition/) model. +- [Creating a Basic Component Definition](simple-component-definition/): Teaches how to create a component-definition using the OSCAL [component definition](/concepts/layer/implementation/component-definition/) model. - [Representing test validation information](validation-modeling/): Describes how to represent test validation information (e.g., FIPS-140-2) using a component in an OSCAL [component definition](/concepts/layer/implementation/component-definition/) or [system security plan](/concepts/layer/implementation/ssp/). From 753b4853cebb1a0804c2021e4edf812d380b5e7a Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Tue, 23 Aug 2022 01:04:27 -0400 Subject: [PATCH 048/138] More broken link fixes. --- docs/content/about/news.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/content/about/news.md b/docs/content/about/news.md index f0bc63c7b6..1e7370ece3 100644 --- a/docs/content/about/news.md +++ b/docs/content/about/news.md @@ -16,6 +16,6 @@ toc: - [OSCAL 1.0.0 Milestone 1 Released](https://pages.nist.gov/OSCAL/contribute/roadmap/#oscal-100-milestone-1) - June 15, 2019 - [What's Next for FedRAMP? Automation, new authorizations later this year](https://federalnewsnetwork.com/federal-cloud-report/2018/06/whats-next-for-fedramp-automation-new-authorizations-and-more-later-this-year/) - June 25, 2018 - FedRAMP Looks to NIST for Security Control Refinements - June 14, 2018 -- [Automating Compliance for Highly Regulated Industries with Docker Enterprise Edition and OSCAL](https://www.mirantis.com/blog/automating-compliance-for-highly-regulated-industries-with-docker-enterprise-edition-and-oscal/) - May 3, 2018 +- [Automating Compliance for Highly Regulated Industries with Docker Enterprise Edition and OSCAL](https://www.mirantis.com/blog/automating-compliance-for-highly-regulated-industries-with-docker-enterprise-edition-and-oscal) - May 3, 2018 - [You're Nuts! Automating Your 1000+ Page FedRAMP System Security Plan?](https://www.govloop.com/community/blog/youre-nuts-automating-1000page-fedramp-system-security-plan/) - August 14, 2017 - [Government CIOs Lean Toward Cloud for Security](https://www.meritalk.com/articles/government-cios-lean-toward-cloud-for-security/) - April 21, 2016 From f034b0e728cdba3659d6b9ebc34fb4698b9eb465 Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Tue, 23 Aug 2022 08:01:00 -0400 Subject: [PATCH 049/138] Adding link to whitelist --- build/config/.lycheeignore | 1 + 1 file changed, 1 insertion(+) diff --git a/build/config/.lycheeignore b/build/config/.lycheeignore index 260b61e7e0..e42dd1db05 100644 --- a/build/config/.lycheeignore +++ b/build/config/.lycheeignore @@ -13,3 +13,4 @@ https://csrc.nist.gov/projects/cryptographic-module-validation-program/certifica https://cdn.telos.com/wp-content/uploads/2021/06/22150746/Xacta-360-EULA-US.pdf https://search.usa.gov/search https://example.com/.* +https://www.mirantis.com/blog/automating-compliance-for-highly-regulated-industries-with-docker-enterprise-edition-and-oscal.* From ba6ca7486525b5006baee97c9c3e12886be49ea8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 23 Aug 2022 08:23:26 -0400 Subject: [PATCH 050/138] Bump actions/cache from 3.0.5 to 3.0.8 (#1422) Bumps [actions/cache](https://github.com/actions/cache) from 3.0.5 to 3.0.8. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/0865c47f36e68161719c5b124609996bb5c40129...fd5de65bc895cf536527842281bea11763fefd77) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-website-reference.yml | 2 +- .github/workflows/workflow-generate-website.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index 3be25f5eac..db749caf17 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -94,7 +94,7 @@ jobs: mvn dependency:copy-dependencies -DoutputDirectory="${JAVA_CLASSPATH}" # Install Hugo - name: Store Hugo Executable in Cache - uses: actions/cache@0865c47f36e68161719c5b124609996bb5c40129 + uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 with: path: /home/runner/go/bin/hugo key: ${{ runner.os }}-hugo-${{ hashFiles(format('{0}/build/go.sum', env.BRANCH_PATH)) }} diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index 2f7885dc03..2dc76f9689 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -104,7 +104,7 @@ jobs: retention-days: 5 # Install Hugo - name: Store Hugo Executable in Cache - uses: actions/cache@0865c47f36e68161719c5b124609996bb5c40129 + uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 with: path: /home/runner/go/bin/hugo key: ${{ runner.os }}-hugo-${{ hashFiles(format('{0}/go.sum', env.BUILD_PATH)) }} From feb835600dd4ca62ccc4aae6eece1cbe0eab1394 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 25 Aug 2022 07:36:48 -0400 Subject: [PATCH 051/138] Bump actions/setup-go from 3.2.0 to 3.3.0 (#1425) Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.2.0 to 3.3.0. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/b22fbbc2921299758641fab08929b4ac52b32923...268d8c0ca0432bb2cf416faae41297df9d262d7f) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-website-reference.yml | 2 +- .github/workflows/workflow-generate-website.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index db749caf17..dac15f14f5 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -105,7 +105,7 @@ jobs: echo "/home/runner/go/bin" >> $GITHUB_PATH - name: Setup Golang if: steps.cache-hugo.outputs.cache-hit != 'true' - uses: actions/setup-go@b22fbbc2921299758641fab08929b4ac52b32923 + uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: go-version-file: '${{ env.BRANCH_PATH }}/build/go.mod' cache: true diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index 2dc76f9689..4e475bc970 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -115,7 +115,7 @@ jobs: echo "/home/runner/go/bin" >> $GITHUB_PATH - name: Setup Golang if: steps.cache-hugo.outputs.cache-hit != 'true' - uses: actions/setup-go@b22fbbc2921299758641fab08929b4ac52b32923 + uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: go-version-file: '${{ env.BUILD_PATH }}/go.mod' cache: true From c04081096044faeae7ff36bf9a76c6f9e1d7c651 Mon Sep 17 00:00:00 2001 From: Guy Zylberberg Date: Thu, 25 Aug 2022 15:05:54 +0300 Subject: [PATCH 052/138] Create `` (fix #1129) (#1171) * Create`` * Restored C/I/A formal names and descriptions. Resolves #1129. Co-authored-by: David Waltermire --- src/metaschema/oscal_ssp_metaschema.xml | 63 ++++++++++--------------- 1 file changed, 24 insertions(+), 39 deletions(-) diff --git a/src/metaschema/oscal_ssp_metaschema.xml b/src/metaschema/oscal_ssp_metaschema.xml index e6bee63bfc..de446373a2 100644 --- a/src/metaschema/oscal_ssp_metaschema.xml +++ b/src/metaschema/oscal_ssp_metaschema.xml @@ -236,51 +236,21 @@ - + Confidentiality Impact Level The expected level of impact resulting from the unauthorized disclosure of the described information. - - - - - - - - - - - - - + confidentiality-impact + + Integrity Impact Level The expected level of impact resulting from the unauthorized modification of the described information. - - - - - - - - - - - - - + integrity-impact + + Availability Impact Level The expected level of impact resulting from the disruption of access to or use of the described information or the information system. - - - - - - - - - - - - + availability-impact + @@ -318,6 +288,21 @@ + + Impact Level + The expected level of impact resulting from the described information. + + + + + + + + + + + + Base Level (Confidentiality, Integrity, or Availability) The prescribed base (Confidentiality, Integrity, or Availability) security impact level. From 290f4760d7323a04acdfbbf0d25c66f5dea03df6 Mon Sep 17 00:00:00 2001 From: david-waltermire-nist Date: Thu, 25 Aug 2022 12:10:37 +0000 Subject: [PATCH 053/138] Publishing generated metaschema resources [ci skip] --- .../oscal_complete_xml-to-json-converter.xsl | 167 ++++++++-------- .../oscal_ssp_xml-to-json-converter.xsl | 167 ++++++++-------- json/schema/oscal_complete_schema.json | 102 +++------- json/schema/oscal_ssp_schema.json | 102 +++------- .../oscal_complete_json-to-xml-converter.xsl | 95 +++++---- .../oscal_ssp_json-to-xml-converter.xsl | 95 +++++---- xml/schema/oscal_complete_schema.xsd | 182 +++++------------- xml/schema/oscal_ssp_schema.xsd | 182 +++++------------- 8 files changed, 412 insertions(+), 680 deletions(-) diff --git a/json/convert/oscal_complete_xml-to-json-converter.xsl b/json/convert/oscal_complete_xml-to-json-converter.xsl index 8806078de6..638942c2db 100644 --- a/json/convert/oscal_complete_xml-to-json-converter.xsl +++ b/json/convert/oscal_complete_xml-to-json-converter.xsl @@ -1422,6 +1422,86 @@ + + + + + confidentiality-impact + + + + + + + + + + + + + + + + + + + + + + + + + integrity-impact + + + + + + + + + + + + + + + + + + + + + + + + + availability-impact + + + + + + + + + + + + + + + + + + + + @@ -12387,35 +12467,6 @@ - - - - - confidentiality-impact - - - - - - - - - - - - - - - - - - - - @@ -12492,35 +12543,6 @@ - - - - - integrity-impact - - - - - - - - - - - - - - - - - - - - @@ -12597,35 +12619,6 @@ - - - - - availability-impact - - - - - - - - - - - - - - - - - - - - diff --git a/json/convert/oscal_ssp_xml-to-json-converter.xsl b/json/convert/oscal_ssp_xml-to-json-converter.xsl index 6c5b3c200a..76c6511cc3 100644 --- a/json/convert/oscal_ssp_xml-to-json-converter.xsl +++ b/json/convert/oscal_ssp_xml-to-json-converter.xsl @@ -449,6 +449,86 @@ + + + + + confidentiality-impact + + + + + + + + + + + + + + + + + + + + + + + + + integrity-impact + + + + + + + + + + + + + + + + + + + + + + + + + availability-impact + + + + + + + + + + + + + + + + + + + + @@ -2669,35 +2749,6 @@ - - - - - confidentiality-impact - - - - - - - - - - - - - - - - - - - - @@ -2774,35 +2825,6 @@ - - - - - integrity-impact - - - - - - - - - - - - - - - - - - - - @@ -2879,35 +2901,6 @@ - - - - - availability-impact - - - - - - - - - - - - - - - - - - - - diff --git a/json/schema/oscal_complete_schema.json b/json/schema/oscal_complete_schema.json index 56d9c060be..b87906b20e 100644 --- a/json/schema/oscal_complete_schema.json +++ b/json/schema/oscal_complete_schema.json @@ -2346,87 +2346,43 @@ "items" : { "$ref" : "#assembly_oscal-metadata_link" } }, "confidentiality-impact" : - { "title" : "Confidentiality Impact Level", - "description" : "The expected level of impact resulting from the unauthorized disclosure of the described information.", - "type" : "object", - "properties" : - { "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "base" : - { "$ref" : "#field_oscal-ssp_base" }, - "selected" : - { "$ref" : "#field_oscal-ssp_selected" }, - "adjustment-justification" : - { "$ref" : "#field_oscal-ssp_adjustment-justification" } }, - "required" : - [ "base" ], - "additionalProperties" : false }, + { "$ref" : "#assembly_oscal-ssp_impact" }, "integrity-impact" : - { "title" : "Integrity Impact Level", - "description" : "The expected level of impact resulting from the unauthorized modification of the described information.", - "type" : "object", - "properties" : - { "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "base" : - { "$ref" : "#field_oscal-ssp_base" }, - "selected" : - { "$ref" : "#field_oscal-ssp_selected" }, - "adjustment-justification" : - { "$ref" : "#field_oscal-ssp_adjustment-justification" } }, - "required" : - [ "base" ], - "additionalProperties" : false }, + { "$ref" : "#assembly_oscal-ssp_impact" }, "availability-impact" : - { "title" : "Availability Impact Level", - "description" : "The expected level of impact resulting from the disruption of access to or use of the described information or the information system.", - "type" : "object", - "properties" : - { "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "base" : - { "$ref" : "#field_oscal-ssp_base" }, - "selected" : - { "$ref" : "#field_oscal-ssp_selected" }, - "adjustment-justification" : - { "$ref" : "#field_oscal-ssp_adjustment-justification" } }, - "required" : - [ "base" ], - "additionalProperties" : false } }, + { "$ref" : "#assembly_oscal-ssp_impact" } }, "required" : [ "title", - "description", - "confidentiality-impact", - "integrity-impact", - "availability-impact" ], + "description" ], "additionalProperties" : false } } }, "required" : [ "information-types" ], "additionalProperties" : false }, + "oscal-complete-oscal-ssp:impact" : + { "title" : "Impact Level", + "description" : "The expected level of impact resulting from the described information.", + "$id" : "#assembly_oscal-ssp_impact", + "type" : "object", + "properties" : + { "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "base" : + { "$ref" : "#field_oscal-ssp_base" }, + "selected" : + { "$ref" : "#field_oscal-ssp_selected" }, + "adjustment-justification" : + { "$ref" : "#field_oscal-ssp_adjustment-justification" } }, + "required" : + [ "base" ], + "additionalProperties" : false }, "oscal-complete-oscal-ssp:base" : { "title" : "Base Level (Confidentiality, Integrity, or Availability)", "description" : "The prescribed base (Confidentiality, Integrity, or Availability) security impact level.", diff --git a/json/schema/oscal_ssp_schema.json b/json/schema/oscal_ssp_schema.json index 8b56e1eb69..1085903664 100644 --- a/json/schema/oscal_ssp_schema.json +++ b/json/schema/oscal_ssp_schema.json @@ -186,87 +186,43 @@ "items" : { "$ref" : "#assembly_oscal-metadata_link" } }, "confidentiality-impact" : - { "title" : "Confidentiality Impact Level", - "description" : "The expected level of impact resulting from the unauthorized disclosure of the described information.", - "type" : "object", - "properties" : - { "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "base" : - { "$ref" : "#field_oscal-ssp_base" }, - "selected" : - { "$ref" : "#field_oscal-ssp_selected" }, - "adjustment-justification" : - { "$ref" : "#field_oscal-ssp_adjustment-justification" } }, - "required" : - [ "base" ], - "additionalProperties" : false }, + { "$ref" : "#assembly_oscal-ssp_impact" }, "integrity-impact" : - { "title" : "Integrity Impact Level", - "description" : "The expected level of impact resulting from the unauthorized modification of the described information.", - "type" : "object", - "properties" : - { "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "base" : - { "$ref" : "#field_oscal-ssp_base" }, - "selected" : - { "$ref" : "#field_oscal-ssp_selected" }, - "adjustment-justification" : - { "$ref" : "#field_oscal-ssp_adjustment-justification" } }, - "required" : - [ "base" ], - "additionalProperties" : false }, + { "$ref" : "#assembly_oscal-ssp_impact" }, "availability-impact" : - { "title" : "Availability Impact Level", - "description" : "The expected level of impact resulting from the disruption of access to or use of the described information or the information system.", - "type" : "object", - "properties" : - { "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "base" : - { "$ref" : "#field_oscal-ssp_base" }, - "selected" : - { "$ref" : "#field_oscal-ssp_selected" }, - "adjustment-justification" : - { "$ref" : "#field_oscal-ssp_adjustment-justification" } }, - "required" : - [ "base" ], - "additionalProperties" : false } }, + { "$ref" : "#assembly_oscal-ssp_impact" } }, "required" : [ "title", - "description", - "confidentiality-impact", - "integrity-impact", - "availability-impact" ], + "description" ], "additionalProperties" : false } } }, "required" : [ "information-types" ], "additionalProperties" : false }, + "oscal-ssp-oscal-ssp:impact" : + { "title" : "Impact Level", + "description" : "The expected level of impact resulting from the described information.", + "$id" : "#assembly_oscal-ssp_impact", + "type" : "object", + "properties" : + { "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "base" : + { "$ref" : "#field_oscal-ssp_base" }, + "selected" : + { "$ref" : "#field_oscal-ssp_selected" }, + "adjustment-justification" : + { "$ref" : "#field_oscal-ssp_adjustment-justification" } }, + "required" : + [ "base" ], + "additionalProperties" : false }, "oscal-ssp-oscal-ssp:base" : { "title" : "Base Level (Confidentiality, Integrity, or Availability)", "description" : "The prescribed base (Confidentiality, Integrity, or Availability) security impact level.", diff --git a/xml/convert/oscal_complete_json-to-xml-converter.xsl b/xml/convert/oscal_complete_json-to-xml-converter.xsl index dce34f9ba5..98eef594f3 100644 --- a/xml/convert/oscal_complete_json-to-xml-converter.xsl +++ b/xml/convert/oscal_complete_json-to-xml-converter.xsl @@ -726,6 +726,50 @@ + + + + + + confidentiality-impact + + + + + + + + + + + + + + integrity-impact + + + + + + + + + + + + + + availability-impact + + + + + + + + @@ -12653,23 +12697,6 @@ - - - - - - confidentiality-impact - - - - - - - - @@ -12763,23 +12790,6 @@ - - - - - - integrity-impact - - - - - - - - @@ -12873,23 +12883,6 @@ - - - - - - availability-impact - - - - - - - - diff --git a/xml/convert/oscal_ssp_json-to-xml-converter.xsl b/xml/convert/oscal_ssp_json-to-xml-converter.xsl index 36bd3fbebb..4365b56ccc 100644 --- a/xml/convert/oscal_ssp_json-to-xml-converter.xsl +++ b/xml/convert/oscal_ssp_json-to-xml-converter.xsl @@ -265,6 +265,50 @@ + + + + + + confidentiality-impact + + + + + + + + + + + + + + integrity-impact + + + + + + + + + + + + + + availability-impact + + + + + + + + @@ -2568,23 +2612,6 @@ - - - - - - confidentiality-impact - - - - - - - - @@ -2678,23 +2705,6 @@ - - - - - - integrity-impact - - - - - - - - @@ -2788,23 +2798,6 @@ - - - - - - availability-impact - - - - - - - - diff --git a/xml/schema/oscal_complete_schema.xsd b/xml/schema/oscal_complete_schema.xsd index 2a52c64cef..878bd569eb 100644 --- a/xml/schema/oscal_complete_schema.xsd +++ b/xml/schema/oscal_complete_schema.xsd @@ -3987,135 +3987,18 @@ type="oscal-metadata-link-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> - - - - - Confidentiality Impact Level - The expected level of impact resulting from the unauthorized disclosure of the described information. - - - Confidentiality Impact Level: The expected level of impact resulting from the unauthorized disclosure of the described information. - - - - - - - - - - Adjustment Justification - If the selected security level is different from the base security level, this contains the justification for the change. - - - Adjustment Justification: If the selected security level is different from the base security level, this contains the justification for the change. - - - - - - - - - - - - - Integrity Impact Level - The expected level of impact resulting from the unauthorized modification of the described information. - - - Integrity Impact Level: The expected level of impact resulting from the unauthorized modification of the described information. - - - - - - - - - - Adjustment Justification - If the selected security level is different from the base security level, this contains the justification for the change. - - - Adjustment Justification: If the selected security level is different from the base security level, this contains the justification for the change. - - - - - - - - - - - - - Availability Impact Level - The expected level of impact resulting from the disruption of access to or use of the described information or the information system. - - - Availability Impact Level: The expected level of impact resulting from the disruption of access to or use of the described information or the information system. - - - - - - - - - - Adjustment Justification - If the selected security level is different from the base security level, this contains the justification for the change. - - - Adjustment Justification: If the selected security level is different from the base security level, this contains the justification for the change. - - - - - - - - + + + @@ -4131,6 +4014,47 @@ + + + + Impact Level + The expected level of impact resulting from the described information. + + + Impact Level: The expected level of impact resulting from the described information. + + + + + + + + + + Adjustment Justification + If the selected security level is different from the base security level, this contains the justification for the change. + + + Adjustment Justification: If the selected security level is different from the base security level, this contains the justification for the change. + + + + + + + diff --git a/xml/schema/oscal_ssp_schema.xsd b/xml/schema/oscal_ssp_schema.xsd index e2c3869de3..490bd0c249 100644 --- a/xml/schema/oscal_ssp_schema.xsd +++ b/xml/schema/oscal_ssp_schema.xsd @@ -328,135 +328,18 @@ type="oscal-metadata-link-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> - - - - - Confidentiality Impact Level - The expected level of impact resulting from the unauthorized disclosure of the described information. - - - Confidentiality Impact Level: The expected level of impact resulting from the unauthorized disclosure of the described information. - - - - - - - - - - Adjustment Justification - If the selected security level is different from the base security level, this contains the justification for the change. - - - Adjustment Justification: If the selected security level is different from the base security level, this contains the justification for the change. - - - - - - - - - - - - - Integrity Impact Level - The expected level of impact resulting from the unauthorized modification of the described information. - - - Integrity Impact Level: The expected level of impact resulting from the unauthorized modification of the described information. - - - - - - - - - - Adjustment Justification - If the selected security level is different from the base security level, this contains the justification for the change. - - - Adjustment Justification: If the selected security level is different from the base security level, this contains the justification for the change. - - - - - - - - - - - - - Availability Impact Level - The expected level of impact resulting from the disruption of access to or use of the described information or the information system. - - - Availability Impact Level: The expected level of impact resulting from the disruption of access to or use of the described information or the information system. - - - - - - - - - - Adjustment Justification - If the selected security level is different from the base security level, this contains the justification for the change. - - - Adjustment Justification: If the selected security level is different from the base security level, this contains the justification for the change. - - - - - - - - + + + @@ -472,6 +355,47 @@ + + + + Impact Level + The expected level of impact resulting from the described information. + + + Impact Level: The expected level of impact resulting from the described information. + + + + + + + + + + Adjustment Justification + If the selected security level is different from the base security level, this contains the justification for the change. + + + Adjustment Justification: If the selected security level is different from the base security level, this contains the justification for the change. + + + + + + + From ca4e5d34f206f20bb7e99ceac6dad339aeec7d71 Mon Sep 17 00:00:00 2001 From: Alexander Stein Date: Wed, 31 Aug 2022 10:39:05 -0400 Subject: [PATCH 054/138] imported-from relations for usnistgov/OSCAL#1023. (#1403) Co-authored-by: David Waltermire Signed-off-by: Alexander Stein --- README_validations.md | 2 +- build/ci-cd/README.md | 4 ++-- build/ci-cd/python/{readme.md => README.md} | 4 ++-- docs/content/contribute/dev-lunch/meeting-2020-05-07.md | 2 +- docs/content/contribute/dev-lunch/meeting-2020-05-21.md | 2 +- src/metaschema/oscal_implementation-common_metaschema.xml | 1 + src/metaschema/oscal_ssp_metaschema.xml | 4 ++++ xml/README.md | 4 ++-- 8 files changed, 14 insertions(+), 9 deletions(-) rename build/ci-cd/python/{readme.md => README.md} (97%) diff --git a/README_validations.md b/README_validations.md index 7a64a1b122..76dbd75c08 100644 --- a/README_validations.md +++ b/README_validations.md @@ -26,7 +26,7 @@ For OSCAL XML, this schema syntax is [XML Schema Definition (XSD)](https://www.w Each tool will have its own way to provide for validation. Bindings or configurations to link documents to schemas can be maintained either inside or outside the documents themselves; many tools offer several ways to do this. -Some tools support self-contained validation functionality without full-fledged application frameworks or development environments, with tools like [`xmllint`](http://xmlsoft.org/xmllint.html) offering command-line interfaces. Similarly, you can use the [`ajv-cli`](https://github.com/ajv-validator/ajv-cli) for JSON. +Some tools support self-contained validation functionality without full-fledged application frameworks or development environments, with tools like [`xmllint`](https://linux.die.net/man/1/xmllint/) offering command-line interfaces. Similarly, you can use the [`ajv-cli`](https://github.com/ajv-validator/ajv-cli) for JSON. ## What does success look like? diff --git a/build/ci-cd/README.md b/build/ci-cd/README.md index a3cbd4e782..c1452118b0 100644 --- a/build/ci-cd/README.md +++ b/build/ci-cd/README.md @@ -65,8 +65,8 @@ Not every script above is run with every pull request as part of the CI/CD syste The bash scripts used in the CI/CD workflow can be run locally in the correct environment. In addition to a bash shell, to run these scripts the following must be installed: -- [xmlint](http://xmlsoft.org/xmllint.html) -- Java 8.0 or greater +- [xmlint](https://linux.die.net/man/1/xmllint/) +- Java 11 or greater - [Apache Maven](https://maven.apache.org/) 3.6.1 or greater - [Node.js and Node Package Manager (NPM)](https://nodejs.org/en/) 10.15.3 or greater - 'Another Json Validator' Command Line Interface ([ajv-cli](https://github.com/jessedc/ajv-cli)) v3.0.0 or greater diff --git a/build/ci-cd/python/readme.md b/build/ci-cd/python/README.md similarity index 97% rename from build/ci-cd/python/readme.md rename to build/ci-cd/python/README.md index fdb9602d07..377a76d21a 100644 --- a/build/ci-cd/python/readme.md +++ b/build/ci-cd/python/README.md @@ -5,8 +5,8 @@ This code provides test coverage to validate the OSCAL artifacts as new document ### Pre-Requisites 1. [Python 2.7.10 or greater](https://www.python.org/) -2. [xmllint](http://xmlsoft.org/xmllint.html) -3. Java 8.0 or greater +2. [xmllint](https://linux.die.net/man/1/xmllint/) +3. Java 11 or greater 4. [Saxon 10 HE](http://saxon.sourceforge.net/) ### Instructions diff --git a/docs/content/contribute/dev-lunch/meeting-2020-05-07.md b/docs/content/contribute/dev-lunch/meeting-2020-05-07.md index 048a633316..f79bf9f0d7 100644 --- a/docs/content/contribute/dev-lunch/meeting-2020-05-07.md +++ b/docs/content/contribute/dev-lunch/meeting-2020-05-07.md @@ -19,4 +19,4 @@ sidenav: ## Notes -- There is interest in having the model discussion. A Doodle pool will be sent to the oscal-dev@nist.gov mailing list to find a good day. +- There is interest in having the model discussion. A Doodle pool will be sent to the oscal-dev@list.nist.gov mailing list to find a good day. diff --git a/docs/content/contribute/dev-lunch/meeting-2020-05-21.md b/docs/content/contribute/dev-lunch/meeting-2020-05-21.md index 20553b926c..534bdcd220 100644 --- a/docs/content/contribute/dev-lunch/meeting-2020-05-21.md +++ b/docs/content/contribute/dev-lunch/meeting-2020-05-21.md @@ -19,4 +19,4 @@ sidenav: ## Notes -- The Doodle pool results show that Fridays @ 10am EDT are the best time to have the model review meeting. The OSCAL team will send out a meeting invite for this time to the oscal-dev@nist.gov mailing list. +- The Doodle pool results show that Fridays @ 10am EDT are the best time to have the model review meeting. The OSCAL team will send out a meeting invite for this time to the [oscal-dev@list.nist.gov](mailto:oscal-dev@list.nist.gov) mailing list. diff --git a/src/metaschema/oscal_implementation-common_metaschema.xml b/src/metaschema/oscal_implementation-common_metaschema.xml index 199eb552ee..68097e6bae 100644 --- a/src/metaschema/oscal_implementation-common_metaschema.xml +++ b/src/metaschema/oscal_implementation-common_metaschema.xml @@ -109,6 +109,7 @@ &allowed-values-component_component_link-rel; This component uses the network provided by the identified network component. + The hyperlink identifies a URI pointing to the component in a component-definition that originally defined the component. diff --git a/src/metaschema/oscal_ssp_metaschema.xml b/src/metaschema/oscal_ssp_metaschema.xml index de446373a2..216190339e 100644 --- a/src/metaschema/oscal_ssp_metaschema.xml +++ b/src/metaschema/oscal_ssp_metaschema.xml @@ -1020,6 +1020,10 @@ + + + The hyperlink identifies a URI pointing to the component in a component-definition that originally described the component this component was based on. + &allowed-values-responsible-roles-operations; &allowed-values-responsible-roles-component-production; diff --git a/xml/README.md b/xml/README.md index 5a6f6b7b42..60598e7a77 100644 --- a/xml/README.md +++ b/xml/README.md @@ -36,7 +36,7 @@ XML Schema based on the [XML Schema Definition Language (XSD) 1.1](https://www.w ## Validating OSCAL XML Content -The OSCAL project uses [xmllint](http://xmlsoft.org/xmllint.html) to perform automated validation of all XML-based OSCAL [content](../content) provided in this repository. *xmllint* is an open source tool that can be [downloaded](http://xmlsoft.org/downloads.html), installed, and run on OSX, Linux, and Windows environments. +The OSCAL project uses [xmllint](https://linux.die.net/man/1/xmllint/) to perform automated validation of all XML-based OSCAL [content](../content) provided in this repository. *xmllint* is an open source tool that can be downloaded, installed, and run on OSX, Linux, and Windows environments with your preferred package manager. The following example uses **xmllint** to perform validation of an OSCAL catalog XML file. @@ -44,7 +44,7 @@ The following example uses **xmllint** to perform validation of an OSCAL catalog xmllint --noout --schema "oscal_catalog_schema.xsd" "catalog.xml" ``` -The [online documentation](http://xmlsoft.org/xmllint.html) for *xmllint* provides more information on the commandline arguments. +The [online documentation](https://linux.die.net/man/1/xmllint/) for *xmllint* provides more information on the commandline arguments. # OSCAL JSON to XML Converters From b231958af7ea59da70ae214e9ba052a8465e2d36 Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Fri, 9 Sep 2022 09:30:02 -0400 Subject: [PATCH 055/138] Fixed errors in profile resolution top-level tests based on content errors. --- .gitignore | 9 +++------ .../catalogs/abc-full_catalog.xml | 4 ++-- .../catalogs/abc-simple_catalog.xml | 4 ++-- .../output-expected/base-test_profile_RESOLVED.xml | 9 +++------ .../exclude-call-test_profile_RESOLVED.xml | 4 ++-- .../include-all-no-children-test_profile_RESOLVED.xml | 4 ++-- .../include-all-test_profile_RESOLVED.xml | 4 ++-- .../include-call-with-children-test_profile_RESOLVED.xml | 4 ++-- 8 files changed, 18 insertions(+), 24 deletions(-) diff --git a/.gitignore b/.gitignore index 0b81a34a6f..d12a8f4df0 100644 --- a/.gitignore +++ b/.gitignore @@ -29,12 +29,6 @@ target/ /archive /roundtrip /svrl -# Produced by bundler -/docs/.bundle -/docs/vendor -# Produced in CircleCI build -/.skipbuild -/.runbuild # Generated by scripts .metaschema-cache # generated by Hugo @@ -46,6 +40,7 @@ target/ # generated by Hugo /docs/resources /docs/public +/docs/.hugo_build.lock # generated by NodeJS /docs/node_modules # generated by /build/ci-cd/generate-specification-documentation.sh @@ -58,3 +53,5 @@ node_modules/ # Files build by CI/CD /docs/content/documentation/specification/processing/profile-resolution.html /docs/scratch-dir +/.skipbuild +/.runbuild diff --git a/src/specifications/profile-resolution/profile-resolution-examples/catalogs/abc-full_catalog.xml b/src/specifications/profile-resolution/profile-resolution-examples/catalogs/abc-full_catalog.xml index c0ffe9ce3d..955838df22 100644 --- a/src/specifications/profile-resolution/profile-resolution-examples/catalogs/abc-full_catalog.xml +++ b/src/specifications/profile-resolution/profile-resolution-examples/catalogs/abc-full_catalog.xml @@ -107,13 +107,13 @@ Control C3-A - +

    C3 A ccccc cccccccccccccc.

    Control C3-A-1 - +

    C3 A-1 ccccc cccccccccccccc.

    diff --git a/src/specifications/profile-resolution/profile-resolution-examples/catalogs/abc-simple_catalog.xml b/src/specifications/profile-resolution/profile-resolution-examples/catalogs/abc-simple_catalog.xml index f27dc2cd95..f41d41f062 100644 --- a/src/specifications/profile-resolution/profile-resolution-examples/catalogs/abc-simple_catalog.xml +++ b/src/specifications/profile-resolution/profile-resolution-examples/catalogs/abc-simple_catalog.xml @@ -90,13 +90,13 @@ Control C3-A - +

    C3 A ccccc cccccccccccccc.

    Control C3-A-1 - +

    C3 A-1 ccccc cccccccccccccc.

    diff --git a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/base-test_profile_RESOLVED.xml b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/base-test_profile_RESOLVED.xml index 3f2f9c65de..adbad28268 100644 --- a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/base-test_profile_RESOLVED.xml +++ b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/base-test_profile_RESOLVED.xml @@ -46,17 +46,14 @@ Control C3-A - +

    C3 A ccccc cccccccccccccc.

    Control C3-A-1 - - + +

    C3 A-1 ccccc cccccccccccccc.

    diff --git a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/exclude-call-test_profile_RESOLVED.xml b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/exclude-call-test_profile_RESOLVED.xml index 5187371f20..6b00a7c98e 100644 --- a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/exclude-call-test_profile_RESOLVED.xml +++ b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/exclude-call-test_profile_RESOLVED.xml @@ -71,14 +71,14 @@ Control C3-A - +

    C3 A ccccc cccccccccccccc.

    Control C3-A-1 - +

    C3 A-1 ccccc cccccccccccccc.

    diff --git a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/include-all-no-children-test_profile_RESOLVED.xml b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/include-all-no-children-test_profile_RESOLVED.xml index ed4ab1ea9d..a92c76e5a1 100644 --- a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/include-all-no-children-test_profile_RESOLVED.xml +++ b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/include-all-no-children-test_profile_RESOLVED.xml @@ -98,14 +98,14 @@ Control C3-A - +

    C3 A ccccc cccccccccccccc.

    Control C3-A-1 - +

    C3 A-1 ccccc cccccccccccccc.

    diff --git a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/include-all-test_profile_RESOLVED.xml b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/include-all-test_profile_RESOLVED.xml index 1467b2616e..ade04767d2 100644 --- a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/include-all-test_profile_RESOLVED.xml +++ b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/include-all-test_profile_RESOLVED.xml @@ -105,13 +105,13 @@ Control C3-A - +

    C3 A ccccc cccccccccccccc.

    Control C3-A-1 - +

    C3 A-1 ccccc cccccccccccccc.

    diff --git a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/include-call-with-children-test_profile_RESOLVED.xml b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/include-call-with-children-test_profile_RESOLVED.xml index a423fc51b1..1930894e2d 100644 --- a/src/specifications/profile-resolution/profile-resolution-examples/output-expected/include-call-with-children-test_profile_RESOLVED.xml +++ b/src/specifications/profile-resolution/profile-resolution-examples/output-expected/include-call-with-children-test_profile_RESOLVED.xml @@ -47,7 +47,7 @@ + id="c3.a-stmt">

    C3 A ccccc cccccccccccccc.

    @@ -56,7 +56,7 @@ + id="c3.a-1-stmt">

    C3 A-1 ccccc cccccccccccccc.

    From c38aa86dce1ffa6c6516175f377d6d31c235692b Mon Sep 17 00:00:00 2001 From: Alexander Stein Date: Mon, 19 Sep 2022 11:56:44 -0400 Subject: [PATCH 056/138] Update metaschema submodule for usnistgov/OSCAL#1454. (#1455) * Update metaschema submodule for usnistgov/OSCAL#1454. * Update obsolete GCN FR OSCAL article link While working on usnistgov/OSCAL#1454, this link appears to have changed on the GCN news site, so we update. More info in failed build here. https://github.com/usnistgov/OSCAL/actions/runs/3054991503 Additionaly we formatted it back down to a conventional Markdown link. Previously it was an inline with data-proofer-ignore='yes' attribute and it was/is unclear why that was done. No conclusive evidence found with git blamen on a call with Dave. Be forewarned: if you found this commit to understand, you have likely gone too far. --- build/metaschema | 2 +- docs/content/about/news.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/build/metaschema b/build/metaschema index f28a588f0e..9686b09db4 160000 --- a/build/metaschema +++ b/build/metaschema @@ -1 +1 @@ -Subproject commit f28a588f0e9ac013125ed0f118f0fcaef4d1a6e2 +Subproject commit 9686b09db4eeee34b88d3281371c7498beb46169 diff --git a/docs/content/about/news.md b/docs/content/about/news.md index 1e7370ece3..1a7a24065b 100644 --- a/docs/content/about/news.md +++ b/docs/content/about/news.md @@ -15,7 +15,7 @@ toc: - [OSCAL 1.0.0 Milestone 2 Released](https://pages.nist.gov/OSCAL/contribute/roadmap/#oscal-100-milestone-2) - October 1, 2019 - [OSCAL 1.0.0 Milestone 1 Released](https://pages.nist.gov/OSCAL/contribute/roadmap/#oscal-100-milestone-1) - June 15, 2019 - [What's Next for FedRAMP? Automation, new authorizations later this year](https://federalnewsnetwork.com/federal-cloud-report/2018/06/whats-next-for-fedramp-automation-new-authorizations-and-more-later-this-year/) - June 25, 2018 -- FedRAMP Looks to NIST for Security Control Refinements - June 14, 2018 +- [FedRAMP Looks to NIST for Security Control Refinements](https://gcn.com/cloud-infrastructure/2021/08/fedramp-leans-into-oscal-for-streamlining-authorizations/316255/) - June 14, 2018 - [Automating Compliance for Highly Regulated Industries with Docker Enterprise Edition and OSCAL](https://www.mirantis.com/blog/automating-compliance-for-highly-regulated-industries-with-docker-enterprise-edition-and-oscal) - May 3, 2018 - [You're Nuts! Automating Your 1000+ Page FedRAMP System Security Plan?](https://www.govloop.com/community/blog/youre-nuts-automating-1000page-fedramp-system-security-plan/) - August 14, 2017 - [Government CIOs Lean Toward Cloud for Security](https://www.meritalk.com/articles/government-cios-lean-toward-cloud-for-security/) - April 21, 2016 From a71fb5920276f9e4c7572faa2bf7565481be0f36 Mon Sep 17 00:00:00 2001 From: aj-stein-nist Date: Mon, 19 Sep 2022 16:01:56 +0000 Subject: [PATCH 057/138] Publishing generated metaschema resources [ci skip] --- json/schema/oscal_assessment-plan_schema.json | 2 +- json/schema/oscal_assessment-results_schema.json | 2 +- json/schema/oscal_catalog_schema.json | 2 +- json/schema/oscal_complete_schema.json | 2 +- json/schema/oscal_component_schema.json | 2 +- json/schema/oscal_mapping_schema.json | 2 +- json/schema/oscal_poam_schema.json | 2 +- json/schema/oscal_profile_schema.json | 2 +- json/schema/oscal_ssp_schema.json | 2 +- xml/schema/oscal_assessment-plan_schema.xsd | 7 ++++++- xml/schema/oscal_assessment-results_schema.xsd | 7 ++++++- xml/schema/oscal_catalog_schema.xsd | 7 ++++++- xml/schema/oscal_complete_schema.xsd | 7 ++++++- xml/schema/oscal_component_schema.xsd | 7 ++++++- xml/schema/oscal_mapping_schema.xsd | 7 ++++++- xml/schema/oscal_poam_schema.xsd | 7 ++++++- xml/schema/oscal_profile_schema.xsd | 7 ++++++- xml/schema/oscal_ssp_schema.xsd | 7 ++++++- 18 files changed, 63 insertions(+), 18 deletions(-) diff --git a/json/schema/oscal_assessment-plan_schema.json b/json/schema/oscal_assessment-plan_schema.json index c8245af5f9..353b2cb441 100644 --- a/json/schema/oscal_assessment-plan_schema.json +++ b/json/schema/oscal_assessment-plan_schema.json @@ -2654,7 +2654,7 @@ "DateTimeWithTimezoneDatatype" : { "type" : "string", "format" : "date-time", - "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, "EmailAddressDatatype" : { "type" : "string", "format" : "email", diff --git a/json/schema/oscal_assessment-results_schema.json b/json/schema/oscal_assessment-results_schema.json index fd2f06759a..5c42494166 100644 --- a/json/schema/oscal_assessment-results_schema.json +++ b/json/schema/oscal_assessment-results_schema.json @@ -2884,7 +2884,7 @@ "DateTimeWithTimezoneDatatype" : { "type" : "string", "format" : "date-time", - "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, "EmailAddressDatatype" : { "type" : "string", "format" : "email", diff --git a/json/schema/oscal_catalog_schema.json b/json/schema/oscal_catalog_schema.json index da1c077274..8e40b1b630 100644 --- a/json/schema/oscal_catalog_schema.json +++ b/json/schema/oscal_catalog_schema.json @@ -1105,7 +1105,7 @@ "DateTimeWithTimezoneDatatype" : { "type" : "string", "format" : "date-time", - "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, "EmailAddressDatatype" : { "type" : "string", "format" : "email", diff --git a/json/schema/oscal_complete_schema.json b/json/schema/oscal_complete_schema.json index b87906b20e..e6e81265c3 100644 --- a/json/schema/oscal_complete_schema.json +++ b/json/schema/oscal_complete_schema.json @@ -4961,7 +4961,7 @@ "DateTimeWithTimezoneDatatype" : { "type" : "string", "format" : "date-time", - "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, "EmailAddressDatatype" : { "type" : "string", "format" : "email", diff --git a/json/schema/oscal_component_schema.json b/json/schema/oscal_component_schema.json index 3bb46dae6d..94a4d411fe 100644 --- a/json/schema/oscal_component_schema.json +++ b/json/schema/oscal_component_schema.json @@ -1449,7 +1449,7 @@ "DateTimeWithTimezoneDatatype" : { "type" : "string", "format" : "date-time", - "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, "EmailAddressDatatype" : { "type" : "string", "format" : "email", diff --git a/json/schema/oscal_mapping_schema.json b/json/schema/oscal_mapping_schema.json index db6a939c73..0791b68014 100644 --- a/json/schema/oscal_mapping_schema.json +++ b/json/schema/oscal_mapping_schema.json @@ -824,7 +824,7 @@ "DateTimeWithTimezoneDatatype" : { "type" : "string", "format" : "date-time", - "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, "EmailAddressDatatype" : { "type" : "string", "format" : "email", diff --git a/json/schema/oscal_poam_schema.json b/json/schema/oscal_poam_schema.json index fc8e2c8464..cd40df5fff 100644 --- a/json/schema/oscal_poam_schema.json +++ b/json/schema/oscal_poam_schema.json @@ -2715,7 +2715,7 @@ "DateTimeWithTimezoneDatatype" : { "type" : "string", "format" : "date-time", - "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, "EmailAddressDatatype" : { "type" : "string", "format" : "email", diff --git a/json/schema/oscal_profile_schema.json b/json/schema/oscal_profile_schema.json index ef7bdfeb79..195b0e3811 100644 --- a/json/schema/oscal_profile_schema.json +++ b/json/schema/oscal_profile_schema.json @@ -1214,7 +1214,7 @@ "DateTimeWithTimezoneDatatype" : { "type" : "string", "format" : "date-time", - "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, "EmailAddressDatatype" : { "type" : "string", "format" : "email", diff --git a/json/schema/oscal_ssp_schema.json b/json/schema/oscal_ssp_schema.json index 1085903664..6c315e6440 100644 --- a/json/schema/oscal_ssp_schema.json +++ b/json/schema/oscal_ssp_schema.json @@ -1977,7 +1977,7 @@ "DateTimeWithTimezoneDatatype" : { "type" : "string", "format" : "date-time", - "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" }, + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, "EmailAddressDatatype" : { "type" : "string", "format" : "email", diff --git a/xml/schema/oscal_assessment-plan_schema.xsd b/xml/schema/oscal_assessment-plan_schema.xsd index 9f2c8ff268..4d5c0e5610 100644 --- a/xml/schema/oscal_assessment-plan_schema.xsd +++ b/xml/schema/oscal_assessment-plan_schema.xsd @@ -4871,12 +4871,17 @@
    + + + + + The xs:dateTime with a required timezone. - + diff --git a/xml/schema/oscal_assessment-results_schema.xsd b/xml/schema/oscal_assessment-results_schema.xsd index 8ee67e0a93..0f65815bbc 100644 --- a/xml/schema/oscal_assessment-results_schema.xsd +++ b/xml/schema/oscal_assessment-results_schema.xsd @@ -5296,12 +5296,17 @@ + + + + + The xs:dateTime with a required timezone. - + diff --git a/xml/schema/oscal_catalog_schema.xsd b/xml/schema/oscal_catalog_schema.xsd index 6dbeffafa2..2dbbedcb6a 100644 --- a/xml/schema/oscal_catalog_schema.xsd +++ b/xml/schema/oscal_catalog_schema.xsd @@ -2055,12 +2055,17 @@ + + + + + The xs:dateTime with a required timezone. - + diff --git a/xml/schema/oscal_complete_schema.xsd b/xml/schema/oscal_complete_schema.xsd index 878bd569eb..73614d0129 100644 --- a/xml/schema/oscal_complete_schema.xsd +++ b/xml/schema/oscal_complete_schema.xsd @@ -8654,12 +8654,17 @@ + + + + + The xs:dateTime with a required timezone. - + diff --git a/xml/schema/oscal_component_schema.xsd b/xml/schema/oscal_component_schema.xsd index 0efd3c55a8..981d92716b 100644 --- a/xml/schema/oscal_component_schema.xsd +++ b/xml/schema/oscal_component_schema.xsd @@ -2764,12 +2764,17 @@ + + + + + The xs:dateTime with a required timezone. - + diff --git a/xml/schema/oscal_mapping_schema.xsd b/xml/schema/oscal_mapping_schema.xsd index b5b1054a34..1088dfe95d 100644 --- a/xml/schema/oscal_mapping_schema.xsd +++ b/xml/schema/oscal_mapping_schema.xsd @@ -1581,12 +1581,17 @@ + + + + + The xs:dateTime with a required timezone. - + diff --git a/xml/schema/oscal_poam_schema.xsd b/xml/schema/oscal_poam_schema.xsd index b895a1f1c6..4c14d0be4a 100644 --- a/xml/schema/oscal_poam_schema.xsd +++ b/xml/schema/oscal_poam_schema.xsd @@ -4983,12 +4983,17 @@ + + + + + The xs:dateTime with a required timezone. - + diff --git a/xml/schema/oscal_profile_schema.xsd b/xml/schema/oscal_profile_schema.xsd index 9b3c3364ae..4624e1c01d 100644 --- a/xml/schema/oscal_profile_schema.xsd +++ b/xml/schema/oscal_profile_schema.xsd @@ -2259,12 +2259,17 @@ + + + + + The xs:dateTime with a required timezone. - + diff --git a/xml/schema/oscal_ssp_schema.xsd b/xml/schema/oscal_ssp_schema.xsd index 490bd0c249..4234f11bf8 100644 --- a/xml/schema/oscal_ssp_schema.xsd +++ b/xml/schema/oscal_ssp_schema.xsd @@ -3697,12 +3697,17 @@ + + + + + The xs:dateTime with a required timezone. - + From cf3f589dcd110afffd97c26a820f574a07556f2e Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Tue, 20 Sep 2022 11:10:03 -0400 Subject: [PATCH 058/138] Added JSON value key for relationship type. This missing value key was discovered as part of #1458. (#1462) --- src/metaschema/oscal_mapping-common_metaschema.xml | 1 + 1 file changed, 1 insertion(+) diff --git a/src/metaschema/oscal_mapping-common_metaschema.xml b/src/metaschema/oscal_mapping-common_metaschema.xml index 5330cedf9a..a7c5f63582 100644 --- a/src/metaschema/oscal_mapping-common_metaschema.xml +++ b/src/metaschema/oscal_mapping-common_metaschema.xml @@ -27,6 +27,7 @@ Mapping Entry Relationship The relationship type for the mapping entry, which describes the relationship between the effective requirements of the specified source and target sets. + type Relationship Value Namespace A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name. From 2da4e5f11e58711b0e4e0209d15cdbd490eb26a7 Mon Sep 17 00:00:00 2001 From: david-waltermire-nist Date: Tue, 20 Sep 2022 15:17:07 +0000 Subject: [PATCH 059/138] Publishing generated metaschema resources [ci skip] --- json/convert/oscal_catalog_xml-to-json-converter.xsl | 4 ++-- json/convert/oscal_complete_xml-to-json-converter.xsl | 6 +++--- json/convert/oscal_mapping_xml-to-json-converter.xsl | 2 +- json/schema/oscal_catalog_schema.json | 4 ++-- json/schema/oscal_complete_schema.json | 4 ++-- json/schema/oscal_mapping_schema.json | 4 ++-- xml/convert/oscal_catalog_json-to-xml-converter.xsl | 4 ++-- xml/convert/oscal_complete_json-to-xml-converter.xsl | 6 +++--- xml/convert/oscal_mapping_json-to-xml-converter.xsl | 2 +- 9 files changed, 18 insertions(+), 18 deletions(-) diff --git a/json/convert/oscal_catalog_xml-to-json-converter.xsl b/json/convert/oscal_catalog_xml-to-json-converter.xsl index 074f599465..d3c02fbc02 100644 --- a/json/convert/oscal_catalog_xml-to-json-converter.xsl +++ b/json/convert/oscal_catalog_xml-to-json-converter.xsl @@ -2409,7 +2409,7 @@ relationship - + @@ -2904,7 +2904,7 @@ relationship - + diff --git a/json/convert/oscal_complete_xml-to-json-converter.xsl b/json/convert/oscal_complete_xml-to-json-converter.xsl index 638942c2db..550f6f45d3 100644 --- a/json/convert/oscal_complete_xml-to-json-converter.xsl +++ b/json/convert/oscal_complete_xml-to-json-converter.xsl @@ -6040,7 +6040,7 @@ relationship - + @@ -6535,7 +6535,7 @@ relationship - + @@ -7594,7 +7594,7 @@ relationship - + diff --git a/json/convert/oscal_mapping_xml-to-json-converter.xsl b/json/convert/oscal_mapping_xml-to-json-converter.xsl index 2ad08821ab..8a3e976649 100644 --- a/json/convert/oscal_mapping_xml-to-json-converter.xsl +++ b/json/convert/oscal_mapping_xml-to-json-converter.xsl @@ -1758,7 +1758,7 @@ relationship - + diff --git a/json/schema/oscal_catalog_schema.json b/json/schema/oscal_catalog_schema.json index 8e40b1b630..b3d8dedf0b 100644 --- a/json/schema/oscal_catalog_schema.json +++ b/json/schema/oscal_catalog_schema.json @@ -998,10 +998,10 @@ { "title" : "Relationship Value Namespace", "description" : "A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name.", "$ref" : "#/definitions/URIDatatype" }, - "STRVALUE" : + "type" : { "type" : "string" } }, "required" : - [ "STRVALUE" ], + [ "type" ], "additionalProperties" : false, "enum" : [ "equivalent-to", diff --git a/json/schema/oscal_complete_schema.json b/json/schema/oscal_complete_schema.json index e6e81265c3..0877863bc2 100644 --- a/json/schema/oscal_complete_schema.json +++ b/json/schema/oscal_complete_schema.json @@ -998,10 +998,10 @@ { "title" : "Relationship Value Namespace", "description" : "A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name.", "$ref" : "#/definitions/URIDatatype" }, - "STRVALUE" : + "type" : { "type" : "string" } }, "required" : - [ "STRVALUE" ], + [ "type" ], "additionalProperties" : false, "enum" : [ "equivalent-to", diff --git a/json/schema/oscal_mapping_schema.json b/json/schema/oscal_mapping_schema.json index 0791b68014..c95e3d2d34 100644 --- a/json/schema/oscal_mapping_schema.json +++ b/json/schema/oscal_mapping_schema.json @@ -717,10 +717,10 @@ { "title" : "Relationship Value Namespace", "description" : "A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name.", "$ref" : "#/definitions/URIDatatype" }, - "STRVALUE" : + "type" : { "type" : "string" } }, "required" : - [ "STRVALUE" ], + [ "type" ], "additionalProperties" : false, "enum" : [ "equivalent-to", diff --git a/xml/convert/oscal_catalog_json-to-xml-converter.xsl b/xml/convert/oscal_catalog_json-to-xml-converter.xsl index beb904085f..1dba876d43 100644 --- a/xml/convert/oscal_catalog_json-to-xml-converter.xsl +++ b/xml/convert/oscal_catalog_json-to-xml-converter.xsl @@ -2441,7 +2441,7 @@ - + @@ -3139,7 +3139,7 @@ - + diff --git a/xml/convert/oscal_complete_json-to-xml-converter.xsl b/xml/convert/oscal_complete_json-to-xml-converter.xsl index 98eef594f3..dc34ac7211 100644 --- a/xml/convert/oscal_complete_json-to-xml-converter.xsl +++ b/xml/convert/oscal_complete_json-to-xml-converter.xsl @@ -5256,7 +5256,7 @@ - + @@ -5954,7 +5954,7 @@ - + @@ -7207,7 +7207,7 @@ - + diff --git a/xml/convert/oscal_mapping_json-to-xml-converter.xsl b/xml/convert/oscal_mapping_json-to-xml-converter.xsl index 4ed721179b..74239409e7 100644 --- a/xml/convert/oscal_mapping_json-to-xml-converter.xsl +++ b/xml/convert/oscal_mapping_json-to-xml-converter.xsl @@ -1791,7 +1791,7 @@ - + From bb8f4273fb734e409fdc2b2399adb4c0c088698f Mon Sep 17 00:00:00 2001 From: Alexander Stein Date: Mon, 26 Sep 2022 12:57:31 -0400 Subject: [PATCH 060/138] Add actions assembly to encode an action (i.e. approval) and its role, party, and approval date. (#1052) (#1429) * Create actions assembly in OSCAL metadata model. * Address PR feedback to wrap up. https://github.com/usnistgov/OSCAL/pull/1052#pullrequestreview-1079613752 https://github.com/usnistgov/OSCAL/pull/1052#discussion_r950777018 Co-authored-by: Al S --- src/metaschema/oscal_metadata_metaschema.xml | 56 ++++++++++++++++++++ 1 file changed, 56 insertions(+) diff --git a/src/metaschema/oscal_metadata_metaschema.xml b/src/metaschema/oscal_metadata_metaschema.xml index 2ea0c03416..848123ac94 100644 --- a/src/metaschema/oscal_metadata_metaschema.xml +++ b/src/metaschema/oscal_metadata_metaschema.xml @@ -52,6 +52,9 @@ + + + @@ -759,6 +762,59 @@ + + + Action + An action applied by a role within a given party to the content. + + Action Universally Unique Identifier + A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document. + + + Action Occurrence Date + The date and time when the action occurred. + + + Action Type + The type of action documented by the assembly, such as an approval. + + + Action Type System + Specifies the action type system used. + +

    Provides a means to segment the value space for the type, so that different organizations and individuals can assert control over the allowed action's type. This allows the semantics associated with a given type to be defined on an organization-by-organization basis.

    +

    An organization MUST use a URI that they have control over. e.g., a domain registered to the organization in a URI, a registered uniform resource names (URN) namespace.

    +
    +
    + + + + + + + + + + + + + + + + + + + + + This value identifies action types defined in the NIST OSCAL namespace. + + + An approval of a document instance's content. + A request from the responisble party or parties to change the content. + + +
    + Responsible Role A reference to one or more roles with responsibility for performing a function relative to the containing object. From a74ecba0e5069834e4e63f11974e0cfebb2086e2 Mon Sep 17 00:00:00 2001 From: david-waltermire-nist Date: Mon, 26 Sep 2022 17:02:26 +0000 Subject: [PATCH 061/138] Publishing generated metaschema resources [ci skip] --- ..._assessment-plan_xml-to-json-converter.xsl | 121 ++++- ...sessment-results_xml-to-json-converter.xsl | 121 ++++- .../oscal_catalog_xml-to-json-converter.xsl | 121 ++++- .../oscal_complete_xml-to-json-converter.xsl | 373 ++++++++++++++- .../oscal_component_xml-to-json-converter.xsl | 121 ++++- .../oscal_mapping_xml-to-json-converter.xsl | 121 ++++- .../oscal_poam_xml-to-json-converter.xsl | 121 ++++- .../oscal_profile_xml-to-json-converter.xsl | 121 ++++- .../oscal_ssp_xml-to-json-converter.xsl | 121 ++++- json/schema/oscal_assessment-plan_schema.json | 49 ++ .../oscal_assessment-results_schema.json | 49 ++ json/schema/oscal_catalog_schema.json | 49 ++ json/schema/oscal_complete_schema.json | 49 ++ json/schema/oscal_component_schema.json | 49 ++ json/schema/oscal_mapping_schema.json | 49 ++ json/schema/oscal_poam_schema.json | 49 ++ json/schema/oscal_profile_schema.json | 49 ++ json/schema/oscal_ssp_schema.json | 49 ++ ..._assessment-plan_json-to-xml-converter.xsl | 113 +++++ ...sessment-results_json-to-xml-converter.xsl | 113 +++++ .../oscal_catalog_json-to-xml-converter.xsl | 113 +++++ .../oscal_complete_json-to-xml-converter.xsl | 435 ++++++++++++++++++ .../oscal_component_json-to-xml-converter.xsl | 113 +++++ .../oscal_mapping_json-to-xml-converter.xsl | 113 +++++ .../oscal_poam_json-to-xml-converter.xsl | 113 +++++ .../oscal_profile_json-to-xml-converter.xsl | 113 +++++ .../oscal_ssp_json-to-xml-converter.xsl | 113 +++++ xml/schema/oscal_assessment-plan_schema.xsd | 81 ++++ .../oscal_assessment-results_schema.xsd | 81 ++++ xml/schema/oscal_catalog_schema.xsd | 81 ++++ xml/schema/oscal_complete_schema.xsd | 81 ++++ xml/schema/oscal_component_schema.xsd | 81 ++++ xml/schema/oscal_mapping_schema.xsd | 81 ++++ xml/schema/oscal_poam_schema.xsd | 81 ++++ xml/schema/oscal_profile_schema.xsd | 81 ++++ xml/schema/oscal_ssp_schema.xsd | 81 ++++ 36 files changed, 3841 insertions(+), 9 deletions(-) diff --git a/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl b/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl index cd149ddadb..570f62d77d 100644 --- a/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl +++ b/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl @@ -76,7 +76,7 @@
    - + @@ -176,6 +176,13 @@
    + + + + + + + @@ -368,6 +375,38 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -1348,6 +1387,50 @@ + + + + + + + + + + + + + + + + + + + + @@ -2601,6 +2684,42 @@ + + + + + text + + + + + + + + + + + text + + + + + + diff --git a/json/convert/oscal_assessment-results_xml-to-json-converter.xsl b/json/convert/oscal_assessment-results_xml-to-json-converter.xsl index ee43bae3b7..522bf1ab05 100644 --- a/json/convert/oscal_assessment-results_xml-to-json-converter.xsl +++ b/json/convert/oscal_assessment-results_xml-to-json-converter.xsl @@ -76,7 +76,7 @@ - + @@ -168,6 +168,13 @@ + + + + + + + @@ -360,6 +367,38 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -1806,6 +1845,50 @@ + + + + + + + + + + + + + + + + + + + + @@ -3442,6 +3525,42 @@ + + + + + text + + + + + + + + + + + text + + + + + + diff --git a/json/convert/oscal_catalog_xml-to-json-converter.xsl b/json/convert/oscal_catalog_xml-to-json-converter.xsl index d3c02fbc02..0ce7c28285 100644 --- a/json/convert/oscal_catalog_xml-to-json-converter.xsl +++ b/json/convert/oscal_catalog_xml-to-json-converter.xsl @@ -76,7 +76,7 @@ - + @@ -178,6 +178,13 @@ + + + + + + + @@ -370,6 +377,38 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -1010,6 +1049,50 @@ + + + + + + + + + + + + + + + + + + + + @@ -2027,6 +2110,42 @@ + + + + + text + + + + + + + + + + + text + + + + + + diff --git a/json/convert/oscal_complete_xml-to-json-converter.xsl b/json/convert/oscal_complete_xml-to-json-converter.xsl index 550f6f45d3..428a5f3f14 100644 --- a/json/convert/oscal_complete_xml-to-json-converter.xsl +++ b/json/convert/oscal_complete_xml-to-json-converter.xsl @@ -76,7 +76,7 @@ - + @@ -178,6 +178,13 @@ + + + + + + + @@ -370,6 +377,38 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -3194,6 +3233,50 @@ + + + + + + + + + + + + + + + + + + + + @@ -5658,6 +5741,42 @@ + + + + + text + + + + + + + + + + + text + + + + + + @@ -7527,6 +7646,42 @@ + + + + + text + + + + + + + + + + + text + + + + + + @@ -8586,6 +8741,42 @@ + + + + + text + + + + + + + + + + + text + + + + + + @@ -10491,6 +10682,42 @@ + + + + + text + + + + + + + + + + + text + + + + + + @@ -12216,6 +12443,42 @@ + + + + + text + + + + + + + + + + + text + + + + + + @@ -15763,6 +16026,42 @@ + + + + + text + + + + + + + + + + + text + + + + + + @@ -18901,6 +19200,42 @@ + + + + + text + + + + + + + + + + + text + + + + + + @@ -25325,6 +25660,42 @@ + + + + + text + + + + + + + + + + + text + + + + + + diff --git a/json/convert/oscal_component_xml-to-json-converter.xsl b/json/convert/oscal_component_xml-to-json-converter.xsl index 575225bf0f..8d08103439 100644 --- a/json/convert/oscal_component_xml-to-json-converter.xsl +++ b/json/convert/oscal_component_xml-to-json-converter.xsl @@ -76,7 +76,7 @@ - + @@ -180,6 +180,13 @@ + + + + + + + @@ -372,6 +379,38 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -815,6 +854,50 @@ + + + + + + + + + + + + + + + + + + + + @@ -1850,6 +1933,42 @@ + + + + + text + + + + + + + + + + + text + + + + + + diff --git a/json/convert/oscal_mapping_xml-to-json-converter.xsl b/json/convert/oscal_mapping_xml-to-json-converter.xsl index 8a3e976649..f27f3515e8 100644 --- a/json/convert/oscal_mapping_xml-to-json-converter.xsl +++ b/json/convert/oscal_mapping_xml-to-json-converter.xsl @@ -76,7 +76,7 @@ - + @@ -166,6 +166,13 @@ + + + + + + + @@ -358,6 +365,38 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -787,6 +826,50 @@ + + + + + + + + + + + + + + + + + + + + @@ -1691,6 +1774,42 @@ + + + + + text + + + + + + + + + + + text + + + + + + diff --git a/json/convert/oscal_poam_xml-to-json-converter.xsl b/json/convert/oscal_poam_xml-to-json-converter.xsl index 9d571983dd..7d63684587 100644 --- a/json/convert/oscal_poam_xml-to-json-converter.xsl +++ b/json/convert/oscal_poam_xml-to-json-converter.xsl @@ -76,7 +76,7 @@ - + @@ -183,6 +183,13 @@ + + + + + + + @@ -375,6 +382,38 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -1355,6 +1394,50 @@ + + + + + + + + + + + + + + + + + + + + @@ -2786,6 +2869,42 @@ + + + + + text + + + + + + + + + + + text + + + + + + diff --git a/json/convert/oscal_profile_xml-to-json-converter.xsl b/json/convert/oscal_profile_xml-to-json-converter.xsl index 4f67324198..5c43a5c0be 100644 --- a/json/convert/oscal_profile_xml-to-json-converter.xsl +++ b/json/convert/oscal_profile_xml-to-json-converter.xsl @@ -76,7 +76,7 @@ - + @@ -166,6 +166,13 @@ + + + + + + + @@ -358,6 +365,38 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -935,6 +974,50 @@ + + + + + + + + + + + + + + + + + + + + @@ -2036,6 +2119,42 @@ + + + + + text + + + + + + + + + + + text + + + + + + diff --git a/json/convert/oscal_ssp_xml-to-json-converter.xsl b/json/convert/oscal_ssp_xml-to-json-converter.xsl index 76c6511cc3..be3987cdfc 100644 --- a/json/convert/oscal_ssp_xml-to-json-converter.xsl +++ b/json/convert/oscal_ssp_xml-to-json-converter.xsl @@ -76,7 +76,7 @@ - + @@ -163,6 +163,13 @@ + + + + + + + @@ -355,6 +362,38 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -1300,6 +1339,50 @@ + + + + + + + + + + + + + + + + + + + + @@ -2498,6 +2581,42 @@ + + + + + text + + + + + + + + + + + text + + + + + + diff --git a/json/schema/oscal_assessment-plan_schema.json b/json/schema/oscal_assessment-plan_schema.json index 353b2cb441..a7abbbe3a8 100644 --- a/json/schema/oscal_assessment-plan_schema.json +++ b/json/schema/oscal_assessment-plan_schema.json @@ -142,6 +142,11 @@ "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "actions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_action" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -572,6 +577,50 @@ [ "role-id", "party-uuids" ], "additionalProperties" : false }, + "oscal-ap-oscal-metadata:action" : + { "title" : "Action", + "description" : "An action applied by a role within a given party to the content.", + "$id" : "#assembly_oscal-metadata_action", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Action Universally Unique Identifier", + "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "date" : + { "title" : "Action Occurrence Date", + "description" : "The date and time when the action occurred.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "type" : + { "title" : "Action Type", + "description" : "The type of action documented by the assembly, such as an approval.", + "$ref" : "#/definitions/TokenDatatype" }, + "system" : + { "title" : "Action Type System", + "description" : "Specifies the action type system used.", + "$ref" : "#/definitions/URIDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "system" ], + "additionalProperties" : false }, "oscal-ap-oscal-metadata:responsible-role" : { "title" : "Responsible Role", "description" : "A reference to one or more roles with responsibility for performing a function relative to the containing object.", diff --git a/json/schema/oscal_assessment-results_schema.json b/json/schema/oscal_assessment-results_schema.json index 5c42494166..ade931ad24 100644 --- a/json/schema/oscal_assessment-results_schema.json +++ b/json/schema/oscal_assessment-results_schema.json @@ -372,6 +372,11 @@ "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "actions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_action" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -802,6 +807,50 @@ [ "role-id", "party-uuids" ], "additionalProperties" : false }, + "oscal-ar-oscal-metadata:action" : + { "title" : "Action", + "description" : "An action applied by a role within a given party to the content.", + "$id" : "#assembly_oscal-metadata_action", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Action Universally Unique Identifier", + "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "date" : + { "title" : "Action Occurrence Date", + "description" : "The date and time when the action occurred.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "type" : + { "title" : "Action Type", + "description" : "The type of action documented by the assembly, such as an approval.", + "$ref" : "#/definitions/TokenDatatype" }, + "system" : + { "title" : "Action Type System", + "description" : "Specifies the action type system used.", + "$ref" : "#/definitions/URIDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "system" ], + "additionalProperties" : false }, "oscal-ar-oscal-metadata:responsible-role" : { "title" : "Responsible Role", "description" : "A reference to one or more roles with responsibility for performing a function relative to the containing object.", diff --git a/json/schema/oscal_catalog_schema.json b/json/schema/oscal_catalog_schema.json index b3d8dedf0b..f4008a9ba0 100644 --- a/json/schema/oscal_catalog_schema.json +++ b/json/schema/oscal_catalog_schema.json @@ -396,6 +396,11 @@ "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "actions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_action" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -826,6 +831,50 @@ [ "role-id", "party-uuids" ], "additionalProperties" : false }, + "oscal-catalog-oscal-metadata:action" : + { "title" : "Action", + "description" : "An action applied by a role within a given party to the content.", + "$id" : "#assembly_oscal-metadata_action", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Action Universally Unique Identifier", + "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "date" : + { "title" : "Action Occurrence Date", + "description" : "The date and time when the action occurred.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "type" : + { "title" : "Action Type", + "description" : "The type of action documented by the assembly, such as an approval.", + "$ref" : "#/definitions/TokenDatatype" }, + "system" : + { "title" : "Action Type System", + "description" : "Specifies the action type system used.", + "$ref" : "#/definitions/URIDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "system" ], + "additionalProperties" : false }, "oscal-catalog-oscal-metadata:responsible-role" : { "title" : "Responsible Role", "description" : "A reference to one or more roles with responsibility for performing a function relative to the containing object.", diff --git a/json/schema/oscal_complete_schema.json b/json/schema/oscal_complete_schema.json index 0877863bc2..ce849cc5a0 100644 --- a/json/schema/oscal_complete_schema.json +++ b/json/schema/oscal_complete_schema.json @@ -396,6 +396,11 @@ "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "actions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_action" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -826,6 +831,50 @@ [ "role-id", "party-uuids" ], "additionalProperties" : false }, + "oscal-complete-oscal-metadata:action" : + { "title" : "Action", + "description" : "An action applied by a role within a given party to the content.", + "$id" : "#assembly_oscal-metadata_action", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Action Universally Unique Identifier", + "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "date" : + { "title" : "Action Occurrence Date", + "description" : "The date and time when the action occurred.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "type" : + { "title" : "Action Type", + "description" : "The type of action documented by the assembly, such as an approval.", + "$ref" : "#/definitions/TokenDatatype" }, + "system" : + { "title" : "Action Type System", + "description" : "Specifies the action type system used.", + "$ref" : "#/definitions/URIDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "system" ], + "additionalProperties" : false }, "oscal-complete-oscal-metadata:responsible-role" : { "title" : "Responsible Role", "description" : "A reference to one or more roles with responsibility for performing a function relative to the containing object.", diff --git a/json/schema/oscal_component_schema.json b/json/schema/oscal_component_schema.json index 94a4d411fe..10127bda25 100644 --- a/json/schema/oscal_component_schema.json +++ b/json/schema/oscal_component_schema.json @@ -687,6 +687,11 @@ "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "actions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_action" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1117,6 +1122,50 @@ [ "role-id", "party-uuids" ], "additionalProperties" : false }, + "oscal-component-definition-oscal-metadata:action" : + { "title" : "Action", + "description" : "An action applied by a role within a given party to the content.", + "$id" : "#assembly_oscal-metadata_action", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Action Universally Unique Identifier", + "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "date" : + { "title" : "Action Occurrence Date", + "description" : "The date and time when the action occurred.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "type" : + { "title" : "Action Type", + "description" : "The type of action documented by the assembly, such as an approval.", + "$ref" : "#/definitions/TokenDatatype" }, + "system" : + { "title" : "Action Type System", + "description" : "Specifies the action type system used.", + "$ref" : "#/definitions/URIDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "system" ], + "additionalProperties" : false }, "oscal-component-definition-oscal-metadata:responsible-role" : { "title" : "Responsible Role", "description" : "A reference to one or more roles with responsibility for performing a function relative to the containing object.", diff --git a/json/schema/oscal_mapping_schema.json b/json/schema/oscal_mapping_schema.json index c95e3d2d34..d7feaf047c 100644 --- a/json/schema/oscal_mapping_schema.json +++ b/json/schema/oscal_mapping_schema.json @@ -115,6 +115,11 @@ "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "actions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_action" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -545,6 +550,50 @@ [ "role-id", "party-uuids" ], "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:action" : + { "title" : "Action", + "description" : "An action applied by a role within a given party to the content.", + "$id" : "#assembly_oscal-metadata_action", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Action Universally Unique Identifier", + "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "date" : + { "title" : "Action Occurrence Date", + "description" : "The date and time when the action occurred.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "type" : + { "title" : "Action Type", + "description" : "The type of action documented by the assembly, such as an approval.", + "$ref" : "#/definitions/TokenDatatype" }, + "system" : + { "title" : "Action Type System", + "description" : "Specifies the action type system used.", + "$ref" : "#/definitions/URIDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "system" ], + "additionalProperties" : false }, "oscal-mapping-oscal-metadata:responsible-role" : { "title" : "Responsible Role", "description" : "A reference to one or more roles with responsibility for performing a function relative to the containing object.", diff --git a/json/schema/oscal_poam_schema.json b/json/schema/oscal_poam_schema.json index cd40df5fff..8fbc2f3058 100644 --- a/json/schema/oscal_poam_schema.json +++ b/json/schema/oscal_poam_schema.json @@ -203,6 +203,11 @@ "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "actions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_action" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -633,6 +638,50 @@ [ "role-id", "party-uuids" ], "additionalProperties" : false }, + "oscal-poam-oscal-metadata:action" : + { "title" : "Action", + "description" : "An action applied by a role within a given party to the content.", + "$id" : "#assembly_oscal-metadata_action", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Action Universally Unique Identifier", + "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "date" : + { "title" : "Action Occurrence Date", + "description" : "The date and time when the action occurred.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "type" : + { "title" : "Action Type", + "description" : "The type of action documented by the assembly, such as an approval.", + "$ref" : "#/definitions/TokenDatatype" }, + "system" : + { "title" : "Action Type System", + "description" : "Specifies the action type system used.", + "$ref" : "#/definitions/URIDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "system" ], + "additionalProperties" : false }, "oscal-poam-oscal-metadata:responsible-role" : { "title" : "Responsible Role", "description" : "A reference to one or more roles with responsibility for performing a function relative to the containing object.", diff --git a/json/schema/oscal_profile_schema.json b/json/schema/oscal_profile_schema.json index 195b0e3811..e7c75bf559 100644 --- a/json/schema/oscal_profile_schema.json +++ b/json/schema/oscal_profile_schema.json @@ -450,6 +450,11 @@ "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "actions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_action" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -880,6 +885,50 @@ [ "role-id", "party-uuids" ], "additionalProperties" : false }, + "oscal-profile-oscal-metadata:action" : + { "title" : "Action", + "description" : "An action applied by a role within a given party to the content.", + "$id" : "#assembly_oscal-metadata_action", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Action Universally Unique Identifier", + "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "date" : + { "title" : "Action Occurrence Date", + "description" : "The date and time when the action occurred.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "type" : + { "title" : "Action Type", + "description" : "The type of action documented by the assembly, such as an approval.", + "$ref" : "#/definitions/TokenDatatype" }, + "system" : + { "title" : "Action Type System", + "description" : "Specifies the action type system used.", + "$ref" : "#/definitions/URIDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "system" ], + "additionalProperties" : false }, "oscal-profile-oscal-metadata:responsible-role" : { "title" : "Responsible Role", "description" : "A reference to one or more roles with responsibility for performing a function relative to the containing object.", diff --git a/json/schema/oscal_ssp_schema.json b/json/schema/oscal_ssp_schema.json index 6c315e6440..e8dafb317c 100644 --- a/json/schema/oscal_ssp_schema.json +++ b/json/schema/oscal_ssp_schema.json @@ -889,6 +889,11 @@ "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "actions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_action" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1319,6 +1324,50 @@ [ "role-id", "party-uuids" ], "additionalProperties" : false }, + "oscal-ssp-oscal-metadata:action" : + { "title" : "Action", + "description" : "An action applied by a role within a given party to the content.", + "$id" : "#assembly_oscal-metadata_action", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Action Universally Unique Identifier", + "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "date" : + { "title" : "Action Occurrence Date", + "description" : "The date and time when the action occurred.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "type" : + { "title" : "Action Type", + "description" : "The type of action documented by the assembly, such as an approval.", + "$ref" : "#/definitions/TokenDatatype" }, + "system" : + { "title" : "Action Type System", + "description" : "Specifies the action type system used.", + "$ref" : "#/definitions/URIDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "system" ], + "additionalProperties" : false }, "oscal-ssp-oscal-metadata:responsible-role" : { "title" : "Responsible Role", "description" : "A reference to one or more roles with responsibility for performing a function relative to the containing object.", diff --git a/xml/convert/oscal_assessment-plan_json-to-xml-converter.xsl b/xml/convert/oscal_assessment-plan_json-to-xml-converter.xsl index 08702529b5..f4c472c2de 100644 --- a/xml/convert/oscal_assessment-plan_json-to-xml-converter.xsl +++ b/xml/convert/oscal_assessment-plan_json-to-xml-converter.xsl @@ -130,6 +130,7 @@ + @@ -214,6 +215,20 @@ + + + + + + + + + + + + + + @@ -859,6 +874,58 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + diff --git a/xml/convert/oscal_assessment-results_json-to-xml-converter.xsl b/xml/convert/oscal_assessment-results_json-to-xml-converter.xsl index 9f9ed64c69..90bc188ae7 100644 --- a/xml/convert/oscal_assessment-results_json-to-xml-converter.xsl +++ b/xml/convert/oscal_assessment-results_json-to-xml-converter.xsl @@ -128,6 +128,7 @@ + @@ -212,6 +213,20 @@ + + + + + + + + + + + + + + @@ -1085,6 +1100,58 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + diff --git a/xml/convert/oscal_catalog_json-to-xml-converter.xsl b/xml/convert/oscal_catalog_json-to-xml-converter.xsl index 1dba876d43..f6f5f7c206 100644 --- a/xml/convert/oscal_catalog_json-to-xml-converter.xsl +++ b/xml/convert/oscal_catalog_json-to-xml-converter.xsl @@ -126,6 +126,7 @@ + @@ -210,6 +211,20 @@ + + + + + + + + + + + + + + @@ -678,6 +693,58 @@ + + + + + + + + + + + + + + + + + + + + + + + + @@ -1909,6 +1976,52 @@ + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + diff --git a/xml/convert/oscal_complete_json-to-xml-converter.xsl b/xml/convert/oscal_complete_json-to-xml-converter.xsl index dc34ac7211..dce9d0061d 100644 --- a/xml/convert/oscal_complete_json-to-xml-converter.xsl +++ b/xml/convert/oscal_complete_json-to-xml-converter.xsl @@ -126,6 +126,7 @@ + @@ -210,6 +211,20 @@ + + + + + + + + + + + + + + @@ -1790,6 +1805,58 @@ + + + + + + + + + + + + + + + + + + + + + + + + @@ -4724,6 +4791,52 @@ + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + @@ -7119,6 +7232,52 @@ + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + @@ -8372,6 +8531,52 @@ + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + @@ -10558,6 +10763,52 @@ + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + @@ -12421,6 +12672,52 @@ + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + @@ -16265,6 +16562,52 @@ + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + @@ -19655,6 +19998,52 @@ + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + @@ -26660,6 +27049,52 @@ + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + diff --git a/xml/convert/oscal_component_json-to-xml-converter.xsl b/xml/convert/oscal_component_json-to-xml-converter.xsl index 1adb8259c7..4456e868db 100644 --- a/xml/convert/oscal_component_json-to-xml-converter.xsl +++ b/xml/convert/oscal_component_json-to-xml-converter.xsl @@ -128,6 +128,7 @@ + @@ -212,6 +213,20 @@ + + + + + + + + + + + + + + @@ -610,6 +625,58 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + diff --git a/xml/convert/oscal_mapping_json-to-xml-converter.xsl b/xml/convert/oscal_mapping_json-to-xml-converter.xsl index 74239409e7..59b1a7e9aa 100644 --- a/xml/convert/oscal_mapping_json-to-xml-converter.xsl +++ b/xml/convert/oscal_mapping_json-to-xml-converter.xsl @@ -126,6 +126,7 @@ + @@ -210,6 +211,20 @@ + + + + + + + + + + + + + + @@ -601,6 +616,58 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + diff --git a/xml/convert/oscal_poam_json-to-xml-converter.xsl b/xml/convert/oscal_poam_json-to-xml-converter.xsl index 3c4a3bcdb1..11f7eb6123 100644 --- a/xml/convert/oscal_poam_json-to-xml-converter.xsl +++ b/xml/convert/oscal_poam_json-to-xml-converter.xsl @@ -131,6 +131,7 @@ + @@ -215,6 +216,20 @@ + + + + + + + + + + + + + + @@ -880,6 +895,58 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + diff --git a/xml/convert/oscal_profile_json-to-xml-converter.xsl b/xml/convert/oscal_profile_json-to-xml-converter.xsl index 0db6557ffa..d689c90fd7 100644 --- a/xml/convert/oscal_profile_json-to-xml-converter.xsl +++ b/xml/convert/oscal_profile_json-to-xml-converter.xsl @@ -126,6 +126,7 @@ + @@ -210,6 +211,20 @@ + + + + + + + + + + + + + + @@ -668,6 +683,58 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + diff --git a/xml/convert/oscal_ssp_json-to-xml-converter.xsl b/xml/convert/oscal_ssp_json-to-xml-converter.xsl index 4365b56ccc..ba410a11ce 100644 --- a/xml/convert/oscal_ssp_json-to-xml-converter.xsl +++ b/xml/convert/oscal_ssp_json-to-xml-converter.xsl @@ -129,6 +129,7 @@ + @@ -213,6 +214,20 @@ + + + + + + + + + + + + + + @@ -887,6 +902,58 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + diff --git a/xml/schema/oscal_assessment-plan_schema.xsd b/xml/schema/oscal_assessment-plan_schema.xsd index 4d5c0e5610..7a4e2dacea 100644 --- a/xml/schema/oscal_assessment-plan_schema.xsd +++ b/xml/schema/oscal_assessment-plan_schema.xsd @@ -213,6 +213,10 @@ type="oscal-metadata-responsible-party-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> + @@ -1017,6 +1021,83 @@ + + + + Action + An action applied by a role within a given party to the content. + + + Action: An action applied by a role within a given party to the content. + + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Action Universally Unique Identifier + A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document. + + + Action Universally Unique Identifier: A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document. + + + + + + Action Occurrence Date + The date and time when the action occurred. + + + Action Occurrence Date: The date and time when the action occurred. + + + + + + Action Type + The type of action documented by the assembly, such as an approval. + + + Action Type: The type of action documented by the assembly, such as an approval. + + + + + + Action Type System + Specifies the action type system used. + + + Action Type System: Specifies the action type system used. + + + diff --git a/xml/schema/oscal_assessment-results_schema.xsd b/xml/schema/oscal_assessment-results_schema.xsd index 0f65815bbc..d0a0627e73 100644 --- a/xml/schema/oscal_assessment-results_schema.xsd +++ b/xml/schema/oscal_assessment-results_schema.xsd @@ -638,6 +638,10 @@ type="oscal-metadata-responsible-party-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> + @@ -1442,6 +1446,83 @@ + + + + Action + An action applied by a role within a given party to the content. + + + Action: An action applied by a role within a given party to the content. + + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Action Universally Unique Identifier + A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document. + + + Action Universally Unique Identifier: A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document. + + + + + + Action Occurrence Date + The date and time when the action occurred. + + + Action Occurrence Date: The date and time when the action occurred. + + + + + + Action Type + The type of action documented by the assembly, such as an approval. + + + Action Type: The type of action documented by the assembly, such as an approval. + + + + + + Action Type System + Specifies the action type system used. + + + Action Type System: Specifies the action type system used. + + + diff --git a/xml/schema/oscal_catalog_schema.xsd b/xml/schema/oscal_catalog_schema.xsd index 2dbbedcb6a..775a36110b 100644 --- a/xml/schema/oscal_catalog_schema.xsd +++ b/xml/schema/oscal_catalog_schema.xsd @@ -640,6 +640,10 @@ type="oscal-metadata-responsible-party-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> + @@ -1444,6 +1448,83 @@ + + + + Action + An action applied by a role within a given party to the content. + + + Action: An action applied by a role within a given party to the content. + + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Action Universally Unique Identifier + A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document. + + + Action Universally Unique Identifier: A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document. + + + + + + Action Occurrence Date + The date and time when the action occurred. + + + Action Occurrence Date: The date and time when the action occurred. + + + + + + Action Type + The type of action documented by the assembly, such as an approval. + + + Action Type: The type of action documented by the assembly, such as an approval. + + + + + + Action Type System + Specifies the action type system used. + + + Action Type System: Specifies the action type system used. + + + diff --git a/xml/schema/oscal_complete_schema.xsd b/xml/schema/oscal_complete_schema.xsd index 73614d0129..cbb4607978 100644 --- a/xml/schema/oscal_complete_schema.xsd +++ b/xml/schema/oscal_complete_schema.xsd @@ -647,6 +647,10 @@ type="oscal-metadata-responsible-party-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> + @@ -1451,6 +1455,83 @@ + + + + Action + An action applied by a role within a given party to the content. + + + Action: An action applied by a role within a given party to the content. + + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Action Universally Unique Identifier + A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document. + + + Action Universally Unique Identifier: A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document. + + + + + + Action Occurrence Date + The date and time when the action occurred. + + + Action Occurrence Date: The date and time when the action occurred. + + + + + + Action Type + The type of action documented by the assembly, such as an approval. + + + Action Type: The type of action documented by the assembly, such as an approval. + + + + + + Action Type System + Specifies the action type system used. + + + Action Type System: Specifies the action type system used. + + + diff --git a/xml/schema/oscal_component_schema.xsd b/xml/schema/oscal_component_schema.xsd index 981d92716b..bb681ba11c 100644 --- a/xml/schema/oscal_component_schema.xsd +++ b/xml/schema/oscal_component_schema.xsd @@ -1203,6 +1203,10 @@ type="oscal-metadata-responsible-party-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> + @@ -2007,6 +2011,83 @@ + + + + Action + An action applied by a role within a given party to the content. + + + Action: An action applied by a role within a given party to the content. + + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Action Universally Unique Identifier + A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document. + + + Action Universally Unique Identifier: A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document. + + + + + + Action Occurrence Date + The date and time when the action occurred. + + + Action Occurrence Date: The date and time when the action occurred. + + + + + + Action Type + The type of action documented by the assembly, such as an approval. + + + Action Type: The type of action documented by the assembly, such as an approval. + + + + + + Action Type System + Specifies the action type system used. + + + Action Type System: Specifies the action type system used. + + + diff --git a/xml/schema/oscal_mapping_schema.xsd b/xml/schema/oscal_mapping_schema.xsd index 1088dfe95d..ba93103230 100644 --- a/xml/schema/oscal_mapping_schema.xsd +++ b/xml/schema/oscal_mapping_schema.xsd @@ -166,6 +166,10 @@ type="oscal-metadata-responsible-party-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> + @@ -970,6 +974,83 @@ + + + + Action + An action applied by a role within a given party to the content. + + + Action: An action applied by a role within a given party to the content. + + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Action Universally Unique Identifier + A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document. + + + Action Universally Unique Identifier: A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document. + + + + + + Action Occurrence Date + The date and time when the action occurred. + + + Action Occurrence Date: The date and time when the action occurred. + + + + + + Action Type + The type of action documented by the assembly, such as an approval. + + + Action Type: The type of action documented by the assembly, such as an approval. + + + + + + Action Type System + Specifies the action type system used. + + + Action Type System: Specifies the action type system used. + + + diff --git a/xml/schema/oscal_poam_schema.xsd b/xml/schema/oscal_poam_schema.xsd index 4c14d0be4a..0410c0125a 100644 --- a/xml/schema/oscal_poam_schema.xsd +++ b/xml/schema/oscal_poam_schema.xsd @@ -325,6 +325,10 @@ type="oscal-metadata-responsible-party-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> + @@ -1129,6 +1133,83 @@ + + + + Action + An action applied by a role within a given party to the content. + + + Action: An action applied by a role within a given party to the content. + + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Action Universally Unique Identifier + A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document. + + + Action Universally Unique Identifier: A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document. + + + + + + Action Occurrence Date + The date and time when the action occurred. + + + Action Occurrence Date: The date and time when the action occurred. + + + + + + Action Type + The type of action documented by the assembly, such as an approval. + + + Action Type: The type of action documented by the assembly, such as an approval. + + + + + + Action Type System + Specifies the action type system used. + + + Action Type System: Specifies the action type system used. + + + diff --git a/xml/schema/oscal_profile_schema.xsd b/xml/schema/oscal_profile_schema.xsd index 4624e1c01d..8ab3673dcb 100644 --- a/xml/schema/oscal_profile_schema.xsd +++ b/xml/schema/oscal_profile_schema.xsd @@ -688,6 +688,10 @@ type="oscal-metadata-responsible-party-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> + @@ -1492,6 +1496,83 @@ + + + + Action + An action applied by a role within a given party to the content. + + + Action: An action applied by a role within a given party to the content. + + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Action Universally Unique Identifier + A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document. + + + Action Universally Unique Identifier: A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document. + + + + + + Action Occurrence Date + The date and time when the action occurred. + + + Action Occurrence Date: The date and time when the action occurred. + + + + + + Action Type + The type of action documented by the assembly, such as an approval. + + + Action Type: The type of action documented by the assembly, such as an approval. + + + + + + Action Type System + Specifies the action type system used. + + + Action Type System: Specifies the action type system used. + + + diff --git a/xml/schema/oscal_ssp_schema.xsd b/xml/schema/oscal_ssp_schema.xsd index 4234f11bf8..bff4945996 100644 --- a/xml/schema/oscal_ssp_schema.xsd +++ b/xml/schema/oscal_ssp_schema.xsd @@ -1528,6 +1528,10 @@ type="oscal-metadata-responsible-party-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> + @@ -2332,6 +2336,83 @@ + + + + Action + An action applied by a role within a given party to the content. + + + Action: An action applied by a role within a given party to the content. + + + + + + + + + Remarks + Additional commentary on the containing object. + + + Remarks: Additional commentary on the containing object. + + + + + + + + + + Action Universally Unique Identifier + A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document. + + + Action Universally Unique Identifier: A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document. + + + + + + Action Occurrence Date + The date and time when the action occurred. + + + Action Occurrence Date: The date and time when the action occurred. + + + + + + Action Type + The type of action documented by the assembly, such as an approval. + + + Action Type: The type of action documented by the assembly, such as an approval. + + + + + + Action Type System + Specifies the action type system used. + + + Action Type System: Specifies the action type system used. + + + From 0890e8eb0b0df2ef6fa4b64e42c6fb482445c628 Mon Sep 17 00:00:00 2001 From: galtm <40716346+galtm@users.noreply.github.com> Date: Tue, 27 Sep 2022 09:14:26 -0400 Subject: [PATCH 062/138] Implement opr:oscal-version and v:compare functions. (#1420) The opr:oscal-version function meets the "req-meta-oscal-version" requirement from #1386. The v:compare utility function helps opr:oscal-version meet the "req-meta-oscalversion-error" requirement. --- .../oscal-profile-resolve-metadata.xsl | 54 +- .../testing/2_metadata/metadata.xspec | 79 +-- .../testing/2_metadata/version-util.xspec | 508 ++++++++++++++++++ .../util/resolver-pipeline/version-util.xsl | 346 ++++++++++++ 4 files changed, 916 insertions(+), 71 deletions(-) create mode 100644 src/utils/util/resolver-pipeline/testing/2_metadata/version-util.xspec create mode 100644 src/utils/util/resolver-pipeline/version-util.xsl diff --git a/src/utils/util/resolver-pipeline/oscal-profile-resolve-metadata.xsl b/src/utils/util/resolver-pipeline/oscal-profile-resolve-metadata.xsl index da67371d88..e2eb01e802 100644 --- a/src/utils/util/resolver-pipeline/oscal-profile-resolve-metadata.xsl +++ b/src/utils/util/resolver-pipeline/oscal-profile-resolve-metadata.xsl @@ -1,16 +1,17 @@ - - - + + + + @@ -38,9 +42,6 @@ metadata, due to privacy or security concerns. This parameter is passed from oscal-profile-RESOLVE.xsl and the end user can override it. --> - - - @@ -84,21 +85,42 @@ - - + + + - - + + + + + + + + Import uses oscal-version of {. + }, which is newer than profile oscal-version of { + $source}. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/src/utils/util/resolver-pipeline/version-util.xsl b/src/utils/util/resolver-pipeline/version-util.xsl new file mode 100644 index 0000000000..9bbb19c3d0 --- /dev/null +++ b/src/utils/util/resolver-pipeline/version-util.xsl @@ -0,0 +1,346 @@ + + + + + + + + + + + + + + + + {$A} is not a valid semantic version. + + + {$B} is not a valid semantic version. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file From d1902c3e0c6084d74aaa58da081d86d7d4a0f5a9 Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Tue, 27 Sep 2022 09:19:59 -0400 Subject: [PATCH 063/138] Updates to OSCAL Metaschema documentation and constraints (#1263) * completed partial update of the Metadata object documentation. * adjustments to roles * adjusted the cardinality of location/address to make address optional. * Improved documentation and constraints related to location and parties * addressed the remainder of metadata and control feedback from @Rene2mt. * Improved the introductory remarks for a profile to better describe what a profile is and what it does. * Fixed a broken constraint that was not targeting the right node. * started refining descriptions and adding properties to describe identifier attributes. * Addressed feedback from AJ during 20220718-20220722. (#48) * Week 30 feedback on SSP model. (#49) * Proposed metaschema docs updates (#50) * Addressed feedback based on #1392 * Adjustments based on model review feedback on 8/12. * Removed outdated merge phase remarks. Created issue #53 to address this. * Addressed A.J. Stein's Week 32 Feedback for Model Review (#52) * Addressed AJ Stein's week 32 feedback for usnistgov/OSCAL#1331. * Addressed DRAFT: Update catalog & profile metaschema documentation (#51) * Update catalog & profile metaschema documentation * Add props to control identifier * Fixed broken syntax and addressed consistency in wording within the Profile 'merge' construct. * Adjustments to alter, moving to to an inline definition * cleaned up empty remark. * Removed redundant constraints * removed some redundant constraints * Preliminary work on URI documentation to address #1249. * More work on document URI use in OSCAL * Updating data types related to usnistgov/metaschema#224. * Improved consistency of how URI concepts are discussed. * Added note about party locations * Updated Metaschema instances of `uri` and `uri-reference` data types to indicate their URI semantics. Resolves #1249. * Added identifier props to control layer metaschemas (#55) * Responding to #1066: metaschema edits; CSS enhancement (#56) * Whitespace cleanup in metadata metaschema * Apply suggestions from code review Co-authored-by: Alexander Stein Co-authored-by: Wendell Piez Co-authored-by: Rene Tshiteya --- .../content/concepts/identifier-use/_index.md | 4 +- docs/content/concepts/uri-use.md | 171 ++++ .../learn/tutorials/general/extension.md | 84 +- docs/content/reference/datatypes.md | 8 +- src/metaschema/metaschema-author.css | 159 ++++ .../oscal_assessment-common_metaschema.xml | 44 +- .../oscal_assessment-results_metaschema.xml | 11 +- src/metaschema/oscal_catalog_metaschema.xml | 186 ++-- src/metaschema/oscal_component_metaschema.xml | 72 +- .../oscal_control-common_metaschema.xml | 116 +-- ...oscal_implementation-common_metaschema.xml | 15 +- .../oscal_mapping-common_metaschema.xml | 17 +- src/metaschema/oscal_metadata_metaschema.xml | 894 ++++++++++-------- src/metaschema/oscal_profile_metaschema.xml | 158 ++-- src/metaschema/oscal_ssp_metaschema.xml | 30 +- 15 files changed, 1311 insertions(+), 658 deletions(-) create mode 100644 docs/content/concepts/uri-use.md create mode 100644 src/metaschema/metaschema-author.css diff --git a/docs/content/concepts/identifier-use/_index.md b/docs/content/concepts/identifier-use/_index.md index 629eee5d43..4715209814 100644 --- a/docs/content/concepts/identifier-use/_index.md +++ b/docs/content/concepts/identifier-use/_index.md @@ -20,7 +20,7 @@ By design, OSCAL supports [*machine-oriented*](#machine-oriented) and [*human-or [*Machine-oriented*](#machine-oriented) identifiers provide a persistent identity for an entity within the OSCAL models, which can be used in other locations within related OSCAL models to reference the associated entity. -These identifiers are intended to be auto-generated by tools when the entity is initially created. In OSCAL, a machine-oriented identifier is implemented using a Universally Unique Identifier (UUID) as defined by [RFC 4122](https://tools.ietf.org/html/rfc4122). A UUID is represented in OSCAL using the [UUID datatype](/reference/datatypes/#uuid). +These identifiers are intended to be auto-generated by tools when the entity is initially created. In OSCAL, a machine-oriented identifier is implemented using a Universally Unique Identifier (UUID) as defined by [RFC 4122](https://tools.ietf.org/html/rfc4122). A UUID is represented in OSCAL using the [`uuid`](/reference/datatypes/#uuid) data type. UUIDs were chosen because: - Programming interfaces exist in most programming environments to generate a UUID - UUIDs can be issued without a central authority @@ -32,7 +32,7 @@ The [OSCAL XML Reference Index](/reference/latest/complete/xml-index/#/@uuid) an #### Human-Oriented -A [*human-oriented*](#human-oriented) identifier incorporates semantic that support readability and processing by humans. OSCAL implements [*human-oriented*](#human-oriented) identifiers as [token](/reference/datatypes/#token) data types, which are non-colonized names. For example, control identifiers in a catalog may use a nomenclature that is familiar to the intended audience, allowing them to quickly determine what security control is being referred to, simply by its identifier value. +A [*human-oriented*](#human-oriented) identifier supports readability and use by human consumers. OSCAL implements [*human-oriented*](#human-oriented) identifiers as [`token`](/reference/datatypes/#token) data types. For example, control identifiers in a catalog may use a nomenclature that is familiar to the intended audience, allowing them to quickly determine what security control is being referred to, simply by its identifier value. The [OSCAL XML Reference Index](/reference/latest/complete/xml-index/#/@id) and [OSCAL JSON Reference Index](/reference/latest/complete/json-index/#/id) provide a comprehensive listing of the [*human-oriented*](#human-oriented) IDs in the core OSCAL models. References to these IDs are typically named according to the referenced object type (e.g., control) followed by “-id”, as seen here in the [XML Reference Index](/reference/latest/complete/xml-index/#/@control-id) (and likewise [JSON Reference Index](/reference/latest/complete/json-index/#/control-id) in the JSON reference index). diff --git a/docs/content/concepts/uri-use.md b/docs/content/concepts/uri-use.md new file mode 100644 index 0000000000..35c45f06ab --- /dev/null +++ b/docs/content/concepts/uri-use.md @@ -0,0 +1,171 @@ +--- +title: URI Usage +description: Provides information on the use of URIs in OSCAL. +weight: 40 +--- + +According to [RFC 3986](https://www.rfc-editor.org/rfc/rfc3986) a Uniform Resource Identifier (URI) "is a compact sequence of characters that identifies an abstract or physical resource." URIs are an important concept, which are used extensively in OSCAL. + +## Uniform Resource Identifier Overview + +According to RFC 3986, a URI has the following syntax, which is represented in [Augmented Backus-Naur Form (ABNF)](https://www.rfc-editor.org/rfc/rfc5234.html) below. + +> ``` +> URI = scheme ":" hier-part [ "?" query ] [ "#" fragment ] +> hier-part = "//" authority path-abempty +> / path-absolute +> / path-rootless +> / path-empty +> ``` +> +> The scheme and path components are required, though the path may be empty (no characters). When authority is present, the path must either be empty or begin with a slash ("/") character. When authority is not present, the path cannot begin with two slash characters ("//"). These restrictions result in five different ABNF rules for a path ([Section 3.3](https://www.rfc-editor.org/rfc/rfc3986#section-3.3)), only one of which will match any given URI reference. +> +> The following are two example URIs and their component parts: +> +> ``` +> foo://example.com:8042/over/there?name=ferret#nose +> \_/ \______________/\_________/ \_________/ \__/ +> | | | | | +> scheme authority path query fragment +> | _____________________|__ +> / \ / \ +> urn:example:animal:ferret:nose +> ``` + +According to RFC 3986, a URI can be used in a few different ways. Recognizing these URI forms is important in understanding how URIs are used in OSCAL. + +### URI with a Required Scheme + +As indicated above with the required scheme and path components. + +### Relative Reference + +A URI that is a relative reference, references a resource relative to another *[base URI](https://www.rfc-editor.org/rfc/rfc3986#section-5.1)*. Such a URI is resolved using [reference resolution](https://www.rfc-editor.org/rfc/rfc3986#section-5). + +The [syntax of a relative reference](https://www.rfc-editor.org/rfc/rfc3986#section-4.2) is: + +> ``` +> relative-ref = relative-part [ "?" query ] [ "#" fragment ] +> +> relative-part = "//" authority path-abempty +> / path-absolute +> / path-noscheme +> / path-empty +> ``` + +### URI Reference + +A typical use of a URI, allowing a [URI with a required scheme](#uri-with-a-required-scheme) or a [relative reference](#relative-reference) to be used. + +The [syntax of a URI reference](https://www.rfc-editor.org/rfc/rfc3986#section-4.1) is: + +> URI-reference = URI / relative-ref + +### Absolute URI + +According to RFC 3986, the [syntax of an absolute URI](https://www.rfc-editor.org/rfc/rfc3986#section-4.3) is: + +> ``` +> absolute-URI = scheme ":" hier-part [ "?" query ] +> ``` + +## URI vs URL vs URN + +According to RFC 3986 section [1.1.3](https://www.rfc-editor.org/rfc/rfc3986#section-1.1.3), "a URI can be further classified as a *locator*, a *name*, or *both*." A given URI scheme is not limited to being only a name or a locator; both characteristics can be associated. + +- To be a *locator*, the resource pointed to by a URI needs to have persistence. + +- To be a *name*, the URI needs to be used consistently to refer to the thing that is named. A URI used only as a name is not required to resolve to a location. URIs schemes requiring an [*authority*](https://www.rfc-editor.org/rfc/rfc3986#section-3.2) element provide a means to use a registered DNS name to assert organizational control over a naming value space or namespace. + +A *Uniform Resource Locator (URL)* "refers to the subset of URIs that, in addition to identifying a resource, provide a means of locating the resource by describing its primary access mechanism (e.g., its network "location")." + +A URL, when applied consistently, can be used as a *name*. Optionally in such cases, the resource it resolves to can provide information about how to use the URL as a name. + +A *Uniform Resource Name (URN)* "has been used historically to refer to both URIs under the `urn` scheme [RFC2141](https://www.rfc-editor.org/rfc/rfc2141), which are required to remain globally unique and persistent even when the resource ceases to exist or becomes unavailable, and to any other URI with the properties of a name. + +A URN is often not a good fit for use as a *locator*, since it requires a secondary resolution process that maps the URN's *name* to a specific *location*. + +Due to the specific characteristics of a URL or URN, the term URI is often used to refer more broadly to all types of resource identifiers. + +## URIs in OSCAL + +The following sections discuss how URIs are used in OSCAL. + +### OSCAL URI Data Types + +OSCAL uses two data types for representing URIs. + +1. [`uri`](/reference/datatypes/#uri) - A URI which must provide the required scheme and path components. This means the URI will point directly to a resolvable resource. + + The `uri` data type is used in cases where a [*URI with a required scheme*](#uri-with-a-required-scheme) or an *absolute URI* is required. As a result, a [*relative reference*](#relative-reference) or a [*URI reference*](#uri-reference) is not allowed for use with this data type. + +2. [`uri-reference`](/reference/datatypes/#uri-reference) - A [*URI reference*](#uri-reference), which may be a [*URI with a required scheme*](#uri-with-a-required-scheme) or a [*relative reference*](#relative-reference). This allows all forms of URIs. + +### Common OSCAL URI Use Cases + +URIs are used in OSCAL to provide pointers to resources in the following ways. + +#### Linking to a network resolvable resource + +URIs are used to point directly to a network resolvable resource. + +In such cases, the URI may be: + +- A [*URI with a required scheme*](#uri-with-a-required-scheme), where the scheme will likely be `https` indicating the resource can be accessed using the [Hypertext Transfer Protocol](https://www.rfc-editor.org/rfc/rfc2616.html) (HTTP) using [Transport Layer Security](https://www.rfc-editor.org/rfc/rfc8446) (TLS). Data fields supporting only this use case will have the `uri` data type. + + OSCAL examples include: + + - `threat-id` - ([JSON/YAML](/reference/latest/complete/json-index/#/threat-id)) ([XML](/reference/latest/complete/xml-index/#/@threat-id)) + - `url` - ([JSON/YAML](/reference/latest/complete/json-index/#/url)) ([XML](/reference/latest/complete/xml-index/#/urls)) + +- A [*relative reference*](#relative-reference), pointing to a resource that can resolved using the current document resource as the *base URI*. Data fields supporting this use case will have the `uri-reference` data type. + + OSCAL examples include: + + - `href` - ([JSON/YAML](/reference/latest/complete/json-index/#/href)) ([XML](/reference/latest/complete/xml-index/#/@href)) + - `source` - ([JSON/YAML](/reference/latest/complete/json-index/#/source)) ([XML](/reference/latest/complete/xml-index/#/@source)) + - `filename` - ([JSON/YAML](/reference/latest/complete/json-index/#/filename)) ([XML](/reference/latest/complete/xml-index/#/@filename)) + +URIs serving this purpose need to be used as a *locator*. URLs are typically used for this purpose since the URI must resolve to a specific location. + +#### Linking to another OSCAL object + +A pointer to an OSCAL object identified by the referenced identifier, may be a [human-oriented](/concepts/identifier-use/#human-oriented) [`token`](/reference/datatypes/#token) or a [machine-oriented](/concepts/identifier-use/#machine-oriented) [`uuid`](https://pages.nist.gov/OSCAL/reference/datatypes/#uuid). + +This approach uses a [*relative reference*](#relative-reference) consisting of only a URI *fragment* containing the identifier or UUID of the referenced object within the current documents effective data model. The effective data model of a document includes all objects identified with the document and any directly or transitively imported documents. Identifiers with a *cross-instance* [scope](/concepts/identifier-use/#scope) are available to importing documents. + +URIs serving this purpose need to be used as a *locator*. + +Any data fields supporting this use case will have the `uri-reference` data type. + +A typical use of OSCAL object identifier linking is referencing a `resource` in the document's `back-matter` or an imported document's `back-matter`. For example, the back-matter resource identified by the UUID `f5a2bdb3-55ad-431e-a7ea-c0fd28fc08a0` can be referenced as follows. + +``` + +``` + +More information about the use of links to reference back-matter resources can be found in the [*Referencing Back-Matter Resources*](/learn/tutorials/general/extension/#referencing-back-matter-resources) section of the [*Extending OSCAL Models with Props and Links*](/learn/tutorials/general/extension/) tutorial. + +#### Use as a naming system identifier + +An absolute URI that identifies the naming system. URIs serving this purpose are used as a *name*. Data fields supporting this use case will have the `uri` data type. + +OSCAL supports a number of name/value and other controlled value collections. To allow independent organization to organize these value collections, namespaces are used to partition the value spaces on an organization-by-organization basis. An [*absolute URI*](#absolute-uri) is used as the namespace identifier for these situations. + +When used in this way, the authority component of the URI must use a value that the organization has control over. Typically, a DNS domain name controlled by the organization is used for this purpose. + +OSCAL examples include: + +- `ns` - ([JSON/YAML](/reference/latest/complete/json-index/#/ns)) ([XML](/reference/latest/complete/xml-index/#/@ns)) +- `system` - ([JSON/YAML](/reference/latest/complete/json-index/#/system)) ([XML](/reference/latest/complete/xml-index/#/@system)) +- `scheme` - ([JSON/YAML](/reference/latest/complete/json-index/#/scheme)) ([XML](/reference/latest/complete/xml-index/#/@scheme)) + +A key example of this approach is how property names are partitioned using a `ns` data element. + +For example, the namespace `http://example.com/ns/oscal` is used in an OSCAL property as follows. + +``` + +``` + +To learn more about the use of namespaces in properties, refer to the [*Extending Existing Prop Values*](/learn/tutorials/general/extension/#extending-existing-prop-values) section of the [*Extending OSCAL Models with Props and Links*](/learn/tutorials/general/extension/) tutorial. diff --git a/docs/content/learn/tutorials/general/extension.md b/docs/content/learn/tutorials/general/extension.md index 94485c1905..877f1c7b97 100644 --- a/docs/content/learn/tutorials/general/extension.md +++ b/docs/content/learn/tutorials/general/extension.md @@ -15,6 +15,7 @@ This tutorial describes the mechanisms for extending basic OSCAL models. Before - Have some familiarity with the [XML](https://www.w3.org/standards/xml/core), [JSON](https://www.json.org/), or [YAML](https://yaml.org/spec/) formats. - Review the [OSCAL Layers and Models](/concepts/layer/) documentation. - Review the latest [OSCAL Reference](/reference/latest/complete/). +- Review [URI Usage](/concepts/uri-use/) to better understand how URIs are used in OSCAL. ## What are the OSCAL Extension Mechanisms? @@ -483,8 +484,8 @@ Links in OSCAL provide a means to reference an arbitrary resource, which allows A link can: -1. Reference (external) information that is not represented in OSCAL format. This could include references to (cybersecurity) laws and regulations, references to organizational standards and guides, references to a software bill of materials (SBOM), and more. -2. Reference objects within the current OSCAL document. +1. Reference (external) information that is not represented in OSCAL format. This could include references to (cybersecurity) laws and regulations, references to organizational standards and guides, references to a software bill of materials (SBOM), and more. See [*linking to a network resolvable resource*](/concepts/uri-use/#linking-to-a-network-resolvable-resource) for more information. +2. Reference objects within the current OSCAL document. See [*linking to another OSCAL object*](/concepts/uri-use/#linking-to-another-oscal-object) for more information. Organizations can limit duplication of content, reduce the size of their OSCAL files, and maintain important content relationships by using links. @@ -548,7 +549,7 @@ Below is description of `links` key-values: ### Link to Internet URL -Organizations may need their documentation (e.g., SSP) to reference external resources, such applicable laws and regulations (e.g., HSPD-12) and other organizational items (e.g., official agency logos). This first example illustrates how an OSCAL SSP might make use of a link to an internet URL to reference a government policy and an agency logo. +Organizations may need their documentation (e.g., SSP) to reference external resources, such applicable laws and regulations (e.g., HSPD-12) and other organizational items (e.g., official agency logos). This first example illustrates how an OSCAL SSP might make use of a link to a resource through the use of an [absolute](/concepts/uri-use/#absolute-uri) or [relative](/concepts/uri-use/#relative-reference) URL to reference a government policy and an agency logo. {{< tabs XML JSON YAML >}} {{% tab %}} @@ -574,9 +575,9 @@ Organizations may need their documentation (e.g., SSP) to reference external res {{< /highlight >}} -In this case, the `` element on line 8 provides a reference to Homeland Security Policy Directive (HSPD) 12 by specifying the URL in the `@href` attribute. The OSCAL pre-defined "reference" value is used for the `@rel` attribute, providing some context for the purpose of this specific ``. The `` sub-element provides an associated label for the `` which may be useful when rendering the SSP in other formats (e.g., HTML, PDF). +In this case, the `` element on line 8 provides a reference to Homeland Security Policy Directive (HSPD) 12 by specifying the URL in the `@href` attribute. The `@rel` attribute uses the OSCAL pre-defined "reference" value, indicating that this specific `` is a "reference" link. The `` sub-element provides an associated label for the `` which may be useful when rendering the SSP in other formats (e.g., HTML, PDF). -Line 11 demonstrates the use of `` to point to the organization's official logo. An absolute URL was used to point to the location of the referenced content, however, it should be noted that the `@href` attribute also permits the use of relative URL paths. If the referenced resource is located on the same host, then a relative URL path could be used. The `@rel` attribute was set to "logo" to indicate that the `` is to a logo image. The `@media-type` attribute was included to let any rendering tools know that the logo content is a Portable Network Graphics (PNG) image type. The optional `` sub-element was excluded for brevity of this example. +Line 11 demonstrates the use of `` to point to the organization's official logo. An absolute URL was used to point to the location of the referenced content, however, it should be noted that the `@href` attribute also permits the use of relative URL paths. If the referenced resource is located on the same host, then a relative URL path could be used instead. The `@rel` attribute is set to "logo" to indicate that the `` is to a logo image. The `@media-type` attribute was included to let any rendering tools know that the logo content is a Portable Network Graphics (PNG) image type. The optional `` sub-element is excluded in this example for brevity. {{% /tab %}} {{% tab %}} {{< highlight json "linenos=table" >}} @@ -608,9 +609,9 @@ Line 11 demonstrates the use of `` to point to the organization's official } {{< /highlight >}} -In this case, the `links` object array on line 9 provides a reference to Homeland Security Policy Directive (HSPD) 12 by specifying the URL in the `href` property. The OSCAL pre-defined "reference" value is used for the `rel`, providing context for the purpose of this specific `link`. The `text` property provides an associated label for the `link` which may be useful when rendering the SSP in other formats (e.g., HTML, PDF). +In this case, the `links` object array on line 9 provides an object (one lines 10-14) that references Homeland Security Policy Directive (HSPD) 12 by specifying the URL in its `href` property. The `rel` property uses the OSCAL pre-defined "reference" value, indicating that this specific link object is a "reference" link. The `text` property provides an associated label for the `link` which may be useful when rendering the SSP in other formats (e.g., HTML, PDF). -Lines 16-18 demonstrate the use of link to point to the organization's official logo. An absolute URL was used to point to the location of the referenced content, however, it should be noted that the `href` property also permits the use of relative URL paths. If the referenced resource is located is on the same host, then a relative URL path could be used. The `rel` property was set to "logo" to indicate the link is to a logo image. The `media-type` property was included to let any rendering tools know that the logo content is a Portable Network Graphics (PNG) image type. The optional `text` property was excluded for brevity of this example. +Lines 16-189 demonstrate the use of a link to point to the organization's official logo. An absolute URL is used to point to the location of the referenced content, however, it should be noted that the `href` property also permits the use of relative URL paths. If the referenced resource is located is on the same host, then a relative URL path could be used instead. The `rel` property is set to "logo" to indicate the link is to a logo image. The `media-type` property was included to let any rendering tools know that the logo content is a Portable Network Graphics (PNG) image type. The optional `text` property is excluded in this example for brevity. {{% /tab %}} {{% tab %}} {{< highlight yaml "linenos=table" >}} @@ -624,7 +625,7 @@ system-security-plan: links: - href: https://www.dhs.gov/homeland-security-presidential-directive-12 rel: reference - text: HSPD-12 + text: HSPD-12 - href: https://federal-agency.gov/img/official-agency-logo.png rel: logo media-type: image/png @@ -634,9 +635,9 @@ system-security-plan: {{< /highlight >}} -In this case, the `links` object array on line 9 provides a reference to Homeland Security Policy Directive (HSPD) 12 by specifying the URL in the `href` property. The OSCAL pre-defined "reference" value is used for the `rel`, providing context for the purpose of this specific link. The `text` property provides an associated label for the link which may be useful when rendering the SSP in other formats (e.g., HTML, PDF). +In this case, the `links` list on line 8 provides a reference to Homeland Security Policy Directive (HSPD) 12 by specifying the URL in the `href` key. The `rel` key uses the OSCAL pre-defined "reference" value, indicating that this specific link item is a "reference" link. The `text` key provides an associated label for the link which may be useful when rendering the SSP in other formats (e.g., HTML, PDF). -Lines 11-13 demonstrate the use of link to point to the organization's official logo. An absolute URL was used to point to the location of the referenced content, however, it should be noted that the `href` property also permits the use of relative URL paths. If the referenced resource is located is on the same host, then a relative URL path could be used. The `rel` property was set to "logo" to indicate the link is to a logo image. The `media-type` property was included to let any rendering tools know that the logo content is a Portable Network Graphics (PNG) image type. The optional `text` property was excluded for brevity of this example. +Lines 12-14 demonstrate the use of a link to point to the organization's official logo. An absolute URL is used to point to the location of the referenced content, however, it should be noted that the `href` key also permits the use of relative URL paths. If the referenced resource is located is on the same host, then a relative URL path could be used. The `rel` key is set to "logo" to indicate the link is to a logo image. The `media-type` key is included to let any rendering tools know that the logo content is a Portable Network Graphics (PNG) image type. The optional `text` key was excluded for brevity of this example. {{% /tab %}} {{% /tabs %}} @@ -646,7 +647,7 @@ As a final note, providing link text is not required. Link text should only be p This section demonstrates how to reference back matter resources with links. -In OSCAL specifying a URI fragment in a link's hypertext reference, represented as `#fragment-id`, indicates that the link is referencing an identified object in the OSCAL document's data model. This allows a resource to be referenced in the OSCAL document's back matter using the UUID of the back matter resource. +In OSCAL specifying a bare URI fragment in a link's hypertext reference, represented as `#fragment-id`, indicates that the link is [referencing an object identified](/concepts/uri-use/#linking-to-another-oscal-object) in the context of the OSCAL document's data model. This allows a resource to be referenced in the back matter or the current OSCAL document or an imported document using the UUID of a `back-matter` resource. {{< tabs XML JSON YAML >}} {{% tab %}} @@ -674,16 +675,18 @@ In OSCAL specifying a URI fragment in a link's hypertext reference, represented href="https://csrc.nist.gov/csrc/media/publications/fips/199/final/documents/fips-pub-199-final.pdf" media-type="application/pdf" /> {{< /highlight >}} -When using `` to reference a back-matter ``, the `` must use the resource's `@uuid` attribute as the pointer. The `` property may have an `` sub-element that points to the (external) content via the `@href` attribute. Optionally, the `` element can also include a hash (e.g., to ensure the integrity of the referenced content), however, that is an advanced concept that is not covered in this tutorial. +When using `` to reference a back-matter ``, the `` must use the resource's `@uuid` attribute as the pointer. The `` may have an `` sub-element that points to the (external) content via the `@href` attribute. -Notice that in this example, the `` element on line 8 provides a fragment rather than a URL. OSCAL interprets this as a pointer to a back matter resource `@uuid` (see line 17). Within this `` element, several items are referenced (via ``). The `` must have a URL reference (`@href`). The third `` in this example provides a relative path. All of the other `` attributes (e.g., `@media-type` and `@hash`) are optional. Unlike ``, `` do not have any `@rel` attributes to provide additional context, nor do they have `` sub-elements. OSCAL content authors should consider these subtle differences when deciding whether to use `` or ``. +Optionally, the `` element can also include a hash (e.g., to ensure the integrity of the referenced content), however, that is an advanced concept that is not covered in this tutorial. + +Notice that in this example, the `` element on line 8 provides a fragment rather than a more complete URI. OSCAL interprets this as a pointer to a back matter resource `@uuid` (see line 17). Within this `` element, several items are referenced (via ``). An ``must have an `@href` with an [absolute URI](/concepts/uri-use/#absolute-uri) or a [relative URI](/concepts/uri-use/#relative-reference) pointing directly to the resource. All of the other `` attributes (e.g., `@media-type` and `@hash`) are optional. Unlike ``, `` do not have any `@rel` attributes to provide additional context, nor do they have `` sub-elements. OSCAL content authors should consider these subtle differences when deciding to use a `` or an ``. {{% /tab %}} {{% tab %}} {{< highlight json "linenos=table" >}} @@ -695,11 +698,13 @@ Notice that in this example, the `` element on line 8 provides a fragment "last-modified": "2022-01-01T09:30:00-005", "version": 20220531, "oscal-version": "1.0.0", - "links": { - "href": "#a7584118-3d2d-46c8-b388-df747309c0fa", - "rel": "reference", - "text": "Applicable Laws and Regulations, Standards, and Guides" - } + "links": [ + { + "href": "#a7584118-3d2d-46c8-b388-df747309c0fa", + "rel": "reference", + "text": "Applicable Laws and Regulations, Standards, and Guides" + } + ] }, "import-profile": "...", "system-characteristics": "...", @@ -717,7 +722,7 @@ Notice that in this example, the `` element on line 8 provides a fragment "media-type": "application/pdf" }, { - "href": "/security/standards/IT-Rules-of-Behavior.docx", + "href": "security/standards/IT-Rules-of-Behavior.docx", "media-type": "application/msword" }] } @@ -725,9 +730,13 @@ Notice that in this example, the `` element on line 8 provides a fragment } } {{< /highlight >}} -When using `links` to reference a back-matter `resources`, the `link` must use the resource's `uuid` property as the pointer. The `resource` property may have an `rlinks` object array that points to the (external) content via the `href` property. Optionally, the `rlinks` property can also include a hash (e.g., to ensure the integrity of the referenced content), however, that is an advanced concept that is not covered in this tutorial. +When using a `links` array object (see lines 10-14 above) to reference a back-matter resource object (see lines 22-36), the link object must use the resource object's `uuid` property in a URI fragment as the pointer (i.e. `#a7584118-3d2d-46c8-b388-df747309c0fa`). Notice that in this example, the link object on line 11 provides a fragment rather than a more complete URI. OSCAL interprets this as a pointer to a back matter resource `uuid` (see line 23). + +The referenced resource object on lines 22-36 may have an `rlinks` object array with objects that point to the (externally) available content via an `href` property. In this example, several resources are referenced (via `rlinks`). Each rlink object must have an `href` with an [absolute URI](/concepts/uri-use/#absolute-uri) or a [relative URI](/concepts/uri-use/#relative-reference) pointing directly to the resource. The third `rlink` in this example provides a relative path. -Notice that in this example, the `links` object array on line 9 provides a fragment rather than a URL. OSCAL interprets this as a pointer to a back matter resource `uuid` (see line 21). Within `resources`, several items are referenced (via `rlinks`). Each `rlink` must have a URL reference (`href`). The third `rlink` in this example provides a relative path. All of the other `rlink` properties (e.g., `media-type` and `hash`) are optional. Unlike `links`, `rlinks` do not have any `rel` properties to provide additional context, nor do they have `text` properties. OSCAL content authors should consider these subtle differences when deciding whether to use `links` or `rlinks`. +All of the other `rlink` properties (e.g., `media-type` and `hash`) are optional. An rlink object can also include a hash (e.g., to ensure the integrity of the referenced content), however, that is an advanced concept that is not covered in this tutorial. + +Unlike `links`, `rlinks` do not have a `rel` property to provide additional context, nor do they have `text` properties. OSCAL content authors should consider these subtle differences when deciding to use `links` or `rlinks`. {{% /tab %}} {{% tab %}} @@ -740,25 +749,34 @@ system-security-plan: version: 20220531 oscal-version: 1.0.0 links: - - href: '#a7584118-3d2d-46c8-b388-df747309c0fa' - rel: reference - text: Applicable Laws and Regulations, Standards, and Guides + - href: '#a7584118-3d2d-46c8-b388-df747309c0fa' + rel: reference + text: Applicable Laws and Regulations, Standards, and Guides import-profile: ... system-characteristics: ... control-implementation: ... back-matter: resources: - uuid: a7584118-3d2d-46c8-b388-df747309c0fa + - uuid: a7584118-3d2d-46c8-b388-df747309c0fa rlinks: - - href: https://www.dhs.gov/homeland-security-presidential-directive-12 - - href: https://csrc.nist.gov/csrc/media/publications/fips/199/final/documents/fips-pub-199-final.pdf - media-type: application/pdf - - href: /security/standards/IT-Rules-of-Behavior.docx - media-type: application/msword + - href: https://www.dhs.gov/homeland-security-presidential-directive-12 + - href: https://csrc.nist.gov/csrc/media/publications/fips/199/final/documents/fips-pub-199-final.pdf + media-type: application/pdf + - href: security/standards/IT-Rules-of-Behavior.docx + media-type: application/msword {{< /highlight >}} -When using `links` to reference back-matter `resources`, the `link` must use the resource's `uuid` key-value as the pointer. The `resource` key-value must have an `rlinks` array item that points to the (external) content via the `href` key-value. Optionally, the `rlinks` can also include a hash (e.g., to ensure the integrity of the referenced content), however, that is an advanced concept that is not covered in this tutorial. -Notice that in this example, the `links` object array on line 8 only provides a fragment rather than a URL. OSCAL interprets this as a pointer to a back matter resource `uuid` (see line 17). Within `resources`, several items are referenced (via `rlinks`). Each `rlink` must have a URL reference (`href`). The third `rlink` in this example provides a relative path. All of the other `rlink` properties (e.g., `media-type` and `hash`) are optional. Unlike `links`, `rlinks` do not have any `rel` properties to provide additional context, nor do they have `text` properties. OSCAL content authors should consider these subtle differences when deciding whether to use `links` or `rlinks`. +All of the other `rlink` properties (e.g., `media-type` and `hash`) are optional. An rlink object can also include a hash (e.g., to ensure the integrity of the referenced content), however, that is an advanced concept that is not covered in this tutorial. + +Unlike `links`, `rlinks` do not have any `rel` properties to provide additional context, nor do they have `text` properties. OSCAL content authors should consider these subtle differences when deciding to use `links` or `rlinks`. + +When using a `links` item list (see lines 8-12 above) to reference a back-matter resource item (see lines 16-23), the link item must use the resource object's `uuid` key in a URI fragment as the pointer (i.e. `#a7584118-3d2d-46c8-b388-df747309c0fa`). Notice that in this example, the link item on line 9 provides a fragment rather than a more complete URI. OSCAL interprets this as a pointer to a back matter resource `uuid` (see line 23). + +The referenced resource item on lines 17-23 may have an `rlinks` list with items that point to the (externally) available content via an `href` key. In this example, several resources are referenced (via `rlinks`). Each rlink item must have an `href` with an [absolute URI](/concepts/uri-use/#absolute-uri) or a [relative URI](/concepts/uri-use/#relative-reference) pointing directly to the resource. The third rlink item in this example provides a relative path. + +All of the other rlink item keys (e.g., `media-type` and `hash`) are optional. An rlink item can also include a hash (e.g., to ensure the integrity of the referenced content), however, that is an advanced concept that is not covered in this tutorial. + +Unlike `links`, `rlinks` items do not have a `rel` key to provide additional context, nor do they have a `text` key. OSCAL content authors should consider these subtle differences when deciding to use `links` or `rlinks`. {{% /tab %}} {{% /tabs %}} diff --git a/docs/content/reference/datatypes.md b/docs/content/reference/datatypes.md index a55314a6a6..598a7aeedc 100644 --- a/docs/content/reference/datatypes.md +++ b/docs/content/reference/datatypes.md @@ -273,7 +273,7 @@ In XML Schema this is represented as a restriction on the built-in type [dateTim @@ -284,7 +284,7 @@ In JSON Schema, this is represented as: ```JSON { "type": "string", - "pattern": "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$" + "pattern": "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))?$" } ``` @@ -306,7 +306,7 @@ In XML Schema this is represented as a restriction on the built in type [dateTim @@ -318,7 +318,7 @@ In JSON Schema, this is represented as: { "type": "string", "format": "date-time", - "pattern": "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})$" + "pattern": "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" } ``` diff --git a/src/metaschema/metaschema-author.css b/src/metaschema/metaschema-author.css new file mode 100644 index 0000000000..064a793e46 --- /dev/null +++ b/src/metaschema/metaschema-author.css @@ -0,0 +1,159 @@ +METASCHEMA { font-family: Calibri, Verdana, sans-serif } + +* { display: block } + +pre { color: darkgrey } + +tag { color: black; font-family: monospace; font-size: 80%; font-weight: bold } + +METASCHEMA { } + +title { } + +import:before + { content: 'import module ' oxy_urlChooser(edit, '@href', columns 60) } + + + +define-assembly, +define-field, +define-flag { margin-top: 1ex; margin-bottom: 1ex; border: thin inset black; padding: 0.5em } + + +define-assembly:before, +define-field:before, +define-flag:before + { content: + oxy_name() + oxy_textfield(edit, '@name', columns, 12) + } + +root-name:before { content: "Root name: " } + + +prop:before + { content: 'property ' + oxy_textfield(edit, '@name', columns, 25) + oxy_textfield(edit, '@value', columns, 30) + } + + +define-assembly[group-as]:before, +define-field[group-as]:before, +define-flag[group-as]:before + { content: + oxy_name() + oxy_textfield(edit, '@name', columns, 12) } +define-assembly *, +define-field *, +define-flag * { margin: 0em } + +define-assembly > * { margin-top: 1em } + +pre { padding: 0.5em; background-color: gainsboro } + +define-assembly { } + +define-field { } + +define-flag { } + +flag { } + +formal-name { font-size: 120%; font-weight: bold; margin: 0.5em 0em } + +description, remarks { max-width: 60em } + +remarks { border-left: thin solid black; padding-left: 1em; margin-left: 1em } +remarks p { margin-top: 1em } + + +example { } + +prose { } + + +p { } + +code { display: inline; font-family: monospace } +q { display: inline; background-color: lemonchiffon } +em, i { display: inline; font-style: italic } +strong, b { display: inline; font-weight: bold } + +example { background-color: lavender; white-space: pre; } + +example *:before { content: '<' oxy_name() '>'; font-family: monospace; font-size: 80% } +example *:after { content: ''; font-family: monospace; font-size: 80% } + +model { padding-left: 0.5em; border-left: medium solid blue; font-size: 80%; padding-right: 2em } + +model model { font-size: 100%; } + +flag:before { content: + oxy_name() + ' ref: ' oxy_textfield(edit, '@ref', columns, 12) + } + +assembly:before, field:before { + content: + oxy_name() ' named ' + oxy_textfield(edit, '@ref', columns, 12) } + +group-as { margin-left: 2em } + +group-as:before { content: 'group as ' + oxy_textfield(edit, '@name', columns, 12) } + + +choice:before { content: + 'a choice between' + } + +prose:before { font-weight: bold; content: + 'prose' + } + +choice > * { margin-left: 2em } + +a { display: inline; color: blue } +a:before { content: oxy_urlChooser( + edit, "@href", + columns 42); } + + +/* CONSTRAINTS */ + +constraint > * { border: thin solid black; padding: 0.6em } + +allowed-values:before { content: "Allowed values" + ' level: ' oxy_combobox(edit, '@level', editable, false, values, "ERROR, WARNING" ) } + +enum { margin-left: 2em; display: list-item; + font-size: 90%; padding-left: 1em } +enum:before { content: oxy_textfield(edit, '@value', columns, 24); } + +index { } +index:before { content: "Index: " + ' name: ' oxy_textfield(edit, '@name', columns, 24) + ' target: ' oxy_textfield(edit, '@target', columns, 52) + ' level: ' oxy_combobox(edit, '@level', editable, false, values, "ERROR, WARNING" ); } + +key-field { margin-left: 2em } +key-field:before { content: "Key field " + ' target: ' oxy_textfield(edit, '@target', columns, 52) + ' level: ' oxy_combobox(edit, '@level', editable, false, values, "ERROR, WARNING" ); } + +expect { } +expect:before { content: "Expect " + ' target: ' oxy_textfield(edit, '@target', columns, 52) + ' test: ' oxy_textfield(edit, '@test', columns, 36) + ' level: ' oxy_combobox(edit, '@level', editable, false, values, "ERROR, WARNING" ); } + +index-has-key { } + +index-has-key:before { content: "Index has key: " + ' name: ' oxy_textfield(edit, '@name', columns, 24) + ' target: ' oxy_textfield(edit, '@target', columns, 52) + ' level: ' oxy_combobox(edit, '@level', editable, false, values, "ERROR, WARNING" ); } + + diff --git a/src/metaschema/oscal_assessment-common_metaschema.xml b/src/metaschema/oscal_assessment-common_metaschema.xml index bda02df397..ef7d702212 100644 --- a/src/metaschema/oscal_assessment-common_metaschema.xml +++ b/src/metaschema/oscal_assessment-common_metaschema.xml @@ -19,13 +19,16 @@ Import System Security Plan Used by the assessment plan and POA&M to import information about the system. - + System Security Plan Reference A resolvable URL reference to the system security plan for the system being assessed. -

    The value of the href can be an internet resource, or a local reference using a fragment e.g. #fragment that points to a back-matter resource in the same document.

    -

    If a local reference using a fragment is used, this will be indicated by a fragment "#" followed by an identifier which references an identified resource in the document's back-matter or another object that is within the scope of the containing OSCAL document.

    -

    If an internet resource is used, the href value will be an absolute or relative URI pointing to the location of the referenced resource. A relative URI will be resolved relative to the location of the document containing the link.

    +

    This value may be one of:

    +
      +
    1. an absolute URI that points to a network resolvable resource,
    2. +
    3. a relative reference pointing to a network resolvable resource whose base URI is the URI of the containing document, or
    4. +
    5. a bare URI fragment (i.e., `#uuid`) pointing to a back-matter resource in this or an imported document (see linking to another OSCAL object).
    6. +
    @@ -59,7 +62,7 @@ - + **(deprecated)** Use 'assessment-objective' instead. **(deprecated)** Use 'assessment-method' instead. The part defines an assessment objective. @@ -853,13 +856,16 @@ Relevant Evidence Links this observation to relevant evidence. - + Relevant Evidence Reference A resolvable URL reference to relevant evidence. -

    The value of the href can be an internet resource, or a local reference using a fragment e.g. #fragment that points to a back-matter resource in the same document.

    -

    If a local reference using a fragment is used, this will be indicated by a fragment "#" followed by an identifier which references an identified resource in the document's back-matter or another object that is within the scope of the containing OSCAL document.

    -

    If an internet resource is used, the href value will be an absolute or relative URI pointing to the location of the referenced resource. A relative URI will be resolved relative to the location of the document containing the link.

    +

    This value may be one of:

    +
      +
    1. an absolute URI that points to a network resolvable resource,
    2. +
    3. a relative reference pointing to a network resolvable resource whose base URI is the URI of the containing document, or
    4. +
    5. a bare URI fragment (i.e., `#uuid`) pointing to a back-matter resource in this or an imported document (see linking to another OSCAL object).
    6. +
    @@ -1019,10 +1025,22 @@ The value conforms to FedRAMP definitions.
    + +

    This value must be an absolute URI that serves as a naming system identifier.

    +
    + Threat Information Resource Reference An optional location for the threat data, from which this ID originates. + +

    This value may be one of:

    +
      +
    1. an absolute URI that points to a network resolvable resource,
    2. +
    3. a relative reference pointing to a network resolvable resource whose base URI is the URI of the containing document, or
    4. +
    5. a bare URI fragment (i.e., `#uuid`) pointing to a back-matter resource in this or an imported document (see linking to another OSCAL object).
    6. +
    +
    @@ -1299,6 +1317,9 @@
    + +

    This value must be an absolute URI that serves as a naming system identifier.

    +
    Facet Value @@ -1640,13 +1661,12 @@ - + Part Namespace A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. -

    Provides a means to segment the value space for the name, so that different organizations and individuals can assert control over the allowed names and associated text used in a part. This allows the semantics associated with a given name to be defined on an organization-by-organization basis.

    -

    An organization MUST use a URI that they have control over. e.g., a domain registered to the organization in a URI, a registered uniform resource names (URN) namespace.

    +

    This value must be an absolute URI that serves as a naming system identifier.

    When a ns is not provided, its value should be assumed to be http://csrc.nist.gov/ns/oscal and the name should be a name defined by the associated OSCAL model.

    diff --git a/src/metaschema/oscal_assessment-results_metaschema.xml b/src/metaschema/oscal_assessment-results_metaschema.xml index 93433080c3..5637803d17 100644 --- a/src/metaschema/oscal_assessment-results_metaschema.xml +++ b/src/metaschema/oscal_assessment-results_metaschema.xml @@ -322,11 +322,12 @@ Assessment Plan Reference A resolvable URL reference to the assessment plan governing the assessment activities. -

    The value of the href can be an internet resource, or a local reference using a fragment e.g. #fragment that points to a back-matter - resource in the same document.

    - -

    If a local reference using a fragment is used, this will be indicated by a fragment "#" followed by an identifier which references an identified resource in the document's back-matter or another object that is within the scope of the containing OSCAL document.

    -

    If an internet resource is used, the href value will be an absolute or relative URI pointing to the location of the referenced resource. A relative URI will be resolved relative to the location of the document containing the link.

    +

    This value may be one of:

    +
      +
    1. an absolute URI that points to a network resolvable resource,
    2. +
    3. a relative reference pointing to a network resolvable resource whose base URI is the URI of the containing document, or
    4. +
    5. a bare URI fragment (i.e., `#uuid`) pointing to a back-matter resource in this or an imported document (see linking to another OSCAL object).
    6. +
    diff --git a/src/metaschema/oscal_catalog_metaschema.xml b/src/metaschema/oscal_catalog_metaschema.xml index f036a5beac..ef63cef286 100644 --- a/src/metaschema/oscal_catalog_metaschema.xml +++ b/src/metaschema/oscal_catalog_metaschema.xml @@ -5,34 +5,36 @@ ]> - + + OSCAL Control Catalog Model 1.0.4 oscal-catalog http://csrc.nist.gov/ns/oscal/1.0 http://csrc.nist.gov/ns/oscal -

    The OSCAL Control Catalog format can be used to describe a collection of security controls and related control enhancements, along with contextualizing documentation and metadata. The root of the Control Catalog format is catalog. -

    +

    The OSCAL Control Catalog format can be used to describe a collection of security controls and related control enhancements, along with contextualizing documentation and metadata. The root of the Control Catalog format is catalog.

    Catalog - A collection of controls. + A structured, organized collection of control information. catalog Catalog Universally Unique Identifier - A globally unique identifier with cross-instance scope for this catalog instance. This UUID should be changed when this document is revised. + Provides a globally unique means to identify a given catalog instance. + + + + + - @@ -50,21 +52,38 @@ The tool used to produce a resolved profile. + The document-level uuid of the source profile from which the catalog was produced by profile resolution. - The tool used to produce a resolved profile. + The profile from which the catalog was produced by profile resolution. + The document-level uuid of the profile from which the catalog was produced by profile resolution. + + + + + + + + + + + + + + +

    Catalogs may use one or more group objects to subdivide the control contents of a catalog.

    -

    An OSCAL catalog model provides a structured representation of control information.

    - A small catalog with a single control - + A small catalog with a single control. + A Miniature Catalog A Single Control + @@ -73,10 +92,15 @@ Control Group A group of controls, or of groups of controls. - + Group Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document. + Identifies the group for the purpose of cross-linking within the defining instance or from other instances that reference the catalog. + + + + + Group Class @@ -92,7 +116,6 @@ A name given to the group, which may be used by a tool for display and navigation. - @@ -116,7 +139,6 @@
    - &allowed-values-control-group-property-name; @@ -125,11 +147,11 @@ -

    Catalogs can use a group to collect related controls into a single grouping. That can be useful to group controls into a family or other logical grouping.

    -

    A group may have its own properties, statements, parameters, and references, which are inherited by all members of that group.

    +

    Catalogs can use the catalog group construct to organize related controls into a single grouping, such as a family of controls or other logical organizational structure.

    +

    A group may have its own properties, statements, parameters, and references, which are inherited by all controls of that are a member of the group.

    - + My Group @@ -140,28 +162,41 @@
    Control - A structured information object representing a security or privacy control. Each security or privacy control within the Catalog is defined by a distinct control instance. + A structured object representing a requirement or guideline, which when + implemented will reduce an aspect of risk related to an information system and its + information. Control Identifier - A human-oriented, locally unique identifier with instance scope that can be used to reference this control elsewhere in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same control across revisions of the document. + Identifies a control such that it can be referenced in the defining + catalog and other OSCAL instances (e.g., profiles). + + + + + Control Class - A textual label that provides a sub-type or characterization of the control. + A textual label that provides a sub-type or characterization of the + control. -

    A class can be used in validation rules to express extra constraints over named items of a specific class value.

    -

    A class can also be used in an OSCAL profile as a means to target an alteration to control content.

    +

    A class can be used in validation rules to express extra + constraints over named items of a specific class + value.

    +

    A class can also be used in an OSCAL profile as a means to + target an alteration to control content.

    Control Title - A name given to the control, which may be used by a tool for display and navigation. + A name given to the control, which may be used by a tool for + display and navigation. - @@ -176,7 +211,8 @@ Mapping - A mapping between the containing control and another resource. + A mapping between the containing control and another + resource. Mapping Identifier The unique identifier for the mapping. @@ -197,70 +233,100 @@ - - - &allowed-values-control-group-property-name; - The status of a control. For example, a value of 'withdrawn' can indicate that the control has been withdrawn and should no longer be used. + + + &allowed-values-control-group-property-name; + The status of a control. For example, a + value of 'withdrawn' can indicate that the control has + been withdrawn and should no longer be used. - + The control is no longer used. - **(deprecated)*** Use 'withdrawn' instead. + **(deprecated)*** Use 'withdrawn' + instead. - The link cites an external resource related to this control. - The link identifies another control with bearing to this control. - The link identifies another control that must be present if this control is present. - The link identifies other control content where this control content is now addressed. - The containing control definition was moved to the referenced control. + The link cites an external resource related to this + control. + The link identifies another control with bearing to + this control. + The link identifies another control that must be + present if this control is present. + The link identifies other control content + where this control content is now addressed. + The containing control definition was moved to the + referenced control. - - - An introduction to a control or a group of controls. + + + + + + An introduction to a control or a group of + controls. A set of control implementation requirements. - Additional information to consider when selecting, implementing, assessing, and monitoring a control. - **(deprecated)** Use 'assessment-method' instead. - The part describes a method-based assessment over a set of assessment objects. + Additional information to consider when selecting, + implementing, assessing, and monitoring a control. + **(deprecated)** Use + 'assessment-method' instead. + The part describes a method-based assessment + over a set of assessment objects. - + An individual item within a control statement.

    Nested statement parts are "item" parts.

    - - **(deprecated)** Use 'assessment-objective' instead. - The part describes a set of assessment objectives. + + **(deprecated)** Use + 'assessment-objective' instead. + The part describes a set of assessment + objectives.

    Objectives can be nested.

    - - **(deprecated)** Use 'assessment-objects' instead. - Provides a listing of assessment objects. + + **(deprecated)** Use + 'assessment-objects' instead. + Provides a listing of assessment + objects.

    Assessment objects appear on assessment methods.

    - - - **(deprecated)** Use 'method' in the 'http://csrc.nist.gov/ns/rmf' namespace. The assessment method to use. This typically appears on parts with the name "assessment". + + **(deprecated)** Use 'method' in the 'http://csrc.nist.gov/ns/rmf' namespace. The assessment method to use. This typically appears on parts with the name "assessment-method". - - The assessment method to use. This typically appears on parts with the name "assessment". + + The assessment method to use. This typically appears on + parts with the name "assessment-method". - + The process of holding discussions with individuals or groups of individuals within an organization to once again, facilitate assessor understanding, achieve clarification, or obtain evidence. The process of reviewing, inspecting, observing, studying, or analyzing one or more assessment objects (i.e., specifications, mechanisms, or activities). The process of exercising one or more assessment objects (i.e., activities or mechanisms) under specified conditions to compare actual with expected behavior.
    -

    Controls may be grouped using group, and controls may be partitioned using part or further enhanced (extended) using control.

    -

    A control must have a part with the name "statement", which represents the textual narrative of the control. This "statement" part must occur only once, but may have nested parts to allow for multiple paragraphs or sections of text.

    +

    Each security or privacy control within the catalog is defined by a distinct control instance. Controls may be as complex or as simple as a catalog defines them. They may be decomposed or further specified into child control objects, for example to represent control enhancements or specific breakouts of control functionality, to be maintained as discrete requirements. Controls may also contain structured parts (using part) and they may be grouped together in families or classes with group.

    +

    Control structures in OSCAL will also exhibit regularities and rules that are not codified in OSCAL but in its applications or domains of application. For example, for catalogs describing controls as defined by NIST SP 800-53, a control must have a part with the name "statement", which represents the textual narrative of the control. This "statement" part must occur only once, but may have nested parts to allow for multiple paragraphs or sections of text. This organization supports addressability of this data content as long as, and only insofar as, it is consistently implemented across the control set. As given with these model definitions, constraints defined and assigned here can aid in ensuring this regularity; but other such constraints and other useful patterns of use remain to be discovered and described.

    - + Control 1 diff --git a/src/metaschema/oscal_component_metaschema.xml b/src/metaschema/oscal_component_metaschema.xml index c757be4c80..8146d96d3e 100644 --- a/src/metaschema/oscal_component_metaschema.xml +++ b/src/metaschema/oscal_component_metaschema.xml @@ -19,10 +19,11 @@ http://csrc.nist.gov/ns/oscal/1.0 http://csrc.nist.gov/ns/oscal -

    The OSCAL Component Definition Model can be used to describe the implementation of controls in a component or a set of components grouped as a capability. A component can be either a technical component, or a documentary component. A technical component is a component that is implemented in hardware (physical or virtual) or software. A documentary component is a component implemented in a document, such as a process, procedure, or policy.

    -

    The root of the OSCAL Implementation Component format is component-definition. -

    -

    NOTE: This documentation is a work in progress. As a result, documentation for many of the information elements is missing or incomplete.

    +

    The OSCAL Component Definition Model can be used to describe the implementation of controls in a component or a set of components grouped as a capability. A component can be either a technical component, or a documentary component.

    +

    A technical component is a component that is implemented in hardware (physical or virtual) or software. Suppliers may document components in an OSCAL component definition that describes the implementation of controls in their hardware and software.

    +

    A documentary component is a component implemented for a documented process, procedure, or policy. Suppliers may document components in an OSCAL component definition that describes the implementation of controls in their process, procedure, or policy.

    +

    The information provided by a technical or documentary component can be used by component consumers to provide starting narratives for documenting control implementations in an OSCAL SSP.

    +

    The root of the OSCAL Implementation Layer Component Definition model is component-definition.

    @@ -34,7 +35,12 @@ Component Definition Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component definition elsewhere in this or other OSCAL instances. The locally defined UUID of the component definition can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Provides a globally unique means to identify a given component definition instance. + + + + + @@ -72,6 +78,14 @@ Hyperlink Reference A link to a resource that defines a set of components and/or capabilities to import into this collection. + +

    This value may be one of:

    +
      +
    1. an absolute URI that points to a network resolvable resource,
    2. +
    3. a relative reference pointing to a network resolvable resource whose base URI is the URI of the containing document, or
    4. +
    5. a bare URI fragment (i.e., `#uuid`) pointing to a back-matter resource in this or an imported document (see linking to another OSCAL object).
    6. +
    +
    @@ -81,7 +95,12 @@ Component Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Provides a globally unique means to identify a given component. + + + + + type @@ -252,7 +271,12 @@ Capability Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this capability elsewhere in this or other OSCAL instances. The locally defined UUID of the capability can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Provides a globally unique means to identify a given capability. + + + + + Capability Name @@ -284,12 +308,13 @@

    A given component must not be referenced more than once within the same capability.

    + Incorporates Component - TBD + The collection of components comprising this capability. Component Reference @@ -309,13 +334,25 @@ Control Implementation Set Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a set of implemented controls elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation set can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Provides a means to identify a set of control implementations that are supported by a given component or capability. + + + + + - + + Source Resource Reference + A reference to an OSCAL catalog or profile providing the referenced control or subcontrol definition. -

    A URL reference to the source catalog or profile for which this component is implementing controls for.

    +

    This value may be one of:

    +
      +
    1. an absolute URI that points to a network resolvable resource,
    2. +
    3. a relative reference pointing to a network resolvable resource whose base URI is the URI of the containing document, or
    4. +
    5. a bare URI fragment (i.e., `#uuid`) pointing to a back-matter resource in this or an imported document (see linking to another OSCAL object).
    6. +
    -
    +
    Control Implementation Description @@ -352,13 +389,18 @@ Control Implementation Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a specific control implementation elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Provides a globally unique means to identify a given control implementation by a component. + + + + + Control Implementation Description - A suggestion for how the specified control may be implemented if the containing component or capability is instantiated in a system security plan. + A suggestion from the supplier (e.g., component vendor or author) for how the specified control may be implemented if the containing component or capability is instantiated in a system security plan. @@ -398,7 +440,7 @@ -

    Implemented requirements within a component or capability in a component definition provide a means to suggest possible control implementation details, which may be used by a different party when authoring a system security plan. Thus, these requirements defined in a component definition are only a suggestion of how to implement, which may be adopted wholesale, changed, or ignored by a person defining an information system implementation.

    +

    Implemented requirements within a component or capability in a component definition provide a means for component suppliers to suggest possible control implementation details, which may be used by a different party (e.g., component consumers) when authoring a system security plan. Thus, these requirements defined in a component definition are only a suggestion of how to implement, which may be adopted wholesale, changed, or ignored by a person defining an information system implementation.

    Use of set-parameter in this context, sets the parameter for the referenced control and any associated statements.

    diff --git a/src/metaschema/oscal_control-common_metaschema.xml b/src/metaschema/oscal_control-common_metaschema.xml index 09d9a7cac3..de51c93368 100644 --- a/src/metaschema/oscal_control-common_metaschema.xml +++ b/src/metaschema/oscal_control-common_metaschema.xml @@ -5,11 +5,12 @@ ]> + + xmlns="http://csrc.nist.gov/ns/oscal/metaschema/1.0" abstract="yes"> OSCAL Control Catalog Format -- Common Models 1.0.4 - oscal-catalog-common + oscal-control-common http://csrc.nist.gov/ns/oscal/1.0 http://csrc.nist.gov/ns/oscal @@ -18,32 +19,38 @@ Part - A partition of a control's definition or a child of another part. + An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part. Part Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for the part. + + + + + + +

    While a part is not required to have an id, it is often desirable for an identifier to be provided, which allows the part to be referenced elsewhere in OSCAL document instances. For this reason, it is RECOMMENDED to provide a part identifier.

    +
    Part Name - A textual label that uniquely identifies the part's semantic type. + A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns. - - + Part Namespace - A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. + An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. -

    Provides a means to segment the value space for the name, so that different organizations and individuals can assert control over the allowed names and associated text used in a part. This allows the semantics associated with a given name to be defined on an organization-by-organization basis.

    -

    An organization MUST use a URI that they have control over. e.g., a domain registered to the organization in a URI, a registered uniform resource names (URN) namespace.

    +

    This value must be an absolute URI that serves as a naming system identifier.

    When a ns is not provided, its value should be assumed to be http://csrc.nist.gov/ns/oscal and the name should be a name defined by the associated OSCAL model.

    Part Class - A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. - + An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs. +

    One use of this flag is to distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns (since even within a given namespace it can be useful to overload a name).

    A class can be used in validation rules to express extra constraints over named items of a specific class value.

    A class can also be used in an OSCAL profile as a means to target an alteration to control content.

    @@ -51,7 +58,7 @@ Part Title - A name given to the part, which may be used by a tool for display and navigation. + An optional name given to the part, which may be used by a tool for display and navigation. @@ -69,61 +76,60 @@ - &allowed-values-control-group-property-name; - +

    A part provides for logical partitioning of prose, and can be thought of as a grouping structure (e.g., section). A part can have child parts allowing for arbitrary nesting of prose content (e.g., statement hierarchy). A part can contain prop objects that allow for enriching prose text with structured name/value information.

    -

    A part can be assigned an optional id, which allows for internal and external references to the textual concept contained within a part. A id provides a means for an OSCAL profile, or a higher layer OSCAL model to reference a specific part within a catalog. For example, an id can be used to reference or to make modifications to a control statement in a profile.

    +

    A part can be assigned an optional id, which allows references to this part from within a catalog, or within an instance of another OSCAL model that has a need to reference the part. Examples of where part referencing is used in OSCAL include:

    +
      +
    • Referencing a part by id to tailor (make modifications to) a control statement in a profile.
    • +
    • Referencing a control statement represented by a part in a system security plan implemented-requirement where a statement-level response is desired.
    • +

    Use of part and prop provides for a wide degree of extensibility within the OSCAL catalog model. The optional ns provides a means to qualify a part's name, allowing for organization-specific vocabularies to be defined with clear semantics. Any organization that extends OSCAL in this way should consistently assign a ns value that represents the organization, making a given namespace qualified name unique to that organization. This allows the combination of ns and name to always be unique and unambiguous, even when mixed with extensions from other organizations. Each organization is responsible for governance of their own extensions, and is strongly encouraged to publish their extensions as standards to their user community. If no ns is provided, the name is expected to be in the "OSCAL" namespace.

    To ensure a ns is unique to an organization and naming conflicts are avoided, a URI containing a DNS or other globally defined organization name should be used. For example, if FedRAMP and DoD both extend OSCAL, FedRAMP will use the ns http://fedramp.gov/ns/oscal, while DoD might use the ns https://defense.gov for any organization specific name.

    Tools that process OSCAL content are not required to interpret unrecognized OSCAL extensions; however, OSCAL compliant tools should not modify or remove unrecognized extensions, unless there is a compelling reason to do so, such as data sensitivity.

    - Multiple Parts with Different Organization-Specific Names - - Something FedRAMP Cares About - Something DoD Cares About - + Multiple Parts with Different Organization-Specific Names. + + A requirement specific to FedRAMP stakeholders. + A requirement specific to the Department of Defense stakeholders. +
    + Parameter Parameters provide a mechanism for the dynamic assignment of value(s) in a control. - param Parameter Identifier - - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for the parameter. + + + + + Parameter Class - A textual label that provides a characterization of the parameter. + A textual label that provides a characterization of the type, + purpose, use or scope of the parameter.

    A class can be used in validation rules to express extra constraints over named items of a specific class value.

    Depends on - **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. + (deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used. @@ -137,12 +143,13 @@ Parameter Label A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned. -

    The label value should be suitable for inline display in a rendered catalog.

    +

    The label value is intended use when rendering a parameter in generated documentation or a user interface when a parameter is referenced. Note that labels are not required to be distinctive, which means that parameters within the same control may have the same label.

    Parameter Usage Description - Describes the purpose and use of a parameter + Describes the purpose and use of a + parameter. constraint @@ -150,27 +157,26 @@ guideline - - value -

    A set of values provided in a catalog can be redefined at any higher layer of OSCAL (e.g., Profile).

    +

    A set of values provided in a catalog can be redefined in OSCAL's profile or system-security-plan models.

    select -

    A set of parameter value choices, that may be picked from to set the parameter value.

    +

    The OSCAL parameter value construct can be used to prescribe a specific parameter value in a catalog or profile. In cases where a prescriptive value is not possible in a catalog or profile, it may be possible to constrain the set of possible values to a few options. Use of select in a parameter instead of value is a way of defining value options that may be set.

    +

    A set of allowed parameter values expressed as a set of options which may be selected. These options constrain the permissible values that may be selected for the containing parameter. When the value assignment is made, such as in an OSCAL profile or system security plan, the actual selected value can be examined to determine if it matches one of the permissible choices for the parameter value.

    +

    When the value of how-many is set to "one-or-more", multiple values may be assigned reflecting more than one choice.

    -
    @@ -178,7 +184,9 @@ An alternate to the value provided by the parameter's label. This will typically be qualified by a class. - The parent parameter provides an aggregation of 2 or more other parameters, each described by this property. + The parent parameter provides an + aggregation of two or more other parameters, each described + by this property. depends-on is deprecated @@ -191,16 +199,13 @@
    - Constraint - A formal or informal expression of a constraint or test + A formal or informal expression of a constraint or test. - Constraint Description A textual summary of the constraint to be applied. - Constraint Test A test expression which is expected to be evaluated by a tool. @@ -208,7 +213,8 @@ Constraint test - A formal (executable) expression of a constraint + A formal (executable) expression of a + constraint. @@ -223,19 +229,17 @@ Guideline Text Prose permits multiple paragraphs, lists, tables etc. - - Parameter Value A parameter value or set of values. Selection - Presenting a choice among alternatives + Presenting a choice among alternatives. Parameter Cardinality Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted. @@ -249,13 +253,12 @@ Choice - A value selection among several such options + A value selection among several such + options. choice value - -

    A set of parameter value choices, that may be picked from to set the parameter value.

    @@ -267,7 +270,10 @@ Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + + + Include All diff --git a/src/metaschema/oscal_implementation-common_metaschema.xml b/src/metaschema/oscal_implementation-common_metaschema.xml index 68097e6bae..695ac69450 100644 --- a/src/metaschema/oscal_implementation-common_metaschema.xml +++ b/src/metaschema/oscal_implementation-common_metaschema.xml @@ -604,10 +604,7 @@ - - Source Resource Reference - A reference to an OSCAL catalog or profile providing the referenced control or subcontrol definition. - + System Identification + A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. id @@ -679,6 +683,9 @@ A Universally Unique Identifier (UUID) as defined by RFC4122. + +

    This value must be an absolute URI that serves as a naming system identifier.

    +
    diff --git a/src/metaschema/oscal_mapping-common_metaschema.xml b/src/metaschema/oscal_mapping-common_metaschema.xml index a7c5f63582..d0be2ab220 100644 --- a/src/metaschema/oscal_mapping-common_metaschema.xml +++ b/src/metaschema/oscal_mapping-common_metaschema.xml @@ -28,11 +28,11 @@ Mapping Entry Relationship The relationship type for the mapping entry, which describes the relationship between the effective requirements of the specified source and target sets. type - + Relationship Value Namespace A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name. -

    An organization MUST use a URI that they have control over. e.g., a domain registered to the organization in a URI, a registered uniform resource names (URN) namespace.

    +

    This value must be an absolute URI that serves as a naming system identifier.

    When a ns is not provided, its value should be assumed to be http://csrc.nist.gov/ns/oscal and the name should be a name defined by the associated OSCAL model.

    @@ -90,7 +90,7 @@ Mapped Resource Reference - A reference to a back-matter resource that is either the source or target of a mapping. + A reference to a resource that is either the source or target of a mapping. Resource Type The semantic type of the resource. @@ -104,11 +104,12 @@ Catalog or Profile Reference A resolvable URL reference to the base catalog or profile that this profile is tailoring. -

    The value of the href can be an internet resource, or a local reference using a fragment e.g. #fragment that points to a back-matter - resource in the same document.

    - -

    If a local reference using a fragment is used, this will be indicated by a fragment "#" followed by an identifier which references an identified resource in the document's back-matter or another object that is within the scope of the containing OSCAL document.

    -

    If an internet resource is used, the href value will be an absolute or relative URL pointing to the location of the referenced resource. A relative URL will be resolved relative to the location of the document containing the link.

    +

    This value may be one of:

    +
      +
    1. an absolute URI that points to a network resolvable resource,
    2. +
    3. a relative reference pointing to a network resolvable resource whose base URI is the URI of the containing document, or
    4. +
    5. a bare URI fragment (i.e., `#uuid`) pointing to a back-matter resource in this or an imported document (see linking to another OSCAL object).
    6. +
    diff --git a/src/metaschema/oscal_metadata_metaschema.xml b/src/metaschema/oscal_metadata_metaschema.xml index 848123ac94..dced70a942 100644 --- a/src/metaschema/oscal_metadata_metaschema.xml +++ b/src/metaschema/oscal_metadata_metaschema.xml @@ -2,8 +2,9 @@ + + xmlns="http://csrc.nist.gov/ns/oscal/metaschema/1.0" abstract="yes"> OSCAL Document Metadata Description 1.0.4 oscal-metadata @@ -14,8 +15,8 @@ - Publication metadata - Provides information about the publication and availability of the containing document. + Document Metadata + Provides information about the containing document, and defines concepts that are shared across the document. Document Title @@ -25,12 +26,43 @@ - - - - - - + + Revision History Entry + An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first). + + + Document Title + A name given to the document revision, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + + + + The link identifies the authoritative location for this resource. Defined by RFC 6596. + The link identifies an alternative location or format for this resource. Defined by the HTML Living Standard + This link identifies a resource containing the predecessor version in the version history. Defined by RFC 5829. + This link identifies a resource containing the predecessor version in the version history. Defined by RFC 5829. + This link identifies a resource containing the version history of this document. Defined by RFC 5829. + + + + +

    While published, last-modified, and oscal-version are not required, values for these entries should be provided if the information is known. A link with a rel of source should be provided if the information is known.

    +
    +
    @@ -40,15 +72,270 @@ - + + Role + Defines a function, which might be assigned to a party in a specific situation. - - + + + Role Identifier + A unique identifier for the role. + + + + + + + + + + Role Title + A name given to the role, which may be used by a tool for display and navigation. + + + Role Short Name + A short common name, abbreviation, or acronym for the role. + + + + Role Description + A summary of the role's purpose and associated responsibilities. + + + + + + + + + + + + + + +

    Permissible values to be determined closer to the application (e.g. by a receiving authority).

    +

    OSCAL has defined a set of standardized roles for consistent use in OSCAL documents. This allows tools consuming OSCAL content to infer specific semantics when these roles are used. These roles are documented in the specific contexts of their use (e.g., responsible-party, responsible-role). When using such a role, it is necessary to define these roles in this list, which will then allow such a role to be referenced.

    +
    +
    + + Location + A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document. - - + + Location Universally Unique Identifier + A unique ID for the location, for reference. + + + + Location Title + A name given to the location, which may be used by a tool for display and navigation. + + + +

    The physical address of the location, which will provided for physical locations. Virtual locations can omit this data item.

    +
    +
    + + + +

    A contact email associated with the location.

    +
    +
    + + + +

    A phone number used to contact the location.

    +
    +
    + + Location URL + The uniform resource locator (URL) for a web site or other resource associated with the location. + + +

    This data field is deprecated in favor of using a link with an appropriate relationship.

    +
    +
    + + + + + + + +
    + + + Characterizes the kind of location. + + + A location that contains computing assets. A class can be used to indicate the sub-type of data-center as primary or alternate. + + + The location is a data-center used for normal operations. + The location is a data-center used for fail-over or backup operations. + + + In most cases, it is useful to define a location. In some cases, defining an explicit location may represent a security risk. + + + A location must have at least a title, address, email-address, or telephone number. + + + +

    An address might be sensitive in nature. In such cases a title, mailing address, email-address, and/or phone number may be used instead.

    +
    +
    + + Party + An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document. - + + Party Universally Unique Identifier + + A unique identifier for the party. + + + + + + + + Party Type + A category describing the kind of party the object describes. + + + A human being regarded as an individual. + An organized group of one or more person individuals with a specific purpose. + + + + + + Party Name + The full name of the party. This is typically the legal name associated with the party. + + + Party Short Name + A short common name, abbreviation, or acronym for the party. + + + + Party External Identifier + An identifier for a person or organization using a designated + scheme. e.g. an Open Researcher and Contributor ID + (ORCID). + id + + + External Identifier Schema + Indicates the type of external identifier. + + + The identifier is Open Researcher and Contributor ID (ORCID). + + + +

    This value must be an absolute URI that serves as a naming system identifier.

    +
    +
    +
    + + + + + + + + + +

    This is a contact email associated with the party.

    +
    +
    + + + +

    A phone number used to contact the party.

    +
    +
    + + + + + + + + + + Organizational Affiliation + + A reference to another party by UUID, typically an organization, that this subject is associated with. + + + + + + + + + + + +

    Since the reference target of an organizational affiliation must be another party (whether further qualified as person or organization) as inidcated by its uuid. As a machine-oriented identifier with uniqueness across document and trans-document scope, this uuid value is sufficient to reference the data item locally or globally across related documents, e.g., in an imported OSCAL instance.

    +

    Parties of both the person or organization type can be associated with an organization using the member-of-organization.

    +
    +
    + +
    + + + A mail stop associated with the party. + The name or number of the party's office. + The formal job title of a person. + + + +

    A party can be optionally associated with either an address or a location. While providing a meaningful location for a party is desired, there are some cases where it might not be possible to provide an exact location or even any location.

    +
    +
    @@ -59,6 +346,7 @@
    + @@ -74,6 +362,7 @@ + @@ -82,6 +371,7 @@ + + + + @@ -105,126 +398,45 @@
    - Indicates the organization that created this content. - Indicates the organization that prepared this content. - Indicates the organization for which this content was created. - Indicates the organization responsible for all content represented in the "document". - Indicates the organization to contact for questions or support related to this content. + Indicates the person or organization that created this content. + Indicates the person or organization that prepared this content. + Indicates the person or organization for which this content was created. + Indicates the person or organization responsible for all content represented in the "document". + Indicates the person or organization to contact for questions or support related to this content. The value identifies a comma-seperated listing of keywords associated with this content. These keywords may be used as search terms for indexing and other applications. - The link identifies the authoritative location for this file. Defined by RFC 6596. - The link identifies an alternative location or format for this file. Defined by the HTML Living Standard + The link identifies the authoritative location for this resource. Defined by RFC 6596. + The link identifies an alternative location or format for this resource. Defined by the HTML Living Standard This link identifies a resource containing the latest version in the version history. Defined by RFC 5829. This link identifies a resource containing the predecessor version in the version history. Defined by RFC 5829. This link identifies a resource containing the predecessor version in the version history. Defined by RFC 5829. - -
    - - - Revision History Entry - An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first). - - - Document Title - A name given to the document revision, which may be used by a tool for display and navigation. - - - - - - - - - - - - - - - - - The link identifies the authoritative location for this file. Defined by RFC 6596. - The link identifies an alternative location or format for this file. Defined by the HTML Living Standard - This link identifies a resource containing the predecessor version in the version history. Defined by RFC 5829. - This link identifies a resource containing the predecessor version in the version history. Defined by RFC 5829. - - - -

    While published, last-modified, oscal-version, and version are not required, values for these entries should be provided if the information is known. For a revision entry to be considered valid, at least one of the following items must be provided: published, last-modified, version, or a link with a rel of source.

    -
    -
    - - - Location - A location, with associated metadata that can be referenced. - - Location Universally Unique Identifier - - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - - Location Title - A name given to the location, which may be used by a tool for display and navigation. - - - -

    Typically, the physical address of the location will be used here. If this information is sensitive, then a mailing address can be used instead.

    -
    -
    - - - - -

    This is a contact email associated with the location.

    -
    -
    - - - + + + -

    A phone number used to contact the location.

    +

    The combination of scheme and the field value must be unique.

    -
    - - Location URL - The uniform resource locator (URL) for a web site or Internet presence associated with the location. - - - - - - - - - - -
    - - - Characterizes the kind of location. - - - A location that contains computing assets. A class can be used to indicate the sub-type of data-center as primary or alternate. - - - The location is a data-center used for normal operations. - The location is a data-center used for fail-over or backup operations. - + + +

    All OSCAL documents use the same metadata structure, that provides a consistent way of expressing OSCAL document metadata across all OSCAL models. The metadata section also includes declarations of individual objects (i.e., roles, location, parties) that may be referenced within and across linked OSCAL documents.

    +

    The metadata in an OSCAL document has few required fields, representing only the bare minimum data needed to differentiate one instance from another. Tools and users creating OSCAL documents may choose to use any of the optional fields, as well as extension mechanisms (e.g., properties, links) to go beyond this minimum to suit their use cases.

    +

    A publisher of OSCAL content can use the published, last-modified, and version fields to establish information about an individual in a sequence of successive revisions of a given OSCAL-based publication. The metadata for a previous revision can be represented as a revision within this object. Links may also be provided using the predecessor-version and successor-version link relations to provide for direct access to the related resource. These relations can be provided as a link child of this object or as link within a given revision.

    +

    A responsible-party entry in this context refers to roles and parties that have responsibility relative to the production, review, publication, and use of the containing document.

    +
    - Location Reference - - A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + Location Universally Unique Identifier Reference + + Reference to a location by UUID. + + + @@ -235,178 +447,42 @@ - Location Reference - - A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + Location Universally Unique Identifier Reference + + Reference to a location by UUID. + + + - -

    See the Concepts - Identifier Use page for additional information about the referenced identifier's scope.

    -
    - - Party (organization or person) - A responsible entity which is either a person or an organization. - - Party Universally Unique Identifier - - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Party Type - A category describing the kind of party the object describes. - - - An individual. - A group of individuals formed for a specific purpose. - - - - - - - Party Name - The full name of the party. This is typically the legal name associated with the party. - - - Party Short Name - A short common name, abbreviation, or acronym for the party. - - - - Party External Identifier - An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) - id - - - - External Identifier Schema - Indicates the type of external identifier. - - - The identifier is Open Researcher and Contributor ID (ORCID). - - - - - - - - - - - - - - -

    This is a contact email associated with the party.

    -
    -
    - - - - -

    A phone number used to contact the party.

    -
    -
    - - - - - - - - - - - Organizational Affiliation - - A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - - - - - - -

    Parties of both the person or organization type can be associated with an organization using the member-of-organization.

    -
    -
    - -
    - - - A mail stop associated with the party. - The name or number of the party's office. - The formal job title of a person. - - -
    - - Party Reference - - A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - + Party Universally Unique Identifier Reference + + Reference to a party by UUID. + + + - -

    See the Concepts - Identifier Use page for additional information about the referenced identifier's scope.

    -
    - - Role - Defines a function assumed or expected to be assumed by a party in a specific situation. - - - - Role Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - - Role Title - A name given to the role, which may be used by a tool for display and navigation. - - - Role Short Name - A short common name, abbreviation, or acronym for the role. - - - - Role Description - A summary of the role's purpose and associated responsibilities. - - - - - - - - - - -

    Permissible values to be determined closer to the application (e.g. by a receiving authority).

    -

    OSCAL has defined a set of standardized roles for consistent use in OSCAL documents. This allows tools consuming OSCAL content to infer specific semantics when these roles are used. These roles are documented in the specific contexts of their use (e.g., responsible-party, responsible-role). When using such a role, it is necessary to define these roles in this list, which will then allow such a role to be referenced.

    -
    -
    - Role Identifier Reference - - A human-oriented identifier reference to roles served by the user. + + Reference to a role by UUID. + + + @@ -420,37 +496,35 @@ Back matter - A collection of resources, which may be included directly or by reference. + A collection of resources that may be referenced from within the OSCAL document instance. Resource - A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources. + A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources. Resource Universally Unique Identifier + A unique identifier for a resource. - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Resource Title - A name given to the resource, which may be used by a tool for display and navigation. + An optional name given to the resource, which may be used by a tool for display and navigation. - Resource Description - A short summary of the resource used to indicate the purpose of the resource. + An optional short summary of the resource used to indicate the purpose of the resource. - Citation - A citation consisting of end note text and optional structured bibliographic data. + An optional citation consisting of end note text using structured markup. Citation Text @@ -463,49 +537,60 @@ - +--> + + Resource link - A pointer to an external resource with an optional hash for verification and change detection. + A URL-based pointer to an external resource with an optional hash for verification and change detection. Hypertext Reference - A resolvable URI reference to a resource. + A resolvable URL pointing to the referenced resource. + +

    This value may be either:

    +
      +
    1. an absolute URI that points to a network resolvable resource,
    2. +
    3. a relative reference pointing to a network resolvable resource whose base URI is the URI of the containing document, or
    4. +
    +
    + A hash of the resource identified by href, which can be used to verify the resource was not changed since it was hashed. -

    When appearing as part of a resource/rlink, the hash applies to the resource referenced by the href. -

    +

    The hash value can be used to confirm that the resource referenced by the href is the same resources that was hashed by retrieving the resource, calculating a hash, and comparing the result to this value.

    -

    This construct is different from link, which makes no provision for a hash or formal title.

    -

    Multiple rlink can be included for a resource. In such a case, all provided rlink items are intended to be equivalent in content, but may differ in structure. A media-type is used to identify the format of a given rlink, and can be used to differentiate a items in a collection of rlinks. The media-type also provides a hint to the OSCAL document consumer about the structure of the resource referenced by the rlink. +

    Multiple rlink objects can be included for a resource. In such a case, all provided rlink items are intended to be equivalent in content, but may differ in structure or format.

    +

    A media-type is used to identify the format of a given rlink, and can be used to differentiate items in a collection of rlinks. The media-type provides a hint to the OSCAL document consumer about the structure of the resource referenced by the rlink.

    Base64 - The Base64 alphabet in RFC 2045 - aligned with XSD. + A resource encoded using the Base64 alphabet defined by RFC 2045. value - + File Name Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded. @@ -516,13 +601,12 @@
    - Identifies the type of resource represented. + Identifies the type of resource represented. The most specific appropriate type value SHOULD be used. For resources representing a published document, this represents the version number of that document. For resources representing a published document, this represents the publication date of that document. - - - + + Indicates the resource is an organization's logo. Indicates the resource represents an image. @@ -543,7 +627,7 @@ Indicates the resource represents a plan. Indicates the resource represents an artifact, such as may be reviewed by an assessor. - Indicates the resource represents evidence, such as to support an assessment findiing. + Indicates the resource represents evidence, such as to support an assessment finding. Indicates the resource represents output from a tool. Indicates the resource represents machine data, which may require a tool or analysis for interpretation or presentation. Indicates the resource represents notes from an interview, such as may be collected during an assessment. @@ -551,28 +635,26 @@ Indicates the resource is a report. Indicates the resource is a formal agreement between two or more parties. - + + A resource should provide at least an rlink or base64 object. + + Ensure that each rlink item references a unique resource. - -

    Ensures that each rlink item references a unique resource.

    -
    +
    + Ensure that all base64 resources have a unique filename. - -

    Ensures that all base64 resources have a unique filename. -

    -
    - -

    A title is required when a citation is provided.

    -
    + A title is required when a citation is provided.
    -

    A resource can be used in two ways. 1) it may point to an specific retrievable network resource using a rlink, or 2) it may be included as an attachment using a base64. A resource may contain multiple rlink and base64 entries that represent alternative download locations (rlink) and attachments (base64) for the same resource. Both rlink and base64 allow for a media-type to be specified, which is used to distinguish between different representations of the same resource (e.g., Microsoft Word, PDF). When multiple rlink and base64 items are included for a given resource, all items must contain equivalent information. This allows the document consumer to choose a preferred item to process based on a the selected item's media-type. This is extremely important when the items represent OSCAL content that is represented in alternate formats (i.e., XML, JSON, YAML), allowing the same OSCAL data to be processed from any of the available formats indicated by the items.

    + +

    A resource can be used in two ways. 1) it may point to an specific retrievable network resource using a rlink, or 2) it may be included as an attachment using a base64. A resource may contain multiple rlink and base64 entries that represent alternative download locations (rlink) and attachments (base64) for the same resource.

    +

    Both rlink and base64 allow for a media-type to be specified, which is used to distinguish between different representations of the same resource (e.g., Microsoft Word, PDF). When multiple rlink and base64 items are included for a given resource, all items must contain equivalent information. This allows the document consumer to choose a preferred item to process based on a the selected item's media-type. This is extremely important when the items represent OSCAL content that is represented in alternate formats (i.e., XML, JSON, YAML), allowing the same OSCAL data to be processed from any of the available formats indicated by the items.

    When a resource includes a citation, then the title and citation properties must both be included.

    @@ -583,7 +665,7 @@
    -

    Provides a collection of identified resource objects that can be referenced by a link with a rel value of "reference" and an href value that is a fragment "#" followed by a reference to a reference identifier. Other specialized link "rel" values also use this pattern when indicated in that context of use.

    +

    Provides a collection of identified resource objects that can be referenced by a link with a rel value of "reference" and an href value that is a fragment "#" followed by a reference to a reference's uuid. Other specialized link "rel" values also use this pattern when indicated in that context of use.

    @@ -593,10 +675,10 @@ - My citation + My citation - + @@ -609,13 +691,15 @@ Property - An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values. + An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. prop Property Name - A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. + A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. - + + + A label or descriptor that is tied to a sensitivity or classification marking system. An optional class can be used to define the specific marking system used for the associated value. @@ -623,16 +707,13 @@ Property Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for a property. - - - + Property Namespace A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name. -

    Provides a means to segment the value space for the name, so that different organizations and individuals can assert control over the allowed names and associated values used in a property. This allows the semantics associated with a given name/value pair to be defined on an organization-by-organization basis.

    -

    An organization MUST use a URI that they have control over. e.g., a domain registered to the organization in a URI, a registered uniform resource names (URN) namespace.

    +

    This value must be an absolute URI that serves as a naming system identifier.

    When a ns is not provided, its value should be assumed to be http://csrc.nist.gov/ns/oscal and the name should be a name defined by the associated OSCAL model.

    @@ -642,10 +723,11 @@
    Property Class - A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. - + A textual label that provides a sub-type or characterization of the + property's name. -

    A class can be used in validation rules to express extra constraints over named items of a specific class value.

    +

    This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns, or to group properties into categories.

    +

    A class can be used in validation rules to express extra constraints over named items of a specific class value. It is available for grouping, but unlike group is not expected specifically to designate any group membership as such.

    @@ -666,28 +748,30 @@ Link - A reference to a local or remote resource + A reference to a local or remote resource, that has a specific relation to the containing object. Hypertext Reference A resolvable URL reference to a resource. -

    The value of the href can be an internet resource, or a local reference using a fragment e.g. #fragment that points to a back-matter - resource in the same document.

    - -

    If a local reference using a fragment is used, this will be indicated by a fragment "#" followed by an identifier which references an identified resource in the document's back-matter or another object that is within the scope of the containing OSCAL document.

    -

    If an internet resource is used, the href value will be an absolute or relative URI pointing to the location of the referenced resource. A relative URI will be resolved relative to the location of the document containing the link.

    +

    This value may be one of:

    +
      +
    1. an absolute URI that points to a network resolvable resource,
    2. +
    3. a relative reference pointing to a network resolvable resource whose base URI is the URI of the containing document, or
    4. +
    5. a bare URI fragment (i.e., `#uuid`) pointing to an OSCAL object by the objects identifier (e.g., id, uuid) in this or an imported document (see linking to another OSCAL object). The specific object type will differ based on the link relationship type.
    6. +
    - Relation - Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. + Link Relation Type + Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose. - Reference + A generalized reference to a network resource (relative or absolute) or to a back-matter resource by UUID expressed as a bare URI fragment. + Link Media Type

    The media-type provides a hint about the content model of the referenced resource. A valid entry from the IANA Media Types registry SHOULD be used.

    @@ -699,6 +783,12 @@
    + + A local reference SHOULD NOT have a media-type. + +

    Since both link and back-matter/resource both allow specification of a media-type, the media-type on link may conflict with the any media-type entries on a resource's rlink or base64 objects. This constraint prevents this from occurring.

    +
    +
    @@ -731,19 +821,19 @@ Responsible Party - A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object. + A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object. Responsible Role - - A human-oriented identifier reference to roles served by the user. + + A reference to a role performed by a party. + + + + Specifies one or more parties responsible for performing the associated role. - -

    Specifies one or more parties that are responsible for performing the associated role. -

    -
    @@ -757,10 +847,11 @@ - - -
    + +

    A responsible-party requires one or more party-uuid references creating a strong relationship arc between the referenced role-id and the reference parties. This differs in semantics from responsible-role which doesn't require that a party-uuid is referenced.

    +

    The scope of use of this object determines if the responsibility has been performed or will be performed in the future. The containing object will describe the intent.

    +
    @@ -817,11 +908,10 @@ Responsible Role - A reference to one or more roles with responsibility for performing a function relative to the containing object. + A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role. Responsible Role ID - - A human-oriented identifier reference to roles responsible for the business function. + A human-oriented identifier reference to a role performed. @@ -831,20 +921,25 @@ + Specifies zero or more parties responsible for performing the associated role. + +

    A responsible-role allows zero or more party-uuid references, each of which creates a relationship arc between the referenced role-id and the referenced party. This differs in semantics from responsible-party, which requires that at least one party-uuid is referenced.

    +

    The scope of use of this object determines if the responsibility has been performed or will be performed in the future. The containing object will describe the intent.

    +
    - + Hash A representation of a cryptographic digest generated over a resource using a specified hash algorithm. value Hash algorithm - Method by which a hash is derived + The digest method by which a hash is derived. The SHA-224 algorithm as defined by NIST FIPS 180-4. @@ -866,26 +961,38 @@ -

    Any other value used MUST be a value defined in the W3C XML Security Algorithm Cross-Reference Digest Methods (W3C, April 2013) or RFC 6931 Section 2.1.5 New SHA Functions.

    +

    Any other value used MUST be a value defined in the W3C XML Security Algorithm Cross-Reference Digest Methods (W3C, April 2013) or RFC 6931 Section 2.1.5 New SHA Functions.

    - -

    A hash value can be used to authenticate that a referenced resource is the same resources as was pointed to by the author of the reference.

    -
    + + + + + +
    Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. - + A label that indicates the nature of a resource, as a data serialization or + format. -

    The IANA Media Types Registry should be used, but currently there is no official media type for YAML. OSCAL documents should specify application/yaml for general YAML content, or application/oscal+yaml for YAML-based OSCAL content. This approach aligns with use of a structured name suffix, per RFC 6838 Section 4.2.8.

    +

    The Internet Assigned Numbers Authority (IANA) Media + Types Registry defines a standardized set of media types, which may be used + here.

    +

    The application/oscal+xml, application/oscal+json or application/oscal+yaml media types SHOULD be used when referencing OSCAL XML, JSON, or YAML resources respectively.

    +

    **Note: There is no official media type for YAML at this time.** OSCAL documents should specify application/yaml for general YAML content, or application/oscal+yaml for YAML-based OSCAL content. This approach aligns with use of a structured name suffix, per RFC 6838 Section 4.2.8.

    +

    Some earlier OSCAL content incorporated the model into the media type. For example: application/oscal.catalog+xml. This practice SHOULD be avoided, since the OSCAL model can be detected by parsing the initial content of the referenced resource.

    Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. + +

    The remarks field SHOULD not be used to store arbitrary data. Instead, a prop or link should be used to annotate or reference any additional data not formally supported by OSCAL.

    +
    @@ -893,49 +1000,51 @@ Publication Timestamp - The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last made available. -

    This value represents the point in time when the OSCAL document was published. Typically, this date value will be machine generated at the time the containing document is published.

    -

    In some cases, an OSCAL document may be derived from some source material in a different format. In such a case, the published value should indicate when the OSCAL document was published, not the source material. Where necessary, the publication date of the original source material can be captured as a named property or custom metadata construct.

    -

    A publisher of OSCAL content can use this data point along with its siblings last-modified and version to establish a sequence of successive revisions of a given OSCAL-based publication. The metadata for previous revisions can be represented as a revision in this object.

    +

    Typically, this date value will be machine-generated at the time the containing document is published.

    +

    In some cases, an OSCAL document may be derived from some source material provided in a different format. In such a case, the published value should indicate when the OSCAL document instance was last published, not the source material.

    +
    Last Modified Timestamp - The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last stored for later retrieval. -

    This value represents the point in time when the OSCAL document was last updated, or at the point of creation the creation date. Typically, this date value will be machine generated at time of creation or modification.

    -

    In some cases, an OSCAL document may be derived from some source material in a different format. In such a case, the last-modified value should indicate the modification time of the OSCAL document, not the source material.

    -

    A publisher of OSCAL content can use this data point along with its siblings published and version to establish a sequence of successive revisions of a given OSCAL-based publication. The metadata for previous revisions can be represented as a revision in this object.

    +

    This value represents the point in time when the OSCAL document was last updated, or at the point of creation the creation date. Typically, this date value will be machine generated at time of creation or modification. Ideally, this field will be managed by the editing tool or service used to make modifications when storing the modified document.

    +

    The intent of the last modified timestamp is to distinguish between significant change milestones when the document may be accessed by multiple entities. This allows a given entity to differentiate between mutiple document states at specific points in time. It is possible to make multiple modifications to the document without storing these changes. In such a case, the last modified timestamp might not be updated until the document is finally stored.

    +

    In some cases, an OSCAL document may be derived from some source material in a different format. In such a case, the last-modified value should indicate the last modification time of the OSCAL document instance, not the source material.

    Document Version - A string used to distinguish the current version of the document from other previous (and future) versions. + Used to distinguish a specific revision of an OSCAL document from other previous and future versions. -

    A version string may be a release number, sequence number, date, or other identifier suffcient to distinguish between different document versions. This version is typically set by the document owner or by the tool used to maintain the content.

    -

    While not required, it is recommended that OSCAL content authors use Semantic Versioning as a format for version strings. This allows for the easy identification of a version tree consisting of major, minor, and patch numbers.

    -

    A publisher of OSCAL content can use this data point along with its siblings published and last-modified to establish a sequence of successive revisions of a given OSCAL-based publication. The metadata for previous revisions can be represented as a revision in this object.

    +

    A version may be a release number, sequence number, date, or other identifier sufficient to distinguish between different document revisions.

    +

    While not required, it is recommended that OSCAL content authors use Semantic Versioning as the version format. This allows for the easy identification of a version tree consisting of major, minor, and patch numbers.

    +

    A version is typically set by the document owner or by the tool used to maintain the content.

    - OSCAL version - The OSCAL model version the document was authored against. + OSCAL Version + The OSCAL model version the document was authored against and will conform to as valid. -

    Indicates the version of the OSCAL model to which this data set conforms, for example 1.1.0 or 1.0.0-M1. That can be used as a hint by a tool to indicate which version of the OSCAL XML or JSON schema to use for validation.

    +

    Indicates the version of the OSCAL model to which the document conforms, for example 1.1.0 or 1.0.0-milestone1. That can be used as a hint for a tool indicating which version of the OSCAL XML or JSON schema to use for validation.

    +

    The OSCAL version serves a different purpose from the document version and is used to represent a different concept. If both have the same value, this is coincidental.

    Email Address - An email address as defined by RFC 5322 Section 3.4.1. - + An email address as defined by RFC 5322 Section + 3.4.1. Telephone Number - Contact number by telephone. + A telephone service number as defined by ITU-T E.164. number type flag @@ -948,6 +1057,13 @@ + + + +

    Providing a country code provides an international means to interpret the phone number.

    +
    +
    +
    @@ -967,11 +1083,12 @@ State - State, province or analogous geographical region for mailing address + State, province or analogous geographical region for a mailing + address. Postal Code - Postal or ZIP code for mailing address + Postal or ZIP code for mailing address. Country Code @@ -1000,31 +1117,30 @@ - Document Identifier - A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + A document identifier qualified by an identifier + scheme. identifier - - - + Document Identification Scheme - Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. + Qualifies the kind of document identifier using a URI. If the scheme is not + provided the value of the element will be interpreted as a string of + characters. A Digital Object Identifier (DOI); use is preferred, since this allows for retrieval of a full bibliographic record. + +

    This value must be an absolute URI that serves as a naming system identifier.

    +
    -

    This element is optional, but it will always have a valid value, as if it is missing the value of "document-id" is assumed to be equal to the UUID of the root. This requirement allows for document creators to retroactively link an update to the original version, by providing a document-id on the new document that is equal to the uuid of the original document.

    +

    A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions, representations or digital surrogates of the same document.

    +

    A document identifier provides an additional data point for identifying a document that can be assigned by a publisher or organization for purposes in a wider system, such as a digital object identifier (DOI) or a local content management system identifier.

    +

    Use of a document identifier allows for document creators to associate sets of documents that are related in some way by the same document-id.

    +

    An OSCAL document always has an implicit document identifier provided by the document's UUID, defined by the uuid on the top-level object. Having a default UUID-based identifier ensures all documents can be minimally identified when other document identifiers are not provided.

    - - - diff --git a/src/metaschema/oscal_profile_metaschema.xml b/src/metaschema/oscal_profile_metaschema.xml index b801621f4d..5d3ea80e06 100644 --- a/src/metaschema/oscal_profile_metaschema.xml +++ b/src/metaschema/oscal_profile_metaschema.xml @@ -3,15 +3,29 @@ ]> + + xmlns="http://csrc.nist.gov/ns/oscal/metaschema/1.0"> OSCAL Profile Model 1.0.4 oscal-profile http://csrc.nist.gov/ns/oscal/1.0 http://csrc.nist.gov/ns/oscal -

    A profile designates a selection and configuration of controls from one or more catalogs, along with a series of operations over them. The topmost element in the OSCAL profile XML schema is profile.

    +

    In OSCAL a profile represents a set of selected controls from one or more control catalogs. Such a set of controls can + be referenced by an OSCAL system security plan (SSP) to establish a control baseline. This effective set of controls is produced from an OSCAL + profile using a deterministic, predictable process called profile resolution.

    +

    A profile references one or more OSCAL catalogs or profiles to import controls for control selection and tailoring. A profile can also describe how a resulting catalog is structured. When the profile is resolved, these selections and modifications are processed to produce a resulting OSCAL catalog.

    +

    OSCAL profiles have uses beyond establishing control baselines, such as documentation + generation or as reference tables for validations.

    @@ -19,12 +33,18 @@ Profile - Each OSCAL profile is defined by a Profile element + Each OSCAL profile is defined by a profile + element. profile Profile Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this profile elsewhere in this or other OSCAL instances. The locally defined UUID of the profile can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This identifier should be assigned per-subject, which means it should be consistently used to identify the same profile across revisions of the document. + Provides a globally unique means to identify a given profile instance. + + + + + @@ -37,21 +57,21 @@

    An OSCAL document that describes a tailoring of controls from one or more catalogs, with possible modification of multiple controls. It provides mechanisms by which controls may be selected (import), merged or (re)structured (merge), and amended (modify). OSCAL profiles may select subsets of controls, set parameter values for them in application, and even adjust the representation of controls as given in and by a catalog. They may also serve as sources for further modification in and by other profiles, that import them.

    -

    See the Concepts - Identifier Use page for additional information regarding this identifier's uniqueness and scope.

    - Import resource - The import designates a catalog or profile to be included (referenced and potentially modified) by this profile. The import also identifies which controls to select using the include-all, include-controls, and exclude-controls directives. + Import Resource + Designates a referenced source catalog or profile that provides a source of control information for use in creating a new overlay or baseline. Catalog or Profile Reference A resolvable URL reference to the base catalog or profile that this profile is tailoring. -

    The value of the href can be an internet resource, or an internal reference using a fragment e.g. #fragment that points to a back-matter - resource in the same document.

    - -

    If a local reference using a fragment is used, this will be indicated by a fragment "#" followed by an identifier which references the uuid value of a resource in the document's back-matter.

    -

    If an internet resource is used, the href value will be an absolute or relative URL pointing to the location of the referenced resource. A relative URL will be resolved relative to the location of the document containing the link.

    +

    This value may be one of:

    +
      +
    1. an absolute URI that points to a network resolvable resource,
    2. +
    3. a relative reference pointing to a network resolvable resource whose base URI is the URI of the containing document, or
    4. +
    5. a bare URI fragment (i.e., `#uuid`) pointing to a back-matter resource in this or an imported document (see linking to another OSCAL object).
    6. +
    @@ -78,7 +98,6 @@ -

    A profile must be based on an existing OSCAL catalog or another OSCAL profile. An import indicates such a source whose controls are to be included (referenced and modified) in a profile. This source will either be a catalog whose controls are given (by value), or a profile with its own control imports.

    The contents of the import element indicate which controls from the source will be included. Controls from the source catalog or profile may be either selected, using the include-all or include-controls directives, or de-selected (using an exclude-controls directive).

    @@ -88,44 +107,43 @@
    - Merge controls - A Merge element provides structuring directives that drive how controls are organized after resolution. + Merge Controls + Provides structuring directives that instruct how controls are organized after profile resolution. - Combination rule - A Combine element defines how to combine multiple (competing) versions of the same control. + Combination Rule + A Combine element defines how to resolve duplicate instances of the same control (e.g., controls with the same ID). - Combination method - How clashing controls should be handled + Combination Method + Declare how clashing controls should be + handled. Use the first definition - the first control with a given ID is used; subsequent ones are discarded - **(deprecated)** **(unspecified)** Merge - controls with the same ID are combined + **(deprecated)** **(unspecified)** + Merge - controls with the same ID are + combined Keep - controls with the same ID are kept, retaining the clash - + - -

    Whenever combining controls from multiple (import) pathways, an issue arises of what to do with clashing invocations (multiple competing versions of a control).

    -

    This setting permits a profile designer to apply a rule for the resolution of such cases. In a well-designed profile (e.g. one that uses mapping), such collisions would ordinarily be avoided, but this setting can be useful for defining what to do when it occurs.

    -

    If no combine element appears, it is considered equivalent to providing a combine element with a method of value keep.

    -
    - Flat - Use the flat structuring method. + Flat Without Grouping + Directs that controls appear without any grouping structure. - As-Is Structuring Directive - An As-is element indicates that the controls should be structured in resolution as they are structured in their source catalogs. It does not contain any elements or attributes. + Group As-Is + Indicates that the controls selected should retain their original grouping as defined in the import source. - Custom grouping - A Custom element frames a structure for embedding represented controls in resolution. + Custom Grouping + Provides an alternate grouping structure that selected controls will be placed in. @@ -135,25 +153,28 @@ -

    The custom element represents a custom arrangement or organization of controls in the resolution of a catalog.

    -

    While the as-is element provides for a restitution of a control set's organization (in one or more source catalogs), this element permits the definition of an entirely different structure.

    +

    The custom element represents a custom arrangement or organization of controls in the resolution of a catalog. This structuring directive gives the profile author the ability to define an entirely different organization of controls as compared to their source catalog(s).

    - -

    The contents of the merge element may be used to reorder or restructure controls by indicating an order and/or structure in resolution.

    -

    Implicitly, a merge element is also a filter: controls that are included in a profile, but not included (implicitly or explicitly) in the scope of a merge element, will not be merged into (will be dropped) in the resulting resolution.

    -
    - Control group - A group of (selected) controls or of groups of controls + Control Group + A group of (selected) controls or of groups of controls. - + Group Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document. + Identifies the group. + + + + + + +

    This optional data element is available to support hyperlinking to formal groups or families as defined in control catalogs, among other operations.

    +
    Group Class @@ -166,7 +187,7 @@ Group Title - A name given to the group, which may be used by a tool for display and navigation. + A name to be given to the group for use in display. @@ -194,18 +215,24 @@
    - Modify controls - Set parameters or amend controls in resolution + Modify Controls + Set parameters or amend controls in resolution. Parameter Setting - A parameter setting, to be propagated to points of insertion + A parameter setting, to be propagated to points of + insertion. Parameter ID - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + An identifier for the parameter. + + + + + Parameter Class @@ -215,7 +242,7 @@ - Depends on + Depends On **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. @@ -234,7 +261,8 @@
    Parameter Usage Description - Describes the purpose and use of a parameter + Describes the purpose and use of a + parameter. constraint @@ -260,7 +288,7 @@
    Alteration - An Alter element specifies changes to be made to an included control when a profile is resolved. + Specifies changes to be made to an included control when a profile is resolved. @@ -270,7 +298,8 @@ Reference by (assigned) name - Identify items to remove by matching their assigned name + Identify items remove by matching their + assigned name. Reference by class @@ -282,7 +311,10 @@ Item Name Reference - Identify items to remove by the name of the item's information element name, e.g. title or prop + Identify items to remove by the name of the + item's information object name, e.g. + title or + prop. A descendant parameter and all of its descendants. @@ -305,11 +337,14 @@ Addition - Specifies contents to be added into controls, in resolution + Specifies contents to be added into controls, in + resolution. Position - Where to add the new content with respect to the targeted element (beside it or inside it) + Where to add the new content with respect to + the targeted element (beside it or inside + it). Preceding the by-id target @@ -329,7 +364,6 @@ A name given to the control, which may be used by a tool for display and navigation. - @@ -343,7 +377,6 @@ - &allowed-values-control-group-property-name; @@ -372,7 +405,7 @@ - Select controls + Select Controls Specifies which controls to use in the containing context. Order @@ -407,18 +440,19 @@ - Call - Call a control by its ID + Select Control + Select a control or controls from an imported control set. Match Controls by Identifier - + Selecting a control by its ID given as a literal. Match Controls by Pattern - Select controls by (regular expression) match on ID + Selecting a set of controls by matching their IDs with a + wildcard pattern. @@ -428,7 +462,7 @@ - Include contained controls with control + Include Contained Controls with Control When a control is included, whether its child (dependent) controls are also included. diff --git a/src/metaschema/oscal_ssp_metaschema.xml b/src/metaschema/oscal_ssp_metaschema.xml index 216190339e..6c51f093dd 100644 --- a/src/metaschema/oscal_ssp_metaschema.xml +++ b/src/metaschema/oscal_ssp_metaschema.xml @@ -57,12 +57,13 @@ Profile Reference A resolvable URL reference to the profile or catalog to use as the system's control baseline. -

    The value of the href can be an internet resource, or a local reference using a fragment e.g. #fragment that points to a back-matter - resource in the same document.

    - -

    If a local reference using a fragment is used, this will be indicated by a fragment "#" followed by an identifier which references an identified resource in the document's back-matter or another object that is within the scope of the containing OSCAL document. The identified resource will be used instead as the target resource.

    -

    If an internet resource is used, the href value will be an absolute or relative URI pointing to the location of the target resource. A relative URI will be resolved relative to the location of the document containing the link.

    -

    If the resource is an OSCAL profile, it is expected that a tool will resolve the profile according to the OSCAL [profile resolution specification](https://pages.nist.gov/OSCAL/concepts/processing/profile-resolution/) to produce a resolved profile for use when processing the containing system security plan. This allows a system security plan processor to use the baseline as a catalog of controls.

    +

    This value may be one of:

    +
      +
    1. an absolute URI that points to a network resolvable resource,
    2. +
    3. a relative reference pointing to a network resolvable resource whose base URI is the URI of the containing document, or
    4. +
    5. a bare URI fragment (i.e., `#uuid`) pointing to a back-matter resource in this or an imported document (see linking to another OSCAL object).
    6. +
    +

    If the resource is an OSCAL profile, it is expected that a tool will resolve the profile according to the OSCAL profile resolution specification to produce a resolved profile for use when processing the containing system security plan. This allows a system security plan processor to use the baseline as a catalog of controls.

    While it is possible to reference a previously resolved OSCAL profile as a catalog, this practice is discouraged since the unresolved form of the profile communicates more information about selections and changes to the underlying catalog. Furthermore, the underlying catalog can be maintained separately from the profile, which also has maintenance advantages for distinct maintainers, ensuring that the best available information is produced through profile resolution.

    @@ -88,6 +89,9 @@ System Name - Short A short name for the system, such as an acronym, that is suitable for display in a data table or summary list. + +

    Since system-name-short is optional, if the system-name-short is not provided, the system-name can be used as a substitute.

    +
    System Description @@ -218,6 +222,9 @@ Based on the section identifiers in NIST Special Publication 800-60 Volume II Revision 1. + +

    This value must be an absolute URI that serves as a naming system identifier.

    +
    @@ -274,6 +281,10 @@ + A 'low' sensitivity level as defined in FIPS-199. @@ -319,18 +330,19 @@ Security Impact Level The overall level of expected impact resulting from unauthorized disclosure, modification, or loss of access to information. + - Security Objective: Confidentiality A target-level of confidentiality for the system, based on the sensitivity of information within the system. - Security Objective: Integrity A target-level of integrity for the system, based on the sensitivity of information within the system. - Security Objective: Availability A target-level of availability for the system, based on the sensitivity of information within the system. From 5359f23466aea3ba4ec517851e679d040d8f51e5 Mon Sep 17 00:00:00 2001 From: galtm <40716346+galtm@users.noreply.github.com> Date: Tue, 27 Sep 2022 09:22:37 -0400 Subject: [PATCH 064/138] Test modify phase, plus minor XSLT enhancements (#1321) Most of the XSLT changes are to align with the latest specification. XSLT - Warn if set-parameter matches nothing - Handle more types of children of param - Make match="control" template handle both implicit and explicit binding - New oscal:patches-to-id-targeting-ancestor function for processing needed in multiple places - For explicit binding that adds a title, add it after original title to facilitate keeping the right one in finish phase - For removal by class, expect exact match with no tokenization or case insensitivity - In finish phase, keep only last title of a control XSpec - Add tests at the level of individual templates and functions --- .../oscal-profile-resolve-modify.xsl | 162 +- .../testing/4_modified/modify.xspec | 1910 ++++++++++++++--- 2 files changed, 1770 insertions(+), 302 deletions(-) diff --git a/src/utils/util/resolver-pipeline/oscal-profile-resolve-modify.xsl b/src/utils/util/resolver-pipeline/oscal-profile-resolve-modify.xsl index d49e6bf560..74d6315a29 100644 --- a/src/utils/util/resolver-pipeline/oscal-profile-resolve-modify.xsl +++ b/src/utils/util/resolver-pipeline/oscal-profile-resolve-modify.xsl @@ -1,20 +1,20 @@ - - + - + @@ -26,115 +26,161 @@ + - + + + + + + + + + set-parameter with param-id="{@param-id}" does not match any param id. + Warning + + + - + - + - - - + + + + + + + + + + + + - - + + + + + + + - - - - - - - - - - - + got here! removable is + + + + + + + + + + + + + + + + + + + + + + + + - - - - - + - + + - + - + - - - - - - + - + - - - - + + + - - - - + + + + - - - - - - - + + + + + + + + diff --git a/src/utils/util/resolver-pipeline/testing/4_modified/modify.xspec b/src/utils/util/resolver-pipeline/testing/4_modified/modify.xspec index e1bea36470..40eb7e3026 100644 --- a/src/utils/util/resolver-pipeline/testing/4_modified/modify.xspec +++ b/src/utils/util/resolver-pipeline/testing/4_modified/modify.xspec @@ -1,301 +1,1723 @@ - - - - - - + stylesheet="../../oscal-profile-resolve-modify.xsl" + xslt-version="3.0"> - - - + + + + Control A + + + Context to consider + + + + + + + + + + + + + text + + + + + + + + + + + + + - - - - - - - - - - - Control A - - + + + + + + + + + + + + + + + + - + - - - - - New a123-1 - - - - - - - - - - - - - - - - - Control A - - - New a123-1 + + Control A + + + + + + + + + + + New a123-1 + + + + + + + + + + + - + - - - - + + Control A + + + New a123-1 + + + + + + + + + + + + + + Control A + + + + + + + + + + + + + Control A + + + + + + + + + + Control A + + + + + + + + + + + + + + + Control A + + + + + + + + + + + Control A + + + + + + + + + + + + + + + Control A + + + + + + + + + + + + Control A + + + + + + +

    Statement

    +
    +
    +
    +
    +
    + + + + Control A + + +

    Statement

    +
    +
    +
    +
    + + + + + + Control A + + + + + + + + + + Control A + + + Context to consider + No context + + + + + + + + + + + + + Control A + + Context to consider + + + + + + + + + Control A + + + Context to consider + + + + + + + + + + + + + Control A + + + + +
    - - - - Control A - - - - - - - - - - - - - Control A - - - - + + + - - - - - Control A - - - - - - - - - - - - - - - Control A - - - - - + + + + + + + + + + + at least every 3 years + + + + + + - - - - - Control A - - - - - - - - - - - - - - - Control A - - - - - + + + + + + + + + + + at least every 3 years + + + + + + + + + + + at least every 3 years + + + + + + + + + + ORIGINAL constraint +

    ORIGINAL guideline

    +

    ORIGINAL remarks

    + + + + + NEW constraint +

    NEW guideline

    +
    +
    +
    +
    + + + + + + + + + ORIGINAL constraint + NEW constraint +

    ORIGINAL guideline

    +

    NEW guideline

    +

    ORIGINAL remarks

    + +
    +
    + + + + + +

    Usage

    + in the first quarter + ORIGINAL + + + + + at least every 3 years + NEW + + +

    NEW Usage

    +
    + + +

    NEWER Usage

    + NEWER +
    +
    +
    +
    + + + + + + +

    NEWER Usage

    + in the first quarter + at least every 3 years + NEWER + +
    +
    + + + + + + ORIGINAL + + + + ORIGINAL + + + + NEW + + + + + + + + + NEW + + + + + + + + + + + + + + + NEW + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    - - - - + + + + + + + + + Control A + + + + + + + + + + + + + Control A + + + + + + + + + + + + + Control A + + + + + + + + + + + + + Control A + + + + + + + + + + + + + Control A + + + + + + + + + + + + Control A + + + + + + New Title + + + + + + + + + + + Control A + New Title + + + + + + + + + Control A + + + Control A.1 + + + +

    Text

    +
    +
    +
    + + + + + + + New Title + + + +
    +
    + + + + +
    + + + + + Control A + + + + + + + + + + + + + + + + + + + + + + + + + Control A + + + + + + + + + + + + + + Control A + + + + + + + + + + + + + + + + + + + + + + + + + Control A + + + + + + + + + + + + + + Control A + + + + + + + + + + + + + + + + + + + + + + + Control A + + + + + + + + + +
    + + + + + + + + Control A.1 + +

    New text

    +
    + + + +

    Text

    +
    +
    +
    +
    + + + + + + + Control A.1 + + + +

    Text

    +
    + +

    New text

    +
    +
    +
    +
    + + + + + + + Control A.1 + + + +

    Text

    +
    + +

    New text

    +
    +
    +
    +
    + + + + + + +

    New text

    +
    + + Control A.1 + + + +

    Text

    +
    +
    +
    +
    + + + + + + + Control A.1 + + + +

    Text

    +
    +
    + +

    New text

    +
    +
    +
    + + + + + Control A + + Control A.1 + + + + + + + New Title + + + + + + + + + + + Control A.1 + New Title + + + + + + + + + Control A + + + Control A.1 + + + +

    Text

    +
    +
    +
    + + + + + New Title + + + +
    +
    + + + + +
    +
    + + + + + Control A - + + + +

    Text

    +
    + + Control A.1 + + + +

    Text

    +
    +
    - - - - -

    Statement

    -
    -
    -
    -
    -
    - - - + +
    + + + + + Control A + + + +

    Text

    +
    +
    + + + + +

    New text

    +
    +
    +
    +
    +
    +
    + + + + + Control A - - -

    Statement

    + + + +

    Text

    +
    +
    +
    +
    + + + + + + + + Control A + + + + + + + + + + + + + + + + + + + + + + + + Control A + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Control A + + + + + + + + + + + + + + + + + + + + Control A + + Control A1 + + Control A1-1 + + + + + + + + + + + + + + + + + + + + + + + + + + + Control A + + Control A1 + + Control A1-1 + + + + + + + + + + + + + + + + + + + + + + + + + + + Control A + + Control A1 + + Control A1-1 + + + + + + + + + + + + + + + + + + + + + + + + + + + Control A + + + + + + + + + + + + + + + + + + + +

    New text

    +
    +

    Text

    + +

    Text

    +
    +
    +
    +
    + + + + + + +

    Text

    + +

    Text

    +
    + +

    New text

    +
    +
    +
    +
    + + + + + + +

    Text

    + +

    Text

    +
    + +

    New text

    +
    +
    +
    +
    + + + + + + +

    New text

    +
    + +

    Text

    + +

    Text

    +
    +
    +
    +
    + + + + + + +

    Text

    + +

    Text

    +
    +
    + +

    New text

    +
    +
    +
    + + + + + Control A + + Statement + + + + + + New Title + + + + + + + + + + + Statement + New Title + + + +
    + + + + + + + +

    New text

    +
    +

    Text

    +
    +
    +
    + + + + + + + +

    New text

    +
    +

    Text

    +
    +
    +
    + + + + + Control A + + + +

    Text

    +
    + +

    Text

    +
    +
    + + + + + + + + + + + + + + + + + + + + +
    +
    + + + + + + + + + + + +
    +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Group X + + Control X1 + + + + + + + Context to consider + + Control X2 + Control X3 + + + Group Z + Control Z1 + Control Z2 + Control Z3 + Control Z3-A + Control Z3-A-1 + + + - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - - + + + - - Control A - - - Context to consider + Control Z3 + Control Z3-A + + Control Z3-A-1 + + + + - - - + + + + + + - - - - - Control A - - - - + + + + + + + - - + + + + + + + + - + Control A - - - Context to consider - No context + + - - - + + + + + + + + - - - - Control A - - Context to consider - - - - - + + - + Control A - - - Context to consider + + + +

    Text

    + +

    Text

    +
    +
    + + Control A.1 + + + +

    Text

    +
    +
    - - - + + + +

    New text

    +
    +
    +
    + + - - - - Control A - - - -
    - - - - - - - - Control A - - - - - at least every 3 years - - - - - - - - - at least every 3 years - - - Control A - - - - - - -
    From aabdf5967eea7c39126541d47dcda0749e636d0f Mon Sep 17 00:00:00 2001 From: david-waltermire-nist Date: Tue, 27 Sep 2022 13:27:53 +0000 Subject: [PATCH 065/138] Publishing generated metaschema resources [ci skip] --- ..._assessment-plan_xml-to-json-converter.xsl | 321 ++-- ...sessment-results_xml-to-json-converter.xsl | 321 ++-- .../oscal_catalog_xml-to-json-converter.xsl | 325 ++-- .../oscal_complete_xml-to-json-converter.xsl | 1384 +++++++++++++-- .../oscal_component_xml-to-json-converter.xsl | 304 ++-- .../oscal_mapping_xml-to-json-converter.xsl | 310 ++-- .../oscal_poam_xml-to-json-converter.xsl | 303 ++-- .../oscal_profile_xml-to-json-converter.xsl | 318 ++-- .../oscal_ssp_xml-to-json-converter.xsl | 303 ++-- json/schema/oscal_assessment-plan_schema.json | 582 ++++--- .../oscal_assessment-results_schema.json | 582 ++++--- json/schema/oscal_catalog_schema.json | 592 ++++--- json/schema/oscal_complete_schema.json | 718 ++++---- json/schema/oscal_component_schema.json | 586 ++++--- json/schema/oscal_mapping_schema.json | 506 +++--- json/schema/oscal_poam_schema.json | 582 ++++--- json/schema/oscal_profile_schema.json | 666 ++++---- json/schema/oscal_ssp_schema.json | 572 ++++--- ..._assessment-plan_json-to-xml-converter.xsl | 152 +- ...sessment-results_json-to-xml-converter.xsl | 152 +- .../oscal_catalog_json-to-xml-converter.xsl | 200 ++- .../oscal_complete_json-to-xml-converter.xsl | 623 +++++-- .../oscal_component_json-to-xml-converter.xsl | 133 +- .../oscal_mapping_json-to-xml-converter.xsl | 137 +- .../oscal_poam_json-to-xml-converter.xsl | 130 +- .../oscal_profile_json-to-xml-converter.xsl | 177 +- .../oscal_ssp_json-to-xml-converter.xsl | 130 +- xml/schema/oscal_assessment-plan_schema.xsd | 1165 ++++++------- .../oscal_assessment-results_schema.xsd | 1181 ++++++------- xml/schema/oscal_catalog_schema.xsd | 1053 ++++++------ xml/schema/oscal_complete_schema.xsd | 1504 ++++++++--------- xml/schema/oscal_component_schema.xsd | 1089 ++++++------ xml/schema/oscal_mapping_schema.xsd | 932 +++++----- xml/schema/oscal_poam_schema.xsd | 1169 ++++++------- xml/schema/oscal_profile_schema.xsd | 1162 ++++++------- xml/schema/oscal_ssp_schema.xsd | 1101 ++++++------ 36 files changed, 11516 insertions(+), 9949 deletions(-) diff --git a/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl b/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl index 570f62d77d..945939c9c0 100644 --- a/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl +++ b/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl @@ -209,143 +209,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -660,8 +523,8 @@ key="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE"> @@ -1224,7 +1087,12 @@ - + @@ -1304,15 +1172,15 @@ - - - - - + @@ -1686,7 +1559,12 @@ - + @@ -1900,7 +1778,7 @@ priority="7" xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2189,6 +2067,32 @@ + + + + + + + + + + + + + + + + + + + + + + + + @@ -2265,6 +2169,52 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -2426,6 +2376,7 @@ @@ -2451,6 +2402,74 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/json/convert/oscal_assessment-results_xml-to-json-converter.xsl b/json/convert/oscal_assessment-results_xml-to-json-converter.xsl index 522bf1ab05..be7cfcf1a4 100644 --- a/json/convert/oscal_assessment-results_xml-to-json-converter.xsl +++ b/json/convert/oscal_assessment-results_xml-to-json-converter.xsl @@ -201,143 +201,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -466,8 +329,8 @@ key="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE"> @@ -1682,7 +1545,12 @@ - + @@ -1762,15 +1630,15 @@ - - - - - + @@ -2307,7 +2180,12 @@ - + @@ -2741,7 +2619,7 @@ priority="7" xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3030,6 +2908,32 @@ + + + + + + + + + + + + + + + + + + + + + + + + @@ -3106,6 +3010,52 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -3267,6 +3217,7 @@ @@ -3292,6 +3243,74 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/json/convert/oscal_catalog_xml-to-json-converter.xsl b/json/convert/oscal_catalog_xml-to-json-converter.xsl index 0ce7c28285..085a74e5d0 100644 --- a/json/convert/oscal_catalog_xml-to-json-converter.xsl +++ b/json/convert/oscal_catalog_xml-to-json-converter.xsl @@ -211,143 +211,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -485,8 +348,8 @@ key="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE"> @@ -581,8 +444,8 @@ key="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE"> @@ -886,7 +749,12 @@ - + @@ -966,15 +834,15 @@ - - - - - + @@ -1235,7 +1108,12 @@ - + @@ -1326,7 +1204,7 @@ priority="7" xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1615,6 +1493,32 @@ + + + + + + + + + + + + + + + + + + + + + + + + @@ -1691,6 +1595,52 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -1852,6 +1802,7 @@ @@ -1877,6 +1828,74 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/json/convert/oscal_complete_xml-to-json-converter.xsl b/json/convert/oscal_complete_xml-to-json-converter.xsl index 428a5f3f14..4aff0b6d79 100644 --- a/json/convert/oscal_complete_xml-to-json-converter.xsl +++ b/json/convert/oscal_complete_xml-to-json-converter.xsl @@ -211,143 +211,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -485,8 +348,8 @@ key="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE"> @@ -581,8 +444,8 @@ key="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE"> @@ -3070,7 +2933,12 @@ - + @@ -3150,15 +3018,15 @@ - - - - - + @@ -3419,7 +3292,12 @@ - + @@ -3510,7 +3388,7 @@ priority="7" xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3874,6 +3752,7 @@ - + @@ -5246,6 +5130,32 @@ + + + + + + + + + + + + + + + + + + + + + + + + @@ -5322,6 +5232,52 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -5483,6 +5439,7 @@ @@ -5508,40 +5465,108 @@ - - - - - name - - - - - - - - - - short-name - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + name + + + + + + + + + + + short-name + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -7227,6 +7278,52 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -7388,6 +7485,7 @@ @@ -7413,6 +7511,74 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -8246,6 +8412,32 @@ + + + + + + + + + + + + + + + + + + + + + + + + @@ -8322,6 +8514,52 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -8483,6 +8721,7 @@ @@ -8508,6 +8747,74 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -10187,6 +10494,32 @@ + + + + + + + + + + + + + + + + + + + + + + + + @@ -10263,6 +10596,52 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -10424,6 +10803,7 @@ @@ -10449,6 +10829,74 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -11948,6 +12396,32 @@ + + + + + + + + + + + + + + + + + + + + + + + + @@ -12024,6 +12498,52 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -12185,6 +12705,7 @@ @@ -12210,6 +12731,74 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -15531,6 +16120,32 @@ + + + + + + + + + + + + + + + + + + + + + + + + @@ -15607,6 +16222,52 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -15768,6 +16429,7 @@ @@ -15793,6 +16455,74 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -18705,6 +19435,32 @@ + + + + + + + + + + + + + + + + + + + + + + + + @@ -18781,6 +19537,52 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -18942,6 +19744,7 @@ @@ -18967,6 +19770,74 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -25165,6 +26036,32 @@ + + + + + + + + + + + + + + + + + + + + + + + + @@ -25241,6 +26138,52 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -25402,6 +26345,7 @@ @@ -25427,6 +26371,74 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/json/convert/oscal_component_xml-to-json-converter.xsl b/json/convert/oscal_component_xml-to-json-converter.xsl index 8d08103439..5129c9c652 100644 --- a/json/convert/oscal_component_xml-to-json-converter.xsl +++ b/json/convert/oscal_component_xml-to-json-converter.xsl @@ -213,143 +213,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -691,7 +554,12 @@ - + @@ -771,15 +639,15 @@ - - - - @@ -1438,6 +1307,32 @@ + + + + + + + + + + + + + + + + + + + + + + + + @@ -1514,6 +1409,52 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -1675,6 +1616,7 @@ @@ -1700,6 +1642,74 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/json/convert/oscal_mapping_xml-to-json-converter.xsl b/json/convert/oscal_mapping_xml-to-json-converter.xsl index f27f3515e8..2c0f37edf5 100644 --- a/json/convert/oscal_mapping_xml-to-json-converter.xsl +++ b/json/convert/oscal_mapping_xml-to-json-converter.xsl @@ -199,143 +199,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -663,7 +526,12 @@ - + @@ -743,15 +611,15 @@ - - - - - + @@ -990,7 +863,7 @@ priority="7" xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1279,6 +1152,32 @@ + + + + + + + + + + + + + + + + + + + + + + + + @@ -1355,6 +1254,52 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -1516,6 +1461,7 @@ @@ -1541,6 +1487,74 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/json/convert/oscal_poam_xml-to-json-converter.xsl b/json/convert/oscal_poam_xml-to-json-converter.xsl index 7d63684587..5e79516a4f 100644 --- a/json/convert/oscal_poam_xml-to-json-converter.xsl +++ b/json/convert/oscal_poam_xml-to-json-converter.xsl @@ -216,143 +216,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -1231,7 +1094,12 @@ - + @@ -1311,15 +1179,15 @@ - - - - @@ -2374,6 +2242,32 @@ + + + + + + + + + + + + + + + + + + + + + + + + @@ -2450,6 +2344,52 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -2611,6 +2551,7 @@ @@ -2636,6 +2577,74 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/json/convert/oscal_profile_xml-to-json-converter.xsl b/json/convert/oscal_profile_xml-to-json-converter.xsl index 5c43a5c0be..96cd596adf 100644 --- a/json/convert/oscal_profile_xml-to-json-converter.xsl +++ b/json/convert/oscal_profile_xml-to-json-converter.xsl @@ -199,143 +199,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -571,8 +434,8 @@ key="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE"> @@ -622,8 +485,8 @@ key="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE"> @@ -811,7 +674,12 @@ - + @@ -891,15 +759,15 @@ - - - - - + @@ -1335,7 +1208,7 @@ priority="7" xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1624,6 +1497,32 @@ + + + + + + + + + + + + + + + + + + + + + + + + @@ -1700,6 +1599,52 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -1861,6 +1806,7 @@ @@ -1886,6 +1832,74 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/json/convert/oscal_ssp_xml-to-json-converter.xsl b/json/convert/oscal_ssp_xml-to-json-converter.xsl index be3987cdfc..4e6dbcd3a6 100644 --- a/json/convert/oscal_ssp_xml-to-json-converter.xsl +++ b/json/convert/oscal_ssp_xml-to-json-converter.xsl @@ -196,143 +196,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -1176,7 +1039,12 @@ - + @@ -1256,15 +1124,15 @@ - - - - @@ -2086,6 +1954,32 @@ + + + + + + + + + + + + + + + + + + + + + + + + @@ -2162,6 +2056,52 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -2323,6 +2263,7 @@ @@ -2348,6 +2289,74 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/json/schema/oscal_assessment-plan_schema.json b/json/schema/oscal_assessment-plan_schema.json index a7abbbe3a8..49bb202861 100644 --- a/json/schema/oscal_assessment-plan_schema.json +++ b/json/schema/oscal_assessment-plan_schema.json @@ -85,8 +85,8 @@ "reviewed-controls" ], "additionalProperties" : false }, "oscal-ap-oscal-metadata:metadata" : - { "title" : "Publication metadata", - "description" : "Provides information about the publication and availability of the containing document.", + { "title" : "Document Metadata", + "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", "$id" : "#assembly_oscal-metadata_metadata", "type" : "object", "properties" : @@ -106,7 +106,37 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_revision" } }, + { "title" : "Revision History Entry", + "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "version" ], + "additionalProperties" : false } }, "document-ids" : { "type" : "array", "minItems" : 1, @@ -126,17 +156,183 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_role" } }, + { "title" : "Role", + "description" : "Defines a function, which might be assigned to a party in a specific situation.", + "type" : "object", + "properties" : + { "id" : + { "title" : "Role Identifier", + "description" : "A unique identifier for the role.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Role Title", + "description" : "A name given to the role, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "Role Short Name", + "description" : "A short common name, abbreviation, or acronym for the role.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "Role Description", + "description" : "A summary of the role's purpose and associated responsibilities.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id", + "title" ], + "additionalProperties" : false } }, "locations" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_location" } }, + { "title" : "Location", + "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Location Universally Unique Identifier", + "description" : "A unique ID for the location, for reference.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Location Title", + "description" : "A name given to the location, which may be used by a tool for display and navigation.", + "type" : "string" }, + "address" : + { "$ref" : "#assembly_oscal-metadata_address" }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "urls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location URL", + "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", + "$ref" : "#/definitions/URIDatatype" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } }, "parties" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_party" } }, + { "title" : "Party", + "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Party Universally Unique Identifier", + "description" : "A unique identifier for the party.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Party Type", + "description" : "A category describing the kind of party the object describes.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, + "name" : + { "title" : "Party Name", + "description" : "The full name of the party. This is typically the legal name associated with the party.", + "$ref" : "#/definitions/StringDatatype" }, + "short-name" : + { "title" : "Party Short Name", + "description" : "A short common name, abbreviation, or acronym for the party.", + "$ref" : "#/definitions/StringDatatype" }, + "external-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party External Identifier", + "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "External Identifier Schema", + "description" : "Indicates the type of external identifier.", + "$ref" : "#/definitions/URIDatatype" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id", + "scheme" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_address" } }, + "location-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_location-uuid" } }, + "member-of-organizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Organizational Affiliation", + "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type" ], + "additionalProperties" : false } }, "responsible-parties" : { "type" : "array", "minItems" : 1, @@ -155,233 +351,24 @@ "version", "oscal-version" ], "additionalProperties" : false }, - "oscal-ap-oscal-metadata:revision" : - { "title" : "Revision History Entry", - "description" : "An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first).", - "$id" : "#assembly_oscal-metadata_revision", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "version" ], - "additionalProperties" : false }, - "oscal-ap-oscal-metadata:location" : - { "title" : "Location", - "description" : "A location, with associated metadata that can be referenced.", - "$id" : "#assembly_oscal-metadata_location", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Location Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Location Title", - "description" : "A name given to the location, which may be used by a tool for display and navigation.", - "type" : "string" }, - "address" : - { "$ref" : "#assembly_oscal-metadata_address" }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "urls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location URL", - "description" : "The uniform resource locator (URL) for a web site or Internet presence associated with the location.", - "$ref" : "#/definitions/URIDatatype" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "address" ], - "additionalProperties" : false }, "oscal-ap-oscal-metadata:location-uuid" : - { "title" : "Location Reference", - "description" : "A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + { "title" : "Location Universally Unique Identifier Reference", + "description" : "Reference to a location by UUID.", "$id" : "#field_oscal-metadata_location-uuid", "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-ap-oscal-metadata:party" : - { "title" : "Party (organization or person)", - "description" : "A responsible entity which is either a person or an organization.", - "$id" : "#assembly_oscal-metadata_party", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Party Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Party Type", - "description" : "A category describing the kind of party the object describes.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "person", - "organization" ] } ] }, - "name" : - { "title" : "Party Name", - "description" : "The full name of the party. This is typically the legal name associated with the party.", - "$ref" : "#/definitions/StringDatatype" }, - "short-name" : - { "title" : "Party Short Name", - "description" : "A short common name, abbreviation, or acronym for the party.", - "$ref" : "#/definitions/StringDatatype" }, - "external-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party External Identifier", - "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID)", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "External Identifier Schema", - "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id", - "scheme" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_address" } }, - "location-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_location-uuid" } }, - "member-of-organizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Organizational Affiliation", - "description" : "A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "$ref" : "#/definitions/UUIDDatatype" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type" ], - "additionalProperties" : false }, "oscal-ap-oscal-metadata:party-uuid" : - { "title" : "Party Reference", - "description" : "A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + { "title" : "Party Universally Unique Identifier Reference", + "description" : "Reference to a party by UUID.", "$id" : "#field_oscal-metadata_party-uuid", "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-ap-oscal-metadata:role" : - { "title" : "Role", - "description" : "Defines a function assumed or expected to be assumed by a party in a specific situation.", - "$id" : "#assembly_oscal-metadata_role", - "type" : "object", - "properties" : - { "id" : - { "title" : "Role Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Role Title", - "description" : "A name given to the role, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "Role Short Name", - "description" : "A short common name, abbreviation, or acronym for the role.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "Role Description", - "description" : "A summary of the role's purpose and associated responsibilities.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id", - "title" ], - "additionalProperties" : false }, "oscal-ap-oscal-metadata:role-id" : { "title" : "Role Identifier Reference", - "description" : "A human-oriented identifier reference to roles served by the user.", + "description" : "Reference to a role by UUID.", "$id" : "#field_oscal-metadata_role-id", "$ref" : "#/definitions/TokenDatatype" }, "oscal-ap-oscal-metadata:back-matter" : { "title" : "Back matter", - "description" : "A collection of resources, which may be included directly or by reference.", + "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", "$id" : "#assembly_oscal-metadata_back-matter", "type" : "object", "properties" : @@ -390,20 +377,20 @@ "minItems" : 1, "items" : { "title" : "Resource", - "description" : "A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources.", + "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", "type" : "object", "properties" : { "uuid" : { "title" : "Resource Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for a resource.", "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Resource Title", - "description" : "A name given to the resource, which may be used by a tool for display and navigation.", + "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", "type" : "string" }, "description" : { "title" : "Resource Description", - "description" : "A short summary of the resource used to indicate the purpose of the resource.", + "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", "type" : "string" }, "props" : { "type" : "array", @@ -417,7 +404,7 @@ { "$ref" : "#field_oscal-metadata_document-id" } }, "citation" : { "title" : "Citation", - "description" : "A citation consisting of end note text and optional structured bibliographic data.", + "description" : "An optional citation consisting of end note text using structured markup.", "type" : "object", "properties" : { "text" : @@ -442,16 +429,16 @@ "minItems" : 1, "items" : { "title" : "Resource link", - "description" : "A pointer to an external resource with an optional hash for verification and change detection.", + "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", "type" : "object", "properties" : { "href" : { "title" : "Hypertext Reference", - "description" : "A resolvable URI reference to a resource.", + "description" : "A resolvable URL pointing to the referenced resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "hashes" : { "type" : "array", @@ -463,16 +450,16 @@ "additionalProperties" : false } }, "base64" : { "title" : "Base64", - "description" : "The Base64 alphabet in RFC 2045 - aligned with XSD.", + "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", "type" : "object", "properties" : { "filename" : { "title" : "File Name", "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "$ref" : "#/definitions/URIReferenceDatatype" }, + "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, @@ -487,17 +474,22 @@ "additionalProperties" : false }, "oscal-ap-oscal-metadata:property" : { "title" : "Property", - "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values.", + "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", "$id" : "#assembly_oscal-metadata_property", "type" : "object", "properties" : { "name" : { "title" : "Property Name", - "description" : "A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "$ref" : "#/definitions/TokenDatatype" }, + "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "marking" ] } ] }, "uuid" : { "title" : "Property Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for a property.", "$ref" : "#/definitions/UUIDDatatype" }, "ns" : { "title" : "Property Namespace", @@ -509,7 +501,7 @@ "$ref" : "#/definitions/StringDatatype" }, "class" : { "title" : "Property Class", - "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", + "description" : "A textual label that provides a sub-type or characterization of the property's name.", "$ref" : "#/definitions/TokenDatatype" }, "group" : { "title" : "Property Group", @@ -523,7 +515,7 @@ "additionalProperties" : false }, "oscal-ap-oscal-metadata:link" : { "title" : "Link", - "description" : "A reference to a local or remote resource", + "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", "$id" : "#assembly_oscal-metadata_link", "type" : "object", "properties" : @@ -532,12 +524,12 @@ "description" : "A resolvable URL reference to a resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, "rel" : - { "title" : "Relation", - "description" : "Describes the type of relationship provided by the link. This can be an indicator of the link's purpose.", + { "title" : "Link Relation Type", + "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", @@ -548,13 +540,13 @@ "additionalProperties" : false }, "oscal-ap-oscal-metadata:responsible-party" : { "title" : "Responsible Party", - "description" : "A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object.", + "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", "$id" : "#assembly_oscal-metadata_responsible-party", "type" : "object", "properties" : { "role-id" : { "title" : "Responsible Role", - "description" : "A human-oriented identifier reference to roles served by the user.", + "description" : "A reference to a role performed by a party.", "$ref" : "#/definitions/TokenDatatype" }, "party-uuids" : { "type" : "array", @@ -623,13 +615,13 @@ "additionalProperties" : false }, "oscal-ap-oscal-metadata:responsible-role" : { "title" : "Responsible Role", - "description" : "A reference to one or more roles with responsibility for performing a function relative to the containing object.", + "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", "$id" : "#assembly_oscal-metadata_responsible-role", "type" : "object", "properties" : { "role-id" : { "title" : "Responsible Role ID", - "description" : "A human-oriented identifier reference to roles responsible for the business function.", + "description" : "A human-oriented identifier reference to a role performed.", "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", @@ -659,7 +651,7 @@ "properties" : { "algorithm" : { "title" : "Hash algorithm", - "description" : "Method by which a hash is derived", + "description" : "The digest method by which a hash is derived.", "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, @@ -669,27 +661,27 @@ "additionalProperties" : false }, "oscal-ap-oscal-metadata:remarks" : { "title" : "Remarks", - "description" : "Additional commentary on the containing object.", + "description" : "Additional commentary about the containing object.", "$id" : "#field_oscal-metadata_remarks", "type" : "string" }, "oscal-ap-oscal-metadata:published" : { "title" : "Publication Timestamp", - "description" : "The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", + "description" : "The date and time the document was last made available.", "$id" : "#field_oscal-metadata_published", "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-ap-oscal-metadata:last-modified" : { "title" : "Last Modified Timestamp", - "description" : "The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", + "description" : "The date and time the document was last stored for later retrieval.", "$id" : "#field_oscal-metadata_last-modified", "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-ap-oscal-metadata:version" : { "title" : "Document Version", - "description" : "A string used to distinguish the current version of the document from other previous (and future) versions.", + "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", "$id" : "#field_oscal-metadata_version", "$ref" : "#/definitions/StringDatatype" }, "oscal-ap-oscal-metadata:oscal-version" : - { "title" : "OSCAL version", - "description" : "The OSCAL model version the document was authored against.", + { "title" : "OSCAL Version", + "description" : "The OSCAL model version the document was authored against and will conform to as valid.", "$id" : "#field_oscal-metadata_oscal-version", "$ref" : "#/definitions/StringDatatype" }, "oscal-ap-oscal-metadata:email-address" : @@ -699,7 +691,7 @@ "$ref" : "#/definitions/EmailAddressDatatype" }, "oscal-ap-oscal-metadata:telephone-number" : { "title" : "Telephone Number", - "description" : "Contact number by telephone.", + "description" : "A telephone service number as defined by ITU-T E.164.", "$id" : "#field_oscal-metadata_telephone-number", "type" : "object", "properties" : @@ -733,11 +725,11 @@ "$ref" : "#/definitions/StringDatatype" }, "state" : { "title" : "State", - "description" : "State, province or analogous geographical region for mailing address", + "description" : "State, province or analogous geographical region for a mailing address.", "$ref" : "#/definitions/StringDatatype" }, "postal-code" : { "title" : "Postal Code", - "description" : "Postal or ZIP code for mailing address", + "description" : "Postal or ZIP code for mailing address.", "$ref" : "#/definitions/StringDatatype" }, "country" : { "title" : "Country Code", @@ -751,7 +743,7 @@ "$ref" : "#/definitions/StringDatatype" }, "oscal-ap-oscal-metadata:document-id" : { "title" : "Document Identifier", - "description" : "A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of \"document-id\" is equal to the value of the \"uuid\" flag of the top-level root element.", + "description" : "A document identifier qualified by an identifier scheme.", "$id" : "#field_oscal-metadata_document-id", "type" : "object", "properties" : @@ -787,7 +779,7 @@ "properties" : { "control-id" : { "title" : "Control Identifier Reference", - "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", "$ref" : "#/definitions/TokenDatatype" }, "description" : { "title" : "Objective Description", @@ -807,7 +799,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_part" } }, + { "$ref" : "#assembly_oscal-control-common_part" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1144,7 +1136,7 @@ "items" : { "$ref" : "#assembly_oscal-metadata_link" } }, "include-all" : - { "$ref" : "#assembly_oscal-catalog-common_include-all" }, + { "$ref" : "#assembly_oscal-control-common_include-all" }, "include-controls" : { "type" : "array", "minItems" : 1, @@ -1181,7 +1173,7 @@ "items" : { "$ref" : "#assembly_oscal-metadata_link" } }, "include-all" : - { "$ref" : "#assembly_oscal-catalog-common_include-all" }, + { "$ref" : "#assembly_oscal-control-common_include-all" }, "include-objectives" : { "type" : "array", "minItems" : 1, @@ -1208,7 +1200,7 @@ "properties" : { "control-id" : { "title" : "Control Identifier Reference", - "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", "$ref" : "#/definitions/TokenDatatype" }, "statement-ids" : { "type" : "array", @@ -1303,7 +1295,7 @@ "items" : { "$ref" : "#assembly_oscal-metadata_link" } }, "include-all" : - { "$ref" : "#assembly_oscal-catalog-common_include-all" }, + { "$ref" : "#assembly_oscal-control-common_include-all" }, "include-subjects" : { "type" : "array", "minItems" : 1, @@ -2191,31 +2183,31 @@ "required" : [ "name" ], "additionalProperties" : false }, - "oscal-ap-oscal-catalog-common:part" : + "oscal-ap-oscal-control-common:part" : { "title" : "Part", - "description" : "A partition of a control's definition or a child of another part.", - "$id" : "#assembly_oscal-catalog-common_part", + "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", + "$id" : "#assembly_oscal-control-common_part", "type" : "object", "properties" : { "id" : { "title" : "Part Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for the part.", "$ref" : "#/definitions/TokenDatatype" }, "name" : { "title" : "Part Name", - "description" : "A textual label that uniquely identifies the part's semantic type.", + "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", "$ref" : "#/definitions/TokenDatatype" }, "ns" : { "title" : "Part Namespace", - "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", + "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", "$ref" : "#/definitions/URIDatatype" }, "class" : { "title" : "Part Class", - "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", + "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Part Title", - "description" : "A name given to the part, which may be used by a tool for display and navigation.", + "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", "type" : "string" }, "props" : { "type" : "array", @@ -2230,7 +2222,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_part" } }, + { "$ref" : "#assembly_oscal-control-common_part" } }, "links" : { "type" : "array", "minItems" : 1, @@ -2239,23 +2231,23 @@ "required" : [ "name" ], "additionalProperties" : false }, - "oscal-ap-oscal-catalog-common:parameter" : + "oscal-ap-oscal-control-common:parameter" : { "title" : "Parameter", "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", - "$id" : "#assembly_oscal-catalog-common_parameter", + "$id" : "#assembly_oscal-control-common_parameter", "type" : "object", "properties" : { "id" : { "title" : "Parameter Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for the parameter.", "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Parameter Class", - "description" : "A textual label that provides a characterization of the parameter.", + "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", "$ref" : "#/definitions/TokenDatatype" }, "depends-on" : { "title" : "Depends on", - "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", + "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", @@ -2273,34 +2265,34 @@ "type" : "string" }, "usage" : { "title" : "Parameter Usage Description", - "description" : "Describes the purpose and use of a parameter", + "description" : "Describes the purpose and use of a parameter.", "type" : "string" }, "constraints" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-constraint" } }, + { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, "guidelines" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-guideline" } }, + { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, "values" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#field_oscal-catalog-common_parameter-value" } }, + { "$ref" : "#field_oscal-control-common_parameter-value" } }, "select" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-selection" }, + { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : [ "id" ], "additionalProperties" : false }, - "oscal-ap-oscal-catalog-common:parameter-constraint" : + "oscal-ap-oscal-control-common:parameter-constraint" : { "title" : "Constraint", - "description" : "A formal or informal expression of a constraint or test", - "$id" : "#assembly_oscal-catalog-common_parameter-constraint", + "description" : "A formal or informal expression of a constraint or test.", + "$id" : "#assembly_oscal-control-common_parameter-constraint", "type" : "object", "properties" : { "description" : @@ -2317,7 +2309,7 @@ "properties" : { "expression" : { "title" : "Constraint test", - "description" : "A formal (executable) expression of a constraint", + "description" : "A formal (executable) expression of a constraint.", "$ref" : "#/definitions/StringDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, @@ -2325,10 +2317,10 @@ [ "expression" ], "additionalProperties" : false } } }, "additionalProperties" : false }, - "oscal-ap-oscal-catalog-common:parameter-guideline" : + "oscal-ap-oscal-control-common:parameter-guideline" : { "title" : "Guideline", "description" : "A prose statement that provides a recommendation for the use of a parameter.", - "$id" : "#assembly_oscal-catalog-common_parameter-guideline", + "$id" : "#assembly_oscal-control-common_parameter-guideline", "type" : "object", "properties" : { "prose" : @@ -2338,15 +2330,15 @@ "required" : [ "prose" ], "additionalProperties" : false }, - "oscal-ap-oscal-catalog-common:parameter-value" : + "oscal-ap-oscal-control-common:parameter-value" : { "title" : "Parameter Value", "description" : "A parameter value or set of values.", - "$id" : "#field_oscal-catalog-common_parameter-value", + "$id" : "#field_oscal-control-common_parameter-value", "$ref" : "#/definitions/StringDatatype" }, - "oscal-ap-oscal-catalog-common:parameter-selection" : + "oscal-ap-oscal-control-common:parameter-selection" : { "title" : "Selection", - "description" : "Presenting a choice among alternatives", - "$id" : "#assembly_oscal-catalog-common_parameter-selection", + "description" : "Presenting a choice among alternatives.", + "$id" : "#assembly_oscal-control-common_parameter-selection", "type" : "object", "properties" : { "how-many" : @@ -2364,13 +2356,13 @@ "minItems" : 1, "items" : { "title" : "Choice", - "description" : "A value selection among several such options", + "description" : "A value selection among several such options.", "type" : "string" } } }, "additionalProperties" : false }, - "oscal-ap-oscal-catalog-common:include-all" : + "oscal-ap-oscal-control-common:include-all" : { "title" : "Include All", "description" : "Include all controls from the imported catalog or profile resources.", - "$id" : "#assembly_oscal-catalog-common_include-all", + "$id" : "#assembly_oscal-control-common_include-all", "type" : "object", "additionalProperties" : false }, "oscal-ap-oscal-implementation-common:system-component" : diff --git a/json/schema/oscal_assessment-results_schema.json b/json/schema/oscal_assessment-results_schema.json index ade931ad24..fd9efdcdb7 100644 --- a/json/schema/oscal_assessment-results_schema.json +++ b/json/schema/oscal_assessment-results_schema.json @@ -315,8 +315,8 @@ [ "href" ], "additionalProperties" : false }, "oscal-ar-oscal-metadata:metadata" : - { "title" : "Publication metadata", - "description" : "Provides information about the publication and availability of the containing document.", + { "title" : "Document Metadata", + "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", "$id" : "#assembly_oscal-metadata_metadata", "type" : "object", "properties" : @@ -336,7 +336,37 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_revision" } }, + { "title" : "Revision History Entry", + "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "version" ], + "additionalProperties" : false } }, "document-ids" : { "type" : "array", "minItems" : 1, @@ -356,17 +386,183 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_role" } }, + { "title" : "Role", + "description" : "Defines a function, which might be assigned to a party in a specific situation.", + "type" : "object", + "properties" : + { "id" : + { "title" : "Role Identifier", + "description" : "A unique identifier for the role.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Role Title", + "description" : "A name given to the role, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "Role Short Name", + "description" : "A short common name, abbreviation, or acronym for the role.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "Role Description", + "description" : "A summary of the role's purpose and associated responsibilities.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id", + "title" ], + "additionalProperties" : false } }, "locations" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_location" } }, + { "title" : "Location", + "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Location Universally Unique Identifier", + "description" : "A unique ID for the location, for reference.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Location Title", + "description" : "A name given to the location, which may be used by a tool for display and navigation.", + "type" : "string" }, + "address" : + { "$ref" : "#assembly_oscal-metadata_address" }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "urls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location URL", + "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", + "$ref" : "#/definitions/URIDatatype" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } }, "parties" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_party" } }, + { "title" : "Party", + "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Party Universally Unique Identifier", + "description" : "A unique identifier for the party.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Party Type", + "description" : "A category describing the kind of party the object describes.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, + "name" : + { "title" : "Party Name", + "description" : "The full name of the party. This is typically the legal name associated with the party.", + "$ref" : "#/definitions/StringDatatype" }, + "short-name" : + { "title" : "Party Short Name", + "description" : "A short common name, abbreviation, or acronym for the party.", + "$ref" : "#/definitions/StringDatatype" }, + "external-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party External Identifier", + "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "External Identifier Schema", + "description" : "Indicates the type of external identifier.", + "$ref" : "#/definitions/URIDatatype" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id", + "scheme" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_address" } }, + "location-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_location-uuid" } }, + "member-of-organizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Organizational Affiliation", + "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type" ], + "additionalProperties" : false } }, "responsible-parties" : { "type" : "array", "minItems" : 1, @@ -385,233 +581,24 @@ "version", "oscal-version" ], "additionalProperties" : false }, - "oscal-ar-oscal-metadata:revision" : - { "title" : "Revision History Entry", - "description" : "An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first).", - "$id" : "#assembly_oscal-metadata_revision", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "version" ], - "additionalProperties" : false }, - "oscal-ar-oscal-metadata:location" : - { "title" : "Location", - "description" : "A location, with associated metadata that can be referenced.", - "$id" : "#assembly_oscal-metadata_location", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Location Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Location Title", - "description" : "A name given to the location, which may be used by a tool for display and navigation.", - "type" : "string" }, - "address" : - { "$ref" : "#assembly_oscal-metadata_address" }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "urls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location URL", - "description" : "The uniform resource locator (URL) for a web site or Internet presence associated with the location.", - "$ref" : "#/definitions/URIDatatype" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "address" ], - "additionalProperties" : false }, "oscal-ar-oscal-metadata:location-uuid" : - { "title" : "Location Reference", - "description" : "A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + { "title" : "Location Universally Unique Identifier Reference", + "description" : "Reference to a location by UUID.", "$id" : "#field_oscal-metadata_location-uuid", "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-ar-oscal-metadata:party" : - { "title" : "Party (organization or person)", - "description" : "A responsible entity which is either a person or an organization.", - "$id" : "#assembly_oscal-metadata_party", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Party Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Party Type", - "description" : "A category describing the kind of party the object describes.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "person", - "organization" ] } ] }, - "name" : - { "title" : "Party Name", - "description" : "The full name of the party. This is typically the legal name associated with the party.", - "$ref" : "#/definitions/StringDatatype" }, - "short-name" : - { "title" : "Party Short Name", - "description" : "A short common name, abbreviation, or acronym for the party.", - "$ref" : "#/definitions/StringDatatype" }, - "external-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party External Identifier", - "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID)", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "External Identifier Schema", - "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id", - "scheme" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_address" } }, - "location-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_location-uuid" } }, - "member-of-organizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Organizational Affiliation", - "description" : "A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "$ref" : "#/definitions/UUIDDatatype" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type" ], - "additionalProperties" : false }, "oscal-ar-oscal-metadata:party-uuid" : - { "title" : "Party Reference", - "description" : "A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + { "title" : "Party Universally Unique Identifier Reference", + "description" : "Reference to a party by UUID.", "$id" : "#field_oscal-metadata_party-uuid", "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-ar-oscal-metadata:role" : - { "title" : "Role", - "description" : "Defines a function assumed or expected to be assumed by a party in a specific situation.", - "$id" : "#assembly_oscal-metadata_role", - "type" : "object", - "properties" : - { "id" : - { "title" : "Role Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Role Title", - "description" : "A name given to the role, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "Role Short Name", - "description" : "A short common name, abbreviation, or acronym for the role.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "Role Description", - "description" : "A summary of the role's purpose and associated responsibilities.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id", - "title" ], - "additionalProperties" : false }, "oscal-ar-oscal-metadata:role-id" : { "title" : "Role Identifier Reference", - "description" : "A human-oriented identifier reference to roles served by the user.", + "description" : "Reference to a role by UUID.", "$id" : "#field_oscal-metadata_role-id", "$ref" : "#/definitions/TokenDatatype" }, "oscal-ar-oscal-metadata:back-matter" : { "title" : "Back matter", - "description" : "A collection of resources, which may be included directly or by reference.", + "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", "$id" : "#assembly_oscal-metadata_back-matter", "type" : "object", "properties" : @@ -620,20 +607,20 @@ "minItems" : 1, "items" : { "title" : "Resource", - "description" : "A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources.", + "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", "type" : "object", "properties" : { "uuid" : { "title" : "Resource Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for a resource.", "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Resource Title", - "description" : "A name given to the resource, which may be used by a tool for display and navigation.", + "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", "type" : "string" }, "description" : { "title" : "Resource Description", - "description" : "A short summary of the resource used to indicate the purpose of the resource.", + "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", "type" : "string" }, "props" : { "type" : "array", @@ -647,7 +634,7 @@ { "$ref" : "#field_oscal-metadata_document-id" } }, "citation" : { "title" : "Citation", - "description" : "A citation consisting of end note text and optional structured bibliographic data.", + "description" : "An optional citation consisting of end note text using structured markup.", "type" : "object", "properties" : { "text" : @@ -672,16 +659,16 @@ "minItems" : 1, "items" : { "title" : "Resource link", - "description" : "A pointer to an external resource with an optional hash for verification and change detection.", + "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", "type" : "object", "properties" : { "href" : { "title" : "Hypertext Reference", - "description" : "A resolvable URI reference to a resource.", + "description" : "A resolvable URL pointing to the referenced resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "hashes" : { "type" : "array", @@ -693,16 +680,16 @@ "additionalProperties" : false } }, "base64" : { "title" : "Base64", - "description" : "The Base64 alphabet in RFC 2045 - aligned with XSD.", + "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", "type" : "object", "properties" : { "filename" : { "title" : "File Name", "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "$ref" : "#/definitions/URIReferenceDatatype" }, + "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, @@ -717,17 +704,22 @@ "additionalProperties" : false }, "oscal-ar-oscal-metadata:property" : { "title" : "Property", - "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values.", + "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", "$id" : "#assembly_oscal-metadata_property", "type" : "object", "properties" : { "name" : { "title" : "Property Name", - "description" : "A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "$ref" : "#/definitions/TokenDatatype" }, + "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "marking" ] } ] }, "uuid" : { "title" : "Property Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for a property.", "$ref" : "#/definitions/UUIDDatatype" }, "ns" : { "title" : "Property Namespace", @@ -739,7 +731,7 @@ "$ref" : "#/definitions/StringDatatype" }, "class" : { "title" : "Property Class", - "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", + "description" : "A textual label that provides a sub-type or characterization of the property's name.", "$ref" : "#/definitions/TokenDatatype" }, "group" : { "title" : "Property Group", @@ -753,7 +745,7 @@ "additionalProperties" : false }, "oscal-ar-oscal-metadata:link" : { "title" : "Link", - "description" : "A reference to a local or remote resource", + "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", "$id" : "#assembly_oscal-metadata_link", "type" : "object", "properties" : @@ -762,12 +754,12 @@ "description" : "A resolvable URL reference to a resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, "rel" : - { "title" : "Relation", - "description" : "Describes the type of relationship provided by the link. This can be an indicator of the link's purpose.", + { "title" : "Link Relation Type", + "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", @@ -778,13 +770,13 @@ "additionalProperties" : false }, "oscal-ar-oscal-metadata:responsible-party" : { "title" : "Responsible Party", - "description" : "A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object.", + "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", "$id" : "#assembly_oscal-metadata_responsible-party", "type" : "object", "properties" : { "role-id" : { "title" : "Responsible Role", - "description" : "A human-oriented identifier reference to roles served by the user.", + "description" : "A reference to a role performed by a party.", "$ref" : "#/definitions/TokenDatatype" }, "party-uuids" : { "type" : "array", @@ -853,13 +845,13 @@ "additionalProperties" : false }, "oscal-ar-oscal-metadata:responsible-role" : { "title" : "Responsible Role", - "description" : "A reference to one or more roles with responsibility for performing a function relative to the containing object.", + "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", "$id" : "#assembly_oscal-metadata_responsible-role", "type" : "object", "properties" : { "role-id" : { "title" : "Responsible Role ID", - "description" : "A human-oriented identifier reference to roles responsible for the business function.", + "description" : "A human-oriented identifier reference to a role performed.", "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", @@ -889,7 +881,7 @@ "properties" : { "algorithm" : { "title" : "Hash algorithm", - "description" : "Method by which a hash is derived", + "description" : "The digest method by which a hash is derived.", "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, @@ -899,27 +891,27 @@ "additionalProperties" : false }, "oscal-ar-oscal-metadata:remarks" : { "title" : "Remarks", - "description" : "Additional commentary on the containing object.", + "description" : "Additional commentary about the containing object.", "$id" : "#field_oscal-metadata_remarks", "type" : "string" }, "oscal-ar-oscal-metadata:published" : { "title" : "Publication Timestamp", - "description" : "The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", + "description" : "The date and time the document was last made available.", "$id" : "#field_oscal-metadata_published", "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-ar-oscal-metadata:last-modified" : { "title" : "Last Modified Timestamp", - "description" : "The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", + "description" : "The date and time the document was last stored for later retrieval.", "$id" : "#field_oscal-metadata_last-modified", "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-ar-oscal-metadata:version" : { "title" : "Document Version", - "description" : "A string used to distinguish the current version of the document from other previous (and future) versions.", + "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", "$id" : "#field_oscal-metadata_version", "$ref" : "#/definitions/StringDatatype" }, "oscal-ar-oscal-metadata:oscal-version" : - { "title" : "OSCAL version", - "description" : "The OSCAL model version the document was authored against.", + { "title" : "OSCAL Version", + "description" : "The OSCAL model version the document was authored against and will conform to as valid.", "$id" : "#field_oscal-metadata_oscal-version", "$ref" : "#/definitions/StringDatatype" }, "oscal-ar-oscal-metadata:email-address" : @@ -929,7 +921,7 @@ "$ref" : "#/definitions/EmailAddressDatatype" }, "oscal-ar-oscal-metadata:telephone-number" : { "title" : "Telephone Number", - "description" : "Contact number by telephone.", + "description" : "A telephone service number as defined by ITU-T E.164.", "$id" : "#field_oscal-metadata_telephone-number", "type" : "object", "properties" : @@ -963,11 +955,11 @@ "$ref" : "#/definitions/StringDatatype" }, "state" : { "title" : "State", - "description" : "State, province or analogous geographical region for mailing address", + "description" : "State, province or analogous geographical region for a mailing address.", "$ref" : "#/definitions/StringDatatype" }, "postal-code" : { "title" : "Postal Code", - "description" : "Postal or ZIP code for mailing address", + "description" : "Postal or ZIP code for mailing address.", "$ref" : "#/definitions/StringDatatype" }, "country" : { "title" : "Country Code", @@ -981,7 +973,7 @@ "$ref" : "#/definitions/StringDatatype" }, "oscal-ar-oscal-metadata:document-id" : { "title" : "Document Identifier", - "description" : "A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of \"document-id\" is equal to the value of the \"uuid\" flag of the top-level root element.", + "description" : "A document identifier qualified by an identifier scheme.", "$id" : "#field_oscal-metadata_document-id", "type" : "object", "properties" : @@ -1017,7 +1009,7 @@ "properties" : { "control-id" : { "title" : "Control Identifier Reference", - "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", "$ref" : "#/definitions/TokenDatatype" }, "description" : { "title" : "Objective Description", @@ -1037,7 +1029,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_part" } }, + { "$ref" : "#assembly_oscal-control-common_part" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1374,7 +1366,7 @@ "items" : { "$ref" : "#assembly_oscal-metadata_link" } }, "include-all" : - { "$ref" : "#assembly_oscal-catalog-common_include-all" }, + { "$ref" : "#assembly_oscal-control-common_include-all" }, "include-controls" : { "type" : "array", "minItems" : 1, @@ -1411,7 +1403,7 @@ "items" : { "$ref" : "#assembly_oscal-metadata_link" } }, "include-all" : - { "$ref" : "#assembly_oscal-catalog-common_include-all" }, + { "$ref" : "#assembly_oscal-control-common_include-all" }, "include-objectives" : { "type" : "array", "minItems" : 1, @@ -1438,7 +1430,7 @@ "properties" : { "control-id" : { "title" : "Control Identifier Reference", - "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", "$ref" : "#/definitions/TokenDatatype" }, "statement-ids" : { "type" : "array", @@ -1533,7 +1525,7 @@ "items" : { "$ref" : "#assembly_oscal-metadata_link" } }, "include-all" : - { "$ref" : "#assembly_oscal-catalog-common_include-all" }, + { "$ref" : "#assembly_oscal-control-common_include-all" }, "include-subjects" : { "type" : "array", "minItems" : 1, @@ -2421,31 +2413,31 @@ "required" : [ "name" ], "additionalProperties" : false }, - "oscal-ar-oscal-catalog-common:part" : + "oscal-ar-oscal-control-common:part" : { "title" : "Part", - "description" : "A partition of a control's definition or a child of another part.", - "$id" : "#assembly_oscal-catalog-common_part", + "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", + "$id" : "#assembly_oscal-control-common_part", "type" : "object", "properties" : { "id" : { "title" : "Part Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for the part.", "$ref" : "#/definitions/TokenDatatype" }, "name" : { "title" : "Part Name", - "description" : "A textual label that uniquely identifies the part's semantic type.", + "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", "$ref" : "#/definitions/TokenDatatype" }, "ns" : { "title" : "Part Namespace", - "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", + "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", "$ref" : "#/definitions/URIDatatype" }, "class" : { "title" : "Part Class", - "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", + "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Part Title", - "description" : "A name given to the part, which may be used by a tool for display and navigation.", + "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", "type" : "string" }, "props" : { "type" : "array", @@ -2460,7 +2452,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_part" } }, + { "$ref" : "#assembly_oscal-control-common_part" } }, "links" : { "type" : "array", "minItems" : 1, @@ -2469,23 +2461,23 @@ "required" : [ "name" ], "additionalProperties" : false }, - "oscal-ar-oscal-catalog-common:parameter" : + "oscal-ar-oscal-control-common:parameter" : { "title" : "Parameter", "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", - "$id" : "#assembly_oscal-catalog-common_parameter", + "$id" : "#assembly_oscal-control-common_parameter", "type" : "object", "properties" : { "id" : { "title" : "Parameter Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for the parameter.", "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Parameter Class", - "description" : "A textual label that provides a characterization of the parameter.", + "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", "$ref" : "#/definitions/TokenDatatype" }, "depends-on" : { "title" : "Depends on", - "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", + "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", @@ -2503,34 +2495,34 @@ "type" : "string" }, "usage" : { "title" : "Parameter Usage Description", - "description" : "Describes the purpose and use of a parameter", + "description" : "Describes the purpose and use of a parameter.", "type" : "string" }, "constraints" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-constraint" } }, + { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, "guidelines" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-guideline" } }, + { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, "values" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#field_oscal-catalog-common_parameter-value" } }, + { "$ref" : "#field_oscal-control-common_parameter-value" } }, "select" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-selection" }, + { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : [ "id" ], "additionalProperties" : false }, - "oscal-ar-oscal-catalog-common:parameter-constraint" : + "oscal-ar-oscal-control-common:parameter-constraint" : { "title" : "Constraint", - "description" : "A formal or informal expression of a constraint or test", - "$id" : "#assembly_oscal-catalog-common_parameter-constraint", + "description" : "A formal or informal expression of a constraint or test.", + "$id" : "#assembly_oscal-control-common_parameter-constraint", "type" : "object", "properties" : { "description" : @@ -2547,7 +2539,7 @@ "properties" : { "expression" : { "title" : "Constraint test", - "description" : "A formal (executable) expression of a constraint", + "description" : "A formal (executable) expression of a constraint.", "$ref" : "#/definitions/StringDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, @@ -2555,10 +2547,10 @@ [ "expression" ], "additionalProperties" : false } } }, "additionalProperties" : false }, - "oscal-ar-oscal-catalog-common:parameter-guideline" : + "oscal-ar-oscal-control-common:parameter-guideline" : { "title" : "Guideline", "description" : "A prose statement that provides a recommendation for the use of a parameter.", - "$id" : "#assembly_oscal-catalog-common_parameter-guideline", + "$id" : "#assembly_oscal-control-common_parameter-guideline", "type" : "object", "properties" : { "prose" : @@ -2568,15 +2560,15 @@ "required" : [ "prose" ], "additionalProperties" : false }, - "oscal-ar-oscal-catalog-common:parameter-value" : + "oscal-ar-oscal-control-common:parameter-value" : { "title" : "Parameter Value", "description" : "A parameter value or set of values.", - "$id" : "#field_oscal-catalog-common_parameter-value", + "$id" : "#field_oscal-control-common_parameter-value", "$ref" : "#/definitions/StringDatatype" }, - "oscal-ar-oscal-catalog-common:parameter-selection" : + "oscal-ar-oscal-control-common:parameter-selection" : { "title" : "Selection", - "description" : "Presenting a choice among alternatives", - "$id" : "#assembly_oscal-catalog-common_parameter-selection", + "description" : "Presenting a choice among alternatives.", + "$id" : "#assembly_oscal-control-common_parameter-selection", "type" : "object", "properties" : { "how-many" : @@ -2594,13 +2586,13 @@ "minItems" : 1, "items" : { "title" : "Choice", - "description" : "A value selection among several such options", + "description" : "A value selection among several such options.", "type" : "string" } } }, "additionalProperties" : false }, - "oscal-ar-oscal-catalog-common:include-all" : + "oscal-ar-oscal-control-common:include-all" : { "title" : "Include All", "description" : "Include all controls from the imported catalog or profile resources.", - "$id" : "#assembly_oscal-catalog-common_include-all", + "$id" : "#assembly_oscal-control-common_include-all", "type" : "object", "additionalProperties" : false }, "oscal-ar-oscal-implementation-common:system-component" : diff --git a/json/schema/oscal_catalog_schema.json b/json/schema/oscal_catalog_schema.json index f4008a9ba0..361f9fe091 100644 --- a/json/schema/oscal_catalog_schema.json +++ b/json/schema/oscal_catalog_schema.json @@ -6,13 +6,13 @@ "definitions" : { "oscal-catalog-oscal-catalog:catalog" : { "title" : "Catalog", - "description" : "A collection of controls.", + "description" : "A structured, organized collection of control information.", "$id" : "#assembly_oscal-catalog_catalog", "type" : "object", "properties" : { "uuid" : { "title" : "Catalog Universally Unique Identifier", - "description" : "A globally unique identifier with cross-instance scope for this catalog instance. This UUID should be changed when this document is revised.", + "description" : "Provides a globally unique means to identify a given catalog instance.", "$ref" : "#/definitions/UUIDDatatype" }, "metadata" : { "$ref" : "#assembly_oscal-metadata_metadata" }, @@ -20,7 +20,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter" } }, + { "$ref" : "#assembly_oscal-control-common_parameter" } }, "controls" : { "type" : "array", "minItems" : 1, @@ -45,7 +45,7 @@ "properties" : { "id" : { "title" : "Group Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document.", + "description" : "Identifies the group for the purpose of cross-linking within the defining instance or from other instances that reference the catalog.", "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Group Class", @@ -59,7 +59,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter" } }, + { "$ref" : "#assembly_oscal-control-common_parameter" } }, "props" : { "type" : "array", "minItems" : 1, @@ -74,7 +74,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_part" } }, + { "$ref" : "#assembly_oscal-control-common_part" } }, "groups" : { "type" : "array", "minItems" : 1, @@ -90,13 +90,13 @@ "additionalProperties" : false }, "oscal-catalog-oscal-catalog:control" : { "title" : "Control", - "description" : "A structured information object representing a security or privacy control. Each security or privacy control within the Catalog is defined by a distinct control instance.", + "description" : "A structured object representing a requirement or guideline, which when implemented will reduce an aspect of risk related to an information system and its information.", "$id" : "#assembly_oscal-catalog_control", "type" : "object", "properties" : { "id" : { "title" : "Control Identifier", - "description" : "A human-oriented, locally unique identifier with instance scope that can be used to reference this control elsewhere in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same control across revisions of the document.", + "description" : "Identifies a control such that it can be referenced in the defining catalog and other OSCAL instances (e.g., profiles).", "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Control Class", @@ -110,7 +110,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter" } }, + { "$ref" : "#assembly_oscal-control-common_parameter" } }, "props" : { "type" : "array", "minItems" : 1, @@ -125,7 +125,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_part" } }, + { "$ref" : "#assembly_oscal-control-common_part" } }, "mapping" : { "title" : "Mapping", "description" : "A mapping between the containing control and another resource.", @@ -156,31 +156,31 @@ [ "id", "title" ], "additionalProperties" : false }, - "oscal-catalog-oscal-catalog-common:part" : + "oscal-catalog-oscal-control-common:part" : { "title" : "Part", - "description" : "A partition of a control's definition or a child of another part.", - "$id" : "#assembly_oscal-catalog-common_part", + "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", + "$id" : "#assembly_oscal-control-common_part", "type" : "object", "properties" : { "id" : { "title" : "Part Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for the part.", "$ref" : "#/definitions/TokenDatatype" }, "name" : { "title" : "Part Name", - "description" : "A textual label that uniquely identifies the part's semantic type.", + "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", "$ref" : "#/definitions/TokenDatatype" }, "ns" : { "title" : "Part Namespace", - "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", + "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", "$ref" : "#/definitions/URIDatatype" }, "class" : { "title" : "Part Class", - "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", + "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Part Title", - "description" : "A name given to the part, which may be used by a tool for display and navigation.", + "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", "type" : "string" }, "props" : { "type" : "array", @@ -195,7 +195,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_part" } }, + { "$ref" : "#assembly_oscal-control-common_part" } }, "links" : { "type" : "array", "minItems" : 1, @@ -204,23 +204,23 @@ "required" : [ "name" ], "additionalProperties" : false }, - "oscal-catalog-oscal-catalog-common:parameter" : + "oscal-catalog-oscal-control-common:parameter" : { "title" : "Parameter", "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", - "$id" : "#assembly_oscal-catalog-common_parameter", + "$id" : "#assembly_oscal-control-common_parameter", "type" : "object", "properties" : { "id" : { "title" : "Parameter Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for the parameter.", "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Parameter Class", - "description" : "A textual label that provides a characterization of the parameter.", + "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", "$ref" : "#/definitions/TokenDatatype" }, "depends-on" : { "title" : "Depends on", - "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", + "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", @@ -238,34 +238,34 @@ "type" : "string" }, "usage" : { "title" : "Parameter Usage Description", - "description" : "Describes the purpose and use of a parameter", + "description" : "Describes the purpose and use of a parameter.", "type" : "string" }, "constraints" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-constraint" } }, + { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, "guidelines" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-guideline" } }, + { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, "values" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#field_oscal-catalog-common_parameter-value" } }, + { "$ref" : "#field_oscal-control-common_parameter-value" } }, "select" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-selection" }, + { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : [ "id" ], "additionalProperties" : false }, - "oscal-catalog-oscal-catalog-common:parameter-constraint" : + "oscal-catalog-oscal-control-common:parameter-constraint" : { "title" : "Constraint", - "description" : "A formal or informal expression of a constraint or test", - "$id" : "#assembly_oscal-catalog-common_parameter-constraint", + "description" : "A formal or informal expression of a constraint or test.", + "$id" : "#assembly_oscal-control-common_parameter-constraint", "type" : "object", "properties" : { "description" : @@ -282,7 +282,7 @@ "properties" : { "expression" : { "title" : "Constraint test", - "description" : "A formal (executable) expression of a constraint", + "description" : "A formal (executable) expression of a constraint.", "$ref" : "#/definitions/StringDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, @@ -290,10 +290,10 @@ [ "expression" ], "additionalProperties" : false } } }, "additionalProperties" : false }, - "oscal-catalog-oscal-catalog-common:parameter-guideline" : + "oscal-catalog-oscal-control-common:parameter-guideline" : { "title" : "Guideline", "description" : "A prose statement that provides a recommendation for the use of a parameter.", - "$id" : "#assembly_oscal-catalog-common_parameter-guideline", + "$id" : "#assembly_oscal-control-common_parameter-guideline", "type" : "object", "properties" : { "prose" : @@ -303,15 +303,15 @@ "required" : [ "prose" ], "additionalProperties" : false }, - "oscal-catalog-oscal-catalog-common:parameter-value" : + "oscal-catalog-oscal-control-common:parameter-value" : { "title" : "Parameter Value", "description" : "A parameter value or set of values.", - "$id" : "#field_oscal-catalog-common_parameter-value", + "$id" : "#field_oscal-control-common_parameter-value", "$ref" : "#/definitions/StringDatatype" }, - "oscal-catalog-oscal-catalog-common:parameter-selection" : + "oscal-catalog-oscal-control-common:parameter-selection" : { "title" : "Selection", - "description" : "Presenting a choice among alternatives", - "$id" : "#assembly_oscal-catalog-common_parameter-selection", + "description" : "Presenting a choice among alternatives.", + "$id" : "#assembly_oscal-control-common_parameter-selection", "type" : "object", "properties" : { "how-many" : @@ -329,18 +329,18 @@ "minItems" : 1, "items" : { "title" : "Choice", - "description" : "A value selection among several such options", + "description" : "A value selection among several such options.", "type" : "string" } } }, "additionalProperties" : false }, - "oscal-catalog-oscal-catalog-common:include-all" : + "oscal-catalog-oscal-control-common:include-all" : { "title" : "Include All", "description" : "Include all controls from the imported catalog or profile resources.", - "$id" : "#assembly_oscal-catalog-common_include-all", + "$id" : "#assembly_oscal-control-common_include-all", "type" : "object", "additionalProperties" : false }, "oscal-catalog-oscal-metadata:metadata" : - { "title" : "Publication metadata", - "description" : "Provides information about the publication and availability of the containing document.", + { "title" : "Document Metadata", + "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", "$id" : "#assembly_oscal-metadata_metadata", "type" : "object", "properties" : @@ -360,7 +360,37 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_revision" } }, + { "title" : "Revision History Entry", + "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "version" ], + "additionalProperties" : false } }, "document-ids" : { "type" : "array", "minItems" : 1, @@ -380,17 +410,183 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_role" } }, + { "title" : "Role", + "description" : "Defines a function, which might be assigned to a party in a specific situation.", + "type" : "object", + "properties" : + { "id" : + { "title" : "Role Identifier", + "description" : "A unique identifier for the role.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Role Title", + "description" : "A name given to the role, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "Role Short Name", + "description" : "A short common name, abbreviation, or acronym for the role.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "Role Description", + "description" : "A summary of the role's purpose and associated responsibilities.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id", + "title" ], + "additionalProperties" : false } }, "locations" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_location" } }, + { "title" : "Location", + "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Location Universally Unique Identifier", + "description" : "A unique ID for the location, for reference.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Location Title", + "description" : "A name given to the location, which may be used by a tool for display and navigation.", + "type" : "string" }, + "address" : + { "$ref" : "#assembly_oscal-metadata_address" }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "urls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location URL", + "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", + "$ref" : "#/definitions/URIDatatype" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } }, "parties" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_party" } }, + { "title" : "Party", + "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Party Universally Unique Identifier", + "description" : "A unique identifier for the party.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Party Type", + "description" : "A category describing the kind of party the object describes.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, + "name" : + { "title" : "Party Name", + "description" : "The full name of the party. This is typically the legal name associated with the party.", + "$ref" : "#/definitions/StringDatatype" }, + "short-name" : + { "title" : "Party Short Name", + "description" : "A short common name, abbreviation, or acronym for the party.", + "$ref" : "#/definitions/StringDatatype" }, + "external-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party External Identifier", + "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "External Identifier Schema", + "description" : "Indicates the type of external identifier.", + "$ref" : "#/definitions/URIDatatype" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id", + "scheme" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_address" } }, + "location-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_location-uuid" } }, + "member-of-organizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Organizational Affiliation", + "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type" ], + "additionalProperties" : false } }, "responsible-parties" : { "type" : "array", "minItems" : 1, @@ -409,233 +605,24 @@ "version", "oscal-version" ], "additionalProperties" : false }, - "oscal-catalog-oscal-metadata:revision" : - { "title" : "Revision History Entry", - "description" : "An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first).", - "$id" : "#assembly_oscal-metadata_revision", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "version" ], - "additionalProperties" : false }, - "oscal-catalog-oscal-metadata:location" : - { "title" : "Location", - "description" : "A location, with associated metadata that can be referenced.", - "$id" : "#assembly_oscal-metadata_location", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Location Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Location Title", - "description" : "A name given to the location, which may be used by a tool for display and navigation.", - "type" : "string" }, - "address" : - { "$ref" : "#assembly_oscal-metadata_address" }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "urls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location URL", - "description" : "The uniform resource locator (URL) for a web site or Internet presence associated with the location.", - "$ref" : "#/definitions/URIDatatype" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "address" ], - "additionalProperties" : false }, "oscal-catalog-oscal-metadata:location-uuid" : - { "title" : "Location Reference", - "description" : "A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + { "title" : "Location Universally Unique Identifier Reference", + "description" : "Reference to a location by UUID.", "$id" : "#field_oscal-metadata_location-uuid", "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-catalog-oscal-metadata:party" : - { "title" : "Party (organization or person)", - "description" : "A responsible entity which is either a person or an organization.", - "$id" : "#assembly_oscal-metadata_party", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Party Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Party Type", - "description" : "A category describing the kind of party the object describes.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "person", - "organization" ] } ] }, - "name" : - { "title" : "Party Name", - "description" : "The full name of the party. This is typically the legal name associated with the party.", - "$ref" : "#/definitions/StringDatatype" }, - "short-name" : - { "title" : "Party Short Name", - "description" : "A short common name, abbreviation, or acronym for the party.", - "$ref" : "#/definitions/StringDatatype" }, - "external-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party External Identifier", - "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID)", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "External Identifier Schema", - "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id", - "scheme" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_address" } }, - "location-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_location-uuid" } }, - "member-of-organizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Organizational Affiliation", - "description" : "A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "$ref" : "#/definitions/UUIDDatatype" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type" ], - "additionalProperties" : false }, "oscal-catalog-oscal-metadata:party-uuid" : - { "title" : "Party Reference", - "description" : "A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + { "title" : "Party Universally Unique Identifier Reference", + "description" : "Reference to a party by UUID.", "$id" : "#field_oscal-metadata_party-uuid", "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-catalog-oscal-metadata:role" : - { "title" : "Role", - "description" : "Defines a function assumed or expected to be assumed by a party in a specific situation.", - "$id" : "#assembly_oscal-metadata_role", - "type" : "object", - "properties" : - { "id" : - { "title" : "Role Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Role Title", - "description" : "A name given to the role, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "Role Short Name", - "description" : "A short common name, abbreviation, or acronym for the role.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "Role Description", - "description" : "A summary of the role's purpose and associated responsibilities.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id", - "title" ], - "additionalProperties" : false }, "oscal-catalog-oscal-metadata:role-id" : { "title" : "Role Identifier Reference", - "description" : "A human-oriented identifier reference to roles served by the user.", + "description" : "Reference to a role by UUID.", "$id" : "#field_oscal-metadata_role-id", "$ref" : "#/definitions/TokenDatatype" }, "oscal-catalog-oscal-metadata:back-matter" : { "title" : "Back matter", - "description" : "A collection of resources, which may be included directly or by reference.", + "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", "$id" : "#assembly_oscal-metadata_back-matter", "type" : "object", "properties" : @@ -644,20 +631,20 @@ "minItems" : 1, "items" : { "title" : "Resource", - "description" : "A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources.", + "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", "type" : "object", "properties" : { "uuid" : { "title" : "Resource Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for a resource.", "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Resource Title", - "description" : "A name given to the resource, which may be used by a tool for display and navigation.", + "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", "type" : "string" }, "description" : { "title" : "Resource Description", - "description" : "A short summary of the resource used to indicate the purpose of the resource.", + "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", "type" : "string" }, "props" : { "type" : "array", @@ -671,7 +658,7 @@ { "$ref" : "#field_oscal-metadata_document-id" } }, "citation" : { "title" : "Citation", - "description" : "A citation consisting of end note text and optional structured bibliographic data.", + "description" : "An optional citation consisting of end note text using structured markup.", "type" : "object", "properties" : { "text" : @@ -696,16 +683,16 @@ "minItems" : 1, "items" : { "title" : "Resource link", - "description" : "A pointer to an external resource with an optional hash for verification and change detection.", + "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", "type" : "object", "properties" : { "href" : { "title" : "Hypertext Reference", - "description" : "A resolvable URI reference to a resource.", + "description" : "A resolvable URL pointing to the referenced resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "hashes" : { "type" : "array", @@ -717,16 +704,16 @@ "additionalProperties" : false } }, "base64" : { "title" : "Base64", - "description" : "The Base64 alphabet in RFC 2045 - aligned with XSD.", + "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", "type" : "object", "properties" : { "filename" : { "title" : "File Name", "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "$ref" : "#/definitions/URIReferenceDatatype" }, + "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, @@ -741,17 +728,22 @@ "additionalProperties" : false }, "oscal-catalog-oscal-metadata:property" : { "title" : "Property", - "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values.", + "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", "$id" : "#assembly_oscal-metadata_property", "type" : "object", "properties" : { "name" : { "title" : "Property Name", - "description" : "A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "$ref" : "#/definitions/TokenDatatype" }, + "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "marking" ] } ] }, "uuid" : { "title" : "Property Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for a property.", "$ref" : "#/definitions/UUIDDatatype" }, "ns" : { "title" : "Property Namespace", @@ -763,7 +755,7 @@ "$ref" : "#/definitions/StringDatatype" }, "class" : { "title" : "Property Class", - "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", + "description" : "A textual label that provides a sub-type or characterization of the property's name.", "$ref" : "#/definitions/TokenDatatype" }, "group" : { "title" : "Property Group", @@ -777,7 +769,7 @@ "additionalProperties" : false }, "oscal-catalog-oscal-metadata:link" : { "title" : "Link", - "description" : "A reference to a local or remote resource", + "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", "$id" : "#assembly_oscal-metadata_link", "type" : "object", "properties" : @@ -786,12 +778,12 @@ "description" : "A resolvable URL reference to a resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, "rel" : - { "title" : "Relation", - "description" : "Describes the type of relationship provided by the link. This can be an indicator of the link's purpose.", + { "title" : "Link Relation Type", + "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", @@ -802,13 +794,13 @@ "additionalProperties" : false }, "oscal-catalog-oscal-metadata:responsible-party" : { "title" : "Responsible Party", - "description" : "A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object.", + "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", "$id" : "#assembly_oscal-metadata_responsible-party", "type" : "object", "properties" : { "role-id" : { "title" : "Responsible Role", - "description" : "A human-oriented identifier reference to roles served by the user.", + "description" : "A reference to a role performed by a party.", "$ref" : "#/definitions/TokenDatatype" }, "party-uuids" : { "type" : "array", @@ -877,13 +869,13 @@ "additionalProperties" : false }, "oscal-catalog-oscal-metadata:responsible-role" : { "title" : "Responsible Role", - "description" : "A reference to one or more roles with responsibility for performing a function relative to the containing object.", + "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", "$id" : "#assembly_oscal-metadata_responsible-role", "type" : "object", "properties" : { "role-id" : { "title" : "Responsible Role ID", - "description" : "A human-oriented identifier reference to roles responsible for the business function.", + "description" : "A human-oriented identifier reference to a role performed.", "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", @@ -913,7 +905,7 @@ "properties" : { "algorithm" : { "title" : "Hash algorithm", - "description" : "Method by which a hash is derived", + "description" : "The digest method by which a hash is derived.", "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, @@ -923,27 +915,27 @@ "additionalProperties" : false }, "oscal-catalog-oscal-metadata:remarks" : { "title" : "Remarks", - "description" : "Additional commentary on the containing object.", + "description" : "Additional commentary about the containing object.", "$id" : "#field_oscal-metadata_remarks", "type" : "string" }, "oscal-catalog-oscal-metadata:published" : { "title" : "Publication Timestamp", - "description" : "The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", + "description" : "The date and time the document was last made available.", "$id" : "#field_oscal-metadata_published", "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-catalog-oscal-metadata:last-modified" : { "title" : "Last Modified Timestamp", - "description" : "The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", + "description" : "The date and time the document was last stored for later retrieval.", "$id" : "#field_oscal-metadata_last-modified", "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-catalog-oscal-metadata:version" : { "title" : "Document Version", - "description" : "A string used to distinguish the current version of the document from other previous (and future) versions.", + "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", "$id" : "#field_oscal-metadata_version", "$ref" : "#/definitions/StringDatatype" }, "oscal-catalog-oscal-metadata:oscal-version" : - { "title" : "OSCAL version", - "description" : "The OSCAL model version the document was authored against.", + { "title" : "OSCAL Version", + "description" : "The OSCAL model version the document was authored against and will conform to as valid.", "$id" : "#field_oscal-metadata_oscal-version", "$ref" : "#/definitions/StringDatatype" }, "oscal-catalog-oscal-metadata:email-address" : @@ -953,7 +945,7 @@ "$ref" : "#/definitions/EmailAddressDatatype" }, "oscal-catalog-oscal-metadata:telephone-number" : { "title" : "Telephone Number", - "description" : "Contact number by telephone.", + "description" : "A telephone service number as defined by ITU-T E.164.", "$id" : "#field_oscal-metadata_telephone-number", "type" : "object", "properties" : @@ -987,11 +979,11 @@ "$ref" : "#/definitions/StringDatatype" }, "state" : { "title" : "State", - "description" : "State, province or analogous geographical region for mailing address", + "description" : "State, province or analogous geographical region for a mailing address.", "$ref" : "#/definitions/StringDatatype" }, "postal-code" : { "title" : "Postal Code", - "description" : "Postal or ZIP code for mailing address", + "description" : "Postal or ZIP code for mailing address.", "$ref" : "#/definitions/StringDatatype" }, "country" : { "title" : "Country Code", @@ -1005,7 +997,7 @@ "$ref" : "#/definitions/StringDatatype" }, "oscal-catalog-oscal-metadata:document-id" : { "title" : "Document Identifier", - "description" : "A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of \"document-id\" is equal to the value of the \"uuid\" flag of the top-level root element.", + "description" : "A document identifier qualified by an identifier scheme.", "$id" : "#field_oscal-metadata_document-id", "type" : "object", "properties" : @@ -1114,7 +1106,7 @@ "additionalProperties" : false }, "oscal-catalog-oscal-mapping-common:mapping-resource-reference" : { "title" : "Mapped Resource Reference", - "description" : "A reference to a back-matter resource that is either the source or target of a mapping.", + "description" : "A reference to a resource that is either the source or target of a mapping.", "$id" : "#assembly_oscal-mapping-common_mapping-resource-reference", "type" : "object", "properties" : diff --git a/json/schema/oscal_complete_schema.json b/json/schema/oscal_complete_schema.json index ce849cc5a0..114a262b47 100644 --- a/json/schema/oscal_complete_schema.json +++ b/json/schema/oscal_complete_schema.json @@ -6,13 +6,13 @@ "definitions" : { "oscal-complete-oscal-catalog:catalog" : { "title" : "Catalog", - "description" : "A collection of controls.", + "description" : "A structured, organized collection of control information.", "$id" : "#assembly_oscal-catalog_catalog", "type" : "object", "properties" : { "uuid" : { "title" : "Catalog Universally Unique Identifier", - "description" : "A globally unique identifier with cross-instance scope for this catalog instance. This UUID should be changed when this document is revised.", + "description" : "Provides a globally unique means to identify a given catalog instance.", "$ref" : "#/definitions/UUIDDatatype" }, "metadata" : { "$ref" : "#assembly_oscal-metadata_metadata" }, @@ -20,7 +20,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter" } }, + { "$ref" : "#assembly_oscal-control-common_parameter" } }, "controls" : { "type" : "array", "minItems" : 1, @@ -45,7 +45,7 @@ "properties" : { "id" : { "title" : "Group Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document.", + "description" : "Identifies the group for the purpose of cross-linking within the defining instance or from other instances that reference the catalog.", "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Group Class", @@ -59,7 +59,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter" } }, + { "$ref" : "#assembly_oscal-control-common_parameter" } }, "props" : { "type" : "array", "minItems" : 1, @@ -74,7 +74,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_part" } }, + { "$ref" : "#assembly_oscal-control-common_part" } }, "groups" : { "type" : "array", "minItems" : 1, @@ -90,13 +90,13 @@ "additionalProperties" : false }, "oscal-complete-oscal-catalog:control" : { "title" : "Control", - "description" : "A structured information object representing a security or privacy control. Each security or privacy control within the Catalog is defined by a distinct control instance.", + "description" : "A structured object representing a requirement or guideline, which when implemented will reduce an aspect of risk related to an information system and its information.", "$id" : "#assembly_oscal-catalog_control", "type" : "object", "properties" : { "id" : { "title" : "Control Identifier", - "description" : "A human-oriented, locally unique identifier with instance scope that can be used to reference this control elsewhere in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same control across revisions of the document.", + "description" : "Identifies a control such that it can be referenced in the defining catalog and other OSCAL instances (e.g., profiles).", "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Control Class", @@ -110,7 +110,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter" } }, + { "$ref" : "#assembly_oscal-control-common_parameter" } }, "props" : { "type" : "array", "minItems" : 1, @@ -125,7 +125,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_part" } }, + { "$ref" : "#assembly_oscal-control-common_part" } }, "mapping" : { "title" : "Mapping", "description" : "A mapping between the containing control and another resource.", @@ -156,31 +156,31 @@ [ "id", "title" ], "additionalProperties" : false }, - "oscal-complete-oscal-catalog-common:part" : + "oscal-complete-oscal-control-common:part" : { "title" : "Part", - "description" : "A partition of a control's definition or a child of another part.", - "$id" : "#assembly_oscal-catalog-common_part", + "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", + "$id" : "#assembly_oscal-control-common_part", "type" : "object", "properties" : { "id" : { "title" : "Part Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for the part.", "$ref" : "#/definitions/TokenDatatype" }, "name" : { "title" : "Part Name", - "description" : "A textual label that uniquely identifies the part's semantic type.", + "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", "$ref" : "#/definitions/TokenDatatype" }, "ns" : { "title" : "Part Namespace", - "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", + "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", "$ref" : "#/definitions/URIDatatype" }, "class" : { "title" : "Part Class", - "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", + "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Part Title", - "description" : "A name given to the part, which may be used by a tool for display and navigation.", + "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", "type" : "string" }, "props" : { "type" : "array", @@ -195,7 +195,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_part" } }, + { "$ref" : "#assembly_oscal-control-common_part" } }, "links" : { "type" : "array", "minItems" : 1, @@ -204,23 +204,23 @@ "required" : [ "name" ], "additionalProperties" : false }, - "oscal-complete-oscal-catalog-common:parameter" : + "oscal-complete-oscal-control-common:parameter" : { "title" : "Parameter", "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", - "$id" : "#assembly_oscal-catalog-common_parameter", + "$id" : "#assembly_oscal-control-common_parameter", "type" : "object", "properties" : { "id" : { "title" : "Parameter Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for the parameter.", "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Parameter Class", - "description" : "A textual label that provides a characterization of the parameter.", + "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", "$ref" : "#/definitions/TokenDatatype" }, "depends-on" : { "title" : "Depends on", - "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", + "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", @@ -238,34 +238,34 @@ "type" : "string" }, "usage" : { "title" : "Parameter Usage Description", - "description" : "Describes the purpose and use of a parameter", + "description" : "Describes the purpose and use of a parameter.", "type" : "string" }, "constraints" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-constraint" } }, + { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, "guidelines" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-guideline" } }, + { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, "values" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#field_oscal-catalog-common_parameter-value" } }, + { "$ref" : "#field_oscal-control-common_parameter-value" } }, "select" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-selection" }, + { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : [ "id" ], "additionalProperties" : false }, - "oscal-complete-oscal-catalog-common:parameter-constraint" : + "oscal-complete-oscal-control-common:parameter-constraint" : { "title" : "Constraint", - "description" : "A formal or informal expression of a constraint or test", - "$id" : "#assembly_oscal-catalog-common_parameter-constraint", + "description" : "A formal or informal expression of a constraint or test.", + "$id" : "#assembly_oscal-control-common_parameter-constraint", "type" : "object", "properties" : { "description" : @@ -282,7 +282,7 @@ "properties" : { "expression" : { "title" : "Constraint test", - "description" : "A formal (executable) expression of a constraint", + "description" : "A formal (executable) expression of a constraint.", "$ref" : "#/definitions/StringDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, @@ -290,10 +290,10 @@ [ "expression" ], "additionalProperties" : false } } }, "additionalProperties" : false }, - "oscal-complete-oscal-catalog-common:parameter-guideline" : + "oscal-complete-oscal-control-common:parameter-guideline" : { "title" : "Guideline", "description" : "A prose statement that provides a recommendation for the use of a parameter.", - "$id" : "#assembly_oscal-catalog-common_parameter-guideline", + "$id" : "#assembly_oscal-control-common_parameter-guideline", "type" : "object", "properties" : { "prose" : @@ -303,15 +303,15 @@ "required" : [ "prose" ], "additionalProperties" : false }, - "oscal-complete-oscal-catalog-common:parameter-value" : + "oscal-complete-oscal-control-common:parameter-value" : { "title" : "Parameter Value", "description" : "A parameter value or set of values.", - "$id" : "#field_oscal-catalog-common_parameter-value", + "$id" : "#field_oscal-control-common_parameter-value", "$ref" : "#/definitions/StringDatatype" }, - "oscal-complete-oscal-catalog-common:parameter-selection" : + "oscal-complete-oscal-control-common:parameter-selection" : { "title" : "Selection", - "description" : "Presenting a choice among alternatives", - "$id" : "#assembly_oscal-catalog-common_parameter-selection", + "description" : "Presenting a choice among alternatives.", + "$id" : "#assembly_oscal-control-common_parameter-selection", "type" : "object", "properties" : { "how-many" : @@ -329,18 +329,18 @@ "minItems" : 1, "items" : { "title" : "Choice", - "description" : "A value selection among several such options", + "description" : "A value selection among several such options.", "type" : "string" } } }, "additionalProperties" : false }, - "oscal-complete-oscal-catalog-common:include-all" : + "oscal-complete-oscal-control-common:include-all" : { "title" : "Include All", "description" : "Include all controls from the imported catalog or profile resources.", - "$id" : "#assembly_oscal-catalog-common_include-all", + "$id" : "#assembly_oscal-control-common_include-all", "type" : "object", "additionalProperties" : false }, "oscal-complete-oscal-metadata:metadata" : - { "title" : "Publication metadata", - "description" : "Provides information about the publication and availability of the containing document.", + { "title" : "Document Metadata", + "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", "$id" : "#assembly_oscal-metadata_metadata", "type" : "object", "properties" : @@ -360,7 +360,37 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_revision" } }, + { "title" : "Revision History Entry", + "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "version" ], + "additionalProperties" : false } }, "document-ids" : { "type" : "array", "minItems" : 1, @@ -380,17 +410,183 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_role" } }, + { "title" : "Role", + "description" : "Defines a function, which might be assigned to a party in a specific situation.", + "type" : "object", + "properties" : + { "id" : + { "title" : "Role Identifier", + "description" : "A unique identifier for the role.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Role Title", + "description" : "A name given to the role, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "Role Short Name", + "description" : "A short common name, abbreviation, or acronym for the role.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "Role Description", + "description" : "A summary of the role's purpose and associated responsibilities.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id", + "title" ], + "additionalProperties" : false } }, "locations" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_location" } }, + { "title" : "Location", + "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Location Universally Unique Identifier", + "description" : "A unique ID for the location, for reference.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Location Title", + "description" : "A name given to the location, which may be used by a tool for display and navigation.", + "type" : "string" }, + "address" : + { "$ref" : "#assembly_oscal-metadata_address" }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "urls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location URL", + "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", + "$ref" : "#/definitions/URIDatatype" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } }, "parties" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_party" } }, + { "title" : "Party", + "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Party Universally Unique Identifier", + "description" : "A unique identifier for the party.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Party Type", + "description" : "A category describing the kind of party the object describes.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, + "name" : + { "title" : "Party Name", + "description" : "The full name of the party. This is typically the legal name associated with the party.", + "$ref" : "#/definitions/StringDatatype" }, + "short-name" : + { "title" : "Party Short Name", + "description" : "A short common name, abbreviation, or acronym for the party.", + "$ref" : "#/definitions/StringDatatype" }, + "external-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party External Identifier", + "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "External Identifier Schema", + "description" : "Indicates the type of external identifier.", + "$ref" : "#/definitions/URIDatatype" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id", + "scheme" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_address" } }, + "location-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_location-uuid" } }, + "member-of-organizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Organizational Affiliation", + "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type" ], + "additionalProperties" : false } }, "responsible-parties" : { "type" : "array", "minItems" : 1, @@ -409,233 +605,24 @@ "version", "oscal-version" ], "additionalProperties" : false }, - "oscal-complete-oscal-metadata:revision" : - { "title" : "Revision History Entry", - "description" : "An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first).", - "$id" : "#assembly_oscal-metadata_revision", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "version" ], - "additionalProperties" : false }, - "oscal-complete-oscal-metadata:location" : - { "title" : "Location", - "description" : "A location, with associated metadata that can be referenced.", - "$id" : "#assembly_oscal-metadata_location", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Location Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Location Title", - "description" : "A name given to the location, which may be used by a tool for display and navigation.", - "type" : "string" }, - "address" : - { "$ref" : "#assembly_oscal-metadata_address" }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "urls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location URL", - "description" : "The uniform resource locator (URL) for a web site or Internet presence associated with the location.", - "$ref" : "#/definitions/URIDatatype" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "address" ], - "additionalProperties" : false }, "oscal-complete-oscal-metadata:location-uuid" : - { "title" : "Location Reference", - "description" : "A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + { "title" : "Location Universally Unique Identifier Reference", + "description" : "Reference to a location by UUID.", "$id" : "#field_oscal-metadata_location-uuid", "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-complete-oscal-metadata:party" : - { "title" : "Party (organization or person)", - "description" : "A responsible entity which is either a person or an organization.", - "$id" : "#assembly_oscal-metadata_party", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Party Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Party Type", - "description" : "A category describing the kind of party the object describes.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "person", - "organization" ] } ] }, - "name" : - { "title" : "Party Name", - "description" : "The full name of the party. This is typically the legal name associated with the party.", - "$ref" : "#/definitions/StringDatatype" }, - "short-name" : - { "title" : "Party Short Name", - "description" : "A short common name, abbreviation, or acronym for the party.", - "$ref" : "#/definitions/StringDatatype" }, - "external-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party External Identifier", - "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID)", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "External Identifier Schema", - "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id", - "scheme" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_address" } }, - "location-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_location-uuid" } }, - "member-of-organizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Organizational Affiliation", - "description" : "A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "$ref" : "#/definitions/UUIDDatatype" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type" ], - "additionalProperties" : false }, "oscal-complete-oscal-metadata:party-uuid" : - { "title" : "Party Reference", - "description" : "A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + { "title" : "Party Universally Unique Identifier Reference", + "description" : "Reference to a party by UUID.", "$id" : "#field_oscal-metadata_party-uuid", "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-complete-oscal-metadata:role" : - { "title" : "Role", - "description" : "Defines a function assumed or expected to be assumed by a party in a specific situation.", - "$id" : "#assembly_oscal-metadata_role", - "type" : "object", - "properties" : - { "id" : - { "title" : "Role Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Role Title", - "description" : "A name given to the role, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "Role Short Name", - "description" : "A short common name, abbreviation, or acronym for the role.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "Role Description", - "description" : "A summary of the role's purpose and associated responsibilities.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id", - "title" ], - "additionalProperties" : false }, "oscal-complete-oscal-metadata:role-id" : { "title" : "Role Identifier Reference", - "description" : "A human-oriented identifier reference to roles served by the user.", + "description" : "Reference to a role by UUID.", "$id" : "#field_oscal-metadata_role-id", "$ref" : "#/definitions/TokenDatatype" }, "oscal-complete-oscal-metadata:back-matter" : { "title" : "Back matter", - "description" : "A collection of resources, which may be included directly or by reference.", + "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", "$id" : "#assembly_oscal-metadata_back-matter", "type" : "object", "properties" : @@ -644,20 +631,20 @@ "minItems" : 1, "items" : { "title" : "Resource", - "description" : "A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources.", + "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", "type" : "object", "properties" : { "uuid" : { "title" : "Resource Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for a resource.", "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Resource Title", - "description" : "A name given to the resource, which may be used by a tool for display and navigation.", + "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", "type" : "string" }, "description" : { "title" : "Resource Description", - "description" : "A short summary of the resource used to indicate the purpose of the resource.", + "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", "type" : "string" }, "props" : { "type" : "array", @@ -671,7 +658,7 @@ { "$ref" : "#field_oscal-metadata_document-id" } }, "citation" : { "title" : "Citation", - "description" : "A citation consisting of end note text and optional structured bibliographic data.", + "description" : "An optional citation consisting of end note text using structured markup.", "type" : "object", "properties" : { "text" : @@ -696,16 +683,16 @@ "minItems" : 1, "items" : { "title" : "Resource link", - "description" : "A pointer to an external resource with an optional hash for verification and change detection.", + "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", "type" : "object", "properties" : { "href" : { "title" : "Hypertext Reference", - "description" : "A resolvable URI reference to a resource.", + "description" : "A resolvable URL pointing to the referenced resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "hashes" : { "type" : "array", @@ -717,16 +704,16 @@ "additionalProperties" : false } }, "base64" : { "title" : "Base64", - "description" : "The Base64 alphabet in RFC 2045 - aligned with XSD.", + "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", "type" : "object", "properties" : { "filename" : { "title" : "File Name", "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "$ref" : "#/definitions/URIReferenceDatatype" }, + "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, @@ -741,17 +728,22 @@ "additionalProperties" : false }, "oscal-complete-oscal-metadata:property" : { "title" : "Property", - "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values.", + "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", "$id" : "#assembly_oscal-metadata_property", "type" : "object", "properties" : { "name" : { "title" : "Property Name", - "description" : "A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "$ref" : "#/definitions/TokenDatatype" }, + "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "marking" ] } ] }, "uuid" : { "title" : "Property Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for a property.", "$ref" : "#/definitions/UUIDDatatype" }, "ns" : { "title" : "Property Namespace", @@ -763,7 +755,7 @@ "$ref" : "#/definitions/StringDatatype" }, "class" : { "title" : "Property Class", - "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", + "description" : "A textual label that provides a sub-type or characterization of the property's name.", "$ref" : "#/definitions/TokenDatatype" }, "group" : { "title" : "Property Group", @@ -777,7 +769,7 @@ "additionalProperties" : false }, "oscal-complete-oscal-metadata:link" : { "title" : "Link", - "description" : "A reference to a local or remote resource", + "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", "$id" : "#assembly_oscal-metadata_link", "type" : "object", "properties" : @@ -786,12 +778,12 @@ "description" : "A resolvable URL reference to a resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, "rel" : - { "title" : "Relation", - "description" : "Describes the type of relationship provided by the link. This can be an indicator of the link's purpose.", + { "title" : "Link Relation Type", + "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", @@ -802,13 +794,13 @@ "additionalProperties" : false }, "oscal-complete-oscal-metadata:responsible-party" : { "title" : "Responsible Party", - "description" : "A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object.", + "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", "$id" : "#assembly_oscal-metadata_responsible-party", "type" : "object", "properties" : { "role-id" : { "title" : "Responsible Role", - "description" : "A human-oriented identifier reference to roles served by the user.", + "description" : "A reference to a role performed by a party.", "$ref" : "#/definitions/TokenDatatype" }, "party-uuids" : { "type" : "array", @@ -877,13 +869,13 @@ "additionalProperties" : false }, "oscal-complete-oscal-metadata:responsible-role" : { "title" : "Responsible Role", - "description" : "A reference to one or more roles with responsibility for performing a function relative to the containing object.", + "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", "$id" : "#assembly_oscal-metadata_responsible-role", "type" : "object", "properties" : { "role-id" : { "title" : "Responsible Role ID", - "description" : "A human-oriented identifier reference to roles responsible for the business function.", + "description" : "A human-oriented identifier reference to a role performed.", "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", @@ -913,7 +905,7 @@ "properties" : { "algorithm" : { "title" : "Hash algorithm", - "description" : "Method by which a hash is derived", + "description" : "The digest method by which a hash is derived.", "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, @@ -923,27 +915,27 @@ "additionalProperties" : false }, "oscal-complete-oscal-metadata:remarks" : { "title" : "Remarks", - "description" : "Additional commentary on the containing object.", + "description" : "Additional commentary about the containing object.", "$id" : "#field_oscal-metadata_remarks", "type" : "string" }, "oscal-complete-oscal-metadata:published" : { "title" : "Publication Timestamp", - "description" : "The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", + "description" : "The date and time the document was last made available.", "$id" : "#field_oscal-metadata_published", "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-complete-oscal-metadata:last-modified" : { "title" : "Last Modified Timestamp", - "description" : "The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", + "description" : "The date and time the document was last stored for later retrieval.", "$id" : "#field_oscal-metadata_last-modified", "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-complete-oscal-metadata:version" : { "title" : "Document Version", - "description" : "A string used to distinguish the current version of the document from other previous (and future) versions.", + "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", "$id" : "#field_oscal-metadata_version", "$ref" : "#/definitions/StringDatatype" }, "oscal-complete-oscal-metadata:oscal-version" : - { "title" : "OSCAL version", - "description" : "The OSCAL model version the document was authored against.", + { "title" : "OSCAL Version", + "description" : "The OSCAL model version the document was authored against and will conform to as valid.", "$id" : "#field_oscal-metadata_oscal-version", "$ref" : "#/definitions/StringDatatype" }, "oscal-complete-oscal-metadata:email-address" : @@ -953,7 +945,7 @@ "$ref" : "#/definitions/EmailAddressDatatype" }, "oscal-complete-oscal-metadata:telephone-number" : { "title" : "Telephone Number", - "description" : "Contact number by telephone.", + "description" : "A telephone service number as defined by ITU-T E.164.", "$id" : "#field_oscal-metadata_telephone-number", "type" : "object", "properties" : @@ -987,11 +979,11 @@ "$ref" : "#/definitions/StringDatatype" }, "state" : { "title" : "State", - "description" : "State, province or analogous geographical region for mailing address", + "description" : "State, province or analogous geographical region for a mailing address.", "$ref" : "#/definitions/StringDatatype" }, "postal-code" : { "title" : "Postal Code", - "description" : "Postal or ZIP code for mailing address", + "description" : "Postal or ZIP code for mailing address.", "$ref" : "#/definitions/StringDatatype" }, "country" : { "title" : "Country Code", @@ -1005,7 +997,7 @@ "$ref" : "#/definitions/StringDatatype" }, "oscal-complete-oscal-metadata:document-id" : { "title" : "Document Identifier", - "description" : "A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of \"document-id\" is equal to the value of the \"uuid\" flag of the top-level root element.", + "description" : "A document identifier qualified by an identifier scheme.", "$id" : "#field_oscal-metadata_document-id", "type" : "object", "properties" : @@ -1114,7 +1106,7 @@ "additionalProperties" : false }, "oscal-complete-oscal-mapping-common:mapping-resource-reference" : { "title" : "Mapped Resource Reference", - "description" : "A reference to a back-matter resource that is either the source or target of a mapping.", + "description" : "A reference to a resource that is either the source or target of a mapping.", "$id" : "#assembly_oscal-mapping-common_mapping-resource-reference", "type" : "object", "properties" : @@ -1202,13 +1194,13 @@ "additionalProperties" : false }, "oscal-complete-oscal-profile:profile" : { "title" : "Profile", - "description" : "Each OSCAL profile is defined by a Profile element", + "description" : "Each OSCAL profile is defined by a profile element.", "$id" : "#assembly_oscal-profile_profile", "type" : "object", "properties" : { "uuid" : { "title" : "Profile Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this profile elsewhere in this or other OSCAL instances. The locally defined UUID of the profile can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This identifier should be assigned per-subject, which means it should be consistently used to identify the same profile across revisions of the document.", + "description" : "Provides a globally unique means to identify a given profile instance.", "$ref" : "#/definitions/UUIDDatatype" }, "metadata" : { "$ref" : "#assembly_oscal-metadata_metadata" }, @@ -1229,8 +1221,8 @@ "imports" ], "additionalProperties" : false }, "oscal-complete-oscal-profile:import" : - { "title" : "Import resource", - "description" : "The import designates a catalog or profile to be included (referenced and potentially modified) by this profile. The import also identifies which controls to select using the include-all, include-controls, and exclude-controls directives.", + { "title" : "Import Resource", + "description" : "Designates a referenced source catalog or profile that provides a source of control information for use in creating a new overlay or baseline.", "$id" : "#assembly_oscal-profile_import", "type" : "object", "properties" : @@ -1239,7 +1231,7 @@ "description" : "A resolvable URL reference to the base catalog or profile that this profile is tailoring.", "$ref" : "#/definitions/URIReferenceDatatype" }, "include-all" : - { "$ref" : "#assembly_oscal-catalog-common_include-all" }, + { "$ref" : "#assembly_oscal-control-common_include-all" }, "include-controls" : { "type" : "array", "minItems" : 1, @@ -1254,19 +1246,19 @@ [ "href" ], "additionalProperties" : false }, "oscal-complete-oscal-profile:merge" : - { "title" : "Merge controls", - "description" : "A Merge element provides structuring directives that drive how controls are organized after resolution.", + { "title" : "Merge Controls", + "description" : "Provides structuring directives that instruct how controls are organized after profile resolution.", "$id" : "#assembly_oscal-profile_merge", "type" : "object", "properties" : { "combine" : - { "title" : "Combination rule", - "description" : "A Combine element defines how to combine multiple (competing) versions of the same control.", + { "title" : "Combination Rule", + "description" : "A Combine element defines how to resolve duplicate instances of the same control (e.g., controls with the same ID).", "type" : "object", "properties" : { "method" : - { "title" : "Combination method", - "description" : "How clashing controls should be handled", + { "title" : "Combination Method", + "description" : "Declare how clashing controls should be handled.", "allOf" : [ { "$ref" : "#/definitions/StringDatatype" }, @@ -1277,17 +1269,17 @@ "keep" ] } ] } }, "additionalProperties" : false }, "flat" : - { "title" : "Flat", - "description" : "Use the flat structuring method.", + { "title" : "Flat Without Grouping", + "description" : "Directs that controls appear without any grouping structure.", "type" : "object", "additionalProperties" : false }, "as-is" : - { "title" : "As-Is Structuring Directive", - "description" : "An As-is element indicates that the controls should be structured in resolution as they are structured in their source catalogs. It does not contain any elements or attributes.", + { "title" : "Group As-Is", + "description" : "Indicates that the controls selected should retain their original grouping as defined in the import source.", "$ref" : "#/definitions/BooleanDatatype" }, "custom" : - { "title" : "Custom grouping", - "description" : "A Custom element frames a structure for embedding represented controls in resolution.", + { "title" : "Custom Grouping", + "description" : "Provides an alternate grouping structure that selected controls will be placed in.", "type" : "object", "properties" : { "groups" : @@ -1303,14 +1295,14 @@ "additionalProperties" : false } }, "additionalProperties" : false }, "oscal-complete-oscal-profile:group" : - { "title" : "Control group", - "description" : "A group of (selected) controls or of groups of controls", + { "title" : "Control Group", + "description" : "A group of (selected) controls or of groups of controls.", "$id" : "#assembly_oscal-profile_group", "type" : "object", "properties" : { "id" : { "title" : "Group Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document.", + "description" : "Identifies the group.", "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Group Class", @@ -1318,13 +1310,13 @@ "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Group Title", - "description" : "A name given to the group, which may be used by a tool for display and navigation.", + "description" : "A name to be given to the group for use in display.", "type" : "string" }, "params" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter" } }, + { "$ref" : "#assembly_oscal-control-common_parameter" } }, "props" : { "type" : "array", "minItems" : 1, @@ -1339,7 +1331,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_part" } }, + { "$ref" : "#assembly_oscal-control-common_part" } }, "groups" : { "type" : "array", "minItems" : 1, @@ -1354,8 +1346,8 @@ [ "title" ], "additionalProperties" : false }, "oscal-complete-oscal-profile:modify" : - { "title" : "Modify controls", - "description" : "Set parameters or amend controls in resolution", + { "title" : "Modify Controls", + "description" : "Set parameters or amend controls in resolution.", "$id" : "#assembly_oscal-profile_modify", "type" : "object", "properties" : @@ -1364,19 +1356,19 @@ "minItems" : 1, "items" : { "title" : "Parameter Setting", - "description" : "A parameter setting, to be propagated to points of insertion", + "description" : "A parameter setting, to be propagated to points of insertion.", "type" : "object", "properties" : { "param-id" : { "title" : "Parameter ID", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "An identifier for the parameter.", "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Parameter Class", "description" : "A textual label that provides a characterization of the parameter.", "$ref" : "#/definitions/TokenDatatype" }, "depends-on" : - { "title" : "Depends on", + { "title" : "Depends On", "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", "$ref" : "#/definitions/TokenDatatype" }, "props" : @@ -1395,25 +1387,25 @@ "type" : "string" }, "usage" : { "title" : "Parameter Usage Description", - "description" : "Describes the purpose and use of a parameter", + "description" : "Describes the purpose and use of a parameter.", "type" : "string" }, "constraints" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-constraint" } }, + { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, "guidelines" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-guideline" } }, + { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, "values" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#field_oscal-catalog-common_parameter-value" } }, + { "$ref" : "#field_oscal-control-common_parameter-value" } }, "select" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-selection" } }, + { "$ref" : "#assembly_oscal-control-common_parameter-selection" } }, "required" : [ "param-id" ], "additionalProperties" : false } }, @@ -1422,12 +1414,12 @@ "minItems" : 1, "items" : { "title" : "Alteration", - "description" : "An Alter element specifies changes to be made to an included control when a profile is resolved.", + "description" : "Specifies changes to be made to an included control when a profile is resolved.", "type" : "object", "properties" : { "control-id" : { "title" : "Control Identifier Reference", - "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", "$ref" : "#/definitions/TokenDatatype" }, "removes" : { "type" : "array", @@ -1439,7 +1431,7 @@ "properties" : { "by-name" : { "title" : "Reference by (assigned) name", - "description" : "Identify items to remove by matching their assigned name", + "description" : "Identify items remove by matching their assigned name.", "$ref" : "#/definitions/TokenDatatype" }, "by-class" : { "title" : "Reference by class", @@ -1451,7 +1443,7 @@ "$ref" : "#/definitions/TokenDatatype" }, "by-item-name" : { "title" : "Item Name Reference", - "description" : "Identify items to remove by the name of the item's information element name, e.g. title or prop", + "description" : "Identify items to remove by the name of the item's information object name, e.g. title or prop.", "allOf" : [ { "$ref" : "#/definitions/TokenDatatype" }, @@ -1473,12 +1465,12 @@ "minItems" : 1, "items" : { "title" : "Addition", - "description" : "Specifies contents to be added into controls, in resolution", + "description" : "Specifies contents to be added into controls, in resolution.", "type" : "object", "properties" : { "position" : { "title" : "Position", - "description" : "Where to add the new content with respect to the targeted element (beside it or inside it)", + "description" : "Where to add the new content with respect to the targeted element (beside it or inside it).", "allOf" : [ { "$ref" : "#/definitions/TokenDatatype" }, @@ -1500,7 +1492,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter" } }, + { "$ref" : "#assembly_oscal-control-common_parameter" } }, "props" : { "type" : "array", "minItems" : 1, @@ -1515,14 +1507,14 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_part" } } }, + { "$ref" : "#assembly_oscal-control-common_part" } } }, "additionalProperties" : false } } }, "required" : [ "control-id" ], "additionalProperties" : false } } }, "additionalProperties" : false }, "oscal-complete-oscal-profile:insert-controls" : - { "title" : "Select controls", + { "title" : "Select Controls", "description" : "Specifies which controls to use in the containing context.", "$id" : "#assembly_oscal-profile_insert-controls", "type" : "object", @@ -1539,7 +1531,7 @@ "ascending", "descending" ] } ] }, "include-all" : - { "$ref" : "#assembly_oscal-catalog-common_include-all" }, + { "$ref" : "#assembly_oscal-control-common_include-all" }, "include-controls" : { "type" : "array", "minItems" : 1, @@ -1552,13 +1544,13 @@ { "$ref" : "#assembly_oscal-profile_select-control-by-id" } } }, "additionalProperties" : false }, "oscal-complete-oscal-profile:select-control-by-id" : - { "title" : "Call", - "description" : "Call a control by its ID", + { "title" : "Select Control", + "description" : "Select a control or controls from an imported control set.", "$id" : "#assembly_oscal-profile_select-control-by-id", "type" : "object", "properties" : { "with-child-controls" : - { "title" : "Include contained controls with control", + { "title" : "Include Contained Controls with Control", "description" : "When a control is included, whether its child (dependent) controls are also included.", "allOf" : [ @@ -1572,14 +1564,14 @@ "minItems" : 1, "items" : { "title" : "Match Controls by Identifier", - "description" : "", + "description" : "Selecting a control by its ID given as a literal.", "$ref" : "#/definitions/TokenDatatype" } }, "matching" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Match Controls by Pattern", - "description" : "Select controls by (regular expression) match on ID", + "description" : "Selecting a set of controls by matching their IDs with a wildcard pattern.", "type" : "object", "properties" : { "pattern" : @@ -1596,7 +1588,7 @@ "properties" : { "uuid" : { "title" : "Component Definition Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component definition elsewhere in this or other OSCAL instances. The locally defined UUID of the component definition can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "Provides a globally unique means to identify a given component definition instance.", "$ref" : "#/definitions/UUIDDatatype" }, "metadata" : { "$ref" : "#assembly_oscal-metadata_metadata" }, @@ -1642,7 +1634,7 @@ "properties" : { "uuid" : { "title" : "Component Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "Provides a globally unique means to identify a given component.", "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Component Type", @@ -1701,7 +1693,7 @@ "properties" : { "uuid" : { "title" : "Capability Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this capability elsewhere in this or other OSCAL instances. The locally defined UUID of the capability can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "Provides a globally unique means to identify a given capability.", "$ref" : "#/definitions/UUIDDatatype" }, "name" : { "title" : "Capability Name", @@ -1740,7 +1732,7 @@ "additionalProperties" : false }, "oscal-complete-oscal-component-definition:incorporates-component" : { "title" : "Incorporates Component", - "description" : "TBD", + "description" : "The collection of components comprising this capability.", "$id" : "#assembly_oscal-component-definition_incorporates-component", "type" : "object", "properties" : @@ -1764,7 +1756,7 @@ "properties" : { "uuid" : { "title" : "Control Implementation Set Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a set of implemented controls elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation set can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "Provides a means to identify a set of control implementations that are supported by a given component or capability.", "$ref" : "#/definitions/UUIDDatatype" }, "source" : { "title" : "Source Resource Reference", @@ -1808,15 +1800,15 @@ "properties" : { "uuid" : { "title" : "Control Implementation Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a specific control implementation elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "Provides a globally unique means to identify a given control implementation by a component.", "$ref" : "#/definitions/UUIDDatatype" }, "control-id" : { "title" : "Control Identifier Reference", - "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", "$ref" : "#/definitions/TokenDatatype" }, "description" : { "title" : "Control Implementation Description", - "description" : "A suggestion for how the specified control may be implemented if the containing component or capability is instantiated in a system security plan.", + "description" : "A suggestion from the supplier (e.g., component vendor or author) for how the specified control may be implemented if the containing component or capability is instantiated in a system security plan.", "type" : "string" }, "props" : { "type" : "array", @@ -2735,7 +2727,7 @@ "$ref" : "#/definitions/UUIDDatatype" }, "control-id" : { "title" : "Control Identifier Reference", - "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", @@ -3143,7 +3135,7 @@ "properties" : { "control-id" : { "title" : "Control Identifier Reference", - "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", "$ref" : "#/definitions/TokenDatatype" }, "description" : { "title" : "Objective Description", @@ -3163,7 +3155,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_part" } }, + { "$ref" : "#assembly_oscal-control-common_part" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -3500,7 +3492,7 @@ "items" : { "$ref" : "#assembly_oscal-metadata_link" } }, "include-all" : - { "$ref" : "#assembly_oscal-catalog-common_include-all" }, + { "$ref" : "#assembly_oscal-control-common_include-all" }, "include-controls" : { "type" : "array", "minItems" : 1, @@ -3537,7 +3529,7 @@ "items" : { "$ref" : "#assembly_oscal-metadata_link" } }, "include-all" : - { "$ref" : "#assembly_oscal-catalog-common_include-all" }, + { "$ref" : "#assembly_oscal-control-common_include-all" }, "include-objectives" : { "type" : "array", "minItems" : 1, @@ -3564,7 +3556,7 @@ "properties" : { "control-id" : { "title" : "Control Identifier Reference", - "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", "$ref" : "#/definitions/TokenDatatype" }, "statement-ids" : { "type" : "array", @@ -3659,7 +3651,7 @@ "items" : { "$ref" : "#assembly_oscal-metadata_link" } }, "include-all" : - { "$ref" : "#assembly_oscal-catalog-common_include-all" }, + { "$ref" : "#assembly_oscal-control-common_include-all" }, "include-subjects" : { "type" : "array", "minItems" : 1, diff --git a/json/schema/oscal_component_schema.json b/json/schema/oscal_component_schema.json index 10127bda25..8f3e0c7523 100644 --- a/json/schema/oscal_component_schema.json +++ b/json/schema/oscal_component_schema.json @@ -12,7 +12,7 @@ "properties" : { "uuid" : { "title" : "Component Definition Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component definition elsewhere in this or other OSCAL instances. The locally defined UUID of the component definition can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "Provides a globally unique means to identify a given component definition instance.", "$ref" : "#/definitions/UUIDDatatype" }, "metadata" : { "$ref" : "#assembly_oscal-metadata_metadata" }, @@ -58,7 +58,7 @@ "properties" : { "uuid" : { "title" : "Component Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "Provides a globally unique means to identify a given component.", "$ref" : "#/definitions/UUIDDatatype" }, "type" : { "title" : "Component Type", @@ -117,7 +117,7 @@ "properties" : { "uuid" : { "title" : "Capability Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this capability elsewhere in this or other OSCAL instances. The locally defined UUID of the capability can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "Provides a globally unique means to identify a given capability.", "$ref" : "#/definitions/UUIDDatatype" }, "name" : { "title" : "Capability Name", @@ -156,7 +156,7 @@ "additionalProperties" : false }, "oscal-component-definition-oscal-component-definition:incorporates-component" : { "title" : "Incorporates Component", - "description" : "TBD", + "description" : "The collection of components comprising this capability.", "$id" : "#assembly_oscal-component-definition_incorporates-component", "type" : "object", "properties" : @@ -180,7 +180,7 @@ "properties" : { "uuid" : { "title" : "Control Implementation Set Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a set of implemented controls elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation set can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "Provides a means to identify a set of control implementations that are supported by a given component or capability.", "$ref" : "#/definitions/UUIDDatatype" }, "source" : { "title" : "Source Resource Reference", @@ -224,15 +224,15 @@ "properties" : { "uuid" : { "title" : "Control Implementation Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a specific control implementation elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "Provides a globally unique means to identify a given control implementation by a component.", "$ref" : "#/definitions/UUIDDatatype" }, "control-id" : { "title" : "Control Identifier Reference", - "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", "$ref" : "#/definitions/TokenDatatype" }, "description" : { "title" : "Control Implementation Description", - "description" : "A suggestion for how the specified control may be implemented if the containing component or capability is instantiated in a system security plan.", + "description" : "A suggestion from the supplier (e.g., component vendor or author) for how the specified control may be implemented if the containing component or capability is instantiated in a system security plan.", "type" : "string" }, "props" : { "type" : "array", @@ -630,8 +630,8 @@ [ "id" ], "additionalProperties" : false }, "oscal-component-definition-oscal-metadata:metadata" : - { "title" : "Publication metadata", - "description" : "Provides information about the publication and availability of the containing document.", + { "title" : "Document Metadata", + "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", "$id" : "#assembly_oscal-metadata_metadata", "type" : "object", "properties" : @@ -651,7 +651,37 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_revision" } }, + { "title" : "Revision History Entry", + "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "version" ], + "additionalProperties" : false } }, "document-ids" : { "type" : "array", "minItems" : 1, @@ -671,17 +701,183 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_role" } }, + { "title" : "Role", + "description" : "Defines a function, which might be assigned to a party in a specific situation.", + "type" : "object", + "properties" : + { "id" : + { "title" : "Role Identifier", + "description" : "A unique identifier for the role.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Role Title", + "description" : "A name given to the role, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "Role Short Name", + "description" : "A short common name, abbreviation, or acronym for the role.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "Role Description", + "description" : "A summary of the role's purpose and associated responsibilities.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id", + "title" ], + "additionalProperties" : false } }, "locations" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_location" } }, + { "title" : "Location", + "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Location Universally Unique Identifier", + "description" : "A unique ID for the location, for reference.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Location Title", + "description" : "A name given to the location, which may be used by a tool for display and navigation.", + "type" : "string" }, + "address" : + { "$ref" : "#assembly_oscal-metadata_address" }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "urls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location URL", + "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", + "$ref" : "#/definitions/URIDatatype" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } }, "parties" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_party" } }, + { "title" : "Party", + "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Party Universally Unique Identifier", + "description" : "A unique identifier for the party.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Party Type", + "description" : "A category describing the kind of party the object describes.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, + "name" : + { "title" : "Party Name", + "description" : "The full name of the party. This is typically the legal name associated with the party.", + "$ref" : "#/definitions/StringDatatype" }, + "short-name" : + { "title" : "Party Short Name", + "description" : "A short common name, abbreviation, or acronym for the party.", + "$ref" : "#/definitions/StringDatatype" }, + "external-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party External Identifier", + "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "External Identifier Schema", + "description" : "Indicates the type of external identifier.", + "$ref" : "#/definitions/URIDatatype" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id", + "scheme" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_address" } }, + "location-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_location-uuid" } }, + "member-of-organizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Organizational Affiliation", + "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type" ], + "additionalProperties" : false } }, "responsible-parties" : { "type" : "array", "minItems" : 1, @@ -700,233 +896,24 @@ "version", "oscal-version" ], "additionalProperties" : false }, - "oscal-component-definition-oscal-metadata:revision" : - { "title" : "Revision History Entry", - "description" : "An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first).", - "$id" : "#assembly_oscal-metadata_revision", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "version" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-metadata:location" : - { "title" : "Location", - "description" : "A location, with associated metadata that can be referenced.", - "$id" : "#assembly_oscal-metadata_location", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Location Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Location Title", - "description" : "A name given to the location, which may be used by a tool for display and navigation.", - "type" : "string" }, - "address" : - { "$ref" : "#assembly_oscal-metadata_address" }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "urls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location URL", - "description" : "The uniform resource locator (URL) for a web site or Internet presence associated with the location.", - "$ref" : "#/definitions/URIDatatype" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "address" ], - "additionalProperties" : false }, "oscal-component-definition-oscal-metadata:location-uuid" : - { "title" : "Location Reference", - "description" : "A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + { "title" : "Location Universally Unique Identifier Reference", + "description" : "Reference to a location by UUID.", "$id" : "#field_oscal-metadata_location-uuid", "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-component-definition-oscal-metadata:party" : - { "title" : "Party (organization or person)", - "description" : "A responsible entity which is either a person or an organization.", - "$id" : "#assembly_oscal-metadata_party", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Party Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Party Type", - "description" : "A category describing the kind of party the object describes.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "person", - "organization" ] } ] }, - "name" : - { "title" : "Party Name", - "description" : "The full name of the party. This is typically the legal name associated with the party.", - "$ref" : "#/definitions/StringDatatype" }, - "short-name" : - { "title" : "Party Short Name", - "description" : "A short common name, abbreviation, or acronym for the party.", - "$ref" : "#/definitions/StringDatatype" }, - "external-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party External Identifier", - "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID)", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "External Identifier Schema", - "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id", - "scheme" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_address" } }, - "location-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_location-uuid" } }, - "member-of-organizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Organizational Affiliation", - "description" : "A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "$ref" : "#/definitions/UUIDDatatype" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type" ], - "additionalProperties" : false }, "oscal-component-definition-oscal-metadata:party-uuid" : - { "title" : "Party Reference", - "description" : "A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + { "title" : "Party Universally Unique Identifier Reference", + "description" : "Reference to a party by UUID.", "$id" : "#field_oscal-metadata_party-uuid", "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-component-definition-oscal-metadata:role" : - { "title" : "Role", - "description" : "Defines a function assumed or expected to be assumed by a party in a specific situation.", - "$id" : "#assembly_oscal-metadata_role", - "type" : "object", - "properties" : - { "id" : - { "title" : "Role Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Role Title", - "description" : "A name given to the role, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "Role Short Name", - "description" : "A short common name, abbreviation, or acronym for the role.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "Role Description", - "description" : "A summary of the role's purpose and associated responsibilities.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id", - "title" ], - "additionalProperties" : false }, "oscal-component-definition-oscal-metadata:role-id" : { "title" : "Role Identifier Reference", - "description" : "A human-oriented identifier reference to roles served by the user.", + "description" : "Reference to a role by UUID.", "$id" : "#field_oscal-metadata_role-id", "$ref" : "#/definitions/TokenDatatype" }, "oscal-component-definition-oscal-metadata:back-matter" : { "title" : "Back matter", - "description" : "A collection of resources, which may be included directly or by reference.", + "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", "$id" : "#assembly_oscal-metadata_back-matter", "type" : "object", "properties" : @@ -935,20 +922,20 @@ "minItems" : 1, "items" : { "title" : "Resource", - "description" : "A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources.", + "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", "type" : "object", "properties" : { "uuid" : { "title" : "Resource Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for a resource.", "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Resource Title", - "description" : "A name given to the resource, which may be used by a tool for display and navigation.", + "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", "type" : "string" }, "description" : { "title" : "Resource Description", - "description" : "A short summary of the resource used to indicate the purpose of the resource.", + "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", "type" : "string" }, "props" : { "type" : "array", @@ -962,7 +949,7 @@ { "$ref" : "#field_oscal-metadata_document-id" } }, "citation" : { "title" : "Citation", - "description" : "A citation consisting of end note text and optional structured bibliographic data.", + "description" : "An optional citation consisting of end note text using structured markup.", "type" : "object", "properties" : { "text" : @@ -987,16 +974,16 @@ "minItems" : 1, "items" : { "title" : "Resource link", - "description" : "A pointer to an external resource with an optional hash for verification and change detection.", + "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", "type" : "object", "properties" : { "href" : { "title" : "Hypertext Reference", - "description" : "A resolvable URI reference to a resource.", + "description" : "A resolvable URL pointing to the referenced resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "hashes" : { "type" : "array", @@ -1008,16 +995,16 @@ "additionalProperties" : false } }, "base64" : { "title" : "Base64", - "description" : "The Base64 alphabet in RFC 2045 - aligned with XSD.", + "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", "type" : "object", "properties" : { "filename" : { "title" : "File Name", "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "$ref" : "#/definitions/URIReferenceDatatype" }, + "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, @@ -1032,17 +1019,22 @@ "additionalProperties" : false }, "oscal-component-definition-oscal-metadata:property" : { "title" : "Property", - "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values.", + "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", "$id" : "#assembly_oscal-metadata_property", "type" : "object", "properties" : { "name" : { "title" : "Property Name", - "description" : "A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "$ref" : "#/definitions/TokenDatatype" }, + "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "marking" ] } ] }, "uuid" : { "title" : "Property Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for a property.", "$ref" : "#/definitions/UUIDDatatype" }, "ns" : { "title" : "Property Namespace", @@ -1054,7 +1046,7 @@ "$ref" : "#/definitions/StringDatatype" }, "class" : { "title" : "Property Class", - "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", + "description" : "A textual label that provides a sub-type or characterization of the property's name.", "$ref" : "#/definitions/TokenDatatype" }, "group" : { "title" : "Property Group", @@ -1068,7 +1060,7 @@ "additionalProperties" : false }, "oscal-component-definition-oscal-metadata:link" : { "title" : "Link", - "description" : "A reference to a local or remote resource", + "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", "$id" : "#assembly_oscal-metadata_link", "type" : "object", "properties" : @@ -1077,12 +1069,12 @@ "description" : "A resolvable URL reference to a resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, "rel" : - { "title" : "Relation", - "description" : "Describes the type of relationship provided by the link. This can be an indicator of the link's purpose.", + { "title" : "Link Relation Type", + "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", @@ -1093,13 +1085,13 @@ "additionalProperties" : false }, "oscal-component-definition-oscal-metadata:responsible-party" : { "title" : "Responsible Party", - "description" : "A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object.", + "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", "$id" : "#assembly_oscal-metadata_responsible-party", "type" : "object", "properties" : { "role-id" : { "title" : "Responsible Role", - "description" : "A human-oriented identifier reference to roles served by the user.", + "description" : "A reference to a role performed by a party.", "$ref" : "#/definitions/TokenDatatype" }, "party-uuids" : { "type" : "array", @@ -1168,13 +1160,13 @@ "additionalProperties" : false }, "oscal-component-definition-oscal-metadata:responsible-role" : { "title" : "Responsible Role", - "description" : "A reference to one or more roles with responsibility for performing a function relative to the containing object.", + "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", "$id" : "#assembly_oscal-metadata_responsible-role", "type" : "object", "properties" : { "role-id" : { "title" : "Responsible Role ID", - "description" : "A human-oriented identifier reference to roles responsible for the business function.", + "description" : "A human-oriented identifier reference to a role performed.", "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", @@ -1204,7 +1196,7 @@ "properties" : { "algorithm" : { "title" : "Hash algorithm", - "description" : "Method by which a hash is derived", + "description" : "The digest method by which a hash is derived.", "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, @@ -1214,27 +1206,27 @@ "additionalProperties" : false }, "oscal-component-definition-oscal-metadata:remarks" : { "title" : "Remarks", - "description" : "Additional commentary on the containing object.", + "description" : "Additional commentary about the containing object.", "$id" : "#field_oscal-metadata_remarks", "type" : "string" }, "oscal-component-definition-oscal-metadata:published" : { "title" : "Publication Timestamp", - "description" : "The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", + "description" : "The date and time the document was last made available.", "$id" : "#field_oscal-metadata_published", "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-component-definition-oscal-metadata:last-modified" : { "title" : "Last Modified Timestamp", - "description" : "The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", + "description" : "The date and time the document was last stored for later retrieval.", "$id" : "#field_oscal-metadata_last-modified", "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-component-definition-oscal-metadata:version" : { "title" : "Document Version", - "description" : "A string used to distinguish the current version of the document from other previous (and future) versions.", + "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", "$id" : "#field_oscal-metadata_version", "$ref" : "#/definitions/StringDatatype" }, "oscal-component-definition-oscal-metadata:oscal-version" : - { "title" : "OSCAL version", - "description" : "The OSCAL model version the document was authored against.", + { "title" : "OSCAL Version", + "description" : "The OSCAL model version the document was authored against and will conform to as valid.", "$id" : "#field_oscal-metadata_oscal-version", "$ref" : "#/definitions/StringDatatype" }, "oscal-component-definition-oscal-metadata:email-address" : @@ -1244,7 +1236,7 @@ "$ref" : "#/definitions/EmailAddressDatatype" }, "oscal-component-definition-oscal-metadata:telephone-number" : { "title" : "Telephone Number", - "description" : "Contact number by telephone.", + "description" : "A telephone service number as defined by ITU-T E.164.", "$id" : "#field_oscal-metadata_telephone-number", "type" : "object", "properties" : @@ -1278,11 +1270,11 @@ "$ref" : "#/definitions/StringDatatype" }, "state" : { "title" : "State", - "description" : "State, province or analogous geographical region for mailing address", + "description" : "State, province or analogous geographical region for a mailing address.", "$ref" : "#/definitions/StringDatatype" }, "postal-code" : { "title" : "Postal Code", - "description" : "Postal or ZIP code for mailing address", + "description" : "Postal or ZIP code for mailing address.", "$ref" : "#/definitions/StringDatatype" }, "country" : { "title" : "Country Code", @@ -1296,7 +1288,7 @@ "$ref" : "#/definitions/StringDatatype" }, "oscal-component-definition-oscal-metadata:document-id" : { "title" : "Document Identifier", - "description" : "A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of \"document-id\" is equal to the value of the \"uuid\" flag of the top-level root element.", + "description" : "A document identifier qualified by an identifier scheme.", "$id" : "#field_oscal-metadata_document-id", "type" : "object", "properties" : @@ -1309,31 +1301,31 @@ "required" : [ "identifier" ], "additionalProperties" : false }, - "oscal-component-definition-oscal-catalog-common:part" : + "oscal-component-definition-oscal-control-common:part" : { "title" : "Part", - "description" : "A partition of a control's definition or a child of another part.", - "$id" : "#assembly_oscal-catalog-common_part", + "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", + "$id" : "#assembly_oscal-control-common_part", "type" : "object", "properties" : { "id" : { "title" : "Part Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for the part.", "$ref" : "#/definitions/TokenDatatype" }, "name" : { "title" : "Part Name", - "description" : "A textual label that uniquely identifies the part's semantic type.", + "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", "$ref" : "#/definitions/TokenDatatype" }, "ns" : { "title" : "Part Namespace", - "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", + "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", "$ref" : "#/definitions/URIDatatype" }, "class" : { "title" : "Part Class", - "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", + "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Part Title", - "description" : "A name given to the part, which may be used by a tool for display and navigation.", + "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", "type" : "string" }, "props" : { "type" : "array", @@ -1348,7 +1340,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_part" } }, + { "$ref" : "#assembly_oscal-control-common_part" } }, "links" : { "type" : "array", "minItems" : 1, @@ -1357,23 +1349,23 @@ "required" : [ "name" ], "additionalProperties" : false }, - "oscal-component-definition-oscal-catalog-common:parameter" : + "oscal-component-definition-oscal-control-common:parameter" : { "title" : "Parameter", "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", - "$id" : "#assembly_oscal-catalog-common_parameter", + "$id" : "#assembly_oscal-control-common_parameter", "type" : "object", "properties" : { "id" : { "title" : "Parameter Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for the parameter.", "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Parameter Class", - "description" : "A textual label that provides a characterization of the parameter.", + "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", "$ref" : "#/definitions/TokenDatatype" }, "depends-on" : { "title" : "Depends on", - "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", + "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", @@ -1391,34 +1383,34 @@ "type" : "string" }, "usage" : { "title" : "Parameter Usage Description", - "description" : "Describes the purpose and use of a parameter", + "description" : "Describes the purpose and use of a parameter.", "type" : "string" }, "constraints" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-constraint" } }, + { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, "guidelines" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-guideline" } }, + { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, "values" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#field_oscal-catalog-common_parameter-value" } }, + { "$ref" : "#field_oscal-control-common_parameter-value" } }, "select" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-selection" }, + { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : [ "id" ], "additionalProperties" : false }, - "oscal-component-definition-oscal-catalog-common:parameter-constraint" : + "oscal-component-definition-oscal-control-common:parameter-constraint" : { "title" : "Constraint", - "description" : "A formal or informal expression of a constraint or test", - "$id" : "#assembly_oscal-catalog-common_parameter-constraint", + "description" : "A formal or informal expression of a constraint or test.", + "$id" : "#assembly_oscal-control-common_parameter-constraint", "type" : "object", "properties" : { "description" : @@ -1435,7 +1427,7 @@ "properties" : { "expression" : { "title" : "Constraint test", - "description" : "A formal (executable) expression of a constraint", + "description" : "A formal (executable) expression of a constraint.", "$ref" : "#/definitions/StringDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, @@ -1443,10 +1435,10 @@ [ "expression" ], "additionalProperties" : false } } }, "additionalProperties" : false }, - "oscal-component-definition-oscal-catalog-common:parameter-guideline" : + "oscal-component-definition-oscal-control-common:parameter-guideline" : { "title" : "Guideline", "description" : "A prose statement that provides a recommendation for the use of a parameter.", - "$id" : "#assembly_oscal-catalog-common_parameter-guideline", + "$id" : "#assembly_oscal-control-common_parameter-guideline", "type" : "object", "properties" : { "prose" : @@ -1456,15 +1448,15 @@ "required" : [ "prose" ], "additionalProperties" : false }, - "oscal-component-definition-oscal-catalog-common:parameter-value" : + "oscal-component-definition-oscal-control-common:parameter-value" : { "title" : "Parameter Value", "description" : "A parameter value or set of values.", - "$id" : "#field_oscal-catalog-common_parameter-value", + "$id" : "#field_oscal-control-common_parameter-value", "$ref" : "#/definitions/StringDatatype" }, - "oscal-component-definition-oscal-catalog-common:parameter-selection" : + "oscal-component-definition-oscal-control-common:parameter-selection" : { "title" : "Selection", - "description" : "Presenting a choice among alternatives", - "$id" : "#assembly_oscal-catalog-common_parameter-selection", + "description" : "Presenting a choice among alternatives.", + "$id" : "#assembly_oscal-control-common_parameter-selection", "type" : "object", "properties" : { "how-many" : @@ -1482,13 +1474,13 @@ "minItems" : 1, "items" : { "title" : "Choice", - "description" : "A value selection among several such options", + "description" : "A value selection among several such options.", "type" : "string" } } }, "additionalProperties" : false }, - "oscal-component-definition-oscal-catalog-common:include-all" : + "oscal-component-definition-oscal-control-common:include-all" : { "title" : "Include All", "description" : "Include all controls from the imported catalog or profile resources.", - "$id" : "#assembly_oscal-catalog-common_include-all", + "$id" : "#assembly_oscal-control-common_include-all", "type" : "object", "additionalProperties" : false }, "Base64Datatype" : diff --git a/json/schema/oscal_mapping_schema.json b/json/schema/oscal_mapping_schema.json index d7feaf047c..b0b946b972 100644 --- a/json/schema/oscal_mapping_schema.json +++ b/json/schema/oscal_mapping_schema.json @@ -58,8 +58,8 @@ "maps" ], "additionalProperties" : false }, "oscal-mapping-oscal-metadata:metadata" : - { "title" : "Publication metadata", - "description" : "Provides information about the publication and availability of the containing document.", + { "title" : "Document Metadata", + "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", "$id" : "#assembly_oscal-metadata_metadata", "type" : "object", "properties" : @@ -79,7 +79,37 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_revision" } }, + { "title" : "Revision History Entry", + "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "version" ], + "additionalProperties" : false } }, "document-ids" : { "type" : "array", "minItems" : 1, @@ -99,17 +129,183 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_role" } }, + { "title" : "Role", + "description" : "Defines a function, which might be assigned to a party in a specific situation.", + "type" : "object", + "properties" : + { "id" : + { "title" : "Role Identifier", + "description" : "A unique identifier for the role.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Role Title", + "description" : "A name given to the role, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "Role Short Name", + "description" : "A short common name, abbreviation, or acronym for the role.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "Role Description", + "description" : "A summary of the role's purpose and associated responsibilities.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id", + "title" ], + "additionalProperties" : false } }, "locations" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_location" } }, + { "title" : "Location", + "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Location Universally Unique Identifier", + "description" : "A unique ID for the location, for reference.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Location Title", + "description" : "A name given to the location, which may be used by a tool for display and navigation.", + "type" : "string" }, + "address" : + { "$ref" : "#assembly_oscal-metadata_address" }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "urls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location URL", + "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", + "$ref" : "#/definitions/URIDatatype" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } }, "parties" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_party" } }, + { "title" : "Party", + "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Party Universally Unique Identifier", + "description" : "A unique identifier for the party.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Party Type", + "description" : "A category describing the kind of party the object describes.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, + "name" : + { "title" : "Party Name", + "description" : "The full name of the party. This is typically the legal name associated with the party.", + "$ref" : "#/definitions/StringDatatype" }, + "short-name" : + { "title" : "Party Short Name", + "description" : "A short common name, abbreviation, or acronym for the party.", + "$ref" : "#/definitions/StringDatatype" }, + "external-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party External Identifier", + "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "External Identifier Schema", + "description" : "Indicates the type of external identifier.", + "$ref" : "#/definitions/URIDatatype" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id", + "scheme" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_address" } }, + "location-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_location-uuid" } }, + "member-of-organizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Organizational Affiliation", + "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type" ], + "additionalProperties" : false } }, "responsible-parties" : { "type" : "array", "minItems" : 1, @@ -128,233 +324,24 @@ "version", "oscal-version" ], "additionalProperties" : false }, - "oscal-mapping-oscal-metadata:revision" : - { "title" : "Revision History Entry", - "description" : "An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first).", - "$id" : "#assembly_oscal-metadata_revision", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "version" ], - "additionalProperties" : false }, - "oscal-mapping-oscal-metadata:location" : - { "title" : "Location", - "description" : "A location, with associated metadata that can be referenced.", - "$id" : "#assembly_oscal-metadata_location", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Location Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Location Title", - "description" : "A name given to the location, which may be used by a tool for display and navigation.", - "type" : "string" }, - "address" : - { "$ref" : "#assembly_oscal-metadata_address" }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "urls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location URL", - "description" : "The uniform resource locator (URL) for a web site or Internet presence associated with the location.", - "$ref" : "#/definitions/URIDatatype" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "address" ], - "additionalProperties" : false }, "oscal-mapping-oscal-metadata:location-uuid" : - { "title" : "Location Reference", - "description" : "A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + { "title" : "Location Universally Unique Identifier Reference", + "description" : "Reference to a location by UUID.", "$id" : "#field_oscal-metadata_location-uuid", "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-mapping-oscal-metadata:party" : - { "title" : "Party (organization or person)", - "description" : "A responsible entity which is either a person or an organization.", - "$id" : "#assembly_oscal-metadata_party", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Party Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Party Type", - "description" : "A category describing the kind of party the object describes.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "person", - "organization" ] } ] }, - "name" : - { "title" : "Party Name", - "description" : "The full name of the party. This is typically the legal name associated with the party.", - "$ref" : "#/definitions/StringDatatype" }, - "short-name" : - { "title" : "Party Short Name", - "description" : "A short common name, abbreviation, or acronym for the party.", - "$ref" : "#/definitions/StringDatatype" }, - "external-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party External Identifier", - "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID)", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "External Identifier Schema", - "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id", - "scheme" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_address" } }, - "location-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_location-uuid" } }, - "member-of-organizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Organizational Affiliation", - "description" : "A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "$ref" : "#/definitions/UUIDDatatype" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type" ], - "additionalProperties" : false }, "oscal-mapping-oscal-metadata:party-uuid" : - { "title" : "Party Reference", - "description" : "A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + { "title" : "Party Universally Unique Identifier Reference", + "description" : "Reference to a party by UUID.", "$id" : "#field_oscal-metadata_party-uuid", "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-mapping-oscal-metadata:role" : - { "title" : "Role", - "description" : "Defines a function assumed or expected to be assumed by a party in a specific situation.", - "$id" : "#assembly_oscal-metadata_role", - "type" : "object", - "properties" : - { "id" : - { "title" : "Role Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Role Title", - "description" : "A name given to the role, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "Role Short Name", - "description" : "A short common name, abbreviation, or acronym for the role.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "Role Description", - "description" : "A summary of the role's purpose and associated responsibilities.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id", - "title" ], - "additionalProperties" : false }, "oscal-mapping-oscal-metadata:role-id" : { "title" : "Role Identifier Reference", - "description" : "A human-oriented identifier reference to roles served by the user.", + "description" : "Reference to a role by UUID.", "$id" : "#field_oscal-metadata_role-id", "$ref" : "#/definitions/TokenDatatype" }, "oscal-mapping-oscal-metadata:back-matter" : { "title" : "Back matter", - "description" : "A collection of resources, which may be included directly or by reference.", + "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", "$id" : "#assembly_oscal-metadata_back-matter", "type" : "object", "properties" : @@ -363,20 +350,20 @@ "minItems" : 1, "items" : { "title" : "Resource", - "description" : "A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources.", + "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", "type" : "object", "properties" : { "uuid" : { "title" : "Resource Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for a resource.", "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Resource Title", - "description" : "A name given to the resource, which may be used by a tool for display and navigation.", + "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", "type" : "string" }, "description" : { "title" : "Resource Description", - "description" : "A short summary of the resource used to indicate the purpose of the resource.", + "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", "type" : "string" }, "props" : { "type" : "array", @@ -390,7 +377,7 @@ { "$ref" : "#field_oscal-metadata_document-id" } }, "citation" : { "title" : "Citation", - "description" : "A citation consisting of end note text and optional structured bibliographic data.", + "description" : "An optional citation consisting of end note text using structured markup.", "type" : "object", "properties" : { "text" : @@ -415,16 +402,16 @@ "minItems" : 1, "items" : { "title" : "Resource link", - "description" : "A pointer to an external resource with an optional hash for verification and change detection.", + "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", "type" : "object", "properties" : { "href" : { "title" : "Hypertext Reference", - "description" : "A resolvable URI reference to a resource.", + "description" : "A resolvable URL pointing to the referenced resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "hashes" : { "type" : "array", @@ -436,16 +423,16 @@ "additionalProperties" : false } }, "base64" : { "title" : "Base64", - "description" : "The Base64 alphabet in RFC 2045 - aligned with XSD.", + "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", "type" : "object", "properties" : { "filename" : { "title" : "File Name", "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "$ref" : "#/definitions/URIReferenceDatatype" }, + "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, @@ -460,17 +447,22 @@ "additionalProperties" : false }, "oscal-mapping-oscal-metadata:property" : { "title" : "Property", - "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values.", + "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", "$id" : "#assembly_oscal-metadata_property", "type" : "object", "properties" : { "name" : { "title" : "Property Name", - "description" : "A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "$ref" : "#/definitions/TokenDatatype" }, + "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "marking" ] } ] }, "uuid" : { "title" : "Property Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for a property.", "$ref" : "#/definitions/UUIDDatatype" }, "ns" : { "title" : "Property Namespace", @@ -482,7 +474,7 @@ "$ref" : "#/definitions/StringDatatype" }, "class" : { "title" : "Property Class", - "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", + "description" : "A textual label that provides a sub-type or characterization of the property's name.", "$ref" : "#/definitions/TokenDatatype" }, "group" : { "title" : "Property Group", @@ -496,7 +488,7 @@ "additionalProperties" : false }, "oscal-mapping-oscal-metadata:link" : { "title" : "Link", - "description" : "A reference to a local or remote resource", + "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", "$id" : "#assembly_oscal-metadata_link", "type" : "object", "properties" : @@ -505,12 +497,12 @@ "description" : "A resolvable URL reference to a resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, "rel" : - { "title" : "Relation", - "description" : "Describes the type of relationship provided by the link. This can be an indicator of the link's purpose.", + { "title" : "Link Relation Type", + "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", @@ -521,13 +513,13 @@ "additionalProperties" : false }, "oscal-mapping-oscal-metadata:responsible-party" : { "title" : "Responsible Party", - "description" : "A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object.", + "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", "$id" : "#assembly_oscal-metadata_responsible-party", "type" : "object", "properties" : { "role-id" : { "title" : "Responsible Role", - "description" : "A human-oriented identifier reference to roles served by the user.", + "description" : "A reference to a role performed by a party.", "$ref" : "#/definitions/TokenDatatype" }, "party-uuids" : { "type" : "array", @@ -596,13 +588,13 @@ "additionalProperties" : false }, "oscal-mapping-oscal-metadata:responsible-role" : { "title" : "Responsible Role", - "description" : "A reference to one or more roles with responsibility for performing a function relative to the containing object.", + "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", "$id" : "#assembly_oscal-metadata_responsible-role", "type" : "object", "properties" : { "role-id" : { "title" : "Responsible Role ID", - "description" : "A human-oriented identifier reference to roles responsible for the business function.", + "description" : "A human-oriented identifier reference to a role performed.", "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", @@ -632,7 +624,7 @@ "properties" : { "algorithm" : { "title" : "Hash algorithm", - "description" : "Method by which a hash is derived", + "description" : "The digest method by which a hash is derived.", "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, @@ -642,27 +634,27 @@ "additionalProperties" : false }, "oscal-mapping-oscal-metadata:remarks" : { "title" : "Remarks", - "description" : "Additional commentary on the containing object.", + "description" : "Additional commentary about the containing object.", "$id" : "#field_oscal-metadata_remarks", "type" : "string" }, "oscal-mapping-oscal-metadata:published" : { "title" : "Publication Timestamp", - "description" : "The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", + "description" : "The date and time the document was last made available.", "$id" : "#field_oscal-metadata_published", "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-mapping-oscal-metadata:last-modified" : { "title" : "Last Modified Timestamp", - "description" : "The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", + "description" : "The date and time the document was last stored for later retrieval.", "$id" : "#field_oscal-metadata_last-modified", "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-mapping-oscal-metadata:version" : { "title" : "Document Version", - "description" : "A string used to distinguish the current version of the document from other previous (and future) versions.", + "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", "$id" : "#field_oscal-metadata_version", "$ref" : "#/definitions/StringDatatype" }, "oscal-mapping-oscal-metadata:oscal-version" : - { "title" : "OSCAL version", - "description" : "The OSCAL model version the document was authored against.", + { "title" : "OSCAL Version", + "description" : "The OSCAL model version the document was authored against and will conform to as valid.", "$id" : "#field_oscal-metadata_oscal-version", "$ref" : "#/definitions/StringDatatype" }, "oscal-mapping-oscal-metadata:email-address" : @@ -672,7 +664,7 @@ "$ref" : "#/definitions/EmailAddressDatatype" }, "oscal-mapping-oscal-metadata:telephone-number" : { "title" : "Telephone Number", - "description" : "Contact number by telephone.", + "description" : "A telephone service number as defined by ITU-T E.164.", "$id" : "#field_oscal-metadata_telephone-number", "type" : "object", "properties" : @@ -706,11 +698,11 @@ "$ref" : "#/definitions/StringDatatype" }, "state" : { "title" : "State", - "description" : "State, province or analogous geographical region for mailing address", + "description" : "State, province or analogous geographical region for a mailing address.", "$ref" : "#/definitions/StringDatatype" }, "postal-code" : { "title" : "Postal Code", - "description" : "Postal or ZIP code for mailing address", + "description" : "Postal or ZIP code for mailing address.", "$ref" : "#/definitions/StringDatatype" }, "country" : { "title" : "Country Code", @@ -724,7 +716,7 @@ "$ref" : "#/definitions/StringDatatype" }, "oscal-mapping-oscal-metadata:document-id" : { "title" : "Document Identifier", - "description" : "A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of \"document-id\" is equal to the value of the \"uuid\" flag of the top-level root element.", + "description" : "A document identifier qualified by an identifier scheme.", "$id" : "#field_oscal-metadata_document-id", "type" : "object", "properties" : @@ -833,7 +825,7 @@ "additionalProperties" : false }, "oscal-mapping-oscal-mapping-common:mapping-resource-reference" : { "title" : "Mapped Resource Reference", - "description" : "A reference to a back-matter resource that is either the source or target of a mapping.", + "description" : "A reference to a resource that is either the source or target of a mapping.", "$id" : "#assembly_oscal-mapping-common_mapping-resource-reference", "type" : "object", "properties" : diff --git a/json/schema/oscal_poam_schema.json b/json/schema/oscal_poam_schema.json index 8fbc2f3058..68483162f3 100644 --- a/json/schema/oscal_poam_schema.json +++ b/json/schema/oscal_poam_schema.json @@ -146,8 +146,8 @@ "description" ], "additionalProperties" : false }, "oscal-poam-oscal-metadata:metadata" : - { "title" : "Publication metadata", - "description" : "Provides information about the publication and availability of the containing document.", + { "title" : "Document Metadata", + "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", "$id" : "#assembly_oscal-metadata_metadata", "type" : "object", "properties" : @@ -167,7 +167,37 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_revision" } }, + { "title" : "Revision History Entry", + "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "version" ], + "additionalProperties" : false } }, "document-ids" : { "type" : "array", "minItems" : 1, @@ -187,17 +217,183 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_role" } }, + { "title" : "Role", + "description" : "Defines a function, which might be assigned to a party in a specific situation.", + "type" : "object", + "properties" : + { "id" : + { "title" : "Role Identifier", + "description" : "A unique identifier for the role.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Role Title", + "description" : "A name given to the role, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "Role Short Name", + "description" : "A short common name, abbreviation, or acronym for the role.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "Role Description", + "description" : "A summary of the role's purpose and associated responsibilities.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id", + "title" ], + "additionalProperties" : false } }, "locations" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_location" } }, + { "title" : "Location", + "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Location Universally Unique Identifier", + "description" : "A unique ID for the location, for reference.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Location Title", + "description" : "A name given to the location, which may be used by a tool for display and navigation.", + "type" : "string" }, + "address" : + { "$ref" : "#assembly_oscal-metadata_address" }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "urls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location URL", + "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", + "$ref" : "#/definitions/URIDatatype" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } }, "parties" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_party" } }, + { "title" : "Party", + "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Party Universally Unique Identifier", + "description" : "A unique identifier for the party.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Party Type", + "description" : "A category describing the kind of party the object describes.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, + "name" : + { "title" : "Party Name", + "description" : "The full name of the party. This is typically the legal name associated with the party.", + "$ref" : "#/definitions/StringDatatype" }, + "short-name" : + { "title" : "Party Short Name", + "description" : "A short common name, abbreviation, or acronym for the party.", + "$ref" : "#/definitions/StringDatatype" }, + "external-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party External Identifier", + "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "External Identifier Schema", + "description" : "Indicates the type of external identifier.", + "$ref" : "#/definitions/URIDatatype" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id", + "scheme" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_address" } }, + "location-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_location-uuid" } }, + "member-of-organizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Organizational Affiliation", + "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type" ], + "additionalProperties" : false } }, "responsible-parties" : { "type" : "array", "minItems" : 1, @@ -216,233 +412,24 @@ "version", "oscal-version" ], "additionalProperties" : false }, - "oscal-poam-oscal-metadata:revision" : - { "title" : "Revision History Entry", - "description" : "An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first).", - "$id" : "#assembly_oscal-metadata_revision", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "version" ], - "additionalProperties" : false }, - "oscal-poam-oscal-metadata:location" : - { "title" : "Location", - "description" : "A location, with associated metadata that can be referenced.", - "$id" : "#assembly_oscal-metadata_location", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Location Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Location Title", - "description" : "A name given to the location, which may be used by a tool for display and navigation.", - "type" : "string" }, - "address" : - { "$ref" : "#assembly_oscal-metadata_address" }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "urls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location URL", - "description" : "The uniform resource locator (URL) for a web site or Internet presence associated with the location.", - "$ref" : "#/definitions/URIDatatype" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "address" ], - "additionalProperties" : false }, "oscal-poam-oscal-metadata:location-uuid" : - { "title" : "Location Reference", - "description" : "A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + { "title" : "Location Universally Unique Identifier Reference", + "description" : "Reference to a location by UUID.", "$id" : "#field_oscal-metadata_location-uuid", "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-poam-oscal-metadata:party" : - { "title" : "Party (organization or person)", - "description" : "A responsible entity which is either a person or an organization.", - "$id" : "#assembly_oscal-metadata_party", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Party Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Party Type", - "description" : "A category describing the kind of party the object describes.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "person", - "organization" ] } ] }, - "name" : - { "title" : "Party Name", - "description" : "The full name of the party. This is typically the legal name associated with the party.", - "$ref" : "#/definitions/StringDatatype" }, - "short-name" : - { "title" : "Party Short Name", - "description" : "A short common name, abbreviation, or acronym for the party.", - "$ref" : "#/definitions/StringDatatype" }, - "external-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party External Identifier", - "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID)", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "External Identifier Schema", - "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id", - "scheme" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_address" } }, - "location-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_location-uuid" } }, - "member-of-organizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Organizational Affiliation", - "description" : "A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "$ref" : "#/definitions/UUIDDatatype" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type" ], - "additionalProperties" : false }, "oscal-poam-oscal-metadata:party-uuid" : - { "title" : "Party Reference", - "description" : "A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + { "title" : "Party Universally Unique Identifier Reference", + "description" : "Reference to a party by UUID.", "$id" : "#field_oscal-metadata_party-uuid", "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-poam-oscal-metadata:role" : - { "title" : "Role", - "description" : "Defines a function assumed or expected to be assumed by a party in a specific situation.", - "$id" : "#assembly_oscal-metadata_role", - "type" : "object", - "properties" : - { "id" : - { "title" : "Role Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Role Title", - "description" : "A name given to the role, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "Role Short Name", - "description" : "A short common name, abbreviation, or acronym for the role.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "Role Description", - "description" : "A summary of the role's purpose and associated responsibilities.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id", - "title" ], - "additionalProperties" : false }, "oscal-poam-oscal-metadata:role-id" : { "title" : "Role Identifier Reference", - "description" : "A human-oriented identifier reference to roles served by the user.", + "description" : "Reference to a role by UUID.", "$id" : "#field_oscal-metadata_role-id", "$ref" : "#/definitions/TokenDatatype" }, "oscal-poam-oscal-metadata:back-matter" : { "title" : "Back matter", - "description" : "A collection of resources, which may be included directly or by reference.", + "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", "$id" : "#assembly_oscal-metadata_back-matter", "type" : "object", "properties" : @@ -451,20 +438,20 @@ "minItems" : 1, "items" : { "title" : "Resource", - "description" : "A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources.", + "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", "type" : "object", "properties" : { "uuid" : { "title" : "Resource Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for a resource.", "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Resource Title", - "description" : "A name given to the resource, which may be used by a tool for display and navigation.", + "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", "type" : "string" }, "description" : { "title" : "Resource Description", - "description" : "A short summary of the resource used to indicate the purpose of the resource.", + "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", "type" : "string" }, "props" : { "type" : "array", @@ -478,7 +465,7 @@ { "$ref" : "#field_oscal-metadata_document-id" } }, "citation" : { "title" : "Citation", - "description" : "A citation consisting of end note text and optional structured bibliographic data.", + "description" : "An optional citation consisting of end note text using structured markup.", "type" : "object", "properties" : { "text" : @@ -503,16 +490,16 @@ "minItems" : 1, "items" : { "title" : "Resource link", - "description" : "A pointer to an external resource with an optional hash for verification and change detection.", + "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", "type" : "object", "properties" : { "href" : { "title" : "Hypertext Reference", - "description" : "A resolvable URI reference to a resource.", + "description" : "A resolvable URL pointing to the referenced resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "hashes" : { "type" : "array", @@ -524,16 +511,16 @@ "additionalProperties" : false } }, "base64" : { "title" : "Base64", - "description" : "The Base64 alphabet in RFC 2045 - aligned with XSD.", + "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", "type" : "object", "properties" : { "filename" : { "title" : "File Name", "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "$ref" : "#/definitions/URIReferenceDatatype" }, + "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, @@ -548,17 +535,22 @@ "additionalProperties" : false }, "oscal-poam-oscal-metadata:property" : { "title" : "Property", - "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values.", + "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", "$id" : "#assembly_oscal-metadata_property", "type" : "object", "properties" : { "name" : { "title" : "Property Name", - "description" : "A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "$ref" : "#/definitions/TokenDatatype" }, + "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "marking" ] } ] }, "uuid" : { "title" : "Property Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for a property.", "$ref" : "#/definitions/UUIDDatatype" }, "ns" : { "title" : "Property Namespace", @@ -570,7 +562,7 @@ "$ref" : "#/definitions/StringDatatype" }, "class" : { "title" : "Property Class", - "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", + "description" : "A textual label that provides a sub-type or characterization of the property's name.", "$ref" : "#/definitions/TokenDatatype" }, "group" : { "title" : "Property Group", @@ -584,7 +576,7 @@ "additionalProperties" : false }, "oscal-poam-oscal-metadata:link" : { "title" : "Link", - "description" : "A reference to a local or remote resource", + "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", "$id" : "#assembly_oscal-metadata_link", "type" : "object", "properties" : @@ -593,12 +585,12 @@ "description" : "A resolvable URL reference to a resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, "rel" : - { "title" : "Relation", - "description" : "Describes the type of relationship provided by the link. This can be an indicator of the link's purpose.", + { "title" : "Link Relation Type", + "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", @@ -609,13 +601,13 @@ "additionalProperties" : false }, "oscal-poam-oscal-metadata:responsible-party" : { "title" : "Responsible Party", - "description" : "A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object.", + "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", "$id" : "#assembly_oscal-metadata_responsible-party", "type" : "object", "properties" : { "role-id" : { "title" : "Responsible Role", - "description" : "A human-oriented identifier reference to roles served by the user.", + "description" : "A reference to a role performed by a party.", "$ref" : "#/definitions/TokenDatatype" }, "party-uuids" : { "type" : "array", @@ -684,13 +676,13 @@ "additionalProperties" : false }, "oscal-poam-oscal-metadata:responsible-role" : { "title" : "Responsible Role", - "description" : "A reference to one or more roles with responsibility for performing a function relative to the containing object.", + "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", "$id" : "#assembly_oscal-metadata_responsible-role", "type" : "object", "properties" : { "role-id" : { "title" : "Responsible Role ID", - "description" : "A human-oriented identifier reference to roles responsible for the business function.", + "description" : "A human-oriented identifier reference to a role performed.", "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", @@ -720,7 +712,7 @@ "properties" : { "algorithm" : { "title" : "Hash algorithm", - "description" : "Method by which a hash is derived", + "description" : "The digest method by which a hash is derived.", "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, @@ -730,27 +722,27 @@ "additionalProperties" : false }, "oscal-poam-oscal-metadata:remarks" : { "title" : "Remarks", - "description" : "Additional commentary on the containing object.", + "description" : "Additional commentary about the containing object.", "$id" : "#field_oscal-metadata_remarks", "type" : "string" }, "oscal-poam-oscal-metadata:published" : { "title" : "Publication Timestamp", - "description" : "The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", + "description" : "The date and time the document was last made available.", "$id" : "#field_oscal-metadata_published", "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-poam-oscal-metadata:last-modified" : { "title" : "Last Modified Timestamp", - "description" : "The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", + "description" : "The date and time the document was last stored for later retrieval.", "$id" : "#field_oscal-metadata_last-modified", "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-poam-oscal-metadata:version" : { "title" : "Document Version", - "description" : "A string used to distinguish the current version of the document from other previous (and future) versions.", + "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", "$id" : "#field_oscal-metadata_version", "$ref" : "#/definitions/StringDatatype" }, "oscal-poam-oscal-metadata:oscal-version" : - { "title" : "OSCAL version", - "description" : "The OSCAL model version the document was authored against.", + { "title" : "OSCAL Version", + "description" : "The OSCAL model version the document was authored against and will conform to as valid.", "$id" : "#field_oscal-metadata_oscal-version", "$ref" : "#/definitions/StringDatatype" }, "oscal-poam-oscal-metadata:email-address" : @@ -760,7 +752,7 @@ "$ref" : "#/definitions/EmailAddressDatatype" }, "oscal-poam-oscal-metadata:telephone-number" : { "title" : "Telephone Number", - "description" : "Contact number by telephone.", + "description" : "A telephone service number as defined by ITU-T E.164.", "$id" : "#field_oscal-metadata_telephone-number", "type" : "object", "properties" : @@ -794,11 +786,11 @@ "$ref" : "#/definitions/StringDatatype" }, "state" : { "title" : "State", - "description" : "State, province or analogous geographical region for mailing address", + "description" : "State, province or analogous geographical region for a mailing address.", "$ref" : "#/definitions/StringDatatype" }, "postal-code" : { "title" : "Postal Code", - "description" : "Postal or ZIP code for mailing address", + "description" : "Postal or ZIP code for mailing address.", "$ref" : "#/definitions/StringDatatype" }, "country" : { "title" : "Country Code", @@ -812,7 +804,7 @@ "$ref" : "#/definitions/StringDatatype" }, "oscal-poam-oscal-metadata:document-id" : { "title" : "Document Identifier", - "description" : "A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of \"document-id\" is equal to the value of the \"uuid\" flag of the top-level root element.", + "description" : "A document identifier qualified by an identifier scheme.", "$id" : "#field_oscal-metadata_document-id", "type" : "object", "properties" : @@ -1148,31 +1140,31 @@ "required" : [ "id" ], "additionalProperties" : false }, - "oscal-poam-oscal-catalog-common:part" : + "oscal-poam-oscal-control-common:part" : { "title" : "Part", - "description" : "A partition of a control's definition or a child of another part.", - "$id" : "#assembly_oscal-catalog-common_part", + "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", + "$id" : "#assembly_oscal-control-common_part", "type" : "object", "properties" : { "id" : { "title" : "Part Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for the part.", "$ref" : "#/definitions/TokenDatatype" }, "name" : { "title" : "Part Name", - "description" : "A textual label that uniquely identifies the part's semantic type.", + "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", "$ref" : "#/definitions/TokenDatatype" }, "ns" : { "title" : "Part Namespace", - "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", + "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", "$ref" : "#/definitions/URIDatatype" }, "class" : { "title" : "Part Class", - "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", + "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Part Title", - "description" : "A name given to the part, which may be used by a tool for display and navigation.", + "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", "type" : "string" }, "props" : { "type" : "array", @@ -1187,7 +1179,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_part" } }, + { "$ref" : "#assembly_oscal-control-common_part" } }, "links" : { "type" : "array", "minItems" : 1, @@ -1196,23 +1188,23 @@ "required" : [ "name" ], "additionalProperties" : false }, - "oscal-poam-oscal-catalog-common:parameter" : + "oscal-poam-oscal-control-common:parameter" : { "title" : "Parameter", "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", - "$id" : "#assembly_oscal-catalog-common_parameter", + "$id" : "#assembly_oscal-control-common_parameter", "type" : "object", "properties" : { "id" : { "title" : "Parameter Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for the parameter.", "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Parameter Class", - "description" : "A textual label that provides a characterization of the parameter.", + "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", "$ref" : "#/definitions/TokenDatatype" }, "depends-on" : { "title" : "Depends on", - "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", + "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", @@ -1230,34 +1222,34 @@ "type" : "string" }, "usage" : { "title" : "Parameter Usage Description", - "description" : "Describes the purpose and use of a parameter", + "description" : "Describes the purpose and use of a parameter.", "type" : "string" }, "constraints" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-constraint" } }, + { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, "guidelines" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-guideline" } }, + { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, "values" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#field_oscal-catalog-common_parameter-value" } }, + { "$ref" : "#field_oscal-control-common_parameter-value" } }, "select" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-selection" }, + { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : [ "id" ], "additionalProperties" : false }, - "oscal-poam-oscal-catalog-common:parameter-constraint" : + "oscal-poam-oscal-control-common:parameter-constraint" : { "title" : "Constraint", - "description" : "A formal or informal expression of a constraint or test", - "$id" : "#assembly_oscal-catalog-common_parameter-constraint", + "description" : "A formal or informal expression of a constraint or test.", + "$id" : "#assembly_oscal-control-common_parameter-constraint", "type" : "object", "properties" : { "description" : @@ -1274,7 +1266,7 @@ "properties" : { "expression" : { "title" : "Constraint test", - "description" : "A formal (executable) expression of a constraint", + "description" : "A formal (executable) expression of a constraint.", "$ref" : "#/definitions/StringDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, @@ -1282,10 +1274,10 @@ [ "expression" ], "additionalProperties" : false } } }, "additionalProperties" : false }, - "oscal-poam-oscal-catalog-common:parameter-guideline" : + "oscal-poam-oscal-control-common:parameter-guideline" : { "title" : "Guideline", "description" : "A prose statement that provides a recommendation for the use of a parameter.", - "$id" : "#assembly_oscal-catalog-common_parameter-guideline", + "$id" : "#assembly_oscal-control-common_parameter-guideline", "type" : "object", "properties" : { "prose" : @@ -1295,15 +1287,15 @@ "required" : [ "prose" ], "additionalProperties" : false }, - "oscal-poam-oscal-catalog-common:parameter-value" : + "oscal-poam-oscal-control-common:parameter-value" : { "title" : "Parameter Value", "description" : "A parameter value or set of values.", - "$id" : "#field_oscal-catalog-common_parameter-value", + "$id" : "#field_oscal-control-common_parameter-value", "$ref" : "#/definitions/StringDatatype" }, - "oscal-poam-oscal-catalog-common:parameter-selection" : + "oscal-poam-oscal-control-common:parameter-selection" : { "title" : "Selection", - "description" : "Presenting a choice among alternatives", - "$id" : "#assembly_oscal-catalog-common_parameter-selection", + "description" : "Presenting a choice among alternatives.", + "$id" : "#assembly_oscal-control-common_parameter-selection", "type" : "object", "properties" : { "how-many" : @@ -1321,13 +1313,13 @@ "minItems" : 1, "items" : { "title" : "Choice", - "description" : "A value selection among several such options", + "description" : "A value selection among several such options.", "type" : "string" } } }, "additionalProperties" : false }, - "oscal-poam-oscal-catalog-common:include-all" : + "oscal-poam-oscal-control-common:include-all" : { "title" : "Include All", "description" : "Include all controls from the imported catalog or profile resources.", - "$id" : "#assembly_oscal-catalog-common_include-all", + "$id" : "#assembly_oscal-control-common_include-all", "type" : "object", "additionalProperties" : false }, "oscal-poam-oscal-assessment-common:import-ssp" : @@ -1353,7 +1345,7 @@ "properties" : { "control-id" : { "title" : "Control Identifier Reference", - "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", "$ref" : "#/definitions/TokenDatatype" }, "description" : { "title" : "Objective Description", @@ -1373,7 +1365,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_part" } }, + { "$ref" : "#assembly_oscal-control-common_part" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1710,7 +1702,7 @@ "items" : { "$ref" : "#assembly_oscal-metadata_link" } }, "include-all" : - { "$ref" : "#assembly_oscal-catalog-common_include-all" }, + { "$ref" : "#assembly_oscal-control-common_include-all" }, "include-controls" : { "type" : "array", "minItems" : 1, @@ -1747,7 +1739,7 @@ "items" : { "$ref" : "#assembly_oscal-metadata_link" } }, "include-all" : - { "$ref" : "#assembly_oscal-catalog-common_include-all" }, + { "$ref" : "#assembly_oscal-control-common_include-all" }, "include-objectives" : { "type" : "array", "minItems" : 1, @@ -1774,7 +1766,7 @@ "properties" : { "control-id" : { "title" : "Control Identifier Reference", - "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", "$ref" : "#/definitions/TokenDatatype" }, "statement-ids" : { "type" : "array", @@ -1869,7 +1861,7 @@ "items" : { "$ref" : "#assembly_oscal-metadata_link" } }, "include-all" : - { "$ref" : "#assembly_oscal-catalog-common_include-all" }, + { "$ref" : "#assembly_oscal-control-common_include-all" }, "include-subjects" : { "type" : "array", "minItems" : 1, diff --git a/json/schema/oscal_profile_schema.json b/json/schema/oscal_profile_schema.json index e7c75bf559..9dd4defa63 100644 --- a/json/schema/oscal_profile_schema.json +++ b/json/schema/oscal_profile_schema.json @@ -6,13 +6,13 @@ "definitions" : { "oscal-profile-oscal-profile:profile" : { "title" : "Profile", - "description" : "Each OSCAL profile is defined by a Profile element", + "description" : "Each OSCAL profile is defined by a profile element.", "$id" : "#assembly_oscal-profile_profile", "type" : "object", "properties" : { "uuid" : { "title" : "Profile Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this profile elsewhere in this or other OSCAL instances. The locally defined UUID of the profile can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This identifier should be assigned per-subject, which means it should be consistently used to identify the same profile across revisions of the document.", + "description" : "Provides a globally unique means to identify a given profile instance.", "$ref" : "#/definitions/UUIDDatatype" }, "metadata" : { "$ref" : "#assembly_oscal-metadata_metadata" }, @@ -33,8 +33,8 @@ "imports" ], "additionalProperties" : false }, "oscal-profile-oscal-profile:import" : - { "title" : "Import resource", - "description" : "The import designates a catalog or profile to be included (referenced and potentially modified) by this profile. The import also identifies which controls to select using the include-all, include-controls, and exclude-controls directives.", + { "title" : "Import Resource", + "description" : "Designates a referenced source catalog or profile that provides a source of control information for use in creating a new overlay or baseline.", "$id" : "#assembly_oscal-profile_import", "type" : "object", "properties" : @@ -43,7 +43,7 @@ "description" : "A resolvable URL reference to the base catalog or profile that this profile is tailoring.", "$ref" : "#/definitions/URIReferenceDatatype" }, "include-all" : - { "$ref" : "#assembly_oscal-catalog-common_include-all" }, + { "$ref" : "#assembly_oscal-control-common_include-all" }, "include-controls" : { "type" : "array", "minItems" : 1, @@ -58,19 +58,19 @@ [ "href" ], "additionalProperties" : false }, "oscal-profile-oscal-profile:merge" : - { "title" : "Merge controls", - "description" : "A Merge element provides structuring directives that drive how controls are organized after resolution.", + { "title" : "Merge Controls", + "description" : "Provides structuring directives that instruct how controls are organized after profile resolution.", "$id" : "#assembly_oscal-profile_merge", "type" : "object", "properties" : { "combine" : - { "title" : "Combination rule", - "description" : "A Combine element defines how to combine multiple (competing) versions of the same control.", + { "title" : "Combination Rule", + "description" : "A Combine element defines how to resolve duplicate instances of the same control (e.g., controls with the same ID).", "type" : "object", "properties" : { "method" : - { "title" : "Combination method", - "description" : "How clashing controls should be handled", + { "title" : "Combination Method", + "description" : "Declare how clashing controls should be handled.", "allOf" : [ { "$ref" : "#/definitions/StringDatatype" }, @@ -81,17 +81,17 @@ "keep" ] } ] } }, "additionalProperties" : false }, "flat" : - { "title" : "Flat", - "description" : "Use the flat structuring method.", + { "title" : "Flat Without Grouping", + "description" : "Directs that controls appear without any grouping structure.", "type" : "object", "additionalProperties" : false }, "as-is" : - { "title" : "As-Is Structuring Directive", - "description" : "An As-is element indicates that the controls should be structured in resolution as they are structured in their source catalogs. It does not contain any elements or attributes.", + { "title" : "Group As-Is", + "description" : "Indicates that the controls selected should retain their original grouping as defined in the import source.", "$ref" : "#/definitions/BooleanDatatype" }, "custom" : - { "title" : "Custom grouping", - "description" : "A Custom element frames a structure for embedding represented controls in resolution.", + { "title" : "Custom Grouping", + "description" : "Provides an alternate grouping structure that selected controls will be placed in.", "type" : "object", "properties" : { "groups" : @@ -107,14 +107,14 @@ "additionalProperties" : false } }, "additionalProperties" : false }, "oscal-profile-oscal-profile:group" : - { "title" : "Control group", - "description" : "A group of (selected) controls or of groups of controls", + { "title" : "Control Group", + "description" : "A group of (selected) controls or of groups of controls.", "$id" : "#assembly_oscal-profile_group", "type" : "object", "properties" : { "id" : { "title" : "Group Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document.", + "description" : "Identifies the group.", "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Group Class", @@ -122,13 +122,13 @@ "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Group Title", - "description" : "A name given to the group, which may be used by a tool for display and navigation.", + "description" : "A name to be given to the group for use in display.", "type" : "string" }, "params" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter" } }, + { "$ref" : "#assembly_oscal-control-common_parameter" } }, "props" : { "type" : "array", "minItems" : 1, @@ -143,7 +143,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_part" } }, + { "$ref" : "#assembly_oscal-control-common_part" } }, "groups" : { "type" : "array", "minItems" : 1, @@ -158,8 +158,8 @@ [ "title" ], "additionalProperties" : false }, "oscal-profile-oscal-profile:modify" : - { "title" : "Modify controls", - "description" : "Set parameters or amend controls in resolution", + { "title" : "Modify Controls", + "description" : "Set parameters or amend controls in resolution.", "$id" : "#assembly_oscal-profile_modify", "type" : "object", "properties" : @@ -168,19 +168,19 @@ "minItems" : 1, "items" : { "title" : "Parameter Setting", - "description" : "A parameter setting, to be propagated to points of insertion", + "description" : "A parameter setting, to be propagated to points of insertion.", "type" : "object", "properties" : { "param-id" : { "title" : "Parameter ID", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "An identifier for the parameter.", "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Parameter Class", "description" : "A textual label that provides a characterization of the parameter.", "$ref" : "#/definitions/TokenDatatype" }, "depends-on" : - { "title" : "Depends on", + { "title" : "Depends On", "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", "$ref" : "#/definitions/TokenDatatype" }, "props" : @@ -199,25 +199,25 @@ "type" : "string" }, "usage" : { "title" : "Parameter Usage Description", - "description" : "Describes the purpose and use of a parameter", + "description" : "Describes the purpose and use of a parameter.", "type" : "string" }, "constraints" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-constraint" } }, + { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, "guidelines" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-guideline" } }, + { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, "values" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#field_oscal-catalog-common_parameter-value" } }, + { "$ref" : "#field_oscal-control-common_parameter-value" } }, "select" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-selection" } }, + { "$ref" : "#assembly_oscal-control-common_parameter-selection" } }, "required" : [ "param-id" ], "additionalProperties" : false } }, @@ -226,12 +226,12 @@ "minItems" : 1, "items" : { "title" : "Alteration", - "description" : "An Alter element specifies changes to be made to an included control when a profile is resolved.", + "description" : "Specifies changes to be made to an included control when a profile is resolved.", "type" : "object", "properties" : { "control-id" : { "title" : "Control Identifier Reference", - "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", "$ref" : "#/definitions/TokenDatatype" }, "removes" : { "type" : "array", @@ -243,7 +243,7 @@ "properties" : { "by-name" : { "title" : "Reference by (assigned) name", - "description" : "Identify items to remove by matching their assigned name", + "description" : "Identify items remove by matching their assigned name.", "$ref" : "#/definitions/TokenDatatype" }, "by-class" : { "title" : "Reference by class", @@ -255,7 +255,7 @@ "$ref" : "#/definitions/TokenDatatype" }, "by-item-name" : { "title" : "Item Name Reference", - "description" : "Identify items to remove by the name of the item's information element name, e.g. title or prop", + "description" : "Identify items to remove by the name of the item's information object name, e.g. title or prop.", "allOf" : [ { "$ref" : "#/definitions/TokenDatatype" }, @@ -277,12 +277,12 @@ "minItems" : 1, "items" : { "title" : "Addition", - "description" : "Specifies contents to be added into controls, in resolution", + "description" : "Specifies contents to be added into controls, in resolution.", "type" : "object", "properties" : { "position" : { "title" : "Position", - "description" : "Where to add the new content with respect to the targeted element (beside it or inside it)", + "description" : "Where to add the new content with respect to the targeted element (beside it or inside it).", "allOf" : [ { "$ref" : "#/definitions/TokenDatatype" }, @@ -304,7 +304,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter" } }, + { "$ref" : "#assembly_oscal-control-common_parameter" } }, "props" : { "type" : "array", "minItems" : 1, @@ -319,14 +319,14 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_part" } } }, + { "$ref" : "#assembly_oscal-control-common_part" } } }, "additionalProperties" : false } } }, "required" : [ "control-id" ], "additionalProperties" : false } } }, "additionalProperties" : false }, "oscal-profile-oscal-profile:insert-controls" : - { "title" : "Select controls", + { "title" : "Select Controls", "description" : "Specifies which controls to use in the containing context.", "$id" : "#assembly_oscal-profile_insert-controls", "type" : "object", @@ -343,7 +343,7 @@ "ascending", "descending" ] } ] }, "include-all" : - { "$ref" : "#assembly_oscal-catalog-common_include-all" }, + { "$ref" : "#assembly_oscal-control-common_include-all" }, "include-controls" : { "type" : "array", "minItems" : 1, @@ -356,13 +356,13 @@ { "$ref" : "#assembly_oscal-profile_select-control-by-id" } } }, "additionalProperties" : false }, "oscal-profile-oscal-profile:select-control-by-id" : - { "title" : "Call", - "description" : "Call a control by its ID", + { "title" : "Select Control", + "description" : "Select a control or controls from an imported control set.", "$id" : "#assembly_oscal-profile_select-control-by-id", "type" : "object", "properties" : { "with-child-controls" : - { "title" : "Include contained controls with control", + { "title" : "Include Contained Controls with Control", "description" : "When a control is included, whether its child (dependent) controls are also included.", "allOf" : [ @@ -376,14 +376,14 @@ "minItems" : 1, "items" : { "title" : "Match Controls by Identifier", - "description" : "", + "description" : "Selecting a control by its ID given as a literal.", "$ref" : "#/definitions/TokenDatatype" } }, "matching" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Match Controls by Pattern", - "description" : "Select controls by (regular expression) match on ID", + "description" : "Selecting a set of controls by matching their IDs with a wildcard pattern.", "type" : "object", "properties" : { "pattern" : @@ -393,8 +393,8 @@ "additionalProperties" : false } } }, "additionalProperties" : false }, "oscal-profile-oscal-metadata:metadata" : - { "title" : "Publication metadata", - "description" : "Provides information about the publication and availability of the containing document.", + { "title" : "Document Metadata", + "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", "$id" : "#assembly_oscal-metadata_metadata", "type" : "object", "properties" : @@ -414,7 +414,37 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_revision" } }, + { "title" : "Revision History Entry", + "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "version" ], + "additionalProperties" : false } }, "document-ids" : { "type" : "array", "minItems" : 1, @@ -434,17 +464,183 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_role" } }, + { "title" : "Role", + "description" : "Defines a function, which might be assigned to a party in a specific situation.", + "type" : "object", + "properties" : + { "id" : + { "title" : "Role Identifier", + "description" : "A unique identifier for the role.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Role Title", + "description" : "A name given to the role, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "Role Short Name", + "description" : "A short common name, abbreviation, or acronym for the role.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "Role Description", + "description" : "A summary of the role's purpose and associated responsibilities.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id", + "title" ], + "additionalProperties" : false } }, "locations" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_location" } }, + { "title" : "Location", + "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Location Universally Unique Identifier", + "description" : "A unique ID for the location, for reference.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Location Title", + "description" : "A name given to the location, which may be used by a tool for display and navigation.", + "type" : "string" }, + "address" : + { "$ref" : "#assembly_oscal-metadata_address" }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "urls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location URL", + "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", + "$ref" : "#/definitions/URIDatatype" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } }, "parties" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_party" } }, + { "title" : "Party", + "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Party Universally Unique Identifier", + "description" : "A unique identifier for the party.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Party Type", + "description" : "A category describing the kind of party the object describes.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, + "name" : + { "title" : "Party Name", + "description" : "The full name of the party. This is typically the legal name associated with the party.", + "$ref" : "#/definitions/StringDatatype" }, + "short-name" : + { "title" : "Party Short Name", + "description" : "A short common name, abbreviation, or acronym for the party.", + "$ref" : "#/definitions/StringDatatype" }, + "external-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party External Identifier", + "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "External Identifier Schema", + "description" : "Indicates the type of external identifier.", + "$ref" : "#/definitions/URIDatatype" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id", + "scheme" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_address" } }, + "location-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_location-uuid" } }, + "member-of-organizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Organizational Affiliation", + "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type" ], + "additionalProperties" : false } }, "responsible-parties" : { "type" : "array", "minItems" : 1, @@ -463,233 +659,24 @@ "version", "oscal-version" ], "additionalProperties" : false }, - "oscal-profile-oscal-metadata:revision" : - { "title" : "Revision History Entry", - "description" : "An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first).", - "$id" : "#assembly_oscal-metadata_revision", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "version" ], - "additionalProperties" : false }, - "oscal-profile-oscal-metadata:location" : - { "title" : "Location", - "description" : "A location, with associated metadata that can be referenced.", - "$id" : "#assembly_oscal-metadata_location", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Location Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Location Title", - "description" : "A name given to the location, which may be used by a tool for display and navigation.", - "type" : "string" }, - "address" : - { "$ref" : "#assembly_oscal-metadata_address" }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "urls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location URL", - "description" : "The uniform resource locator (URL) for a web site or Internet presence associated with the location.", - "$ref" : "#/definitions/URIDatatype" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "address" ], - "additionalProperties" : false }, "oscal-profile-oscal-metadata:location-uuid" : - { "title" : "Location Reference", - "description" : "A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + { "title" : "Location Universally Unique Identifier Reference", + "description" : "Reference to a location by UUID.", "$id" : "#field_oscal-metadata_location-uuid", "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-profile-oscal-metadata:party" : - { "title" : "Party (organization or person)", - "description" : "A responsible entity which is either a person or an organization.", - "$id" : "#assembly_oscal-metadata_party", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Party Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Party Type", - "description" : "A category describing the kind of party the object describes.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "person", - "organization" ] } ] }, - "name" : - { "title" : "Party Name", - "description" : "The full name of the party. This is typically the legal name associated with the party.", - "$ref" : "#/definitions/StringDatatype" }, - "short-name" : - { "title" : "Party Short Name", - "description" : "A short common name, abbreviation, or acronym for the party.", - "$ref" : "#/definitions/StringDatatype" }, - "external-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party External Identifier", - "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID)", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "External Identifier Schema", - "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id", - "scheme" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_address" } }, - "location-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_location-uuid" } }, - "member-of-organizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Organizational Affiliation", - "description" : "A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "$ref" : "#/definitions/UUIDDatatype" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type" ], - "additionalProperties" : false }, "oscal-profile-oscal-metadata:party-uuid" : - { "title" : "Party Reference", - "description" : "A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + { "title" : "Party Universally Unique Identifier Reference", + "description" : "Reference to a party by UUID.", "$id" : "#field_oscal-metadata_party-uuid", "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-profile-oscal-metadata:role" : - { "title" : "Role", - "description" : "Defines a function assumed or expected to be assumed by a party in a specific situation.", - "$id" : "#assembly_oscal-metadata_role", - "type" : "object", - "properties" : - { "id" : - { "title" : "Role Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Role Title", - "description" : "A name given to the role, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "Role Short Name", - "description" : "A short common name, abbreviation, or acronym for the role.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "Role Description", - "description" : "A summary of the role's purpose and associated responsibilities.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id", - "title" ], - "additionalProperties" : false }, "oscal-profile-oscal-metadata:role-id" : { "title" : "Role Identifier Reference", - "description" : "A human-oriented identifier reference to roles served by the user.", + "description" : "Reference to a role by UUID.", "$id" : "#field_oscal-metadata_role-id", "$ref" : "#/definitions/TokenDatatype" }, "oscal-profile-oscal-metadata:back-matter" : { "title" : "Back matter", - "description" : "A collection of resources, which may be included directly or by reference.", + "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", "$id" : "#assembly_oscal-metadata_back-matter", "type" : "object", "properties" : @@ -698,20 +685,20 @@ "minItems" : 1, "items" : { "title" : "Resource", - "description" : "A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources.", + "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", "type" : "object", "properties" : { "uuid" : { "title" : "Resource Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for a resource.", "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Resource Title", - "description" : "A name given to the resource, which may be used by a tool for display and navigation.", + "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", "type" : "string" }, "description" : { "title" : "Resource Description", - "description" : "A short summary of the resource used to indicate the purpose of the resource.", + "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", "type" : "string" }, "props" : { "type" : "array", @@ -725,7 +712,7 @@ { "$ref" : "#field_oscal-metadata_document-id" } }, "citation" : { "title" : "Citation", - "description" : "A citation consisting of end note text and optional structured bibliographic data.", + "description" : "An optional citation consisting of end note text using structured markup.", "type" : "object", "properties" : { "text" : @@ -750,16 +737,16 @@ "minItems" : 1, "items" : { "title" : "Resource link", - "description" : "A pointer to an external resource with an optional hash for verification and change detection.", + "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", "type" : "object", "properties" : { "href" : { "title" : "Hypertext Reference", - "description" : "A resolvable URI reference to a resource.", + "description" : "A resolvable URL pointing to the referenced resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "hashes" : { "type" : "array", @@ -771,16 +758,16 @@ "additionalProperties" : false } }, "base64" : { "title" : "Base64", - "description" : "The Base64 alphabet in RFC 2045 - aligned with XSD.", + "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", "type" : "object", "properties" : { "filename" : { "title" : "File Name", "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "$ref" : "#/definitions/URIReferenceDatatype" }, + "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, @@ -795,17 +782,22 @@ "additionalProperties" : false }, "oscal-profile-oscal-metadata:property" : { "title" : "Property", - "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values.", + "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", "$id" : "#assembly_oscal-metadata_property", "type" : "object", "properties" : { "name" : { "title" : "Property Name", - "description" : "A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "$ref" : "#/definitions/TokenDatatype" }, + "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "marking" ] } ] }, "uuid" : { "title" : "Property Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for a property.", "$ref" : "#/definitions/UUIDDatatype" }, "ns" : { "title" : "Property Namespace", @@ -817,7 +809,7 @@ "$ref" : "#/definitions/StringDatatype" }, "class" : { "title" : "Property Class", - "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", + "description" : "A textual label that provides a sub-type or characterization of the property's name.", "$ref" : "#/definitions/TokenDatatype" }, "group" : { "title" : "Property Group", @@ -831,7 +823,7 @@ "additionalProperties" : false }, "oscal-profile-oscal-metadata:link" : { "title" : "Link", - "description" : "A reference to a local or remote resource", + "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", "$id" : "#assembly_oscal-metadata_link", "type" : "object", "properties" : @@ -840,12 +832,12 @@ "description" : "A resolvable URL reference to a resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, "rel" : - { "title" : "Relation", - "description" : "Describes the type of relationship provided by the link. This can be an indicator of the link's purpose.", + { "title" : "Link Relation Type", + "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", @@ -856,13 +848,13 @@ "additionalProperties" : false }, "oscal-profile-oscal-metadata:responsible-party" : { "title" : "Responsible Party", - "description" : "A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object.", + "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", "$id" : "#assembly_oscal-metadata_responsible-party", "type" : "object", "properties" : { "role-id" : { "title" : "Responsible Role", - "description" : "A human-oriented identifier reference to roles served by the user.", + "description" : "A reference to a role performed by a party.", "$ref" : "#/definitions/TokenDatatype" }, "party-uuids" : { "type" : "array", @@ -931,13 +923,13 @@ "additionalProperties" : false }, "oscal-profile-oscal-metadata:responsible-role" : { "title" : "Responsible Role", - "description" : "A reference to one or more roles with responsibility for performing a function relative to the containing object.", + "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", "$id" : "#assembly_oscal-metadata_responsible-role", "type" : "object", "properties" : { "role-id" : { "title" : "Responsible Role ID", - "description" : "A human-oriented identifier reference to roles responsible for the business function.", + "description" : "A human-oriented identifier reference to a role performed.", "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", @@ -967,7 +959,7 @@ "properties" : { "algorithm" : { "title" : "Hash algorithm", - "description" : "Method by which a hash is derived", + "description" : "The digest method by which a hash is derived.", "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, @@ -977,27 +969,27 @@ "additionalProperties" : false }, "oscal-profile-oscal-metadata:remarks" : { "title" : "Remarks", - "description" : "Additional commentary on the containing object.", + "description" : "Additional commentary about the containing object.", "$id" : "#field_oscal-metadata_remarks", "type" : "string" }, "oscal-profile-oscal-metadata:published" : { "title" : "Publication Timestamp", - "description" : "The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", + "description" : "The date and time the document was last made available.", "$id" : "#field_oscal-metadata_published", "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-profile-oscal-metadata:last-modified" : { "title" : "Last Modified Timestamp", - "description" : "The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", + "description" : "The date and time the document was last stored for later retrieval.", "$id" : "#field_oscal-metadata_last-modified", "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-profile-oscal-metadata:version" : { "title" : "Document Version", - "description" : "A string used to distinguish the current version of the document from other previous (and future) versions.", + "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", "$id" : "#field_oscal-metadata_version", "$ref" : "#/definitions/StringDatatype" }, "oscal-profile-oscal-metadata:oscal-version" : - { "title" : "OSCAL version", - "description" : "The OSCAL model version the document was authored against.", + { "title" : "OSCAL Version", + "description" : "The OSCAL model version the document was authored against and will conform to as valid.", "$id" : "#field_oscal-metadata_oscal-version", "$ref" : "#/definitions/StringDatatype" }, "oscal-profile-oscal-metadata:email-address" : @@ -1007,7 +999,7 @@ "$ref" : "#/definitions/EmailAddressDatatype" }, "oscal-profile-oscal-metadata:telephone-number" : { "title" : "Telephone Number", - "description" : "Contact number by telephone.", + "description" : "A telephone service number as defined by ITU-T E.164.", "$id" : "#field_oscal-metadata_telephone-number", "type" : "object", "properties" : @@ -1041,11 +1033,11 @@ "$ref" : "#/definitions/StringDatatype" }, "state" : { "title" : "State", - "description" : "State, province or analogous geographical region for mailing address", + "description" : "State, province or analogous geographical region for a mailing address.", "$ref" : "#/definitions/StringDatatype" }, "postal-code" : { "title" : "Postal Code", - "description" : "Postal or ZIP code for mailing address", + "description" : "Postal or ZIP code for mailing address.", "$ref" : "#/definitions/StringDatatype" }, "country" : { "title" : "Country Code", @@ -1059,7 +1051,7 @@ "$ref" : "#/definitions/StringDatatype" }, "oscal-profile-oscal-metadata:document-id" : { "title" : "Document Identifier", - "description" : "A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of \"document-id\" is equal to the value of the \"uuid\" flag of the top-level root element.", + "description" : "A document identifier qualified by an identifier scheme.", "$id" : "#field_oscal-metadata_document-id", "type" : "object", "properties" : @@ -1072,31 +1064,31 @@ "required" : [ "identifier" ], "additionalProperties" : false }, - "oscal-profile-oscal-catalog-common:part" : + "oscal-profile-oscal-control-common:part" : { "title" : "Part", - "description" : "A partition of a control's definition or a child of another part.", - "$id" : "#assembly_oscal-catalog-common_part", + "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", + "$id" : "#assembly_oscal-control-common_part", "type" : "object", "properties" : { "id" : { "title" : "Part Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for the part.", "$ref" : "#/definitions/TokenDatatype" }, "name" : { "title" : "Part Name", - "description" : "A textual label that uniquely identifies the part's semantic type.", + "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", "$ref" : "#/definitions/TokenDatatype" }, "ns" : { "title" : "Part Namespace", - "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", + "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", "$ref" : "#/definitions/URIDatatype" }, "class" : { "title" : "Part Class", - "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", + "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Part Title", - "description" : "A name given to the part, which may be used by a tool for display and navigation.", + "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", "type" : "string" }, "props" : { "type" : "array", @@ -1111,7 +1103,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_part" } }, + { "$ref" : "#assembly_oscal-control-common_part" } }, "links" : { "type" : "array", "minItems" : 1, @@ -1120,23 +1112,23 @@ "required" : [ "name" ], "additionalProperties" : false }, - "oscal-profile-oscal-catalog-common:parameter" : + "oscal-profile-oscal-control-common:parameter" : { "title" : "Parameter", "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", - "$id" : "#assembly_oscal-catalog-common_parameter", + "$id" : "#assembly_oscal-control-common_parameter", "type" : "object", "properties" : { "id" : { "title" : "Parameter Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for the parameter.", "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Parameter Class", - "description" : "A textual label that provides a characterization of the parameter.", + "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", "$ref" : "#/definitions/TokenDatatype" }, "depends-on" : { "title" : "Depends on", - "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", + "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", @@ -1154,34 +1146,34 @@ "type" : "string" }, "usage" : { "title" : "Parameter Usage Description", - "description" : "Describes the purpose and use of a parameter", + "description" : "Describes the purpose and use of a parameter.", "type" : "string" }, "constraints" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-constraint" } }, + { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, "guidelines" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-guideline" } }, + { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, "values" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#field_oscal-catalog-common_parameter-value" } }, + { "$ref" : "#field_oscal-control-common_parameter-value" } }, "select" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-selection" }, + { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : [ "id" ], "additionalProperties" : false }, - "oscal-profile-oscal-catalog-common:parameter-constraint" : + "oscal-profile-oscal-control-common:parameter-constraint" : { "title" : "Constraint", - "description" : "A formal or informal expression of a constraint or test", - "$id" : "#assembly_oscal-catalog-common_parameter-constraint", + "description" : "A formal or informal expression of a constraint or test.", + "$id" : "#assembly_oscal-control-common_parameter-constraint", "type" : "object", "properties" : { "description" : @@ -1198,7 +1190,7 @@ "properties" : { "expression" : { "title" : "Constraint test", - "description" : "A formal (executable) expression of a constraint", + "description" : "A formal (executable) expression of a constraint.", "$ref" : "#/definitions/StringDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, @@ -1206,10 +1198,10 @@ [ "expression" ], "additionalProperties" : false } } }, "additionalProperties" : false }, - "oscal-profile-oscal-catalog-common:parameter-guideline" : + "oscal-profile-oscal-control-common:parameter-guideline" : { "title" : "Guideline", "description" : "A prose statement that provides a recommendation for the use of a parameter.", - "$id" : "#assembly_oscal-catalog-common_parameter-guideline", + "$id" : "#assembly_oscal-control-common_parameter-guideline", "type" : "object", "properties" : { "prose" : @@ -1219,15 +1211,15 @@ "required" : [ "prose" ], "additionalProperties" : false }, - "oscal-profile-oscal-catalog-common:parameter-value" : + "oscal-profile-oscal-control-common:parameter-value" : { "title" : "Parameter Value", "description" : "A parameter value or set of values.", - "$id" : "#field_oscal-catalog-common_parameter-value", + "$id" : "#field_oscal-control-common_parameter-value", "$ref" : "#/definitions/StringDatatype" }, - "oscal-profile-oscal-catalog-common:parameter-selection" : + "oscal-profile-oscal-control-common:parameter-selection" : { "title" : "Selection", - "description" : "Presenting a choice among alternatives", - "$id" : "#assembly_oscal-catalog-common_parameter-selection", + "description" : "Presenting a choice among alternatives.", + "$id" : "#assembly_oscal-control-common_parameter-selection", "type" : "object", "properties" : { "how-many" : @@ -1245,13 +1237,13 @@ "minItems" : 1, "items" : { "title" : "Choice", - "description" : "A value selection among several such options", + "description" : "A value selection among several such options.", "type" : "string" } } }, "additionalProperties" : false }, - "oscal-profile-oscal-catalog-common:include-all" : + "oscal-profile-oscal-control-common:include-all" : { "title" : "Include All", "description" : "Include all controls from the imported catalog or profile resources.", - "$id" : "#assembly_oscal-catalog-common_include-all", + "$id" : "#assembly_oscal-control-common_include-all", "type" : "object", "additionalProperties" : false }, "Base64Datatype" : diff --git a/json/schema/oscal_ssp_schema.json b/json/schema/oscal_ssp_schema.json index e8dafb317c..7a29c31d31 100644 --- a/json/schema/oscal_ssp_schema.json +++ b/json/schema/oscal_ssp_schema.json @@ -526,7 +526,7 @@ "$ref" : "#/definitions/UUIDDatatype" }, "control-id" : { "title" : "Control Identifier Reference", - "description" : "A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", @@ -832,8 +832,8 @@ "description" ], "additionalProperties" : false }, "oscal-ssp-oscal-metadata:metadata" : - { "title" : "Publication metadata", - "description" : "Provides information about the publication and availability of the containing document.", + { "title" : "Document Metadata", + "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", "$id" : "#assembly_oscal-metadata_metadata", "type" : "object", "properties" : @@ -853,7 +853,37 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_revision" } }, + { "title" : "Revision History Entry", + "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "version" ], + "additionalProperties" : false } }, "document-ids" : { "type" : "array", "minItems" : 1, @@ -873,17 +903,183 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_role" } }, + { "title" : "Role", + "description" : "Defines a function, which might be assigned to a party in a specific situation.", + "type" : "object", + "properties" : + { "id" : + { "title" : "Role Identifier", + "description" : "A unique identifier for the role.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Role Title", + "description" : "A name given to the role, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "Role Short Name", + "description" : "A short common name, abbreviation, or acronym for the role.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "Role Description", + "description" : "A summary of the role's purpose and associated responsibilities.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id", + "title" ], + "additionalProperties" : false } }, "locations" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_location" } }, + { "title" : "Location", + "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Location Universally Unique Identifier", + "description" : "A unique ID for the location, for reference.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Location Title", + "description" : "A name given to the location, which may be used by a tool for display and navigation.", + "type" : "string" }, + "address" : + { "$ref" : "#assembly_oscal-metadata_address" }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "urls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location URL", + "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", + "$ref" : "#/definitions/URIDatatype" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } }, "parties" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_party" } }, + { "title" : "Party", + "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Party Universally Unique Identifier", + "description" : "A unique identifier for the party.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Party Type", + "description" : "A category describing the kind of party the object describes.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, + "name" : + { "title" : "Party Name", + "description" : "The full name of the party. This is typically the legal name associated with the party.", + "$ref" : "#/definitions/StringDatatype" }, + "short-name" : + { "title" : "Party Short Name", + "description" : "A short common name, abbreviation, or acronym for the party.", + "$ref" : "#/definitions/StringDatatype" }, + "external-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party External Identifier", + "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "External Identifier Schema", + "description" : "Indicates the type of external identifier.", + "$ref" : "#/definitions/URIDatatype" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id", + "scheme" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_address" } }, + "location-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_location-uuid" } }, + "member-of-organizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Organizational Affiliation", + "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type" ], + "additionalProperties" : false } }, "responsible-parties" : { "type" : "array", "minItems" : 1, @@ -902,233 +1098,24 @@ "version", "oscal-version" ], "additionalProperties" : false }, - "oscal-ssp-oscal-metadata:revision" : - { "title" : "Revision History Entry", - "description" : "An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first).", - "$id" : "#assembly_oscal-metadata_revision", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "version" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-metadata:location" : - { "title" : "Location", - "description" : "A location, with associated metadata that can be referenced.", - "$id" : "#assembly_oscal-metadata_location", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Location Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Location Title", - "description" : "A name given to the location, which may be used by a tool for display and navigation.", - "type" : "string" }, - "address" : - { "$ref" : "#assembly_oscal-metadata_address" }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "urls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location URL", - "description" : "The uniform resource locator (URL) for a web site or Internet presence associated with the location.", - "$ref" : "#/definitions/URIDatatype" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "address" ], - "additionalProperties" : false }, "oscal-ssp-oscal-metadata:location-uuid" : - { "title" : "Location Reference", - "description" : "A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + { "title" : "Location Universally Unique Identifier Reference", + "description" : "Reference to a location by UUID.", "$id" : "#field_oscal-metadata_location-uuid", "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-ssp-oscal-metadata:party" : - { "title" : "Party (organization or person)", - "description" : "A responsible entity which is either a person or an organization.", - "$id" : "#assembly_oscal-metadata_party", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Party Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Party Type", - "description" : "A category describing the kind of party the object describes.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "person", - "organization" ] } ] }, - "name" : - { "title" : "Party Name", - "description" : "The full name of the party. This is typically the legal name associated with the party.", - "$ref" : "#/definitions/StringDatatype" }, - "short-name" : - { "title" : "Party Short Name", - "description" : "A short common name, abbreviation, or acronym for the party.", - "$ref" : "#/definitions/StringDatatype" }, - "external-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party External Identifier", - "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID)", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "External Identifier Schema", - "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id", - "scheme" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_address" } }, - "location-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_location-uuid" } }, - "member-of-organizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Organizational Affiliation", - "description" : "A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "$ref" : "#/definitions/UUIDDatatype" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type" ], - "additionalProperties" : false }, "oscal-ssp-oscal-metadata:party-uuid" : - { "title" : "Party Reference", - "description" : "A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + { "title" : "Party Universally Unique Identifier Reference", + "description" : "Reference to a party by UUID.", "$id" : "#field_oscal-metadata_party-uuid", "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-ssp-oscal-metadata:role" : - { "title" : "Role", - "description" : "Defines a function assumed or expected to be assumed by a party in a specific situation.", - "$id" : "#assembly_oscal-metadata_role", - "type" : "object", - "properties" : - { "id" : - { "title" : "Role Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Role Title", - "description" : "A name given to the role, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "Role Short Name", - "description" : "A short common name, abbreviation, or acronym for the role.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "Role Description", - "description" : "A summary of the role's purpose and associated responsibilities.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id", - "title" ], - "additionalProperties" : false }, "oscal-ssp-oscal-metadata:role-id" : { "title" : "Role Identifier Reference", - "description" : "A human-oriented identifier reference to roles served by the user.", + "description" : "Reference to a role by UUID.", "$id" : "#field_oscal-metadata_role-id", "$ref" : "#/definitions/TokenDatatype" }, "oscal-ssp-oscal-metadata:back-matter" : { "title" : "Back matter", - "description" : "A collection of resources, which may be included directly or by reference.", + "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", "$id" : "#assembly_oscal-metadata_back-matter", "type" : "object", "properties" : @@ -1137,20 +1124,20 @@ "minItems" : 1, "items" : { "title" : "Resource", - "description" : "A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources.", + "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", "type" : "object", "properties" : { "uuid" : { "title" : "Resource Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for a resource.", "$ref" : "#/definitions/UUIDDatatype" }, "title" : { "title" : "Resource Title", - "description" : "A name given to the resource, which may be used by a tool for display and navigation.", + "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", "type" : "string" }, "description" : { "title" : "Resource Description", - "description" : "A short summary of the resource used to indicate the purpose of the resource.", + "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", "type" : "string" }, "props" : { "type" : "array", @@ -1164,7 +1151,7 @@ { "$ref" : "#field_oscal-metadata_document-id" } }, "citation" : { "title" : "Citation", - "description" : "A citation consisting of end note text and optional structured bibliographic data.", + "description" : "An optional citation consisting of end note text using structured markup.", "type" : "object", "properties" : { "text" : @@ -1189,16 +1176,16 @@ "minItems" : 1, "items" : { "title" : "Resource link", - "description" : "A pointer to an external resource with an optional hash for verification and change detection.", + "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", "type" : "object", "properties" : { "href" : { "title" : "Hypertext Reference", - "description" : "A resolvable URI reference to a resource.", + "description" : "A resolvable URL pointing to the referenced resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "hashes" : { "type" : "array", @@ -1210,16 +1197,16 @@ "additionalProperties" : false } }, "base64" : { "title" : "Base64", - "description" : "The Base64 alphabet in RFC 2045 - aligned with XSD.", + "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", "type" : "object", "properties" : { "filename" : { "title" : "File Name", "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "$ref" : "#/definitions/URIReferenceDatatype" }, + "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, @@ -1234,17 +1221,22 @@ "additionalProperties" : false }, "oscal-ssp-oscal-metadata:property" : { "title" : "Property", - "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values.", + "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", "$id" : "#assembly_oscal-metadata_property", "type" : "object", "properties" : { "name" : { "title" : "Property Name", - "description" : "A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "$ref" : "#/definitions/TokenDatatype" }, + "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "marking" ] } ] }, "uuid" : { "title" : "Property Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for a property.", "$ref" : "#/definitions/UUIDDatatype" }, "ns" : { "title" : "Property Namespace", @@ -1256,7 +1248,7 @@ "$ref" : "#/definitions/StringDatatype" }, "class" : { "title" : "Property Class", - "description" : "A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns.", + "description" : "A textual label that provides a sub-type or characterization of the property's name.", "$ref" : "#/definitions/TokenDatatype" }, "group" : { "title" : "Property Group", @@ -1270,7 +1262,7 @@ "additionalProperties" : false }, "oscal-ssp-oscal-metadata:link" : { "title" : "Link", - "description" : "A reference to a local or remote resource", + "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", "$id" : "#assembly_oscal-metadata_link", "type" : "object", "properties" : @@ -1279,12 +1271,12 @@ "description" : "A resolvable URL reference to a resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, "rel" : - { "title" : "Relation", - "description" : "Describes the type of relationship provided by the link. This can be an indicator of the link's purpose.", + { "title" : "Link Relation Type", + "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", "$ref" : "#/definitions/TokenDatatype" }, "media-type" : { "title" : "Media Type", - "description" : "Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry.", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", @@ -1295,13 +1287,13 @@ "additionalProperties" : false }, "oscal-ssp-oscal-metadata:responsible-party" : { "title" : "Responsible Party", - "description" : "A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object.", + "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", "$id" : "#assembly_oscal-metadata_responsible-party", "type" : "object", "properties" : { "role-id" : { "title" : "Responsible Role", - "description" : "A human-oriented identifier reference to roles served by the user.", + "description" : "A reference to a role performed by a party.", "$ref" : "#/definitions/TokenDatatype" }, "party-uuids" : { "type" : "array", @@ -1370,13 +1362,13 @@ "additionalProperties" : false }, "oscal-ssp-oscal-metadata:responsible-role" : { "title" : "Responsible Role", - "description" : "A reference to one or more roles with responsibility for performing a function relative to the containing object.", + "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", "$id" : "#assembly_oscal-metadata_responsible-role", "type" : "object", "properties" : { "role-id" : { "title" : "Responsible Role ID", - "description" : "A human-oriented identifier reference to roles responsible for the business function.", + "description" : "A human-oriented identifier reference to a role performed.", "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", @@ -1406,7 +1398,7 @@ "properties" : { "algorithm" : { "title" : "Hash algorithm", - "description" : "Method by which a hash is derived", + "description" : "The digest method by which a hash is derived.", "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, @@ -1416,27 +1408,27 @@ "additionalProperties" : false }, "oscal-ssp-oscal-metadata:remarks" : { "title" : "Remarks", - "description" : "Additional commentary on the containing object.", + "description" : "Additional commentary about the containing object.", "$id" : "#field_oscal-metadata_remarks", "type" : "string" }, "oscal-ssp-oscal-metadata:published" : { "title" : "Publication Timestamp", - "description" : "The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", + "description" : "The date and time the document was last made available.", "$id" : "#field_oscal-metadata_published", "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-ssp-oscal-metadata:last-modified" : { "title" : "Last Modified Timestamp", - "description" : "The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included.", + "description" : "The date and time the document was last stored for later retrieval.", "$id" : "#field_oscal-metadata_last-modified", "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "oscal-ssp-oscal-metadata:version" : { "title" : "Document Version", - "description" : "A string used to distinguish the current version of the document from other previous (and future) versions.", + "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", "$id" : "#field_oscal-metadata_version", "$ref" : "#/definitions/StringDatatype" }, "oscal-ssp-oscal-metadata:oscal-version" : - { "title" : "OSCAL version", - "description" : "The OSCAL model version the document was authored against.", + { "title" : "OSCAL Version", + "description" : "The OSCAL model version the document was authored against and will conform to as valid.", "$id" : "#field_oscal-metadata_oscal-version", "$ref" : "#/definitions/StringDatatype" }, "oscal-ssp-oscal-metadata:email-address" : @@ -1446,7 +1438,7 @@ "$ref" : "#/definitions/EmailAddressDatatype" }, "oscal-ssp-oscal-metadata:telephone-number" : { "title" : "Telephone Number", - "description" : "Contact number by telephone.", + "description" : "A telephone service number as defined by ITU-T E.164.", "$id" : "#field_oscal-metadata_telephone-number", "type" : "object", "properties" : @@ -1480,11 +1472,11 @@ "$ref" : "#/definitions/StringDatatype" }, "state" : { "title" : "State", - "description" : "State, province or analogous geographical region for mailing address", + "description" : "State, province or analogous geographical region for a mailing address.", "$ref" : "#/definitions/StringDatatype" }, "postal-code" : { "title" : "Postal Code", - "description" : "Postal or ZIP code for mailing address", + "description" : "Postal or ZIP code for mailing address.", "$ref" : "#/definitions/StringDatatype" }, "country" : { "title" : "Country Code", @@ -1498,7 +1490,7 @@ "$ref" : "#/definitions/StringDatatype" }, "oscal-ssp-oscal-metadata:document-id" : { "title" : "Document Identifier", - "description" : "A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of \"document-id\" is equal to the value of the \"uuid\" flag of the top-level root element.", + "description" : "A document identifier qualified by an identifier scheme.", "$id" : "#field_oscal-metadata_document-id", "type" : "object", "properties" : @@ -1834,31 +1826,31 @@ "required" : [ "id" ], "additionalProperties" : false }, - "oscal-ssp-oscal-catalog-common:part" : + "oscal-ssp-oscal-control-common:part" : { "title" : "Part", - "description" : "A partition of a control's definition or a child of another part.", - "$id" : "#assembly_oscal-catalog-common_part", + "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", + "$id" : "#assembly_oscal-control-common_part", "type" : "object", "properties" : { "id" : { "title" : "Part Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for the part.", "$ref" : "#/definitions/TokenDatatype" }, "name" : { "title" : "Part Name", - "description" : "A textual label that uniquely identifies the part's semantic type.", + "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", "$ref" : "#/definitions/TokenDatatype" }, "ns" : { "title" : "Part Namespace", - "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", + "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", "$ref" : "#/definitions/URIDatatype" }, "class" : { "title" : "Part Class", - "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", + "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", "$ref" : "#/definitions/TokenDatatype" }, "title" : { "title" : "Part Title", - "description" : "A name given to the part, which may be used by a tool for display and navigation.", + "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", "type" : "string" }, "props" : { "type" : "array", @@ -1873,7 +1865,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_part" } }, + { "$ref" : "#assembly_oscal-control-common_part" } }, "links" : { "type" : "array", "minItems" : 1, @@ -1882,23 +1874,23 @@ "required" : [ "name" ], "additionalProperties" : false }, - "oscal-ssp-oscal-catalog-common:parameter" : + "oscal-ssp-oscal-control-common:parameter" : { "title" : "Parameter", "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", - "$id" : "#assembly_oscal-catalog-common_parameter", + "$id" : "#assembly_oscal-control-common_parameter", "type" : "object", "properties" : { "id" : { "title" : "Parameter Identifier", - "description" : "A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "description" : "A unique identifier for the parameter.", "$ref" : "#/definitions/TokenDatatype" }, "class" : { "title" : "Parameter Class", - "description" : "A textual label that provides a characterization of the parameter.", + "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", "$ref" : "#/definitions/TokenDatatype" }, "depends-on" : { "title" : "Depends on", - "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", + "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", "$ref" : "#/definitions/TokenDatatype" }, "props" : { "type" : "array", @@ -1916,34 +1908,34 @@ "type" : "string" }, "usage" : { "title" : "Parameter Usage Description", - "description" : "Describes the purpose and use of a parameter", + "description" : "Describes the purpose and use of a parameter.", "type" : "string" }, "constraints" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-constraint" } }, + { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, "guidelines" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-guideline" } }, + { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, "values" : { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#field_oscal-catalog-common_parameter-value" } }, + { "$ref" : "#field_oscal-control-common_parameter-value" } }, "select" : - { "$ref" : "#assembly_oscal-catalog-common_parameter-selection" }, + { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : [ "id" ], "additionalProperties" : false }, - "oscal-ssp-oscal-catalog-common:parameter-constraint" : + "oscal-ssp-oscal-control-common:parameter-constraint" : { "title" : "Constraint", - "description" : "A formal or informal expression of a constraint or test", - "$id" : "#assembly_oscal-catalog-common_parameter-constraint", + "description" : "A formal or informal expression of a constraint or test.", + "$id" : "#assembly_oscal-control-common_parameter-constraint", "type" : "object", "properties" : { "description" : @@ -1960,7 +1952,7 @@ "properties" : { "expression" : { "title" : "Constraint test", - "description" : "A formal (executable) expression of a constraint", + "description" : "A formal (executable) expression of a constraint.", "$ref" : "#/definitions/StringDatatype" }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, @@ -1968,10 +1960,10 @@ [ "expression" ], "additionalProperties" : false } } }, "additionalProperties" : false }, - "oscal-ssp-oscal-catalog-common:parameter-guideline" : + "oscal-ssp-oscal-control-common:parameter-guideline" : { "title" : "Guideline", "description" : "A prose statement that provides a recommendation for the use of a parameter.", - "$id" : "#assembly_oscal-catalog-common_parameter-guideline", + "$id" : "#assembly_oscal-control-common_parameter-guideline", "type" : "object", "properties" : { "prose" : @@ -1981,15 +1973,15 @@ "required" : [ "prose" ], "additionalProperties" : false }, - "oscal-ssp-oscal-catalog-common:parameter-value" : + "oscal-ssp-oscal-control-common:parameter-value" : { "title" : "Parameter Value", "description" : "A parameter value or set of values.", - "$id" : "#field_oscal-catalog-common_parameter-value", + "$id" : "#field_oscal-control-common_parameter-value", "$ref" : "#/definitions/StringDatatype" }, - "oscal-ssp-oscal-catalog-common:parameter-selection" : + "oscal-ssp-oscal-control-common:parameter-selection" : { "title" : "Selection", - "description" : "Presenting a choice among alternatives", - "$id" : "#assembly_oscal-catalog-common_parameter-selection", + "description" : "Presenting a choice among alternatives.", + "$id" : "#assembly_oscal-control-common_parameter-selection", "type" : "object", "properties" : { "how-many" : @@ -2007,13 +1999,13 @@ "minItems" : 1, "items" : { "title" : "Choice", - "description" : "A value selection among several such options", + "description" : "A value selection among several such options.", "type" : "string" } } }, "additionalProperties" : false }, - "oscal-ssp-oscal-catalog-common:include-all" : + "oscal-ssp-oscal-control-common:include-all" : { "title" : "Include All", "description" : "Include all controls from the imported catalog or profile resources.", - "$id" : "#assembly_oscal-catalog-common_include-all", + "$id" : "#assembly_oscal-control-common_include-all", "type" : "object", "additionalProperties" : false }, "Base64Datatype" : diff --git a/xml/convert/oscal_assessment-plan_json-to-xml-converter.xsl b/xml/convert/oscal_assessment-plan_json-to-xml-converter.xsl index f4c472c2de..3ea58b7e68 100644 --- a/xml/convert/oscal_assessment-plan_json-to-xml-converter.xsl +++ b/xml/convert/oscal_assessment-plan_json-to-xml-converter.xsl @@ -157,53 +157,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -684,7 +637,12 @@ mode="keep-value-property" priority="8"> - + @@ -776,16 +734,17 @@ - + - - + - @@ -822,8 +781,8 @@ - + - - + - - + @@ -1219,7 +1183,12 @@ mode="keep-value-property" priority="6"> - + @@ -1470,7 +1439,7 @@ @@ -1817,6 +1786,20 @@ + + + + + + + + + + + + + @@ -1910,6 +1893,22 @@ + + + + + + + + + + + + + + + @@ -2105,6 +2104,7 @@ @@ -2140,6 +2140,26 @@ + + + + + + + + + + + + + + + + + + + @@ -2991,8 +3011,8 @@ diff --git a/xml/convert/oscal_assessment-results_json-to-xml-converter.xsl b/xml/convert/oscal_assessment-results_json-to-xml-converter.xsl index 90bc188ae7..a53c949601 100644 --- a/xml/convert/oscal_assessment-results_json-to-xml-converter.xsl +++ b/xml/convert/oscal_assessment-results_json-to-xml-converter.xsl @@ -155,53 +155,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -910,7 +863,12 @@ mode="keep-value-property" priority="8"> - + @@ -1002,16 +960,17 @@ - + - - + - @@ -1048,8 +1007,8 @@ - + - - + - - + @@ -1638,7 +1602,12 @@ mode="keep-value-property" priority="9"> - + @@ -2147,7 +2116,7 @@ @@ -2494,6 +2463,20 @@ + + + + + + + + + + + + + @@ -2587,6 +2570,22 @@ + + + + + + + + + + + + + + + @@ -2782,6 +2781,7 @@ @@ -2817,6 +2817,26 @@ + + + + + + + + + + + + + + + + + + + @@ -3246,8 +3266,8 @@ diff --git a/xml/convert/oscal_catalog_json-to-xml-converter.xsl b/xml/convert/oscal_catalog_json-to-xml-converter.xsl index f6f5f7c206..982ac5fd90 100644 --- a/xml/convert/oscal_catalog_json-to-xml-converter.xsl +++ b/xml/convert/oscal_catalog_json-to-xml-converter.xsl @@ -153,53 +153,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -503,7 +456,12 @@ mode="keep-value-property" priority="8"> - + @@ -595,16 +553,17 @@ - + - - + - @@ -641,8 +600,8 @@ - + - - + - - + @@ -906,7 +870,12 @@ priority="8"> - + @@ -1014,7 +983,7 @@ @@ -1361,6 +1330,20 @@ + + + + + + + + + + + + + @@ -1454,6 +1437,22 @@ + + + + + + + + + + + + + + + @@ -1649,6 +1648,7 @@ @@ -1684,6 +1684,26 @@ + + + + + + + + + + + + + + + + + + + @@ -2154,8 +2174,8 @@ @@ -2346,8 +2366,8 @@ @@ -2435,8 +2455,8 @@ @@ -2759,8 +2779,8 @@ @@ -2848,8 +2868,8 @@ @@ -3044,8 +3064,8 @@ @@ -3133,8 +3153,8 @@ diff --git a/xml/convert/oscal_complete_json-to-xml-converter.xsl b/xml/convert/oscal_complete_json-to-xml-converter.xsl index dce9d0061d..1333edc312 100644 --- a/xml/convert/oscal_complete_json-to-xml-converter.xsl +++ b/xml/convert/oscal_complete_json-to-xml-converter.xsl @@ -153,53 +153,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -1615,7 +1568,12 @@ mode="keep-value-property" priority="8"> - + @@ -1707,16 +1665,17 @@ - + - - + - @@ -1753,8 +1712,8 @@ - + - - + - - + @@ -2018,7 +1982,12 @@ priority="8"> - + @@ -2126,7 +2095,7 @@ @@ -2556,7 +2525,8 @@ - + - + @@ -4176,6 +4151,20 @@ + + + + + + + + + + + + + @@ -4269,6 +4258,22 @@ + + + + + + + + + + + + + + + @@ -4464,6 +4469,7 @@ @@ -4499,6 +4505,26 @@ + + + + + + + + + + + + + + + + + + + @@ -4969,8 +4995,8 @@ @@ -5161,8 +5187,8 @@ @@ -5250,8 +5276,8 @@ @@ -5574,8 +5600,8 @@ @@ -5663,8 +5689,8 @@ @@ -5859,8 +5885,8 @@ @@ -5948,8 +5974,8 @@ @@ -6617,6 +6643,20 @@ + + + + + + + + + + + + + @@ -6710,6 +6750,22 @@ + + + + + + + + + + + + + + + @@ -6905,6 +6961,7 @@ @@ -6940,6 +6997,26 @@ + + + + + + + + + + + + + + + + + + + @@ -7916,6 +7993,20 @@ + + + + + + + + + + + + + @@ -8009,6 +8100,22 @@ + + + + + + + + + + + + + + + @@ -8204,6 +8311,7 @@ @@ -8239,6 +8347,26 @@ + + + + + + + + + + + + + + + + + + + @@ -8862,8 +8990,8 @@ @@ -8951,8 +9079,8 @@ @@ -9290,8 +9418,8 @@ @@ -9518,8 +9646,8 @@ @@ -9607,8 +9735,8 @@ @@ -10148,6 +10276,20 @@ + + + + + + + + + + + + + @@ -10241,6 +10383,22 @@ + + + + + + + + + + + + + + + @@ -10436,6 +10594,7 @@ @@ -10471,6 +10630,26 @@ + + + + + + + + + + + + + + + + + + + @@ -12057,6 +12236,20 @@ + + + + + + + + + + + + + @@ -12150,6 +12343,22 @@ + + + + + + + + + + + + + + + @@ -12345,6 +12554,7 @@ @@ -12380,6 +12590,26 @@ + + + + + + + + + + + + + + + + + + + @@ -15947,6 +16177,20 @@ + + + + + + + + + + + + + @@ -16040,6 +16284,22 @@ + + + + + + + + + + + + + + + @@ -16235,6 +16495,7 @@ @@ -16270,6 +16531,26 @@ + + + + + + + + + + + + + + + + + + + @@ -17121,8 +17402,8 @@ @@ -19383,6 +19664,20 @@ + + + + + + + + + + + + + @@ -19476,6 +19771,22 @@ + + + + + + + + + + + + + + + @@ -19671,6 +19982,7 @@ @@ -19706,6 +20018,26 @@ + + + + + + + + + + + + + + + + + + + @@ -20135,8 +20467,8 @@ @@ -26434,6 +26766,20 @@ + + + + + + + + + + + + + @@ -26527,6 +26873,22 @@ + + + + + + + + + + + + + + + @@ -26722,6 +27084,7 @@ @@ -26757,6 +27120,26 @@ + + + + + + + + + + + + + + + + + + + diff --git a/xml/convert/oscal_component_json-to-xml-converter.xsl b/xml/convert/oscal_component_json-to-xml-converter.xsl index 4456e868db..51ff9548ea 100644 --- a/xml/convert/oscal_component_json-to-xml-converter.xsl +++ b/xml/convert/oscal_component_json-to-xml-converter.xsl @@ -155,53 +155,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -435,7 +388,12 @@ mode="keep-value-property" priority="8"> - + @@ -527,16 +485,17 @@ - + - - + - @@ -573,8 +532,8 @@ - + - - + - - + @@ -1320,6 +1280,20 @@ + + + + + + + + + + + + + @@ -1413,6 +1387,22 @@ + + + + + + + + + + + + + + + @@ -1608,6 +1598,7 @@ @@ -1643,6 +1634,26 @@ + + + + + + + + + + + + + + + + + + + diff --git a/xml/convert/oscal_mapping_json-to-xml-converter.xsl b/xml/convert/oscal_mapping_json-to-xml-converter.xsl index 59b1a7e9aa..3a42621df6 100644 --- a/xml/convert/oscal_mapping_json-to-xml-converter.xsl +++ b/xml/convert/oscal_mapping_json-to-xml-converter.xsl @@ -153,53 +153,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -426,7 +379,12 @@ mode="keep-value-property" priority="8"> - + @@ -518,16 +476,17 @@ - + - - + - @@ -564,8 +523,8 @@ - + - - + - - + @@ -808,7 +772,7 @@ @@ -1155,6 +1119,20 @@ + + + + + + + + + + + + + @@ -1248,6 +1226,22 @@ + + + + + + + + + + + + + + + @@ -1443,6 +1437,7 @@ @@ -1478,6 +1473,26 @@ + + + + + + + + + + + + + + + + + + + diff --git a/xml/convert/oscal_poam_json-to-xml-converter.xsl b/xml/convert/oscal_poam_json-to-xml-converter.xsl index 11f7eb6123..bbd803fc3b 100644 --- a/xml/convert/oscal_poam_json-to-xml-converter.xsl +++ b/xml/convert/oscal_poam_json-to-xml-converter.xsl @@ -158,53 +158,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -705,7 +658,12 @@ mode="keep-value-property" priority="8"> - + @@ -797,16 +755,17 @@ - + - - + - @@ -843,8 +802,8 @@ - + - - + - @@ -2053,6 +2012,20 @@ + + + + + + + + + + + + + @@ -2146,6 +2119,22 @@ + + + + + + + + + + + + + + + @@ -2341,6 +2330,7 @@ @@ -2376,6 +2366,26 @@ + + + + + + + + + + + + + + + + + + + diff --git a/xml/convert/oscal_profile_json-to-xml-converter.xsl b/xml/convert/oscal_profile_json-to-xml-converter.xsl index d689c90fd7..fb31481beb 100644 --- a/xml/convert/oscal_profile_json-to-xml-converter.xsl +++ b/xml/convert/oscal_profile_json-to-xml-converter.xsl @@ -153,53 +153,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -493,7 +446,12 @@ mode="keep-value-property" priority="8"> - + @@ -585,16 +543,17 @@ - + - - + - @@ -631,8 +590,8 @@ - + - - + - - + @@ -1104,7 +1068,7 @@ @@ -1451,6 +1415,20 @@ + + + + + + + + + + + + + @@ -1544,6 +1522,22 @@ + + + + + + + + + + + + + + + @@ -1739,6 +1733,7 @@ @@ -1774,6 +1769,26 @@ + + + + + + + + + + + + + + + + + + + @@ -2397,8 +2412,8 @@ @@ -2486,8 +2501,8 @@ @@ -2825,8 +2840,8 @@ @@ -3053,8 +3068,8 @@ @@ -3142,8 +3157,8 @@ diff --git a/xml/convert/oscal_ssp_json-to-xml-converter.xsl b/xml/convert/oscal_ssp_json-to-xml-converter.xsl index ba410a11ce..b90d3f9652 100644 --- a/xml/convert/oscal_ssp_json-to-xml-converter.xsl +++ b/xml/convert/oscal_ssp_json-to-xml-converter.xsl @@ -156,53 +156,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -712,7 +665,12 @@ mode="keep-value-property" priority="8"> - + @@ -804,16 +762,17 @@ - + - - + - @@ -850,8 +809,8 @@ - + - - + - @@ -1788,6 +1747,20 @@ + + + + + + + + + + + + + @@ -1881,6 +1854,22 @@ + + + + + + + + + + + + + + + @@ -2076,6 +2065,7 @@ @@ -2111,6 +2101,26 @@ + + + + + + + + + + + + + + + + + + + diff --git a/xml/schema/oscal_assessment-plan_schema.xsd b/xml/schema/oscal_assessment-plan_schema.xsd index 7a4e2dacea..caa1f553b8 100644 --- a/xml/schema/oscal_assessment-plan_schema.xsd +++ b/xml/schema/oscal_assessment-plan_schema.xsd @@ -72,10 +72,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -137,11 +137,11 @@ - Publication metadata - Provides information about the publication and availability of the containing document. + Document Metadata + Provides information about the containing document, and defines concepts that are shared across the document. - Publication metadata: Provides information about the publication and availability of the containing document. + Document Metadata: Provides information about the containing document, and defines concepts that are shared across the document. @@ -176,176 +176,89 @@ minOccurs="1" maxOccurs="1"/> - - - - - - - - - - - - - - - - Remarks - Additional commentary on the containing object. + revisions + A group of 'revision' elements - Remarks: Additional commentary on the containing object. + revisions: A group of 'revision' elements - - - - - - - - - Revision History Entry - An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first). - - - Revision History Entry: An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first). - - - - - - - Document Title - A name given to the document revision, which may be used by a tool for display and navigation. - - - Document Title: A name given to the document revision, which may be used by a tool for display and navigation. - - - - - - - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - - - - - - - - - - - Location - A location, with associated metadata that can be referenced. - - - Location: A location, with associated metadata that can be referenced. - - - - - - - Location Title - A name given to the location, which may be used by a tool for display and navigation. - - - Location Title: A name given to the location, which may be used by a tool for display and navigation. - - - - + + + + + + Revision History Entry + An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first). + + + Revision History Entry: An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first). + + + + + + + Document Title + A name given to the document revision, which may be used by a tool for display and navigation. + + + Document Title: A name given to the document revision, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + - - - - - - - - Location URL - The uniform resource locator (URL) for a web site or Internet presence associated with the location. - - - Location URL: The uniform resource locator (URL) for a web site or Internet presence associated with the location. - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - + - - - - - - - - Location Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Location Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - - - - - Location Reference - A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - Location Reference: A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - - - - - Party (organization or person) - A responsible entity which is either a person or an organization. - - - Party (organization or person): A responsible entity which is either a person or an organization. - - - - - Party Name - The full name of the party. This is typically the legal name associated with the party. + Role + Defines a function, which might be assigned to a party in a specific situation. - Party Name: The full name of the party. This is typically the legal name associated with the party. + Role: Defines a function, which might be assigned to a party in a specific situation. - - + + + + + + Role Title + A name given to the role, which may be used by a tool for display and navigation. + + + Role Title: A name given to the role, which may be used by a tool for display and navigation. + + + + + + + + + + + Role Short Name + A short common name, abbreviation, or acronym for the role. + + + Role Short Name: A short common name, abbreviation, or acronym for the role. + + + + + + + + + Role Description + A summary of the role's purpose and associated responsibilities. + + + Role Description: A summary of the role's purpose and associated responsibilities. + + + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Role Identifier + A unique identifier for the role. + + + Role Identifier: A unique identifier for the role. + + + - - + + - Party Short Name - A short common name, abbreviation, or acronym for the party. + Location + A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document. - Party Short Name: A short common name, abbreviation, or acronym for the party. + Location: A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document. - - + + + + + + Location Title + A name given to the location, which may be used by a tool for display and navigation. + + + Location Title: A name given to the location, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + Location URL + The uniform resource locator (URL) for a web site or other resource associated with the location. + + + Location URL: The uniform resource locator (URL) for a web site or other resource associated with the location. + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Location Universally Unique Identifier + A unique ID for the location, for reference. + + + Location Universally Unique Identifier: A unique ID for the location, for reference. + + + - + - Party External Identifier - An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) + Party + An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document. - Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) + Party: An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document. - - - + + + - External Identifier Schema - Indicates the type of external identifier. + Party Name + The full name of the party. This is typically the legal name associated with the party. - External Identifier Schema: Indicates the type of external identifier. + Party Name: The full name of the party. This is typically the legal name associated with the party. - - - + + + + + + + + Party Short Name + A short common name, abbreviation, or acronym for the party. + + + Party Short Name: A short common name, abbreviation, or acronym for the party. + + + + + + + + + Party External Identifier + An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID). + + + Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID). + + + + + + + External Identifier Schema + Indicates the type of external identifier. + + + External Identifier Schema: Indicates the type of external identifier. + + + + + + + + + + + + + + + + + + + Organizational Affiliation + A reference to another party by UUID, typically an organization, that this subject is associated with. + + + Organizational Affiliation: A reference to another party by UUID, typically an organization, that this subject is associated with. + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Party Universally Unique Identifier + A unique identifier for the party. + + + Party Universally Unique Identifier: A unique identifier for the party. + + + + + + Party Type + A category describing the kind of party the object describes. + + + Party Type: A category describing the kind of party the object describes. + + - - - - - - - - - - - - - Organizational Affiliation - A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - Organizational Affiliation: A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - - Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. - - - - Party Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Party Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - - - - Party Type - A category describing the kind of party the object describes. - - - Party Type: A category describing the kind of party the object describes. - - - + - Party Reference - A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + Location Universally Unique Identifier Reference + Reference to a location by UUID. - Party Reference: A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + Location Universally Unique Identifier Reference: Reference to a location by UUID. - + - Role - Defines a function assumed or expected to be assumed by a party in a specific situation. + Party Universally Unique Identifier Reference + Reference to a party by UUID. - Role: Defines a function assumed or expected to be assumed by a party in a specific situation. + Party Universally Unique Identifier Reference: Reference to a party by UUID. - - - - - - Role Title - A name given to the role, which may be used by a tool for display and navigation. - - - Role Title: A name given to the role, which may be used by a tool for display and navigation. - - - - - - - - - - - Role Short Name - A short common name, abbreviation, or acronym for the role. - - - Role Short Name: A short common name, abbreviation, or acronym for the role. - - - - - - - - - Role Description - A summary of the role's purpose and associated responsibilities. - - - Role Description: A summary of the role's purpose and associated responsibilities. - - - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - - - - - - - - - - Role Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Role Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - + + Role Identifier Reference - A human-oriented identifier reference to roles served by the user. + Reference to a role by UUID. - Role Identifier Reference: A human-oriented identifier reference to roles served by the user. + Role Identifier Reference: Reference to a role by UUID. @@ -638,10 +638,10 @@ Back matter - A collection of resources, which may be included directly or by reference. + A collection of resources that may be referenced from within the OSCAL document instance. - Back matter: A collection of resources, which may be included directly or by reference. + Back matter: A collection of resources that may be referenced from within the OSCAL document instance. @@ -649,10 +649,10 @@ Resource - A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources. + A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources. - Resource: A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources. + Resource: A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources. @@ -660,10 +660,10 @@ Resource Title - A name given to the resource, which may be used by a tool for display and navigation. + An optional name given to the resource, which may be used by a tool for display and navigation. - Resource Title: A name given to the resource, which may be used by a tool for display and navigation. + Resource Title: An optional name given to the resource, which may be used by a tool for display and navigation. @@ -675,10 +675,10 @@ Resource Description - A short summary of the resource used to indicate the purpose of the resource. + An optional short summary of the resource used to indicate the purpose of the resource. - Resource Description: A short summary of the resource used to indicate the purpose of the resource. + Resource Description: An optional short summary of the resource used to indicate the purpose of the resource. @@ -698,10 +698,10 @@ Citation - A citation consisting of end note text and optional structured bibliographic data. + An optional citation consisting of end note text using structured markup. - Citation: A citation consisting of end note text and optional structured bibliographic data. + Citation: An optional citation consisting of end note text using structured markup. @@ -735,10 +735,10 @@ Resource link - A pointer to an external resource with an optional hash for verification and change detection. + A URL-based pointer to an external resource with an optional hash for verification and change detection. - Resource link: A pointer to an external resource with an optional hash for verification and change detection. + Resource link: A URL-based pointer to an external resource with an optional hash for verification and change detection. Hypertext Reference - A resolvable URI reference to a resource. + A resolvable URL pointing to the referenced resource. - Hypertext Reference: A resolvable URI reference to a resource. + Hypertext Reference: A resolvable URL pointing to the referenced resource. Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -773,14 +773,14 @@ Base64 - The Base64 alphabet in RFC 2045 - aligned with XSD. + A resource encoded using the Base64 alphabet defined by RFC 2045. - Base64: The Base64 alphabet in RFC 2045 - aligned with XSD. + Base64: A resource encoded using the Base64 alphabet defined by RFC 2045. - + File Name @@ -794,10 +794,10 @@ Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -808,10 +808,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -822,10 +822,10 @@ Resource Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for a resource. - Resource Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Resource Universally Unique Identifier: A unique identifier for a resource. @@ -836,20 +836,20 @@ Property - An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values. + An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. - Property: An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values. + Property: An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -860,20 +860,20 @@ Property Name - A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. + A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. - Property Name: A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. + Property Name: A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. Property Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for a property. - Property Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Property Universally Unique Identifier: A unique identifier for a property. @@ -900,10 +900,10 @@ Property Class - A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + A textual label that provides a sub-type or characterization of the property's name. - Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + Property Class: A textual label that provides a sub-type or characterization of the property's name. @@ -921,10 +921,10 @@ Link - A reference to a local or remote resource + A reference to a local or remote resource, that has a specific relation to the containing object. - Link: A reference to a local or remote resource + Link: A reference to a local or remote resource, that has a specific relation to the containing object. @@ -956,21 +956,21 @@ - Relation - Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. + Link Relation Type + Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose. - Relation: Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. + Link Relation Type: Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose. Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -978,10 +978,10 @@ Responsible Party - A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object. + A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object. - Responsible Party: A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object. + Responsible Party: A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1014,10 +1014,10 @@ Responsible Role - A human-oriented identifier reference to roles served by the user. + A reference to a role performed by a party. - Responsible Role: A human-oriented identifier reference to roles served by the user. + Responsible Role: A reference to a role performed by a party. @@ -1047,10 +1047,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1102,10 +1102,10 @@ Responsible Role - A reference to one or more roles with responsibility for performing a function relative to the containing object. + A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role. - Responsible Role: A reference to one or more roles with responsibility for performing a function relative to the containing object. + Responsible Role: A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1138,10 +1138,10 @@ Responsible Role ID - A human-oriented identifier reference to roles responsible for the business function. + A human-oriented identifier reference to a role performed. - Responsible Role ID: A human-oriented identifier reference to roles responsible for the business function. + Responsible Role ID: A human-oriented identifier reference to a role performed. @@ -1160,10 +1160,10 @@ Hash algorithm - Method by which a hash is derived + The digest method by which a hash is derived. - Hash algorithm: Method by which a hash is derived + Hash algorithm: The digest method by which a hash is derived. @@ -1173,10 +1173,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1186,10 +1186,10 @@ Publication Timestamp - The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last made available. - Publication Timestamp: The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + Publication Timestamp: The date and time the document was last made available. @@ -1197,10 +1197,10 @@ Last Modified Timestamp - The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last stored for later retrieval. - Last Modified Timestamp: The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + Last Modified Timestamp: The date and time the document was last stored for later retrieval. @@ -1208,21 +1208,21 @@ Document Version - A string used to distinguish the current version of the document from other previous (and future) versions. + Used to distinguish a specific revision of an OSCAL document from other previous and future versions. - Document Version: A string used to distinguish the current version of the document from other previous (and future) versions. + Document Version: Used to distinguish a specific revision of an OSCAL document from other previous and future versions. - OSCAL version - The OSCAL model version the document was authored against. + OSCAL Version + The OSCAL model version the document was authored against and will conform to as valid. - OSCAL version: The OSCAL model version the document was authored against. + OSCAL Version: The OSCAL model version the document was authored against and will conform to as valid. @@ -1230,10 +1230,10 @@ Email Address - An email address as defined by RFC 5322 Section 3.4.1. + An email address as defined by RFC 5322 Section 3.4.1. - Email Address: An email address as defined by RFC 5322 Section 3.4.1. + Email Address: An email address as defined by RFC 5322 Section 3.4.1. @@ -1241,10 +1241,10 @@ Telephone Number - Contact number by telephone. + A telephone service number as defined by ITU-T E.164. - Telephone Number: Contact number by telephone. + Telephone Number: A telephone service number as defined by ITU-T E.164. @@ -1293,10 +1293,10 @@ State - State, province or analogous geographical region for mailing address + State, province or analogous geographical region for a mailing address. - State: State, province or analogous geographical region for mailing address + State: State, province or analogous geographical region for a mailing address. @@ -1306,10 +1306,10 @@ Postal Code - Postal or ZIP code for mailing address + Postal or ZIP code for mailing address. - Postal Code: Postal or ZIP code for mailing address + Postal Code: Postal or ZIP code for mailing address. @@ -1354,10 +1354,10 @@ Document Identifier - A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + A document identifier qualified by an identifier scheme. - Document Identifier: A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + Document Identifier: A document identifier qualified by an identifier scheme. @@ -1365,10 +1365,10 @@ Document Identification Scheme - Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. + Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. - Document Identification Scheme: Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. + Document Identification Scheme: Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. @@ -1388,10 +1388,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1443,17 +1443,17 @@ minOccurs="0" maxOccurs="unbounded"/> Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1464,10 +1464,10 @@ Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). - Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + Control Identifier Reference: A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -1512,10 +1512,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1642,10 +1642,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1676,10 +1676,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1862,10 +1862,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1919,10 +1919,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1953,10 +1953,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2053,7 +2053,7 @@ maxOccurs="unbounded"/> Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2119,7 +2119,7 @@ maxOccurs="unbounded"/> Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2151,10 +2151,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2190,10 +2190,10 @@ Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). - Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + Control Identifier Reference: A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -2276,10 +2276,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2332,7 +2332,7 @@ maxOccurs="unbounded"/> Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2391,10 +2391,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2459,10 +2459,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2565,10 +2565,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2591,10 +2591,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2678,10 +2678,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2718,10 +2718,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2869,10 +2869,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2921,10 +2921,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3070,10 +3070,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3403,10 +3403,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3429,10 +3429,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3574,10 +3574,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3727,10 +3727,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3757,10 +3757,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3868,14 +3868,14 @@ - + Part - A partition of a control's definition or a child of another part. + An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part. - Part: A partition of a control's definition or a child of another part. + Part: An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part. @@ -3883,10 +3883,10 @@ Part Title - A name given to the part, which may be used by a tool for display and navigation. + An optional name given to the part, which may be used by a tool for display and navigation. - Part Title: A name given to the part, which may be used by a tool for display and navigation. + Part Title: An optional name given to the part, which may be used by a tool for display and navigation. @@ -3899,7 +3899,7 @@ maxOccurs="unbounded"/> Part Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for the part. - Part Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Part Identifier: A unique identifier for the part. Part Name - A textual label that uniquely identifies the part's semantic type. + A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns. - Part Name: A textual label that uniquely identifies the part's semantic type. + Part Name: A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns. Part Namespace - A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. + An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. - Part Namespace: A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. + Part Namespace: An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. Part Class - A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs. - Part Class: A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + Part Class: An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs. - + Parameter @@ -3986,10 +3986,10 @@ Parameter Usage Description - Describes the purpose and use of a parameter + Describes the purpose and use of a parameter. - Parameter Usage Description: Describes the purpose and use of a parameter + Parameter Usage Description: Describes the purpose and use of a parameter. @@ -3997,20 +3997,20 @@ @@ -4018,10 +4018,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4032,41 +4032,42 @@ Parameter Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for the parameter. - Parameter Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Parameter Identifier: A unique identifier for the parameter. Parameter Class - A textual label that provides a characterization of the parameter. + A textual label that provides a characterization of the type, purpose, use or scope of the parameter. - Parameter Class: A textual label that provides a characterization of the parameter. + Parameter Class: A textual label that provides a characterization of the type, purpose, use or scope of the parameter. Depends on - **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. + + (deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used. - Depends on: **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. + Depends on: (deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used. - + Constraint - A formal or informal expression of a constraint or test + A formal or informal expression of a constraint or test. - Constraint: A formal or informal expression of a constraint or test + Constraint: A formal or informal expression of a constraint or test. @@ -4100,10 +4101,10 @@ Constraint test - A formal (executable) expression of a constraint + A formal (executable) expression of a constraint. - Constraint test: A formal (executable) expression of a constraint + Constraint test: A formal (executable) expression of a constraint. @@ -4112,10 +4113,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4126,7 +4127,7 @@ - + Guideline @@ -4139,7 +4140,7 @@ - + Parameter Value @@ -4150,14 +4151,14 @@ - + Selection - Presenting a choice among alternatives + Presenting a choice among alternatives. - Selection: Presenting a choice among alternatives + Selection: Presenting a choice among alternatives. @@ -4165,10 +4166,10 @@ Choice - A value selection among several such options + A value selection among several such options. - Choice: A value selection among several such options + Choice: A value selection among several such options. @@ -4187,7 +4188,7 @@ - + Include All @@ -4275,10 +4276,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4309,10 +4310,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4445,10 +4446,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4539,10 +4540,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4681,10 +4682,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4707,10 +4708,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4755,10 +4756,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. diff --git a/xml/schema/oscal_assessment-results_schema.xsd b/xml/schema/oscal_assessment-results_schema.xsd index d0a0627e73..4ad4f9bd44 100644 --- a/xml/schema/oscal_assessment-results_schema.xsd +++ b/xml/schema/oscal_assessment-results_schema.xsd @@ -60,10 +60,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -324,10 +324,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -365,10 +365,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -503,10 +503,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -538,10 +538,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -562,11 +562,11 @@ - Publication metadata - Provides information about the publication and availability of the containing document. + Document Metadata + Provides information about the containing document, and defines concepts that are shared across the document. - Publication metadata: Provides information about the publication and availability of the containing document. + Document Metadata: Provides information about the containing document, and defines concepts that are shared across the document. @@ -601,176 +601,89 @@ minOccurs="1" maxOccurs="1"/> - - - - - - - - - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - - - - - - - - - - - Revision History Entry - An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first). - - - Revision History Entry: An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first). - - - - - - - Document Title - A name given to the document revision, which may be used by a tool for display and navigation. - - - Document Title: A name given to the document revision, which may be used by a tool for display and navigation. - - - - - - - - - - - - - - Remarks - Additional commentary on the containing object. + revisions + A group of 'revision' elements - Remarks: Additional commentary on the containing object. + revisions: A group of 'revision' elements - - - - - - - - - Location - A location, with associated metadata that can be referenced. - - - Location: A location, with associated metadata that can be referenced. - - - - - - - Location Title - A name given to the location, which may be used by a tool for display and navigation. - - - Location Title: A name given to the location, which may be used by a tool for display and navigation. - - - - + + + + + + Revision History Entry + An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first). + + + Revision History Entry: An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first). + + + + + + + Document Title + A name given to the document revision, which may be used by a tool for display and navigation. + + + Document Title: A name given to the document revision, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + - - - - - - - - Location URL - The uniform resource locator (URL) for a web site or Internet presence associated with the location. - - - Location URL: The uniform resource locator (URL) for a web site or Internet presence associated with the location. - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - + - - - - - - - - Location Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Location Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - - - - - Location Reference - A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - Location Reference: A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - - - - - Party (organization or person) - A responsible entity which is either a person or an organization. - - - Party (organization or person): A responsible entity which is either a person or an organization. - - - - - Party Name - The full name of the party. This is typically the legal name associated with the party. + Role + Defines a function, which might be assigned to a party in a specific situation. - Party Name: The full name of the party. This is typically the legal name associated with the party. + Role: Defines a function, which might be assigned to a party in a specific situation. - - + + + + + + Role Title + A name given to the role, which may be used by a tool for display and navigation. + + + Role Title: A name given to the role, which may be used by a tool for display and navigation. + + + + + + + + + + + Role Short Name + A short common name, abbreviation, or acronym for the role. + + + Role Short Name: A short common name, abbreviation, or acronym for the role. + + + + + + + + + Role Description + A summary of the role's purpose and associated responsibilities. + + + Role Description: A summary of the role's purpose and associated responsibilities. + + + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Role Identifier + A unique identifier for the role. + + + Role Identifier: A unique identifier for the role. + + + - - + + - Party Short Name - A short common name, abbreviation, or acronym for the party. + Location + A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document. - Party Short Name: A short common name, abbreviation, or acronym for the party. + Location: A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document. - - + + + + + + Location Title + A name given to the location, which may be used by a tool for display and navigation. + + + Location Title: A name given to the location, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + Location URL + The uniform resource locator (URL) for a web site or other resource associated with the location. + + + Location URL: The uniform resource locator (URL) for a web site or other resource associated with the location. + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Location Universally Unique Identifier + A unique ID for the location, for reference. + + + Location Universally Unique Identifier: A unique ID for the location, for reference. + + + - + - Party External Identifier - An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) + Party + An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document. - Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) + Party: An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document. - - - + + + + + + Party Name + The full name of the party. This is typically the legal name associated with the party. + + + Party Name: The full name of the party. This is typically the legal name associated with the party. + + + + + + + + + Party Short Name + A short common name, abbreviation, or acronym for the party. + + + Party Short Name: A short common name, abbreviation, or acronym for the party. + + + + + + + + + Party External Identifier + An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID). + + + Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID). + + + + + + + External Identifier Schema + Indicates the type of external identifier. + + + External Identifier Schema: Indicates the type of external identifier. + + + + + + + + + + + + + + + + - External Identifier Schema - Indicates the type of external identifier. + Organizational Affiliation + A reference to another party by UUID, typically an organization, that this subject is associated with. - External Identifier Schema: Indicates the type of external identifier. + Organizational Affiliation: A reference to another party by UUID, typically an organization, that this subject is associated with. - - - + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Party Universally Unique Identifier + A unique identifier for the party. + + + Party Universally Unique Identifier: A unique identifier for the party. + + + + + + Party Type + A category describing the kind of party the object describes. + + + Party Type: A category describing the kind of party the object describes. + + - - - - - - - - - - - - - Organizational Affiliation - A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - Organizational Affiliation: A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - - Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. - - - - Party Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Party Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - - - - Party Type - A category describing the kind of party the object describes. - - - Party Type: A category describing the kind of party the object describes. - - - + - Party Reference - A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + Location Universally Unique Identifier Reference + Reference to a location by UUID. - Party Reference: A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + Location Universally Unique Identifier Reference: Reference to a location by UUID. - + - Role - Defines a function assumed or expected to be assumed by a party in a specific situation. + Party Universally Unique Identifier Reference + Reference to a party by UUID. - Role: Defines a function assumed or expected to be assumed by a party in a specific situation. + Party Universally Unique Identifier Reference: Reference to a party by UUID. - - - - - - Role Title - A name given to the role, which may be used by a tool for display and navigation. - - - Role Title: A name given to the role, which may be used by a tool for display and navigation. - - - - - - - - - - - Role Short Name - A short common name, abbreviation, or acronym for the role. - - - Role Short Name: A short common name, abbreviation, or acronym for the role. - - - - - - - - - Role Description - A summary of the role's purpose and associated responsibilities. - - - Role Description: A summary of the role's purpose and associated responsibilities. - - - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - - - - - - - - - - Role Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Role Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - + + Role Identifier Reference - A human-oriented identifier reference to roles served by the user. + Reference to a role by UUID. - Role Identifier Reference: A human-oriented identifier reference to roles served by the user. + Role Identifier Reference: Reference to a role by UUID. @@ -1063,10 +1063,10 @@ Back matter - A collection of resources, which may be included directly or by reference. + A collection of resources that may be referenced from within the OSCAL document instance. - Back matter: A collection of resources, which may be included directly or by reference. + Back matter: A collection of resources that may be referenced from within the OSCAL document instance. @@ -1074,10 +1074,10 @@ Resource - A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources. + A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources. - Resource: A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources. + Resource: A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources. @@ -1085,10 +1085,10 @@ Resource Title - A name given to the resource, which may be used by a tool for display and navigation. + An optional name given to the resource, which may be used by a tool for display and navigation. - Resource Title: A name given to the resource, which may be used by a tool for display and navigation. + Resource Title: An optional name given to the resource, which may be used by a tool for display and navigation. @@ -1100,10 +1100,10 @@ Resource Description - A short summary of the resource used to indicate the purpose of the resource. + An optional short summary of the resource used to indicate the purpose of the resource. - Resource Description: A short summary of the resource used to indicate the purpose of the resource. + Resource Description: An optional short summary of the resource used to indicate the purpose of the resource. @@ -1123,10 +1123,10 @@ Citation - A citation consisting of end note text and optional structured bibliographic data. + An optional citation consisting of end note text using structured markup. - Citation: A citation consisting of end note text and optional structured bibliographic data. + Citation: An optional citation consisting of end note text using structured markup. @@ -1160,10 +1160,10 @@ Resource link - A pointer to an external resource with an optional hash for verification and change detection. + A URL-based pointer to an external resource with an optional hash for verification and change detection. - Resource link: A pointer to an external resource with an optional hash for verification and change detection. + Resource link: A URL-based pointer to an external resource with an optional hash for verification and change detection. Hypertext Reference - A resolvable URI reference to a resource. + A resolvable URL pointing to the referenced resource. - Hypertext Reference: A resolvable URI reference to a resource. + Hypertext Reference: A resolvable URL pointing to the referenced resource. Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -1198,14 +1198,14 @@ Base64 - The Base64 alphabet in RFC 2045 - aligned with XSD. + A resource encoded using the Base64 alphabet defined by RFC 2045. - Base64: The Base64 alphabet in RFC 2045 - aligned with XSD. + Base64: A resource encoded using the Base64 alphabet defined by RFC 2045. - + File Name @@ -1219,10 +1219,10 @@ Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -1233,10 +1233,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1247,10 +1247,10 @@ Resource Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for a resource. - Resource Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Resource Universally Unique Identifier: A unique identifier for a resource. @@ -1261,20 +1261,20 @@ Property - An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values. + An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. - Property: An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values. + Property: An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1285,20 +1285,20 @@ Property Name - A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. + A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. - Property Name: A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. + Property Name: A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. Property Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for a property. - Property Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Property Universally Unique Identifier: A unique identifier for a property. @@ -1325,10 +1325,10 @@ Property Class - A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + A textual label that provides a sub-type or characterization of the property's name. - Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + Property Class: A textual label that provides a sub-type or characterization of the property's name. @@ -1346,10 +1346,10 @@ Link - A reference to a local or remote resource + A reference to a local or remote resource, that has a specific relation to the containing object. - Link: A reference to a local or remote resource + Link: A reference to a local or remote resource, that has a specific relation to the containing object. @@ -1381,21 +1381,21 @@ - Relation - Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. + Link Relation Type + Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose. - Relation: Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. + Link Relation Type: Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose. Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -1403,10 +1403,10 @@ Responsible Party - A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object. + A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object. - Responsible Party: A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object. + Responsible Party: A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1439,10 +1439,10 @@ Responsible Role - A human-oriented identifier reference to roles served by the user. + A reference to a role performed by a party. - Responsible Role: A human-oriented identifier reference to roles served by the user. + Responsible Role: A reference to a role performed by a party. @@ -1472,10 +1472,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1527,10 +1527,10 @@ Responsible Role - A reference to one or more roles with responsibility for performing a function relative to the containing object. + A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role. - Responsible Role: A reference to one or more roles with responsibility for performing a function relative to the containing object. + Responsible Role: A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1563,10 +1563,10 @@ Responsible Role ID - A human-oriented identifier reference to roles responsible for the business function. + A human-oriented identifier reference to a role performed. - Responsible Role ID: A human-oriented identifier reference to roles responsible for the business function. + Responsible Role ID: A human-oriented identifier reference to a role performed. @@ -1585,10 +1585,10 @@ Hash algorithm - Method by which a hash is derived + The digest method by which a hash is derived. - Hash algorithm: Method by which a hash is derived + Hash algorithm: The digest method by which a hash is derived. @@ -1598,10 +1598,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1611,10 +1611,10 @@ Publication Timestamp - The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last made available. - Publication Timestamp: The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + Publication Timestamp: The date and time the document was last made available. @@ -1622,10 +1622,10 @@ Last Modified Timestamp - The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last stored for later retrieval. - Last Modified Timestamp: The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + Last Modified Timestamp: The date and time the document was last stored for later retrieval. @@ -1633,21 +1633,21 @@ Document Version - A string used to distinguish the current version of the document from other previous (and future) versions. + Used to distinguish a specific revision of an OSCAL document from other previous and future versions. - Document Version: A string used to distinguish the current version of the document from other previous (and future) versions. + Document Version: Used to distinguish a specific revision of an OSCAL document from other previous and future versions. - OSCAL version - The OSCAL model version the document was authored against. + OSCAL Version + The OSCAL model version the document was authored against and will conform to as valid. - OSCAL version: The OSCAL model version the document was authored against. + OSCAL Version: The OSCAL model version the document was authored against and will conform to as valid. @@ -1655,10 +1655,10 @@ Email Address - An email address as defined by RFC 5322 Section 3.4.1. + An email address as defined by RFC 5322 Section 3.4.1. - Email Address: An email address as defined by RFC 5322 Section 3.4.1. + Email Address: An email address as defined by RFC 5322 Section 3.4.1. @@ -1666,10 +1666,10 @@ Telephone Number - Contact number by telephone. + A telephone service number as defined by ITU-T E.164. - Telephone Number: Contact number by telephone. + Telephone Number: A telephone service number as defined by ITU-T E.164. @@ -1718,10 +1718,10 @@ State - State, province or analogous geographical region for mailing address + State, province or analogous geographical region for a mailing address. - State: State, province or analogous geographical region for mailing address + State: State, province or analogous geographical region for a mailing address. @@ -1731,10 +1731,10 @@ Postal Code - Postal or ZIP code for mailing address + Postal or ZIP code for mailing address. - Postal Code: Postal or ZIP code for mailing address + Postal Code: Postal or ZIP code for mailing address. @@ -1779,10 +1779,10 @@ Document Identifier - A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + A document identifier qualified by an identifier scheme. - Document Identifier: A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + Document Identifier: A document identifier qualified by an identifier scheme. @@ -1790,10 +1790,10 @@ Document Identification Scheme - Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. + Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. - Document Identification Scheme: Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. + Document Identification Scheme: Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. @@ -1813,10 +1813,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1868,17 +1868,17 @@ minOccurs="0" maxOccurs="unbounded"/> Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1889,10 +1889,10 @@ Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). - Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + Control Identifier Reference: A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -1937,10 +1937,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2067,10 +2067,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2101,10 +2101,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2287,10 +2287,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2344,10 +2344,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2378,10 +2378,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2478,7 +2478,7 @@ maxOccurs="unbounded"/> Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2544,7 +2544,7 @@ maxOccurs="unbounded"/> Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2576,10 +2576,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2615,10 +2615,10 @@ Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). - Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + Control Identifier Reference: A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -2701,10 +2701,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2757,7 +2757,7 @@ maxOccurs="unbounded"/> Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2816,10 +2816,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2884,10 +2884,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2990,10 +2990,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3016,10 +3016,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3103,10 +3103,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3143,10 +3143,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3294,10 +3294,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3346,10 +3346,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3495,10 +3495,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3828,10 +3828,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3854,10 +3854,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3999,10 +3999,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4152,10 +4152,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4182,10 +4182,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4293,14 +4293,14 @@ - + Part - A partition of a control's definition or a child of another part. + An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part. - Part: A partition of a control's definition or a child of another part. + Part: An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part. @@ -4308,10 +4308,10 @@ Part Title - A name given to the part, which may be used by a tool for display and navigation. + An optional name given to the part, which may be used by a tool for display and navigation. - Part Title: A name given to the part, which may be used by a tool for display and navigation. + Part Title: An optional name given to the part, which may be used by a tool for display and navigation. @@ -4324,7 +4324,7 @@ maxOccurs="unbounded"/> Part Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for the part. - Part Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Part Identifier: A unique identifier for the part. Part Name - A textual label that uniquely identifies the part's semantic type. + A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns. - Part Name: A textual label that uniquely identifies the part's semantic type. + Part Name: A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns. Part Namespace - A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. + An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. - Part Namespace: A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. + Part Namespace: An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. Part Class - A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs. - Part Class: A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + Part Class: An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs. - + Parameter @@ -4411,10 +4411,10 @@ Parameter Usage Description - Describes the purpose and use of a parameter + Describes the purpose and use of a parameter. - Parameter Usage Description: Describes the purpose and use of a parameter + Parameter Usage Description: Describes the purpose and use of a parameter. @@ -4422,20 +4422,20 @@ @@ -4443,10 +4443,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4457,41 +4457,42 @@ Parameter Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for the parameter. - Parameter Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Parameter Identifier: A unique identifier for the parameter. Parameter Class - A textual label that provides a characterization of the parameter. + A textual label that provides a characterization of the type, purpose, use or scope of the parameter. - Parameter Class: A textual label that provides a characterization of the parameter. + Parameter Class: A textual label that provides a characterization of the type, purpose, use or scope of the parameter. Depends on - **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. + + (deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used. - Depends on: **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. + Depends on: (deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used. - + Constraint - A formal or informal expression of a constraint or test + A formal or informal expression of a constraint or test. - Constraint: A formal or informal expression of a constraint or test + Constraint: A formal or informal expression of a constraint or test. @@ -4525,10 +4526,10 @@ Constraint test - A formal (executable) expression of a constraint + A formal (executable) expression of a constraint. - Constraint test: A formal (executable) expression of a constraint + Constraint test: A formal (executable) expression of a constraint. @@ -4537,10 +4538,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4551,7 +4552,7 @@ - + Guideline @@ -4564,7 +4565,7 @@ - + Parameter Value @@ -4575,14 +4576,14 @@ - + Selection - Presenting a choice among alternatives + Presenting a choice among alternatives. - Selection: Presenting a choice among alternatives + Selection: Presenting a choice among alternatives. @@ -4590,10 +4591,10 @@ Choice - A value selection among several such options + A value selection among several such options. - Choice: A value selection among several such options + Choice: A value selection among several such options. @@ -4612,7 +4613,7 @@ - + Include All @@ -4700,10 +4701,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4734,10 +4735,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4870,10 +4871,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4964,10 +4965,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -5106,10 +5107,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -5132,10 +5133,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -5180,10 +5181,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. diff --git a/xml/schema/oscal_catalog_schema.xsd b/xml/schema/oscal_catalog_schema.xsd index 775a36110b..f813d2b42c 100644 --- a/xml/schema/oscal_catalog_schema.xsd +++ b/xml/schema/oscal_catalog_schema.xsd @@ -12,7 +12,7 @@ 1.0.4 oscal-catalog -

    The OSCAL Control Catalog format can be used to describe a collection of security controls and related control enhancements, along with contextualizing documentation and metadata. The root of the Control Catalog format is catalog.

    +

    The OSCAL Control Catalog format can be used to describe a collection of security controls and related control enhancements, along with contextualizing documentation and metadata. The root of the Control Catalog format is catalog.

    catalog
    @@ -22,10 +22,10 @@ Catalog - A collection of controls. + A structured, organized collection of control information. - Catalog: A collection of controls. + Catalog: A structured, organized collection of control information. Catalog Universally Unique Identifier - A globally unique identifier with cross-instance scope for this catalog instance. This UUID should be changed when this document is revised. + Provides a globally unique means to identify a given catalog instance. - Catalog Universally Unique Identifier: A globally unique identifier with cross-instance scope for this catalog instance. This UUID should be changed when this document is revised. + Catalog Universally Unique Identifier: Provides a globally unique means to identify a given catalog instance.
    @@ -86,7 +86,7 @@
    @@ -116,10 +116,10 @@ Group Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document. + Identifies the group for the purpose of cross-linking within the defining instance or from other instances that reference the catalog. - Group Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document. + Group Identifier: Identifies the group for the purpose of cross-linking within the defining instance or from other instances that reference the catalog. @@ -137,10 +137,10 @@ Control - A structured information object representing a security or privacy control. Each security or privacy control within the Catalog is defined by a distinct control instance. + A structured object representing a requirement or guideline, which when implemented will reduce an aspect of risk related to an information system and its information. - Control: A structured information object representing a security or privacy control. Each security or privacy control within the Catalog is defined by a distinct control instance. + Control: A structured object representing a requirement or guideline, which when implemented will reduce an aspect of risk related to an information system and its information. @@ -159,7 +159,7 @@ @@ -215,10 +215,10 @@ Control Identifier - A human-oriented, locally unique identifier with instance scope that can be used to reference this control elsewhere in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same control across revisions of the document. + Identifies a control such that it can be referenced in the defining catalog and other OSCAL instances (e.g., profiles). - Control Identifier: A human-oriented, locally unique identifier with instance scope that can be used to reference this control elsewhere in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same control across revisions of the document. + Control Identifier: Identifies a control such that it can be referenced in the defining catalog and other OSCAL instances (e.g., profiles). @@ -232,14 +232,14 @@ - + Part - A partition of a control's definition or a child of another part. + An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part. - Part: A partition of a control's definition or a child of another part. + Part: An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part. @@ -247,10 +247,10 @@ Part Title - A name given to the part, which may be used by a tool for display and navigation. + An optional name given to the part, which may be used by a tool for display and navigation. - Part Title: A name given to the part, which may be used by a tool for display and navigation. + Part Title: An optional name given to the part, which may be used by a tool for display and navigation. @@ -263,7 +263,7 @@ maxOccurs="unbounded"/> Part Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for the part. - Part Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Part Identifier: A unique identifier for the part. Part Name - A textual label that uniquely identifies the part's semantic type. + A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns. - Part Name: A textual label that uniquely identifies the part's semantic type. + Part Name: A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns. Part Namespace - A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. + An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. - Part Namespace: A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. + Part Namespace: An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. Part Class - A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs. - Part Class: A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + Part Class: An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs. - + Parameter @@ -350,10 +350,10 @@ Parameter Usage Description - Describes the purpose and use of a parameter + Describes the purpose and use of a parameter. - Parameter Usage Description: Describes the purpose and use of a parameter + Parameter Usage Description: Describes the purpose and use of a parameter. @@ -361,20 +361,20 @@ @@ -382,10 +382,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -396,41 +396,42 @@ Parameter Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for the parameter. - Parameter Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Parameter Identifier: A unique identifier for the parameter. Parameter Class - A textual label that provides a characterization of the parameter. + A textual label that provides a characterization of the type, purpose, use or scope of the parameter. - Parameter Class: A textual label that provides a characterization of the parameter. + Parameter Class: A textual label that provides a characterization of the type, purpose, use or scope of the parameter. Depends on - **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. + + (deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used. - Depends on: **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. + Depends on: (deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used. - + Constraint - A formal or informal expression of a constraint or test + A formal or informal expression of a constraint or test. - Constraint: A formal or informal expression of a constraint or test + Constraint: A formal or informal expression of a constraint or test. @@ -464,10 +465,10 @@ Constraint test - A formal (executable) expression of a constraint + A formal (executable) expression of a constraint. - Constraint test: A formal (executable) expression of a constraint + Constraint test: A formal (executable) expression of a constraint. @@ -476,10 +477,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -490,7 +491,7 @@ - + Guideline @@ -503,7 +504,7 @@
    - + Parameter Value @@ -514,14 +515,14 @@ - + Selection - Presenting a choice among alternatives + Presenting a choice among alternatives. - Selection: Presenting a choice among alternatives + Selection: Presenting a choice among alternatives. @@ -529,10 +530,10 @@ Choice - A value selection among several such options + A value selection among several such options. - Choice: A value selection among several such options + Choice: A value selection among several such options. @@ -551,7 +552,7 @@ - + Include All @@ -564,11 +565,11 @@ - Publication metadata - Provides information about the publication and availability of the containing document. + Document Metadata + Provides information about the containing document, and defines concepts that are shared across the document. - Publication metadata: Provides information about the publication and availability of the containing document. + Document Metadata: Provides information about the containing document, and defines concepts that are shared across the document. @@ -603,12 +604,82 @@ minOccurs="1" maxOccurs="1"/> + + + revisions + A group of 'revision' elements + + + revisions: A group of 'revision' elements + - + + + + + Revision History Entry + An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first). + + + Revision History Entry: An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first). + + + + + + + Document Title + A name given to the document revision, which may be used by a tool for display and navigation. + + + Document Title: A name given to the document revision, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + @@ -624,440 +695,370 @@ type="oscal-metadata-link-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - + - - - - - - - - - Revision History Entry - An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first). - - - Revision History Entry: An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first). - - - - - Document Title - A name given to the document revision, which may be used by a tool for display and navigation. + Role + Defines a function, which might be assigned to a party in a specific situation. - Document Title: A name given to the document revision, which may be used by a tool for display and navigation. + Role: Defines a function, which might be assigned to a party in a specific situation. - - - + + + + + + Role Title + A name given to the role, which may be used by a tool for display and navigation. + + + Role Title: A name given to the role, which may be used by a tool for display and navigation. + + + + + + + + + + + Role Short Name + A short common name, abbreviation, or acronym for the role. + + + Role Short Name: A short common name, abbreviation, or acronym for the role. + + + + + + + + + Role Description + A summary of the role's purpose and associated responsibilities. + + + Role Description: A summary of the role's purpose and associated responsibilities. + + + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Role Identifier + A unique identifier for the role. + + + Role Identifier: A unique identifier for the role. + + - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - + - - - - - - - - - Location - A location, with associated metadata that can be referenced. - - - Location: A location, with associated metadata that can be referenced. - - - - - Location Title - A name given to the location, which may be used by a tool for display and navigation. + Location + A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document. - Location Title: A name given to the location, which may be used by a tool for display and navigation. + Location: A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document. - - - - - - - - - - - - - Location URL - The uniform resource locator (URL) for a web site or Internet presence associated with the location. - - - Location URL: The uniform resource locator (URL) for a web site or Internet presence associated with the location. - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - - - + + + + + + Location Title + A name given to the location, which may be used by a tool for display and navigation. + + + Location Title: A name given to the location, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + Location URL + The uniform resource locator (URL) for a web site or other resource associated with the location. + + + Location URL: The uniform resource locator (URL) for a web site or other resource associated with the location. + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Location Universally Unique Identifier + A unique ID for the location, for reference. + + + Location Universally Unique Identifier: A unique ID for the location, for reference. + + - - - - - Location Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Location Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - - - - - Location Reference - A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - Location Reference: A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - - - - - Party (organization or person) - A responsible entity which is either a person or an organization. - - - Party (organization or person): A responsible entity which is either a person or an organization. - - - - - - - Party Name - The full name of the party. This is typically the legal name associated with the party. - - - Party Name: The full name of the party. This is typically the legal name associated with the party. - - - - - - - - - Party Short Name - A short common name, abbreviation, or acronym for the party. - - - Party Short Name: A short common name, abbreviation, or acronym for the party. - - - - - + - Party External Identifier - An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) + Party + An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document. - Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) + Party: An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document. - - - + + + - External Identifier Schema - Indicates the type of external identifier. + Party Name + The full name of the party. This is typically the legal name associated with the party. - External Identifier Schema: Indicates the type of external identifier. + Party Name: The full name of the party. This is typically the legal name associated with the party. - - - + + +
    + + + + + Party Short Name + A short common name, abbreviation, or acronym for the party. + + + Party Short Name: A short common name, abbreviation, or acronym for the party. + + + + + + + + + Party External Identifier + An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID). + + + Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID). + + + + + + + External Identifier Schema + Indicates the type of external identifier. + + + External Identifier Schema: Indicates the type of external identifier. + + + + + + + + + + + + + + + + + + + Organizational Affiliation + A reference to another party by UUID, typically an organization, that this subject is associated with. + + + Organizational Affiliation: A reference to another party by UUID, typically an organization, that this subject is associated with. + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Party Universally Unique Identifier + A unique identifier for the party. + + + Party Universally Unique Identifier: A unique identifier for the party. + + + + + + Party Type + A category describing the kind of party the object describes. + + + Party Type: A category describing the kind of party the object describes. + + - - - - - - - - - - - - - Organizational Affiliation - A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - Organizational Affiliation: A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - - Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. - - - - Party Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Party Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - - - - Party Type - A category describing the kind of party the object describes. - - - Party Type: A category describing the kind of party the object describes. - - - + - Party Reference - A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + Location Universally Unique Identifier Reference + Reference to a location by UUID. - Party Reference: A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + Location Universally Unique Identifier Reference: Reference to a location by UUID. - + - Role - Defines a function assumed or expected to be assumed by a party in a specific situation. + Party Universally Unique Identifier Reference + Reference to a party by UUID. - Role: Defines a function assumed or expected to be assumed by a party in a specific situation. + Party Universally Unique Identifier Reference: Reference to a party by UUID. - - - - - - Role Title - A name given to the role, which may be used by a tool for display and navigation. - - - Role Title: A name given to the role, which may be used by a tool for display and navigation. - - - - - - - - - - - Role Short Name - A short common name, abbreviation, or acronym for the role. - - - Role Short Name: A short common name, abbreviation, or acronym for the role. - - - - - - - - - Role Description - A summary of the role's purpose and associated responsibilities. - - - Role Description: A summary of the role's purpose and associated responsibilities. - - - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - - - - - - - - - - Role Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Role Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - + + Role Identifier Reference - A human-oriented identifier reference to roles served by the user. + Reference to a role by UUID. - Role Identifier Reference: A human-oriented identifier reference to roles served by the user. + Role Identifier Reference: Reference to a role by UUID. @@ -1065,10 +1066,10 @@ Back matter - A collection of resources, which may be included directly or by reference. + A collection of resources that may be referenced from within the OSCAL document instance. - Back matter: A collection of resources, which may be included directly or by reference. + Back matter: A collection of resources that may be referenced from within the OSCAL document instance. @@ -1076,10 +1077,10 @@ Resource - A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources. + A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources. - Resource: A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources. + Resource: A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources. @@ -1087,10 +1088,10 @@ Resource Title - A name given to the resource, which may be used by a tool for display and navigation. + An optional name given to the resource, which may be used by a tool for display and navigation. - Resource Title: A name given to the resource, which may be used by a tool for display and navigation. + Resource Title: An optional name given to the resource, which may be used by a tool for display and navigation. @@ -1102,10 +1103,10 @@ Resource Description - A short summary of the resource used to indicate the purpose of the resource. + An optional short summary of the resource used to indicate the purpose of the resource. - Resource Description: A short summary of the resource used to indicate the purpose of the resource. + Resource Description: An optional short summary of the resource used to indicate the purpose of the resource. @@ -1125,10 +1126,10 @@ Citation - A citation consisting of end note text and optional structured bibliographic data. + An optional citation consisting of end note text using structured markup. - Citation: A citation consisting of end note text and optional structured bibliographic data. + Citation: An optional citation consisting of end note text using structured markup. @@ -1162,10 +1163,10 @@ Resource link - A pointer to an external resource with an optional hash for verification and change detection. + A URL-based pointer to an external resource with an optional hash for verification and change detection. - Resource link: A pointer to an external resource with an optional hash for verification and change detection. + Resource link: A URL-based pointer to an external resource with an optional hash for verification and change detection. Hypertext Reference - A resolvable URI reference to a resource. + A resolvable URL pointing to the referenced resource. - Hypertext Reference: A resolvable URI reference to a resource. + Hypertext Reference: A resolvable URL pointing to the referenced resource. Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -1200,14 +1201,14 @@ Base64 - The Base64 alphabet in RFC 2045 - aligned with XSD. + A resource encoded using the Base64 alphabet defined by RFC 2045. - Base64: The Base64 alphabet in RFC 2045 - aligned with XSD. + Base64: A resource encoded using the Base64 alphabet defined by RFC 2045. - + File Name @@ -1221,10 +1222,10 @@ Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -1235,10 +1236,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1249,10 +1250,10 @@ Resource Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for a resource. - Resource Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Resource Universally Unique Identifier: A unique identifier for a resource. @@ -1263,20 +1264,20 @@ Property - An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values. + An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. - Property: An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values. + Property: An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1287,20 +1288,20 @@ Property Name - A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. + A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. - Property Name: A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. + Property Name: A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. Property Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for a property. - Property Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Property Universally Unique Identifier: A unique identifier for a property. @@ -1327,10 +1328,10 @@ Property Class - A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + A textual label that provides a sub-type or characterization of the property's name. - Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + Property Class: A textual label that provides a sub-type or characterization of the property's name. @@ -1348,10 +1349,10 @@ Link - A reference to a local or remote resource + A reference to a local or remote resource, that has a specific relation to the containing object. - Link: A reference to a local or remote resource + Link: A reference to a local or remote resource, that has a specific relation to the containing object. @@ -1383,21 +1384,21 @@ - Relation - Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. + Link Relation Type + Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose. - Relation: Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. + Link Relation Type: Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose. Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -1405,10 +1406,10 @@ Responsible Party - A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object. + A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object. - Responsible Party: A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object. + Responsible Party: A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1441,10 +1442,10 @@ Responsible Role - A human-oriented identifier reference to roles served by the user. + A reference to a role performed by a party. - Responsible Role: A human-oriented identifier reference to roles served by the user. + Responsible Role: A reference to a role performed by a party. @@ -1474,10 +1475,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1529,10 +1530,10 @@ Responsible Role - A reference to one or more roles with responsibility for performing a function relative to the containing object. + A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role. - Responsible Role: A reference to one or more roles with responsibility for performing a function relative to the containing object. + Responsible Role: A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1565,10 +1566,10 @@ Responsible Role ID - A human-oriented identifier reference to roles responsible for the business function. + A human-oriented identifier reference to a role performed. - Responsible Role ID: A human-oriented identifier reference to roles responsible for the business function. + Responsible Role ID: A human-oriented identifier reference to a role performed. @@ -1587,10 +1588,10 @@ Hash algorithm - Method by which a hash is derived + The digest method by which a hash is derived. - Hash algorithm: Method by which a hash is derived + Hash algorithm: The digest method by which a hash is derived. @@ -1600,10 +1601,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1613,10 +1614,10 @@ Publication Timestamp - The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last made available. - Publication Timestamp: The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + Publication Timestamp: The date and time the document was last made available. @@ -1624,10 +1625,10 @@ Last Modified Timestamp - The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last stored for later retrieval. - Last Modified Timestamp: The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + Last Modified Timestamp: The date and time the document was last stored for later retrieval. @@ -1635,21 +1636,21 @@ Document Version - A string used to distinguish the current version of the document from other previous (and future) versions. + Used to distinguish a specific revision of an OSCAL document from other previous and future versions. - Document Version: A string used to distinguish the current version of the document from other previous (and future) versions. + Document Version: Used to distinguish a specific revision of an OSCAL document from other previous and future versions. - OSCAL version - The OSCAL model version the document was authored against. + OSCAL Version + The OSCAL model version the document was authored against and will conform to as valid. - OSCAL version: The OSCAL model version the document was authored against. + OSCAL Version: The OSCAL model version the document was authored against and will conform to as valid. @@ -1657,10 +1658,10 @@ Email Address - An email address as defined by RFC 5322 Section 3.4.1. + An email address as defined by RFC 5322 Section 3.4.1. - Email Address: An email address as defined by RFC 5322 Section 3.4.1. + Email Address: An email address as defined by RFC 5322 Section 3.4.1. @@ -1668,10 +1669,10 @@ Telephone Number - Contact number by telephone. + A telephone service number as defined by ITU-T E.164. - Telephone Number: Contact number by telephone. + Telephone Number: A telephone service number as defined by ITU-T E.164. @@ -1720,10 +1721,10 @@ State - State, province or analogous geographical region for mailing address + State, province or analogous geographical region for a mailing address. - State: State, province or analogous geographical region for mailing address + State: State, province or analogous geographical region for a mailing address. @@ -1733,10 +1734,10 @@ Postal Code - Postal or ZIP code for mailing address + Postal or ZIP code for mailing address. - Postal Code: Postal or ZIP code for mailing address + Postal Code: Postal or ZIP code for mailing address. @@ -1781,10 +1782,10 @@ Document Identifier - A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + A document identifier qualified by an identifier scheme. - Document Identifier: A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + Document Identifier: A document identifier qualified by an identifier scheme. @@ -1792,10 +1793,10 @@ Document Identification Scheme - Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. + Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. - Document Identification Scheme: Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. + Document Identification Scheme: Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. @@ -1857,10 +1858,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1900,10 +1901,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1935,10 +1936,10 @@ Mapped Resource Reference - A reference to a back-matter resource that is either the source or target of a mapping. + A reference to a resource that is either the source or target of a mapping. - Mapped Resource Reference: A reference to a back-matter resource that is either the source or target of a mapping. + Mapped Resource Reference: A reference to a resource that is either the source or target of a mapping. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. diff --git a/xml/schema/oscal_complete_schema.xsd b/xml/schema/oscal_complete_schema.xsd index cbb4607978..6d999a5dab 100644 --- a/xml/schema/oscal_complete_schema.xsd +++ b/xml/schema/oscal_complete_schema.xsd @@ -29,10 +29,10 @@ Catalog - A collection of controls. + A structured, organized collection of control information. - Catalog: A collection of controls. + Catalog: A structured, organized collection of control information. Catalog Universally Unique Identifier - A globally unique identifier with cross-instance scope for this catalog instance. This UUID should be changed when this document is revised. + Provides a globally unique means to identify a given catalog instance. - Catalog Universally Unique Identifier: A globally unique identifier with cross-instance scope for this catalog instance. This UUID should be changed when this document is revised. + Catalog Universally Unique Identifier: Provides a globally unique means to identify a given catalog instance. @@ -93,7 +93,7 @@ @@ -123,10 +123,10 @@ Group Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document. + Identifies the group for the purpose of cross-linking within the defining instance or from other instances that reference the catalog. - Group Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document. + Group Identifier: Identifies the group for the purpose of cross-linking within the defining instance or from other instances that reference the catalog. @@ -144,10 +144,10 @@ Control - A structured information object representing a security or privacy control. Each security or privacy control within the Catalog is defined by a distinct control instance. + A structured object representing a requirement or guideline, which when implemented will reduce an aspect of risk related to an information system and its information. - Control: A structured information object representing a security or privacy control. Each security or privacy control within the Catalog is defined by a distinct control instance. + Control: A structured object representing a requirement or guideline, which when implemented will reduce an aspect of risk related to an information system and its information. @@ -166,7 +166,7 @@ @@ -222,10 +222,10 @@ Control Identifier - A human-oriented, locally unique identifier with instance scope that can be used to reference this control elsewhere in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same control across revisions of the document. + Identifies a control such that it can be referenced in the defining catalog and other OSCAL instances (e.g., profiles). - Control Identifier: A human-oriented, locally unique identifier with instance scope that can be used to reference this control elsewhere in this and other OSCAL instances (e.g., profiles). This id should be assigned per-subject, which means it should be consistently used to identify the same control across revisions of the document. + Control Identifier: Identifies a control such that it can be referenced in the defining catalog and other OSCAL instances (e.g., profiles). @@ -239,14 +239,14 @@ - + Part - A partition of a control's definition or a child of another part. + An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part. - Part: A partition of a control's definition or a child of another part. + Part: An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part. @@ -254,10 +254,10 @@ Part Title - A name given to the part, which may be used by a tool for display and navigation. + An optional name given to the part, which may be used by a tool for display and navigation. - Part Title: A name given to the part, which may be used by a tool for display and navigation. + Part Title: An optional name given to the part, which may be used by a tool for display and navigation. @@ -270,7 +270,7 @@ maxOccurs="unbounded"/> Part Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for the part. - Part Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Part Identifier: A unique identifier for the part. Part Name - A textual label that uniquely identifies the part's semantic type. + A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns. - Part Name: A textual label that uniquely identifies the part's semantic type. + Part Name: A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns. Part Namespace - A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. + An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. - Part Namespace: A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. + Part Namespace: An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. Part Class - A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs. - Part Class: A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + Part Class: An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs. - + Parameter @@ -357,10 +357,10 @@ Parameter Usage Description - Describes the purpose and use of a parameter + Describes the purpose and use of a parameter. - Parameter Usage Description: Describes the purpose and use of a parameter + Parameter Usage Description: Describes the purpose and use of a parameter. @@ -368,20 +368,20 @@ @@ -389,10 +389,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -403,41 +403,42 @@ Parameter Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for the parameter. - Parameter Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Parameter Identifier: A unique identifier for the parameter. Parameter Class - A textual label that provides a characterization of the parameter. + A textual label that provides a characterization of the type, purpose, use or scope of the parameter. - Parameter Class: A textual label that provides a characterization of the parameter. + Parameter Class: A textual label that provides a characterization of the type, purpose, use or scope of the parameter. Depends on - **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. + + (deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used. - Depends on: **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. + Depends on: (deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used. - + Constraint - A formal or informal expression of a constraint or test + A formal or informal expression of a constraint or test. - Constraint: A formal or informal expression of a constraint or test + Constraint: A formal or informal expression of a constraint or test. @@ -471,10 +472,10 @@ Constraint test - A formal (executable) expression of a constraint + A formal (executable) expression of a constraint. - Constraint test: A formal (executable) expression of a constraint + Constraint test: A formal (executable) expression of a constraint. @@ -483,10 +484,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -497,7 +498,7 @@ - + Guideline @@ -510,7 +511,7 @@ - + Parameter Value @@ -521,14 +522,14 @@ - + Selection - Presenting a choice among alternatives + Presenting a choice among alternatives. - Selection: Presenting a choice among alternatives + Selection: Presenting a choice among alternatives. @@ -536,10 +537,10 @@ Choice - A value selection among several such options + A value selection among several such options. - Choice: A value selection among several such options + Choice: A value selection among several such options. @@ -558,7 +559,7 @@ - + Include All @@ -571,11 +572,11 @@ - Publication metadata - Provides information about the publication and availability of the containing document. + Document Metadata + Provides information about the containing document, and defines concepts that are shared across the document. - Publication metadata: Provides information about the publication and availability of the containing document. + Document Metadata: Provides information about the containing document, and defines concepts that are shared across the document. @@ -610,12 +611,82 @@ minOccurs="1" maxOccurs="1"/> + + + revisions + A group of 'revision' elements + + + revisions: A group of 'revision' elements + - + + + + + Revision History Entry + An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first). + + + Revision History Entry: An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first). + + + + + + + Document Title + A name given to the document revision, which may be used by a tool for display and navigation. + + + Document Title: A name given to the document revision, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + @@ -631,440 +702,370 @@ type="oscal-metadata-link-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - + - - - - - - - - - Revision History Entry - An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first). - - - Revision History Entry: An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first). - - - - - Document Title - A name given to the document revision, which may be used by a tool for display and navigation. + Role + Defines a function, which might be assigned to a party in a specific situation. - Document Title: A name given to the document revision, which may be used by a tool for display and navigation. + Role: Defines a function, which might be assigned to a party in a specific situation. - - - + + + + + + Role Title + A name given to the role, which may be used by a tool for display and navigation. + + + Role Title: A name given to the role, which may be used by a tool for display and navigation. + + + + + + + + + + + Role Short Name + A short common name, abbreviation, or acronym for the role. + + + Role Short Name: A short common name, abbreviation, or acronym for the role. + + + + + + + + + Role Description + A summary of the role's purpose and associated responsibilities. + + + Role Description: A summary of the role's purpose and associated responsibilities. + + + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Role Identifier + A unique identifier for the role. + + + Role Identifier: A unique identifier for the role. + + - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - + - - - - - - - - - Location - A location, with associated metadata that can be referenced. - - - Location: A location, with associated metadata that can be referenced. - - - - - - - Location Title - A name given to the location, which may be used by a tool for display and navigation. - - - Location Title: A name given to the location, which may be used by a tool for display and navigation. - - - - - - - - - - - - Location URL - The uniform resource locator (URL) for a web site or Internet presence associated with the location. + Location + A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document. - Location URL: The uniform resource locator (URL) for a web site or Internet presence associated with the location. + Location: A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document. - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - - - + + + + + + Location Title + A name given to the location, which may be used by a tool for display and navigation. + + + Location Title: A name given to the location, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + Location URL + The uniform resource locator (URL) for a web site or other resource associated with the location. + + + Location URL: The uniform resource locator (URL) for a web site or other resource associated with the location. + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Location Universally Unique Identifier + A unique ID for the location, for reference. + + + Location Universally Unique Identifier: A unique ID for the location, for reference. + + - - - - - Location Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Location Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - - - - - Location Reference - A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - Location Reference: A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - - - - - Party (organization or person) - A responsible entity which is either a person or an organization. - - - Party (organization or person): A responsible entity which is either a person or an organization. - - - - - - - Party Name - The full name of the party. This is typically the legal name associated with the party. - - - Party Name: The full name of the party. This is typically the legal name associated with the party. - - - - - - - - - Party Short Name - A short common name, abbreviation, or acronym for the party. - - - Party Short Name: A short common name, abbreviation, or acronym for the party. - - - - - + - Party External Identifier - An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) + Party + An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document. - Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) + Party: An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document. - - - + + + - External Identifier Schema - Indicates the type of external identifier. + Party Name + The full name of the party. This is typically the legal name associated with the party. - External Identifier Schema: Indicates the type of external identifier. + Party Name: The full name of the party. This is typically the legal name associated with the party. - - - + + + + + + + + Party Short Name + A short common name, abbreviation, or acronym for the party. + + + Party Short Name: A short common name, abbreviation, or acronym for the party. + + + + + + + + + Party External Identifier + An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID). + + + Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID). + + + + + + + External Identifier Schema + Indicates the type of external identifier. + + + External Identifier Schema: Indicates the type of external identifier. + + + + + + + + + + + + + + + + + + + Organizational Affiliation + A reference to another party by UUID, typically an organization, that this subject is associated with. + + + Organizational Affiliation: A reference to another party by UUID, typically an organization, that this subject is associated with. + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Party Universally Unique Identifier + A unique identifier for the party. + + + Party Universally Unique Identifier: A unique identifier for the party. + + + + + + Party Type + A category describing the kind of party the object describes. + + + Party Type: A category describing the kind of party the object describes. + + - - - - - - - - - - - - - Organizational Affiliation - A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - Organizational Affiliation: A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - - Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. - - - - Party Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Party Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - - - - Party Type - A category describing the kind of party the object describes. - - - Party Type: A category describing the kind of party the object describes. - - - + - Party Reference - A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + Location Universally Unique Identifier Reference + Reference to a location by UUID. - Party Reference: A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + Location Universally Unique Identifier Reference: Reference to a location by UUID. - + - Role - Defines a function assumed or expected to be assumed by a party in a specific situation. + Party Universally Unique Identifier Reference + Reference to a party by UUID. - Role: Defines a function assumed or expected to be assumed by a party in a specific situation. + Party Universally Unique Identifier Reference: Reference to a party by UUID. - - - - - - Role Title - A name given to the role, which may be used by a tool for display and navigation. - - - Role Title: A name given to the role, which may be used by a tool for display and navigation. - - - - - - - - - - - Role Short Name - A short common name, abbreviation, or acronym for the role. - - - Role Short Name: A short common name, abbreviation, or acronym for the role. - - - - - - - - - Role Description - A summary of the role's purpose and associated responsibilities. - - - Role Description: A summary of the role's purpose and associated responsibilities. - - - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - - - - - - - - - - Role Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Role Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - + + Role Identifier Reference - A human-oriented identifier reference to roles served by the user. + Reference to a role by UUID. - Role Identifier Reference: A human-oriented identifier reference to roles served by the user. + Role Identifier Reference: Reference to a role by UUID. @@ -1072,10 +1073,10 @@ Back matter - A collection of resources, which may be included directly or by reference. + A collection of resources that may be referenced from within the OSCAL document instance. - Back matter: A collection of resources, which may be included directly or by reference. + Back matter: A collection of resources that may be referenced from within the OSCAL document instance. @@ -1083,10 +1084,10 @@ Resource - A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources. + A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources. - Resource: A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources. + Resource: A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources. @@ -1094,10 +1095,10 @@ Resource Title - A name given to the resource, which may be used by a tool for display and navigation. + An optional name given to the resource, which may be used by a tool for display and navigation. - Resource Title: A name given to the resource, which may be used by a tool for display and navigation. + Resource Title: An optional name given to the resource, which may be used by a tool for display and navigation. @@ -1109,10 +1110,10 @@ Resource Description - A short summary of the resource used to indicate the purpose of the resource. + An optional short summary of the resource used to indicate the purpose of the resource. - Resource Description: A short summary of the resource used to indicate the purpose of the resource. + Resource Description: An optional short summary of the resource used to indicate the purpose of the resource. @@ -1132,10 +1133,10 @@ Citation - A citation consisting of end note text and optional structured bibliographic data. + An optional citation consisting of end note text using structured markup. - Citation: A citation consisting of end note text and optional structured bibliographic data. + Citation: An optional citation consisting of end note text using structured markup. @@ -1169,10 +1170,10 @@ Resource link - A pointer to an external resource with an optional hash for verification and change detection. + A URL-based pointer to an external resource with an optional hash for verification and change detection. - Resource link: A pointer to an external resource with an optional hash for verification and change detection. + Resource link: A URL-based pointer to an external resource with an optional hash for verification and change detection. Hypertext Reference - A resolvable URI reference to a resource. + A resolvable URL pointing to the referenced resource. - Hypertext Reference: A resolvable URI reference to a resource. + Hypertext Reference: A resolvable URL pointing to the referenced resource. Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -1207,14 +1208,14 @@ Base64 - The Base64 alphabet in RFC 2045 - aligned with XSD. + A resource encoded using the Base64 alphabet defined by RFC 2045. - Base64: The Base64 alphabet in RFC 2045 - aligned with XSD. + Base64: A resource encoded using the Base64 alphabet defined by RFC 2045. - + File Name @@ -1228,10 +1229,10 @@ Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -1242,10 +1243,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1256,10 +1257,10 @@ Resource Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for a resource. - Resource Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Resource Universally Unique Identifier: A unique identifier for a resource. @@ -1270,20 +1271,20 @@ Property - An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values. + An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. - Property: An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values. + Property: An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1294,20 +1295,20 @@ Property Name - A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. + A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. - Property Name: A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. + Property Name: A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. Property Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for a property. - Property Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Property Universally Unique Identifier: A unique identifier for a property. @@ -1334,10 +1335,10 @@ Property Class - A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + A textual label that provides a sub-type or characterization of the property's name. - Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + Property Class: A textual label that provides a sub-type or characterization of the property's name. @@ -1355,10 +1356,10 @@ Link - A reference to a local or remote resource + A reference to a local or remote resource, that has a specific relation to the containing object. - Link: A reference to a local or remote resource + Link: A reference to a local or remote resource, that has a specific relation to the containing object. @@ -1390,21 +1391,21 @@ - Relation - Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. + Link Relation Type + Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose. - Relation: Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. + Link Relation Type: Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose. Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -1412,10 +1413,10 @@ Responsible Party - A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object. + A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object. - Responsible Party: A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object. + Responsible Party: A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1448,10 +1449,10 @@ Responsible Role - A human-oriented identifier reference to roles served by the user. + A reference to a role performed by a party. - Responsible Role: A human-oriented identifier reference to roles served by the user. + Responsible Role: A reference to a role performed by a party. @@ -1481,10 +1482,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1536,10 +1537,10 @@ Responsible Role - A reference to one or more roles with responsibility for performing a function relative to the containing object. + A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role. - Responsible Role: A reference to one or more roles with responsibility for performing a function relative to the containing object. + Responsible Role: A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1572,10 +1573,10 @@ Responsible Role ID - A human-oriented identifier reference to roles responsible for the business function. + A human-oriented identifier reference to a role performed. - Responsible Role ID: A human-oriented identifier reference to roles responsible for the business function. + Responsible Role ID: A human-oriented identifier reference to a role performed. @@ -1594,10 +1595,10 @@ Hash algorithm - Method by which a hash is derived + The digest method by which a hash is derived. - Hash algorithm: Method by which a hash is derived + Hash algorithm: The digest method by which a hash is derived. @@ -1607,10 +1608,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1620,10 +1621,10 @@ Publication Timestamp - The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last made available. - Publication Timestamp: The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + Publication Timestamp: The date and time the document was last made available. @@ -1631,10 +1632,10 @@ Last Modified Timestamp - The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last stored for later retrieval. - Last Modified Timestamp: The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + Last Modified Timestamp: The date and time the document was last stored for later retrieval. @@ -1642,21 +1643,21 @@ Document Version - A string used to distinguish the current version of the document from other previous (and future) versions. + Used to distinguish a specific revision of an OSCAL document from other previous and future versions. - Document Version: A string used to distinguish the current version of the document from other previous (and future) versions. + Document Version: Used to distinguish a specific revision of an OSCAL document from other previous and future versions. - OSCAL version - The OSCAL model version the document was authored against. + OSCAL Version + The OSCAL model version the document was authored against and will conform to as valid. - OSCAL version: The OSCAL model version the document was authored against. + OSCAL Version: The OSCAL model version the document was authored against and will conform to as valid. @@ -1664,10 +1665,10 @@ Email Address - An email address as defined by RFC 5322 Section 3.4.1. + An email address as defined by RFC 5322 Section 3.4.1. - Email Address: An email address as defined by RFC 5322 Section 3.4.1. + Email Address: An email address as defined by RFC 5322 Section 3.4.1. @@ -1675,10 +1676,10 @@ Telephone Number - Contact number by telephone. + A telephone service number as defined by ITU-T E.164. - Telephone Number: Contact number by telephone. + Telephone Number: A telephone service number as defined by ITU-T E.164. @@ -1727,10 +1728,10 @@ State - State, province or analogous geographical region for mailing address + State, province or analogous geographical region for a mailing address. - State: State, province or analogous geographical region for mailing address + State: State, province or analogous geographical region for a mailing address. @@ -1740,10 +1741,10 @@ Postal Code - Postal or ZIP code for mailing address + Postal or ZIP code for mailing address. - Postal Code: Postal or ZIP code for mailing address + Postal Code: Postal or ZIP code for mailing address. @@ -1788,10 +1789,10 @@ Document Identifier - A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + A document identifier qualified by an identifier scheme. - Document Identifier: A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + Document Identifier: A document identifier qualified by an identifier scheme. @@ -1799,10 +1800,10 @@ Document Identification Scheme - Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. + Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. - Document Identification Scheme: Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. + Document Identification Scheme: Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. @@ -1864,10 +1865,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1907,10 +1908,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1942,10 +1943,10 @@ Mapped Resource Reference - A reference to a back-matter resource that is either the source or target of a mapping. + A reference to a resource that is either the source or target of a mapping. - Mapped Resource Reference: A reference to a back-matter resource that is either the source or target of a mapping. + Mapped Resource Reference: A reference to a resource that is either the source or target of a mapping. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2066,10 +2067,10 @@ Profile - Each OSCAL profile is defined by a Profile element + Each OSCAL profile is defined by a profile element. - Profile: Each OSCAL profile is defined by a Profile element + Profile: Each OSCAL profile is defined by a profile element. Profile Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this profile elsewhere in this or other OSCAL instances. The locally defined UUID of the profile can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This identifier should be assigned per-subject, which means it should be consistently used to identify the same profile across revisions of the document. + Provides a globally unique means to identify a given profile instance. - Profile Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this profile elsewhere in this or other OSCAL instances. The locally defined UUID of the profile can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This identifier should be assigned per-subject, which means it should be consistently used to identify the same profile across revisions of the document. + Profile Universally Unique Identifier: Provides a globally unique means to identify a given profile instance. - Import resource - The import designates a catalog or profile to be included (referenced and potentially modified) by this profile. The import also identifies which controls to select using the include-all, include-controls, and exclude-controls directives. + Import Resource + Designates a referenced source catalog or profile that provides a source of control information for use in creating a new overlay or baseline. - Import resource: The import designates a catalog or profile to be included (referenced and potentially modified) by this profile. The import also identifies which controls to select using the include-all, include-controls, and exclude-controls directives. + Import Resource: Designates a referenced source catalog or profile that provides a source of control information for use in creating a new overlay or baseline. - Merge controls - A Merge element provides structuring directives that drive how controls are organized after resolution. + Merge Controls + Provides structuring directives that instruct how controls are organized after profile resolution. - Merge controls: A Merge element provides structuring directives that drive how controls are organized after resolution. + Merge Controls: Provides structuring directives that instruct how controls are organized after profile resolution. - Combination rule - A Combine element defines how to combine multiple (competing) versions of the same control. + Combination Rule + A Combine element defines how to resolve duplicate instances of the same control (e.g., controls with the same ID). - Combination rule: A Combine element defines how to combine multiple (competing) versions of the same control. + Combination Rule: A Combine element defines how to resolve duplicate instances of the same control (e.g., controls with the same ID). - Combination method - How clashing controls should be handled + Combination Method + Declare how clashing controls should be handled. - Combination method: How clashing controls should be handled + Combination Method: Declare how clashing controls should be handled. @@ -2177,11 +2178,11 @@ - Flat - Use the flat structuring method. + Flat Without Grouping + Directs that controls appear without any grouping structure. - Flat: Use the flat structuring method. + Flat Without Grouping: Directs that controls appear without any grouping structure. @@ -2189,11 +2190,11 @@ - As-Is Structuring Directive - An As-is element indicates that the controls should be structured in resolution as they are structured in their source catalogs. It does not contain any elements or attributes. + Group As-Is + Indicates that the controls selected should retain their original grouping as defined in the import source. - As-Is Structuring Directive: An As-is element indicates that the controls should be structured in resolution as they are structured in their source catalogs. It does not contain any elements or attributes. + Group As-Is: Indicates that the controls selected should retain their original grouping as defined in the import source. @@ -2202,11 +2203,11 @@ - Custom grouping - A Custom element frames a structure for embedding represented controls in resolution. + Custom Grouping + Provides an alternate grouping structure that selected controls will be placed in. - Custom grouping: A Custom element frames a structure for embedding represented controls in resolution. + Custom Grouping: Provides an alternate grouping structure that selected controls will be placed in. - Control group - A group of (selected) controls or of groups of controls + Control Group + A group of (selected) controls or of groups of controls. - Control group: A group of (selected) controls or of groups of controls + Control Group: A group of (selected) controls or of groups of controls. @@ -2238,10 +2239,10 @@ Group Title - A name given to the group, which may be used by a tool for display and navigation. + A name to be given to the group for use in display. - Group Title: A name given to the group, which may be used by a tool for display and navigation. + Group Title: A name to be given to the group for use in display. @@ -2249,7 +2250,7 @@ @@ -2279,10 +2280,10 @@ Group Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document. + Identifies the group. - Group Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document. + Group Identifier: Identifies the group. @@ -2299,11 +2300,11 @@ - Modify controls - Set parameters or amend controls in resolution + Modify Controls + Set parameters or amend controls in resolution. - Modify controls: Set parameters or amend controls in resolution + Modify Controls: Set parameters or amend controls in resolution. @@ -2311,10 +2312,10 @@ Parameter Setting - A parameter setting, to be propagated to points of insertion + A parameter setting, to be propagated to points of insertion. - Parameter Setting: A parameter setting, to be propagated to points of insertion + Parameter Setting: A parameter setting, to be propagated to points of insertion. Parameter Usage Description - Describes the purpose and use of a parameter + Describes the purpose and use of a parameter. - Parameter Usage Description: Describes the purpose and use of a parameter + Parameter Usage Description: Describes the purpose and use of a parameter. @@ -2356,20 +2357,20 @@ @@ -2378,10 +2379,10 @@ Parameter ID - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + An identifier for the parameter. - Parameter ID: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Parameter ID: An identifier for the parameter. @@ -2397,11 +2398,11 @@ - Depends on + Depends On **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. - Depends on: **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. + Depends On: **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. @@ -2411,10 +2412,10 @@ Alteration - An Alter element specifies changes to be made to an included control when a profile is resolved. + Specifies changes to be made to an included control when a profile is resolved. - Alteration: An Alter element specifies changes to be made to an included control when a profile is resolved. + Alteration: Specifies changes to be made to an included control when a profile is resolved. @@ -2431,10 +2432,10 @@ Reference by (assigned) name - Identify items to remove by matching their assigned name + Identify items remove by matching their assigned name. - Reference by (assigned) name: Identify items to remove by matching their assigned name + Reference by (assigned) name: Identify items remove by matching their assigned name. @@ -2461,11 +2462,10 @@ Item Name Reference - Identify items to remove by the name of the item's information element name, e.g. title or prop - + Identify items to remove by the name of the item's information object name, e.g. title or prop. - Item Name Reference: Identify items to remove by the name of the item's information element name, e.g. title or prop + Item Name Reference: Identify items to remove by the name of the item's information object name, e.g. title or prop. @@ -2485,10 +2485,10 @@ Addition - Specifies contents to be added into controls, in resolution + Specifies contents to be added into controls, in resolution. - Addition: Specifies contents to be added into controls, in resolution + Addition: Specifies contents to be added into controls, in resolution. @@ -2507,7 +2507,7 @@ @@ -2527,10 +2527,10 @@ Position - Where to add the new content with respect to the targeted element (beside it or inside it) + Where to add the new content with respect to the targeted element (beside it or inside it). - Position: Where to add the new content with respect to the targeted element (beside it or inside it) + Position: Where to add the new content with respect to the targeted element (beside it or inside it). @@ -2550,10 +2550,10 @@ Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). - Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + Control Identifier Reference: A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -2563,16 +2563,16 @@ - Select controls + Select Controls Specifies which controls to use in the containing context. - Select controls: Specifies which controls to use in the containing context. + Select Controls: Specifies which controls to use in the containing context. - Call - Call a control by its ID + Select Control + Select a control or controls from an imported control set. - Call: Call a control by its ID + Select Control: Select a control or controls from an imported control set. @@ -2611,10 +2611,10 @@ Match Controls by Identifier - + Selecting a control by its ID given as a literal. - Match Controls by Identifier: + Match Controls by Identifier: Selecting a control by its ID given as a literal. @@ -2624,10 +2624,10 @@ Match Controls by Pattern - Select controls by (regular expression) match on ID + Selecting a set of controls by matching their IDs with a wildcard pattern. - Match Controls by Pattern: Select controls by (regular expression) match on ID + Match Controls by Pattern: Selecting a set of controls by matching their IDs with a wildcard pattern. @@ -2645,11 +2645,11 @@ - Include contained controls with control + Include Contained Controls with Control When a control is included, whether its child (dependent) controls are also included. - Include contained controls with control: When a control is included, whether its child (dependent) controls are also included. + Include Contained Controls with Control: When a control is included, whether its child (dependent) controls are also included. @@ -2690,10 +2690,10 @@ Component Definition Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component definition elsewhere in this or other OSCAL instances. The locally defined UUID of the component definition can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Provides a globally unique means to identify a given component definition instance. - Component Definition Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component definition elsewhere in this or other OSCAL instances. The locally defined UUID of the component definition can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Component Definition Universally Unique Identifier: Provides a globally unique means to identify a given component definition instance. @@ -2796,10 +2796,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2810,10 +2810,10 @@ Component Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Provides a globally unique means to identify a given component. - Component Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Component Identifier: Provides a globally unique means to identify a given component. @@ -2872,10 +2872,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2886,10 +2886,10 @@ Capability Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this capability elsewhere in this or other OSCAL instances. The locally defined UUID of the capability can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Provides a globally unique means to identify a given capability. - Capability Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this capability elsewhere in this or other OSCAL instances. The locally defined UUID of the capability can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Capability Identifier: Provides a globally unique means to identify a given capability. @@ -2907,10 +2907,10 @@ Incorporates Component - TBD + The collection of components comprising this capability. - Incorporates Component: TBD + Incorporates Component: The collection of components comprising this capability. @@ -2986,10 +2986,10 @@ Control Implementation Set Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a set of implemented controls elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation set can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Provides a means to identify a set of control implementations that are supported by a given component or capability. - Control Implementation Set Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a set of implemented controls elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation set can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Control Implementation Set Identifier: Provides a means to identify a set of control implementations that are supported by a given component or capability. @@ -3018,10 +3018,10 @@ Control Implementation Description - A suggestion for how the specified control may be implemented if the containing component or capability is instantiated in a system security plan. + A suggestion from the supplier (e.g., component vendor or author) for how the specified control may be implemented if the containing component or capability is instantiated in a system security plan. - Control Implementation Description: A suggestion for how the specified control may be implemented if the containing component or capability is instantiated in a system security plan. + Control Implementation Description: A suggestion from the supplier (e.g., component vendor or author) for how the specified control may be implemented if the containing component or capability is instantiated in a system security plan. @@ -3052,10 +3052,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3066,20 +3066,20 @@ Control Implementation Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a specific control implementation elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Provides a globally unique means to identify a given control implementation by a component. - Control Implementation Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a specific control implementation elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Control Implementation Identifier: Provides a globally unique means to identify a given control implementation by a component. Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). - Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + Control Identifier Reference: A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -3124,10 +3124,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3233,10 +3233,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3267,10 +3267,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3403,10 +3403,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3497,10 +3497,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3639,10 +3639,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3665,10 +3665,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3713,10 +3713,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3820,10 +3820,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3953,10 +3953,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4238,10 +4238,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4311,10 +4311,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4374,10 +4374,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4436,10 +4436,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4488,10 +4488,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4572,10 +4572,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4610,10 +4610,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4694,10 +4694,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4718,10 +4718,10 @@ Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). - Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + Control Identifier Reference: A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -4755,10 +4755,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4903,10 +4903,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4967,10 +4967,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -5003,10 +5003,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -5118,10 +5118,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -5158,10 +5158,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -5243,10 +5243,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -5319,10 +5319,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -5374,17 +5374,17 @@ minOccurs="0" maxOccurs="unbounded"/> Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -5395,10 +5395,10 @@ Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). - Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + Control Identifier Reference: A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -5443,10 +5443,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -5573,10 +5573,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -5607,10 +5607,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -5793,10 +5793,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -5850,10 +5850,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -5884,10 +5884,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -5984,7 +5984,7 @@ maxOccurs="unbounded"/> Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -6050,7 +6050,7 @@ maxOccurs="unbounded"/> Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -6082,10 +6082,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -6121,10 +6121,10 @@ Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). - Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + Control Identifier Reference: A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -6207,10 +6207,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -6263,7 +6263,7 @@ maxOccurs="unbounded"/> Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -6322,10 +6322,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -6390,10 +6390,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -6496,10 +6496,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -6522,10 +6522,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -6609,10 +6609,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -6649,10 +6649,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -6800,10 +6800,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -6852,10 +6852,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -7001,10 +7001,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -7334,10 +7334,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -7360,10 +7360,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -7505,10 +7505,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -7658,10 +7658,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -7688,10 +7688,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -7841,10 +7841,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -8105,10 +8105,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -8146,10 +8146,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -8284,10 +8284,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -8319,10 +8319,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -8422,10 +8422,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -8547,10 +8547,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. diff --git a/xml/schema/oscal_component_schema.xsd b/xml/schema/oscal_component_schema.xsd index bb681ba11c..5d2fcf812c 100644 --- a/xml/schema/oscal_component_schema.xsd +++ b/xml/schema/oscal_component_schema.xsd @@ -12,9 +12,11 @@ 1.0.4 oscal-component-definition -

    The OSCAL Component Definition Model can be used to describe the implementation of controls in a component or a set of components grouped as a capability. A component can be either a technical component, or a documentary component. A technical component is a component that is implemented in hardware (physical or virtual) or software. A documentary component is a component implemented in a document, such as a process, procedure, or policy.

    -

    The root of the OSCAL Implementation Component format is component-definition.

    -

    NOTE: This documentation is a work in progress. As a result, documentation for many of the information elements is missing or incomplete.

    +

    The OSCAL Component Definition Model can be used to describe the implementation of controls in a component or a set of components grouped as a capability. A component can be either a technical component, or a documentary component.

    +

    A technical component is a component that is implemented in hardware (physical or virtual) or software. Suppliers may document components in an OSCAL component definition that describes the implementation of controls in their hardware and software.

    +

    A documentary component is a component implemented for a documented process, procedure, or policy. Suppliers may document components in an OSCAL component definition that describes the implementation of controls in their process, procedure, or policy.

    +

    The information provided by a technical or documentary component can be used by component consumers to provide starting narratives for documenting control implementations in an OSCAL SSP.

    +

    The root of the OSCAL Implementation Layer Component Definition model is component-definition.

    component-definition @@ -56,10 +58,10 @@ Component Definition Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component definition elsewhere in this or other OSCAL instances. The locally defined UUID of the component definition can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Provides a globally unique means to identify a given component definition instance. - Component Definition Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component definition elsewhere in this or other OSCAL instances. The locally defined UUID of the component definition can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Component Definition Universally Unique Identifier: Provides a globally unique means to identify a given component definition instance.
    @@ -162,10 +164,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -176,10 +178,10 @@ Component Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Provides a globally unique means to identify a given component. - Component Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Component Identifier: Provides a globally unique means to identify a given component. @@ -238,10 +240,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -252,10 +254,10 @@ Capability Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this capability elsewhere in this or other OSCAL instances. The locally defined UUID of the capability can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Provides a globally unique means to identify a given capability. - Capability Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this capability elsewhere in this or other OSCAL instances. The locally defined UUID of the capability can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Capability Identifier: Provides a globally unique means to identify a given capability. @@ -273,10 +275,10 @@ Incorporates Component - TBD + The collection of components comprising this capability. - Incorporates Component: TBD + Incorporates Component: The collection of components comprising this capability. @@ -352,10 +354,10 @@ Control Implementation Set Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a set of implemented controls elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation set can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Provides a means to identify a set of control implementations that are supported by a given component or capability. - Control Implementation Set Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a set of implemented controls elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation set can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Control Implementation Set Identifier: Provides a means to identify a set of control implementations that are supported by a given component or capability. @@ -384,10 +386,10 @@ Control Implementation Description - A suggestion for how the specified control may be implemented if the containing component or capability is instantiated in a system security plan. + A suggestion from the supplier (e.g., component vendor or author) for how the specified control may be implemented if the containing component or capability is instantiated in a system security plan. - Control Implementation Description: A suggestion for how the specified control may be implemented if the containing component or capability is instantiated in a system security plan. + Control Implementation Description: A suggestion from the supplier (e.g., component vendor or author) for how the specified control may be implemented if the containing component or capability is instantiated in a system security plan. @@ -418,10 +420,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -432,20 +434,20 @@ Control Implementation Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a specific control implementation elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Provides a globally unique means to identify a given control implementation by a component. - Control Implementation Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference a specific control implementation elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Control Implementation Identifier: Provides a globally unique means to identify a given control implementation by a component. Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). - Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + Control Identifier Reference: A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -490,10 +492,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -599,10 +601,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -633,10 +635,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -769,10 +771,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -863,10 +865,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1005,10 +1007,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1031,10 +1033,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1079,10 +1081,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1127,11 +1129,11 @@ - Publication metadata - Provides information about the publication and availability of the containing document. + Document Metadata + Provides information about the containing document, and defines concepts that are shared across the document. - Publication metadata: Provides information about the publication and availability of the containing document. + Document Metadata: Provides information about the containing document, and defines concepts that are shared across the document. @@ -1166,12 +1168,82 @@ minOccurs="1" maxOccurs="1"/> + + + revisions + A group of 'revision' elements + + + revisions: A group of 'revision' elements + - + + + + + Revision History Entry + An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first). + + + Revision History Entry: An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first). + + + + + + + Document Title + A name given to the document revision, which may be used by a tool for display and navigation. + + + Document Title: A name given to the document revision, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + @@ -1187,440 +1259,370 @@ type="oscal-metadata-link-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - + - - - - - - - - - Revision History Entry - An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first). - - - Revision History Entry: An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first). - - - - - Document Title - A name given to the document revision, which may be used by a tool for display and navigation. + Role + Defines a function, which might be assigned to a party in a specific situation. - Document Title: A name given to the document revision, which may be used by a tool for display and navigation. + Role: Defines a function, which might be assigned to a party in a specific situation. - - - + + + + + + Role Title + A name given to the role, which may be used by a tool for display and navigation. + + + Role Title: A name given to the role, which may be used by a tool for display and navigation. + + + + + + + + + + + Role Short Name + A short common name, abbreviation, or acronym for the role. + + + Role Short Name: A short common name, abbreviation, or acronym for the role. + + + + + + + + + Role Description + A summary of the role's purpose and associated responsibilities. + + + Role Description: A summary of the role's purpose and associated responsibilities. + + + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Role Identifier + A unique identifier for the role. + + + Role Identifier: A unique identifier for the role. + + - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - + - - - - - - - - - Location - A location, with associated metadata that can be referenced. - - - Location: A location, with associated metadata that can be referenced. - - - - - - - Location Title - A name given to the location, which may be used by a tool for display and navigation. - - - Location Title: A name given to the location, which may be used by a tool for display and navigation. - - - - - - - - - - - - Location URL - The uniform resource locator (URL) for a web site or Internet presence associated with the location. + Location + A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document. - Location URL: The uniform resource locator (URL) for a web site or Internet presence associated with the location. + Location: A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document. - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - - - + + + + + + Location Title + A name given to the location, which may be used by a tool for display and navigation. + + + Location Title: A name given to the location, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + Location URL + The uniform resource locator (URL) for a web site or other resource associated with the location. + + + Location URL: The uniform resource locator (URL) for a web site or other resource associated with the location. + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Location Universally Unique Identifier + A unique ID for the location, for reference. + + + Location Universally Unique Identifier: A unique ID for the location, for reference. + + - - - - - Location Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Location Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - - - - - Location Reference - A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - Location Reference: A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - - - - - Party (organization or person) - A responsible entity which is either a person or an organization. - - - Party (organization or person): A responsible entity which is either a person or an organization. - - - - - - - Party Name - The full name of the party. This is typically the legal name associated with the party. - - - Party Name: The full name of the party. This is typically the legal name associated with the party. - - - - - - - - - Party Short Name - A short common name, abbreviation, or acronym for the party. - - - Party Short Name: A short common name, abbreviation, or acronym for the party. - - - - - + - Party External Identifier - An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) + Party + An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document. - Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) + Party: An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document. - - - + + + + + + Party Name + The full name of the party. This is typically the legal name associated with the party. + + + Party Name: The full name of the party. This is typically the legal name associated with the party. + + + + + + + + + Party Short Name + A short common name, abbreviation, or acronym for the party. + + + Party Short Name: A short common name, abbreviation, or acronym for the party. + + + + + + + + + Party External Identifier + An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID). + + + Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID). + + + + + + + External Identifier Schema + Indicates the type of external identifier. + + + External Identifier Schema: Indicates the type of external identifier. + + + + + + + + + + + + + + + + - External Identifier Schema - Indicates the type of external identifier. + Organizational Affiliation + A reference to another party by UUID, typically an organization, that this subject is associated with. - External Identifier Schema: Indicates the type of external identifier. + Organizational Affiliation: A reference to another party by UUID, typically an organization, that this subject is associated with. - - - + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Party Universally Unique Identifier + A unique identifier for the party. + + + Party Universally Unique Identifier: A unique identifier for the party. + + + + + + Party Type + A category describing the kind of party the object describes. + + + Party Type: A category describing the kind of party the object describes. + +
    - - - - - - - - - - - - - Organizational Affiliation - A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - Organizational Affiliation: A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - - Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object.
    - - - - Party Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Party Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - - - - Party Type - A category describing the kind of party the object describes. - - - Party Type: A category describing the kind of party the object describes. - - - + - Party Reference - A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + Location Universally Unique Identifier Reference + Reference to a location by UUID. - Party Reference: A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + Location Universally Unique Identifier Reference: Reference to a location by UUID. - + - Role - Defines a function assumed or expected to be assumed by a party in a specific situation. + Party Universally Unique Identifier Reference + Reference to a party by UUID. - Role: Defines a function assumed or expected to be assumed by a party in a specific situation. + Party Universally Unique Identifier Reference: Reference to a party by UUID. - - - - - - Role Title - A name given to the role, which may be used by a tool for display and navigation. - - - Role Title: A name given to the role, which may be used by a tool for display and navigation. - - - - - - - - - - - Role Short Name - A short common name, abbreviation, or acronym for the role. - - - Role Short Name: A short common name, abbreviation, or acronym for the role. - - - - - - - - - Role Description - A summary of the role's purpose and associated responsibilities. - - - Role Description: A summary of the role's purpose and associated responsibilities. - - - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - - - - - - - - - - Role Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Role Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - + + Role Identifier Reference - A human-oriented identifier reference to roles served by the user. + Reference to a role by UUID. - Role Identifier Reference: A human-oriented identifier reference to roles served by the user. + Role Identifier Reference: Reference to a role by UUID. @@ -1628,10 +1630,10 @@ Back matter - A collection of resources, which may be included directly or by reference. + A collection of resources that may be referenced from within the OSCAL document instance. - Back matter: A collection of resources, which may be included directly or by reference. + Back matter: A collection of resources that may be referenced from within the OSCAL document instance. @@ -1639,10 +1641,10 @@ Resource - A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources. + A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources. - Resource: A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources. + Resource: A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources. @@ -1650,10 +1652,10 @@ Resource Title - A name given to the resource, which may be used by a tool for display and navigation. + An optional name given to the resource, which may be used by a tool for display and navigation. - Resource Title: A name given to the resource, which may be used by a tool for display and navigation. + Resource Title: An optional name given to the resource, which may be used by a tool for display and navigation. @@ -1665,10 +1667,10 @@ Resource Description - A short summary of the resource used to indicate the purpose of the resource. + An optional short summary of the resource used to indicate the purpose of the resource. - Resource Description: A short summary of the resource used to indicate the purpose of the resource. + Resource Description: An optional short summary of the resource used to indicate the purpose of the resource. @@ -1688,10 +1690,10 @@ Citation - A citation consisting of end note text and optional structured bibliographic data. + An optional citation consisting of end note text using structured markup. - Citation: A citation consisting of end note text and optional structured bibliographic data. + Citation: An optional citation consisting of end note text using structured markup. @@ -1725,10 +1727,10 @@ Resource link - A pointer to an external resource with an optional hash for verification and change detection. + A URL-based pointer to an external resource with an optional hash for verification and change detection. - Resource link: A pointer to an external resource with an optional hash for verification and change detection. + Resource link: A URL-based pointer to an external resource with an optional hash for verification and change detection. Hypertext Reference - A resolvable URI reference to a resource. + A resolvable URL pointing to the referenced resource. - Hypertext Reference: A resolvable URI reference to a resource. + Hypertext Reference: A resolvable URL pointing to the referenced resource. Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -1763,14 +1765,14 @@ Base64 - The Base64 alphabet in RFC 2045 - aligned with XSD. + A resource encoded using the Base64 alphabet defined by RFC 2045. - Base64: The Base64 alphabet in RFC 2045 - aligned with XSD. + Base64: A resource encoded using the Base64 alphabet defined by RFC 2045. - + File Name @@ -1784,10 +1786,10 @@ Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -1798,10 +1800,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1812,10 +1814,10 @@ Resource Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for a resource. - Resource Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Resource Universally Unique Identifier: A unique identifier for a resource. @@ -1826,20 +1828,20 @@ Property - An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values. + An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. - Property: An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values. + Property: An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1850,20 +1852,20 @@ Property Name - A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. + A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. - Property Name: A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. + Property Name: A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. Property Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for a property. - Property Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Property Universally Unique Identifier: A unique identifier for a property. @@ -1890,10 +1892,10 @@ Property Class - A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + A textual label that provides a sub-type or characterization of the property's name. - Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + Property Class: A textual label that provides a sub-type or characterization of the property's name. @@ -1911,10 +1913,10 @@ Link - A reference to a local or remote resource + A reference to a local or remote resource, that has a specific relation to the containing object. - Link: A reference to a local or remote resource + Link: A reference to a local or remote resource, that has a specific relation to the containing object. @@ -1946,21 +1948,21 @@ - Relation - Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. + Link Relation Type + Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose. - Relation: Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. + Link Relation Type: Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose. Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -1968,10 +1970,10 @@ Responsible Party - A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object. + A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object. - Responsible Party: A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object. + Responsible Party: A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2004,10 +2006,10 @@ Responsible Role - A human-oriented identifier reference to roles served by the user. + A reference to a role performed by a party. - Responsible Role: A human-oriented identifier reference to roles served by the user. + Responsible Role: A reference to a role performed by a party. @@ -2037,10 +2039,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2092,10 +2094,10 @@ Responsible Role - A reference to one or more roles with responsibility for performing a function relative to the containing object. + A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role. - Responsible Role: A reference to one or more roles with responsibility for performing a function relative to the containing object. + Responsible Role: A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2128,10 +2130,10 @@ Responsible Role ID - A human-oriented identifier reference to roles responsible for the business function. + A human-oriented identifier reference to a role performed. - Responsible Role ID: A human-oriented identifier reference to roles responsible for the business function. + Responsible Role ID: A human-oriented identifier reference to a role performed. @@ -2150,10 +2152,10 @@ Hash algorithm - Method by which a hash is derived + The digest method by which a hash is derived. - Hash algorithm: Method by which a hash is derived + Hash algorithm: The digest method by which a hash is derived. @@ -2163,10 +2165,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2176,10 +2178,10 @@ Publication Timestamp - The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last made available. - Publication Timestamp: The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + Publication Timestamp: The date and time the document was last made available. @@ -2187,10 +2189,10 @@ Last Modified Timestamp - The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last stored for later retrieval. - Last Modified Timestamp: The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + Last Modified Timestamp: The date and time the document was last stored for later retrieval. @@ -2198,21 +2200,21 @@ Document Version - A string used to distinguish the current version of the document from other previous (and future) versions. + Used to distinguish a specific revision of an OSCAL document from other previous and future versions. - Document Version: A string used to distinguish the current version of the document from other previous (and future) versions. + Document Version: Used to distinguish a specific revision of an OSCAL document from other previous and future versions. - OSCAL version - The OSCAL model version the document was authored against. + OSCAL Version + The OSCAL model version the document was authored against and will conform to as valid. - OSCAL version: The OSCAL model version the document was authored against. + OSCAL Version: The OSCAL model version the document was authored against and will conform to as valid. @@ -2220,10 +2222,10 @@ Email Address - An email address as defined by RFC 5322 Section 3.4.1. + An email address as defined by RFC 5322 Section 3.4.1. - Email Address: An email address as defined by RFC 5322 Section 3.4.1. + Email Address: An email address as defined by RFC 5322 Section 3.4.1. @@ -2231,10 +2233,10 @@ Telephone Number - Contact number by telephone. + A telephone service number as defined by ITU-T E.164. - Telephone Number: Contact number by telephone. + Telephone Number: A telephone service number as defined by ITU-T E.164. @@ -2283,10 +2285,10 @@ State - State, province or analogous geographical region for mailing address + State, province or analogous geographical region for a mailing address. - State: State, province or analogous geographical region for mailing address + State: State, province or analogous geographical region for a mailing address. @@ -2296,10 +2298,10 @@ Postal Code - Postal or ZIP code for mailing address + Postal or ZIP code for mailing address. - Postal Code: Postal or ZIP code for mailing address + Postal Code: Postal or ZIP code for mailing address. @@ -2344,10 +2346,10 @@ Document Identifier - A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + A document identifier qualified by an identifier scheme. - Document Identifier: A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + Document Identifier: A document identifier qualified by an identifier scheme. @@ -2355,23 +2357,23 @@ Document Identification Scheme - Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. + Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. - Document Identification Scheme: Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. + Document Identification Scheme: Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. - + Part - A partition of a control's definition or a child of another part. + An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part. - Part: A partition of a control's definition or a child of another part. + Part: An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part. @@ -2379,10 +2381,10 @@ Part Title - A name given to the part, which may be used by a tool for display and navigation. + An optional name given to the part, which may be used by a tool for display and navigation. - Part Title: A name given to the part, which may be used by a tool for display and navigation. + Part Title: An optional name given to the part, which may be used by a tool for display and navigation. @@ -2395,7 +2397,7 @@ maxOccurs="unbounded"/> Part Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for the part. - Part Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Part Identifier: A unique identifier for the part. Part Name - A textual label that uniquely identifies the part's semantic type. + A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns. - Part Name: A textual label that uniquely identifies the part's semantic type. + Part Name: A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns. Part Namespace - A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. + An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. - Part Namespace: A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. + Part Namespace: An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. Part Class - A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs. - Part Class: A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + Part Class: An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs. - + Parameter @@ -2482,10 +2484,10 @@ Parameter Usage Description - Describes the purpose and use of a parameter + Describes the purpose and use of a parameter. - Parameter Usage Description: Describes the purpose and use of a parameter + Parameter Usage Description: Describes the purpose and use of a parameter. @@ -2493,20 +2495,20 @@ @@ -2514,10 +2516,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2528,41 +2530,42 @@ Parameter Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for the parameter. - Parameter Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Parameter Identifier: A unique identifier for the parameter. Parameter Class - A textual label that provides a characterization of the parameter. + A textual label that provides a characterization of the type, purpose, use or scope of the parameter. - Parameter Class: A textual label that provides a characterization of the parameter. + Parameter Class: A textual label that provides a characterization of the type, purpose, use or scope of the parameter. Depends on - **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. + + (deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used. - Depends on: **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. + Depends on: (deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used. - + Constraint - A formal or informal expression of a constraint or test + A formal or informal expression of a constraint or test. - Constraint: A formal or informal expression of a constraint or test + Constraint: A formal or informal expression of a constraint or test. @@ -2596,10 +2599,10 @@ Constraint test - A formal (executable) expression of a constraint + A formal (executable) expression of a constraint. - Constraint test: A formal (executable) expression of a constraint + Constraint test: A formal (executable) expression of a constraint. @@ -2608,10 +2611,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2622,7 +2625,7 @@ - + Guideline @@ -2635,7 +2638,7 @@ - + Parameter Value @@ -2646,14 +2649,14 @@ - + Selection - Presenting a choice among alternatives + Presenting a choice among alternatives. - Selection: Presenting a choice among alternatives + Selection: Presenting a choice among alternatives. @@ -2661,10 +2664,10 @@ Choice - A value selection among several such options + A value selection among several such options. - Choice: A value selection among several such options + Choice: A value selection among several such options. @@ -2683,7 +2686,7 @@ - + Include All diff --git a/xml/schema/oscal_mapping_schema.xsd b/xml/schema/oscal_mapping_schema.xsd index ba93103230..954b4239c2 100644 --- a/xml/schema/oscal_mapping_schema.xsd +++ b/xml/schema/oscal_mapping_schema.xsd @@ -90,11 +90,11 @@ - Publication metadata - Provides information about the publication and availability of the containing document. + Document Metadata + Provides information about the containing document, and defines concepts that are shared across the document. - Publication metadata: Provides information about the publication and availability of the containing document. + Document Metadata: Provides information about the containing document, and defines concepts that are shared across the document. @@ -129,12 +129,82 @@ minOccurs="1" maxOccurs="1"/> + + + revisions + A group of 'revision' elements + + + revisions: A group of 'revision' elements + - + + + + + Revision History Entry + An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first). + + + Revision History Entry: An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first). + + + + + + + Document Title + A name given to the document revision, which may be used by a tool for display and navigation. + + + Document Title: A name given to the document revision, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + @@ -150,440 +220,370 @@ type="oscal-metadata-link-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - + - - - - - - - - - Revision History Entry - An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first). - - - Revision History Entry: An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first). - - - - - Document Title - A name given to the document revision, which may be used by a tool for display and navigation. + Role + Defines a function, which might be assigned to a party in a specific situation. - Document Title: A name given to the document revision, which may be used by a tool for display and navigation. + Role: Defines a function, which might be assigned to a party in a specific situation. - - - + + + + + + Role Title + A name given to the role, which may be used by a tool for display and navigation. + + + Role Title: A name given to the role, which may be used by a tool for display and navigation. + + + + + + + + + + + Role Short Name + A short common name, abbreviation, or acronym for the role. + + + Role Short Name: A short common name, abbreviation, or acronym for the role. + + + + + + + + + Role Description + A summary of the role's purpose and associated responsibilities. + + + Role Description: A summary of the role's purpose and associated responsibilities. + + + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Role Identifier + A unique identifier for the role. + + + Role Identifier: A unique identifier for the role. + + - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - + - - - - - - - - - Location - A location, with associated metadata that can be referenced. - - - Location: A location, with associated metadata that can be referenced. - - - - - Location Title - A name given to the location, which may be used by a tool for display and navigation. + Location + A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document. - Location Title: A name given to the location, which may be used by a tool for display and navigation. + Location: A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document. - - - - - - - - - - - - - Location URL - The uniform resource locator (URL) for a web site or Internet presence associated with the location. - - - Location URL: The uniform resource locator (URL) for a web site or Internet presence associated with the location. - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - - - + + + + + + Location Title + A name given to the location, which may be used by a tool for display and navigation. + + + Location Title: A name given to the location, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + Location URL + The uniform resource locator (URL) for a web site or other resource associated with the location. + + + Location URL: The uniform resource locator (URL) for a web site or other resource associated with the location. + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Location Universally Unique Identifier + A unique ID for the location, for reference. + + + Location Universally Unique Identifier: A unique ID for the location, for reference. + + - - - - - Location Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Location Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - - - - - Location Reference - A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - Location Reference: A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - - - - - Party (organization or person) - A responsible entity which is either a person or an organization. - - - Party (organization or person): A responsible entity which is either a person or an organization. - - - - - - - Party Name - The full name of the party. This is typically the legal name associated with the party. - - - Party Name: The full name of the party. This is typically the legal name associated with the party. - - - - - - - - - Party Short Name - A short common name, abbreviation, or acronym for the party. - - - Party Short Name: A short common name, abbreviation, or acronym for the party. - - - - - + - Party External Identifier - An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) + Party + An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document. - Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) + Party: An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document. - - - + + + - External Identifier Schema - Indicates the type of external identifier. + Party Name + The full name of the party. This is typically the legal name associated with the party. - External Identifier Schema: Indicates the type of external identifier. + Party Name: The full name of the party. This is typically the legal name associated with the party. - - - + + + + + + + + Party Short Name + A short common name, abbreviation, or acronym for the party. + + + Party Short Name: A short common name, abbreviation, or acronym for the party. + + + + + + + + + Party External Identifier + An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID). + + + Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID). + + + + + + + External Identifier Schema + Indicates the type of external identifier. + + + External Identifier Schema: Indicates the type of external identifier. + + + + + + + + + + + + + + + + + + + Organizational Affiliation + A reference to another party by UUID, typically an organization, that this subject is associated with. + + + Organizational Affiliation: A reference to another party by UUID, typically an organization, that this subject is associated with. + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Party Universally Unique Identifier + A unique identifier for the party. + + + Party Universally Unique Identifier: A unique identifier for the party. + + + + + + Party Type + A category describing the kind of party the object describes. + + + Party Type: A category describing the kind of party the object describes. + +
    - - - - - - - - - - - - - Organizational Affiliation - A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - Organizational Affiliation: A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - - Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. - - - - Party Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Party Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - - - - Party Type - A category describing the kind of party the object describes. - - - Party Type: A category describing the kind of party the object describes. - - - + - Party Reference - A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + Location Universally Unique Identifier Reference + Reference to a location by UUID. - Party Reference: A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + Location Universally Unique Identifier Reference: Reference to a location by UUID. - + - Role - Defines a function assumed or expected to be assumed by a party in a specific situation. + Party Universally Unique Identifier Reference + Reference to a party by UUID. - Role: Defines a function assumed or expected to be assumed by a party in a specific situation. + Party Universally Unique Identifier Reference: Reference to a party by UUID. - - - - - - Role Title - A name given to the role, which may be used by a tool for display and navigation. - - - Role Title: A name given to the role, which may be used by a tool for display and navigation. - - - - - - - - - - - Role Short Name - A short common name, abbreviation, or acronym for the role. - - - Role Short Name: A short common name, abbreviation, or acronym for the role. - - - - - - - - - Role Description - A summary of the role's purpose and associated responsibilities. - - - Role Description: A summary of the role's purpose and associated responsibilities. - - - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - - - - - - - - - - Role Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Role Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - + + Role Identifier Reference - A human-oriented identifier reference to roles served by the user. + Reference to a role by UUID. - Role Identifier Reference: A human-oriented identifier reference to roles served by the user. + Role Identifier Reference: Reference to a role by UUID. @@ -591,10 +591,10 @@ Back matter - A collection of resources, which may be included directly or by reference. + A collection of resources that may be referenced from within the OSCAL document instance. - Back matter: A collection of resources, which may be included directly or by reference. + Back matter: A collection of resources that may be referenced from within the OSCAL document instance. @@ -602,10 +602,10 @@ Resource - A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources. + A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources. - Resource: A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources. + Resource: A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources. @@ -613,10 +613,10 @@ Resource Title - A name given to the resource, which may be used by a tool for display and navigation. + An optional name given to the resource, which may be used by a tool for display and navigation. - Resource Title: A name given to the resource, which may be used by a tool for display and navigation. + Resource Title: An optional name given to the resource, which may be used by a tool for display and navigation. @@ -628,10 +628,10 @@ Resource Description - A short summary of the resource used to indicate the purpose of the resource. + An optional short summary of the resource used to indicate the purpose of the resource. - Resource Description: A short summary of the resource used to indicate the purpose of the resource. + Resource Description: An optional short summary of the resource used to indicate the purpose of the resource. @@ -651,10 +651,10 @@ Citation - A citation consisting of end note text and optional structured bibliographic data. + An optional citation consisting of end note text using structured markup. - Citation: A citation consisting of end note text and optional structured bibliographic data. + Citation: An optional citation consisting of end note text using structured markup. @@ -688,10 +688,10 @@ Resource link - A pointer to an external resource with an optional hash for verification and change detection. + A URL-based pointer to an external resource with an optional hash for verification and change detection. - Resource link: A pointer to an external resource with an optional hash for verification and change detection. + Resource link: A URL-based pointer to an external resource with an optional hash for verification and change detection. Hypertext Reference - A resolvable URI reference to a resource. + A resolvable URL pointing to the referenced resource. - Hypertext Reference: A resolvable URI reference to a resource. + Hypertext Reference: A resolvable URL pointing to the referenced resource. Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -726,14 +726,14 @@ Base64 - The Base64 alphabet in RFC 2045 - aligned with XSD. + A resource encoded using the Base64 alphabet defined by RFC 2045. - Base64: The Base64 alphabet in RFC 2045 - aligned with XSD. + Base64: A resource encoded using the Base64 alphabet defined by RFC 2045. - + File Name @@ -747,10 +747,10 @@ Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -761,10 +761,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -775,10 +775,10 @@ Resource Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for a resource. - Resource Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Resource Universally Unique Identifier: A unique identifier for a resource. @@ -789,20 +789,20 @@ Property - An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values. + An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. - Property: An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values. + Property: An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -813,20 +813,20 @@ Property Name - A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. + A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. - Property Name: A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. + Property Name: A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. Property Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for a property. - Property Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Property Universally Unique Identifier: A unique identifier for a property. @@ -853,10 +853,10 @@ Property Class - A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + A textual label that provides a sub-type or characterization of the property's name. - Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + Property Class: A textual label that provides a sub-type or characterization of the property's name. @@ -874,10 +874,10 @@ Link - A reference to a local or remote resource + A reference to a local or remote resource, that has a specific relation to the containing object. - Link: A reference to a local or remote resource + Link: A reference to a local or remote resource, that has a specific relation to the containing object. @@ -909,21 +909,21 @@ - Relation - Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. + Link Relation Type + Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose. - Relation: Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. + Link Relation Type: Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose. Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -931,10 +931,10 @@ Responsible Party - A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object. + A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object. - Responsible Party: A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object. + Responsible Party: A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -967,10 +967,10 @@ Responsible Role - A human-oriented identifier reference to roles served by the user. + A reference to a role performed by a party. - Responsible Role: A human-oriented identifier reference to roles served by the user. + Responsible Role: A reference to a role performed by a party. @@ -1000,10 +1000,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1055,10 +1055,10 @@ Responsible Role - A reference to one or more roles with responsibility for performing a function relative to the containing object. + A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role. - Responsible Role: A reference to one or more roles with responsibility for performing a function relative to the containing object. + Responsible Role: A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1091,10 +1091,10 @@ Responsible Role ID - A human-oriented identifier reference to roles responsible for the business function. + A human-oriented identifier reference to a role performed. - Responsible Role ID: A human-oriented identifier reference to roles responsible for the business function. + Responsible Role ID: A human-oriented identifier reference to a role performed. @@ -1113,10 +1113,10 @@ Hash algorithm - Method by which a hash is derived + The digest method by which a hash is derived. - Hash algorithm: Method by which a hash is derived + Hash algorithm: The digest method by which a hash is derived. @@ -1126,10 +1126,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1139,10 +1139,10 @@ Publication Timestamp - The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last made available. - Publication Timestamp: The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + Publication Timestamp: The date and time the document was last made available. @@ -1150,10 +1150,10 @@ Last Modified Timestamp - The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last stored for later retrieval. - Last Modified Timestamp: The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + Last Modified Timestamp: The date and time the document was last stored for later retrieval. @@ -1161,21 +1161,21 @@ Document Version - A string used to distinguish the current version of the document from other previous (and future) versions. + Used to distinguish a specific revision of an OSCAL document from other previous and future versions. - Document Version: A string used to distinguish the current version of the document from other previous (and future) versions. + Document Version: Used to distinguish a specific revision of an OSCAL document from other previous and future versions. - OSCAL version - The OSCAL model version the document was authored against. + OSCAL Version + The OSCAL model version the document was authored against and will conform to as valid. - OSCAL version: The OSCAL model version the document was authored against. + OSCAL Version: The OSCAL model version the document was authored against and will conform to as valid. @@ -1183,10 +1183,10 @@ Email Address - An email address as defined by RFC 5322 Section 3.4.1. + An email address as defined by RFC 5322 Section 3.4.1. - Email Address: An email address as defined by RFC 5322 Section 3.4.1. + Email Address: An email address as defined by RFC 5322 Section 3.4.1. @@ -1194,10 +1194,10 @@ Telephone Number - Contact number by telephone. + A telephone service number as defined by ITU-T E.164. - Telephone Number: Contact number by telephone. + Telephone Number: A telephone service number as defined by ITU-T E.164. @@ -1246,10 +1246,10 @@ State - State, province or analogous geographical region for mailing address + State, province or analogous geographical region for a mailing address. - State: State, province or analogous geographical region for mailing address + State: State, province or analogous geographical region for a mailing address. @@ -1259,10 +1259,10 @@ Postal Code - Postal or ZIP code for mailing address + Postal or ZIP code for mailing address. - Postal Code: Postal or ZIP code for mailing address + Postal Code: Postal or ZIP code for mailing address. @@ -1307,10 +1307,10 @@ Document Identifier - A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + A document identifier qualified by an identifier scheme. - Document Identifier: A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + Document Identifier: A document identifier qualified by an identifier scheme. @@ -1318,10 +1318,10 @@ Document Identification Scheme - Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. + Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. - Document Identification Scheme: Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. + Document Identification Scheme: Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. @@ -1383,10 +1383,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1426,10 +1426,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1461,10 +1461,10 @@ Mapped Resource Reference - A reference to a back-matter resource that is either the source or target of a mapping. + A reference to a resource that is either the source or target of a mapping. - Mapped Resource Reference: A reference to a back-matter resource that is either the source or target of a mapping. + Mapped Resource Reference: A reference to a resource that is either the source or target of a mapping. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. diff --git a/xml/schema/oscal_poam_schema.xsd b/xml/schema/oscal_poam_schema.xsd index 0410c0125a..13a168a887 100644 --- a/xml/schema/oscal_poam_schema.xsd +++ b/xml/schema/oscal_poam_schema.xsd @@ -100,10 +100,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -225,10 +225,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -249,11 +249,11 @@ - Publication metadata - Provides information about the publication and availability of the containing document. + Document Metadata + Provides information about the containing document, and defines concepts that are shared across the document. - Publication metadata: Provides information about the publication and availability of the containing document. + Document Metadata: Provides information about the containing document, and defines concepts that are shared across the document. @@ -288,176 +288,89 @@ minOccurs="1" maxOccurs="1"/> - - - - - - - - - - - - - - - - Remarks - Additional commentary on the containing object. + revisions + A group of 'revision' elements - Remarks: Additional commentary on the containing object. + revisions: A group of 'revision' elements - - - - - - - - - Revision History Entry - An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first). - - - Revision History Entry: An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first). - - - - - - - Document Title - A name given to the document revision, which may be used by a tool for display and navigation. - - - Document Title: A name given to the document revision, which may be used by a tool for display and navigation. - - - - - - - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - - - - - - - - - - - Location - A location, with associated metadata that can be referenced. - - - Location: A location, with associated metadata that can be referenced. - - - - - - - Location Title - A name given to the location, which may be used by a tool for display and navigation. - - - Location Title: A name given to the location, which may be used by a tool for display and navigation. - - - - + + + + + + Revision History Entry + An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first). + + + Revision History Entry: An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first). + + + + + + + Document Title + A name given to the document revision, which may be used by a tool for display and navigation. + + + Document Title: A name given to the document revision, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + - - - - - - - - Location URL - The uniform resource locator (URL) for a web site or Internet presence associated with the location. - - - Location URL: The uniform resource locator (URL) for a web site or Internet presence associated with the location. - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - + - - - - - - - - Location Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Location Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - - - - - Location Reference - A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - Location Reference: A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - - - - - Party (organization or person) - A responsible entity which is either a person or an organization. - - - Party (organization or person): A responsible entity which is either a person or an organization. - - - - - Party Name - The full name of the party. This is typically the legal name associated with the party. + Role + Defines a function, which might be assigned to a party in a specific situation. - Party Name: The full name of the party. This is typically the legal name associated with the party. + Role: Defines a function, which might be assigned to a party in a specific situation. - - + + + + + + Role Title + A name given to the role, which may be used by a tool for display and navigation. + + + Role Title: A name given to the role, which may be used by a tool for display and navigation. + + + + + + + + + + + Role Short Name + A short common name, abbreviation, or acronym for the role. + + + Role Short Name: A short common name, abbreviation, or acronym for the role. + + + + + + + + + Role Description + A summary of the role's purpose and associated responsibilities. + + + Role Description: A summary of the role's purpose and associated responsibilities. + + + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Role Identifier + A unique identifier for the role. + + + Role Identifier: A unique identifier for the role. + + + - - + + - Party Short Name - A short common name, abbreviation, or acronym for the party. + Location + A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document. - Party Short Name: A short common name, abbreviation, or acronym for the party. + Location: A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document. - - + + + + + + Location Title + A name given to the location, which may be used by a tool for display and navigation. + + + Location Title: A name given to the location, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + Location URL + The uniform resource locator (URL) for a web site or other resource associated with the location. + + + Location URL: The uniform resource locator (URL) for a web site or other resource associated with the location. + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Location Universally Unique Identifier + A unique ID for the location, for reference. + + + Location Universally Unique Identifier: A unique ID for the location, for reference. + + + - + - Party External Identifier - An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) + Party + An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document. - Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) + Party: An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document. - - - + + + - External Identifier Schema - Indicates the type of external identifier. + Party Name + The full name of the party. This is typically the legal name associated with the party. - External Identifier Schema: Indicates the type of external identifier. + Party Name: The full name of the party. This is typically the legal name associated with the party. - - - + + + + + + + + Party Short Name + A short common name, abbreviation, or acronym for the party. + + + Party Short Name: A short common name, abbreviation, or acronym for the party. + + + + + + + + + Party External Identifier + An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID). + + + Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID). + + + + + + + External Identifier Schema + Indicates the type of external identifier. + + + External Identifier Schema: Indicates the type of external identifier. + + + + + + + + + + + + + + + + + + + Organizational Affiliation + A reference to another party by UUID, typically an organization, that this subject is associated with. + + + Organizational Affiliation: A reference to another party by UUID, typically an organization, that this subject is associated with. + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Party Universally Unique Identifier + A unique identifier for the party. + + + Party Universally Unique Identifier: A unique identifier for the party. + + + + + + Party Type + A category describing the kind of party the object describes. + + + Party Type: A category describing the kind of party the object describes. + + - - - - - - - - - - - - - Organizational Affiliation - A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - Organizational Affiliation: A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - - Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. - - - - Party Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Party Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - - - - Party Type - A category describing the kind of party the object describes. - - - Party Type: A category describing the kind of party the object describes. - - - + - Party Reference - A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + Location Universally Unique Identifier Reference + Reference to a location by UUID. - Party Reference: A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + Location Universally Unique Identifier Reference: Reference to a location by UUID. - + - Role - Defines a function assumed or expected to be assumed by a party in a specific situation. + Party Universally Unique Identifier Reference + Reference to a party by UUID. - Role: Defines a function assumed or expected to be assumed by a party in a specific situation. + Party Universally Unique Identifier Reference: Reference to a party by UUID. - - - - - - Role Title - A name given to the role, which may be used by a tool for display and navigation. - - - Role Title: A name given to the role, which may be used by a tool for display and navigation. - - - - - - - - - - - Role Short Name - A short common name, abbreviation, or acronym for the role. - - - Role Short Name: A short common name, abbreviation, or acronym for the role. - - - - - - - - - Role Description - A summary of the role's purpose and associated responsibilities. - - - Role Description: A summary of the role's purpose and associated responsibilities. - - - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - - - - - - - - - - Role Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Role Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - + + Role Identifier Reference - A human-oriented identifier reference to roles served by the user. + Reference to a role by UUID. - Role Identifier Reference: A human-oriented identifier reference to roles served by the user. + Role Identifier Reference: Reference to a role by UUID. @@ -750,10 +750,10 @@ Back matter - A collection of resources, which may be included directly or by reference. + A collection of resources that may be referenced from within the OSCAL document instance. - Back matter: A collection of resources, which may be included directly or by reference. + Back matter: A collection of resources that may be referenced from within the OSCAL document instance. @@ -761,10 +761,10 @@ Resource - A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources. + A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources. - Resource: A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources. + Resource: A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources. @@ -772,10 +772,10 @@ Resource Title - A name given to the resource, which may be used by a tool for display and navigation. + An optional name given to the resource, which may be used by a tool for display and navigation. - Resource Title: A name given to the resource, which may be used by a tool for display and navigation. + Resource Title: An optional name given to the resource, which may be used by a tool for display and navigation. @@ -787,10 +787,10 @@ Resource Description - A short summary of the resource used to indicate the purpose of the resource. + An optional short summary of the resource used to indicate the purpose of the resource. - Resource Description: A short summary of the resource used to indicate the purpose of the resource. + Resource Description: An optional short summary of the resource used to indicate the purpose of the resource. @@ -810,10 +810,10 @@ Citation - A citation consisting of end note text and optional structured bibliographic data. + An optional citation consisting of end note text using structured markup. - Citation: A citation consisting of end note text and optional structured bibliographic data. + Citation: An optional citation consisting of end note text using structured markup. @@ -847,10 +847,10 @@ Resource link - A pointer to an external resource with an optional hash for verification and change detection. + A URL-based pointer to an external resource with an optional hash for verification and change detection. - Resource link: A pointer to an external resource with an optional hash for verification and change detection. + Resource link: A URL-based pointer to an external resource with an optional hash for verification and change detection. Hypertext Reference - A resolvable URI reference to a resource. + A resolvable URL pointing to the referenced resource. - Hypertext Reference: A resolvable URI reference to a resource. + Hypertext Reference: A resolvable URL pointing to the referenced resource. Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -885,14 +885,14 @@ Base64 - The Base64 alphabet in RFC 2045 - aligned with XSD. + A resource encoded using the Base64 alphabet defined by RFC 2045. - Base64: The Base64 alphabet in RFC 2045 - aligned with XSD. + Base64: A resource encoded using the Base64 alphabet defined by RFC 2045. - + File Name @@ -906,10 +906,10 @@ Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -920,10 +920,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -934,10 +934,10 @@ Resource Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for a resource. - Resource Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Resource Universally Unique Identifier: A unique identifier for a resource. @@ -948,20 +948,20 @@ Property - An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values. + An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. - Property: An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values. + Property: An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -972,20 +972,20 @@ Property Name - A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. + A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. - Property Name: A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. + Property Name: A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. Property Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for a property. - Property Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Property Universally Unique Identifier: A unique identifier for a property. @@ -1012,10 +1012,10 @@ Property Class - A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + A textual label that provides a sub-type or characterization of the property's name. - Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + Property Class: A textual label that provides a sub-type or characterization of the property's name. @@ -1033,10 +1033,10 @@ Link - A reference to a local or remote resource + A reference to a local or remote resource, that has a specific relation to the containing object. - Link: A reference to a local or remote resource + Link: A reference to a local or remote resource, that has a specific relation to the containing object. @@ -1068,21 +1068,21 @@ - Relation - Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. + Link Relation Type + Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose. - Relation: Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. + Link Relation Type: Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose. Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -1090,10 +1090,10 @@ Responsible Party - A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object. + A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object. - Responsible Party: A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object. + Responsible Party: A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1126,10 +1126,10 @@ Responsible Role - A human-oriented identifier reference to roles served by the user. + A reference to a role performed by a party. - Responsible Role: A human-oriented identifier reference to roles served by the user. + Responsible Role: A reference to a role performed by a party. @@ -1159,10 +1159,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1214,10 +1214,10 @@ Responsible Role - A reference to one or more roles with responsibility for performing a function relative to the containing object. + A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role. - Responsible Role: A reference to one or more roles with responsibility for performing a function relative to the containing object. + Responsible Role: A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1250,10 +1250,10 @@ Responsible Role ID - A human-oriented identifier reference to roles responsible for the business function. + A human-oriented identifier reference to a role performed. - Responsible Role ID: A human-oriented identifier reference to roles responsible for the business function. + Responsible Role ID: A human-oriented identifier reference to a role performed. @@ -1272,10 +1272,10 @@ Hash algorithm - Method by which a hash is derived + The digest method by which a hash is derived. - Hash algorithm: Method by which a hash is derived + Hash algorithm: The digest method by which a hash is derived. @@ -1285,10 +1285,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1298,10 +1298,10 @@ Publication Timestamp - The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last made available. - Publication Timestamp: The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + Publication Timestamp: The date and time the document was last made available. @@ -1309,10 +1309,10 @@ Last Modified Timestamp - The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last stored for later retrieval. - Last Modified Timestamp: The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + Last Modified Timestamp: The date and time the document was last stored for later retrieval. @@ -1320,21 +1320,21 @@ Document Version - A string used to distinguish the current version of the document from other previous (and future) versions. + Used to distinguish a specific revision of an OSCAL document from other previous and future versions. - Document Version: A string used to distinguish the current version of the document from other previous (and future) versions. + Document Version: Used to distinguish a specific revision of an OSCAL document from other previous and future versions. - OSCAL version - The OSCAL model version the document was authored against. + OSCAL Version + The OSCAL model version the document was authored against and will conform to as valid. - OSCAL version: The OSCAL model version the document was authored against. + OSCAL Version: The OSCAL model version the document was authored against and will conform to as valid. @@ -1342,10 +1342,10 @@ Email Address - An email address as defined by RFC 5322 Section 3.4.1. + An email address as defined by RFC 5322 Section 3.4.1. - Email Address: An email address as defined by RFC 5322 Section 3.4.1. + Email Address: An email address as defined by RFC 5322 Section 3.4.1. @@ -1353,10 +1353,10 @@ Telephone Number - Contact number by telephone. + A telephone service number as defined by ITU-T E.164. - Telephone Number: Contact number by telephone. + Telephone Number: A telephone service number as defined by ITU-T E.164. @@ -1405,10 +1405,10 @@ State - State, province or analogous geographical region for mailing address + State, province or analogous geographical region for a mailing address. - State: State, province or analogous geographical region for mailing address + State: State, province or analogous geographical region for a mailing address. @@ -1418,10 +1418,10 @@ Postal Code - Postal or ZIP code for mailing address + Postal or ZIP code for mailing address. - Postal Code: Postal or ZIP code for mailing address + Postal Code: Postal or ZIP code for mailing address. @@ -1466,10 +1466,10 @@ Document Identifier - A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + A document identifier qualified by an identifier scheme. - Document Identifier: A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + Document Identifier: A document identifier qualified by an identifier scheme. @@ -1477,10 +1477,10 @@ Document Identification Scheme - Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. + Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. - Document Identification Scheme: Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. + Document Identification Scheme: Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. @@ -1564,10 +1564,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1598,10 +1598,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1734,10 +1734,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1828,10 +1828,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1970,10 +1970,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1996,10 +1996,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2044,10 +2044,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2089,14 +2089,14 @@ - + Part - A partition of a control's definition or a child of another part. + An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part. - Part: A partition of a control's definition or a child of another part. + Part: An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part. @@ -2104,10 +2104,10 @@ Part Title - A name given to the part, which may be used by a tool for display and navigation. + An optional name given to the part, which may be used by a tool for display and navigation. - Part Title: A name given to the part, which may be used by a tool for display and navigation. + Part Title: An optional name given to the part, which may be used by a tool for display and navigation. @@ -2120,7 +2120,7 @@ maxOccurs="unbounded"/> Part Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for the part. - Part Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Part Identifier: A unique identifier for the part. Part Name - A textual label that uniquely identifies the part's semantic type. + A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns. - Part Name: A textual label that uniquely identifies the part's semantic type. + Part Name: A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns. Part Namespace - A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. + An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. - Part Namespace: A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. + Part Namespace: An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. Part Class - A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs. - Part Class: A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + Part Class: An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs. - + Parameter @@ -2207,10 +2207,10 @@ Parameter Usage Description - Describes the purpose and use of a parameter + Describes the purpose and use of a parameter. - Parameter Usage Description: Describes the purpose and use of a parameter + Parameter Usage Description: Describes the purpose and use of a parameter. @@ -2218,20 +2218,20 @@ @@ -2239,10 +2239,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2253,41 +2253,42 @@ Parameter Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for the parameter. - Parameter Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Parameter Identifier: A unique identifier for the parameter. Parameter Class - A textual label that provides a characterization of the parameter. + A textual label that provides a characterization of the type, purpose, use or scope of the parameter. - Parameter Class: A textual label that provides a characterization of the parameter. + Parameter Class: A textual label that provides a characterization of the type, purpose, use or scope of the parameter. Depends on - **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. + + (deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used. - Depends on: **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. + Depends on: (deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used. - + Constraint - A formal or informal expression of a constraint or test + A formal or informal expression of a constraint or test. - Constraint: A formal or informal expression of a constraint or test + Constraint: A formal or informal expression of a constraint or test. @@ -2321,10 +2322,10 @@ Constraint test - A formal (executable) expression of a constraint + A formal (executable) expression of a constraint. - Constraint test: A formal (executable) expression of a constraint + Constraint test: A formal (executable) expression of a constraint. @@ -2333,10 +2334,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2347,7 +2348,7 @@ - + Guideline @@ -2360,7 +2361,7 @@ - + Parameter Value @@ -2371,14 +2372,14 @@ - + Selection - Presenting a choice among alternatives + Presenting a choice among alternatives. - Selection: Presenting a choice among alternatives + Selection: Presenting a choice among alternatives. @@ -2386,10 +2387,10 @@ Choice - A value selection among several such options + A value selection among several such options. - Choice: A value selection among several such options + Choice: A value selection among several such options. @@ -2408,7 +2409,7 @@ - + Include All @@ -2432,10 +2433,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2487,17 +2488,17 @@ minOccurs="0" maxOccurs="unbounded"/> Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2508,10 +2509,10 @@ Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). - Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + Control Identifier Reference: A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -2556,10 +2557,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2686,10 +2687,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2720,10 +2721,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2906,10 +2907,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2963,10 +2964,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2997,10 +2998,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3097,7 +3098,7 @@ maxOccurs="unbounded"/> Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3163,7 +3164,7 @@ maxOccurs="unbounded"/> Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3195,10 +3196,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3234,10 +3235,10 @@ Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). - Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + Control Identifier Reference: A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -3320,10 +3321,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3376,7 +3377,7 @@ maxOccurs="unbounded"/> Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3435,10 +3436,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3503,10 +3504,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3609,10 +3610,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3635,10 +3636,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3722,10 +3723,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3762,10 +3763,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3913,10 +3914,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3965,10 +3966,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4114,10 +4115,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4447,10 +4448,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4473,10 +4474,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4618,10 +4619,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4771,10 +4772,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -4801,10 +4802,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. diff --git a/xml/schema/oscal_profile_schema.xsd b/xml/schema/oscal_profile_schema.xsd index 8ab3673dcb..05ab719b33 100644 --- a/xml/schema/oscal_profile_schema.xsd +++ b/xml/schema/oscal_profile_schema.xsd @@ -12,7 +12,9 @@ 1.0.4 oscal-profile -

    A profile designates a selection and configuration of controls from one or more catalogs, along with a series of operations over them. The topmost element in the OSCAL profile XML schema is profile.

    +

    In OSCAL a profile represents a set of selected controls from one or more control catalogs. Such a set of controls can be referenced by an OSCAL system security plan (SSP) to establish a control baseline. This effective set of controls is produced from an OSCAL profile using a deterministic, predictable process called profile resolution.

    +

    A profile references one or more OSCAL catalogs or profiles to import controls for control selection and tailoring. A profile can also describe how a resulting catalog is structured. When the profile is resolved, these selections and modifications are processed to produce a resulting OSCAL catalog.

    +

    OSCAL profiles have uses beyond establishing control baselines, such as documentation generation or as reference tables for validations.

    profile @@ -22,10 +24,10 @@ Profile - Each OSCAL profile is defined by a Profile element + Each OSCAL profile is defined by a profile element. - Profile: Each OSCAL profile is defined by a Profile element + Profile: Each OSCAL profile is defined by a profile element. Profile Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this profile elsewhere in this or other OSCAL instances. The locally defined UUID of the profile can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This identifier should be assigned per-subject, which means it should be consistently used to identify the same profile across revisions of the document. + Provides a globally unique means to identify a given profile instance. - Profile Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this profile elsewhere in this or other OSCAL instances. The locally defined UUID of the profile can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This identifier should be assigned per-subject, which means it should be consistently used to identify the same profile across revisions of the document. + Profile Universally Unique Identifier: Provides a globally unique means to identify a given profile instance.
    - Import resource - The import designates a catalog or profile to be included (referenced and potentially modified) by this profile. The import also identifies which controls to select using the include-all, include-controls, and exclude-controls directives. + Import Resource + Designates a referenced source catalog or profile that provides a source of control information for use in creating a new overlay or baseline. - Import resource: The import designates a catalog or profile to be included (referenced and potentially modified) by this profile. The import also identifies which controls to select using the include-all, include-controls, and exclude-controls directives. + Import Resource: Designates a referenced source catalog or profile that provides a source of control information for use in creating a new overlay or baseline. - Merge controls - A Merge element provides structuring directives that drive how controls are organized after resolution. + Merge Controls + Provides structuring directives that instruct how controls are organized after profile resolution. - Merge controls: A Merge element provides structuring directives that drive how controls are organized after resolution. + Merge Controls: Provides structuring directives that instruct how controls are organized after profile resolution. - Combination rule - A Combine element defines how to combine multiple (competing) versions of the same control. + Combination Rule + A Combine element defines how to resolve duplicate instances of the same control (e.g., controls with the same ID). - Combination rule: A Combine element defines how to combine multiple (competing) versions of the same control. + Combination Rule: A Combine element defines how to resolve duplicate instances of the same control (e.g., controls with the same ID). - Combination method - How clashing controls should be handled + Combination Method + Declare how clashing controls should be handled. - Combination method: How clashing controls should be handled + Combination Method: Declare how clashing controls should be handled. @@ -133,11 +135,11 @@ - Flat - Use the flat structuring method. + Flat Without Grouping + Directs that controls appear without any grouping structure. - Flat: Use the flat structuring method. + Flat Without Grouping: Directs that controls appear without any grouping structure. @@ -145,11 +147,11 @@ - As-Is Structuring Directive - An As-is element indicates that the controls should be structured in resolution as they are structured in their source catalogs. It does not contain any elements or attributes. + Group As-Is + Indicates that the controls selected should retain their original grouping as defined in the import source. - As-Is Structuring Directive: An As-is element indicates that the controls should be structured in resolution as they are structured in their source catalogs. It does not contain any elements or attributes. + Group As-Is: Indicates that the controls selected should retain their original grouping as defined in the import source. @@ -158,11 +160,11 @@ - Custom grouping - A Custom element frames a structure for embedding represented controls in resolution. + Custom Grouping + Provides an alternate grouping structure that selected controls will be placed in. - Custom grouping: A Custom element frames a structure for embedding represented controls in resolution. + Custom Grouping: Provides an alternate grouping structure that selected controls will be placed in. - Control group - A group of (selected) controls or of groups of controls + Control Group + A group of (selected) controls or of groups of controls. - Control group: A group of (selected) controls or of groups of controls + Control Group: A group of (selected) controls or of groups of controls. @@ -194,10 +196,10 @@ Group Title - A name given to the group, which may be used by a tool for display and navigation. + A name to be given to the group for use in display. - Group Title: A name given to the group, which may be used by a tool for display and navigation. + Group Title: A name to be given to the group for use in display. @@ -205,7 +207,7 @@ @@ -235,10 +237,10 @@ Group Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document. + Identifies the group. - Group Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document. + Group Identifier: Identifies the group. @@ -255,11 +257,11 @@ - Modify controls - Set parameters or amend controls in resolution + Modify Controls + Set parameters or amend controls in resolution. - Modify controls: Set parameters or amend controls in resolution + Modify Controls: Set parameters or amend controls in resolution. @@ -267,10 +269,10 @@ Parameter Setting - A parameter setting, to be propagated to points of insertion + A parameter setting, to be propagated to points of insertion. - Parameter Setting: A parameter setting, to be propagated to points of insertion + Parameter Setting: A parameter setting, to be propagated to points of insertion. Parameter Usage Description - Describes the purpose and use of a parameter + Describes the purpose and use of a parameter. - Parameter Usage Description: Describes the purpose and use of a parameter + Parameter Usage Description: Describes the purpose and use of a parameter. @@ -312,20 +314,20 @@ @@ -334,10 +336,10 @@ Parameter ID - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + An identifier for the parameter. - Parameter ID: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Parameter ID: An identifier for the parameter. @@ -353,11 +355,11 @@ - Depends on + Depends On **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. - Depends on: **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. + Depends On: **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. @@ -367,10 +369,10 @@ Alteration - An Alter element specifies changes to be made to an included control when a profile is resolved. + Specifies changes to be made to an included control when a profile is resolved. - Alteration: An Alter element specifies changes to be made to an included control when a profile is resolved. + Alteration: Specifies changes to be made to an included control when a profile is resolved. @@ -387,10 +389,10 @@ Reference by (assigned) name - Identify items to remove by matching their assigned name + Identify items remove by matching their assigned name. - Reference by (assigned) name: Identify items to remove by matching their assigned name + Reference by (assigned) name: Identify items remove by matching their assigned name. @@ -417,11 +419,10 @@ Item Name Reference - Identify items to remove by the name of the item's information element name, e.g. title or prop - + Identify items to remove by the name of the item's information object name, e.g. title or prop. - Item Name Reference: Identify items to remove by the name of the item's information element name, e.g. title or prop + Item Name Reference: Identify items to remove by the name of the item's information object name, e.g. title or prop. @@ -441,10 +442,10 @@ Addition - Specifies contents to be added into controls, in resolution + Specifies contents to be added into controls, in resolution. - Addition: Specifies contents to be added into controls, in resolution + Addition: Specifies contents to be added into controls, in resolution. @@ -463,7 +464,7 @@
    @@ -483,10 +484,10 @@ Position - Where to add the new content with respect to the targeted element (beside it or inside it) + Where to add the new content with respect to the targeted element (beside it or inside it). - Position: Where to add the new content with respect to the targeted element (beside it or inside it) + Position: Where to add the new content with respect to the targeted element (beside it or inside it). @@ -506,10 +507,10 @@ Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). - Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + Control Identifier Reference: A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -519,16 +520,16 @@ - Select controls + Select Controls Specifies which controls to use in the containing context. - Select controls: Specifies which controls to use in the containing context. + Select Controls: Specifies which controls to use in the containing context. - Call - Call a control by its ID + Select Control + Select a control or controls from an imported control set. - Call: Call a control by its ID + Select Control: Select a control or controls from an imported control set. @@ -567,10 +568,10 @@ Match Controls by Identifier - + Selecting a control by its ID given as a literal. - Match Controls by Identifier: + Match Controls by Identifier: Selecting a control by its ID given as a literal. @@ -580,10 +581,10 @@ Match Controls by Pattern - Select controls by (regular expression) match on ID + Selecting a set of controls by matching their IDs with a wildcard pattern. - Match Controls by Pattern: Select controls by (regular expression) match on ID + Match Controls by Pattern: Selecting a set of controls by matching their IDs with a wildcard pattern. @@ -601,22 +602,22 @@ - Include contained controls with control + Include Contained Controls with Control When a control is included, whether its child (dependent) controls are also included. - Include contained controls with control: When a control is included, whether its child (dependent) controls are also included. + Include Contained Controls with Control: When a control is included, whether its child (dependent) controls are also included. - Publication metadata - Provides information about the publication and availability of the containing document. + Document Metadata + Provides information about the containing document, and defines concepts that are shared across the document. - Publication metadata: Provides information about the publication and availability of the containing document. + Document Metadata: Provides information about the containing document, and defines concepts that are shared across the document. @@ -651,12 +652,82 @@ minOccurs="1" maxOccurs="1"/> + + + revisions + A group of 'revision' elements + + + revisions: A group of 'revision' elements + - + + + + + Revision History Entry + An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first). + + + Revision History Entry: An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first). + + + + + + + Document Title + A name given to the document revision, which may be used by a tool for display and navigation. + + + Document Title: A name given to the document revision, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + @@ -672,440 +743,370 @@ type="oscal-metadata-link-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - + - - - - - - - - - Revision History Entry - An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first). - - - Revision History Entry: An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first). - - - - - Document Title - A name given to the document revision, which may be used by a tool for display and navigation. + Role + Defines a function, which might be assigned to a party in a specific situation. - Document Title: A name given to the document revision, which may be used by a tool for display and navigation. + Role: Defines a function, which might be assigned to a party in a specific situation. - - - + + + + + + Role Title + A name given to the role, which may be used by a tool for display and navigation. + + + Role Title: A name given to the role, which may be used by a tool for display and navigation. + + + + + + + + + + + Role Short Name + A short common name, abbreviation, or acronym for the role. + + + Role Short Name: A short common name, abbreviation, or acronym for the role. + + + + + + + + + Role Description + A summary of the role's purpose and associated responsibilities. + + + Role Description: A summary of the role's purpose and associated responsibilities. + + + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Role Identifier + A unique identifier for the role. + + + Role Identifier: A unique identifier for the role. + + - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - + - - - - - - - - - Location - A location, with associated metadata that can be referenced. - - - Location: A location, with associated metadata that can be referenced. - - - - - Location Title - A name given to the location, which may be used by a tool for display and navigation. + Location + A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document. - Location Title: A name given to the location, which may be used by a tool for display and navigation. + Location: A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document. - - - - - - - - - - - - - Location URL - The uniform resource locator (URL) for a web site or Internet presence associated with the location. - - - Location URL: The uniform resource locator (URL) for a web site or Internet presence associated with the location. - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - - - + + + + + + Location Title + A name given to the location, which may be used by a tool for display and navigation. + + + Location Title: A name given to the location, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + Location URL + The uniform resource locator (URL) for a web site or other resource associated with the location. + + + Location URL: The uniform resource locator (URL) for a web site or other resource associated with the location. + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Location Universally Unique Identifier + A unique ID for the location, for reference. + + + Location Universally Unique Identifier: A unique ID for the location, for reference. + + - - - - - Location Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Location Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - - - - - Location Reference - A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - Location Reference: A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - - - - - Party (organization or person) - A responsible entity which is either a person or an organization. - - - Party (organization or person): A responsible entity which is either a person or an organization. - - - - - - - Party Name - The full name of the party. This is typically the legal name associated with the party. - - - Party Name: The full name of the party. This is typically the legal name associated with the party. - - - - - - - - - Party Short Name - A short common name, abbreviation, or acronym for the party. - - - Party Short Name: A short common name, abbreviation, or acronym for the party. - - - - - + - Party External Identifier - An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) + Party + An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document. - Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) + Party: An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document. - - - + + + + + + Party Name + The full name of the party. This is typically the legal name associated with the party. + + + Party Name: The full name of the party. This is typically the legal name associated with the party. + + + + + + + + + Party Short Name + A short common name, abbreviation, or acronym for the party. + + + Party Short Name: A short common name, abbreviation, or acronym for the party. + + + + + + + + + Party External Identifier + An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID). + + + Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID). + + + + + + + External Identifier Schema + Indicates the type of external identifier. + + + External Identifier Schema: Indicates the type of external identifier. + + + + + + + + + + + + + + + + - External Identifier Schema - Indicates the type of external identifier. + Organizational Affiliation + A reference to another party by UUID, typically an organization, that this subject is associated with. - External Identifier Schema: Indicates the type of external identifier. + Organizational Affiliation: A reference to another party by UUID, typically an organization, that this subject is associated with. - - - + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Party Universally Unique Identifier + A unique identifier for the party. + + + Party Universally Unique Identifier: A unique identifier for the party. + + + + + + Party Type + A category describing the kind of party the object describes. + + + Party Type: A category describing the kind of party the object describes. + +
    - - - - - - - - - - - - - Organizational Affiliation - A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - Organizational Affiliation: A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - - Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. - - - - Party Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Party Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - - - - Party Type - A category describing the kind of party the object describes. - - - Party Type: A category describing the kind of party the object describes. - - - + - Party Reference - A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + Location Universally Unique Identifier Reference + Reference to a location by UUID. - Party Reference: A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + Location Universally Unique Identifier Reference: Reference to a location by UUID. - + - Role - Defines a function assumed or expected to be assumed by a party in a specific situation. + Party Universally Unique Identifier Reference + Reference to a party by UUID. - Role: Defines a function assumed or expected to be assumed by a party in a specific situation. + Party Universally Unique Identifier Reference: Reference to a party by UUID. - - - - - - Role Title - A name given to the role, which may be used by a tool for display and navigation. - - - Role Title: A name given to the role, which may be used by a tool for display and navigation. - - - - - - - - - - - Role Short Name - A short common name, abbreviation, or acronym for the role. - - - Role Short Name: A short common name, abbreviation, or acronym for the role. - - - - - - - - - Role Description - A summary of the role's purpose and associated responsibilities. - - - Role Description: A summary of the role's purpose and associated responsibilities. - - - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - - - - - - - - - - Role Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Role Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - + + Role Identifier Reference - A human-oriented identifier reference to roles served by the user. + Reference to a role by UUID. - Role Identifier Reference: A human-oriented identifier reference to roles served by the user. + Role Identifier Reference: Reference to a role by UUID. @@ -1113,10 +1114,10 @@ Back matter - A collection of resources, which may be included directly or by reference. + A collection of resources that may be referenced from within the OSCAL document instance. - Back matter: A collection of resources, which may be included directly or by reference. + Back matter: A collection of resources that may be referenced from within the OSCAL document instance. @@ -1124,10 +1125,10 @@ Resource - A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources. + A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources. - Resource: A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources. + Resource: A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources. @@ -1135,10 +1136,10 @@ Resource Title - A name given to the resource, which may be used by a tool for display and navigation. + An optional name given to the resource, which may be used by a tool for display and navigation. - Resource Title: A name given to the resource, which may be used by a tool for display and navigation. + Resource Title: An optional name given to the resource, which may be used by a tool for display and navigation. @@ -1150,10 +1151,10 @@ Resource Description - A short summary of the resource used to indicate the purpose of the resource. + An optional short summary of the resource used to indicate the purpose of the resource. - Resource Description: A short summary of the resource used to indicate the purpose of the resource. + Resource Description: An optional short summary of the resource used to indicate the purpose of the resource. @@ -1173,10 +1174,10 @@ Citation - A citation consisting of end note text and optional structured bibliographic data. + An optional citation consisting of end note text using structured markup. - Citation: A citation consisting of end note text and optional structured bibliographic data. + Citation: An optional citation consisting of end note text using structured markup. @@ -1210,10 +1211,10 @@ Resource link - A pointer to an external resource with an optional hash for verification and change detection. + A URL-based pointer to an external resource with an optional hash for verification and change detection. - Resource link: A pointer to an external resource with an optional hash for verification and change detection. + Resource link: A URL-based pointer to an external resource with an optional hash for verification and change detection. Hypertext Reference - A resolvable URI reference to a resource. + A resolvable URL pointing to the referenced resource. - Hypertext Reference: A resolvable URI reference to a resource. + Hypertext Reference: A resolvable URL pointing to the referenced resource. Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -1248,14 +1249,14 @@ Base64 - The Base64 alphabet in RFC 2045 - aligned with XSD. + A resource encoded using the Base64 alphabet defined by RFC 2045. - Base64: The Base64 alphabet in RFC 2045 - aligned with XSD. + Base64: A resource encoded using the Base64 alphabet defined by RFC 2045. - + File Name @@ -1269,10 +1270,10 @@ Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -1283,10 +1284,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1297,10 +1298,10 @@ Resource Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for a resource. - Resource Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Resource Universally Unique Identifier: A unique identifier for a resource. @@ -1311,20 +1312,20 @@ Property - An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values. + An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. - Property: An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values. + Property: An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1335,20 +1336,20 @@ Property Name - A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. + A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. - Property Name: A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. + Property Name: A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. Property Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for a property. - Property Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Property Universally Unique Identifier: A unique identifier for a property. @@ -1375,10 +1376,10 @@ Property Class - A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + A textual label that provides a sub-type or characterization of the property's name. - Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + Property Class: A textual label that provides a sub-type or characterization of the property's name. @@ -1396,10 +1397,10 @@ Link - A reference to a local or remote resource + A reference to a local or remote resource, that has a specific relation to the containing object. - Link: A reference to a local or remote resource + Link: A reference to a local or remote resource, that has a specific relation to the containing object. @@ -1431,21 +1432,21 @@ - Relation - Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. + Link Relation Type + Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose. - Relation: Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. + Link Relation Type: Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose. Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -1453,10 +1454,10 @@ Responsible Party - A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object. + A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object. - Responsible Party: A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object. + Responsible Party: A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1489,10 +1490,10 @@ Responsible Role - A human-oriented identifier reference to roles served by the user. + A reference to a role performed by a party. - Responsible Role: A human-oriented identifier reference to roles served by the user. + Responsible Role: A reference to a role performed by a party. @@ -1522,10 +1523,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1577,10 +1578,10 @@ Responsible Role - A reference to one or more roles with responsibility for performing a function relative to the containing object. + A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role. - Responsible Role: A reference to one or more roles with responsibility for performing a function relative to the containing object. + Responsible Role: A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1613,10 +1614,10 @@ Responsible Role ID - A human-oriented identifier reference to roles responsible for the business function. + A human-oriented identifier reference to a role performed. - Responsible Role ID: A human-oriented identifier reference to roles responsible for the business function. + Responsible Role ID: A human-oriented identifier reference to a role performed. @@ -1635,10 +1636,10 @@ Hash algorithm - Method by which a hash is derived + The digest method by which a hash is derived. - Hash algorithm: Method by which a hash is derived + Hash algorithm: The digest method by which a hash is derived. @@ -1648,10 +1649,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1661,10 +1662,10 @@ Publication Timestamp - The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last made available. - Publication Timestamp: The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + Publication Timestamp: The date and time the document was last made available. @@ -1672,10 +1673,10 @@ Last Modified Timestamp - The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last stored for later retrieval. - Last Modified Timestamp: The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + Last Modified Timestamp: The date and time the document was last stored for later retrieval. @@ -1683,21 +1684,21 @@ Document Version - A string used to distinguish the current version of the document from other previous (and future) versions. + Used to distinguish a specific revision of an OSCAL document from other previous and future versions. - Document Version: A string used to distinguish the current version of the document from other previous (and future) versions. + Document Version: Used to distinguish a specific revision of an OSCAL document from other previous and future versions. - OSCAL version - The OSCAL model version the document was authored against. + OSCAL Version + The OSCAL model version the document was authored against and will conform to as valid. - OSCAL version: The OSCAL model version the document was authored against. + OSCAL Version: The OSCAL model version the document was authored against and will conform to as valid. @@ -1705,10 +1706,10 @@ Email Address - An email address as defined by RFC 5322 Section 3.4.1. + An email address as defined by RFC 5322 Section 3.4.1. - Email Address: An email address as defined by RFC 5322 Section 3.4.1. + Email Address: An email address as defined by RFC 5322 Section 3.4.1. @@ -1716,10 +1717,10 @@ Telephone Number - Contact number by telephone. + A telephone service number as defined by ITU-T E.164. - Telephone Number: Contact number by telephone. + Telephone Number: A telephone service number as defined by ITU-T E.164. @@ -1768,10 +1769,10 @@ State - State, province or analogous geographical region for mailing address + State, province or analogous geographical region for a mailing address. - State: State, province or analogous geographical region for mailing address + State: State, province or analogous geographical region for a mailing address. @@ -1781,10 +1782,10 @@ Postal Code - Postal or ZIP code for mailing address + Postal or ZIP code for mailing address. - Postal Code: Postal or ZIP code for mailing address + Postal Code: Postal or ZIP code for mailing address. @@ -1829,10 +1830,10 @@ Document Identifier - A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + A document identifier qualified by an identifier scheme. - Document Identifier: A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + Document Identifier: A document identifier qualified by an identifier scheme. @@ -1840,23 +1841,23 @@ Document Identification Scheme - Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. + Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. - Document Identification Scheme: Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. + Document Identification Scheme: Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. - + Part - A partition of a control's definition or a child of another part. + An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part. - Part: A partition of a control's definition or a child of another part. + Part: An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part. @@ -1864,10 +1865,10 @@ Part Title - A name given to the part, which may be used by a tool for display and navigation. + An optional name given to the part, which may be used by a tool for display and navigation. - Part Title: A name given to the part, which may be used by a tool for display and navigation. + Part Title: An optional name given to the part, which may be used by a tool for display and navigation. @@ -1880,7 +1881,7 @@ maxOccurs="unbounded"/> Part Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for the part. - Part Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Part Identifier: A unique identifier for the part. Part Name - A textual label that uniquely identifies the part's semantic type. + A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns. - Part Name: A textual label that uniquely identifies the part's semantic type. + Part Name: A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns. Part Namespace - A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. + An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. - Part Namespace: A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. + Part Namespace: An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. Part Class - A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs. - Part Class: A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + Part Class: An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs. - + Parameter @@ -1967,10 +1968,10 @@ Parameter Usage Description - Describes the purpose and use of a parameter + Describes the purpose and use of a parameter. - Parameter Usage Description: Describes the purpose and use of a parameter + Parameter Usage Description: Describes the purpose and use of a parameter. @@ -1978,20 +1979,20 @@ @@ -1999,10 +2000,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2013,41 +2014,42 @@ Parameter Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for the parameter. - Parameter Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Parameter Identifier: A unique identifier for the parameter. Parameter Class - A textual label that provides a characterization of the parameter. + A textual label that provides a characterization of the type, purpose, use or scope of the parameter. - Parameter Class: A textual label that provides a characterization of the parameter. + Parameter Class: A textual label that provides a characterization of the type, purpose, use or scope of the parameter. Depends on - **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. + + (deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used. - Depends on: **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. + Depends on: (deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used. - + Constraint - A formal or informal expression of a constraint or test + A formal or informal expression of a constraint or test. - Constraint: A formal or informal expression of a constraint or test + Constraint: A formal or informal expression of a constraint or test. @@ -2081,10 +2083,10 @@ Constraint test - A formal (executable) expression of a constraint + A formal (executable) expression of a constraint. - Constraint test: A formal (executable) expression of a constraint + Constraint test: A formal (executable) expression of a constraint. @@ -2093,10 +2095,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2107,7 +2109,7 @@ - + Guideline @@ -2120,7 +2122,7 @@ - + Parameter Value @@ -2131,14 +2133,14 @@ - + Selection - Presenting a choice among alternatives + Presenting a choice among alternatives. - Selection: Presenting a choice among alternatives + Selection: Presenting a choice among alternatives. @@ -2146,10 +2148,10 @@ Choice - A value selection among several such options + A value selection among several such options. - Choice: A value selection among several such options + Choice: A value selection among several such options. @@ -2168,7 +2170,7 @@ - + Include All diff --git a/xml/schema/oscal_ssp_schema.xsd b/xml/schema/oscal_ssp_schema.xsd index bff4945996..448301112a 100644 --- a/xml/schema/oscal_ssp_schema.xsd +++ b/xml/schema/oscal_ssp_schema.xsd @@ -80,10 +80,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -213,10 +213,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -498,10 +498,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -571,10 +571,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -634,10 +634,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -696,10 +696,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -748,10 +748,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -832,10 +832,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -870,10 +870,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -954,10 +954,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -978,10 +978,10 @@ Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). - Control Identifier Reference: A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + Control Identifier Reference: A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). @@ -1015,10 +1015,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1163,10 +1163,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1227,10 +1227,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1263,10 +1263,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1378,10 +1378,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1418,10 +1418,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -1452,11 +1452,11 @@ - Publication metadata - Provides information about the publication and availability of the containing document. + Document Metadata + Provides information about the containing document, and defines concepts that are shared across the document. - Publication metadata: Provides information about the publication and availability of the containing document. + Document Metadata: Provides information about the containing document, and defines concepts that are shared across the document. @@ -1491,12 +1491,82 @@ minOccurs="1" maxOccurs="1"/> + + + revisions + A group of 'revision' elements + + + revisions: A group of 'revision' elements + - + + + + + Revision History Entry + An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first). + + + Revision History Entry: An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first). + + + + + + + Document Title + A name given to the document revision, which may be used by a tool for display and navigation. + + + Document Title: A name given to the document revision, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + @@ -1512,440 +1582,370 @@ type="oscal-metadata-link-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - + - - - - - - - - - Revision History Entry - An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first). - - - Revision History Entry: An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first). - - - - - Document Title - A name given to the document revision, which may be used by a tool for display and navigation. + Role + Defines a function, which might be assigned to a party in a specific situation. - Document Title: A name given to the document revision, which may be used by a tool for display and navigation. + Role: Defines a function, which might be assigned to a party in a specific situation. - - - + + + + + + Role Title + A name given to the role, which may be used by a tool for display and navigation. + + + Role Title: A name given to the role, which may be used by a tool for display and navigation. + + + + + + + + + + + Role Short Name + A short common name, abbreviation, or acronym for the role. + + + Role Short Name: A short common name, abbreviation, or acronym for the role. + + + + + + + + + Role Description + A summary of the role's purpose and associated responsibilities. + + + Role Description: A summary of the role's purpose and associated responsibilities. + + + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Role Identifier + A unique identifier for the role. + + + Role Identifier: A unique identifier for the role. + + - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - + - - - - - - - - - Location - A location, with associated metadata that can be referenced. - - - Location: A location, with associated metadata that can be referenced. - - - - - Location Title - A name given to the location, which may be used by a tool for display and navigation. + Location + A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document. - Location Title: A name given to the location, which may be used by a tool for display and navigation. + Location: A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document. - - - - - - - - - - - - - Location URL - The uniform resource locator (URL) for a web site or Internet presence associated with the location. - - - Location URL: The uniform resource locator (URL) for a web site or Internet presence associated with the location. - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - - - + + + + + + Location Title + A name given to the location, which may be used by a tool for display and navigation. + + + Location Title: A name given to the location, which may be used by a tool for display and navigation. + + + + + + + + + + + + + + Location URL + The uniform resource locator (URL) for a web site or other resource associated with the location. + + + Location URL: The uniform resource locator (URL) for a web site or other resource associated with the location. + + + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Location Universally Unique Identifier + A unique ID for the location, for reference. + + + Location Universally Unique Identifier: A unique ID for the location, for reference. + + - - - - - Location Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Location Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined location elsewhere in this or other OSCAL instances. The locally defined UUID of the location can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - - - - - Location Reference - A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - Location Reference: A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - - - - - Party (organization or person) - A responsible entity which is either a person or an organization. - - - Party (organization or person): A responsible entity which is either a person or an organization. - - - - - - - Party Name - The full name of the party. This is typically the legal name associated with the party. - - - Party Name: The full name of the party. This is typically the legal name associated with the party. - - - - - - - - - Party Short Name - A short common name, abbreviation, or acronym for the party. - - - Party Short Name: A short common name, abbreviation, or acronym for the party. - - - - - + - Party External Identifier - An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) + Party + An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document. - Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID) + Party: An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document. - - - + + + + + + Party Name + The full name of the party. This is typically the legal name associated with the party. + + + Party Name: The full name of the party. This is typically the legal name associated with the party. + + + + + + - External Identifier Schema - Indicates the type of external identifier. + Party Short Name + A short common name, abbreviation, or acronym for the party. - External Identifier Schema: Indicates the type of external identifier. + Party Short Name: A short common name, abbreviation, or acronym for the party. - - - + + + + + + + + Party External Identifier + An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID). + + + Party External Identifier: An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID). + + + + + + + External Identifier Schema + Indicates the type of external identifier. + + + External Identifier Schema: Indicates the type of external identifier. + + + + + + + + + + + + + + + + + + + Organizational Affiliation + A reference to another party by UUID, typically an organization, that this subject is associated with. + + + Organizational Affiliation: A reference to another party by UUID, typically an organization, that this subject is associated with. + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Party Universally Unique Identifier + A unique identifier for the party. + + + Party Universally Unique Identifier: A unique identifier for the party. + + + + + + Party Type + A category describing the kind of party the object describes. + + + Party Type: A category describing the kind of party the object describes. + + - - - - - - - - - - - - - Organizational Affiliation - A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - Organizational Affiliation: A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). - - - - Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. - - - - Party Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Party Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - - - - Party Type - A category describing the kind of party the object describes. - - - Party Type: A category describing the kind of party the object describes. - - - + - Party Reference - A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + Location Universally Unique Identifier Reference + Reference to a location by UUID. - Party Reference: A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + Location Universally Unique Identifier Reference: Reference to a location by UUID. - + - Role - Defines a function assumed or expected to be assumed by a party in a specific situation. + Party Universally Unique Identifier Reference + Reference to a party by UUID. - Role: Defines a function assumed or expected to be assumed by a party in a specific situation. + Party Universally Unique Identifier Reference: Reference to a party by UUID. - - - - - - Role Title - A name given to the role, which may be used by a tool for display and navigation. - - - Role Title: A name given to the role, which may be used by a tool for display and navigation. - - - - - - - - - - - Role Short Name - A short common name, abbreviation, or acronym for the role. - - - Role Short Name: A short common name, abbreviation, or acronym for the role. - - - - - - - - - Role Description - A summary of the role's purpose and associated responsibilities. - - - Role Description: A summary of the role's purpose and associated responsibilities. - - - - - - - - - - - - Remarks - Additional commentary on the containing object. - - - Remarks: Additional commentary on the containing object. - - - - - - - - - - Role Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Role Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - + + Role Identifier Reference - A human-oriented identifier reference to roles served by the user. + Reference to a role by UUID. - Role Identifier Reference: A human-oriented identifier reference to roles served by the user. + Role Identifier Reference: Reference to a role by UUID. @@ -1953,10 +1953,10 @@ Back matter - A collection of resources, which may be included directly or by reference. + A collection of resources that may be referenced from within the OSCAL document instance. - Back matter: A collection of resources, which may be included directly or by reference. + Back matter: A collection of resources that may be referenced from within the OSCAL document instance. @@ -1964,10 +1964,10 @@ Resource - A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources. + A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources. - Resource: A resource associated with content in the containing document. A resource may be directly included in the document base64 encoded or may point to one or more equivalent internet resources. + Resource: A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources. @@ -1975,10 +1975,10 @@ Resource Title - A name given to the resource, which may be used by a tool for display and navigation. + An optional name given to the resource, which may be used by a tool for display and navigation. - Resource Title: A name given to the resource, which may be used by a tool for display and navigation. + Resource Title: An optional name given to the resource, which may be used by a tool for display and navigation. @@ -1990,10 +1990,10 @@ Resource Description - A short summary of the resource used to indicate the purpose of the resource. + An optional short summary of the resource used to indicate the purpose of the resource. - Resource Description: A short summary of the resource used to indicate the purpose of the resource. + Resource Description: An optional short summary of the resource used to indicate the purpose of the resource. @@ -2013,10 +2013,10 @@ Citation - A citation consisting of end note text and optional structured bibliographic data. + An optional citation consisting of end note text using structured markup. - Citation: A citation consisting of end note text and optional structured bibliographic data. + Citation: An optional citation consisting of end note text using structured markup. @@ -2050,10 +2050,10 @@ Resource link - A pointer to an external resource with an optional hash for verification and change detection. + A URL-based pointer to an external resource with an optional hash for verification and change detection. - Resource link: A pointer to an external resource with an optional hash for verification and change detection. + Resource link: A URL-based pointer to an external resource with an optional hash for verification and change detection. Hypertext Reference - A resolvable URI reference to a resource. + A resolvable URL pointing to the referenced resource. - Hypertext Reference: A resolvable URI reference to a resource. + Hypertext Reference: A resolvable URL pointing to the referenced resource. Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -2088,14 +2088,14 @@ Base64 - The Base64 alphabet in RFC 2045 - aligned with XSD. + A resource encoded using the Base64 alphabet defined by RFC 2045. - Base64: The Base64 alphabet in RFC 2045 - aligned with XSD. + Base64: A resource encoded using the Base64 alphabet defined by RFC 2045. - + File Name @@ -2109,10 +2109,10 @@ Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -2123,10 +2123,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2137,10 +2137,10 @@ Resource Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for a resource. - Resource Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined resource elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Resource Universally Unique Identifier: A unique identifier for a resource. @@ -2151,20 +2151,20 @@ Property - An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values. + An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. - Property: An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values. + Property: An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2175,20 +2175,20 @@ Property Name - A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. + A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. - Property Name: A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. + Property Name: A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. Property Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for a property. - Property Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined property elsewhere in this or other OSCAL instances. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Property Universally Unique Identifier: A unique identifier for a property. @@ -2215,10 +2215,10 @@ Property Class - A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + A textual label that provides a sub-type or characterization of the property's name. - Property Class: A textual label that provides a sub-type or characterization of the property's name. This can be used to further distinguish or discriminate between the semantics of multiple properties of the same object with the same name and ns. + Property Class: A textual label that provides a sub-type or characterization of the property's name. @@ -2236,10 +2236,10 @@ Link - A reference to a local or remote resource + A reference to a local or remote resource, that has a specific relation to the containing object. - Link: A reference to a local or remote resource + Link: A reference to a local or remote resource, that has a specific relation to the containing object. @@ -2271,21 +2271,21 @@ - Relation - Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. + Link Relation Type + Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose. - Relation: Describes the type of relationship provided by the link. This can be an indicator of the link's purpose. + Link Relation Type: Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose. Media Type - Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + A label that indicates the nature of a resource, as a data serialization or format. - Media Type: Specifies a media type as defined by the Internet Assigned Numbers Authority (IANA) Media Types Registry. + Media Type: A label that indicates the nature of a resource, as a data serialization or format. @@ -2293,10 +2293,10 @@ Responsible Party - A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object. + A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object. - Responsible Party: A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object. + Responsible Party: A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2329,10 +2329,10 @@ Responsible Role - A human-oriented identifier reference to roles served by the user. + A reference to a role performed by a party. - Responsible Role: A human-oriented identifier reference to roles served by the user. + Responsible Role: A reference to a role performed by a party. @@ -2362,10 +2362,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2417,10 +2417,10 @@ Responsible Role - A reference to one or more roles with responsibility for performing a function relative to the containing object. + A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role. - Responsible Role: A reference to one or more roles with responsibility for performing a function relative to the containing object. + Responsible Role: A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role. Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2453,10 +2453,10 @@ Responsible Role ID - A human-oriented identifier reference to roles responsible for the business function. + A human-oriented identifier reference to a role performed. - Responsible Role ID: A human-oriented identifier reference to roles responsible for the business function. + Responsible Role ID: A human-oriented identifier reference to a role performed. @@ -2475,10 +2475,10 @@ Hash algorithm - Method by which a hash is derived + The digest method by which a hash is derived. - Hash algorithm: Method by which a hash is derived + Hash algorithm: The digest method by which a hash is derived. @@ -2488,10 +2488,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2501,10 +2501,10 @@ Publication Timestamp - The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last made available. - Publication Timestamp: The date and time the document was published. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + Publication Timestamp: The date and time the document was last made available. @@ -2512,10 +2512,10 @@ Last Modified Timestamp - The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + The date and time the document was last stored for later retrieval. - Last Modified Timestamp: The date and time the document was last modified. The date-time value must be formatted according to RFC 3339 with full time and time zone included. + Last Modified Timestamp: The date and time the document was last stored for later retrieval. @@ -2523,21 +2523,21 @@ Document Version - A string used to distinguish the current version of the document from other previous (and future) versions. + Used to distinguish a specific revision of an OSCAL document from other previous and future versions. - Document Version: A string used to distinguish the current version of the document from other previous (and future) versions. + Document Version: Used to distinguish a specific revision of an OSCAL document from other previous and future versions. - OSCAL version - The OSCAL model version the document was authored against. + OSCAL Version + The OSCAL model version the document was authored against and will conform to as valid. - OSCAL version: The OSCAL model version the document was authored against. + OSCAL Version: The OSCAL model version the document was authored against and will conform to as valid. @@ -2545,10 +2545,10 @@ Email Address - An email address as defined by RFC 5322 Section 3.4.1. + An email address as defined by RFC 5322 Section 3.4.1. - Email Address: An email address as defined by RFC 5322 Section 3.4.1. + Email Address: An email address as defined by RFC 5322 Section 3.4.1. @@ -2556,10 +2556,10 @@ Telephone Number - Contact number by telephone. + A telephone service number as defined by ITU-T E.164. - Telephone Number: Contact number by telephone. + Telephone Number: A telephone service number as defined by ITU-T E.164. @@ -2608,10 +2608,10 @@ State - State, province or analogous geographical region for mailing address + State, province or analogous geographical region for a mailing address. - State: State, province or analogous geographical region for mailing address + State: State, province or analogous geographical region for a mailing address. @@ -2621,10 +2621,10 @@ Postal Code - Postal or ZIP code for mailing address + Postal or ZIP code for mailing address. - Postal Code: Postal or ZIP code for mailing address + Postal Code: Postal or ZIP code for mailing address. @@ -2669,10 +2669,10 @@ Document Identifier - A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + A document identifier qualified by an identifier scheme. - Document Identifier: A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element. + Document Identifier: A document identifier qualified by an identifier scheme. @@ -2680,10 +2680,10 @@ Document Identification Scheme - Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. + Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. - Document Identification Scheme: Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. + Document Identification Scheme: Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters. @@ -2767,10 +2767,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2801,10 +2801,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -2937,10 +2937,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3031,10 +3031,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3173,10 +3173,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3199,10 +3199,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3247,10 +3247,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3292,14 +3292,14 @@ - + Part - A partition of a control's definition or a child of another part. + An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part. - Part: A partition of a control's definition or a child of another part. + Part: An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part. @@ -3307,10 +3307,10 @@ Part Title - A name given to the part, which may be used by a tool for display and navigation. + An optional name given to the part, which may be used by a tool for display and navigation. - Part Title: A name given to the part, which may be used by a tool for display and navigation. + Part Title: An optional name given to the part, which may be used by a tool for display and navigation. @@ -3323,7 +3323,7 @@ maxOccurs="unbounded"/> Part Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for the part. - Part Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Part Identifier: A unique identifier for the part. Part Name - A textual label that uniquely identifies the part's semantic type. + A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns. - Part Name: A textual label that uniquely identifies the part's semantic type. + Part Name: A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns. Part Namespace - A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. + An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. - Part Namespace: A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. + Part Namespace: An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. Part Class - A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs. - Part Class: A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns. + Part Class: An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs. - + Parameter @@ -3410,10 +3410,10 @@ Parameter Usage Description - Describes the purpose and use of a parameter + Describes the purpose and use of a parameter. - Parameter Usage Description: Describes the purpose and use of a parameter + Parameter Usage Description: Describes the purpose and use of a parameter. @@ -3421,20 +3421,20 @@ @@ -3442,10 +3442,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3456,41 +3456,42 @@ Parameter Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A unique identifier for the parameter. - Parameter Identifier: A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Parameter Identifier: A unique identifier for the parameter. Parameter Class - A textual label that provides a characterization of the parameter. + A textual label that provides a characterization of the type, purpose, use or scope of the parameter. - Parameter Class: A textual label that provides a characterization of the parameter. + Parameter Class: A textual label that provides a characterization of the type, purpose, use or scope of the parameter. Depends on - **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. + + (deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used. - Depends on: **(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used. + Depends on: (deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used. - + Constraint - A formal or informal expression of a constraint or test + A formal or informal expression of a constraint or test. - Constraint: A formal or informal expression of a constraint or test + Constraint: A formal or informal expression of a constraint or test. @@ -3524,10 +3525,10 @@ Constraint test - A formal (executable) expression of a constraint + A formal (executable) expression of a constraint. - Constraint test: A formal (executable) expression of a constraint + Constraint test: A formal (executable) expression of a constraint. @@ -3536,10 +3537,10 @@ Remarks - Additional commentary on the containing object. + Additional commentary about the containing object. - Remarks: Additional commentary on the containing object. + Remarks: Additional commentary about the containing object. @@ -3550,7 +3551,7 @@ - + Guideline @@ -3563,7 +3564,7 @@ - + Parameter Value @@ -3574,14 +3575,14 @@ - + Selection - Presenting a choice among alternatives + Presenting a choice among alternatives. - Selection: Presenting a choice among alternatives + Selection: Presenting a choice among alternatives. @@ -3589,10 +3590,10 @@ Choice - A value selection among several such options + A value selection among several such options. - Choice: A value selection among several such options + Choice: A value selection among several such options. @@ -3611,7 +3612,7 @@ - + Include All From d3e8b7cb6fd1663c8662cfd7597665bb71a3530a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 4 Oct 2022 09:25:26 -0400 Subject: [PATCH 066/138] Bump actions/cache from 3.0.8 to 3.0.10 (#1486) Bumps [actions/cache](https://github.com/actions/cache) from 3.0.8 to 3.0.10. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/fd5de65bc895cf536527842281bea11763fefd77...56461b9eb0f8438fd15c7a9968e3c9ebb18ceff1) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-website-reference.yml | 2 +- .github/workflows/workflow-generate-website.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index dac15f14f5..fa5835f60f 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -94,7 +94,7 @@ jobs: mvn dependency:copy-dependencies -DoutputDirectory="${JAVA_CLASSPATH}" # Install Hugo - name: Store Hugo Executable in Cache - uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 + uses: actions/cache@56461b9eb0f8438fd15c7a9968e3c9ebb18ceff1 with: path: /home/runner/go/bin/hugo key: ${{ runner.os }}-hugo-${{ hashFiles(format('{0}/build/go.sum', env.BRANCH_PATH)) }} diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index 4e475bc970..60a1972890 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -104,7 +104,7 @@ jobs: retention-days: 5 # Install Hugo - name: Store Hugo Executable in Cache - uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 + uses: actions/cache@56461b9eb0f8438fd15c7a9968e3c9ebb18ceff1 with: path: /home/runner/go/bin/hugo key: ${{ runner.os }}-hugo-${{ hashFiles(format('{0}/go.sum', env.BUILD_PATH)) }} From 1151670fbdac620d88d1d00c24097c2527eb0036 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 4 Oct 2022 10:29:37 -0400 Subject: [PATCH 067/138] Bump ncipollo/release-action from 1.10.0 to 1.11.0 (#1487) Bumps [ncipollo/release-action](https://github.com/ncipollo/release-action) from 1.10.0 to 1.11.0. - [Release notes](https://github.com/ncipollo/release-action/releases) - [Commits](https://github.com/ncipollo/release-action/compare/58ae73b360456532aafd58ee170c045abbeaee37...d9356040b0dc694f6d006b6cabee4d3c024f9e72) --- updated-dependencies: - dependency-name: ncipollo/release-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/package-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/package-release.yml b/.github/workflows/package-release.yml index 7aa6c53aa6..4715bae081 100644 --- a/.github/workflows/package-release.yml +++ b/.github/workflows/package-release.yml @@ -45,7 +45,7 @@ jobs: ${{ env.OSCAL_WORKING_PATH }}/${{ env.RELEASE_NAME }}.tar.bz2 ${{ env.OSCAL_WORKING_PATH }}/${{ env.RELEASE_NAME }}.zip retention-days: 5 - - uses: ncipollo/release-action@58ae73b360456532aafd58ee170c045abbeaee37 + - uses: ncipollo/release-action@d9356040b0dc694f6d006b6cabee4d3c024f9e72 with: name: OSCAL ${{ env.RELEASE_VERSION }} Release allowUpdates: false From 58c04807d92691ac2a494c0f4acef216d527e72b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 4 Oct 2022 10:29:57 -0400 Subject: [PATCH 068/138] Bump actions/github-script from 6.1.1 to 6.3.1 (#1485) Bumps [actions/github-script](https://github.com/actions/github-script) from 6.1.1 to 6.3.1. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/d50f485531ba88479582bc2da03ff424389af5c1...7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd) --- updated-dependencies: - dependency-name: actions/github-script dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-website.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index 60a1972890..dbb609ac98 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -153,12 +153,12 @@ jobs: name: html-link-report path: html-link-report.md retention-days: 5 - - uses: actions/github-script@d50f485531ba88479582bc2da03ff424389af5c1 + - uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd if: steps.linkchecker.outputs.exit_code != 0 with: script: | core.setFailed('Link checker detected broken or invalid links, read attached report.') - - uses: actions/github-script@d50f485531ba88479582bc2da03ff424389af5c1 + - uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd if: steps.linkchecker.outputs.exit_code != 0 && (github.event.inputs.bad_links_fail_build == 'true' || inputs.bad_links_fail_build == true) with: script: | From ad55bb84ad498950ed63abd1ec4f2eb94505966e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 4 Oct 2022 10:30:13 -0400 Subject: [PATCH 069/138] Bump actions/setup-node from 3.4.1 to 3.5.0 (#1481) Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3.4.1 to 3.5.0. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/2fddd8803e2f5c9604345a0b591c3020ee971a93...969bd2663942d722d85b6a8626225850c2f7be4b) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-metaschema-resources.yml | 2 +- .github/workflows/workflow-validate-repo-markdown.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-metaschema-resources.yml b/.github/workflows/workflow-generate-metaschema-resources.yml index 97220f27cd..fd5688a550 100644 --- a/.github/workflows/workflow-generate-metaschema-resources.yml +++ b/.github/workflows/workflow-generate-metaschema-resources.yml @@ -77,7 +77,7 @@ jobs: mkdir -p "${JAVA_CLASSPATH}" mvn dependency:copy-dependencies -DoutputDirectory="${JAVA_CLASSPATH}" - name: Set up NodeJS - uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93 + uses: actions/setup-node@969bd2663942d722d85b6a8626225850c2f7be4b with: node-version-file: '${{ env.CHECKOUT_PATH }}/build/.nvmrc' cache: 'npm' diff --git a/.github/workflows/workflow-validate-repo-markdown.yml b/.github/workflows/workflow-validate-repo-markdown.yml index 13090a1472..16ea382270 100644 --- a/.github/workflows/workflow-validate-repo-markdown.yml +++ b/.github/workflows/workflow-validate-repo-markdown.yml @@ -29,7 +29,7 @@ jobs: # Setup runtime environment # ------------------------- - name: Set up NodeJS - uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93 + uses: actions/setup-node@969bd2663942d722d85b6a8626225850c2f7be4b with: node-version-file: 'build/.nvmrc' cache: 'npm' From 6f917b39224c77063b29c28160b022b460e89fda Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 4 Oct 2022 10:31:56 -0400 Subject: [PATCH 070/138] Bump actions/setup-java from 3.4.1 to 3.5.1 (#1476) Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3.4.1 to 3.5.1. - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](https://github.com/actions/setup-java/compare/2c7a4878f5d120bd643426d54ae1209b29cc01a3...a18c333f3f14249953dab3e186e5e21bf3390f1d) --- updated-dependencies: - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-metaschema-resources.yml | 2 +- .github/workflows/workflow-generate-website-reference.yml | 2 +- .github/workflows/workflow-generate-website.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/workflow-generate-metaschema-resources.yml b/.github/workflows/workflow-generate-metaschema-resources.yml index fd5688a550..d903cbe939 100644 --- a/.github/workflows/workflow-generate-metaschema-resources.yml +++ b/.github/workflows/workflow-generate-metaschema-resources.yml @@ -66,7 +66,7 @@ jobs: # ------------------------- # Java JDK 11 - name: Set up JDK - uses: actions/setup-java@2c7a4878f5d120bd643426d54ae1209b29cc01a3 + uses: actions/setup-java@a18c333f3f14249953dab3e186e5e21bf3390f1d with: java-version: 11 distribution: 'temurin' diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index fa5835f60f..4914afd8a0 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -82,7 +82,7 @@ jobs: # ------------------------- # Java JDK 11 - name: Set up JDK - uses: actions/setup-java@2c7a4878f5d120bd643426d54ae1209b29cc01a3 + uses: actions/setup-java@a18c333f3f14249953dab3e186e5e21bf3390f1d with: java-version: 11 distribution: 'temurin' diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index dbb609ac98..e2a34f2e96 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -76,7 +76,7 @@ jobs: # ------------------------- # Java JDK 11 - name: Set up JDK - uses: actions/setup-java@2c7a4878f5d120bd643426d54ae1209b29cc01a3 + uses: actions/setup-java@a18c333f3f14249953dab3e186e5e21bf3390f1d with: java-version: 11 distribution: 'temurin' From 7f743f188d3c93a55ddbb34c8aceaef63898fc7d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 4 Oct 2022 10:44:17 -0400 Subject: [PATCH 071/138] Bump actions/checkout from 3.0.2 to 3.1.0 (#1488) Bumps [actions/checkout](https://github.com/actions/checkout) from 3.0.2 to 3.1.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/2541b1294d2704b0964813337f33b291d3f8596b...93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/package-release.yml | 2 +- .../workflows/workflow-generate-metaschema-resources.yml | 6 +++--- .github/workflows/workflow-generate-website-reference.yml | 8 ++++---- .github/workflows/workflow-generate-website.yml | 6 +++--- .github/workflows/workflow-validate-repo-markdown.yml | 2 +- .github/workflows/workflow-validate-website-content.yml | 4 ++-- 6 files changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/workflows/package-release.yml b/.github/workflows/package-release.yml index 4715bae081..ff52e0a38b 100644 --- a/.github/workflows/package-release.yml +++ b/.github/workflows/package-release.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-20.04 steps: # use this for main repo master builds - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 with: path: ${{ env.OSCAL_HOME }} submodules: recursive diff --git a/.github/workflows/workflow-generate-metaschema-resources.yml b/.github/workflows/workflow-generate-metaschema-resources.yml index d903cbe939..51056da7e9 100644 --- a/.github/workflows/workflow-generate-metaschema-resources.yml +++ b/.github/workflows/workflow-generate-metaschema-resources.yml @@ -36,7 +36,7 @@ jobs: # use this for builds triggered from the UI on protected branches - name: Checkout Latest (using COMMIT_TOKEN) if: github.event_name == 'workflow_dispatch' && github.event.inputs.commit_resources == 'true' - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 with: path: ${{ env.CHECKOUT_PATH }} token: ${{ secrets.COMMIT_TOKEN }} @@ -45,7 +45,7 @@ jobs: # use this for builds triggered from other workflows on protected branches - name: Checkout Latest (using access_token) if: github.event_name == 'push' && inputs.commit_resources == true - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 with: path: ${{ env.CHECKOUT_PATH }} token: ${{ secrets.access_token }} @@ -54,7 +54,7 @@ jobs: # use this for overything else (i.e., pull requests) where publication is not needed - name: Checkout Latest if: steps.checkout_latest_workflow.conclusion == 'skipped' && steps.checkout_latest_push.conclusion == 'skipped' - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 with: path: ${{ env.CHECKOUT_PATH }} submodules: recursive diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index 4914afd8a0..a64c6fc5be 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -41,7 +41,7 @@ jobs: # 2) The target branch where the metaschemas exist that are the basis of reference information. # Checkout the current branch for reading - name: Checkout Latest - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 with: path: ${{ env.BRANCH_PATH }} submodules: recursive @@ -49,7 +49,7 @@ jobs: # use this for builds triggered from the UI on protected branches - name: Checkout Main (using COMMIT_TOKEN) if: github.event_name == 'workflow_dispatch' && github.event.inputs.commit_resources == 'true' - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 with: path: ${{ env.MAIN_PATH }} ref: ${{ env.MAIN_BRANCH_REF }} @@ -59,7 +59,7 @@ jobs: # use this for builds triggered from other workflows on protected branches - name: Checkout Main (using access_token) if: github.event_name == 'push' && inputs.commit_resources == true - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 with: path: ${{ env.MAIN_PATH }} ref: ${{ env.MAIN_BRANCH_REF }} @@ -69,7 +69,7 @@ jobs: # use this for overything else (i.e., pull requests) where publication is not needed - name: Checkout Main if: steps.checkout_main_workflow.conclusion == 'skipped' && steps.checkout_main_push.conclusion == 'skipped' - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 with: path: ${{ env.MAIN_PATH }} ref: ${{ env.MAIN_BRANCH_REF }} diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index e2a34f2e96..1b6208ff96 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -49,7 +49,7 @@ jobs: # use this for builds triggered from the UI on protected branches - name: Checkout Latest (using COMMIT_TOKEN) if: github.event_name == 'workflow_dispatch' && github.event.inputs.commit_resources == 'true' - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 with: token: ${{ secrets.COMMIT_TOKEN }} submodules: recursive @@ -57,7 +57,7 @@ jobs: # use this for builds triggered from other workflows on protected branches - name: Checkout Latest (using access_token) if: github.event_name == 'push' && inputs.commit_resources == true - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 with: token: ${{ secrets.access_token }} submodules: recursive @@ -65,7 +65,7 @@ jobs: # use this for overything else (i.e., pull requests) where publication is not needed - name: Checkout Latest if: steps.checkout_latest_workflow.conclusion == 'skipped' && steps.checkout_latest_push.conclusion == 'skipped' - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 with: submodules: recursive - name: Set env diff --git a/.github/workflows/workflow-validate-repo-markdown.yml b/.github/workflows/workflow-validate-repo-markdown.yml index 16ea382270..4d92ad0a98 100644 --- a/.github/workflows/workflow-validate-repo-markdown.yml +++ b/.github/workflows/workflow-validate-repo-markdown.yml @@ -23,7 +23,7 @@ jobs: runs-on: ubuntu-20.04 steps: # use this for pulls where checkout is anonymous - - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 with: submodules: recursive # Setup runtime environment diff --git a/.github/workflows/workflow-validate-website-content.yml b/.github/workflows/workflow-validate-website-content.yml index 158577c08d..0809ab3fd5 100644 --- a/.github/workflows/workflow-validate-website-content.yml +++ b/.github/workflows/workflow-validate-website-content.yml @@ -23,11 +23,11 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout Latest - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 with: fetch-depth: 0 # this ensures that the tag and commit history are available - name: Checkout git ref of published website content - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 with: ref: ${{ inputs.site_git_ref }} path: ${{ inputs.site_git_ref_path }} From 154fedb0ed9d17c26167809b2e6cf6cc4c0f33d3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 4 Oct 2022 10:44:51 -0400 Subject: [PATCH 072/138] Bump stefanzweifel/git-auto-commit-action from 4.14.1 to 4.15.0 (#1472) Bumps [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action) from 4.14.1 to 4.15.0. - [Release notes](https://github.com/stefanzweifel/git-auto-commit-action/releases) - [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md) - [Commits](https://github.com/stefanzweifel/git-auto-commit-action/compare/49620cd3ed21ee620a48530e81dba0d139c9cb80...6c32682a4040e023c054b2fc60a7cf65cc77f7ad) --- updated-dependencies: - dependency-name: stefanzweifel/git-auto-commit-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-metaschema-resources.yml | 2 +- .github/workflows/workflow-generate-website-reference.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-metaschema-resources.yml b/.github/workflows/workflow-generate-metaschema-resources.yml index 51056da7e9..edf2389549 100644 --- a/.github/workflows/workflow-generate-metaschema-resources.yml +++ b/.github/workflows/workflow-generate-metaschema-resources.yml @@ -130,7 +130,7 @@ jobs: - name: Publish Schemas and Converters # only do this on master if: github.event.inputs.commit_resources == 'true' || inputs.commit_resources == true - uses: stefanzweifel/git-auto-commit-action@49620cd3ed21ee620a48530e81dba0d139c9cb80 + uses: stefanzweifel/git-auto-commit-action@6c32682a4040e023c054b2fc60a7cf65cc77f7ad with: repository: ${{ env.CHECKOUT_PATH }} file_pattern: xml json diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index a64c6fc5be..542aa84a37 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -158,7 +158,7 @@ jobs: - name: Publish Generated Pages # only do this on master if: github.event.inputs.commit_resources == 'true' || inputs.commit_resources == true - uses: stefanzweifel/git-auto-commit-action@49620cd3ed21ee620a48530e81dba0d139c9cb80 + uses: stefanzweifel/git-auto-commit-action@6c32682a4040e023c054b2fc60a7cf65cc77f7ad with: repository: ${{ env.MAIN_PATH }} file_pattern: docs From 2ffcbc701d15269bb127579318d82d20f163498a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 4 Oct 2022 10:47:03 -0400 Subject: [PATCH 073/138] Bump golang from 1.19.0-bullseye to 1.19.1-bullseye in /build (#1446) Bumps golang from 1.19.0-bullseye to 1.19.1-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- build/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/Dockerfile b/build/Dockerfile index d88f33ad51..ed1b62169e 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -11,7 +11,7 @@ RUN apt-get install -y \ apt-utils build-essential git jq libxml2-utils maven nodejs npm python3-pip unzip wget && \ apt-get clean -FROM golang:1.19.0-bullseye as oscal-hugo-build +FROM golang:1.19.1-bullseye as oscal-hugo-build RUN mkdir -p /go/src/github.com/usnistgov/OSCAL/build From f9bd5c1bf4d814ebabc42788154a5f2e2c78902f Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Tue, 4 Oct 2022 11:43:21 -0400 Subject: [PATCH 074/138] Updated data type documentation adding a note about why NCName was deprecated. Fixes #1105 (#1480) --- docs/content/reference/datatypes.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/content/reference/datatypes.md b/docs/content/reference/datatypes.md index 598a7aeedc..4ea5cd098f 100644 --- a/docs/content/reference/datatypes.md +++ b/docs/content/reference/datatypes.md @@ -433,7 +433,7 @@ In JSON Schema, this is represented as: A non-colonized name as defined by [XML Schema Part 2: Datatypes Second Edition](https://www.w3.org/TR/xmlschema11-2/#NCName). -**Note: Use of this data type has been *deprecated* in favor of [token](#token).** +**Note: Use of this data type has been *deprecated* in favor of [token](#token), which has a similar syntax.** `NCName` was replaced with `token` to avoid use of an XML-specific type. This data type is no longer in use, but is still provided here to support model documentation for older OSCAL revisions that make use of this data type. ### string From d81db4fe50791dff888c38a857f2b1f502cf9f0c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 4 Oct 2022 14:46:07 -0400 Subject: [PATCH 075/138] Bump github.com/gohugoio/hugo from 0.101.0 to 0.104.3 in /build (#1489) Bumps [github.com/gohugoio/hugo](https://github.com/gohugoio/hugo) from 0.101.0 to 0.104.3. - [Release notes](https://github.com/gohugoio/hugo/releases) - [Changelog](https://github.com/gohugoio/hugo/blob/master/hugoreleaser.toml) - [Commits](https://github.com/gohugoio/hugo/compare/v0.101.0...v0.104.3) --- updated-dependencies: - dependency-name: github.com/gohugoio/hugo dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- build/go.mod | 35 +++++++++++----------- build/go.sum | 83 ++++++++++++++++++++++++++++------------------------ 2 files changed, 62 insertions(+), 56 deletions(-) diff --git a/build/go.mod b/build/go.mod index f1ddc6117c..437ee42738 100644 --- a/build/go.mod +++ b/build/go.mod @@ -2,7 +2,7 @@ module github.com/usnistgov/OSCAL/build go 1.18 -require github.com/gohugoio/hugo v0.101.0 +require github.com/gohugoio/hugo v0.104.3 require ( cloud.google.com/go v0.101.0 // indirect @@ -20,7 +20,7 @@ require ( github.com/BurntSushi/locker v0.0.0-20171006230638-a6e239ea1c69 // indirect github.com/PuerkitoBio/purell v1.1.1 // indirect github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect - github.com/alecthomas/chroma/v2 v2.2.0 // indirect + github.com/alecthomas/chroma/v2 v2.3.0 // indirect github.com/armon/go-radix v1.0.0 // indirect github.com/aws/aws-sdk-go v1.43.5 // indirect github.com/aws/aws-sdk-go-v2 v1.9.0 // indirect @@ -43,18 +43,18 @@ require ( github.com/bep/tmc v0.5.1 // indirect github.com/clbanning/mxj/v2 v2.5.6 // indirect github.com/cli/safeexec v1.0.0 // indirect - github.com/cpuguy83/go-md2man/v2 v2.0.1 // indirect + github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect github.com/disintegration/gift v1.2.1 // indirect github.com/dlclark/regexp2 v1.4.0 // indirect github.com/dustin/go-humanize v1.0.0 // indirect - github.com/evanw/esbuild v0.14.43 // indirect + github.com/evanw/esbuild v0.15.9 // indirect github.com/frankban/quicktest v1.14.3 // indirect github.com/fsnotify/fsnotify v1.5.4 // indirect - github.com/getkin/kin-openapi v0.97.0 // indirect + github.com/getkin/kin-openapi v0.103.0 // indirect github.com/ghodss/yaml v1.0.0 // indirect github.com/go-openapi/jsonpointer v0.19.5 // indirect github.com/go-openapi/swag v0.19.5 // indirect - github.com/gobuffalo/flect v0.2.5 // indirect + github.com/gobuffalo/flect v0.3.0 // indirect github.com/gobwas/glob v0.2.3 // indirect github.com/gohugoio/go-i18n/v2 v2.1.3-0.20210430103248-4c28c89f8013 // indirect github.com/gohugoio/locales v0.14.0 // indirect @@ -75,40 +75,41 @@ require ( github.com/jmespath/go-jmespath v0.4.0 // indirect github.com/kr/pretty v0.3.0 // indirect github.com/kr/text v0.2.0 // indirect - github.com/kyokomi/emoji/v2 v2.2.9 // indirect + github.com/kyokomi/emoji/v2 v2.2.10 // indirect github.com/magefile/mage v1.13.0 // indirect github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e // indirect + github.com/marekm4/color-extractor v1.2.0 // indirect github.com/mattn/go-ieproxy v0.0.1 // indirect - github.com/mattn/go-isatty v0.0.14 // indirect + github.com/mattn/go-isatty v0.0.16 // indirect github.com/mattn/go-runewidth v0.0.9 // indirect github.com/mitchellh/hashstructure v1.1.0 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/muesli/smartcrop v0.3.0 // indirect github.com/niklasfasching/go-org v1.6.5 // indirect github.com/olekukonko/tablewriter v0.0.5 // indirect - github.com/pelletier/go-toml/v2 v2.0.2 // indirect - github.com/rogpeppe/go-internal v1.8.1 // indirect + github.com/pelletier/go-toml/v2 v2.0.4 // indirect + github.com/rogpeppe/go-internal v1.9.0 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/rwcarlsen/goexif v0.0.0-20190401172101-9e8deecbddbd // indirect github.com/sanity-io/litter v1.5.5 // indirect - github.com/spf13/afero v1.8.2 // indirect + github.com/spf13/afero v1.9.2 // indirect github.com/spf13/cast v1.5.0 // indirect - github.com/spf13/cobra v1.4.0 // indirect + github.com/spf13/cobra v1.5.0 // indirect github.com/spf13/fsync v0.9.0 // indirect github.com/spf13/jwalterweatherman v1.1.0 // indirect github.com/spf13/pflag v1.0.5 // indirect - github.com/tdewolff/minify/v2 v2.11.10 // indirect - github.com/tdewolff/parse/v2 v2.6.0 // indirect - github.com/yuin/goldmark v1.4.12 // indirect + github.com/tdewolff/minify/v2 v2.12.1 // indirect + github.com/tdewolff/parse/v2 v2.6.3 // indirect + github.com/yuin/goldmark v1.4.15 // indirect go.opencensus.io v0.23.0 // indirect - go.uber.org/atomic v1.9.0 // indirect + go.uber.org/atomic v1.10.0 // indirect gocloud.dev v0.24.0 // indirect golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa // indirect golang.org/x/image v0.0.0-20211028202545-6944b10bf410 // indirect golang.org/x/net v0.0.0-20220607020251-c690dde0001d // indirect golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5 // indirect golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect - golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a // indirect + golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab // indirect golang.org/x/text v0.3.7 // indirect golang.org/x/tools v0.1.11 // indirect golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f // indirect diff --git a/build/go.sum b/build/go.sum index 4423dc7cf2..ce2691647e 100644 --- a/build/go.sum +++ b/build/go.sum @@ -131,9 +131,9 @@ github.com/PuerkitoBio/purell v1.1.1 h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tN github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV/sSk/8dngufqelfh6jnri85riMAaF/M= github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= -github.com/alecthomas/chroma/v2 v2.2.0 h1:Aten8jfQwUqEdadVFFjNyjx7HTexhKP0XuqBG67mRDY= -github.com/alecthomas/chroma/v2 v2.2.0/go.mod h1:vf4zrexSH54oEjJ7EdB65tGNHmH3pGZmVkgTP5RHvAs= -github.com/alecthomas/repr v0.0.0-20220113201626-b1b626ac65ae h1:zzGwJfFlFGD94CyyYwCJeSuD32Gj9GTaSi5y9hoVzdY= +github.com/alecthomas/chroma/v2 v2.3.0 h1:83xfxrnjv8eK+Cf8qZDzNo3PPF9IbTWHs7z28GY6D0U= +github.com/alecthomas/chroma/v2 v2.3.0/go.mod h1:mZxeWZlxP2Dy+/8cBob2PYd8O2DwNAzave5AY7A2eQw= +github.com/alecthomas/repr v0.1.0 h1:ENn2e1+J3k09gyj2shc0dHr/yjaWSHRlrJ4DPMevDqE= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= @@ -207,8 +207,8 @@ github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWH github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= -github.com/cpuguy83/go-md2man/v2 v2.0.1 h1:r/myEWzV9lfsM1tFLgDyu0atFtJ1fXn261LKYj/3DxU= -github.com/cpuguy83/go-md2man/v2 v2.0.1/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w= +github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v0.0.0-20161028175848-04cdfd42973b/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -237,8 +237,8 @@ github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.m github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/evanw/esbuild v0.14.43 h1:4WIYkAf2fLmru3KYtKUB6mdBl4dgpoVcq7hqXhXGVG0= -github.com/evanw/esbuild v0.14.43/go.mod h1:GG+zjdi59yh3ehDn4ZWfPcATxjPDUH53iU4ZJbp7dkY= +github.com/evanw/esbuild v0.15.9 h1:1mjUDJqaSdVZJa6HXD5tyKDNZ2fym9lULLg+Ar2Nqzs= +github.com/evanw/esbuild v0.15.9/go.mod h1:iINY06rn799hi48UqEnaQvVfZWe6W9bET78LbvN8VWk= github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/fortytw2/leaktest v1.3.0 h1:u8491cBMTQ8ft8aeV+adlcytMZylmA5nnwwkRZjI8vw= github.com/fortytw2/leaktest v1.3.0/go.mod h1:jDsjWgpAGjm2CA7WthBh/CdZYEPF31XHquHwclZch5g= @@ -251,8 +251,8 @@ github.com/frankban/quicktest v1.14.3/go.mod h1:mgiwOwqx65TmIk1wJ6Q7wvnVMocbUork github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5Ai1i3InKU= github.com/fsnotify/fsnotify v1.5.4 h1:jRbGcIw6P2Meqdwuo0H1p6JVLbL5DHKAKlYndzMwVZI= github.com/fsnotify/fsnotify v1.5.4/go.mod h1:OVB6XrOHzAwXMpEM7uPOzcehqUV2UqJxmVXmkdnm1bU= -github.com/getkin/kin-openapi v0.97.0 h1:bsvXZeuGiCW43ZKy6xOY5qfT5fCRYmnJwierblSrHCU= -github.com/getkin/kin-openapi v0.97.0/go.mod h1:w4lRPHiyOdwGbOkLIyk+P0qCwlu7TXPCHD/64nSXzgE= +github.com/getkin/kin-openapi v0.103.0 h1:F5wAtaQvPWxKCAYZ69LgHAThgu16p4u41VQtbn1U8LA= +github.com/getkin/kin-openapi v0.103.0/go.mod h1:w4lRPHiyOdwGbOkLIyk+P0qCwlu7TXPCHD/64nSXzgE= github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI= @@ -270,8 +270,8 @@ github.com/go-playground/locales v0.13.0/go.mod h1:taPMhCMXrRLJO55olJkUXHZBHCxTM github.com/go-playground/universal-translator v0.17.0/go.mod h1:UkSxE5sNxxRwHyU+Scu5vgOQjsIJAF8j9muTVoKLVtA= github.com/go-playground/validator/v10 v10.2.0/go.mod h1:uOYAAleCW8F/7oMFd6aG0GOhaH6EGOAJShg8Id5JGkI= github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= -github.com/gobuffalo/flect v0.2.5 h1:H6vvsv2an0lalEaCDRThvtBfmg44W/QHXBCYUXf/6S4= -github.com/gobuffalo/flect v0.2.5/go.mod h1:1ZyCLIbg0YD7sDkzvFdPoOydPtD8y9JQnrOROolUcM8= +github.com/gobuffalo/flect v0.3.0 h1:erfPWM+K1rFNIQeRPdeEXxo8yFr/PO17lhRnS8FUrtk= +github.com/gobuffalo/flect v0.3.0/go.mod h1:5pf3aGnsvqvCj50AVni7mJJF8ICxGZ8HomberC3pXLE= github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y= github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8= github.com/gobwas/httphead v0.0.0-20180130184737-2c6c146eadee/go.mod h1:L0fX3K22YWvt/FAX9NnzrNzcI4wNYi9Yku4O0LKYflo= @@ -280,8 +280,8 @@ github.com/gobwas/ws v1.0.2/go.mod h1:szmBTxLgaFppYjEmNtny/v3w89xOydFnnZMcgRRu/E github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/gohugoio/go-i18n/v2 v2.1.3-0.20210430103248-4c28c89f8013 h1:Nj29Qbkt0bZ/bJl8eccfxQp3NlU/0IW1v9eyYtQ53XQ= github.com/gohugoio/go-i18n/v2 v2.1.3-0.20210430103248-4c28c89f8013/go.mod h1:3Ltoo9Banwq0gOtcOwxuHG6omk+AwsQPADyw2vQYOJQ= -github.com/gohugoio/hugo v0.101.0 h1:IARZnjaXCak6+x0jG9wLw7ARjB4RAu6i/5G1r0zKjFw= -github.com/gohugoio/hugo v0.101.0/go.mod h1:sqCS5HTRJmPD6ZHqIy8NVfTwWyhaPmN6gsiIP/UUD6M= +github.com/gohugoio/hugo v0.104.3 h1:UOSGF/ZUm+Unz/P7TtXd0GP0SFPIj9vLxIdsIg7Iol4= +github.com/gohugoio/hugo v0.104.3/go.mod h1:8iVWX7s/T7lbNtBWFdwBnn8XfbOfBJ9zWVrskeMWyiU= github.com/gohugoio/locales v0.14.0 h1:Q0gpsZwfv7ATHMbcTNepFd59H7GoykzWJIxi113XGDc= github.com/gohugoio/locales v0.14.0/go.mod h1:ip8cCAv/cnmVLzzXtiTpPwgJ4xhKZranqNqtoIu0b/4= github.com/gohugoio/localescompressed v1.0.1 h1:KTYMi8fCWYLswFyJAeOtuk/EkXR/KPTHHNN9OS+RTxo= @@ -428,8 +428,8 @@ github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= -github.com/kyokomi/emoji/v2 v2.2.9 h1:UWYkjplPZ4rMPvLxc+/e12/xTqoRcn55oUySkpZ554g= -github.com/kyokomi/emoji/v2 v2.2.9/go.mod h1:JUcn42DTdsXJo1SWanHh4HKDEyPaR5CqkmoirZZP9qE= +github.com/kyokomi/emoji/v2 v2.2.10 h1:1z5eMVcxFifsmEoNpdeq4UahbcicgQ4FEHuzrCVwmiI= +github.com/kyokomi/emoji/v2 v2.2.10/go.mod h1:JUcn42DTdsXJo1SWanHh4HKDEyPaR5CqkmoirZZP9qE= github.com/leodido/go-urn v1.2.0/go.mod h1:+8+nEpDfqqsY+g338gtMEUOtuK+4dEMhiQEgxpxOKII= github.com/lib/pq v1.10.2/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/magefile/mage v1.13.0 h1:XtLJl8bcCM7EFoO8FyH8XK3t7G5hQAeK+i4tq+veT9M= @@ -437,12 +437,14 @@ github.com/magefile/mage v1.13.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXq github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e h1:hB2xlXdHp/pmPZq0y3QnmWAArdw9PqbmotexnWx/FU8= github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/marekm4/color-extractor v1.2.0 h1:DCU/FXg3PlAwig7W5PRZshiX5x38k0aNPTxYZ6/fZb0= +github.com/marekm4/color-extractor v1.2.0/go.mod h1:90VjmiHI6M8ez9eYUaXLdcKnS+BAOp7w+NpwBdkJmpA= github.com/matryer/try v0.0.0-20161228173917-9ac251b645a2/go.mod h1:0KeJpeMD6o+O4hW7qJOT7vyQPKrWmj26uf5wMc/IiIs= github.com/mattn/go-ieproxy v0.0.1 h1:qiyop7gCflfhwCzGyeT0gro3sF9AIg9HU98JORTkqfI= github.com/mattn/go-ieproxy v0.0.1/go.mod h1:pYabZ6IHcRpFh7vIaLfK7rdcWgFEb3SFJ6/gNWuh88E= github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= -github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y= -github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= +github.com/mattn/go-isatty v0.0.16 h1:bq3VjFmv/sOjHtdEhmkEV4x1AJtvUvOJ2PFAZ5+peKQ= +github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mattn/go-runewidth v0.0.9 h1:Lm995f3rfxdpd6TSmuVCHVb/QhupuXlYr8sCI/QdE+0= github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= @@ -464,9 +466,8 @@ github.com/niklasfasching/go-org v1.6.5 h1:5YAIqNTdl6lAOb7lD2AyQ1RuFGPVrAKvUexph github.com/niklasfasching/go-org v1.6.5/go.mod h1:ybv0eGDnxylFUfFE+ySaQc734j/L3+/ChKZ/h63a2wM= github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec= github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY= -github.com/pelletier/go-toml/v2 v2.0.2 h1:+jQXlF3scKIcSEKkdHzXhCTDLPFi5r1wnK6yPS+49Gw= -github.com/pelletier/go-toml/v2 v2.0.2/go.mod h1:MovirKjgVRESsAvNZlAjtFwV867yGuwRkXbG66OzopI= -github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= +github.com/pelletier/go-toml/v2 v2.0.4 h1:MHHO+ZUPwPZQ6BmnnT81iQg5cuurp78CRH7rNsguSMk= +github.com/pelletier/go-toml/v2 v2.0.4/go.mod h1:OMHamSCAODeSsVrwwvcJOaoN0LIUIaFVNZzmWyNfXas= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -478,8 +479,8 @@ github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1: github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= -github.com/rogpeppe/go-internal v1.8.1 h1:geMPLpDpQOgVyCg5z5GoRwLHepNdb71NXb67XFkP+Eg= -github.com/rogpeppe/go-internal v1.8.1/go.mod h1:JeRgkft04UBgHMgCIwADu4Pn6Mtm5d4nPKWu0nJ5d+o= +github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= +github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/rwcarlsen/goexif v0.0.0-20190401172101-9e8deecbddbd h1:CmH9+J6ZSsIjUK3dcGsnCnO41eRBOnY12zwkn5qVwgc= @@ -489,12 +490,12 @@ github.com/sanity-io/litter v1.5.5/go.mod h1:9gzJgR2i4ZpjZHsKvUXIRQVk7P+yM3e+jAF github.com/shogo82148/go-shuffle v0.0.0-20180218125048-27e6095f230d/go.mod h1:2htx6lmL0NGLHlO8ZCf+lQBGBHIbEujyywxJArf+2Yc= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= -github.com/spf13/afero v1.8.2 h1:xehSyVa0YnHWsJ49JFljMpg1HX19V6NDZ1fkm1Xznbo= -github.com/spf13/afero v1.8.2/go.mod h1:CtAatgMJh6bJEIs48Ay/FOnkljP3WeGUG0MC1RfAqwo= +github.com/spf13/afero v1.9.2 h1:j49Hj62F0n+DaZ1dDCvhABaPNSGNkt32oRFxI33IEMw= +github.com/spf13/afero v1.9.2/go.mod h1:iUV7ddyEEZPO5gA3zD4fJt6iStLlL+Lg4m2cihcDf8Y= github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w= github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU= -github.com/spf13/cobra v1.4.0 h1:y+wJpx64xcgO1V+RcnwW0LEHxTKRi2ZDPSBjWnrg88Q= -github.com/spf13/cobra v1.4.0/go.mod h1:Wo4iy3BUC+X2Fybo0PDqwJIv3dNRiZLHQymsfxlB84g= +github.com/spf13/cobra v1.5.0 h1:X+jTBEBqF0bHN+9cSMgmfuvv2VHJ9ezmFNf9Y/XstYU= +github.com/spf13/cobra v1.5.0/go.mod h1:dWXEIy2H428czQCjInthrTRUg7yKbok+2Qi/yBIJoUM= github.com/spf13/fsync v0.9.0 h1:f9CEt3DOB2mnHxZaftmEOFWjABEvKM/xpf3cUwJrGOY= github.com/spf13/fsync v0.9.0/go.mod h1:fNtJEfG3HiltN3y4cPOz6MLjos9+2pIEqLIgszqhp/0= github.com/spf13/jwalterweatherman v1.1.0 h1:ue6voC5bR5F8YxI5S67j9i582FU4Qvo2bmqnqMYADFk= @@ -503,6 +504,7 @@ github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/testify v0.0.0-20161117074351-18a02ba4a312/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= @@ -510,14 +512,15 @@ github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81P github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.2 h1:4jaiDzPyXQvSd7D0EjG45355tLlV3VOECpq10pLC+8s= -github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= -github.com/tdewolff/minify/v2 v2.11.10 h1:2tk9nuKfc8YOTD8glZ7JF/VtE8W5HOgmepWdjcPtRro= -github.com/tdewolff/minify/v2 v2.11.10/go.mod h1:dHOS3dk+nJ0M3q3uM3VlNzTb70cou+ov0ki7C4PAFgM= -github.com/tdewolff/parse/v2 v2.6.0 h1:f2D7w32JtqjCv6SczWkfwK+m15et42qEtDnZXHoNY70= -github.com/tdewolff/parse/v2 v2.6.0/go.mod h1:WzaJpRSbwq++EIQHYIRTpbYKNA3gn9it1Ik++q4zyho= -github.com/tdewolff/test v1.0.6 h1:76mzYJQ83Op284kMT+63iCNCI7NEERsIN8dLM+RiKr4= -github.com/tdewolff/test v1.0.6/go.mod h1:6DAvZliBAAnD7rhVgwaM7DE5/d9NMOAJ09SqYqeK4QE= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/tdewolff/minify/v2 v2.12.1 h1:zcjJTcO0uI+asdT+nd4TjXi3KUmVV/G2kxOKKrgKlGw= +github.com/tdewolff/minify/v2 v2.12.1/go.mod h1:p5pwbvNs1ghbFED/ZW1towGsnnWwzvM8iz8l0eURi9g= +github.com/tdewolff/parse/v2 v2.6.3 h1:O5rshbkaRmpRtD7k2lG65bEJpcfUMNg5Cx2uRKWVsI8= +github.com/tdewolff/parse/v2 v2.6.3/go.mod h1:woz0cgbLwFdtbjJu8PIKxhW05KplTFQkOdX78o+Jgrs= +github.com/tdewolff/test v1.0.7 h1:8Vs0142DmPFW/bQeHRP3MV19m1gvndjUb1sn8yy74LM= +github.com/tdewolff/test v1.0.7/go.mod h1:6DAvZliBAAnD7rhVgwaM7DE5/d9NMOAJ09SqYqeK4QE= github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw= github.com/ugorji/go/codec v1.1.7/go.mod h1:Ax+UKWsSmolVDwsd+7N3ZtXu+yMGCf907BLYF3GoBXY= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -525,8 +528,8 @@ github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -github.com/yuin/goldmark v1.4.12 h1:6hffw6vALvEDqJ19dOJvJKOoAOKe4NDaTqvd2sktGN0= -github.com/yuin/goldmark v1.4.12/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= +github.com/yuin/goldmark v1.4.15 h1:CFa84T0goNn/UIXYS+dmjjVxMyTAvpOmzld40N/nfK0= +github.com/yuin/goldmark v1.4.15/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= go.opencensus.io v0.15.0/go.mod h1:UffZAU+4sDEINUGP/B7UfBBkq4fqLu9zXAX7ke6CHW0= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= @@ -539,8 +542,9 @@ go.opencensus.io v0.23.0 h1:gqCw0LfLxScz8irSi8exQc7fyQ0fKQU/qnC/X8+V/1M= go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE= go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= +go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ= +go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= go.uber.org/multierr v1.7.0/go.mod h1:7EAYxJLBy9rStEaz58O2t4Uvip6FSURkq8/ppBp95ak= @@ -743,8 +747,9 @@ golang.org/x/sys v0.0.0-20220209214540-3681064d5158/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220328115105-d36c6a25d886/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a h1:dGzPydgVsqGcTRVwiLJ1jVbufYwmzD3LfVPLKsKg+0k= -golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab h1:2QkjZIsXupsJbJIdSjjUOgWK3aEtzyuh2mPt3l/CkeU= +golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= From fe78fc461505c28e280fe5b3fd42a97e779d66d1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 5 Oct 2022 09:12:24 -0400 Subject: [PATCH 076/138] Bump golang from 1.19.1-bullseye to 1.19.2-bullseye in /build (#1491) Bumps golang from 1.19.1-bullseye to 1.19.2-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- build/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/Dockerfile b/build/Dockerfile index ed1b62169e..339c36c426 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -11,7 +11,7 @@ RUN apt-get install -y \ apt-utils build-essential git jq libxml2-utils maven nodejs npm python3-pip unzip wget && \ apt-get clean -FROM golang:1.19.1-bullseye as oscal-hugo-build +FROM golang:1.19.2-bullseye as oscal-hugo-build RUN mkdir -p /go/src/github.com/usnistgov/OSCAL/build From b3ad45a6c739871ca092e676a9c395a22ff8679a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 5 Oct 2022 09:48:30 -0400 Subject: [PATCH 077/138] Bump xmlcalabash from 1.4.1-100 to 1.5.1-100 in /build (#1492) Bumps [xmlcalabash](https://github.com/ndw/xmlcalabash1) from 1.4.1-100 to 1.5.1-100. - [Release notes](https://github.com/ndw/xmlcalabash1/releases) - [Commits](https://github.com/ndw/xmlcalabash1/compare/1.4.1-100...1.5.1-100) --- updated-dependencies: - dependency-name: com.xmlcalabash:xmlcalabash dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- build/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/pom.xml b/build/pom.xml index d0d5f7dd3d..b0b54f10cb 100644 --- a/build/pom.xml +++ b/build/pom.xml @@ -39,7 +39,7 @@ com.xmlcalabash xmlcalabash - 1.4.1-100 + 1.5.1-100 From c87aee234aeeb1fa7975e9bd5d87a6c9a83fe568 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 11 Oct 2022 09:50:21 -0400 Subject: [PATCH 078/138] Bump stefanzweifel/git-auto-commit-action from 4.15.0 to 4.15.1 (#1500) Bumps [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action) from 4.15.0 to 4.15.1. - [Release notes](https://github.com/stefanzweifel/git-auto-commit-action/releases) - [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md) - [Commits](https://github.com/stefanzweifel/git-auto-commit-action/compare/6c32682a4040e023c054b2fc60a7cf65cc77f7ad...fd157da78fa13d9383e5580d1fd1184d89554b51) --- updated-dependencies: - dependency-name: stefanzweifel/git-auto-commit-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-metaschema-resources.yml | 2 +- .github/workflows/workflow-generate-website-reference.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-metaschema-resources.yml b/.github/workflows/workflow-generate-metaschema-resources.yml index edf2389549..0ba58cf8ab 100644 --- a/.github/workflows/workflow-generate-metaschema-resources.yml +++ b/.github/workflows/workflow-generate-metaschema-resources.yml @@ -130,7 +130,7 @@ jobs: - name: Publish Schemas and Converters # only do this on master if: github.event.inputs.commit_resources == 'true' || inputs.commit_resources == true - uses: stefanzweifel/git-auto-commit-action@6c32682a4040e023c054b2fc60a7cf65cc77f7ad + uses: stefanzweifel/git-auto-commit-action@fd157da78fa13d9383e5580d1fd1184d89554b51 with: repository: ${{ env.CHECKOUT_PATH }} file_pattern: xml json diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index 542aa84a37..d26dd37cb6 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -158,7 +158,7 @@ jobs: - name: Publish Generated Pages # only do this on master if: github.event.inputs.commit_resources == 'true' || inputs.commit_resources == true - uses: stefanzweifel/git-auto-commit-action@6c32682a4040e023c054b2fc60a7cf65cc77f7ad + uses: stefanzweifel/git-auto-commit-action@fd157da78fa13d9383e5580d1fd1184d89554b51 with: repository: ${{ env.MAIN_PATH }} file_pattern: docs From 96bae320f845622ce66fa52f4b1b3d46d04a6c78 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 12 Oct 2022 14:45:13 -0400 Subject: [PATCH 079/138] Bump actions/github-script from 6.3.1 to 6.3.2 (#1504) Bumps [actions/github-script](https://github.com/actions/github-script) from 6.3.1 to 6.3.2. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd...100527700e8b29ca817ac0e0dfbfc5e8ff38edda) --- updated-dependencies: - dependency-name: actions/github-script dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-website.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index 1b6208ff96..03b28a3b88 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -153,12 +153,12 @@ jobs: name: html-link-report path: html-link-report.md retention-days: 5 - - uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd + - uses: actions/github-script@100527700e8b29ca817ac0e0dfbfc5e8ff38edda if: steps.linkchecker.outputs.exit_code != 0 with: script: | core.setFailed('Link checker detected broken or invalid links, read attached report.') - - uses: actions/github-script@7dff1a87643417cf3b95bb10b29f4c4bc60d8ebd + - uses: actions/github-script@100527700e8b29ca817ac0e0dfbfc5e8ff38edda if: steps.linkchecker.outputs.exit_code != 0 && (github.event.inputs.bad_links_fail_build == 'true' || inputs.bad_links_fail_build == true) with: script: | From f48ad703e63b2f9d7a0e21e6f20c84e63ff3147b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 16 Oct 2022 22:27:49 -0400 Subject: [PATCH 080/138] Bump actions/github-script from 6.3.2 to 6.3.3 (#1510) Bumps [actions/github-script](https://github.com/actions/github-script) from 6.3.2 to 6.3.3. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/100527700e8b29ca817ac0e0dfbfc5e8ff38edda...d556feaca394842dc55e4734bf3bb9f685482fa0) --- updated-dependencies: - dependency-name: actions/github-script dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-website.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index 03b28a3b88..a6af55da2c 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -153,12 +153,12 @@ jobs: name: html-link-report path: html-link-report.md retention-days: 5 - - uses: actions/github-script@100527700e8b29ca817ac0e0dfbfc5e8ff38edda + - uses: actions/github-script@d556feaca394842dc55e4734bf3bb9f685482fa0 if: steps.linkchecker.outputs.exit_code != 0 with: script: | core.setFailed('Link checker detected broken or invalid links, read attached report.') - - uses: actions/github-script@100527700e8b29ca817ac0e0dfbfc5e8ff38edda + - uses: actions/github-script@d556feaca394842dc55e4734bf3bb9f685482fa0 if: steps.linkchecker.outputs.exit_code != 0 && (github.event.inputs.bad_links_fail_build == 'true' || inputs.bad_links_fail_build == true) with: script: | From c692d390e957d6ce91e231d3dcd199b7b6dc7883 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 16 Oct 2022 22:29:19 -0400 Subject: [PATCH 081/138] Bump actions/cache from 3.0.10 to 3.0.11 (#1512) Bumps [actions/cache](https://github.com/actions/cache) from 3.0.10 to 3.0.11. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/56461b9eb0f8438fd15c7a9968e3c9ebb18ceff1...9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-website-reference.yml | 2 +- .github/workflows/workflow-generate-website.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index d26dd37cb6..bf06f35715 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -94,7 +94,7 @@ jobs: mvn dependency:copy-dependencies -DoutputDirectory="${JAVA_CLASSPATH}" # Install Hugo - name: Store Hugo Executable in Cache - uses: actions/cache@56461b9eb0f8438fd15c7a9968e3c9ebb18ceff1 + uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 with: path: /home/runner/go/bin/hugo key: ${{ runner.os }}-hugo-${{ hashFiles(format('{0}/build/go.sum', env.BRANCH_PATH)) }} diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index a6af55da2c..b659741dfa 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -104,7 +104,7 @@ jobs: retention-days: 5 # Install Hugo - name: Store Hugo Executable in Cache - uses: actions/cache@56461b9eb0f8438fd15c7a9968e3c9ebb18ceff1 + uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 with: path: /home/runner/go/bin/hugo key: ${{ runner.os }}-hugo-${{ hashFiles(format('{0}/go.sum', env.BUILD_PATH)) }} From ef5aa786cd0e999df6cdf5e3c926e1f77adf8ee4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 16 Oct 2022 22:31:04 -0400 Subject: [PATCH 082/138] Bump actions/setup-node from 3.5.0 to 3.5.1 (#1511) Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3.5.0 to 3.5.1. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/969bd2663942d722d85b6a8626225850c2f7be4b...8c91899e586c5b171469028077307d293428b516) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-metaschema-resources.yml | 2 +- .github/workflows/workflow-validate-repo-markdown.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-metaschema-resources.yml b/.github/workflows/workflow-generate-metaschema-resources.yml index 0ba58cf8ab..9693ced7b7 100644 --- a/.github/workflows/workflow-generate-metaschema-resources.yml +++ b/.github/workflows/workflow-generate-metaschema-resources.yml @@ -77,7 +77,7 @@ jobs: mkdir -p "${JAVA_CLASSPATH}" mvn dependency:copy-dependencies -DoutputDirectory="${JAVA_CLASSPATH}" - name: Set up NodeJS - uses: actions/setup-node@969bd2663942d722d85b6a8626225850c2f7be4b + uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 with: node-version-file: '${{ env.CHECKOUT_PATH }}/build/.nvmrc' cache: 'npm' diff --git a/.github/workflows/workflow-validate-repo-markdown.yml b/.github/workflows/workflow-validate-repo-markdown.yml index 4d92ad0a98..f24c481424 100644 --- a/.github/workflows/workflow-validate-repo-markdown.yml +++ b/.github/workflows/workflow-validate-repo-markdown.yml @@ -29,7 +29,7 @@ jobs: # Setup runtime environment # ------------------------- - name: Set up NodeJS - uses: actions/setup-node@969bd2663942d722d85b6a8626225850c2f7be4b + uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 with: node-version-file: 'build/.nvmrc' cache: 'npm' From 7c922c7357043e7389d4f946e0f4bcfcb3cd9ede Mon Sep 17 00:00:00 2001 From: Chris Compton Date: Mon, 17 Oct 2022 11:04:01 -0500 Subject: [PATCH 083/138] Support additional control-origination props #784 (#1460) * Support additional control-origination props #784 * Update recommended path to target additional nodes. Co-authored-by: David Waltermire --- src/metaschema/oscal_ssp_metaschema.xml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/metaschema/oscal_ssp_metaschema.xml b/src/metaschema/oscal_ssp_metaschema.xml index 6c51f093dd..41aa0c8e3a 100644 --- a/src/metaschema/oscal_ssp_metaschema.xml +++ b/src/metaschema/oscal_ssp_metaschema.xml @@ -717,10 +717,10 @@
    - - Identifies the source of the implemented control. + + Identifies the source of the implemented control. Any control-origination prop defined in a child context will override the parent value. - + The control is implemented by the organization owning the system, but is not specific to the system itself. The control is implemented specifically to this system. The control is provided by the system, but must be configured by the customer. From 191fe2aa6f885c8fcdb7d32e9c7cb3652a5e03a6 Mon Sep 17 00:00:00 2001 From: Chris Compton Date: Mon, 17 Oct 2022 13:38:31 -0500 Subject: [PATCH 084/138] POAM related finding support, fixes #1120 (#1478) * Add related finding assembly. #1120 * Add finding assembly to support related-findings, also moved finding to assessment common from assessment result metaschema. * Accept suggestion to revise description. Co-authored-by: Alexander Stein --- .../oscal_assessment-common_metaschema.xml | 66 +++++++++++++++++++ .../oscal_assessment-results_metaschema.xml | 66 +------------------ src/metaschema/oscal_poam_metaschema.xml | 13 ++++ 3 files changed, 80 insertions(+), 65 deletions(-) diff --git a/src/metaschema/oscal_assessment-common_metaschema.xml b/src/metaschema/oscal_assessment-common_metaschema.xml index ef7d702212..43e8886a46 100644 --- a/src/metaschema/oscal_assessment-common_metaschema.xml +++ b/src/metaschema/oscal_assessment-common_metaschema.xml @@ -786,6 +786,72 @@
    + + Finding + Describes an individual finding. + + Finding Universally Unique Identifier + + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + + + + Finding Title + The title for this finding. + + + + Finding Description + A human-readable description of this finding. + + + + + + + + + + + + +

    Used to identify the individual and/or tool generated this finding.

    +
    +
    + + target + + + Implementation Statement UUID + + A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. + + + + Related Observation + Relates the finding to a set of referenced observations that were used to determine the finding. + + + Observation Universally Unique Identifier Reference + + A machine-oriented identifier reference to an observation defined in the list of observations. + + + + + Associated Risk + Relates the finding to a set of referenced risks that were used to determine the finding. + + + Risk Universally Unique Identifier Reference + + A machine-oriented identifier reference to a risk defined in the list of risks. + + + +
    +
    + Observation Describes an individual observation. diff --git a/src/metaschema/oscal_assessment-results_metaschema.xml b/src/metaschema/oscal_assessment-results_metaschema.xml index 5637803d17..9ae9a4e924 100644 --- a/src/metaschema/oscal_assessment-results_metaschema.xml +++ b/src/metaschema/oscal_assessment-results_metaschema.xml @@ -248,71 +248,7 @@ - - Finding - Describes an individual finding. - - Finding Universally Unique Identifier - - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - - Finding Title - The title for this finding. - - - - Finding Description - A human-readable description of this finding. - - - - - - - - - - - - -

    Used to identify the individual and/or tool generated this finding.

    -
    -
    - - target - - - Implementation Statement UUID - - A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. - - - - Related Observation - Relates the finding to a set of referenced observations that were used to determine the finding. - - - Observation Universally Unique Identifier Reference - - A machine-oriented identifier reference to an observation defined in the list of observations. - - - - - Associated Risk - Relates the finding to a set of referenced risks that were used to determine the finding. - - - Risk Universally Unique Identifier Reference - - A machine-oriented identifier reference to a risk defined in the list of risks. - - - -
    -
    + diff --git a/src/metaschema/oscal_poam_metaschema.xml b/src/metaschema/oscal_poam_metaschema.xml index 6a4a52f7e2..840ee94c39 100644 --- a/src/metaschema/oscal_poam_metaschema.xml +++ b/src/metaschema/oscal_poam_metaschema.xml @@ -44,6 +44,9 @@ + + + @@ -129,6 +132,16 @@ + + Related Finding + Relates the poam-item to referenced finding(s). + + + Finding Universally Unique Identifier Reference + A machine-oriented identifier reference to a finding defined in the list of findings. + + + From c2e55c746ed7ac20219f099f3a6aa09eab2cf239 Mon Sep 17 00:00:00 2001 From: david-waltermire-nist Date: Mon, 17 Oct 2022 18:44:04 +0000 Subject: [PATCH 085/138] Publishing generated metaschema resources [ci skip] --- .../oscal_complete_xml-to-json-converter.xsl | 436 +++++++++++- .../oscal_poam_xml-to-json-converter.xsl | 634 ++++++++++++++++- json/schema/oscal_assessment-plan_schema.json | 77 +++ .../oscal_assessment-results_schema.json | 156 ++--- json/schema/oscal_complete_schema.json | 176 ++--- json/schema/oscal_poam_schema.json | 97 +++ .../oscal_complete_json-to-xml-converter.xsl | 518 +++++++++++++- .../oscal_poam_json-to-xml-converter.xsl | 640 +++++++++++++++++- xml/schema/oscal_assessment-plan_schema.xsd | 138 ++++ .../oscal_assessment-results_schema.xsd | 278 ++++---- xml/schema/oscal_complete_schema.xsd | 304 +++++---- xml/schema/oscal_poam_schema.xsd | 164 +++++ 12 files changed, 3140 insertions(+), 478 deletions(-) diff --git a/json/convert/oscal_complete_xml-to-json-converter.xsl b/json/convert/oscal_complete_xml-to-json-converter.xsl index 4aff0b6d79..01e535d7a1 100644 --- a/json/convert/oscal_complete_xml-to-json-converter.xsl +++ b/json/convert/oscal_complete_xml-to-json-converter.xsl @@ -76,7 +76,7 @@ - + @@ -624,7 +624,7 @@ - @@ -2658,6 +2658,13 @@ + + + + + + + @@ -2723,6 +2730,13 @@ + + + + + + + @@ -4497,7 +4511,7 @@ - - - - - + + + + + @@ -29692,6 +29717,395 @@ + + + + + title + + + + + + + + + + + description + + + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + + + + + + description + + + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + + + + + + identified-subject + + + + + + + + + + + + + + + + description + + + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + + + + + + title + + + + + + + + + + + description + + + + + + + + + + + + + text + + + + + + + + + + + status + + + + + + + + + + + implementation-statement-uuid + + + + + + + + + + + + + + + + + + @@ -29782,6 +30196,14 @@ + + + + + + diff --git a/json/convert/oscal_poam_xml-to-json-converter.xsl b/json/convert/oscal_poam_xml-to-json-converter.xsl index 5e79516a4f..cd4be00cc8 100644 --- a/json/convert/oscal_poam_xml-to-json-converter.xsl +++ b/json/convert/oscal_poam_xml-to-json-converter.xsl @@ -76,7 +76,7 @@ - + @@ -111,6 +111,13 @@ + + + + + + + @@ -878,6 +885,96 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + target + + + + + + + + + + + + + + + + + + + + + + + + + + + + + implementation-status + + + + + @@ -906,6 +1003,13 @@ + + + + + + + @@ -1556,7 +1660,7 @@ - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -1884,6 +2076,17 @@ + + + + + @@ -5898,7 +6101,7 @@ - @@ -5916,7 +6119,7 @@ - @@ -5938,7 +6141,7 @@ - @@ -5956,24 +6159,86 @@ - - - - - - - - - - + + + text + + + + + - + + + + text + + + + + + + + + + + text + + + + + + + + + + description + + + + + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + + + + + + identified-subject + + + + + + + + + + + + + + + + description + + + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + + + + + + text + + + + + + + + + + + title + + + + + + + + + + + description + + + + + + + + + + + + + text + + + + + + + + + + + status + + + + + + + + + + + implementation-statement-uuid + + + + + + + + + + + + + + + + + + + + + + + title + + + + + + + + + + + description + + + + + + + + + + + + + text + + + + + + + + + + + + + + + + + + + + + + + text + + + + + + + + + + + + diff --git a/json/schema/oscal_assessment-plan_schema.json b/json/schema/oscal_assessment-plan_schema.json index 49bb202861..fba22cf4d9 100644 --- a/json/schema/oscal_assessment-plan_schema.json +++ b/json/schema/oscal_assessment-plan_schema.json @@ -1523,6 +1523,83 @@ "target-id", "status" ], "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:finding" : + { "title" : "Finding", + "description" : "Describes an individual finding.", + "$id" : "#assembly_oscal-assessment-common_finding", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Finding Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Finding Title", + "description" : "The title for this finding.", + "type" : "string" }, + "description" : + { "title" : "Finding Description", + "description" : "A human-readable description of this finding.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "origins" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin" } }, + "target" : + { "$ref" : "#assembly_oscal-assessment-common_finding-target" }, + "implementation-statement-uuid" : + { "title" : "Implementation Statement UUID", + "description" : "A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related.", + "$ref" : "#/definitions/UUIDDatatype" }, + "related-observations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Related Observation", + "description" : "Relates the finding to a set of referenced observations that were used to determine the finding.", + "type" : "object", + "properties" : + { "observation-uuid" : + { "title" : "Observation Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "observation-uuid" ], + "additionalProperties" : false } }, + "related-risks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Associated Risk", + "description" : "Relates the finding to a set of referenced risks that were used to determine the finding.", + "type" : "object", + "properties" : + { "risk-uuid" : + { "title" : "Risk Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a risk defined in the list of risks.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "risk-uuid" ], + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "title", + "description", + "target" ], + "additionalProperties" : false }, "oscal-ap-oscal-assessment-common:observation" : { "title" : "Observation", "description" : "Describes an individual observation.", diff --git a/json/schema/oscal_assessment-results_schema.json b/json/schema/oscal_assessment-results_schema.json index fd9efdcdb7..47b059de4b 100644 --- a/json/schema/oscal_assessment-results_schema.json +++ b/json/schema/oscal_assessment-results_schema.json @@ -212,7 +212,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-ar_finding" } }, + { "$ref" : "#assembly_oscal-assessment-common_finding" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -222,83 +222,6 @@ "start", "reviewed-controls" ], "additionalProperties" : false }, - "oscal-ar-oscal-ar:finding" : - { "title" : "Finding", - "description" : "Describes an individual finding.", - "$id" : "#assembly_oscal-ar_finding", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Finding Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Finding Title", - "description" : "The title for this finding.", - "type" : "string" }, - "description" : - { "title" : "Finding Description", - "description" : "A human-readable description of this finding.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "origins" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin" } }, - "target" : - { "$ref" : "#assembly_oscal-assessment-common_finding-target" }, - "implementation-statement-uuid" : - { "title" : "Implementation Statement UUID", - "description" : "A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related.", - "$ref" : "#/definitions/UUIDDatatype" }, - "related-observations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Related Observation", - "description" : "Relates the finding to a set of referenced observations that were used to determine the finding.", - "type" : "object", - "properties" : - { "observation-uuid" : - { "title" : "Observation Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "observation-uuid" ], - "additionalProperties" : false } }, - "related-risks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Associated Risk", - "description" : "Relates the finding to a set of referenced risks that were used to determine the finding.", - "type" : "object", - "properties" : - { "risk-uuid" : - { "title" : "Risk Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a risk defined in the list of risks.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "risk-uuid" ], - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "title", - "description", - "target" ], - "additionalProperties" : false }, "oscal-ar-oscal-ar:import-ap" : { "title" : "Import Assessment Plan", "description" : "Used by assessment-results to import information about the original plan for assessing the system.", @@ -1753,6 +1676,83 @@ "target-id", "status" ], "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:finding" : + { "title" : "Finding", + "description" : "Describes an individual finding.", + "$id" : "#assembly_oscal-assessment-common_finding", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Finding Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Finding Title", + "description" : "The title for this finding.", + "type" : "string" }, + "description" : + { "title" : "Finding Description", + "description" : "A human-readable description of this finding.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "origins" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin" } }, + "target" : + { "$ref" : "#assembly_oscal-assessment-common_finding-target" }, + "implementation-statement-uuid" : + { "title" : "Implementation Statement UUID", + "description" : "A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related.", + "$ref" : "#/definitions/UUIDDatatype" }, + "related-observations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Related Observation", + "description" : "Relates the finding to a set of referenced observations that were used to determine the finding.", + "type" : "object", + "properties" : + { "observation-uuid" : + { "title" : "Observation Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "observation-uuid" ], + "additionalProperties" : false } }, + "related-risks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Associated Risk", + "description" : "Relates the finding to a set of referenced risks that were used to determine the finding.", + "type" : "object", + "properties" : + { "risk-uuid" : + { "title" : "Risk Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a risk defined in the list of risks.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "risk-uuid" ], + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "title", + "description", + "target" ], + "additionalProperties" : false }, "oscal-ar-oscal-assessment-common:observation" : { "title" : "Observation", "description" : "Describes an individual observation.", diff --git a/json/schema/oscal_complete_schema.json b/json/schema/oscal_complete_schema.json index 114a262b47..618dfb0cd4 100644 --- a/json/schema/oscal_complete_schema.json +++ b/json/schema/oscal_complete_schema.json @@ -3879,6 +3879,83 @@ "target-id", "status" ], "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:finding" : + { "title" : "Finding", + "description" : "Describes an individual finding.", + "$id" : "#assembly_oscal-assessment-common_finding", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Finding Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Finding Title", + "description" : "The title for this finding.", + "type" : "string" }, + "description" : + { "title" : "Finding Description", + "description" : "A human-readable description of this finding.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "origins" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin" } }, + "target" : + { "$ref" : "#assembly_oscal-assessment-common_finding-target" }, + "implementation-statement-uuid" : + { "title" : "Implementation Statement UUID", + "description" : "A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related.", + "$ref" : "#/definitions/UUIDDatatype" }, + "related-observations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Related Observation", + "description" : "Relates the finding to a set of referenced observations that were used to determine the finding.", + "type" : "object", + "properties" : + { "observation-uuid" : + { "title" : "Observation Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "observation-uuid" ], + "additionalProperties" : false } }, + "related-risks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Associated Risk", + "description" : "Relates the finding to a set of referenced risks that were used to determine the finding.", + "type" : "object", + "properties" : + { "risk-uuid" : + { "title" : "Risk Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a risk defined in the list of risks.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "risk-uuid" ], + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "title", + "description", + "target" ], + "additionalProperties" : false }, "oscal-complete-oscal-assessment-common:observation" : { "title" : "Observation", "description" : "Describes an individual observation.", @@ -4747,7 +4824,7 @@ { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-ar_finding" } }, + { "$ref" : "#assembly_oscal-assessment-common_finding" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -4757,83 +4834,6 @@ "start", "reviewed-controls" ], "additionalProperties" : false }, - "oscal-complete-oscal-ar:finding" : - { "title" : "Finding", - "description" : "Describes an individual finding.", - "$id" : "#assembly_oscal-ar_finding", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Finding Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Finding Title", - "description" : "The title for this finding.", - "type" : "string" }, - "description" : - { "title" : "Finding Description", - "description" : "A human-readable description of this finding.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "origins" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin" } }, - "target" : - { "$ref" : "#assembly_oscal-assessment-common_finding-target" }, - "implementation-statement-uuid" : - { "title" : "Implementation Statement UUID", - "description" : "A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related.", - "$ref" : "#/definitions/UUIDDatatype" }, - "related-observations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Related Observation", - "description" : "Relates the finding to a set of referenced observations that were used to determine the finding.", - "type" : "object", - "properties" : - { "observation-uuid" : - { "title" : "Observation Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "observation-uuid" ], - "additionalProperties" : false } }, - "related-risks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Associated Risk", - "description" : "Relates the finding to a set of referenced risks that were used to determine the finding.", - "type" : "object", - "properties" : - { "risk-uuid" : - { "title" : "Risk Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a risk defined in the list of risks.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "risk-uuid" ], - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "title", - "description", - "target" ], - "additionalProperties" : false }, "oscal-complete-oscal-ar:import-ap" : { "title" : "Import Assessment Plan", "description" : "Used by assessment-results to import information about the original plan for assessing the system.", @@ -4877,6 +4877,11 @@ "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-assessment-common_risk" } }, + "findings" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_finding" } }, "poam-items" : { "type" : "array", "minItems" : 1, @@ -4954,6 +4959,21 @@ "required" : [ "actors" ], "additionalProperties" : false } }, + "related-findings" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Related Finding", + "description" : "Relates the poam-item to referenced finding(s).", + "type" : "object", + "properties" : + { "finding-uuid" : + { "title" : "Finding Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a finding defined in the list of findings.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "finding-uuid" ], + "additionalProperties" : false } }, "related-observations" : { "type" : "array", "minItems" : 1, diff --git a/json/schema/oscal_poam_schema.json b/json/schema/oscal_poam_schema.json index 68483162f3..889674ec71 100644 --- a/json/schema/oscal_poam_schema.json +++ b/json/schema/oscal_poam_schema.json @@ -32,6 +32,11 @@ "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-assessment-common_risk" } }, + "findings" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_finding" } }, "poam-items" : { "type" : "array", "minItems" : 1, @@ -109,6 +114,21 @@ "required" : [ "actors" ], "additionalProperties" : false } }, + "related-findings" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Related Finding", + "description" : "Relates the poam-item to referenced finding(s).", + "type" : "object", + "properties" : + { "finding-uuid" : + { "title" : "Finding Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a finding defined in the list of findings.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "finding-uuid" ], + "additionalProperties" : false } }, "related-observations" : { "type" : "array", "minItems" : 1, @@ -2089,6 +2109,83 @@ "target-id", "status" ], "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:finding" : + { "title" : "Finding", + "description" : "Describes an individual finding.", + "$id" : "#assembly_oscal-assessment-common_finding", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Finding Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Finding Title", + "description" : "The title for this finding.", + "type" : "string" }, + "description" : + { "title" : "Finding Description", + "description" : "A human-readable description of this finding.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "origins" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin" } }, + "target" : + { "$ref" : "#assembly_oscal-assessment-common_finding-target" }, + "implementation-statement-uuid" : + { "title" : "Implementation Statement UUID", + "description" : "A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related.", + "$ref" : "#/definitions/UUIDDatatype" }, + "related-observations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Related Observation", + "description" : "Relates the finding to a set of referenced observations that were used to determine the finding.", + "type" : "object", + "properties" : + { "observation-uuid" : + { "title" : "Observation Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "observation-uuid" ], + "additionalProperties" : false } }, + "related-risks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Associated Risk", + "description" : "Relates the finding to a set of referenced risks that were used to determine the finding.", + "type" : "object", + "properties" : + { "risk-uuid" : + { "title" : "Risk Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a risk defined in the list of risks.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "risk-uuid" ], + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "title", + "description", + "target" ], + "additionalProperties" : false }, "oscal-poam-oscal-assessment-common:observation" : { "title" : "Observation", "description" : "Describes an individual observation.", diff --git a/xml/convert/oscal_complete_json-to-xml-converter.xsl b/xml/convert/oscal_complete_json-to-xml-converter.xsl index 1333edc312..7ae80de945 100644 --- a/xml/convert/oscal_complete_json-to-xml-converter.xsl +++ b/xml/convert/oscal_complete_json-to-xml-converter.xsl @@ -318,9 +318,9 @@ - + - + target @@ -1290,6 +1290,7 @@ + @@ -1319,6 +1320,7 @@ + @@ -3401,8 +3403,8 @@ - + - - + - - + - - + - - + - + + + + + + + + + + + + title + + + + + + + + + + + + + + + description + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + description + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + identified-subject + + + + + + + + + + + description + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + title + + + + + + + + + + + + + + + description + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + status + + + + + + + + + + + + implementation-statement-uuid + + + + + + + + + + + + + + + + + + + + + + + @@ -30834,6 +31310,14 @@ + + + + + + + diff --git a/xml/convert/oscal_poam_json-to-xml-converter.xsl b/xml/convert/oscal_poam_json-to-xml-converter.xsl index bbd803fc3b..f6756e964a 100644 --- a/xml/convert/oscal_poam_json-to-xml-converter.xsl +++ b/xml/convert/oscal_poam_json-to-xml-converter.xsl @@ -107,6 +107,7 @@ + @@ -442,6 +443,54 @@ + + + + + + + + + + + + + + + + + + + + + + + target + + + + + + + + + + + + + + + + + + implementation-status + + + + + @@ -452,6 +501,7 @@ + @@ -1200,8 +1250,8 @@ - + - @@ -1572,6 +1622,108 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + title + + + + + + + + + + + + + + + description + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + description + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + identified-subject + + + + + + + + + + + description + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + title + + + + + + + + + + + + + + + description + + + + + + + + + + + + + + + text + + + + + + + + + + + + + + + status + + + + + + + + + + + + implementation-statement-uuid + + + + + + + + + + + + + + + + + + + + + + + @@ -6080,6 +6706,14 @@ + + + + + + + diff --git a/xml/schema/oscal_assessment-plan_schema.xsd b/xml/schema/oscal_assessment-plan_schema.xsd index caa1f553b8..ddddeb57ad 100644 --- a/xml/schema/oscal_assessment-plan_schema.xsd +++ b/xml/schema/oscal_assessment-plan_schema.xsd @@ -2749,6 +2749,144 @@ + + + + Finding + Describes an individual finding. + + + Finding: Describes an individual finding. + + + + + + + Finding Title + The title for this finding. + + + Finding Title: The title for this finding. + + + + + + + + + + + Finding Description + A human-readable description of this finding. + + + Finding Description: A human-readable description of this finding. + + + + + + + + + + + + + + + Implementation Statement UUID + A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. + + + Implementation Statement UUID: A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. + + + + + + + + + Related Observation + Relates the finding to a set of referenced observations that were used to determine the finding. + + + Related Observation: Relates the finding to a set of referenced observations that were used to determine the finding. + + + + + Observation Universally Unique Identifier Reference + A machine-oriented identifier reference to an observation defined in the list of observations. + + + Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. + + + + + + + + + Associated Risk + Relates the finding to a set of referenced risks that were used to determine the finding. + + + Associated Risk: Relates the finding to a set of referenced risks that were used to determine the finding. + + + + + Risk Universally Unique Identifier Reference + A machine-oriented identifier reference to a risk defined in the list of risks. + + + Risk Universally Unique Identifier Reference: A machine-oriented identifier reference to a risk defined in the list of risks. + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Finding Universally Unique Identifier + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + + + Finding Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + + + diff --git a/xml/schema/oscal_assessment-results_schema.xsd b/xml/schema/oscal_assessment-results_schema.xsd index 4ad4f9bd44..dc6f971d0b 100644 --- a/xml/schema/oscal_assessment-results_schema.xsd +++ b/xml/schema/oscal_assessment-results_schema.xsd @@ -358,7 +358,7 @@ minOccurs="0" maxOccurs="unbounded"/> @@ -386,144 +386,6 @@ - - - - Finding - Describes an individual finding. - - - Finding: Describes an individual finding. - - - - - - - Finding Title - The title for this finding. - - - Finding Title: The title for this finding. - - - - - - - - - - - Finding Description - A human-readable description of this finding. - - - Finding Description: A human-readable description of this finding. - - - - - - - - - - - - - - - Implementation Statement UUID - A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. - - - Implementation Statement UUID: A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. - - - - - - - - - Related Observation - Relates the finding to a set of referenced observations that were used to determine the finding. - - - Related Observation: Relates the finding to a set of referenced observations that were used to determine the finding. - - - - - Observation Universally Unique Identifier Reference - A machine-oriented identifier reference to an observation defined in the list of observations. - - - Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. - - - - - - - - - Associated Risk - Relates the finding to a set of referenced risks that were used to determine the finding. - - - Associated Risk: Relates the finding to a set of referenced risks that were used to determine the finding. - - - - - Risk Universally Unique Identifier Reference - A machine-oriented identifier reference to a risk defined in the list of risks. - - - Risk Universally Unique Identifier Reference: A machine-oriented identifier reference to a risk defined in the list of risks. - - - - - - - - Remarks - Additional commentary about the containing object. - - - Remarks: Additional commentary about the containing object. - - - - - - - - - - Finding Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Finding Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - @@ -3174,6 +3036,144 @@ + + + + Finding + Describes an individual finding. + + + Finding: Describes an individual finding. + + + + + + + Finding Title + The title for this finding. + + + Finding Title: The title for this finding. + + + + + + + + + + + Finding Description + A human-readable description of this finding. + + + Finding Description: A human-readable description of this finding. + + + + + + + + + + + + + + + Implementation Statement UUID + A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. + + + Implementation Statement UUID: A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. + + + + + + + + + Related Observation + Relates the finding to a set of referenced observations that were used to determine the finding. + + + Related Observation: Relates the finding to a set of referenced observations that were used to determine the finding. + + + + + Observation Universally Unique Identifier Reference + A machine-oriented identifier reference to an observation defined in the list of observations. + + + Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. + + + + + + + + + Associated Risk + Relates the finding to a set of referenced risks that were used to determine the finding. + + + Associated Risk: Relates the finding to a set of referenced risks that were used to determine the finding. + + + + + Risk Universally Unique Identifier Reference + A machine-oriented identifier reference to a risk defined in the list of risks. + + + Risk Universally Unique Identifier Reference: A machine-oriented identifier reference to a risk defined in the list of risks. + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Finding Universally Unique Identifier + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + + + Finding Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + + + diff --git a/xml/schema/oscal_complete_schema.xsd b/xml/schema/oscal_complete_schema.xsd index 6d999a5dab..0662d32010 100644 --- a/xml/schema/oscal_complete_schema.xsd +++ b/xml/schema/oscal_complete_schema.xsd @@ -6680,6 +6680,144 @@ + + + + Finding + Describes an individual finding. + + + Finding: Describes an individual finding. + + + + + + + Finding Title + The title for this finding. + + + Finding Title: The title for this finding. + + + + + + + + + + + Finding Description + A human-readable description of this finding. + + + Finding Description: A human-readable description of this finding. + + + + + + + + + + + + + + + Implementation Statement UUID + A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. + + + Implementation Statement UUID: A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. + + + + + + + + + Related Observation + Relates the finding to a set of referenced observations that were used to determine the finding. + + + Related Observation: Relates the finding to a set of referenced observations that were used to determine the finding. + + + + + Observation Universally Unique Identifier Reference + A machine-oriented identifier reference to an observation defined in the list of observations. + + + Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. + + + + + + + + + Associated Risk + Relates the finding to a set of referenced risks that were used to determine the finding. + + + Associated Risk: Relates the finding to a set of referenced risks that were used to determine the finding. + + + + + Risk Universally Unique Identifier Reference + A machine-oriented identifier reference to a risk defined in the list of risks. + + + Risk Universally Unique Identifier Reference: A machine-oriented identifier reference to a risk defined in the list of risks. + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Finding Universally Unique Identifier + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + + + Finding Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + + + @@ -8139,7 +8277,7 @@ minOccurs="0" maxOccurs="unbounded"/> @@ -8167,144 +8305,6 @@ - - - - Finding - Describes an individual finding. - - - Finding: Describes an individual finding. - - - - - - - Finding Title - The title for this finding. - - - Finding Title: The title for this finding. - - - - - - - - - - - Finding Description - A human-readable description of this finding. - - - Finding Description: A human-readable description of this finding. - - - - - - - - - - - - - - - Implementation Statement UUID - A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. - - - Implementation Statement UUID: A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. - - - - - - - - - Related Observation - Relates the finding to a set of referenced observations that were used to determine the finding. - - - Related Observation: Relates the finding to a set of referenced observations that were used to determine the finding. - - - - - Observation Universally Unique Identifier Reference - A machine-oriented identifier reference to an observation defined in the list of observations. - - - Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. - - - - - - - - - Associated Risk - Relates the finding to a set of referenced risks that were used to determine the finding. - - - Associated Risk: Relates the finding to a set of referenced risks that were used to determine the finding. - - - - - Risk Universally Unique Identifier Reference - A machine-oriented identifier reference to a risk defined in the list of risks. - - - Risk Universally Unique Identifier Reference: A machine-oriented identifier reference to a risk defined in the list of risks. - - - - - - - - Remarks - Additional commentary about the containing object. - - - Remarks: Additional commentary about the containing object. - - - - - - - - - - Finding Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - Finding Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - - - @@ -8376,6 +8376,10 @@ type="oscal-assessment-common-risk-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> + + + + + + Related Finding + Relates the poam-item to referenced finding(s). + + + Related Finding: Relates the poam-item to referenced finding(s). + + + + + Finding Universally Unique Identifier Reference + A machine-oriented identifier reference to a finding defined in the list of findings. + + + Finding Universally Unique Identifier Reference: A machine-oriented identifier reference to a finding defined in the list of findings. + + + + diff --git a/xml/schema/oscal_poam_schema.xsd b/xml/schema/oscal_poam_schema.xsd index 13a168a887..f3ee3e7cad 100644 --- a/xml/schema/oscal_poam_schema.xsd +++ b/xml/schema/oscal_poam_schema.xsd @@ -54,6 +54,10 @@ type="oscal-assessment-common-risk-ASSEMBLY" minOccurs="0" maxOccurs="unbounded"/> + + + + + + Related Finding + Relates the poam-item to referenced finding(s). + + + Related Finding: Relates the poam-item to referenced finding(s). + + + + + Finding Universally Unique Identifier Reference + A machine-oriented identifier reference to a finding defined in the list of findings. + + + Finding Universally Unique Identifier Reference: A machine-oriented identifier reference to a finding defined in the list of findings. + + + + @@ -3794,6 +3820,144 @@ + + + + Finding + Describes an individual finding. + + + Finding: Describes an individual finding. + + + + + + + Finding Title + The title for this finding. + + + Finding Title: The title for this finding. + + + + + + + + + + + Finding Description + A human-readable description of this finding. + + + Finding Description: A human-readable description of this finding. + + + + + + + + + + + + + + + Implementation Statement UUID + A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. + + + Implementation Statement UUID: A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. + + + + + + + + + Related Observation + Relates the finding to a set of referenced observations that were used to determine the finding. + + + Related Observation: Relates the finding to a set of referenced observations that were used to determine the finding. + + + + + Observation Universally Unique Identifier Reference + A machine-oriented identifier reference to an observation defined in the list of observations. + + + Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. + + + + + + + + + Associated Risk + Relates the finding to a set of referenced risks that were used to determine the finding. + + + Associated Risk: Relates the finding to a set of referenced risks that were used to determine the finding. + + + + + Risk Universally Unique Identifier Reference + A machine-oriented identifier reference to a risk defined in the list of risks. + + + Risk Universally Unique Identifier Reference: A machine-oriented identifier reference to a risk defined in the list of risks. + + + + + + + + Remarks + Additional commentary about the containing object. + + + Remarks: Additional commentary about the containing object. + + + + + + + + + + Finding Universally Unique Identifier + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + + + Finding Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + + + From d9964a81306402d2b05f01d9d687d0c28331d2b0 Mon Sep 17 00:00:00 2001 From: Alexander Stein Date: Mon, 31 Oct 2022 16:15:01 -0400 Subject: [PATCH 086/138] Fix broken uri-use page links in updated reference docs of develop branch (#1518) * Fix documentation relative paths in Metaschema Recently added links in documentation refer to href="/OSCAL" and not href="https://pages.nist.gov/OSCAL" in error or to simplify link gen and lookup. Now that we are remapping the full URLs to local paths and offsets for link-checking, we want these to be consistent across the board in Metaschema after usnistgov/OSCAL#1263. * Pushing generated website pages manual override [ci skip]. * Restore rel paths for develop branch ref model docs and fix link checks. * Test full URLs per @dave-waltermire-nist's PR feedback. --- .../workflows/workflow-generate-website.yml | 2 +- .../workflow-validate-website-content.yml | 2 +- .../develop/assessment-plan/xml-outline.md | 21 ++-- .../develop/assessment-results/xml-outline.md | 28 ++--- .../reference/develop/catalog/xml-outline.md | 42 +++---- .../reference/develop/complete/xml-outline.md | 119 ++++++++---------- .../xml-outline.md | 7 +- .../reference/develop/profile/xml-outline.md | 21 ++-- .../oscal_assessment-common_metaschema.xml | 68 +++++----- .../oscal_assessment-plan_metaschema.xml | 2 +- .../oscal_assessment-results_metaschema.xml | 6 +- src/metaschema/oscal_component_metaschema.xml | 4 +- .../oscal_control-common_metaschema.xml | 2 +- ...oscal_implementation-common_metaschema.xml | 18 +-- .../oscal_mapping-common_metaschema.xml | 2 +- src/metaschema/oscal_mapping_metaschema.xml | 2 +- src/metaschema/oscal_metadata_metaschema.xml | 12 +- src/metaschema/oscal_poam_metaschema.xml | 10 +- src/metaschema/oscal_ssp_metaschema.xml | 34 ++--- 19 files changed, 184 insertions(+), 218 deletions(-) diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index b659741dfa..6e2b9fa8ba 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -143,7 +143,7 @@ jobs: id: linkchecker uses: lycheeverse/lychee-action@4a5af7cd2958a2282cefbd9c10f63bdb89982d76 with: - args: --exclude-file ./build/config/.lycheeignore --verbose --no-progress './docs/public/**/*.html' --accept 200,206,429 + args: --exclude-file ./build/config/.lycheeignore --verbose --no-progress --accept 200,206,429 './docs/public/**/*.html' --remap "https://pages.nist.gov/OSCAL/ file://${GITHUB_WORKSPACE}/docs/public/" --exclude-mail format: markdown output: html-link-report.md env: diff --git a/.github/workflows/workflow-validate-website-content.yml b/.github/workflows/workflow-validate-website-content.yml index 0809ab3fd5..dfce652c58 100644 --- a/.github/workflows/workflow-validate-website-content.yml +++ b/.github/workflows/workflow-validate-website-content.yml @@ -35,7 +35,7 @@ jobs: id: linkchecker uses: lycheeverse/lychee-action@4a5af7cd2958a2282cefbd9c10f63bdb89982d76 with: - args: --exclude-file ./build/config/.lycheeignore --verbose --no-progress --accept 200,206,429 './published/**/*.html' --exclude-mail + args: --exclude-file ./build/config/.lycheeignore --verbose --no-progress --accept 200,206,429 "./${INPUT_SITE_GIT_REF}/**/*.html" --remap "https://pages.nist.gov/OSCAL/ file://${GITHUB_WORKSPACE}/${INPUT_SITE_GIT_REF}/" --exclude-mail env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Create issue if bad links detected diff --git a/docs/content/reference/develop/assessment-plan/xml-outline.md b/docs/content/reference/develop/assessment-plan/xml-outline.md index 4612f9db39..8a59fdc90d 100644 --- a/docs/content/reference/develop/assessment-plan/xml-outline.md +++ b/docs/content/reference/develop/assessment-plan/xml-outline.md @@ -1141,10 +1141,9 @@ The following outline is a representation of the [XML format](https://github.com

    <p> or other elements defined as markup-multiline [0 to ∞]

    -
    - <part> (recursive: model like parent part) </part> [0 to ∞] -

    [Empty]

    -
    +
    +

    <part> (recursive: model like parent part) </part> [0 to ∞]

    +
    <link href="uri-reference" rel="token" media-type="string" resource-fragment="string"></link> [0 to ∞]
    @@ -1839,10 +1838,9 @@ The following outline is a representation of the [XML format](https://github.com

    <p> or other elements defined as markup-multiline [0 to ∞]

    -
    - <part> (recursive: model like parent part) </part> [0 to ∞] -

    [Empty]

    -
    +
    +

    <part> (recursive: model like parent part) </part> [0 to ∞]

    +
    <link href="uri-reference" rel="token" media-type="string" resource-fragment="string"></link> [0 to ∞]
    @@ -2597,10 +2595,9 @@ The following outline is a representation of the [XML format](https://github.com

    </dependency>

    -
    - <task> (recursive: model like parent task) </task> [0 to ∞] -

    [Empty]

    -
    +
    +

    <task> (recursive: model like parent task) </task> [0 to ∞]

    +
    <associated-activity activity-uuid="uuid"></associated-activity> [0 to ∞]
    diff --git a/docs/content/reference/develop/assessment-results/xml-outline.md b/docs/content/reference/develop/assessment-results/xml-outline.md index 067dabdac8..a48a215cb7 100644 --- a/docs/content/reference/develop/assessment-results/xml-outline.md +++ b/docs/content/reference/develop/assessment-results/xml-outline.md @@ -695,10 +695,9 @@ The following outline is a representation of the [XML format](https://github.com

    <p> or other elements defined as markup-multiline [0 to ∞]

    -
    - <part> (recursive: model like parent part) </part> [0 to ∞] -

    [Empty]

    -
    +
    +

    <part> (recursive: model like parent part) </part> [0 to ∞]

    +
    <link href="uri-reference" rel="token" media-type="string" resource-fragment="string"></link> [0 to ∞]
    @@ -2255,10 +2254,9 @@ The following outline is a representation of the [XML format](https://github.com

    </dependency>

    -
    - <task> (recursive: model like parent task) </task> [0 to ∞] -

    [Empty]

    -
    +
    +

    <task> (recursive: model like parent task) </task> [0 to ∞]

    +
    <associated-activity activity-uuid="uuid"></associated-activity> [0 to ∞]
    @@ -2994,10 +2992,9 @@ The following outline is a representation of the [XML format](https://github.com

    <p> or other elements defined as markup-multiline [0 to ∞]

    -
    - <part> (recursive: model like parent part) </part> [0 to ∞] -

    [Empty]

    -
    +
    +

    <part> (recursive: model like parent part) </part> [0 to ∞]

    +
    <link href="uri-reference" rel="token" media-type="string" resource-fragment="string"></link> [0 to ∞]
    @@ -5892,10 +5889,9 @@ The following outline is a representation of the [XML format](https://github.com

    </dependency>

    -
    - <task> (recursive: model like parent task) </task> [0 to ∞] -

    [Empty]

    -
    +
    +

    <task> (recursive: model like parent task) </task> [0 to ∞]

    +
    <associated-activity activity-uuid="uuid"></associated-activity> [0 to ∞]
    diff --git a/docs/content/reference/develop/catalog/xml-outline.md b/docs/content/reference/develop/catalog/xml-outline.md index d06df8b55d..583ba03279 100644 --- a/docs/content/reference/develop/catalog/xml-outline.md +++ b/docs/content/reference/develop/catalog/xml-outline.md @@ -928,10 +928,9 @@ The following outline is a representation of the [XML format](https://github.com

    <p> or other elements defined as markup-multiline [0 to ∞]

    -
    - <part> (recursive: model like parent part) </part> [0 to ∞] -

    [Empty]

    -
    +
    +

    <part> (recursive: model like parent part) </part> [0 to ∞]

    +
    <link href="uri-reference" rel="token" media-type="string" resource-fragment="string"></link> [0 to ∞]
    @@ -1151,10 +1150,9 @@ The following outline is a representation of the [XML format](https://github.com

    </mapping>

    -
    - <control> (recursive: model like parent control) </control> [0 to ∞] -

    [Empty]

    -
    +
    +

    <control> (recursive: model like parent control) </control> [0 to ∞]

    +

    </control>

    @@ -1350,10 +1348,9 @@ The following outline is a representation of the [XML format](https://github.com

    <p> or other elements defined as markup-multiline [0 to ∞]

    -
    - <part> (recursive: model like parent part) </part> [0 to ∞] -

    [Empty]

    -
    +
    +

    <part> (recursive: model like parent part) </part> [0 to ∞]

    +
    <link href="uri-reference" rel="token" media-type="string" resource-fragment="string"></link> [0 to ∞]
    @@ -1374,10 +1371,9 @@ The following outline is a representation of the [XML format](https://github.com

    A choice of:

    -
    - <group> (recursive: model like ancestor group) </group> [0 to ∞] -

    [Empty]

    -
    +
    +

    <group> (recursive: model like ancestor group) </group> [0 to ∞]

    +
    @@ -1572,10 +1568,9 @@ The following outline is a representation of the [XML format](https://github.com

    <p> or other elements defined as markup-multiline [0 to ∞]

    -
    - <part> (recursive: model like parent part) </part> [0 to ∞] -

    [Empty]

    -
    +
    +

    <part> (recursive: model like parent part) </part> [0 to ∞]

    +
    <link href="uri-reference" rel="token" media-type="string" resource-fragment="string"></link> [0 to ∞]
    @@ -1795,10 +1790,9 @@ The following outline is a representation of the [XML format](https://github.com

    </mapping>

    -
    - <control> (recursive: model like parent control) </control> [0 to ∞] -

    [Empty]

    -
    +
    +

    <control> (recursive: model like parent control) </control> [0 to ∞]

    +

    </control>

    diff --git a/docs/content/reference/develop/complete/xml-outline.md b/docs/content/reference/develop/complete/xml-outline.md index 1a5217f52a..34709a0c1b 100644 --- a/docs/content/reference/develop/complete/xml-outline.md +++ b/docs/content/reference/develop/complete/xml-outline.md @@ -927,10 +927,9 @@ The following outline is a representation of the [XML format](https://github.com

    <p> or other elements defined as markup-multiline [0 to ∞]

    -
    - <part> (recursive: model like parent part) </part> [0 to ∞] -

    [Empty]

    -
    +
    +

    <part> (recursive: model like parent part) </part> [0 to ∞]

    +
    <link href="uri-reference" rel="token" media-type="string" resource-fragment="string"></link> [0 to ∞]
    @@ -1150,10 +1149,9 @@ The following outline is a representation of the [XML format](https://github.com

    </mapping>

    -
    - <control> (recursive: model like parent control) </control> [0 to ∞] -

    [Empty]

    -
    +
    +

    <control> (recursive: model like parent control) </control> [0 to ∞]

    +

    </control>

    @@ -1349,10 +1347,9 @@ The following outline is a representation of the [XML format](https://github.com

    <p> or other elements defined as markup-multiline [0 to ∞]

    -
    - <part> (recursive: model like parent part) </part> [0 to ∞] -

    [Empty]

    -
    +
    +

    <part> (recursive: model like parent part) </part> [0 to ∞]

    +
    <link href="uri-reference" rel="token" media-type="string" resource-fragment="string"></link> [0 to ∞]
    @@ -1373,10 +1370,9 @@ The following outline is a representation of the [XML format](https://github.com

    A choice of:

    -
    - <group> (recursive: model like ancestor group) </group> [0 to ∞] -

    [Empty]

    -
    +
    +

    <group> (recursive: model like ancestor group) </group> [0 to ∞]

    +
    @@ -1571,10 +1567,9 @@ The following outline is a representation of the [XML format](https://github.com

    <p> or other elements defined as markup-multiline [0 to ∞]

    -
    - <part> (recursive: model like parent part) </part> [0 to ∞] -

    [Empty]

    -
    +
    +

    <part> (recursive: model like parent part) </part> [0 to ∞]

    +
    <link href="uri-reference" rel="token" media-type="string" resource-fragment="string"></link> [0 to ∞]
    @@ -1794,10 +1789,9 @@ The following outline is a representation of the [XML format](https://github.com

    </mapping>

    -
    - <control> (recursive: model like parent control) </control> [0 to ∞] -

    [Empty]

    -
    +
    +

    <control> (recursive: model like parent control) </control> [0 to ∞]

    +

    </control>

    @@ -3749,10 +3743,9 @@ The following outline is a representation of the [XML format](https://github.com

    <p> or other elements defined as markup-multiline [0 to ∞]

    -
    - <part> (recursive: model like parent part) </part> [0 to ∞] -

    [Empty]

    -
    +
    +

    <part> (recursive: model like parent part) </part> [0 to ∞]

    +
    <link href="uri-reference" rel="token" media-type="string" resource-fragment="string"></link> [0 to ∞]
    @@ -3773,10 +3766,9 @@ The following outline is a representation of the [XML format](https://github.com

    A choice of:

    -
    - <group> (recursive: model like ancestor group) </group> [0 to ∞] -

    [Empty]

    -
    +
    +

    <group> (recursive: model like ancestor group) </group> [0 to ∞]

    +
    @@ -4205,10 +4197,9 @@ The following outline is a representation of the [XML format](https://github.com

    <p> or other elements defined as markup-multiline [0 to ∞]

    -
    - <part> (recursive: model like parent part) </part> [0 to ∞] -

    [Empty]

    -
    +
    +

    <part> (recursive: model like parent part) </part> [0 to ∞]

    +
    <link href="uri-reference" rel="token" media-type="string" resource-fragment="string"></link> [0 to ∞]
    @@ -10397,10 +10388,9 @@ The following outline is a representation of the [XML format](https://github.com

    <p> or other elements defined as markup-multiline [0 to ∞]

    -
    - <part> (recursive: model like parent part) </part> [0 to ∞] -

    [Empty]

    -
    +
    +

    <part> (recursive: model like parent part) </part> [0 to ∞]

    +
    <link href="uri-reference" rel="token" media-type="string" resource-fragment="string"></link> [0 to ∞]
    @@ -11095,10 +11085,9 @@ The following outline is a representation of the [XML format](https://github.com

    <p> or other elements defined as markup-multiline [0 to ∞]

    -
    - <part> (recursive: model like parent part) </part> [0 to ∞] -

    [Empty]

    -
    +
    +

    <part> (recursive: model like parent part) </part> [0 to ∞]

    +
    <link href="uri-reference" rel="token" media-type="string" resource-fragment="string"></link> [0 to ∞]
    @@ -11853,10 +11842,9 @@ The following outline is a representation of the [XML format](https://github.com

    </dependency>

    -
    - <task> (recursive: model like parent task) </task> [0 to ∞] -

    [Empty]

    -
    +
    +

    <task> (recursive: model like parent task) </task> [0 to ∞]

    +
    <associated-activity activity-uuid="uuid"></associated-activity> [0 to ∞]
    @@ -13105,10 +13093,9 @@ The following outline is a representation of the [XML format](https://github.com

    <p> or other elements defined as markup-multiline [0 to ∞]

    -
    - <part> (recursive: model like parent part) </part> [0 to ∞] -

    [Empty]

    -
    +
    +

    <part> (recursive: model like parent part) </part> [0 to ∞]

    +
    <link href="uri-reference" rel="token" media-type="string" resource-fragment="string"></link> [0 to ∞]
    @@ -14665,10 +14652,9 @@ The following outline is a representation of the [XML format](https://github.com

    </dependency>

    -
    - <task> (recursive: model like parent task) </task> [0 to ∞] -

    [Empty]

    -
    +
    +

    <task> (recursive: model like parent task) </task> [0 to ∞]

    +
    <associated-activity activity-uuid="uuid"></associated-activity> [0 to ∞]
    @@ -15404,10 +15390,9 @@ The following outline is a representation of the [XML format](https://github.com

    <p> or other elements defined as markup-multiline [0 to ∞]

    -
    - <part> (recursive: model like parent part) </part> [0 to ∞] -

    [Empty]

    -
    +
    +

    <part> (recursive: model like parent part) </part> [0 to ∞]

    +
    <link href="uri-reference" rel="token" media-type="string" resource-fragment="string"></link> [0 to ∞]
    @@ -18302,10 +18287,9 @@ The following outline is a representation of the [XML format](https://github.com

    </dependency>

    -
    - <task> (recursive: model like parent task) </task> [0 to ∞] -

    [Empty]

    -
    +
    +

    <task> (recursive: model like parent task) </task> [0 to ∞]

    +
    <associated-activity activity-uuid="uuid"></associated-activity> [0 to ∞]
    @@ -23697,10 +23681,9 @@ The following outline is a representation of the [XML format](https://github.com

    </dependency>

    -
    - <task> (recursive: model like parent task) </task> [0 to ∞] -

    [Empty]

    -
    +
    +

    <task> (recursive: model like parent task) </task> [0 to ∞]

    +
    <associated-activity activity-uuid="uuid"></associated-activity> [0 to ∞]
    diff --git a/docs/content/reference/develop/plan-of-action-and-milestones/xml-outline.md b/docs/content/reference/develop/plan-of-action-and-milestones/xml-outline.md index 306c477a0c..00f25be773 100644 --- a/docs/content/reference/develop/plan-of-action-and-milestones/xml-outline.md +++ b/docs/content/reference/develop/plan-of-action-and-milestones/xml-outline.md @@ -3696,10 +3696,9 @@ The following outline is a representation of the [XML format](https://github.com

    </dependency>

    -
    - <task> (recursive: model like parent task) </task> [0 to ∞] -

    [Empty]

    -
    +
    +

    <task> (recursive: model like parent task) </task> [0 to ∞]

    +
    <associated-activity activity-uuid="uuid"></associated-activity> [0 to ∞]
    diff --git a/docs/content/reference/develop/profile/xml-outline.md b/docs/content/reference/develop/profile/xml-outline.md index 231b3fb974..f590660c1d 100644 --- a/docs/content/reference/develop/profile/xml-outline.md +++ b/docs/content/reference/develop/profile/xml-outline.md @@ -876,10 +876,9 @@ The following outline is a representation of the [XML format](https://github.com

    <p> or other elements defined as markup-multiline [0 to ∞]

    -
    - <part> (recursive: model like parent part) </part> [0 to ∞] -

    [Empty]

    -
    +
    +

    <part> (recursive: model like parent part) </part> [0 to ∞]

    +
    <link href="uri-reference" rel="token" media-type="string" resource-fragment="string"></link> [0 to ∞]
    @@ -900,10 +899,9 @@ The following outline is a representation of the [XML format](https://github.com

    A choice of:

    -
    - <group> (recursive: model like ancestor group) </group> [0 to ∞] -

    [Empty]

    -
    +
    +

    <group> (recursive: model like ancestor group) </group> [0 to ∞]

    +
    @@ -1332,10 +1330,9 @@ The following outline is a representation of the [XML format](https://github.com

    <p> or other elements defined as markup-multiline [0 to ∞]

    -
    - <part> (recursive: model like parent part) </part> [0 to ∞] -

    [Empty]

    -
    +
    +

    <part> (recursive: model like parent part) </part> [0 to ∞]

    +
    <link href="uri-reference" rel="token" media-type="string" resource-fragment="string"></link> [0 to ∞]
    diff --git a/src/metaschema/oscal_assessment-common_metaschema.xml b/src/metaschema/oscal_assessment-common_metaschema.xml index 43e8886a46..a96a51fb79 100644 --- a/src/metaschema/oscal_assessment-common_metaschema.xml +++ b/src/metaschema/oscal_assessment-common_metaschema.xml @@ -80,7 +80,7 @@ Assessment Method Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -104,7 +104,7 @@ Assessment Activity Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -128,7 +128,7 @@ Step Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -207,7 +207,7 @@ Task Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Task Type @@ -292,7 +292,7 @@ Task Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique task. + A machine-oriented identifier reference to a unique task. @@ -309,7 +309,7 @@ Activity Universally Unique Identifier Reference - A machine-oriented identifier reference to an activity defined in the list of activities. + A machine-oriented identifier reference to an activity defined in the list of activities. @@ -493,7 +493,7 @@ Assessment Subject Placeholder Universally Unique Identifier - A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -507,7 +507,7 @@ Task Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -586,7 +586,7 @@ Subject Universally Unique Identifier Reference - A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. + A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. @@ -607,7 +607,7 @@ Identifies the Subject - A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. + A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. type @@ -652,7 +652,7 @@ Assessment Platform Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -672,7 +672,7 @@ Component Universally Unique Identifier Reference - A machine-oriented identifier reference to a component that is implemented as part of an inventory item. + A machine-oriented identifier reference to a component that is implemented as part of an inventory item. @@ -729,7 +729,7 @@ Finding Target Identifier Reference - A machine-oriented identifier reference for a specific target qualified by the type. + A machine-oriented identifier reference for a specific target qualified by the type. @@ -792,7 +792,7 @@ Finding Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -824,7 +824,7 @@ Implementation Statement UUID - A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. + A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. @@ -834,7 +834,7 @@ Observation Universally Unique Identifier Reference - A machine-oriented identifier reference to an observation defined in the list of observations. + A machine-oriented identifier reference to an observation defined in the list of observations. @@ -845,7 +845,7 @@ Risk Universally Unique Identifier Reference - A machine-oriented identifier reference to a risk defined in the list of risks. + A machine-oriented identifier reference to a risk defined in the list of risks. @@ -858,7 +858,7 @@ Observation Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1002,7 +1002,7 @@ Actor Universally Unique Identifier Reference - A machine-oriented identifier reference to the tool or person based on the associated type. + A machine-oriented identifier reference to the tool or person based on the associated type. Actor Role @@ -1024,7 +1024,7 @@ Task Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique task. + A machine-oriented identifier reference to a unique task. @@ -1053,7 +1053,7 @@ Assessment Subject Placeholder Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. + A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. @@ -1092,7 +1092,7 @@ -

    This value must be an absolute URI that serves as a naming system identifier.

    +

    This value must be an absolute URI that serves as a naming system identifier.

    @@ -1116,7 +1116,7 @@ Risk Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1163,12 +1163,12 @@ Mitigating Factor Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Implementation UUID - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1210,7 +1210,7 @@ Risk Log Entry Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1251,7 +1251,7 @@ Response Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique risk response. + A machine-oriented identifier reference to a unique risk response. @@ -1300,7 +1300,7 @@ Observation Universally Unique Identifier Reference - A machine-oriented identifier reference to an observation defined in the list of observations. + A machine-oriented identifier reference to an observation defined in the list of observations. @@ -1321,7 +1321,7 @@ Party UUID Reference - A machine-oriented identifier reference to the party who is making the log entry. + A machine-oriented identifier reference to the party who is making the log entry. Actor Role @@ -1384,7 +1384,7 @@ -

    This value must be an absolute URI that serves as a naming system identifier.

    +

    This value must be an absolute URI that serves as a naming system identifier.

    @@ -1607,7 +1607,7 @@ Remediation Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Remediation Intent @@ -1650,7 +1650,7 @@ Required Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1713,7 +1713,7 @@ Part Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Part Name @@ -1732,7 +1732,7 @@ Part Namespace A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. -

    This value must be an absolute URI that serves as a naming system identifier.

    +

    This value must be an absolute URI that serves as a naming system identifier.

    When a ns is not provided, its value should be assumed to be http://csrc.nist.gov/ns/oscal and the name should be a name defined by the associated OSCAL model.

    diff --git a/src/metaschema/oscal_assessment-plan_metaschema.xml b/src/metaschema/oscal_assessment-plan_metaschema.xml index 790af4fcb0..5e2306939a 100644 --- a/src/metaschema/oscal_assessment-plan_metaschema.xml +++ b/src/metaschema/oscal_assessment-plan_metaschema.xml @@ -21,7 +21,7 @@ Assessment Plan Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment plan in this or other OSCAL instances. The locally defined UUID of the assessment plan can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment plan in this or other OSCAL instances. The locally defined UUID of the assessment plan can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. diff --git a/src/metaschema/oscal_assessment-results_metaschema.xml b/src/metaschema/oscal_assessment-results_metaschema.xml index 9ae9a4e924..39e9638924 100644 --- a/src/metaschema/oscal_assessment-results_metaschema.xml +++ b/src/metaschema/oscal_assessment-results_metaschema.xml @@ -23,7 +23,7 @@ Assessment Results Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment results instance in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment results instance in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -67,7 +67,7 @@ Results Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this set of results in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this set of results in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -193,7 +193,7 @@ Assessment Log Entry Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference an assessment event in this or other OSCAL instances. The locally defined UUID of the assessment log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference an assessment event in this or other OSCAL instances. The locally defined UUID of the assessment log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. diff --git a/src/metaschema/oscal_component_metaschema.xml b/src/metaschema/oscal_component_metaschema.xml index 8146d96d3e..c579e43750 100644 --- a/src/metaschema/oscal_component_metaschema.xml +++ b/src/metaschema/oscal_component_metaschema.xml @@ -318,7 +318,7 @@ Component Reference - A machine-oriented identifier reference to a component. + A machine-oriented identifier reference to a component. @@ -455,7 +455,7 @@ Control Statement Reference Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). diff --git a/src/metaschema/oscal_control-common_metaschema.xml b/src/metaschema/oscal_control-common_metaschema.xml index de51c93368..3934e1dfbd 100644 --- a/src/metaschema/oscal_control-common_metaschema.xml +++ b/src/metaschema/oscal_control-common_metaschema.xml @@ -42,7 +42,7 @@ Part Namespace An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name. -

    This value must be an absolute URI that serves as a naming system identifier.

    +

    This value must be an absolute URI that serves as a naming system identifier.

    When a ns is not provided, its value should be assumed to be http://csrc.nist.gov/ns/oscal and the name should be a name defined by the associated OSCAL model.

    diff --git a/src/metaschema/oscal_implementation-common_metaschema.xml b/src/metaschema/oscal_implementation-common_metaschema.xml index 695ac69450..bf72c46a95 100644 --- a/src/metaschema/oscal_implementation-common_metaschema.xml +++ b/src/metaschema/oscal_implementation-common_metaschema.xml @@ -31,7 +31,7 @@ Component Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -252,7 +252,7 @@ Service Protocol Information Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Protocol Name @@ -346,7 +346,7 @@ User Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -432,7 +432,7 @@ Inventory Item Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. - A machine-oriented identifier reference to a component that is implemented as part of an inventory item. + A machine-oriented identifier reference to a component that is implemented as part of an inventory item. @@ -640,7 +640,7 @@ Control Statement Reference - A human-oriented identifier reference to a control statement. + A human-oriented identifier reference to a control statement. Set Parameter Value @@ -670,7 +670,7 @@ We need to determine if both identifier-type='machine-oriented' and identifier-type='human-oriented'. Option 2 is identifier-type='unspecified'. --> - A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. + A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. id Identification System Type @@ -684,7 +684,7 @@ -

    This value must be an absolute URI that serves as a naming system identifier.

    +

    This value must be an absolute URI that serves as a naming system identifier.

    @@ -694,7 +694,7 @@ Parameter ID - A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. + A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. System ISSO diff --git a/src/metaschema/oscal_mapping-common_metaschema.xml b/src/metaschema/oscal_mapping-common_metaschema.xml index d0be2ab220..1956eb9f98 100644 --- a/src/metaschema/oscal_mapping-common_metaschema.xml +++ b/src/metaschema/oscal_mapping-common_metaschema.xml @@ -32,7 +32,7 @@ Relationship Value Namespace A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name. -

    This value must be an absolute URI that serves as a naming system identifier.

    +

    This value must be an absolute URI that serves as a naming system identifier.

    When a ns is not provided, its value should be assumed to be http://csrc.nist.gov/ns/oscal and the name should be a name defined by the associated OSCAL model.

    diff --git a/src/metaschema/oscal_mapping_metaschema.xml b/src/metaschema/oscal_mapping_metaschema.xml index 8ba99643c8..cb4b8bfb18 100644 --- a/src/metaschema/oscal_mapping_metaschema.xml +++ b/src/metaschema/oscal_mapping_metaschema.xml @@ -49,7 +49,7 @@ A mapping between two target resources. Mapping Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document. diff --git a/src/metaschema/oscal_metadata_metaschema.xml b/src/metaschema/oscal_metadata_metaschema.xml index dced70a942..aedd79902f 100644 --- a/src/metaschema/oscal_metadata_metaschema.xml +++ b/src/metaschema/oscal_metadata_metaschema.xml @@ -274,7 +274,7 @@ -

    This value must be an absolute URI that serves as a naming system identifier.

    +

    This value must be an absolute URI that serves as a naming system identifier.

    @@ -319,7 +319,7 @@ -

    Since the reference target of an organizational affiliation must be another party (whether further qualified as person or organization) as inidcated by its uuid. As a machine-oriented identifier with uniqueness across document and trans-document scope, this uuid value is sufficient to reference the data item locally or globally across related documents, e.g., in an imported OSCAL instance.

    +

    Since the reference target of an organizational affiliation must be another party (whether further qualified as person or organization) as inidcated by its uuid. As a machine-oriented identifier with uniqueness across document and trans-document scope, this uuid value is sufficient to reference the data item locally or globally across related documents, e.g., in an imported OSCAL instance.

    Parties of both the person or organization type can be associated with an organization using the member-of-organization.

    @@ -713,7 +713,7 @@ Property Namespace A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name. -

    This value must be an absolute URI that serves as a naming system identifier.

    +

    This value must be an absolute URI that serves as a naming system identifier.

    When a ns is not provided, its value should be assumed to be http://csrc.nist.gov/ns/oscal and the name should be a name defined by the associated OSCAL model.

    @@ -911,7 +911,7 @@ A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role. Responsible Role ID - A human-oriented identifier reference to a role performed. + A human-oriented identifier reference to a role performed. @@ -1133,11 +1133,11 @@ -

    This value must be an absolute URI that serves as a naming system identifier.

    +

    This value must be an absolute URI that serves as a naming system identifier.

    -

    A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions, representations or digital surrogates of the same document.

    +

    A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions, representations or digital surrogates of the same document.

    A document identifier provides an additional data point for identifying a document that can be assigned by a publisher or organization for purposes in a wider system, such as a digital object identifier (DOI) or a local content management system identifier.

    Use of a document identifier allows for document creators to associate sets of documents that are related in some way by the same document-id.

    An OSCAL document always has an implicit document identifier provided by the document's UUID, defined by the uuid on the top-level object. Having a default UUID-based identifier ensures all documents can be minimally identified when other document identifiers are not provided.

    diff --git a/src/metaschema/oscal_poam_metaschema.xml b/src/metaschema/oscal_poam_metaschema.xml index 840ee94c39..10bac95629 100644 --- a/src/metaschema/oscal_poam_metaschema.xml +++ b/src/metaschema/oscal_poam_metaschema.xml @@ -24,7 +24,7 @@ POA&M Universally Unique Identifier - A machine-oriented, globally unique identifier with instancescope that can be used to reference this POA&M instance in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with instancescope that can be used to reference this POA&M instance in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -99,7 +99,7 @@ POA&M Item Universally Unique Identifier - A machine-oriented, globally unique identifier with instance scope that can be used to reference this POA&M item entry in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with instance scope that can be used to reference this POA&M item entry in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -138,7 +138,7 @@ Finding Universally Unique Identifier Reference - A machine-oriented identifier reference to a finding defined in the list of findings. + A machine-oriented identifier reference to a finding defined in the list of findings. @@ -154,7 +154,7 @@ Observation Universally Unique Identifier Reference - A machine-oriented identifier reference to an observation defined in the list of observations. + A machine-oriented identifier reference to an observation defined in the list of observations. @@ -166,7 +166,7 @@ Risk Universally Unique Identifier Reference - A machine-oriented identifier reference to a risk defined in the list of risks. + A machine-oriented identifier reference to a risk defined in the list of risks. diff --git a/src/metaschema/oscal_ssp_metaschema.xml b/src/metaschema/oscal_ssp_metaschema.xml index 41aa0c8e3a..e98fbf64d0 100644 --- a/src/metaschema/oscal_ssp_metaschema.xml +++ b/src/metaschema/oscal_ssp_metaschema.xml @@ -35,7 +35,7 @@ System Security Plan Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this system security plan (SSP) elsewhere in this or other OSCAL instances. The locally defined UUID of the SSP can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this system security plan (SSP) elsewhere in this or other OSCAL instances. The locally defined UUID of the SSP can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -198,7 +198,7 @@ Information Type Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this information type elsewhere in this or other OSCAL instances. The locally defined UUID of the information type can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this information type elsewhere in this or other OSCAL instances. The locally defined UUID of the information type can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -223,7 +223,7 @@ -

    This value must be an absolute URI that serves as a naming system identifier.

    +

    This value must be an absolute URI that serves as a naming system identifier.

    @@ -231,7 +231,7 @@ Information Type Systematized Identifier - A human-oriented, globally unique identifier qualified by the given identification system used, such as NIST SP 800-60. This identifier has cross-instance scope and can be used to reference this system elsewhere in this or other OSCAL instances. This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, globally unique identifier qualified by the given identification system used, such as NIST SP 800-60. This identifier has cross-instance scope and can be used to reference this system elsewhere in this or other OSCAL instances. This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. id
    @@ -413,7 +413,7 @@ Diagram ID - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this diagram elsewhere in this or other OSCAL instances. The locally defined UUID of the diagram can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this diagram elsewhere in this or other OSCAL instances. The locally defined UUID of the diagram can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -541,7 +541,7 @@ Leveraged Authorization Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope and can be used to reference this leveraged authorization elsewhere in this or other OSCAL instances. The locally defined UUID of the leveraged authorization can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope and can be used to reference this leveraged authorization elsewhere in this or other OSCAL instances. The locally defined UUID of the leveraged authorization can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -557,7 +557,7 @@ party-uuid field - A machine-oriented identifier reference to the party that manages the leveraged system. + A machine-oriented identifier reference to the party that manages the leveraged system. @@ -690,7 +690,7 @@ Control Requirement Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control requirement elsewhere in this or other OSCAL instances. The locally defined UUID of the control requirement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control requirement elsewhere in this or other OSCAL instances. The locally defined UUID of the control requirement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -784,7 +784,7 @@ Control Statement Reference Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). @@ -827,12 +827,12 @@ Component Universally Unique Identifier Reference - A machine-oriented identifier reference to the component that is implemeting a given control. + A machine-oriented identifier reference to the component that is implemeting a given control. By-Component Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this by-component entry elsewhere in this or other OSCAL instances. The locally defined UUID of the by-component entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this by-component entry elsewhere in this or other OSCAL instances. The locally defined UUID of the by-component entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -876,7 +876,7 @@ Provided Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this provided entry elsewhere in this or other OSCAL instances. The locally defined UUID of the provided entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this provided entry elsewhere in this or other OSCAL instances. The locally defined UUID of the provided entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -911,7 +911,7 @@ Responsibility Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this responsibility elsewhere in this or other OSCAL instances. The locally defined UUID of the responsibility can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this responsibility elsewhere in this or other OSCAL instances. The locally defined UUID of the responsibility can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -960,7 +960,7 @@ Inherited Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inherited entry elsewhere in this or other OSCAL instances. The locally defined UUID of the inherited control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inherited entry elsewhere in this or other OSCAL instances. The locally defined UUID of the inherited control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -996,7 +996,7 @@ Satisfied Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this satisfied control implementation entry elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this satisfied control implementation entry elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1055,12 +1055,12 @@ Provided UUID - A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. + A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. Responsibility UUID - A machine-oriented identifier reference to a control implementation that satisfies a responsibility imposed by a leveraged system. + A machine-oriented identifier reference to a control implementation that satisfies a responsibility imposed by a leveraged system. From 523f0be4468602ce246a4d77f4eae6644052e577 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 31 Oct 2022 16:43:24 -0400 Subject: [PATCH 087/138] Bump golang from 1.18.3-bullseye to 1.18.4-bullseye in /build (#1361) (#1517) Bumps golang from 1.18.3-bullseye to 1.18.4-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-metaschema-resources.yml | 2 +- .github/workflows/workflow-generate-website-reference.yml | 2 +- .github/workflows/workflow-generate-website.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/workflow-generate-metaschema-resources.yml b/.github/workflows/workflow-generate-metaschema-resources.yml index 9693ced7b7..cd3eab594c 100644 --- a/.github/workflows/workflow-generate-metaschema-resources.yml +++ b/.github/workflows/workflow-generate-metaschema-resources.yml @@ -66,7 +66,7 @@ jobs: # ------------------------- # Java JDK 11 - name: Set up JDK - uses: actions/setup-java@a18c333f3f14249953dab3e186e5e21bf3390f1d + uses: actions/setup-java@de1bb2b0c5634f0fc4438d7aa9944e68f9bf86cc with: java-version: 11 distribution: 'temurin' diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index bf06f35715..168dce005b 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -82,7 +82,7 @@ jobs: # ------------------------- # Java JDK 11 - name: Set up JDK - uses: actions/setup-java@a18c333f3f14249953dab3e186e5e21bf3390f1d + uses: actions/setup-java@de1bb2b0c5634f0fc4438d7aa9944e68f9bf86cc with: java-version: 11 distribution: 'temurin' diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index 6e2b9fa8ba..a47f122187 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -76,7 +76,7 @@ jobs: # ------------------------- # Java JDK 11 - name: Set up JDK - uses: actions/setup-java@a18c333f3f14249953dab3e186e5e21bf3390f1d + uses: actions/setup-java@de1bb2b0c5634f0fc4438d7aa9944e68f9bf86cc with: java-version: 11 distribution: 'temurin' From c47ca478252354f1e499b2fe6666975caf1724fc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 31 Oct 2022 16:43:53 -0400 Subject: [PATCH 088/138] Bump golang from 1.18.3-bullseye to 1.18.4-bullseye in /build (#1361) (#1514) Bumps golang from 1.18.3-bullseye to 1.18.4-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-validate-repo-markdown.yml | 2 +- .github/workflows/workflow-validate-website-content.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-validate-repo-markdown.yml b/.github/workflows/workflow-validate-repo-markdown.yml index f24c481424..d1b2505421 100644 --- a/.github/workflows/workflow-validate-repo-markdown.yml +++ b/.github/workflows/workflow-validate-repo-markdown.yml @@ -61,7 +61,7 @@ jobs: id: linkchecker - name: Create issue if bad links detected in repo if: failure() && inputs.create_issue == true - uses: peter-evans/create-issue-from-file@99b87c35610e986ad2034a7b0518a9b3ebea541b # v3.0.0 + uses: peter-evans/create-issue-from-file@433e51abf769039ee20ba1293a088ca19d573b7f # v3.0.0 with: title: Scheduled Check of Markdown Documents Found Bad Hyperlinks content-filepath: mlc_report.log diff --git a/.github/workflows/workflow-validate-website-content.yml b/.github/workflows/workflow-validate-website-content.yml index dfce652c58..aaca6f3b60 100644 --- a/.github/workflows/workflow-validate-website-content.yml +++ b/.github/workflows/workflow-validate-website-content.yml @@ -40,7 +40,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Create issue if bad links detected if: steps.linkchecker.outputs.exit_code != 0 && inputs.create_issue - uses: peter-evans/create-issue-from-file@99b87c35610e986ad2034a7b0518a9b3ebea541b + uses: peter-evans/create-issue-from-file@433e51abf769039ee20ba1293a088ca19d573b7f with: title: Scheduled Check of Website Content Found Bad Hyperlinks content-filepath: ./lychee/out.md From 02f81360dd3eb9fde7ddd9ceb43fc0cbfd009bc9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 31 Oct 2022 16:44:23 -0400 Subject: [PATCH 089/138] Bump golang from 1.18.3-bullseye to 1.18.4-bullseye in /build (#1361) (#1519) Bumps golang from 1.18.3-bullseye to 1.18.4-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/issue-triage.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/issue-triage.yml b/.github/workflows/issue-triage.yml index f4f7f95460..071fe87ff2 100644 --- a/.github/workflows/issue-triage.yml +++ b/.github/workflows/issue-triage.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-20.04 if: github.event.action == 'closed' steps: - - uses: alex-page/github-project-automation-plus@bb266ff4dde9242060e2d5418e120a133586d488 + - uses: alex-page/github-project-automation-plus@1f8873e97e3c8f58161a323b7c568c1f623a1c4d with: project: Issue Triage column: Done From 6af8024a708af14e4cbf838cdb2c722fa7da1bba Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 31 Oct 2022 16:45:25 -0400 Subject: [PATCH 090/138] Bump golang from 1.18.3-bullseye to 1.18.4-bullseye in /build (#1361) (#1515) Bumps golang from 1.18.3-bullseye to 1.18.4-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/issue-triage.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/issue-triage.yml b/.github/workflows/issue-triage.yml index 071fe87ff2..b887df6f72 100644 --- a/.github/workflows/issue-triage.yml +++ b/.github/workflows/issue-triage.yml @@ -11,7 +11,7 @@ jobs: if: github.event.action == 'opened' steps: - name: Add New Issues to Issue Triage Board - uses: peter-evans/create-or-update-project-card@866533e2ae61f13c35fd1d374049713fab43c729 + uses: peter-evans/create-or-update-project-card@5eacbbd224b7814354861b555cc18a8359e2cebe with: project-name: Issue Triage column-name: Needs Triage From 005cbc36ce9b3950f8b035e445df7daf56117b3e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 31 Oct 2022 16:46:02 -0400 Subject: [PATCH 091/138] Bump golang from 1.18.3-bullseye to 1.18.4-bullseye in /build (#1361) (#1516) Bumps golang from 1.18.3-bullseye to 1.18.4-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-website-reference.yml | 2 +- .github/workflows/workflow-generate-website.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index 168dce005b..b26779a320 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -105,7 +105,7 @@ jobs: echo "/home/runner/go/bin" >> $GITHUB_PATH - name: Setup Golang if: steps.cache-hugo.outputs.cache-hit != 'true' - uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f + uses: actions/setup-go@c4a742cab115ed795e34d4513e2cf7d472deb55f with: go-version-file: '${{ env.BRANCH_PATH }}/build/go.mod' cache: true diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index a47f122187..da8c35e2f4 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -115,7 +115,7 @@ jobs: echo "/home/runner/go/bin" >> $GITHUB_PATH - name: Setup Golang if: steps.cache-hugo.outputs.cache-hit != 'true' - uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f + uses: actions/setup-go@c4a742cab115ed795e34d4513e2cf7d472deb55f with: go-version-file: '${{ env.BUILD_PATH }}/go.mod' cache: true From 198ba42a85222fbf9e1183e7fd17f23f4510cc4a Mon Sep 17 00:00:00 2001 From: OSCAL GitHub Actions Bot Date: Mon, 31 Oct 2022 20:52:28 +0000 Subject: [PATCH 092/138] Publishing generated metaschema resources [ci skip] --- xml/schema/oscal_assessment-plan_schema.xsd | 82 +++++----- .../oscal_assessment-results_schema.xsd | 86 +++++------ xml/schema/oscal_catalog_schema.xsd | 2 +- xml/schema/oscal_complete_schema.xsd | 142 +++++++++--------- xml/schema/oscal_component_schema.xsd | 22 +-- xml/schema/oscal_mapping_schema.xsd | 4 +- xml/schema/oscal_poam_schema.xsd | 90 +++++------ xml/schema/oscal_profile_schema.xsd | 2 +- xml/schema/oscal_ssp_schema.xsd | 52 +++---- 9 files changed, 241 insertions(+), 241 deletions(-) diff --git a/xml/schema/oscal_assessment-plan_schema.xsd b/xml/schema/oscal_assessment-plan_schema.xsd index ddddeb57ad..5eefa07fb1 100644 --- a/xml/schema/oscal_assessment-plan_schema.xsd +++ b/xml/schema/oscal_assessment-plan_schema.xsd @@ -127,7 +127,7 @@ Assessment Plan Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment plan in this or other OSCAL instances. The locally defined UUID of the assessment plan can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment plan in this or other OSCAL instances. The locally defined UUID of the assessment plan can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Plan Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment plan in this or other OSCAL instances. The locally defined UUID of the assessment plan can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1138,7 +1138,7 @@ Responsible Role ID - A human-oriented identifier reference to a role performed. + A human-oriented identifier reference to a role performed. Responsible Role ID: A human-oriented identifier reference to a role performed. @@ -1526,7 +1526,7 @@ Assessment Method Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Method Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1656,7 +1656,7 @@ Step Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Step Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1690,7 +1690,7 @@ Assessment Activity Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Activity Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1876,7 +1876,7 @@ Task Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique task. + A machine-oriented identifier reference to a unique task. Task Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique task. @@ -1933,7 +1933,7 @@ Activity Universally Unique Identifier Reference - A machine-oriented identifier reference to an activity defined in the list of activities. + A machine-oriented identifier reference to an activity defined in the list of activities. Activity Universally Unique Identifier Reference: A machine-oriented identifier reference to an activity defined in the list of activities. @@ -1967,7 +1967,7 @@ Task Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Task Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2256,7 +2256,7 @@ Task Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Task Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2290,7 +2290,7 @@ Assessment Subject Placeholder Universally Unique Identifier - A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Subject Placeholder Universally Unique Identifier: A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2405,7 +2405,7 @@ Subject Universally Unique Identifier Reference - A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. + A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. Subject Universally Unique Identifier Reference: A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. @@ -2426,7 +2426,7 @@ Identifies the Subject - A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. + A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. Identifies the Subject: A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. @@ -2473,7 +2473,7 @@ Subject Universally Unique Identifier Reference - A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. + A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. Subject Universally Unique Identifier Reference: A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. @@ -2579,7 +2579,7 @@ Component Universally Unique Identifier Reference - A machine-oriented identifier reference to a component that is implemented as part of an inventory item. + A machine-oriented identifier reference to a component that is implemented as part of an inventory item. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to a component that is implemented as part of an inventory item. @@ -2605,7 +2605,7 @@ Assessment Platform Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Platform Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2742,7 +2742,7 @@ Finding Target Identifier Reference - A machine-oriented identifier reference for a specific target qualified by the type. + A machine-oriented identifier reference for a specific target qualified by the type. Finding Target Identifier Reference: A machine-oriented identifier reference for a specific target qualified by the type. @@ -2810,7 +2810,7 @@ Implementation Statement UUID - A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. + A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. Implementation Statement UUID: A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. @@ -2832,7 +2832,7 @@ Observation Universally Unique Identifier Reference - A machine-oriented identifier reference to an observation defined in the list of observations. + A machine-oriented identifier reference to an observation defined in the list of observations. Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. @@ -2854,7 +2854,7 @@ Risk Universally Unique Identifier Reference - A machine-oriented identifier reference to a risk defined in the list of risks. + A machine-oriented identifier reference to a risk defined in the list of risks. Risk Universally Unique Identifier Reference: A machine-oriented identifier reference to a risk defined in the list of risks. @@ -2880,7 +2880,7 @@ Finding Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Finding Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3073,7 +3073,7 @@ Observation Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Observation Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3133,7 +3133,7 @@ Actor Universally Unique Identifier Reference - A machine-oriented identifier reference to the tool or person based on the associated type. + A machine-oriented identifier reference to the tool or person based on the associated type. Actor Universally Unique Identifier Reference: A machine-oriented identifier reference to the tool or person based on the associated type. @@ -3196,7 +3196,7 @@ Assessment Subject Placeholder Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. + A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. Assessment Subject Placeholder Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. @@ -3222,7 +3222,7 @@ Task Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique task. + A machine-oriented identifier reference to a unique task. Task Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique task. @@ -3385,7 +3385,7 @@ Mitigating Factor Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Mitigating Factor Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3395,7 +3395,7 @@ Implementation UUID - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Implementation UUID: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3555,7 +3555,7 @@ Response Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique risk response. + A machine-oriented identifier reference to a unique risk response. Response Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique risk response. @@ -3581,7 +3581,7 @@ Risk Log Entry Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Risk Log Entry Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3606,7 +3606,7 @@ Observation Universally Unique Identifier Reference - A machine-oriented identifier reference to an observation defined in the list of observations. + A machine-oriented identifier reference to an observation defined in the list of observations. Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. @@ -3619,7 +3619,7 @@ Risk Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Risk Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3639,7 +3639,7 @@ Party UUID Reference - A machine-oriented identifier reference to the party who is making the log entry. + A machine-oriented identifier reference to the party who is making the log entry. Party UUID Reference: A machine-oriented identifier reference to the party who is making the log entry. @@ -3879,7 +3879,7 @@ Required Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Required Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3909,7 +3909,7 @@ Remediation Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Remediation Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3969,7 +3969,7 @@ Part Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Part Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4462,7 +4462,7 @@ Component Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Component Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4513,7 +4513,7 @@ Service Protocol Information Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Service Protocol Information Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4692,7 +4692,7 @@ User Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. User Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4834,7 +4834,7 @@ Component Universally Unique Identifier Reference - A machine-oriented identifier reference to a component that is implemented as part of an inventory item. + A machine-oriented identifier reference to a component that is implemented as part of an inventory item. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to a component that is implemented as part of an inventory item. @@ -4860,7 +4860,7 @@ Inventory Item Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Inventory Item Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4908,7 +4908,7 @@ Parameter ID - A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. + A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. Parameter ID: A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. @@ -4919,7 +4919,7 @@ System Identification - A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. + A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. System Identification: A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. diff --git a/xml/schema/oscal_assessment-results_schema.xsd b/xml/schema/oscal_assessment-results_schema.xsd index dc6f971d0b..6cad61663b 100644 --- a/xml/schema/oscal_assessment-results_schema.xsd +++ b/xml/schema/oscal_assessment-results_schema.xsd @@ -85,7 +85,7 @@ Assessment Results Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment results instance in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment results instance in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Results Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment results instance in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -338,7 +338,7 @@ Assessment Log Entry Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference an assessment event in this or other OSCAL instances. The locally defined UUID of the assessment log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference an assessment event in this or other OSCAL instances. The locally defined UUID of the assessment log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Log Entry Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference an assessment event in this or other OSCAL instances. The locally defined UUID of the assessment log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -379,7 +379,7 @@ Results Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this set of results in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this set of results in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Results Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this set of results in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1425,7 +1425,7 @@ Responsible Role ID - A human-oriented identifier reference to a role performed. + A human-oriented identifier reference to a role performed. Responsible Role ID: A human-oriented identifier reference to a role performed. @@ -1813,7 +1813,7 @@ Assessment Method Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Method Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1943,7 +1943,7 @@ Step Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Step Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1977,7 +1977,7 @@ Assessment Activity Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Activity Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2163,7 +2163,7 @@ Task Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique task. + A machine-oriented identifier reference to a unique task. Task Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique task. @@ -2220,7 +2220,7 @@ Activity Universally Unique Identifier Reference - A machine-oriented identifier reference to an activity defined in the list of activities. + A machine-oriented identifier reference to an activity defined in the list of activities. Activity Universally Unique Identifier Reference: A machine-oriented identifier reference to an activity defined in the list of activities. @@ -2254,7 +2254,7 @@ Task Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Task Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2543,7 +2543,7 @@ Task Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Task Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2577,7 +2577,7 @@ Assessment Subject Placeholder Universally Unique Identifier - A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Subject Placeholder Universally Unique Identifier: A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2692,7 +2692,7 @@ Subject Universally Unique Identifier Reference - A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. + A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. Subject Universally Unique Identifier Reference: A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. @@ -2713,7 +2713,7 @@ Identifies the Subject - A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. + A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. Identifies the Subject: A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. @@ -2760,7 +2760,7 @@ Subject Universally Unique Identifier Reference - A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. + A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. Subject Universally Unique Identifier Reference: A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. @@ -2866,7 +2866,7 @@ Component Universally Unique Identifier Reference - A machine-oriented identifier reference to a component that is implemented as part of an inventory item. + A machine-oriented identifier reference to a component that is implemented as part of an inventory item. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to a component that is implemented as part of an inventory item. @@ -2892,7 +2892,7 @@ Assessment Platform Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Platform Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3029,7 +3029,7 @@ Finding Target Identifier Reference - A machine-oriented identifier reference for a specific target qualified by the type. + A machine-oriented identifier reference for a specific target qualified by the type. Finding Target Identifier Reference: A machine-oriented identifier reference for a specific target qualified by the type. @@ -3097,7 +3097,7 @@ Implementation Statement UUID - A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. + A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. Implementation Statement UUID: A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. @@ -3119,7 +3119,7 @@ Observation Universally Unique Identifier Reference - A machine-oriented identifier reference to an observation defined in the list of observations. + A machine-oriented identifier reference to an observation defined in the list of observations. Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. @@ -3141,7 +3141,7 @@ Risk Universally Unique Identifier Reference - A machine-oriented identifier reference to a risk defined in the list of risks. + A machine-oriented identifier reference to a risk defined in the list of risks. Risk Universally Unique Identifier Reference: A machine-oriented identifier reference to a risk defined in the list of risks. @@ -3167,7 +3167,7 @@ Finding Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Finding Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3360,7 +3360,7 @@ Observation Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Observation Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3420,7 +3420,7 @@ Actor Universally Unique Identifier Reference - A machine-oriented identifier reference to the tool or person based on the associated type. + A machine-oriented identifier reference to the tool or person based on the associated type. Actor Universally Unique Identifier Reference: A machine-oriented identifier reference to the tool or person based on the associated type. @@ -3483,7 +3483,7 @@ Assessment Subject Placeholder Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. + A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. Assessment Subject Placeholder Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. @@ -3509,7 +3509,7 @@ Task Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique task. + A machine-oriented identifier reference to a unique task. Task Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique task. @@ -3672,7 +3672,7 @@ Mitigating Factor Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Mitigating Factor Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3682,7 +3682,7 @@ Implementation UUID - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Implementation UUID: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3842,7 +3842,7 @@ Response Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique risk response. + A machine-oriented identifier reference to a unique risk response. Response Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique risk response. @@ -3868,7 +3868,7 @@ Risk Log Entry Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Risk Log Entry Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3893,7 +3893,7 @@ Observation Universally Unique Identifier Reference - A machine-oriented identifier reference to an observation defined in the list of observations. + A machine-oriented identifier reference to an observation defined in the list of observations. Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. @@ -3906,7 +3906,7 @@ Risk Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Risk Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3926,7 +3926,7 @@ Party UUID Reference - A machine-oriented identifier reference to the party who is making the log entry. + A machine-oriented identifier reference to the party who is making the log entry. Party UUID Reference: A machine-oriented identifier reference to the party who is making the log entry. @@ -4166,7 +4166,7 @@ Required Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Required Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4196,7 +4196,7 @@ Remediation Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Remediation Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4256,7 +4256,7 @@ Part Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Part Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4749,7 +4749,7 @@ Component Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Component Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4800,7 +4800,7 @@ Service Protocol Information Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Service Protocol Information Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4979,7 +4979,7 @@ User Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. User Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -5121,7 +5121,7 @@ Component Universally Unique Identifier Reference - A machine-oriented identifier reference to a component that is implemented as part of an inventory item. + A machine-oriented identifier reference to a component that is implemented as part of an inventory item. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to a component that is implemented as part of an inventory item. @@ -5147,7 +5147,7 @@ Inventory Item Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Inventory Item Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -5195,7 +5195,7 @@ Parameter ID - A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. + A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. Parameter ID: A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. @@ -5206,7 +5206,7 @@ System Identification - A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. + A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. System Identification: A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. diff --git a/xml/schema/oscal_catalog_schema.xsd b/xml/schema/oscal_catalog_schema.xsd index f813d2b42c..e0499ac944 100644 --- a/xml/schema/oscal_catalog_schema.xsd +++ b/xml/schema/oscal_catalog_schema.xsd @@ -1566,7 +1566,7 @@ Responsible Role ID - A human-oriented identifier reference to a role performed. + A human-oriented identifier reference to a role performed. Responsible Role ID: A human-oriented identifier reference to a role performed. diff --git a/xml/schema/oscal_complete_schema.xsd b/xml/schema/oscal_complete_schema.xsd index 0662d32010..7f5d836a32 100644 --- a/xml/schema/oscal_complete_schema.xsd +++ b/xml/schema/oscal_complete_schema.xsd @@ -1573,7 +1573,7 @@ Responsible Role ID - A human-oriented identifier reference to a role performed. + A human-oriented identifier reference to a role performed. Responsible Role ID: A human-oriented identifier reference to a role performed. @@ -2055,7 +2055,7 @@ Mapping Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document. Mapping Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document. @@ -2933,7 +2933,7 @@ Component Reference - A machine-oriented identifier reference to a component. + A machine-oriented identifier reference to a component. Component Reference: A machine-oriented identifier reference to a component. @@ -3138,7 +3138,7 @@ Control Statement Reference - A human-oriented identifier reference to a control statement. + A human-oriented identifier reference to a control statement. Control Statement Reference: A human-oriented identifier reference to a control statement. @@ -3148,7 +3148,7 @@ Control Statement Reference Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Control Statement Reference Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). @@ -3281,7 +3281,7 @@ Component Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Component Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3332,7 +3332,7 @@ Service Protocol Information Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Service Protocol Information Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3511,7 +3511,7 @@ User Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. User Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3653,7 +3653,7 @@ Component Universally Unique Identifier Reference - A machine-oriented identifier reference to a component that is implemented as part of an inventory item. + A machine-oriented identifier reference to a component that is implemented as part of an inventory item. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to a component that is implemented as part of an inventory item. @@ -3679,7 +3679,7 @@ Inventory Item Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Inventory Item Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3727,7 +3727,7 @@ Parameter ID - A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. + A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. Parameter ID: A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. @@ -3738,7 +3738,7 @@ System Identification - A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. + A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. System Identification: A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. @@ -3799,7 +3799,7 @@ System Security Plan Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this system security plan (SSP) elsewhere in this or other OSCAL instances. The locally defined UUID of the SSP can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this system security plan (SSP) elsewhere in this or other OSCAL instances. The locally defined UUID of the SSP can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. System Security Plan Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this system security plan (SSP) elsewhere in this or other OSCAL instances. The locally defined UUID of the SSP can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4039,7 +4039,7 @@ Information Type Systematized Identifier - A human-oriented, globally unique identifier qualified by the given identification system used, such as NIST SP 800-60. This identifier has cross-instance scope and can be used to reference this system elsewhere in this or other OSCAL instances. This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, globally unique identifier qualified by the given identification system used, such as NIST SP 800-60. This identifier has cross-instance scope and can be used to reference this system elsewhere in this or other OSCAL instances. This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Information Type Systematized Identifier: A human-oriented, globally unique identifier qualified by the given identification system used, such as NIST SP 800-60. This identifier has cross-instance scope and can be used to reference this system elsewhere in this or other OSCAL instances. This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4085,7 +4085,7 @@ Information Type Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this information type elsewhere in this or other OSCAL instances. The locally defined UUID of the information type can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this information type elsewhere in this or other OSCAL instances. The locally defined UUID of the information type can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Information Type Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this information type elsewhere in this or other OSCAL instances. The locally defined UUID of the information type can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4388,7 +4388,7 @@ Diagram ID - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this diagram elsewhere in this or other OSCAL instances. The locally defined UUID of the diagram can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this diagram elsewhere in this or other OSCAL instances. The locally defined UUID of the diagram can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Diagram ID: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this diagram elsewhere in this or other OSCAL instances. The locally defined UUID of the diagram can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4556,7 +4556,7 @@ party-uuid field - A machine-oriented identifier reference to the party that manages the leveraged system. + A machine-oriented identifier reference to the party that manages the leveraged system. party-uuid field: A machine-oriented identifier reference to the party that manages the leveraged system. @@ -4586,7 +4586,7 @@ Leveraged Authorization Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope and can be used to reference this leveraged authorization elsewhere in this or other OSCAL instances. The locally defined UUID of the leveraged authorization can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope and can be used to reference this leveraged authorization elsewhere in this or other OSCAL instances. The locally defined UUID of the leveraged authorization can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Leveraged Authorization Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope and can be used to reference this leveraged authorization elsewhere in this or other OSCAL instances. The locally defined UUID of the leveraged authorization can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4708,7 +4708,7 @@ Control Requirement Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control requirement elsewhere in this or other OSCAL instances. The locally defined UUID of the control requirement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control requirement elsewhere in this or other OSCAL instances. The locally defined UUID of the control requirement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Control Requirement Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control requirement elsewhere in this or other OSCAL instances. The locally defined UUID of the control requirement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4769,7 +4769,7 @@ Control Statement Reference - A human-oriented identifier reference to a control statement. + A human-oriented identifier reference to a control statement. Control Statement Reference: A human-oriented identifier reference to a control statement. @@ -4779,7 +4779,7 @@ Control Statement Reference Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Control Statement Reference Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). @@ -4917,7 +4917,7 @@ Provided Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this provided entry elsewhere in this or other OSCAL instances. The locally defined UUID of the provided entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this provided entry elsewhere in this or other OSCAL instances. The locally defined UUID of the provided entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Provided Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this provided entry elsewhere in this or other OSCAL instances. The locally defined UUID of the provided entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4981,7 +4981,7 @@ Responsibility Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this responsibility elsewhere in this or other OSCAL instances. The locally defined UUID of the responsibility can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this responsibility elsewhere in this or other OSCAL instances. The locally defined UUID of the responsibility can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Responsibility Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this responsibility elsewhere in this or other OSCAL instances. The locally defined UUID of the responsibility can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4991,7 +4991,7 @@ Provided UUID - A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. + A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. Provided UUID: A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. @@ -5058,7 +5058,7 @@ Inherited Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inherited entry elsewhere in this or other OSCAL instances. The locally defined UUID of the inherited control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inherited entry elsewhere in this or other OSCAL instances. The locally defined UUID of the inherited control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Inherited Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inherited entry elsewhere in this or other OSCAL instances. The locally defined UUID of the inherited control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -5068,7 +5068,7 @@ Provided UUID - A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. + A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. Provided UUID: A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. @@ -5132,7 +5132,7 @@ Satisfied Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this satisfied control implementation entry elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this satisfied control implementation entry elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Satisfied Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this satisfied control implementation entry elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -5142,7 +5142,7 @@ Responsibility UUID - A machine-oriented identifier reference to a control implementation that satisfies a responsibility imposed by a leveraged system. + A machine-oriented identifier reference to a control implementation that satisfies a responsibility imposed by a leveraged system. Responsibility UUID: A machine-oriented identifier reference to a control implementation that satisfies a responsibility imposed by a leveraged system. @@ -5172,7 +5172,7 @@ Component Universally Unique Identifier Reference - A machine-oriented identifier reference to the component that is implemeting a given control. + A machine-oriented identifier reference to the component that is implemeting a given control. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to the component that is implemeting a given control. @@ -5182,7 +5182,7 @@ By-Component Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this by-component entry elsewhere in this or other OSCAL instances. The locally defined UUID of the by-component entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this by-component entry elsewhere in this or other OSCAL instances. The locally defined UUID of the by-component entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. By-Component Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this by-component entry elsewhere in this or other OSCAL instances. The locally defined UUID of the by-component entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -5298,7 +5298,7 @@ Assessment Plan Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment plan in this or other OSCAL instances. The locally defined UUID of the assessment plan can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment plan in this or other OSCAL instances. The locally defined UUID of the assessment plan can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Plan Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment plan in this or other OSCAL instances. The locally defined UUID of the assessment plan can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -5457,7 +5457,7 @@ Assessment Method Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Method Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -5587,7 +5587,7 @@ Step Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Step Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -5621,7 +5621,7 @@ Assessment Activity Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Activity Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -5807,7 +5807,7 @@ Task Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique task. + A machine-oriented identifier reference to a unique task. Task Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique task. @@ -5864,7 +5864,7 @@ Activity Universally Unique Identifier Reference - A machine-oriented identifier reference to an activity defined in the list of activities. + A machine-oriented identifier reference to an activity defined in the list of activities. Activity Universally Unique Identifier Reference: A machine-oriented identifier reference to an activity defined in the list of activities. @@ -5898,7 +5898,7 @@ Task Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Task Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -6187,7 +6187,7 @@ Task Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Task Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -6221,7 +6221,7 @@ Assessment Subject Placeholder Universally Unique Identifier - A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Subject Placeholder Universally Unique Identifier: A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -6336,7 +6336,7 @@ Subject Universally Unique Identifier Reference - A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. + A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. Subject Universally Unique Identifier Reference: A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. @@ -6357,7 +6357,7 @@ Identifies the Subject - A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. + A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. Identifies the Subject: A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. @@ -6404,7 +6404,7 @@ Subject Universally Unique Identifier Reference - A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. + A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. Subject Universally Unique Identifier Reference: A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. @@ -6510,7 +6510,7 @@ Component Universally Unique Identifier Reference - A machine-oriented identifier reference to a component that is implemented as part of an inventory item. + A machine-oriented identifier reference to a component that is implemented as part of an inventory item. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to a component that is implemented as part of an inventory item. @@ -6536,7 +6536,7 @@ Assessment Platform Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Platform Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -6673,7 +6673,7 @@ Finding Target Identifier Reference - A machine-oriented identifier reference for a specific target qualified by the type. + A machine-oriented identifier reference for a specific target qualified by the type. Finding Target Identifier Reference: A machine-oriented identifier reference for a specific target qualified by the type. @@ -6741,7 +6741,7 @@ Implementation Statement UUID - A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. + A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. Implementation Statement UUID: A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. @@ -6763,7 +6763,7 @@ Observation Universally Unique Identifier Reference - A machine-oriented identifier reference to an observation defined in the list of observations. + A machine-oriented identifier reference to an observation defined in the list of observations. Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. @@ -6785,7 +6785,7 @@ Risk Universally Unique Identifier Reference - A machine-oriented identifier reference to a risk defined in the list of risks. + A machine-oriented identifier reference to a risk defined in the list of risks. Risk Universally Unique Identifier Reference: A machine-oriented identifier reference to a risk defined in the list of risks. @@ -6811,7 +6811,7 @@ Finding Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Finding Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -7004,7 +7004,7 @@ Observation Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Observation Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -7064,7 +7064,7 @@ Actor Universally Unique Identifier Reference - A machine-oriented identifier reference to the tool or person based on the associated type. + A machine-oriented identifier reference to the tool or person based on the associated type. Actor Universally Unique Identifier Reference: A machine-oriented identifier reference to the tool or person based on the associated type. @@ -7127,7 +7127,7 @@ Assessment Subject Placeholder Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. + A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. Assessment Subject Placeholder Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. @@ -7153,7 +7153,7 @@ Task Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique task. + A machine-oriented identifier reference to a unique task. Task Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique task. @@ -7316,7 +7316,7 @@ Mitigating Factor Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Mitigating Factor Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -7326,7 +7326,7 @@ Implementation UUID - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Implementation UUID: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -7486,7 +7486,7 @@ Response Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique risk response. + A machine-oriented identifier reference to a unique risk response. Response Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique risk response. @@ -7512,7 +7512,7 @@ Risk Log Entry Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Risk Log Entry Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -7537,7 +7537,7 @@ Observation Universally Unique Identifier Reference - A machine-oriented identifier reference to an observation defined in the list of observations. + A machine-oriented identifier reference to an observation defined in the list of observations. Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. @@ -7550,7 +7550,7 @@ Risk Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Risk Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -7570,7 +7570,7 @@ Party UUID Reference - A machine-oriented identifier reference to the party who is making the log entry. + A machine-oriented identifier reference to the party who is making the log entry. Party UUID Reference: A machine-oriented identifier reference to the party who is making the log entry. @@ -7810,7 +7810,7 @@ Required Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Required Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -7840,7 +7840,7 @@ Remediation Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Remediation Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -7900,7 +7900,7 @@ Part Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Part Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -8004,7 +8004,7 @@ Assessment Results Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment results instance in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment results instance in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Results Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment results instance in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -8257,7 +8257,7 @@ Assessment Log Entry Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference an assessment event in this or other OSCAL instances. The locally defined UUID of the assessment log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference an assessment event in this or other OSCAL instances. The locally defined UUID of the assessment log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Log Entry Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference an assessment event in this or other OSCAL instances. The locally defined UUID of the assessment log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -8298,7 +8298,7 @@ Results Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this set of results in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this set of results in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Results Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this set of results in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -8393,7 +8393,7 @@ POA&M Universally Unique Identifier - A machine-oriented, globally unique identifier with instancescope that can be used to reference this POA&M instance in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with instancescope that can be used to reference this POA&M instance in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. POA&M Universally Unique Identifier: A machine-oriented, globally unique identifier with instancescope that can be used to reference this POA&M instance in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -8517,7 +8517,7 @@ Finding Universally Unique Identifier Reference - A machine-oriented identifier reference to a finding defined in the list of findings. + A machine-oriented identifier reference to a finding defined in the list of findings. Finding Universally Unique Identifier Reference: A machine-oriented identifier reference to a finding defined in the list of findings. @@ -8539,7 +8539,7 @@ Observation Universally Unique Identifier Reference - A machine-oriented identifier reference to an observation defined in the list of observations. + A machine-oriented identifier reference to an observation defined in the list of observations. Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. @@ -8561,7 +8561,7 @@ Risk Universally Unique Identifier Reference - A machine-oriented identifier reference to a risk defined in the list of risks. + A machine-oriented identifier reference to a risk defined in the list of risks. Risk Universally Unique Identifier Reference: A machine-oriented identifier reference to a risk defined in the list of risks. @@ -8587,7 +8587,7 @@ POA&M Item Universally Unique Identifier - A machine-oriented, globally unique identifier with instance scope that can be used to reference this POA&M item entry in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with instance scope that can be used to reference this POA&M item entry in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. POA&M Item Universally Unique Identifier: A machine-oriented, globally unique identifier with instance scope that can be used to reference this POA&M item entry in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. diff --git a/xml/schema/oscal_component_schema.xsd b/xml/schema/oscal_component_schema.xsd index 5d2fcf812c..16352466fc 100644 --- a/xml/schema/oscal_component_schema.xsd +++ b/xml/schema/oscal_component_schema.xsd @@ -301,7 +301,7 @@ Component Reference - A machine-oriented identifier reference to a component. + A machine-oriented identifier reference to a component. Component Reference: A machine-oriented identifier reference to a component. @@ -506,7 +506,7 @@ Control Statement Reference - A human-oriented identifier reference to a control statement. + A human-oriented identifier reference to a control statement. Control Statement Reference: A human-oriented identifier reference to a control statement. @@ -516,7 +516,7 @@ Control Statement Reference Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Control Statement Reference Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). @@ -649,7 +649,7 @@ Component Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Component Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -700,7 +700,7 @@ Service Protocol Information Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Service Protocol Information Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -879,7 +879,7 @@ User Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. User Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1021,7 +1021,7 @@ Component Universally Unique Identifier Reference - A machine-oriented identifier reference to a component that is implemented as part of an inventory item. + A machine-oriented identifier reference to a component that is implemented as part of an inventory item. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to a component that is implemented as part of an inventory item. @@ -1047,7 +1047,7 @@ Inventory Item Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Inventory Item Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1095,7 +1095,7 @@ Parameter ID - A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. + A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. Parameter ID: A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. @@ -1106,7 +1106,7 @@ System Identification - A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. + A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. System Identification: A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. @@ -2130,7 +2130,7 @@ Responsible Role ID - A human-oriented identifier reference to a role performed. + A human-oriented identifier reference to a role performed. Responsible Role ID: A human-oriented identifier reference to a role performed. diff --git a/xml/schema/oscal_mapping_schema.xsd b/xml/schema/oscal_mapping_schema.xsd index 954b4239c2..1c38a12e83 100644 --- a/xml/schema/oscal_mapping_schema.xsd +++ b/xml/schema/oscal_mapping_schema.xsd @@ -80,7 +80,7 @@ Mapping Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document. Mapping Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document. @@ -1091,7 +1091,7 @@ Responsible Role ID - A human-oriented identifier reference to a role performed. + A human-oriented identifier reference to a role performed. Responsible Role ID: A human-oriented identifier reference to a role performed. diff --git a/xml/schema/oscal_poam_schema.xsd b/xml/schema/oscal_poam_schema.xsd index f3ee3e7cad..8c0fee166a 100644 --- a/xml/schema/oscal_poam_schema.xsd +++ b/xml/schema/oscal_poam_schema.xsd @@ -71,7 +71,7 @@ POA&M Universally Unique Identifier - A machine-oriented, globally unique identifier with instancescope that can be used to reference this POA&M instance in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with instancescope that can be used to reference this POA&M instance in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. POA&M Universally Unique Identifier: A machine-oriented, globally unique identifier with instancescope that can be used to reference this POA&M instance in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -195,7 +195,7 @@ Finding Universally Unique Identifier Reference - A machine-oriented identifier reference to a finding defined in the list of findings. + A machine-oriented identifier reference to a finding defined in the list of findings. Finding Universally Unique Identifier Reference: A machine-oriented identifier reference to a finding defined in the list of findings. @@ -217,7 +217,7 @@ Observation Universally Unique Identifier Reference - A machine-oriented identifier reference to an observation defined in the list of observations. + A machine-oriented identifier reference to an observation defined in the list of observations. Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. @@ -239,7 +239,7 @@ Risk Universally Unique Identifier Reference - A machine-oriented identifier reference to a risk defined in the list of risks. + A machine-oriented identifier reference to a risk defined in the list of risks. Risk Universally Unique Identifier Reference: A machine-oriented identifier reference to a risk defined in the list of risks. @@ -265,7 +265,7 @@ POA&M Item Universally Unique Identifier - A machine-oriented, globally unique identifier with instance scope that can be used to reference this POA&M item entry in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with instance scope that can be used to reference this POA&M item entry in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. POA&M Item Universally Unique Identifier: A machine-oriented, globally unique identifier with instance scope that can be used to reference this POA&M item entry in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1276,7 +1276,7 @@ Responsible Role ID - A human-oriented identifier reference to a role performed. + A human-oriented identifier reference to a role performed. Responsible Role ID: A human-oriented identifier reference to a role performed. @@ -1638,7 +1638,7 @@ Component Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Component Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1689,7 +1689,7 @@ Service Protocol Information Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Service Protocol Information Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1868,7 +1868,7 @@ User Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. User Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2010,7 +2010,7 @@ Component Universally Unique Identifier Reference - A machine-oriented identifier reference to a component that is implemented as part of an inventory item. + A machine-oriented identifier reference to a component that is implemented as part of an inventory item. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to a component that is implemented as part of an inventory item. @@ -2036,7 +2036,7 @@ Inventory Item Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Inventory Item Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2084,7 +2084,7 @@ Parameter ID - A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. + A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. Parameter ID: A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. @@ -2095,7 +2095,7 @@ System Identification - A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. + A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. System Identification: A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. @@ -2597,7 +2597,7 @@ Assessment Method Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Method Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2727,7 +2727,7 @@ Step Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Step Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2761,7 +2761,7 @@ Assessment Activity Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Activity Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2947,7 +2947,7 @@ Task Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique task. + A machine-oriented identifier reference to a unique task. Task Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique task. @@ -3004,7 +3004,7 @@ Activity Universally Unique Identifier Reference - A machine-oriented identifier reference to an activity defined in the list of activities. + A machine-oriented identifier reference to an activity defined in the list of activities. Activity Universally Unique Identifier Reference: A machine-oriented identifier reference to an activity defined in the list of activities. @@ -3038,7 +3038,7 @@ Task Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Task Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3327,7 +3327,7 @@ Task Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Task Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3361,7 +3361,7 @@ Assessment Subject Placeholder Universally Unique Identifier - A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Subject Placeholder Universally Unique Identifier: A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3476,7 +3476,7 @@ Subject Universally Unique Identifier Reference - A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. + A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. Subject Universally Unique Identifier Reference: A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. @@ -3497,7 +3497,7 @@ Identifies the Subject - A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. + A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. Identifies the Subject: A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. @@ -3544,7 +3544,7 @@ Subject Universally Unique Identifier Reference - A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. + A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. Subject Universally Unique Identifier Reference: A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID. @@ -3650,7 +3650,7 @@ Component Universally Unique Identifier Reference - A machine-oriented identifier reference to a component that is implemented as part of an inventory item. + A machine-oriented identifier reference to a component that is implemented as part of an inventory item. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to a component that is implemented as part of an inventory item. @@ -3676,7 +3676,7 @@ Assessment Platform Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Assessment Platform Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3813,7 +3813,7 @@ Finding Target Identifier Reference - A machine-oriented identifier reference for a specific target qualified by the type. + A machine-oriented identifier reference for a specific target qualified by the type. Finding Target Identifier Reference: A machine-oriented identifier reference for a specific target qualified by the type. @@ -3881,7 +3881,7 @@ Implementation Statement UUID - A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. + A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. Implementation Statement UUID: A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related. @@ -3903,7 +3903,7 @@ Observation Universally Unique Identifier Reference - A machine-oriented identifier reference to an observation defined in the list of observations. + A machine-oriented identifier reference to an observation defined in the list of observations. Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. @@ -3925,7 +3925,7 @@ Risk Universally Unique Identifier Reference - A machine-oriented identifier reference to a risk defined in the list of risks. + A machine-oriented identifier reference to a risk defined in the list of risks. Risk Universally Unique Identifier Reference: A machine-oriented identifier reference to a risk defined in the list of risks. @@ -3951,7 +3951,7 @@ Finding Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Finding Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4144,7 +4144,7 @@ Observation Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Observation Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4204,7 +4204,7 @@ Actor Universally Unique Identifier Reference - A machine-oriented identifier reference to the tool or person based on the associated type. + A machine-oriented identifier reference to the tool or person based on the associated type. Actor Universally Unique Identifier Reference: A machine-oriented identifier reference to the tool or person based on the associated type. @@ -4267,7 +4267,7 @@ Assessment Subject Placeholder Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. + A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. Assessment Subject Placeholder Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task. @@ -4293,7 +4293,7 @@ Task Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique task. + A machine-oriented identifier reference to a unique task. Task Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique task. @@ -4456,7 +4456,7 @@ Mitigating Factor Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Mitigating Factor Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4466,7 +4466,7 @@ Implementation UUID - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Implementation UUID: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4626,7 +4626,7 @@ Response Universally Unique Identifier Reference - A machine-oriented identifier reference to a unique risk response. + A machine-oriented identifier reference to a unique risk response. Response Universally Unique Identifier Reference: A machine-oriented identifier reference to a unique risk response. @@ -4652,7 +4652,7 @@ Risk Log Entry Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Risk Log Entry Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4677,7 +4677,7 @@ Observation Universally Unique Identifier Reference - A machine-oriented identifier reference to an observation defined in the list of observations. + A machine-oriented identifier reference to an observation defined in the list of observations. Observation Universally Unique Identifier Reference: A machine-oriented identifier reference to an observation defined in the list of observations. @@ -4690,7 +4690,7 @@ Risk Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Risk Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4710,7 +4710,7 @@ Party UUID Reference - A machine-oriented identifier reference to the party who is making the log entry. + A machine-oriented identifier reference to the party who is making the log entry. Party UUID Reference: A machine-oriented identifier reference to the party who is making the log entry. @@ -4950,7 +4950,7 @@ Required Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Required Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -4980,7 +4980,7 @@ Remediation Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Remediation Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -5040,7 +5040,7 @@ Part Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Part Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. diff --git a/xml/schema/oscal_profile_schema.xsd b/xml/schema/oscal_profile_schema.xsd index 05ab719b33..f0c361d9a1 100644 --- a/xml/schema/oscal_profile_schema.xsd +++ b/xml/schema/oscal_profile_schema.xsd @@ -1614,7 +1614,7 @@ Responsible Role ID - A human-oriented identifier reference to a role performed. + A human-oriented identifier reference to a role performed. Responsible Role ID: A human-oriented identifier reference to a role performed. diff --git a/xml/schema/oscal_ssp_schema.xsd b/xml/schema/oscal_ssp_schema.xsd index 448301112a..d69f923a8b 100644 --- a/xml/schema/oscal_ssp_schema.xsd +++ b/xml/schema/oscal_ssp_schema.xsd @@ -59,7 +59,7 @@ System Security Plan Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this system security plan (SSP) elsewhere in this or other OSCAL instances. The locally defined UUID of the SSP can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this system security plan (SSP) elsewhere in this or other OSCAL instances. The locally defined UUID of the SSP can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. System Security Plan Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this system security plan (SSP) elsewhere in this or other OSCAL instances. The locally defined UUID of the SSP can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -299,7 +299,7 @@ Information Type Systematized Identifier - A human-oriented, globally unique identifier qualified by the given identification system used, such as NIST SP 800-60. This identifier has cross-instance scope and can be used to reference this system elsewhere in this or other OSCAL instances. This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A human-oriented, globally unique identifier qualified by the given identification system used, such as NIST SP 800-60. This identifier has cross-instance scope and can be used to reference this system elsewhere in this or other OSCAL instances. This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Information Type Systematized Identifier: A human-oriented, globally unique identifier qualified by the given identification system used, such as NIST SP 800-60. This identifier has cross-instance scope and can be used to reference this system elsewhere in this or other OSCAL instances. This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -345,7 +345,7 @@ Information Type Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this information type elsewhere in this or other OSCAL instances. The locally defined UUID of the information type can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this information type elsewhere in this or other OSCAL instances. The locally defined UUID of the information type can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Information Type Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this information type elsewhere in this or other OSCAL instances. The locally defined UUID of the information type can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -648,7 +648,7 @@ Diagram ID - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this diagram elsewhere in this or other OSCAL instances. The locally defined UUID of the diagram can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this diagram elsewhere in this or other OSCAL instances. The locally defined UUID of the diagram can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Diagram ID: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this diagram elsewhere in this or other OSCAL instances. The locally defined UUID of the diagram can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -816,7 +816,7 @@ party-uuid field - A machine-oriented identifier reference to the party that manages the leveraged system. + A machine-oriented identifier reference to the party that manages the leveraged system. party-uuid field: A machine-oriented identifier reference to the party that manages the leveraged system. @@ -846,7 +846,7 @@ Leveraged Authorization Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope and can be used to reference this leveraged authorization elsewhere in this or other OSCAL instances. The locally defined UUID of the leveraged authorization can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope and can be used to reference this leveraged authorization elsewhere in this or other OSCAL instances. The locally defined UUID of the leveraged authorization can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Leveraged Authorization Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope and can be used to reference this leveraged authorization elsewhere in this or other OSCAL instances. The locally defined UUID of the leveraged authorization can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -968,7 +968,7 @@ Control Requirement Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control requirement elsewhere in this or other OSCAL instances. The locally defined UUID of the control requirement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control requirement elsewhere in this or other OSCAL instances. The locally defined UUID of the control requirement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Control Requirement Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control requirement elsewhere in this or other OSCAL instances. The locally defined UUID of the control requirement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1029,7 +1029,7 @@ Control Statement Reference - A human-oriented identifier reference to a control statement. + A human-oriented identifier reference to a control statement. Control Statement Reference: A human-oriented identifier reference to a control statement. @@ -1039,7 +1039,7 @@ Control Statement Reference Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). Control Statement Reference Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). @@ -1177,7 +1177,7 @@ Provided Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this provided entry elsewhere in this or other OSCAL instances. The locally defined UUID of the provided entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this provided entry elsewhere in this or other OSCAL instances. The locally defined UUID of the provided entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Provided Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this provided entry elsewhere in this or other OSCAL instances. The locally defined UUID of the provided entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1241,7 +1241,7 @@ Responsibility Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this responsibility elsewhere in this or other OSCAL instances. The locally defined UUID of the responsibility can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this responsibility elsewhere in this or other OSCAL instances. The locally defined UUID of the responsibility can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Responsibility Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this responsibility elsewhere in this or other OSCAL instances. The locally defined UUID of the responsibility can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1251,7 +1251,7 @@ Provided UUID - A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. + A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. Provided UUID: A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. @@ -1318,7 +1318,7 @@ Inherited Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inherited entry elsewhere in this or other OSCAL instances. The locally defined UUID of the inherited control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inherited entry elsewhere in this or other OSCAL instances. The locally defined UUID of the inherited control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Inherited Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inherited entry elsewhere in this or other OSCAL instances. The locally defined UUID of the inherited control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1328,7 +1328,7 @@ Provided UUID - A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. + A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. Provided UUID: A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system. @@ -1392,7 +1392,7 @@ Satisfied Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this satisfied control implementation entry elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this satisfied control implementation entry elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Satisfied Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this satisfied control implementation entry elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -1402,7 +1402,7 @@ Responsibility UUID - A machine-oriented identifier reference to a control implementation that satisfies a responsibility imposed by a leveraged system. + A machine-oriented identifier reference to a control implementation that satisfies a responsibility imposed by a leveraged system. Responsibility UUID: A machine-oriented identifier reference to a control implementation that satisfies a responsibility imposed by a leveraged system. @@ -1432,7 +1432,7 @@ Component Universally Unique Identifier Reference - A machine-oriented identifier reference to the component that is implemeting a given control. + A machine-oriented identifier reference to the component that is implemeting a given control. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to the component that is implemeting a given control. @@ -1442,7 +1442,7 @@ By-Component Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this by-component entry elsewhere in this or other OSCAL instances. The locally defined UUID of the by-component entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this by-component entry elsewhere in this or other OSCAL instances. The locally defined UUID of the by-component entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. By-Component Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this by-component entry elsewhere in this or other OSCAL instances. The locally defined UUID of the by-component entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2453,7 +2453,7 @@ Responsible Role ID - A human-oriented identifier reference to a role performed. + A human-oriented identifier reference to a role performed. Responsible Role ID: A human-oriented identifier reference to a role performed. @@ -2815,7 +2815,7 @@ Component Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Component Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -2866,7 +2866,7 @@ Service Protocol Information Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Service Protocol Information Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3045,7 +3045,7 @@ User Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. User Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3187,7 +3187,7 @@ Component Universally Unique Identifier Reference - A machine-oriented identifier reference to a component that is implemented as part of an inventory item. + A machine-oriented identifier reference to a component that is implemented as part of an inventory item. Component Universally Unique Identifier Reference: A machine-oriented identifier reference to a component that is implemented as part of an inventory item. @@ -3213,7 +3213,7 @@ Inventory Item Universally Unique Identifier - A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. Inventory Item Universally Unique Identifier: A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. @@ -3261,7 +3261,7 @@ Parameter ID - A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. + A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. Parameter ID: A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context. @@ -3272,7 +3272,7 @@ System Identification - A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. + A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. System Identification: A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document. From b82dbc1746b6d110f6c818081d26f2eaf85b0a52 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 31 Oct 2022 21:21:54 -0400 Subject: [PATCH 093/138] Bump golang from 1.18.3-bullseye to 1.18.4-bullseye in /build (#1361) (#1533) Bumps golang from 1.18.3-bullseye to 1.18.4-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- build/go.mod | 31 ++++++++++++++------------- build/go.sum | 59 +++++++++++++++++++++++++++++----------------------- 2 files changed, 49 insertions(+), 41 deletions(-) diff --git a/build/go.mod b/build/go.mod index 437ee42738..acd654e3df 100644 --- a/build/go.mod +++ b/build/go.mod @@ -2,7 +2,7 @@ module github.com/usnistgov/OSCAL/build go 1.18 -require github.com/gohugoio/hugo v0.104.3 +require github.com/gohugoio/hugo v0.105.0 require ( cloud.google.com/go v0.101.0 // indirect @@ -47,10 +47,10 @@ require ( github.com/disintegration/gift v1.2.1 // indirect github.com/dlclark/regexp2 v1.4.0 // indirect github.com/dustin/go-humanize v1.0.0 // indirect - github.com/evanw/esbuild v0.15.9 // indirect + github.com/evanw/esbuild v0.15.12 // indirect github.com/frankban/quicktest v1.14.3 // indirect - github.com/fsnotify/fsnotify v1.5.4 // indirect - github.com/getkin/kin-openapi v0.103.0 // indirect + github.com/fsnotify/fsnotify v1.6.0 // indirect + github.com/getkin/kin-openapi v0.107.0 // indirect github.com/ghodss/yaml v1.0.0 // indirect github.com/go-openapi/jsonpointer v0.19.5 // indirect github.com/go-openapi/swag v0.19.5 // indirect @@ -69,14 +69,14 @@ require ( github.com/googleapis/go-type-adapters v1.0.0 // indirect github.com/gorilla/websocket v1.5.0 // indirect github.com/hairyhenderson/go-codeowners v0.2.3-0.20201026200250-cdc7c0759690 // indirect - github.com/inconshreveable/mousetrap v1.0.0 // indirect + github.com/inconshreveable/mousetrap v1.0.1 // indirect github.com/invopop/yaml v0.1.0 // indirect github.com/jdkato/prose v1.2.1 // indirect github.com/jmespath/go-jmespath v0.4.0 // indirect github.com/kr/pretty v0.3.0 // indirect github.com/kr/text v0.2.0 // indirect github.com/kyokomi/emoji/v2 v2.2.10 // indirect - github.com/magefile/mage v1.13.0 // indirect + github.com/magefile/mage v1.14.0 // indirect github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e // indirect github.com/marekm4/color-extractor v1.2.0 // indirect github.com/mattn/go-ieproxy v0.0.1 // indirect @@ -84,6 +84,7 @@ require ( github.com/mattn/go-runewidth v0.0.9 // indirect github.com/mitchellh/hashstructure v1.1.0 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect + github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect github.com/muesli/smartcrop v0.3.0 // indirect github.com/niklasfasching/go-org v1.6.5 // indirect github.com/olekukonko/tablewriter v0.0.5 // indirect @@ -94,24 +95,24 @@ require ( github.com/sanity-io/litter v1.5.5 // indirect github.com/spf13/afero v1.9.2 // indirect github.com/spf13/cast v1.5.0 // indirect - github.com/spf13/cobra v1.5.0 // indirect + github.com/spf13/cobra v1.6.1 // indirect github.com/spf13/fsync v0.9.0 // indirect github.com/spf13/jwalterweatherman v1.1.0 // indirect github.com/spf13/pflag v1.0.5 // indirect - github.com/tdewolff/minify/v2 v2.12.1 // indirect - github.com/tdewolff/parse/v2 v2.6.3 // indirect - github.com/yuin/goldmark v1.4.15 // indirect + github.com/tdewolff/minify/v2 v2.12.4 // indirect + github.com/tdewolff/parse/v2 v2.6.4 // indirect + github.com/yuin/goldmark v1.5.2 // indirect go.opencensus.io v0.23.0 // indirect go.uber.org/atomic v1.10.0 // indirect gocloud.dev v0.24.0 // indirect golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa // indirect golang.org/x/image v0.0.0-20211028202545-6944b10bf410 // indirect - golang.org/x/net v0.0.0-20220607020251-c690dde0001d // indirect + golang.org/x/net v0.1.0 // indirect golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5 // indirect - golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect - golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab // indirect - golang.org/x/text v0.3.7 // indirect - golang.org/x/tools v0.1.11 // indirect + golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 // indirect + golang.org/x/sys v0.1.0 // indirect + golang.org/x/text v0.4.0 // indirect + golang.org/x/tools v0.2.0 // indirect golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f // indirect google.golang.org/api v0.76.0 // indirect google.golang.org/appengine v1.6.7 // indirect diff --git a/build/go.sum b/build/go.sum index ce2691647e..433aa24482 100644 --- a/build/go.sum +++ b/build/go.sum @@ -237,8 +237,8 @@ github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.m github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/evanw/esbuild v0.15.9 h1:1mjUDJqaSdVZJa6HXD5tyKDNZ2fym9lULLg+Ar2Nqzs= -github.com/evanw/esbuild v0.15.9/go.mod h1:iINY06rn799hi48UqEnaQvVfZWe6W9bET78LbvN8VWk= +github.com/evanw/esbuild v0.15.12 h1:iHf388QC9EOVrvxWkdCVwGRuS1pggH0E2GFbd7BFuWE= +github.com/evanw/esbuild v0.15.12/go.mod h1:iINY06rn799hi48UqEnaQvVfZWe6W9bET78LbvN8VWk= github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/fortytw2/leaktest v1.3.0 h1:u8491cBMTQ8ft8aeV+adlcytMZylmA5nnwwkRZjI8vw= github.com/fortytw2/leaktest v1.3.0/go.mod h1:jDsjWgpAGjm2CA7WthBh/CdZYEPF31XHquHwclZch5g= @@ -249,10 +249,11 @@ github.com/frankban/quicktest v1.14.2/go.mod h1:mgiwOwqx65TmIk1wJ6Q7wvnVMocbUork github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE= github.com/frankban/quicktest v1.14.3/go.mod h1:mgiwOwqx65TmIk1wJ6Q7wvnVMocbUorkibMOrVTHZps= github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5Ai1i3InKU= -github.com/fsnotify/fsnotify v1.5.4 h1:jRbGcIw6P2Meqdwuo0H1p6JVLbL5DHKAKlYndzMwVZI= github.com/fsnotify/fsnotify v1.5.4/go.mod h1:OVB6XrOHzAwXMpEM7uPOzcehqUV2UqJxmVXmkdnm1bU= -github.com/getkin/kin-openapi v0.103.0 h1:F5wAtaQvPWxKCAYZ69LgHAThgu16p4u41VQtbn1U8LA= -github.com/getkin/kin-openapi v0.103.0/go.mod h1:w4lRPHiyOdwGbOkLIyk+P0qCwlu7TXPCHD/64nSXzgE= +github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= +github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= +github.com/getkin/kin-openapi v0.107.0 h1:bxhL6QArW7BXQj8NjXfIJQy680NsMKd25nwhvpCXchg= +github.com/getkin/kin-openapi v0.107.0/go.mod h1:9Dhr+FasATJZjS4iOLvB0hkaxgYdulrNYm2e9epLWOo= github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI= @@ -280,8 +281,8 @@ github.com/gobwas/ws v1.0.2/go.mod h1:szmBTxLgaFppYjEmNtny/v3w89xOydFnnZMcgRRu/E github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/gohugoio/go-i18n/v2 v2.1.3-0.20210430103248-4c28c89f8013 h1:Nj29Qbkt0bZ/bJl8eccfxQp3NlU/0IW1v9eyYtQ53XQ= github.com/gohugoio/go-i18n/v2 v2.1.3-0.20210430103248-4c28c89f8013/go.mod h1:3Ltoo9Banwq0gOtcOwxuHG6omk+AwsQPADyw2vQYOJQ= -github.com/gohugoio/hugo v0.104.3 h1:UOSGF/ZUm+Unz/P7TtXd0GP0SFPIj9vLxIdsIg7Iol4= -github.com/gohugoio/hugo v0.104.3/go.mod h1:8iVWX7s/T7lbNtBWFdwBnn8XfbOfBJ9zWVrskeMWyiU= +github.com/gohugoio/hugo v0.105.0 h1:bd7PZ0F9ZmhgughsttoEshJB/xIm/g7vRRMkyB9uyOE= +github.com/gohugoio/hugo v0.105.0/go.mod h1:NoyJmDUG6Rtdeyq1VSD5zT29NGzqhq5aBO3uF+GWjeY= github.com/gohugoio/locales v0.14.0 h1:Q0gpsZwfv7ATHMbcTNepFd59H7GoykzWJIxi113XGDc= github.com/gohugoio/locales v0.14.0/go.mod h1:ip8cCAv/cnmVLzzXtiTpPwgJ4xhKZranqNqtoIu0b/4= github.com/gohugoio/localescompressed v1.0.1 h1:KTYMi8fCWYLswFyJAeOtuk/EkXR/KPTHHNN9OS+RTxo= @@ -400,8 +401,8 @@ github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= -github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= +github.com/inconshreveable/mousetrap v1.0.1 h1:U3uMjPSQEBMNp1lFxmllqCPM6P5u/Xq7Pgzkat/bFNc= +github.com/inconshreveable/mousetrap v1.0.1/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/invopop/yaml v0.1.0 h1:YW3WGUoJEXYfzWBjn00zIlrw7brGVD0fUKRYDPAPhrc= github.com/invopop/yaml v0.1.0/go.mod h1:2XuRLgs/ouIrW3XNzuNj7J3Nvu/Dig5MXvbCEdiBN3Q= github.com/jdkato/prose v1.2.1 h1:Fp3UnJmLVISmlc57BgKUzdjr0lOtjqTZicL3PaYy6cU= @@ -432,8 +433,8 @@ github.com/kyokomi/emoji/v2 v2.2.10 h1:1z5eMVcxFifsmEoNpdeq4UahbcicgQ4FEHuzrCVwm github.com/kyokomi/emoji/v2 v2.2.10/go.mod h1:JUcn42DTdsXJo1SWanHh4HKDEyPaR5CqkmoirZZP9qE= github.com/leodido/go-urn v1.2.0/go.mod h1:+8+nEpDfqqsY+g338gtMEUOtuK+4dEMhiQEgxpxOKII= github.com/lib/pq v1.10.2/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= -github.com/magefile/mage v1.13.0 h1:XtLJl8bcCM7EFoO8FyH8XK3t7G5hQAeK+i4tq+veT9M= -github.com/magefile/mage v1.13.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXqQg881A= +github.com/magefile/mage v1.14.0 h1:6QDX3g6z1YvJ4olPhT1wksUcSa/V0a1B+pJb73fBjyo= +github.com/magefile/mage v1.14.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXqQg881A= github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e h1:hB2xlXdHp/pmPZq0y3QnmWAArdw9PqbmotexnWx/FU8= github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= @@ -457,6 +458,8 @@ github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyua github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 h1:RWengNIwukTxcDr9M+97sNutRR1RKhG96O6jWumTTnw= +github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8= github.com/montanaflynn/stats v0.6.3/go.mod h1:wL8QJuTMNUDYhXwkmfOly8iTdp5TEcJFWZD2D7SIkUc= github.com/muesli/smartcrop v0.3.0 h1:JTlSkmxWg/oQ1TcLDoypuirdE8Y/jzNirQeLkxpA6Oc= github.com/muesli/smartcrop v0.3.0/go.mod h1:i2fCI/UorTfgEpPPLWiFBv4pye+YAG78RwcQLUkocpI= @@ -494,8 +497,8 @@ github.com/spf13/afero v1.9.2 h1:j49Hj62F0n+DaZ1dDCvhABaPNSGNkt32oRFxI33IEMw= github.com/spf13/afero v1.9.2/go.mod h1:iUV7ddyEEZPO5gA3zD4fJt6iStLlL+Lg4m2cihcDf8Y= github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w= github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU= -github.com/spf13/cobra v1.5.0 h1:X+jTBEBqF0bHN+9cSMgmfuvv2VHJ9ezmFNf9Y/XstYU= -github.com/spf13/cobra v1.5.0/go.mod h1:dWXEIy2H428czQCjInthrTRUg7yKbok+2Qi/yBIJoUM= +github.com/spf13/cobra v1.6.1 h1:o94oiPyS4KD1mPy2fmcYYHHfCxLqYjJOhGsCHFZtEzA= +github.com/spf13/cobra v1.6.1/go.mod h1:IOw/AERYS7UzyrGinqmz6HLUo219MORXGxhbaJUqzrY= github.com/spf13/fsync v0.9.0 h1:f9CEt3DOB2mnHxZaftmEOFWjABEvKM/xpf3cUwJrGOY= github.com/spf13/fsync v0.9.0/go.mod h1:fNtJEfG3HiltN3y4cPOz6MLjos9+2pIEqLIgszqhp/0= github.com/spf13/jwalterweatherman v1.1.0 h1:ue6voC5bR5F8YxI5S67j9i582FU4Qvo2bmqnqMYADFk= @@ -515,10 +518,10 @@ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/tdewolff/minify/v2 v2.12.1 h1:zcjJTcO0uI+asdT+nd4TjXi3KUmVV/G2kxOKKrgKlGw= -github.com/tdewolff/minify/v2 v2.12.1/go.mod h1:p5pwbvNs1ghbFED/ZW1towGsnnWwzvM8iz8l0eURi9g= -github.com/tdewolff/parse/v2 v2.6.3 h1:O5rshbkaRmpRtD7k2lG65bEJpcfUMNg5Cx2uRKWVsI8= -github.com/tdewolff/parse/v2 v2.6.3/go.mod h1:woz0cgbLwFdtbjJu8PIKxhW05KplTFQkOdX78o+Jgrs= +github.com/tdewolff/minify/v2 v2.12.4 h1:kejsHQMM17n6/gwdw53qsi6lg0TGddZADVyQOz1KMdE= +github.com/tdewolff/minify/v2 v2.12.4/go.mod h1:h+SRvSIX3kwgwTFOpSckvSxgax3uy8kZTSF1Ojrr3bk= +github.com/tdewolff/parse/v2 v2.6.4 h1:KCkDvNUMof10e3QExio9OPZJT8SbdKojLBumw8YZycQ= +github.com/tdewolff/parse/v2 v2.6.4/go.mod h1:woz0cgbLwFdtbjJu8PIKxhW05KplTFQkOdX78o+Jgrs= github.com/tdewolff/test v1.0.7 h1:8Vs0142DmPFW/bQeHRP3MV19m1gvndjUb1sn8yy74LM= github.com/tdewolff/test v1.0.7/go.mod h1:6DAvZliBAAnD7rhVgwaM7DE5/d9NMOAJ09SqYqeK4QE= github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw= @@ -528,8 +531,8 @@ github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -github.com/yuin/goldmark v1.4.15 h1:CFa84T0goNn/UIXYS+dmjjVxMyTAvpOmzld40N/nfK0= -github.com/yuin/goldmark v1.4.15/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= +github.com/yuin/goldmark v1.5.2 h1:ALmeCk/px5FSm1MAcFBAsVKZjDuMVj8Tm7FFIlMJnqU= +github.com/yuin/goldmark v1.5.2/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= go.opencensus.io v0.15.0/go.mod h1:UffZAU+4sDEINUGP/B7UfBBkq4fqLu9zXAX7ke6CHW0= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= @@ -648,8 +651,8 @@ golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220325170049-de3da57026de/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220412020605-290c469a71a5/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220607020251-c690dde0001d h1:4SFsTMi4UahlKoloni7L4eYzhFRifURQLw+yv0QDCx8= -golang.org/x/net v0.0.0-20220607020251-c690dde0001d/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.1.0 h1:hZ/3BUoy5aId7sCpA/Tc5lt8DkFgdVS2onTpJsZ/fl0= +golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -682,8 +685,9 @@ golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c h1:5KslGYwFpkhGh+Q16bwMP3cOontH8FOep7tGV86Y7SQ= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 h1:uVc8UZUe6tr40fFVnUP5Oj+veunVezqYl9z7DYw9xzw= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -748,8 +752,10 @@ golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220328115105-d36c6a25d886/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab h1:2QkjZIsXupsJbJIdSjjUOgWK3aEtzyuh2mPt3l/CkeU= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.1.0 h1:kunALQeHf1/185U1i0GOB/fy1IPRDDpuoOOqRReG57U= +golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -760,8 +766,9 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.4.0 h1:BrVqGRd7+k1DiOgtnFvAkoQEWQvBc25ouMJM6429SFg= +golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -820,8 +827,8 @@ golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.11 h1:loJ25fNOEhSXfHrpoGj91eCUThwdNX6u24rO1xnNteY= -golang.org/x/tools v0.1.11/go.mod h1:SgwaegtQh8clINPpECJMqnxLv9I09HLqnW3RMqW0CA4= +golang.org/x/tools v0.2.0 h1:G6AHpWxTMGY1KyEYoAQ5WTtIekUUvDNjan3ugu60JvE= +golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= From b8b41b52c2844fad8cd68cbb039eee1ccdc3350b Mon Sep 17 00:00:00 2001 From: Alexander Stein Date: Tue, 1 Nov 2022 13:54:15 -0400 Subject: [PATCH 094/138] Add profile checks with Schematron for usnistgov/oscal-content#128. (#1513) Profile checker Schematron queryBinding from xslt3->xslt2. We need to do this in the interim or we will need to significantly change or upgrade the CI/CD Schematron checker from current Schematron/schematron skeleton to SchXslt or equivalent. The former is mothballed and there was no addition of XSLT3 support. Potentially investigate further. Team discussion: https://gitter.im/usnistgov-OSCAL/xslt-etc?at=634dc527dcbf067fdc9c47cd Schematron issue: https://github.com/Schematron/schematron/issues/20 SchXslt docs on XSLT 3.0 support: https://github.com/schxslt/schxslt/blob/62f1141613c9d4c02d8de86713bb3f3b29d6cf1c/README.md#additional-xslt-elements --- build/ci-cd/validate-content.sh | 53 +++++++++++++++++++++++++- src/utils/schematron/oscal-profile.sch | 2 +- 2 files changed, 53 insertions(+), 2 deletions(-) diff --git a/build/ci-cd/validate-content.sh b/build/ci-cd/validate-content.sh index bcec83b52d..d94e6a6aca 100755 --- a/build/ci-cd/validate-content.sh +++ b/build/ci-cd/validate-content.sh @@ -6,6 +6,7 @@ if [ -z ${OSCAL_SCRIPT_INIT+x} ]; then source "$(cd "$(dirname "${BASH_SOURCE[0]}")" >/dev/null && pwd)/include/init-oscal.sh" fi source "$OSCALDIR/build/metaschema/scripts/include/init-validate-content.sh" +source "$OSCALDIR/build/metaschema/scripts/include/init-schematron.sh" # Option defaults ARTIFACT_DIR="${OSCALDIR}" @@ -23,10 +24,16 @@ Usage: $0 [options] -o DIR, --oscal-dir DIR OSCAL schema are located in DIR. -h, --help Display help -v Provide verbose output +--scratch-dir DIR Generate temporary artifacts in DIR + If not provided a new directory will be + created under \$TMPDIR if set or in /tmp. +--keep-temp-scratch-dir If a scratch directory is automatically + created, it will not be automatically removed. EOF } -if ! OPTS=$(getopt -o o:vhc:a: --long artifact-dir:,oscal-dir:,help,config-file: -n "$0" -- "$@"); then echo "Failed parsing options." >&2 ; usage ; exit 1 ; fi +OPTS=$(getopt -o o:vhc:a: --long artifact-dir:,oscal-dir:,help,config-file:,scratch-dir:,keep-temp-scratch-dir -n "$0" -- "$@") +if [ $? != 0 ] ; then echo "Failed parsing options." >&2 ; usage ; exit 1 ; fi # Process arguments eval set -- "$OPTS" @@ -45,6 +52,13 @@ while [ $# -gt 0 ]; do ARTIFACT_DIR="$(realpath "$2")" shift # past path ;; + --scratch-dir) + SCRATCH_DIR="$(realpath "$2")" + shift # past path + ;; + --keep-temp-scratch-dir) + KEEP_TEMP_SCRATCH_DIR=true + ;; -v) VERBOSE=true ;; @@ -76,6 +90,28 @@ if [ "$VERBOSE" = "true" ]; then echo -e "${P_INFO}Using config file:${P_END} ${CONFIG_FILE}" fi +if [ -z "${SCRATCH_DIR+x}" ]; then + SCRATCH_DIR="$(mktemp -d)" + if [ "$KEEP_TEMP_SCRATCH_DIR" != "true" ]; then + function CleanupScratchDir() { + rc=$? + if [ "$VERBOSE" = "true" ]; then + echo -e "" + echo -e "${P_INFO}Cleanup${P_END}" + echo -e "${P_INFO}=======${P_END}" + echo -e "${P_INFO}Deleting scratch directory:${P_END} ${SCRATCH_DIR}" + fi + rm -rf "${SCRATCH_DIR}" + exit $rc + } + trap CleanupScratchDir EXIT + fi +fi + +profile_schematron="oscal/src/utils/schematron/oscal-profile.sch" +compiled_profile_schematron="${SCRATCH_DIR}/oscal-profile.xsl" +build_schematron "${profile_schematron}" "${compiled_profile_schematron}" + exitcode=0 shopt -s nullglob shopt -s globstar @@ -113,6 +149,21 @@ while IFS="|" read path format model converttoformats || [ -n "$path" ]; do else echo -e "${P_OK}XML Schema validation passed for '${P_END}${file_relative}${P_OK}' using schema '${P_END}${schema_relative}${P_OK}'.${P_END}" fi + + if [ "${model}" == "profile" ]; then + echo -e "${P_INFO}Validating profile with Schematron for project's requirements and recommendations.${P_INFO}${P_END}" + target_file=$(basename -- "${file_relative}") + svrl_result="/tmp/${target_file}.svrl" + result=$(validate_with_schematron "${SCRATCH_DIR}/oscal-profile.xsl" "${file_relative}" "$svrl_result" 2>&1) + cmd_exitcode=$? + if [ $cmd_exitcode -ne 0 ]; then + echo -e "${P_ERROR}Profile validation execution for '${P_END}${file_relative}${P_ERROR}' with Schematron '${P_END}${profile_schematron}${P_ERROR}' did not complete.${P_END}" + echo -e "${P_ERROR}${result}${P_END}" + exitcode=1 + else + echo -e "${P_OK}Profile validation execution for '${P_END}${file_relative}${P_OK}' with Schematron '${P_END}${profile_schematron}${P_OK}' completed successfully.${P_END}" + fi + fi ;; json) schema="$WORKING_DIR/json/schema/oscal_${model}_schema.json" diff --git a/src/utils/schematron/oscal-profile.sch b/src/utils/schematron/oscal-profile.sch index b0d227b7ab..36364d15a6 100644 --- a/src/utils/schematron/oscal-profile.sch +++ b/src/utils/schematron/oscal-profile.sch @@ -1,5 +1,5 @@ - From 0737e61760e8b89cd212e7f95f1a1addc91dd9c0 Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Tue, 1 Nov 2022 14:05:08 -0400 Subject: [PATCH 095/138] reduced the amount of 'OSCAL' references in data type documentation. (#1531) --- docs/content/reference/datatypes.md | 26 ++++++++++++-------------- 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/docs/content/reference/datatypes.md b/docs/content/reference/datatypes.md index 4ea5cd098f..1848f2a40b 100644 --- a/docs/content/reference/datatypes.md +++ b/docs/content/reference/datatypes.md @@ -574,26 +574,25 @@ In JSON Schema, this is represented as: ## Markup Data Types -Structured prose text in OSCAL is designed to map cleanly to equivalent subsets of HTML and Markdown. This allows HTML-like markup to be incorporated in OSCAL XML-based content using an element set maintained in the OSCAL namespace. This HTML-equivalent element set is not intended to be treated directly as HTML, but to be readily and transparently converted to HTML (or other presentational formats) as needed. Similarly, OSCAL uses a subset of Markdown for use in OSCAL JSON- and YAML-based content. A mapping is supported between the HTML-like element set and the Markdown syntax, which supports transparent and lossless bidirectional mapping between both OSCAL markup representations. +Structured prose text is designed to map cleanly to equivalent subsets of HTML and Markdown. This allows HTML-like markup to be incorporated in OSCAL XML-based content using an element set maintained in the OSCAL namespace. This HTML-equivalent element set is not intended to be treated directly as HTML, but to be readily and transparently converted to HTML (or other presentational formats) as needed. Similarly, OSCAL uses a subset of Markdown for use in OSCAL JSON- and YAML-based content. A mapping is supported between the HTML-like element set and the Markdown syntax, which supports transparent and lossless bidirectional mapping between both markup representations. -The OSCAL HTML-like syntax supports: +The HTML-like syntax supports: - HTML paragraphs (`p`), headers (`h1`-`h6`), tables (`table`), preformatted text (`pre`), code blocks (`code`), and ordered and unordered lists (`ol` and `ul`.) - Within paragraphs or text content: `a`, `img`, `strong`, `em`, `b`, `i`, `sup`, `sub`. +In remarks below and throughout this documentation, this element set may be referred to as "prose content" or "prose". This tag set (and Markdown equivalent) is defined as a module. -In remarks below and throughout this documentation, this element set may be referred to as "prose content" or "prose". A future OSCAL could support the definition of this tag set (and Markdown equivalent) as a module, enabling our HTML subset to be switched out for something else. (Its prose model would be different from OSCAL prose as currently defined.) +Note that elements such as `div`, `blockquote`, `section` or `aside`, used in HTML to provide structure, are *not permitted*. Instead, structures should be represented using specific model elements (or objects in JSON) such as `part`, which can include prose. -Note that elements such as `div`, `blockquote`, `section` or `aside`, used in HTML to provide structure, are *not permitted in OSCAL*. Structures in OSCAL should be represented using OSCAL elements (or objects in JSON) such as `part`, which can include prose. +In addition, there are contexts where prose usage may be further constrained. For example, at a higher level (outside the base schema) an application could forbid the use of prose headers `h1-h6` in favor of nested `part` elements with their own titles. -In addition, there are contexts in OSCAL where prose usage may be further constrained. For example, at a higher level (outside the base schema) an OSCAL application could forbid the use of prose headers `h1-h6` in favor of nested OSCAL `part` elements with their own titles. - -The OSCAL Markdown syntax is loosely based on CommonMark. When in doubt about Markdown features and syntax, we look to CommonMark for guidance, largely because it is more rigorously tested than many other forms of Markdown. +The Markdown syntax is loosely based on [CommonMark](https://commonmark.org/). When in doubt about Markdown features and syntax, we look to CommonMark for guidance, largely because it is more rigorously tested than many other forms of Markdown. ### markup-line -The following table describes the equivalent constructs in HTML and Markdown used in OSCAL within the `markup-line` data type. +The following table describes the equivalent constructs in HTML and Markdown used within the `markup-line` data type. | Markup Type | HTML | Markdown | |:--- |:--- |:--- | @@ -608,13 +607,13 @@ The following table describes the equivalent constructs in HTML and Markdown use | Image | <img alt="*alt text*" src="*url*" title="*title text*"/> | !\[*alt text*](*url* "*title text*") | Link | <a *href*="*url*">*text*</a> | \[*text*](*url*) -Note: Markdown does not have an equivalent of the HTML <i> and <b> tags, which indicate italics and bold respectively. These concepts are mapped in OSCAL markup text to <em> and <strong> [common mark](https://spec.commonmark.org/0.29/#emphasis-and-strong-emphasis), which render equivalently in browsers, but do not have exactly the same semantics. While this mapping is imperfect, it represents the common uses of these HTML tags. +Note: Markdown does not have an equivalent of the HTML <i> and <b> tags, which indicate italics and bold respectively. These concepts are mapped in markup text to <em> and <strong> (see [common mark](https://spec.commonmark.org/0.29/#emphasis-and-strong-emphasis)), which render equivalently in browsers, but do not have exactly the same semantics. While this mapping is imperfect, it represents the common uses of these HTML tags. #### Parameter Insertion The OSCAL catalog, profile, and implementation layer models allow for control parameters to be defined and injected into prose text. -Parameter injection is handled in OSCAL as follows using the <insert> tag, where you must provide its type and the identifier reference with id-ref: +Reference injection is handled using the <insert> tag, where you must provide its type and the identifier reference with id-ref: ```html This implements as required to address organizational changes. @@ -677,14 +676,14 @@ Tables are also supported by `markup-multiline` which are mapped from Markdown t - The first row in a Markdown table is considered a header row, with each cell mapped as a <th>. - The alignment formatting (second) row of the Markdown table is not converted to HTML. Formatting is currently ignored. - Each remaining row is mapped as a cell using the <td> tag. -- HTML `colspan` and `rowspan` are not supported by Markdown, and so are excluded from OSCAL. +- HTML `colspan` and `rowspan` are not supported by Markdown, and so are excluded from use. -OSCAL attempts to support simple tables mainly due to the prevalence of tables in legacy data sets. However, producers of OSCAL data should note that when they have tabular information, these are frequently semantic structures or matrices that can be described directly in OSCAL as named parts and properties or as parts, sub-parts and paragraphs. This ensures that their nominal or represented semantics are accessible for processing when this information would be lost in plain table cells. Table markup should be used only as a fallback option when stronger semantic labeling is not possible. +Simple tables are mainly supported due to the prevalence of tables in legacy data sets. However, producers of OSCAL data should note that when they have tabular information, these are frequently semantic structures or matrices that can be described directly in OSCAL as named parts and properties or as parts, sub-parts and paragraphs. This ensures that their nominal or represented semantics are accessible for processing when this information would be lost in plain table cells. Table markup should be used only as a fallback option when stronger semantic labeling is not possible. Tables are mapped from HTML to Markdown as follows: * Only a single header row <tr><th> is supported. This row is mapped to the Markdown table header, with header cells preceded, delimited, and terminated by `|`. -* The second row is given as a sequence of `---`, as many as the table has columns, delimited by single `|`. In Markdown, a simple syntax here can be used to indicate the alignment of cells; OSCAL HTML does not support this feature. +* The second row is given as a sequence of `---`, as many as the table has columns, delimited by single `|`. In Markdown, a simple syntax here can be used to indicate the alignment of cells; the HTML binding does not support this feature. * Each subsequent row is mapped to the Markdown table rows, with cells preceded, delimited, and terminated by `|`. For example: @@ -706,7 +705,6 @@ Is mapped to the Markdown table: | Have some of | Try all of | ``` - #### Line feeds in Markdown Additionally, line feed (LF) characters must be escaped as "\\n" when appearing in string contents in JSON and (depending on placement) in YAML. In Markdown, the line feed is used to delimit paragraphs and other block elements, represented using markup (tagging) in the XML version. When transcribed into JSON, these LF characters must also appear as "\\n". From 0ffe9067dcf5fa5784929b207abb05b1afb7de8b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 1 Nov 2022 14:06:12 -0400 Subject: [PATCH 096/138] Bump peaceiris/actions-gh-pages from 3.8.0 to 3.9.0 (#1537) Bumps [peaceiris/actions-gh-pages](https://github.com/peaceiris/actions-gh-pages) from 3.8.0 to 3.9.0. - [Release notes](https://github.com/peaceiris/actions-gh-pages/releases) - [Changelog](https://github.com/peaceiris/actions-gh-pages/blob/main/CHANGELOG.md) - [Commits](https://github.com/peaceiris/actions-gh-pages/compare/068dc23d9710f1ba62e86896f84735d869951305...de7ea6f8efb354206b205ef54722213d99067935) --- updated-dependencies: - dependency-name: peaceiris/actions-gh-pages dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-website.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index da8c35e2f4..7337d07629 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -164,7 +164,7 @@ jobs: script: | core.setFailed('Link checker detected broken or invalid links, read attached report.') - name: Deploy Website (using access_token) - uses: peaceiris/actions-gh-pages@068dc23d9710f1ba62e86896f84735d869951305 + uses: peaceiris/actions-gh-pages@de7ea6f8efb354206b205ef54722213d99067935 if: github.event_name == 'push' && inputs.commit_resources == true && github.ref_name == 'main' with: github_token: ${{ secrets.access_token }} @@ -173,7 +173,7 @@ jobs: publish_branch: nist-pages commit_message: Deploying website [ci deploy skip] - name: Deploy Website (using COMMIT_TOKEN) - uses: peaceiris/actions-gh-pages@068dc23d9710f1ba62e86896f84735d869951305 + uses: peaceiris/actions-gh-pages@de7ea6f8efb354206b205ef54722213d99067935 if: github.event_name == 'workflow_dispatch' && github.event.inputs.commit_resources == 'true' && github.ref_name == 'main' with: github_token: ${{ secrets.COMMIT_TOKEN }} From edad841abe480a5ebacb497ed5d0a5e5d33b2067 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 1 Nov 2022 14:06:31 -0400 Subject: [PATCH 097/138] Bump actions/upload-artifact from 3.1.0 to 3.1.1 (#1536) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.0 to 3.1.1. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/3cea5372237819ed00197afe530f5a7ea3e805c8...83fd05a356d7e2593de66fc9913b3002723633cb) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/package-release.yml | 2 +- .../workflows/workflow-generate-metaschema-resources.yml | 2 +- .github/workflows/workflow-generate-website-reference.yml | 2 +- .github/workflows/workflow-generate-website.yml | 6 +++--- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/package-release.yml b/.github/workflows/package-release.yml index ff52e0a38b..a68765e6ee 100644 --- a/.github/workflows/package-release.yml +++ b/.github/workflows/package-release.yml @@ -38,7 +38,7 @@ jobs: bash "${OSCAL_CICD_PATH}/package-release.sh" "${OSCAL_WORKING_PATH}" tar -jcvf "${OSCAL_WORKING_PATH}/${RELEASE_NAME}.tar.bz2" -C "${OSCAL_WORKING_PATH}/archive" . (cd "${OSCAL_WORKING_PATH}/archive" && zip -r "../${RELEASE_NAME}.zip" .) - - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 + - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb with: name: release-artifacts path: | diff --git a/.github/workflows/workflow-generate-metaschema-resources.yml b/.github/workflows/workflow-generate-metaschema-resources.yml index cd3eab594c..f317da0553 100644 --- a/.github/workflows/workflow-generate-metaschema-resources.yml +++ b/.github/workflows/workflow-generate-metaschema-resources.yml @@ -119,7 +119,7 @@ jobs: run: | zip ${{ runner.temp }}/metaschema-artifacts.zip -r xml/schema/*.xsd json/schema/*.json xml/convert/*.xsl json/convert/*.xsl working-directory: ${{ env.CHECKOUT_PATH }} - - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 + - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb with: name: schemas-and-converters path: | diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index b26779a320..3821c5b803 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -149,7 +149,7 @@ jobs: run: | zip ${{ runner.temp }}/metaschema-website.zip -r public/ working-directory: ${{ env.MAIN_PATH }}/docs - - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 + - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb with: name: website path: | diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index 7337d07629..cc937b8fd1 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -96,7 +96,7 @@ jobs: - name: Generate specification documentation run: | bash "${CICD_PATH}/generate-specification-documentation.sh" - - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 + - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb with: name: specification-docs path: | @@ -133,7 +133,7 @@ jobs: run: | zip ${{ runner.temp }}/metaschema-website.zip -r public/ working-directory: ${{ github.workspace }}/docs - - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 + - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb with: name: website path: | @@ -148,7 +148,7 @@ jobs: output: html-link-report.md env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 + - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb with: name: html-link-report path: html-link-report.md From 66c5183033344e480b6f636faf5bb63fa67deceb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 1 Nov 2022 14:06:45 -0400 Subject: [PATCH 098/138] Bump stefanzweifel/git-auto-commit-action from 4.15.1 to 4.15.3 (#1535) Bumps [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action) from 4.15.1 to 4.15.3. - [Release notes](https://github.com/stefanzweifel/git-auto-commit-action/releases) - [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md) - [Commits](https://github.com/stefanzweifel/git-auto-commit-action/compare/fd157da78fa13d9383e5580d1fd1184d89554b51...0049e3fa4059ca715255fbbcb7dea4516f02ce0a) --- updated-dependencies: - dependency-name: stefanzweifel/git-auto-commit-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-metaschema-resources.yml | 2 +- .github/workflows/workflow-generate-website-reference.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-metaschema-resources.yml b/.github/workflows/workflow-generate-metaschema-resources.yml index f317da0553..6e93effc60 100644 --- a/.github/workflows/workflow-generate-metaschema-resources.yml +++ b/.github/workflows/workflow-generate-metaschema-resources.yml @@ -130,7 +130,7 @@ jobs: - name: Publish Schemas and Converters # only do this on master if: github.event.inputs.commit_resources == 'true' || inputs.commit_resources == true - uses: stefanzweifel/git-auto-commit-action@fd157da78fa13d9383e5580d1fd1184d89554b51 + uses: stefanzweifel/git-auto-commit-action@0049e3fa4059ca715255fbbcb7dea4516f02ce0a with: repository: ${{ env.CHECKOUT_PATH }} file_pattern: xml json diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index 3821c5b803..65f87a6493 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -158,7 +158,7 @@ jobs: - name: Publish Generated Pages # only do this on master if: github.event.inputs.commit_resources == 'true' || inputs.commit_resources == true - uses: stefanzweifel/git-auto-commit-action@fd157da78fa13d9383e5580d1fd1184d89554b51 + uses: stefanzweifel/git-auto-commit-action@0049e3fa4059ca715255fbbcb7dea4516f02ce0a with: repository: ${{ env.MAIN_PATH }} file_pattern: docs From 8d1c98786ba90be71f075fd6e97515aaa7a19ac9 Mon Sep 17 00:00:00 2001 From: Alexander Stein Date: Tue, 1 Nov 2022 14:50:00 -0400 Subject: [PATCH 099/138] Add possible Schematron documentation checks (#1501) * Add possible Schematron documentation checks This is the product of the meeting and spike where we pair-programmed and came up with example Schematron rules for tentative editorial standards that can be used for reviews of models and embedded docs as part of usnistgov/OSCAL#801. Co-authored-by: Chris Compton Co-authored-by: Rene Rene Tshiteya Co-authored-by: Wendell Piez Add CI/CD checking of Schematron doc standards checking. Always zip and upload Schematron validation results for potential debug. * After, show the Schematron checks passing after Metaschema def fixes. * Revert validate-metaschema.sh changes. * Revert refactored Schematron and remove from PR. * Update metaschema module to include updated Schematron in usnistgov/metaschema#246. Co-authored-by: David Waltermire --- .../workflow-generate-metaschema-resources.yml | 12 ++++++++++++ build/metaschema | 2 +- src/metaschema/oscal_control-common_metaschema.xml | 2 +- src/metaschema/oscal_ssp_metaschema.xml | 14 +++++--------- 4 files changed, 19 insertions(+), 11 deletions(-) diff --git a/.github/workflows/workflow-generate-metaschema-resources.yml b/.github/workflows/workflow-generate-metaschema-resources.yml index 6e93effc60..e8a3c118af 100644 --- a/.github/workflows/workflow-generate-metaschema-resources.yml +++ b/.github/workflows/workflow-generate-metaschema-resources.yml @@ -119,12 +119,24 @@ jobs: run: | zip ${{ runner.temp }}/metaschema-artifacts.zip -r xml/schema/*.xsd json/schema/*.json xml/convert/*.xsl json/convert/*.xsl working-directory: ${{ env.CHECKOUT_PATH }} + - name: Zip Schematron Validation Results for Debugging + if: always() + run: | + zip ${{ runner.temp }}/schematron-validations.zip -r ${{ runner.temp }} build/metaschema/toolchains/xslt-M4/validate/metaschema-composition-check-compiled.xsl + working-directory: ${{ env.CHECKOUT_PATH }} - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb with: name: schemas-and-converters path: | ${{ runner.temp }}/metaschema-artifacts.zip retention-days: 5 + - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 + if: always() + with: + name: schematron-validation-reports + path: | + ${{ runner.temp }}/schematron-validations.zip + retention-days: 5 # Store Built Artifacts # --------------- - name: Publish Schemas and Converters diff --git a/build/metaschema b/build/metaschema index 9686b09db4..d3d53940dc 160000 --- a/build/metaschema +++ b/build/metaschema @@ -1 +1 @@ -Subproject commit 9686b09db4eeee34b88d3281371c7498beb46169 +Subproject commit d3d53940dc748ab2f07749d6867d0012e5d427a5 diff --git a/src/metaschema/oscal_control-common_metaschema.xml b/src/metaschema/oscal_control-common_metaschema.xml index 3934e1dfbd..c2d544caef 100644 --- a/src/metaschema/oscal_control-common_metaschema.xml +++ b/src/metaschema/oscal_control-common_metaschema.xml @@ -6,7 +6,7 @@ ]> - OSCAL Control Catalog Format -- Common Models 1.0.4 diff --git a/src/metaschema/oscal_ssp_metaschema.xml b/src/metaschema/oscal_ssp_metaschema.xml index e98fbf64d0..5de374351d 100644 --- a/src/metaschema/oscal_ssp_metaschema.xml +++ b/src/metaschema/oscal_ssp_metaschema.xml @@ -30,7 +30,7 @@ System Security Plan (SSP) - A system security plan, such as those described in NIST SP 800-18 + A system security plan, such as those described in NIST SP 800-18. system-security-plan System Security Plan Universally Unique Identifier @@ -106,8 +106,7 @@ Security Sensitivity Level - The overall information system sensitivity categorization, such as defined by FIPS-199. - + The overall information system sensitivity categorization, such as defined by FIPS-199.

    Often, organizations require the security sensitivity level to correspond with the highest confidentiality, integrity, or availability level identified by security-impact-level.

    @@ -181,8 +180,7 @@
    System Information - Contains details about all information types that are stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. - + Contains details about all information types that are stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. @@ -192,8 +190,7 @@ Information Type - Contains details about one information type that is stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. - + Contains details about one information type that is stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. Information Type Universally Unique Identifier @@ -535,8 +532,7 @@
    Leveraged Authorization - A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a common control provider. - + A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a common control provider. Leveraged Authorization Universally Unique Identifier From 7d7a672333bf1ed2c6846d59cb641359530273d0 Mon Sep 17 00:00:00 2001 From: OSCAL GitHub Actions Bot Date: Tue, 1 Nov 2022 18:54:55 +0000 Subject: [PATCH 100/138] Publishing generated metaschema resources [ci skip] --- json/schema/oscal_complete_schema.json | 2 +- json/schema/oscal_ssp_schema.json | 2 +- xml/schema/oscal_assessment-plan_schema.xsd | 59 ++++++-------- .../oscal_assessment-results_schema.xsd | 59 ++++++-------- xml/schema/oscal_catalog_schema.xsd | 59 ++++++-------- xml/schema/oscal_complete_schema.xsd | 79 ++++++++----------- xml/schema/oscal_component_schema.xsd | 59 ++++++-------- xml/schema/oscal_mapping_schema.xsd | 59 ++++++-------- xml/schema/oscal_poam_schema.xsd | 59 ++++++-------- xml/schema/oscal_profile_schema.xsd | 59 ++++++-------- xml/schema/oscal_ssp_schema.xsd | 79 ++++++++----------- 11 files changed, 238 insertions(+), 337 deletions(-) diff --git a/json/schema/oscal_complete_schema.json b/json/schema/oscal_complete_schema.json index 618dfb0cd4..90d7334ed1 100644 --- a/json/schema/oscal_complete_schema.json +++ b/json/schema/oscal_complete_schema.json @@ -2207,7 +2207,7 @@ "additionalProperties" : false }, "oscal-complete-oscal-ssp:system-security-plan" : { "title" : "System Security Plan (SSP)", - "description" : "A system security plan, such as those described in NIST SP 800-18", + "description" : "A system security plan, such as those described in NIST SP 800-18.", "$id" : "#assembly_oscal-ssp_system-security-plan", "type" : "object", "properties" : diff --git a/json/schema/oscal_ssp_schema.json b/json/schema/oscal_ssp_schema.json index 7a29c31d31..3ba4fd1c6f 100644 --- a/json/schema/oscal_ssp_schema.json +++ b/json/schema/oscal_ssp_schema.json @@ -6,7 +6,7 @@ "definitions" : { "oscal-ssp-oscal-ssp:system-security-plan" : { "title" : "System Security Plan (SSP)", - "description" : "A system security plan, such as those described in NIST SP 800-18", + "description" : "A system security plan, such as those described in NIST SP 800-18.", "$id" : "#assembly_oscal-ssp_system-security-plan", "type" : "object", "properties" : diff --git a/xml/schema/oscal_assessment-plan_schema.xsd b/xml/schema/oscal_assessment-plan_schema.xsd index 5eefa07fb1..a8cc0f53e1 100644 --- a/xml/schema/oscal_assessment-plan_schema.xsd +++ b/xml/schema/oscal_assessment-plan_schema.xsd @@ -4946,13 +4946,13 @@ - - - - - - - + + + + + + + @@ -4961,16 +4961,11 @@ - - - - - - + - The content model is the same as inlineType, but line endings need + The content model is the same as inlineMarkupType, but line endings need to be preserved, since this is preformatted. @@ -5007,7 +5002,7 @@ - + @@ -5021,6 +5016,11 @@ + + + + + @@ -5030,31 +5030,21 @@ - - - - - - - - - - - - - - + + + + + + + + + - - - - - @@ -5062,7 +5052,6 @@ - diff --git a/xml/schema/oscal_assessment-results_schema.xsd b/xml/schema/oscal_assessment-results_schema.xsd index 6cad61663b..2f89901774 100644 --- a/xml/schema/oscal_assessment-results_schema.xsd +++ b/xml/schema/oscal_assessment-results_schema.xsd @@ -5233,13 +5233,13 @@ - - - - - - - + + + + + + + @@ -5248,16 +5248,11 @@ - - - - - - + - The content model is the same as inlineType, but line endings need + The content model is the same as inlineMarkupType, but line endings need to be preserved, since this is preformatted. @@ -5294,7 +5289,7 @@ - + @@ -5308,6 +5303,11 @@ + + + + + @@ -5317,31 +5317,21 @@ - - - - - - - - - - - - - - + + + + + + + + + - - - - - @@ -5349,7 +5339,6 @@ - diff --git a/xml/schema/oscal_catalog_schema.xsd b/xml/schema/oscal_catalog_schema.xsd index e0499ac944..4d087b5dbb 100644 --- a/xml/schema/oscal_catalog_schema.xsd +++ b/xml/schema/oscal_catalog_schema.xsd @@ -1992,13 +1992,13 @@ - - - - - - - + + + + + + + @@ -2007,16 +2007,11 @@ - - - - - - + - The content model is the same as inlineType, but line endings need + The content model is the same as inlineMarkupType, but line endings need to be preserved, since this is preformatted. @@ -2053,7 +2048,7 @@ - + @@ -2067,6 +2062,11 @@ + + + + + @@ -2076,31 +2076,21 @@ - - - - - - - - - - - - - - + + + + + + + + + - - - - - @@ -2108,7 +2098,6 @@ - diff --git a/xml/schema/oscal_complete_schema.xsd b/xml/schema/oscal_complete_schema.xsd index 7f5d836a32..5fcac80033 100644 --- a/xml/schema/oscal_complete_schema.xsd +++ b/xml/schema/oscal_complete_schema.xsd @@ -3764,10 +3764,10 @@ System Security Plan (SSP) - A system security plan, such as those described in NIST SP 800-18 + A system security plan, such as those described in NIST SP 800-18. - System Security Plan (SSP): A system security plan, such as those described in NIST SP 800-18 + System Security Plan (SSP): A system security plan, such as those described in NIST SP 800-18. Security Sensitivity Level - The overall information system sensitivity categorization, such as defined by FIPS-199. + The overall information system sensitivity categorization, such as defined by FIPS-199. - Security Sensitivity Level: The overall information system sensitivity categorization, such as defined by FIPS-199. + Security Sensitivity Level: The overall information system sensitivity categorization, such as defined by FIPS-199. @@ -3968,10 +3968,10 @@ System Information - Contains details about all information types that are stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. + Contains details about all information types that are stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. - System Information: Contains details about all information types that are stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. + System Information: Contains details about all information types that are stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. Information Type - Contains details about one information type that is stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. + Contains details about one information type that is stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. - Information Type: Contains details about one information type that is stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. + Information Type: Contains details about one information type that is stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. @@ -4522,10 +4522,10 @@ Leveraged Authorization - A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a common control provider. + A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a common control provider. - Leveraged Authorization: A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a common control provider. + Leveraged Authorization: A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a common control provider. @@ -8601,13 +8601,13 @@ - - - - - - - + + + + + + + @@ -8616,16 +8616,11 @@ - - - - - - + - The content model is the same as inlineType, but line endings need + The content model is the same as inlineMarkupType, but line endings need to be preserved, since this is preformatted. @@ -8662,7 +8657,7 @@ - + @@ -8676,6 +8671,11 @@ + + + + + @@ -8685,31 +8685,21 @@ - - - - - - - - - - - - - - + + + + + + + + + - - - - - @@ -8717,7 +8707,6 @@ - diff --git a/xml/schema/oscal_component_schema.xsd b/xml/schema/oscal_component_schema.xsd index 16352466fc..7ac87e9746 100644 --- a/xml/schema/oscal_component_schema.xsd +++ b/xml/schema/oscal_component_schema.xsd @@ -2703,13 +2703,13 @@ - - - - - - - + + + + + + + @@ -2718,16 +2718,11 @@ - - - - - - + - The content model is the same as inlineType, but line endings need + The content model is the same as inlineMarkupType, but line endings need to be preserved, since this is preformatted. @@ -2764,7 +2759,7 @@ - + @@ -2778,6 +2773,11 @@ + + + + + @@ -2787,31 +2787,21 @@ - - - - - - - - - - - - - - + + + + + + + + + - - - - - @@ -2819,7 +2809,6 @@ - diff --git a/xml/schema/oscal_mapping_schema.xsd b/xml/schema/oscal_mapping_schema.xsd index 1c38a12e83..84a1cce3e7 100644 --- a/xml/schema/oscal_mapping_schema.xsd +++ b/xml/schema/oscal_mapping_schema.xsd @@ -1517,13 +1517,13 @@ - - - - - - - + + + + + + + @@ -1532,16 +1532,11 @@ - - - - - - + - The content model is the same as inlineType, but line endings need + The content model is the same as inlineMarkupType, but line endings need to be preserved, since this is preformatted. @@ -1578,7 +1573,7 @@ - + @@ -1592,6 +1587,11 @@ + + + + + @@ -1601,31 +1601,21 @@ - - - - - - - - - - - - - - + + + + + + + + + - - - - - @@ -1633,7 +1623,6 @@ - diff --git a/xml/schema/oscal_poam_schema.xsd b/xml/schema/oscal_poam_schema.xsd index 8c0fee166a..2387f2a9c2 100644 --- a/xml/schema/oscal_poam_schema.xsd +++ b/xml/schema/oscal_poam_schema.xsd @@ -5084,13 +5084,13 @@ - - - - - - - + + + + + + + @@ -5099,16 +5099,11 @@ - - - - - - + - The content model is the same as inlineType, but line endings need + The content model is the same as inlineMarkupType, but line endings need to be preserved, since this is preformatted. @@ -5145,7 +5140,7 @@ - + @@ -5159,6 +5154,11 @@ + + + + + @@ -5168,31 +5168,21 @@ - - - - - - - - - - - - - - + + + + + + + + + - - - - - @@ -5200,7 +5190,6 @@ - diff --git a/xml/schema/oscal_profile_schema.xsd b/xml/schema/oscal_profile_schema.xsd index f0c361d9a1..44b4def413 100644 --- a/xml/schema/oscal_profile_schema.xsd +++ b/xml/schema/oscal_profile_schema.xsd @@ -2187,13 +2187,13 @@ - - - - - - - + + + + + + + @@ -2202,16 +2202,11 @@ - - - - - - + - The content model is the same as inlineType, but line endings need + The content model is the same as inlineMarkupType, but line endings need to be preserved, since this is preformatted. @@ -2248,7 +2243,7 @@ - + @@ -2262,6 +2257,11 @@ + + + + + @@ -2271,31 +2271,21 @@ - - - - - - - - - - - - - - + + + + + + + + + - - - - - @@ -2303,7 +2293,6 @@ - diff --git a/xml/schema/oscal_ssp_schema.xsd b/xml/schema/oscal_ssp_schema.xsd index d69f923a8b..c562b24c2d 100644 --- a/xml/schema/oscal_ssp_schema.xsd +++ b/xml/schema/oscal_ssp_schema.xsd @@ -24,10 +24,10 @@ System Security Plan (SSP) - A system security plan, such as those described in NIST SP 800-18 + A system security plan, such as those described in NIST SP 800-18. - System Security Plan (SSP): A system security plan, such as those described in NIST SP 800-18 + System Security Plan (SSP): A system security plan, such as those described in NIST SP 800-18. Security Sensitivity Level - The overall information system sensitivity categorization, such as defined by FIPS-199. + The overall information system sensitivity categorization, such as defined by FIPS-199. - Security Sensitivity Level: The overall information system sensitivity categorization, such as defined by FIPS-199. + Security Sensitivity Level: The overall information system sensitivity categorization, such as defined by FIPS-199. @@ -228,10 +228,10 @@ System Information - Contains details about all information types that are stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. + Contains details about all information types that are stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. - System Information: Contains details about all information types that are stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. + System Information: Contains details about all information types that are stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. Information Type - Contains details about one information type that is stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. + Contains details about one information type that is stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. - Information Type: Contains details about one information type that is stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. + Information Type: Contains details about one information type that is stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60. @@ -782,10 +782,10 @@ Leveraged Authorization - A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a common control provider. + A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a common control provider. - Leveraged Authorization: A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a common control provider. + Leveraged Authorization: A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a common control provider. @@ -3629,13 +3629,13 @@ - - - - - - - + + + + + + + @@ -3644,16 +3644,11 @@ - - - - - - + - The content model is the same as inlineType, but line endings need + The content model is the same as inlineMarkupType, but line endings need to be preserved, since this is preformatted. @@ -3690,7 +3685,7 @@ - + @@ -3704,6 +3699,11 @@ + + + + + @@ -3713,31 +3713,21 @@ - - - - - - - - - - - - - - + + + + + + + + + - - - - - @@ -3745,7 +3735,6 @@ - From 295c6096d25badb2ba46b72d480c151dc5327f9b Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Tue, 1 Nov 2022 15:48:28 -0400 Subject: [PATCH 101/138] Added resource-fragment flag to link. (#1527) Defined a constraint to validate the allowed characters for a fragment. Resolves #756. --- src/metaschema/oscal_metadata_metaschema.xml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/metaschema/oscal_metadata_metaschema.xml b/src/metaschema/oscal_metadata_metaschema.xml index aedd79902f..9be2da76e0 100644 --- a/src/metaschema/oscal_metadata_metaschema.xml +++ b/src/metaschema/oscal_metadata_metaschema.xml @@ -776,6 +776,10 @@

    The media-type provides a hint about the content model of the referenced resource. A valid entry from the IANA Media Types registry SHOULD be used.

    + + Resource Fragment + In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded. + Link Text @@ -794,6 +798,11 @@ + + +

    This pattern is based on the fragment Augmented Backus-Naur form (ABNF) syntax provided in [RFC3986 section 3.5](https://www.rfc-editor.org/rfc/rfc3986#section-3.5). Uppercase alpha hex digits are required, which is the preferred normalized form defined in RFC3986.

    +
    +

    To provide a cryptographic hash for a remote target resource, a local reference to a back matter resource is needed. The resource allows one or more hash values to be provided using the rlink/hash object.

    From 1a6f5cdee609790b75ef9360b6b93f8c361ada97 Mon Sep 17 00:00:00 2001 From: OSCAL GitHub Actions Bot Date: Tue, 1 Nov 2022 19:53:03 +0000 Subject: [PATCH 102/138] Publishing generated metaschema resources [ci skip] --- ...oscal_assessment-plan_xml-to-json-converter.xsl | 12 ++++++++++++ ...al_assessment-results_xml-to-json-converter.xsl | 12 ++++++++++++ .../oscal_catalog_xml-to-json-converter.xsl | 12 ++++++++++++ .../oscal_complete_xml-to-json-converter.xsl | 12 ++++++++++++ .../oscal_component_xml-to-json-converter.xsl | 12 ++++++++++++ .../oscal_mapping_xml-to-json-converter.xsl | 12 ++++++++++++ json/convert/oscal_poam_xml-to-json-converter.xsl | 12 ++++++++++++ .../oscal_profile_xml-to-json-converter.xsl | 12 ++++++++++++ json/convert/oscal_ssp_xml-to-json-converter.xsl | 12 ++++++++++++ json/schema/oscal_assessment-plan_schema.json | 4 ++++ json/schema/oscal_assessment-results_schema.json | 4 ++++ json/schema/oscal_catalog_schema.json | 4 ++++ json/schema/oscal_complete_schema.json | 4 ++++ json/schema/oscal_component_schema.json | 4 ++++ json/schema/oscal_mapping_schema.json | 4 ++++ json/schema/oscal_poam_schema.json | 4 ++++ json/schema/oscal_profile_schema.json | 4 ++++ json/schema/oscal_ssp_schema.json | 4 ++++ ...oscal_assessment-plan_json-to-xml-converter.xsl | 14 ++++++++++++++ ...al_assessment-results_json-to-xml-converter.xsl | 14 ++++++++++++++ .../oscal_catalog_json-to-xml-converter.xsl | 14 ++++++++++++++ .../oscal_complete_json-to-xml-converter.xsl | 14 ++++++++++++++ .../oscal_component_json-to-xml-converter.xsl | 14 ++++++++++++++ .../oscal_mapping_json-to-xml-converter.xsl | 14 ++++++++++++++ xml/convert/oscal_poam_json-to-xml-converter.xsl | 14 ++++++++++++++ .../oscal_profile_json-to-xml-converter.xsl | 14 ++++++++++++++ xml/convert/oscal_ssp_json-to-xml-converter.xsl | 14 ++++++++++++++ xml/schema/oscal_assessment-plan_schema.xsd | 10 ++++++++++ xml/schema/oscal_assessment-results_schema.xsd | 10 ++++++++++ xml/schema/oscal_catalog_schema.xsd | 10 ++++++++++ xml/schema/oscal_complete_schema.xsd | 10 ++++++++++ xml/schema/oscal_component_schema.xsd | 10 ++++++++++ xml/schema/oscal_mapping_schema.xsd | 10 ++++++++++ xml/schema/oscal_poam_schema.xsd | 10 ++++++++++ xml/schema/oscal_profile_schema.xsd | 10 ++++++++++ xml/schema/oscal_ssp_schema.xsd | 10 ++++++++++ 36 files changed, 360 insertions(+) diff --git a/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl b/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl index 945939c9c0..cbede8b29b 100644 --- a/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl +++ b/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl @@ -206,6 +206,7 @@ +
    @@ -1161,6 +1162,17 @@ + + + + + diff --git a/json/convert/oscal_assessment-results_xml-to-json-converter.xsl b/json/convert/oscal_assessment-results_xml-to-json-converter.xsl index be7cfcf1a4..dcd71a01d5 100644 --- a/json/convert/oscal_assessment-results_xml-to-json-converter.xsl +++ b/json/convert/oscal_assessment-results_xml-to-json-converter.xsl @@ -198,6 +198,7 @@ + @@ -1619,6 +1620,17 @@ + + + + + diff --git a/json/convert/oscal_catalog_xml-to-json-converter.xsl b/json/convert/oscal_catalog_xml-to-json-converter.xsl index 085a74e5d0..ae5a55e6aa 100644 --- a/json/convert/oscal_catalog_xml-to-json-converter.xsl +++ b/json/convert/oscal_catalog_xml-to-json-converter.xsl @@ -208,6 +208,7 @@ + @@ -823,6 +824,17 @@ + + + + + diff --git a/json/convert/oscal_complete_xml-to-json-converter.xsl b/json/convert/oscal_complete_xml-to-json-converter.xsl index 01e535d7a1..d346032432 100644 --- a/json/convert/oscal_complete_xml-to-json-converter.xsl +++ b/json/convert/oscal_complete_xml-to-json-converter.xsl @@ -208,6 +208,7 @@ + @@ -3021,6 +3022,17 @@ + + + + + diff --git a/json/convert/oscal_component_xml-to-json-converter.xsl b/json/convert/oscal_component_xml-to-json-converter.xsl index 5129c9c652..d3d5d4c994 100644 --- a/json/convert/oscal_component_xml-to-json-converter.xsl +++ b/json/convert/oscal_component_xml-to-json-converter.xsl @@ -210,6 +210,7 @@ + @@ -628,6 +629,17 @@ + + + + + diff --git a/json/convert/oscal_mapping_xml-to-json-converter.xsl b/json/convert/oscal_mapping_xml-to-json-converter.xsl index 2c0f37edf5..c186dc483d 100644 --- a/json/convert/oscal_mapping_xml-to-json-converter.xsl +++ b/json/convert/oscal_mapping_xml-to-json-converter.xsl @@ -196,6 +196,7 @@ + @@ -600,6 +601,17 @@ + + + + + diff --git a/json/convert/oscal_poam_xml-to-json-converter.xsl b/json/convert/oscal_poam_xml-to-json-converter.xsl index cd4be00cc8..0aaed8f182 100644 --- a/json/convert/oscal_poam_xml-to-json-converter.xsl +++ b/json/convert/oscal_poam_xml-to-json-converter.xsl @@ -220,6 +220,7 @@ + @@ -1272,6 +1273,17 @@ + + + + + diff --git a/json/convert/oscal_profile_xml-to-json-converter.xsl b/json/convert/oscal_profile_xml-to-json-converter.xsl index 96cd596adf..a9a575ca34 100644 --- a/json/convert/oscal_profile_xml-to-json-converter.xsl +++ b/json/convert/oscal_profile_xml-to-json-converter.xsl @@ -196,6 +196,7 @@ + @@ -748,6 +749,17 @@ + + + + + diff --git a/json/convert/oscal_ssp_xml-to-json-converter.xsl b/json/convert/oscal_ssp_xml-to-json-converter.xsl index 4e6dbcd3a6..6a3402a748 100644 --- a/json/convert/oscal_ssp_xml-to-json-converter.xsl +++ b/json/convert/oscal_ssp_xml-to-json-converter.xsl @@ -193,6 +193,7 @@ + @@ -1113,6 +1114,17 @@ + + + + + diff --git a/json/schema/oscal_assessment-plan_schema.json b/json/schema/oscal_assessment-plan_schema.json index fba22cf4d9..79ffb9845c 100644 --- a/json/schema/oscal_assessment-plan_schema.json +++ b/json/schema/oscal_assessment-plan_schema.json @@ -531,6 +531,10 @@ { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, + "resource-fragment" : + { "title" : "Resource Fragment", + "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", + "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", diff --git a/json/schema/oscal_assessment-results_schema.json b/json/schema/oscal_assessment-results_schema.json index 47b059de4b..8116a32f3b 100644 --- a/json/schema/oscal_assessment-results_schema.json +++ b/json/schema/oscal_assessment-results_schema.json @@ -684,6 +684,10 @@ { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, + "resource-fragment" : + { "title" : "Resource Fragment", + "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", + "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", diff --git a/json/schema/oscal_catalog_schema.json b/json/schema/oscal_catalog_schema.json index 361f9fe091..d84d001c30 100644 --- a/json/schema/oscal_catalog_schema.json +++ b/json/schema/oscal_catalog_schema.json @@ -785,6 +785,10 @@ { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, + "resource-fragment" : + { "title" : "Resource Fragment", + "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", + "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", diff --git a/json/schema/oscal_complete_schema.json b/json/schema/oscal_complete_schema.json index 90d7334ed1..62168e689e 100644 --- a/json/schema/oscal_complete_schema.json +++ b/json/schema/oscal_complete_schema.json @@ -785,6 +785,10 @@ { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, + "resource-fragment" : + { "title" : "Resource Fragment", + "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", + "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", diff --git a/json/schema/oscal_component_schema.json b/json/schema/oscal_component_schema.json index 8f3e0c7523..7cb628a8b2 100644 --- a/json/schema/oscal_component_schema.json +++ b/json/schema/oscal_component_schema.json @@ -1076,6 +1076,10 @@ { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, + "resource-fragment" : + { "title" : "Resource Fragment", + "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", + "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", diff --git a/json/schema/oscal_mapping_schema.json b/json/schema/oscal_mapping_schema.json index b0b946b972..f51f56c2f4 100644 --- a/json/schema/oscal_mapping_schema.json +++ b/json/schema/oscal_mapping_schema.json @@ -504,6 +504,10 @@ { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, + "resource-fragment" : + { "title" : "Resource Fragment", + "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", + "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", diff --git a/json/schema/oscal_poam_schema.json b/json/schema/oscal_poam_schema.json index 889674ec71..7398ac6908 100644 --- a/json/schema/oscal_poam_schema.json +++ b/json/schema/oscal_poam_schema.json @@ -612,6 +612,10 @@ { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, + "resource-fragment" : + { "title" : "Resource Fragment", + "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", + "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", diff --git a/json/schema/oscal_profile_schema.json b/json/schema/oscal_profile_schema.json index 9dd4defa63..0ebefb294e 100644 --- a/json/schema/oscal_profile_schema.json +++ b/json/schema/oscal_profile_schema.json @@ -839,6 +839,10 @@ { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, + "resource-fragment" : + { "title" : "Resource Fragment", + "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", + "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", diff --git a/json/schema/oscal_ssp_schema.json b/json/schema/oscal_ssp_schema.json index 3ba4fd1c6f..2024ee90c7 100644 --- a/json/schema/oscal_ssp_schema.json +++ b/json/schema/oscal_ssp_schema.json @@ -1278,6 +1278,10 @@ { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, + "resource-fragment" : + { "title" : "Resource Fragment", + "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", + "$ref" : "#/definitions/StringDatatype" }, "text" : { "title" : "Link Text", "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", diff --git a/xml/convert/oscal_assessment-plan_json-to-xml-converter.xsl b/xml/convert/oscal_assessment-plan_json-to-xml-converter.xsl index 3ea58b7e68..1739107d70 100644 --- a/xml/convert/oscal_assessment-plan_json-to-xml-converter.xsl +++ b/xml/convert/oscal_assessment-plan_json-to-xml-converter.xsl @@ -154,6 +154,7 @@ + @@ -721,6 +722,19 @@ + + + + + + + @@ -947,6 +948,19 @@ + + + + + + + @@ -540,6 +541,19 @@ + + + + + + + @@ -1654,6 +1655,19 @@ + + + + + + + @@ -472,6 +473,19 @@ + + + + + + + @@ -463,6 +464,19 @@ + + + + + + + @@ -792,6 +793,19 @@ + + + + + + + @@ -530,6 +531,19 @@ + + + + + + + @@ -749,6 +750,19 @@ + + + + + + Media Type: A label that indicates the nature of a resource, as a data serialization or format. + + + + Resource Fragment + In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded. + + + Resource Fragment: In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded. + + diff --git a/xml/schema/oscal_assessment-results_schema.xsd b/xml/schema/oscal_assessment-results_schema.xsd index 2f89901774..b7394751b6 100644 --- a/xml/schema/oscal_assessment-results_schema.xsd +++ b/xml/schema/oscal_assessment-results_schema.xsd @@ -1260,6 +1260,16 @@ Media Type: A label that indicates the nature of a resource, as a data serialization or format. + + + + Resource Fragment + In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded. + + + Resource Fragment: In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded. + + diff --git a/xml/schema/oscal_catalog_schema.xsd b/xml/schema/oscal_catalog_schema.xsd index 4d087b5dbb..2b3be75443 100644 --- a/xml/schema/oscal_catalog_schema.xsd +++ b/xml/schema/oscal_catalog_schema.xsd @@ -1401,6 +1401,16 @@ Media Type: A label that indicates the nature of a resource, as a data serialization or format. + + + + Resource Fragment + In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded. + + + Resource Fragment: In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded. + + diff --git a/xml/schema/oscal_complete_schema.xsd b/xml/schema/oscal_complete_schema.xsd index 5fcac80033..8ff3727eb8 100644 --- a/xml/schema/oscal_complete_schema.xsd +++ b/xml/schema/oscal_complete_schema.xsd @@ -1408,6 +1408,16 @@ Media Type: A label that indicates the nature of a resource, as a data serialization or format. + + + + Resource Fragment + In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded. + + + Resource Fragment: In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded. + + diff --git a/xml/schema/oscal_component_schema.xsd b/xml/schema/oscal_component_schema.xsd index 7ac87e9746..87b5a07b8a 100644 --- a/xml/schema/oscal_component_schema.xsd +++ b/xml/schema/oscal_component_schema.xsd @@ -1965,6 +1965,16 @@ Media Type: A label that indicates the nature of a resource, as a data serialization or format. + + + + Resource Fragment + In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded. + + + Resource Fragment: In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded. + + diff --git a/xml/schema/oscal_mapping_schema.xsd b/xml/schema/oscal_mapping_schema.xsd index 84a1cce3e7..64d91d239e 100644 --- a/xml/schema/oscal_mapping_schema.xsd +++ b/xml/schema/oscal_mapping_schema.xsd @@ -926,6 +926,16 @@ Media Type: A label that indicates the nature of a resource, as a data serialization or format. + + + + Resource Fragment + In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded. + + + Resource Fragment: In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded. + + diff --git a/xml/schema/oscal_poam_schema.xsd b/xml/schema/oscal_poam_schema.xsd index 2387f2a9c2..86c5c58707 100644 --- a/xml/schema/oscal_poam_schema.xsd +++ b/xml/schema/oscal_poam_schema.xsd @@ -1111,6 +1111,16 @@ Media Type: A label that indicates the nature of a resource, as a data serialization or format. + + + + Resource Fragment + In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded. + + + Resource Fragment: In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded. + + diff --git a/xml/schema/oscal_profile_schema.xsd b/xml/schema/oscal_profile_schema.xsd index 44b4def413..5a41033b53 100644 --- a/xml/schema/oscal_profile_schema.xsd +++ b/xml/schema/oscal_profile_schema.xsd @@ -1449,6 +1449,16 @@ Media Type: A label that indicates the nature of a resource, as a data serialization or format. + + + + Resource Fragment + In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded. + + + Resource Fragment: In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded. + + diff --git a/xml/schema/oscal_ssp_schema.xsd b/xml/schema/oscal_ssp_schema.xsd index c562b24c2d..83cfde0916 100644 --- a/xml/schema/oscal_ssp_schema.xsd +++ b/xml/schema/oscal_ssp_schema.xsd @@ -2288,6 +2288,16 @@ Media Type: A label that indicates the nature of a resource, as a data serialization or format. + + + + Resource Fragment + In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded. + + + Resource Fragment: In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded. + + From 1ac9ce6796a31e424e77a7e24868f97533e164de Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 2 Nov 2022 10:20:11 -0400 Subject: [PATCH 103/138] Bump golang from 1.19.2-bullseye to 1.19.3-bullseye in /build (#1538) Bumps golang from 1.19.2-bullseye to 1.19.3-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- build/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/Dockerfile b/build/Dockerfile index 339c36c426..c89037c3e8 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -11,7 +11,7 @@ RUN apt-get install -y \ apt-utils build-essential git jq libxml2-utils maven nodejs npm python3-pip unzip wget && \ apt-get clean -FROM golang:1.19.2-bullseye as oscal-hugo-build +FROM golang:1.19.3-bullseye as oscal-hugo-build RUN mkdir -p /go/src/github.com/usnistgov/OSCAL/build From 39b9d8e97496871e7bb489142599b4509600f8c5 Mon Sep 17 00:00:00 2001 From: Chris Compton Date: Wed, 2 Nov 2022 10:57:45 -0500 Subject: [PATCH 104/138] Adds a constraint and index of by-component objects to support provided-by relation in links #1022 (#1452) * Adds a constraint and index of by-component objects to support provided-by relation in links #1022 * Fix path in by-component-export-provided-uuid index to include statement level. --- src/metaschema/oscal_ssp_metaschema.xml | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/src/metaschema/oscal_ssp_metaschema.xml b/src/metaschema/oscal_ssp_metaschema.xml index 5de374351d..a7bb0a1294 100644 --- a/src/metaschema/oscal_ssp_metaschema.xml +++ b/src/metaschema/oscal_ssp_metaschema.xml @@ -45,6 +45,11 @@
    + + + + + @@ -672,7 +677,7 @@

    Since multiple set-parameter entries can be provided, each parameter must be set only once.

    - + @@ -1042,6 +1047,13 @@

    Since multiple set-parameter entries can be provided, each parameter must be set only once.

    + + + A reference to the UUID of a control or statement by-component object that is used as evidence of implementation. + + + +

    Use of set-parameter in this context, sets the parameter for the control referenced in the containing implemented-requirement applied to the referenced component. If the by-component is used as a child of a statement, then the parameter value also applies only in the context of the referenced statement. If the same parameter is also set in the control-implementation or a specific implemented-requirement, then this by-component/set-parameter value will override the other value(s) in the context of the referenced component, control, and statement (if parent).

    From c24dd1ef839d3a7399aa6f95afbe4bd158ff1be9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 7 Dec 2022 00:28:51 -0500 Subject: [PATCH 105/138] Bump actions/setup-java from 3.6.0 to 3.7.0 (#1566) Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3.6.0 to 3.7.0. - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](https://github.com/actions/setup-java/compare/de1bb2b0c5634f0fc4438d7aa9944e68f9bf86cc...19eeec562b37d29a1ad055b7de9c280bd0906d8d) --- updated-dependencies: - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-metaschema-resources.yml | 2 +- .github/workflows/workflow-generate-website-reference.yml | 2 +- .github/workflows/workflow-generate-website.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/workflow-generate-metaschema-resources.yml b/.github/workflows/workflow-generate-metaschema-resources.yml index e8a3c118af..91060668af 100644 --- a/.github/workflows/workflow-generate-metaschema-resources.yml +++ b/.github/workflows/workflow-generate-metaschema-resources.yml @@ -66,7 +66,7 @@ jobs: # ------------------------- # Java JDK 11 - name: Set up JDK - uses: actions/setup-java@de1bb2b0c5634f0fc4438d7aa9944e68f9bf86cc + uses: actions/setup-java@19eeec562b37d29a1ad055b7de9c280bd0906d8d with: java-version: 11 distribution: 'temurin' diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index 65f87a6493..6403a8f476 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -82,7 +82,7 @@ jobs: # ------------------------- # Java JDK 11 - name: Set up JDK - uses: actions/setup-java@de1bb2b0c5634f0fc4438d7aa9944e68f9bf86cc + uses: actions/setup-java@19eeec562b37d29a1ad055b7de9c280bd0906d8d with: java-version: 11 distribution: 'temurin' diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index cc937b8fd1..935c4bbf49 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -76,7 +76,7 @@ jobs: # ------------------------- # Java JDK 11 - name: Set up JDK - uses: actions/setup-java@de1bb2b0c5634f0fc4438d7aa9944e68f9bf86cc + uses: actions/setup-java@19eeec562b37d29a1ad055b7de9c280bd0906d8d with: java-version: 11 distribution: 'temurin' From d104822efd480ae9bb67a6047592e82098984ec5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 7 Dec 2022 00:29:24 -0500 Subject: [PATCH 106/138] Bump ncipollo/release-action from 1.11.0 to 1.11.2 (#1565) Bumps [ncipollo/release-action](https://github.com/ncipollo/release-action) from 1.11.0 to 1.11.2. - [Release notes](https://github.com/ncipollo/release-action/releases) - [Commits](https://github.com/ncipollo/release-action/compare/d9356040b0dc694f6d006b6cabee4d3c024f9e72...18eadf9c9b0f226f47f164f5373c6a44f0aae169) --- updated-dependencies: - dependency-name: ncipollo/release-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/package-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/package-release.yml b/.github/workflows/package-release.yml index a68765e6ee..5ba1544b16 100644 --- a/.github/workflows/package-release.yml +++ b/.github/workflows/package-release.yml @@ -45,7 +45,7 @@ jobs: ${{ env.OSCAL_WORKING_PATH }}/${{ env.RELEASE_NAME }}.tar.bz2 ${{ env.OSCAL_WORKING_PATH }}/${{ env.RELEASE_NAME }}.zip retention-days: 5 - - uses: ncipollo/release-action@d9356040b0dc694f6d006b6cabee4d3c024f9e72 + - uses: ncipollo/release-action@18eadf9c9b0f226f47f164f5373c6a44f0aae169 with: name: OSCAL ${{ env.RELEASE_VERSION }} Release allowUpdates: false From f12ffb33f517f191a3762ef0843536bfab603d70 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 7 Dec 2022 00:29:49 -0500 Subject: [PATCH 107/138] Bump actions/setup-go from 3.3.1 to 3.4.0 (#1564) Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.3.1 to 3.4.0. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/c4a742cab115ed795e34d4513e2cf7d472deb55f...d0a58c1c4d2b25278816e339b944508c875f3613) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-website-reference.yml | 2 +- .github/workflows/workflow-generate-website.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index 6403a8f476..4a8187f5e5 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -105,7 +105,7 @@ jobs: echo "/home/runner/go/bin" >> $GITHUB_PATH - name: Setup Golang if: steps.cache-hugo.outputs.cache-hit != 'true' - uses: actions/setup-go@c4a742cab115ed795e34d4513e2cf7d472deb55f + uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613 with: go-version-file: '${{ env.BRANCH_PATH }}/build/go.mod' cache: true diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index 935c4bbf49..ef81bbc9e6 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -115,7 +115,7 @@ jobs: echo "/home/runner/go/bin" >> $GITHUB_PATH - name: Setup Golang if: steps.cache-hugo.outputs.cache-hit != 'true' - uses: actions/setup-go@c4a742cab115ed795e34d4513e2cf7d472deb55f + uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613 with: go-version-file: '${{ env.BUILD_PATH }}/go.mod' cache: true From 05a6b8aa94bfd0b524cfd42d5c7bd45e9b284889 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 7 Dec 2022 00:30:16 -0500 Subject: [PATCH 108/138] Bump stefanzweifel/git-auto-commit-action from 4.15.3 to 4.16.0 (#1563) Bumps [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action) from 4.15.3 to 4.16.0. - [Release notes](https://github.com/stefanzweifel/git-auto-commit-action/releases) - [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md) - [Commits](https://github.com/stefanzweifel/git-auto-commit-action/compare/0049e3fa4059ca715255fbbcb7dea4516f02ce0a...3ea6ae190baf489ba007f7c92608f33ce20ef04a) --- updated-dependencies: - dependency-name: stefanzweifel/git-auto-commit-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-metaschema-resources.yml | 2 +- .github/workflows/workflow-generate-website-reference.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-metaschema-resources.yml b/.github/workflows/workflow-generate-metaschema-resources.yml index 91060668af..44de499c4e 100644 --- a/.github/workflows/workflow-generate-metaschema-resources.yml +++ b/.github/workflows/workflow-generate-metaschema-resources.yml @@ -142,7 +142,7 @@ jobs: - name: Publish Schemas and Converters # only do this on master if: github.event.inputs.commit_resources == 'true' || inputs.commit_resources == true - uses: stefanzweifel/git-auto-commit-action@0049e3fa4059ca715255fbbcb7dea4516f02ce0a + uses: stefanzweifel/git-auto-commit-action@3ea6ae190baf489ba007f7c92608f33ce20ef04a with: repository: ${{ env.CHECKOUT_PATH }} file_pattern: xml json diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index 4a8187f5e5..5983867e9a 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -158,7 +158,7 @@ jobs: - name: Publish Generated Pages # only do this on master if: github.event.inputs.commit_resources == 'true' || inputs.commit_resources == true - uses: stefanzweifel/git-auto-commit-action@0049e3fa4059ca715255fbbcb7dea4516f02ce0a + uses: stefanzweifel/git-auto-commit-action@3ea6ae190baf489ba007f7c92608f33ce20ef04a with: repository: ${{ env.MAIN_PATH }} file_pattern: docs From 0e29a87a2c1989ebc5ced7a400ca30bbd642722f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 7 Dec 2022 00:30:43 -0500 Subject: [PATCH 109/138] Bump maven-dependency-plugin from 3.3.0 to 3.4.0 in /build (#1562) Bumps [maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin) from 3.3.0 to 3.4.0. - [Release notes](https://github.com/apache/maven-dependency-plugin/releases) - [Commits](https://github.com/apache/maven-dependency-plugin/compare/maven-dependency-plugin-3.3.0...maven-dependency-plugin-3.4.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-dependency-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- build/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/pom.xml b/build/pom.xml index b0b54f10cb..4363500fc7 100644 --- a/build/pom.xml +++ b/build/pom.xml @@ -48,7 +48,7 @@ org.apache.maven.plugins maven-dependency-plugin - 3.3.0 + 3.4.0 copy-dependencies From 672df8e2ae68490492cbe3c5555970fcfda848da Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 7 Dec 2022 00:31:13 -0500 Subject: [PATCH 110/138] Bump github.com/gohugoio/hugo from 0.105.0 to 0.107.0 in /build (#1558) Bumps [github.com/gohugoio/hugo](https://github.com/gohugoio/hugo) from 0.105.0 to 0.107.0. - [Release notes](https://github.com/gohugoio/hugo/releases) - [Changelog](https://github.com/gohugoio/hugo/blob/master/hugoreleaser.toml) - [Commits](https://github.com/gohugoio/hugo/compare/v0.105.0...v0.107.0) --- updated-dependencies: - dependency-name: github.com/gohugoio/hugo dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- build/go.mod | 34 ++++++++++++------------ build/go.sum | 74 ++++++++++++++++++++++++++++------------------------ 2 files changed, 57 insertions(+), 51 deletions(-) diff --git a/build/go.mod b/build/go.mod index acd654e3df..34a47a940e 100644 --- a/build/go.mod +++ b/build/go.mod @@ -2,7 +2,7 @@ module github.com/usnistgov/OSCAL/build go 1.18 -require github.com/gohugoio/hugo v0.105.0 +require github.com/gohugoio/hugo v0.107.0 require ( cloud.google.com/go v0.101.0 // indirect @@ -20,7 +20,7 @@ require ( github.com/BurntSushi/locker v0.0.0-20171006230638-a6e239ea1c69 // indirect github.com/PuerkitoBio/purell v1.1.1 // indirect github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect - github.com/alecthomas/chroma/v2 v2.3.0 // indirect + github.com/alecthomas/chroma/v2 v2.4.0 // indirect github.com/armon/go-radix v1.0.0 // indirect github.com/aws/aws-sdk-go v1.43.5 // indirect github.com/aws/aws-sdk-go-v2 v1.9.0 // indirect @@ -38,19 +38,19 @@ require ( github.com/bep/goat v0.5.0 // indirect github.com/bep/godartsass v0.14.0 // indirect github.com/bep/golibsass v1.1.0 // indirect - github.com/bep/gowebp v0.1.0 // indirect + github.com/bep/gowebp v0.2.0 // indirect github.com/bep/overlayfs v0.6.0 // indirect github.com/bep/tmc v0.5.1 // indirect - github.com/clbanning/mxj/v2 v2.5.6 // indirect + github.com/clbanning/mxj/v2 v2.5.7 // indirect github.com/cli/safeexec v1.0.0 // indirect github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect github.com/disintegration/gift v1.2.1 // indirect - github.com/dlclark/regexp2 v1.4.0 // indirect + github.com/dlclark/regexp2 v1.7.0 // indirect github.com/dustin/go-humanize v1.0.0 // indirect - github.com/evanw/esbuild v0.15.12 // indirect - github.com/frankban/quicktest v1.14.3 // indirect + github.com/evanw/esbuild v0.15.15 // indirect + github.com/frankban/quicktest v1.14.4 // indirect github.com/fsnotify/fsnotify v1.6.0 // indirect - github.com/getkin/kin-openapi v0.107.0 // indirect + github.com/getkin/kin-openapi v0.109.0 // indirect github.com/ghodss/yaml v1.0.0 // indirect github.com/go-openapi/jsonpointer v0.19.5 // indirect github.com/go-openapi/swag v0.19.5 // indirect @@ -62,7 +62,7 @@ require ( github.com/golang-jwt/jwt/v4 v4.0.0 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.2 // indirect - github.com/google/go-cmp v0.5.8 // indirect + github.com/google/go-cmp v0.5.9 // indirect github.com/google/uuid v1.3.0 // indirect github.com/google/wire v0.5.0 // indirect github.com/googleapis/gax-go/v2 v2.3.0 // indirect @@ -73,7 +73,7 @@ require ( github.com/invopop/yaml v0.1.0 // indirect github.com/jdkato/prose v1.2.1 // indirect github.com/jmespath/go-jmespath v0.4.0 // indirect - github.com/kr/pretty v0.3.0 // indirect + github.com/kr/pretty v0.3.1 // indirect github.com/kr/text v0.2.0 // indirect github.com/kyokomi/emoji/v2 v2.2.10 // indirect github.com/magefile/mage v1.14.0 // indirect @@ -88,12 +88,12 @@ require ( github.com/muesli/smartcrop v0.3.0 // indirect github.com/niklasfasching/go-org v1.6.5 // indirect github.com/olekukonko/tablewriter v0.0.5 // indirect - github.com/pelletier/go-toml/v2 v2.0.4 // indirect + github.com/pelletier/go-toml/v2 v2.0.6 // indirect github.com/rogpeppe/go-internal v1.9.0 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/rwcarlsen/goexif v0.0.0-20190401172101-9e8deecbddbd // indirect github.com/sanity-io/litter v1.5.5 // indirect - github.com/spf13/afero v1.9.2 // indirect + github.com/spf13/afero v1.9.3 // indirect github.com/spf13/cast v1.5.0 // indirect github.com/spf13/cobra v1.6.1 // indirect github.com/spf13/fsync v0.9.0 // indirect @@ -101,18 +101,18 @@ require ( github.com/spf13/pflag v1.0.5 // indirect github.com/tdewolff/minify/v2 v2.12.4 // indirect github.com/tdewolff/parse/v2 v2.6.4 // indirect - github.com/yuin/goldmark v1.5.2 // indirect + github.com/yuin/goldmark v1.5.3 // indirect go.opencensus.io v0.23.0 // indirect go.uber.org/atomic v1.10.0 // indirect gocloud.dev v0.24.0 // indirect golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa // indirect golang.org/x/image v0.0.0-20211028202545-6944b10bf410 // indirect - golang.org/x/net v0.1.0 // indirect + golang.org/x/net v0.2.0 // indirect golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5 // indirect - golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 // indirect - golang.org/x/sys v0.1.0 // indirect + golang.org/x/sync v0.1.0 // indirect + golang.org/x/sys v0.2.0 // indirect golang.org/x/text v0.4.0 // indirect - golang.org/x/tools v0.2.0 // indirect + golang.org/x/tools v0.3.0 // indirect golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f // indirect google.golang.org/api v0.76.0 // indirect google.golang.org/appengine v1.6.7 // indirect diff --git a/build/go.sum b/build/go.sum index 433aa24482..b4b0f9734b 100644 --- a/build/go.sum +++ b/build/go.sum @@ -131,8 +131,9 @@ github.com/PuerkitoBio/purell v1.1.1 h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tN github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV/sSk/8dngufqelfh6jnri85riMAaF/M= github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= -github.com/alecthomas/chroma/v2 v2.3.0 h1:83xfxrnjv8eK+Cf8qZDzNo3PPF9IbTWHs7z28GY6D0U= -github.com/alecthomas/chroma/v2 v2.3.0/go.mod h1:mZxeWZlxP2Dy+/8cBob2PYd8O2DwNAzave5AY7A2eQw= +github.com/alecthomas/assert/v2 v2.2.0 h1:f6L/b7KE2bfA+9O4FL3CM/xJccDEwPVYd5fALBiuwvw= +github.com/alecthomas/chroma/v2 v2.4.0 h1:Loe2ZjT5x3q1bcWwemqyqEi8p11/IV/ncFCeLYDpWC4= +github.com/alecthomas/chroma/v2 v2.4.0/go.mod h1:6kHzqF5O6FUSJzBXW7fXELjb+e+7OXW4UpoPqMO7IBQ= github.com/alecthomas/repr v0.1.0 h1:ENn2e1+J3k09gyj2shc0dHr/yjaWSHRlrJ4DPMevDqE= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= @@ -176,8 +177,8 @@ github.com/bep/godartsass v0.14.0 h1:pPb6XkpyDEppS+wK0veh7OXDQc4xzOJI9Qcjb743UeQ github.com/bep/godartsass v0.14.0/go.mod h1:6LvK9RftsXMxGfsA0LDV12AGc4Jylnu6NgHL+Q5/pE8= github.com/bep/golibsass v1.1.0 h1:pjtXr00IJZZaOdfryNa9wARTB3Q0BmxC3/V1KNcgyTw= github.com/bep/golibsass v1.1.0/go.mod h1:DL87K8Un/+pWUS75ggYv41bliGiolxzDKWJAq3eJ1MA= -github.com/bep/gowebp v0.1.0 h1:4/iQpfnxHyXs3x/aTxMMdOpLEQQhFmF6G7EieWPTQyo= -github.com/bep/gowebp v0.1.0/go.mod h1:ZhFodwdiFp8ehGJpF4LdPl6unxZm9lLFjxD3z2h2AgI= +github.com/bep/gowebp v0.2.0 h1:ZVfK8i9PpZqKHEmthQSt3qCnnHycbLzBPEsVtk2ch2Q= +github.com/bep/gowebp v0.2.0/go.mod h1:ZhFodwdiFp8ehGJpF4LdPl6unxZm9lLFjxD3z2h2AgI= github.com/bep/overlayfs v0.6.0 h1:sgLcq/qtIzbaQNl2TldGXOkHvqeZB025sPvHOQL+DYo= github.com/bep/overlayfs v0.6.0/go.mod h1:NFjSmn3kCqG7KX2Lmz8qT8VhPPCwZap3UNogXawoQHM= github.com/bep/tmc v0.5.1 h1:CsQnSC6MsomH64gw0cT5f+EwQDcvZz4AazKunFwTpuI= @@ -192,8 +193,8 @@ github.com/cheekybits/is v0.0.0-20150225183255-68e9c0620927/go.mod h1:h/aW8ynjgk github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/clbanning/mxj/v2 v2.5.6 h1:Jm4VaCI/+Ug5Q57IzEoZbwx4iQFA6wkXv72juUSeK+g= -github.com/clbanning/mxj/v2 v2.5.6/go.mod h1:hNiWqW14h+kc+MdF9C6/YoRfjEJoR3ou6tn/Qo+ve2s= +github.com/clbanning/mxj/v2 v2.5.7 h1:7q5lvUpaPF/WOkqgIDiwjBJaznaLCCBd78pi8ZyAnE0= +github.com/clbanning/mxj/v2 v2.5.7/go.mod h1:hNiWqW14h+kc+MdF9C6/YoRfjEJoR3ou6tn/Qo+ve2s= github.com/cli/safeexec v1.0.0 h1:0VngyaIyqACHdcMNWfo6+KdUYnqEr2Sg+bSP1pdF+dI= github.com/cli/safeexec v1.0.0/go.mod h1:Z/D4tTN8Vs5gXYHDCbaM1S/anmEDnJb1iW0+EJ5zx3Q= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= @@ -223,8 +224,8 @@ github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/ github.com/disintegration/gift v1.2.1 h1:Y005a1X4Z7Uc+0gLpSAsKhWi4qLtsdEcMIbbdvdZ6pc= github.com/disintegration/gift v1.2.1/go.mod h1:Jh2i7f7Q2BM7Ezno3PhfezbR1xpUg9dUg3/RlKGr4HI= github.com/djherbis/atime v1.1.0/go.mod h1:28OF6Y8s3NQWwacXc5eZTsEsiMzp7LF8MbXE+XJPdBE= -github.com/dlclark/regexp2 v1.4.0 h1:F1rxgk7p4uKjwIQxBs9oAXe5CqrXlCduYEJvrF4u93E= -github.com/dlclark/regexp2 v1.4.0/go.mod h1:2pZnwuY/m+8K6iRw6wQdMtk+rH5tNGR1i55kozfMjCc= +github.com/dlclark/regexp2 v1.7.0 h1:7lJfhqlPssTb1WQx4yvTHN0uElPEv52sbaECrAQxjAo= +github.com/dlclark/regexp2 v1.7.0/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8= github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo= github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= @@ -237,8 +238,8 @@ github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.m github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/evanw/esbuild v0.15.12 h1:iHf388QC9EOVrvxWkdCVwGRuS1pggH0E2GFbd7BFuWE= -github.com/evanw/esbuild v0.15.12/go.mod h1:iINY06rn799hi48UqEnaQvVfZWe6W9bET78LbvN8VWk= +github.com/evanw/esbuild v0.15.15 h1:8T3LwQ7vQV2AUdHb6EIQTUKp4f2lQpVW7ItoNZeT9UE= +github.com/evanw/esbuild v0.15.15/go.mod h1:iINY06rn799hi48UqEnaQvVfZWe6W9bET78LbvN8VWk= github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/fortytw2/leaktest v1.3.0 h1:u8491cBMTQ8ft8aeV+adlcytMZylmA5nnwwkRZjI8vw= github.com/fortytw2/leaktest v1.3.0/go.mod h1:jDsjWgpAGjm2CA7WthBh/CdZYEPF31XHquHwclZch5g= @@ -246,14 +247,14 @@ github.com/frankban/quicktest v1.4.1/go.mod h1:36zfPVQyHxymz4cH7wlDmVwDrJuljRB60 github.com/frankban/quicktest v1.7.2/go.mod h1:jaStnuzAqU1AJdCO0l53JDCJrVDKcS03DbaAcR7Ks/o= github.com/frankban/quicktest v1.13.0/go.mod h1:qLE0fzW0VuyUAJgPU19zByoIr0HtCHN/r/VLSOOIySU= github.com/frankban/quicktest v1.14.2/go.mod h1:mgiwOwqx65TmIk1wJ6Q7wvnVMocbUorkibMOrVTHZps= -github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE= -github.com/frankban/quicktest v1.14.3/go.mod h1:mgiwOwqx65TmIk1wJ6Q7wvnVMocbUorkibMOrVTHZps= +github.com/frankban/quicktest v1.14.4 h1:g2rn0vABPOOXmZUj+vbmUp0lPoXEMuhTpIluN0XL9UY= +github.com/frankban/quicktest v1.14.4/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5Ai1i3InKU= github.com/fsnotify/fsnotify v1.5.4/go.mod h1:OVB6XrOHzAwXMpEM7uPOzcehqUV2UqJxmVXmkdnm1bU= github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= -github.com/getkin/kin-openapi v0.107.0 h1:bxhL6QArW7BXQj8NjXfIJQy680NsMKd25nwhvpCXchg= -github.com/getkin/kin-openapi v0.107.0/go.mod h1:9Dhr+FasATJZjS4iOLvB0hkaxgYdulrNYm2e9epLWOo= +github.com/getkin/kin-openapi v0.109.0 h1:Cpb0PmIPFEV0LVvikEvfo3gw3rBMVSjJ57w15j+/A/U= +github.com/getkin/kin-openapi v0.109.0/go.mod h1:QtwUNt0PAAgIIBEvFWYfB7dfngxtAaqCX1zYHMZDeK8= github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI= @@ -281,8 +282,8 @@ github.com/gobwas/ws v1.0.2/go.mod h1:szmBTxLgaFppYjEmNtny/v3w89xOydFnnZMcgRRu/E github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/gohugoio/go-i18n/v2 v2.1.3-0.20210430103248-4c28c89f8013 h1:Nj29Qbkt0bZ/bJl8eccfxQp3NlU/0IW1v9eyYtQ53XQ= github.com/gohugoio/go-i18n/v2 v2.1.3-0.20210430103248-4c28c89f8013/go.mod h1:3Ltoo9Banwq0gOtcOwxuHG6omk+AwsQPADyw2vQYOJQ= -github.com/gohugoio/hugo v0.105.0 h1:bd7PZ0F9ZmhgughsttoEshJB/xIm/g7vRRMkyB9uyOE= -github.com/gohugoio/hugo v0.105.0/go.mod h1:NoyJmDUG6Rtdeyq1VSD5zT29NGzqhq5aBO3uF+GWjeY= +github.com/gohugoio/hugo v0.107.0 h1:2ywKLfRuRuv13Sn749AtE+fXJEhH8VCNCSc34SEYtbQ= +github.com/gohugoio/hugo v0.107.0/go.mod h1:55sTrDW6DbfwqLzo+e3nb798iIoHsX/+EzJifsavGMo= github.com/gohugoio/locales v0.14.0 h1:Q0gpsZwfv7ATHMbcTNepFd59H7GoykzWJIxi113XGDc= github.com/gohugoio/locales v0.14.0/go.mod h1:ip8cCAv/cnmVLzzXtiTpPwgJ4xhKZranqNqtoIu0b/4= github.com/gohugoio/localescompressed v1.0.1 h1:KTYMi8fCWYLswFyJAeOtuk/EkXR/KPTHHNN9OS+RTxo= @@ -340,8 +341,8 @@ github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE= -github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg= -github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= +github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-replayers/grpcreplay v1.1.0 h1:S5+I3zYyZ+GQz68OfbURDdt/+cSMqCK1wrvNx7WBzTE= github.com/google/go-replayers/grpcreplay v1.1.0/go.mod h1:qzAvJ8/wi57zq7gWqaE6AwLM6miiXUQwP1S+I9icmhk= github.com/google/go-replayers/httpreplay v1.0.0 h1:8SmT8fUYM4nueF+UnXIX8LJxNTb1vpPuknXz+yTWzL4= @@ -399,6 +400,7 @@ github.com/hairyhenderson/go-codeowners v0.2.3-0.20201026200250-cdc7c0759690 h1: github.com/hairyhenderson/go-codeowners v0.2.3-0.20201026200250-cdc7c0759690/go.mod h1:8Qu9UmnhCRunfRv365Z3w+mT/WfLGKJiK+vugY9qNCU= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hexops/gotextdiff v1.0.3 h1:gitA9+qJrrTCsiCl7+kh75nPqQt1cx4ZkudSTLoUqJM= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/inconshreveable/mousetrap v1.0.1 h1:U3uMjPSQEBMNp1lFxmllqCPM6P5u/Xq7Pgzkat/bFNc= @@ -422,8 +424,9 @@ github.com/klauspost/compress v1.13.5/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47e github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= @@ -469,8 +472,9 @@ github.com/niklasfasching/go-org v1.6.5 h1:5YAIqNTdl6lAOb7lD2AyQ1RuFGPVrAKvUexph github.com/niklasfasching/go-org v1.6.5/go.mod h1:ybv0eGDnxylFUfFE+ySaQc734j/L3+/ChKZ/h63a2wM= github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec= github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY= -github.com/pelletier/go-toml/v2 v2.0.4 h1:MHHO+ZUPwPZQ6BmnnT81iQg5cuurp78CRH7rNsguSMk= -github.com/pelletier/go-toml/v2 v2.0.4/go.mod h1:OMHamSCAODeSsVrwwvcJOaoN0LIUIaFVNZzmWyNfXas= +github.com/pelletier/go-toml/v2 v2.0.6 h1:nrzqCb7j9cDFj2coyLNLaZuJTLjWjlaz6nvTvIwycIU= +github.com/pelletier/go-toml/v2 v2.0.6/go.mod h1:eumQOmlWiOPt5WriQQqoM5y18pDHwha2N+QD+EUNTek= +github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -493,8 +497,8 @@ github.com/sanity-io/litter v1.5.5/go.mod h1:9gzJgR2i4ZpjZHsKvUXIRQVk7P+yM3e+jAF github.com/shogo82148/go-shuffle v0.0.0-20180218125048-27e6095f230d/go.mod h1:2htx6lmL0NGLHlO8ZCf+lQBGBHIbEujyywxJArf+2Yc= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= -github.com/spf13/afero v1.9.2 h1:j49Hj62F0n+DaZ1dDCvhABaPNSGNkt32oRFxI33IEMw= -github.com/spf13/afero v1.9.2/go.mod h1:iUV7ddyEEZPO5gA3zD4fJt6iStLlL+Lg4m2cihcDf8Y= +github.com/spf13/afero v1.9.3 h1:41FoI0fD7OR7mGcKE/aOiLkGreyf8ifIOQmJANWogMk= +github.com/spf13/afero v1.9.3/go.mod h1:iUV7ddyEEZPO5gA3zD4fJt6iStLlL+Lg4m2cihcDf8Y= github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w= github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU= github.com/spf13/cobra v1.6.1 h1:o94oiPyS4KD1mPy2fmcYYHHfCxLqYjJOhGsCHFZtEzA= @@ -508,6 +512,7 @@ github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v0.0.0-20161117074351-18a02ba4a312/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= @@ -516,8 +521,9 @@ github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/tdewolff/minify/v2 v2.12.4 h1:kejsHQMM17n6/gwdw53qsi6lg0TGddZADVyQOz1KMdE= github.com/tdewolff/minify/v2 v2.12.4/go.mod h1:h+SRvSIX3kwgwTFOpSckvSxgax3uy8kZTSF1Ojrr3bk= github.com/tdewolff/parse/v2 v2.6.4 h1:KCkDvNUMof10e3QExio9OPZJT8SbdKojLBumw8YZycQ= @@ -531,8 +537,8 @@ github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -github.com/yuin/goldmark v1.5.2 h1:ALmeCk/px5FSm1MAcFBAsVKZjDuMVj8Tm7FFIlMJnqU= -github.com/yuin/goldmark v1.5.2/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= +github.com/yuin/goldmark v1.5.3 h1:3HUJmBFbQW9fhQOzMgseU134xfi6hU+mjWywx5Ty+/M= +github.com/yuin/goldmark v1.5.3/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= go.opencensus.io v0.15.0/go.mod h1:UffZAU+4sDEINUGP/B7UfBBkq4fqLu9zXAX7ke6CHW0= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= @@ -651,8 +657,8 @@ golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220325170049-de3da57026de/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220412020605-290c469a71a5/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.1.0 h1:hZ/3BUoy5aId7sCpA/Tc5lt8DkFgdVS2onTpJsZ/fl0= -golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= +golang.org/x/net v0.2.0 h1:sZfSu1wtKLGlWI4ZZayP0ck9Y73K1ynO6gqzTdBVdPU= +golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -686,8 +692,8 @@ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 h1:uVc8UZUe6tr40fFVnUP5Oj+veunVezqYl9z7DYw9xzw= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o= +golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -754,8 +760,8 @@ golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.1.0 h1:kunALQeHf1/185U1i0GOB/fy1IPRDDpuoOOqRReG57U= -golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.2.0 h1:ljd4t30dBnAvMZaQCevtY0xLLD0A+bRZXbgLMLU1F/A= +golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -827,8 +833,8 @@ golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.2.0 h1:G6AHpWxTMGY1KyEYoAQ5WTtIekUUvDNjan3ugu60JvE= -golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA= +golang.org/x/tools v0.3.0 h1:SrNbZl6ECOS1qFzgTdQfWXZM9XBkiA6tkFrH9YSTPHM= +golang.org/x/tools v0.3.0/go.mod h1:/rWhSS2+zyEVwoJf8YAX6L2f0ntZ7Kn/mGgAWcipA5k= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= From 2b227acef090dd821a627f3cb4f3cbccda8dbc93 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 7 Dec 2022 00:31:38 -0500 Subject: [PATCH 111/138] Bump lycheeverse/lychee-action from 1.5.1 to 1.5.4 (#1547) Bumps [lycheeverse/lychee-action](https://github.com/lycheeverse/lychee-action) from 1.5.1 to 1.5.4. - [Release notes](https://github.com/lycheeverse/lychee-action/releases) - [Commits](https://github.com/lycheeverse/lychee-action/compare/4a5af7cd2958a2282cefbd9c10f63bdb89982d76...4dcb8bee2a0a4531cba1a1f392c54e8375d6dd81) --- updated-dependencies: - dependency-name: lycheeverse/lychee-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-website.yml | 2 +- .github/workflows/workflow-validate-website-content.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index ef81bbc9e6..b29600094f 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -141,7 +141,7 @@ jobs: retention-days: 5 - name: Link Checker id: linkchecker - uses: lycheeverse/lychee-action@4a5af7cd2958a2282cefbd9c10f63bdb89982d76 + uses: lycheeverse/lychee-action@4dcb8bee2a0a4531cba1a1f392c54e8375d6dd81 with: args: --exclude-file ./build/config/.lycheeignore --verbose --no-progress --accept 200,206,429 './docs/public/**/*.html' --remap "https://pages.nist.gov/OSCAL/ file://${GITHUB_WORKSPACE}/docs/public/" --exclude-mail format: markdown diff --git a/.github/workflows/workflow-validate-website-content.yml b/.github/workflows/workflow-validate-website-content.yml index aaca6f3b60..5e10bbe247 100644 --- a/.github/workflows/workflow-validate-website-content.yml +++ b/.github/workflows/workflow-validate-website-content.yml @@ -33,7 +33,7 @@ jobs: path: ${{ inputs.site_git_ref_path }} - name: Check website HTML content links id: linkchecker - uses: lycheeverse/lychee-action@4a5af7cd2958a2282cefbd9c10f63bdb89982d76 + uses: lycheeverse/lychee-action@4dcb8bee2a0a4531cba1a1f392c54e8375d6dd81 with: args: --exclude-file ./build/config/.lycheeignore --verbose --no-progress --accept 200,206,429 "./${INPUT_SITE_GIT_REF}/**/*.html" --remap "https://pages.nist.gov/OSCAL/ file://${GITHUB_WORKSPACE}/${INPUT_SITE_GIT_REF}/" --exclude-mail env: From 1eac90ede2c889c98f4e1428fd16e9dfd1554ad2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 7 Dec 2022 09:39:24 -0500 Subject: [PATCH 112/138] Bump actions/setup-java (#1576) Bumps [actions/setup-java](https://github.com/actions/setup-java) from 19eeec562b37d29a1ad055b7de9c280bd0906d8d to c3ac5dd0ed8db40fedb61c32fbe677e6b355e94c. - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](https://github.com/actions/setup-java/compare/19eeec562b37d29a1ad055b7de9c280bd0906d8d...c3ac5dd0ed8db40fedb61c32fbe677e6b355e94c) --- updated-dependencies: - dependency-name: actions/setup-java dependency-type: direct:production ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-metaschema-resources.yml | 2 +- .github/workflows/workflow-generate-website-reference.yml | 2 +- .github/workflows/workflow-generate-website.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/workflow-generate-metaschema-resources.yml b/.github/workflows/workflow-generate-metaschema-resources.yml index 44de499c4e..6e940f0b15 100644 --- a/.github/workflows/workflow-generate-metaschema-resources.yml +++ b/.github/workflows/workflow-generate-metaschema-resources.yml @@ -66,7 +66,7 @@ jobs: # ------------------------- # Java JDK 11 - name: Set up JDK - uses: actions/setup-java@19eeec562b37d29a1ad055b7de9c280bd0906d8d + uses: actions/setup-java@c3ac5dd0ed8db40fedb61c32fbe677e6b355e94c with: java-version: 11 distribution: 'temurin' diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index 5983867e9a..b800368481 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -82,7 +82,7 @@ jobs: # ------------------------- # Java JDK 11 - name: Set up JDK - uses: actions/setup-java@19eeec562b37d29a1ad055b7de9c280bd0906d8d + uses: actions/setup-java@c3ac5dd0ed8db40fedb61c32fbe677e6b355e94c with: java-version: 11 distribution: 'temurin' diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index b29600094f..c7b029e97d 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -76,7 +76,7 @@ jobs: # ------------------------- # Java JDK 11 - name: Set up JDK - uses: actions/setup-java@19eeec562b37d29a1ad055b7de9c280bd0906d8d + uses: actions/setup-java@c3ac5dd0ed8db40fedb61c32fbe677e6b355e94c with: java-version: 11 distribution: 'temurin' From 1f1336b4035df38cd475a50b026a5518c0c4c048 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 7 Dec 2022 09:39:55 -0500 Subject: [PATCH 113/138] Bump github.com/gohugoio/hugo from 0.107.0 to 0.108.0 in /build (#1578) Bumps [github.com/gohugoio/hugo](https://github.com/gohugoio/hugo) from 0.107.0 to 0.108.0. - [Release notes](https://github.com/gohugoio/hugo/releases) - [Changelog](https://github.com/gohugoio/hugo/blob/master/hugoreleaser.toml) - [Commits](https://github.com/gohugoio/hugo/compare/v0.107.0...v0.108.0) --- updated-dependencies: - dependency-name: github.com/gohugoio/hugo dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- build/go.mod | 12 ++++++------ build/go.sum | 23 ++++++++++++----------- 2 files changed, 18 insertions(+), 17 deletions(-) diff --git a/build/go.mod b/build/go.mod index 34a47a940e..bb67fb6f07 100644 --- a/build/go.mod +++ b/build/go.mod @@ -2,7 +2,7 @@ module github.com/usnistgov/OSCAL/build go 1.18 -require github.com/gohugoio/hugo v0.107.0 +require github.com/gohugoio/hugo v0.108.0 require ( cloud.google.com/go v0.101.0 // indirect @@ -36,7 +36,7 @@ require ( github.com/bep/debounce v1.2.0 // indirect github.com/bep/gitmap v1.1.2 // indirect github.com/bep/goat v0.5.0 // indirect - github.com/bep/godartsass v0.14.0 // indirect + github.com/bep/godartsass v0.16.0 // indirect github.com/bep/golibsass v1.1.0 // indirect github.com/bep/gowebp v0.2.0 // indirect github.com/bep/overlayfs v0.6.0 // indirect @@ -47,10 +47,10 @@ require ( github.com/disintegration/gift v1.2.1 // indirect github.com/dlclark/regexp2 v1.7.0 // indirect github.com/dustin/go-humanize v1.0.0 // indirect - github.com/evanw/esbuild v0.15.15 // indirect + github.com/evanw/esbuild v0.15.18 // indirect github.com/frankban/quicktest v1.14.4 // indirect github.com/fsnotify/fsnotify v1.6.0 // indirect - github.com/getkin/kin-openapi v0.109.0 // indirect + github.com/getkin/kin-openapi v0.110.0 // indirect github.com/ghodss/yaml v1.0.0 // indirect github.com/go-openapi/jsonpointer v0.19.5 // indirect github.com/go-openapi/swag v0.19.5 // indirect @@ -111,14 +111,14 @@ require ( golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5 // indirect golang.org/x/sync v0.1.0 // indirect golang.org/x/sys v0.2.0 // indirect - golang.org/x/text v0.4.0 // indirect + golang.org/x/text v0.5.0 // indirect golang.org/x/tools v0.3.0 // indirect golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f // indirect google.golang.org/api v0.76.0 // indirect google.golang.org/appengine v1.6.7 // indirect google.golang.org/genproto v0.0.0-20220426171045-31bebdecfb46 // indirect google.golang.org/grpc v1.46.0 // indirect - google.golang.org/protobuf v1.28.0 // indirect + google.golang.org/protobuf v1.28.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/build/go.sum b/build/go.sum index b4b0f9734b..7f74ed0768 100644 --- a/build/go.sum +++ b/build/go.sum @@ -173,8 +173,8 @@ github.com/bep/gitmap v1.1.2 h1:zk04w1qc1COTZPPYWDQHvns3y1afOsdRfraFQ3qI840= github.com/bep/gitmap v1.1.2/go.mod h1:g9VRETxFUXNWzMiuxOwcudo6DfZkW9jOsOW0Ft4kYaY= github.com/bep/goat v0.5.0 h1:S8jLXHCVy/EHIoCY+btKkmcxcXFd34a0Q63/0D4TKeA= github.com/bep/goat v0.5.0/go.mod h1:Md9x7gRxiWKs85yHlVTvHQw9rg86Bm+Y4SuYE8CTH7c= -github.com/bep/godartsass v0.14.0 h1:pPb6XkpyDEppS+wK0veh7OXDQc4xzOJI9Qcjb743UeQ= -github.com/bep/godartsass v0.14.0/go.mod h1:6LvK9RftsXMxGfsA0LDV12AGc4Jylnu6NgHL+Q5/pE8= +github.com/bep/godartsass v0.16.0 h1:nTpenrZBQjVSjLkCw3AgnYmBB2czauTJa4BLLv448qg= +github.com/bep/godartsass v0.16.0/go.mod h1:6LvK9RftsXMxGfsA0LDV12AGc4Jylnu6NgHL+Q5/pE8= github.com/bep/golibsass v1.1.0 h1:pjtXr00IJZZaOdfryNa9wARTB3Q0BmxC3/V1KNcgyTw= github.com/bep/golibsass v1.1.0/go.mod h1:DL87K8Un/+pWUS75ggYv41bliGiolxzDKWJAq3eJ1MA= github.com/bep/gowebp v0.2.0 h1:ZVfK8i9PpZqKHEmthQSt3qCnnHycbLzBPEsVtk2ch2Q= @@ -238,8 +238,8 @@ github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.m github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/evanw/esbuild v0.15.15 h1:8T3LwQ7vQV2AUdHb6EIQTUKp4f2lQpVW7ItoNZeT9UE= -github.com/evanw/esbuild v0.15.15/go.mod h1:iINY06rn799hi48UqEnaQvVfZWe6W9bET78LbvN8VWk= +github.com/evanw/esbuild v0.15.18 h1:CM7eAoUjjNkZs1LH0p6fkwtADrbFr4JV2SlT1bUMjEo= +github.com/evanw/esbuild v0.15.18/go.mod h1:iINY06rn799hi48UqEnaQvVfZWe6W9bET78LbvN8VWk= github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/fortytw2/leaktest v1.3.0 h1:u8491cBMTQ8ft8aeV+adlcytMZylmA5nnwwkRZjI8vw= github.com/fortytw2/leaktest v1.3.0/go.mod h1:jDsjWgpAGjm2CA7WthBh/CdZYEPF31XHquHwclZch5g= @@ -253,8 +253,8 @@ github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5 github.com/fsnotify/fsnotify v1.5.4/go.mod h1:OVB6XrOHzAwXMpEM7uPOzcehqUV2UqJxmVXmkdnm1bU= github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= -github.com/getkin/kin-openapi v0.109.0 h1:Cpb0PmIPFEV0LVvikEvfo3gw3rBMVSjJ57w15j+/A/U= -github.com/getkin/kin-openapi v0.109.0/go.mod h1:QtwUNt0PAAgIIBEvFWYfB7dfngxtAaqCX1zYHMZDeK8= +github.com/getkin/kin-openapi v0.110.0 h1:1GnJALxsltcSzCMqgtqKlLhYQeULv3/jesmV2sC5qE0= +github.com/getkin/kin-openapi v0.110.0/go.mod h1:QtwUNt0PAAgIIBEvFWYfB7dfngxtAaqCX1zYHMZDeK8= github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI= @@ -282,8 +282,8 @@ github.com/gobwas/ws v1.0.2/go.mod h1:szmBTxLgaFppYjEmNtny/v3w89xOydFnnZMcgRRu/E github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/gohugoio/go-i18n/v2 v2.1.3-0.20210430103248-4c28c89f8013 h1:Nj29Qbkt0bZ/bJl8eccfxQp3NlU/0IW1v9eyYtQ53XQ= github.com/gohugoio/go-i18n/v2 v2.1.3-0.20210430103248-4c28c89f8013/go.mod h1:3Ltoo9Banwq0gOtcOwxuHG6omk+AwsQPADyw2vQYOJQ= -github.com/gohugoio/hugo v0.107.0 h1:2ywKLfRuRuv13Sn749AtE+fXJEhH8VCNCSc34SEYtbQ= -github.com/gohugoio/hugo v0.107.0/go.mod h1:55sTrDW6DbfwqLzo+e3nb798iIoHsX/+EzJifsavGMo= +github.com/gohugoio/hugo v0.108.0 h1:IEacmNscp3iC+pzz2ELSS5z29sg1vRJqh87hG5lQurk= +github.com/gohugoio/hugo v0.108.0/go.mod h1:O3TpqLfYf5Vfmrzwwg0Iry+DttGVMeodTn3lTWWsRfo= github.com/gohugoio/locales v0.14.0 h1:Q0gpsZwfv7ATHMbcTNepFd59H7GoykzWJIxi113XGDc= github.com/gohugoio/locales v0.14.0/go.mod h1:ip8cCAv/cnmVLzzXtiTpPwgJ4xhKZranqNqtoIu0b/4= github.com/gohugoio/localescompressed v1.0.1 h1:KTYMi8fCWYLswFyJAeOtuk/EkXR/KPTHHNN9OS+RTxo= @@ -773,8 +773,8 @@ golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.4.0 h1:BrVqGRd7+k1DiOgtnFvAkoQEWQvBc25ouMJM6429SFg= -golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.5.0 h1:OLmvp0KP+FVG99Ct/qFiL/Fhk4zp4QQnZ7b2U+5piUM= +golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -1017,8 +1017,9 @@ google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlba google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw= google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w= +google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= From 256905700a076fbe0df3b32a3365a7f66940cac2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 7 Dec 2022 09:40:21 -0500 Subject: [PATCH 114/138] Bump golang from 1.19.3-bullseye to 1.19.4-bullseye in /build (#1577) Bumps golang from 1.19.3-bullseye to 1.19.4-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- build/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/Dockerfile b/build/Dockerfile index c89037c3e8..f9df26fa63 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -11,7 +11,7 @@ RUN apt-get install -y \ apt-utils build-essential git jq libxml2-utils maven nodejs npm python3-pip unzip wget && \ apt-get clean -FROM golang:1.19.3-bullseye as oscal-hugo-build +FROM golang:1.19.4-bullseye as oscal-hugo-build RUN mkdir -p /go/src/github.com/usnistgov/OSCAL/build From bbdb74d5b8f705c93a2ec0d91e60ef3851a84dc3 Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Wed, 7 Dec 2022 13:26:19 -0500 Subject: [PATCH 115/138] Fixed syntax errors in metapaths (#1574) --- src/metaschema/oscal_metadata_metaschema.xml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/metaschema/oscal_metadata_metaschema.xml b/src/metaschema/oscal_metadata_metaschema.xml index 9be2da76e0..e87a0a841c 100644 --- a/src/metaschema/oscal_metadata_metaschema.xml +++ b/src/metaschema/oscal_metadata_metaschema.xml @@ -974,10 +974,10 @@
    - - - - + + + +
    From 46700bade18248d1ed965d3d123a01944fa80ac7 Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Wed, 7 Dec 2022 14:16:10 -0500 Subject: [PATCH 116/138] Fixed improper use of allowed-values/allow-other. Ensured that all props in the OSCAL namespace are properly closed and all link rels are open for extension. (#1579) --- .../oscal_assessment-common_metaschema.xml | 32 ++++++------ .../oscal_assessment-plan_metaschema.xml | 2 +- src/metaschema/oscal_catalog_metaschema.xml | 2 +- src/metaschema/oscal_component_metaschema.xml | 18 +++---- .../oscal_control-common_metaschema.xml | 2 +- ...oscal_implementation-common_metaschema.xml | 50 +++++++++---------- src/metaschema/oscal_metadata_metaschema.xml | 14 +++--- src/metaschema/oscal_profile_metaschema.xml | 2 +- src/metaschema/oscal_ssp_metaschema.xml | 29 +++++------ 9 files changed, 75 insertions(+), 76 deletions(-) diff --git a/src/metaschema/oscal_assessment-common_metaschema.xml b/src/metaschema/oscal_assessment-common_metaschema.xml index a96a51fb79..47dbbe28b2 100644 --- a/src/metaschema/oscal_assessment-common_metaschema.xml +++ b/src/metaschema/oscal_assessment-common_metaschema.xml @@ -183,11 +183,11 @@
    - + The assessment method to use. This typically appears on parts with the name "assessment". - - + + The process of holding discussions with individuals or groups of individuals within an organization to once again, facilitate assessor understanding, achieve clarification, or obtain evidence. The process of reviewing, inspecting, observing, studying, or analyzing one or more assessment objects (i.e., specifications, mechanisms, or activities). The process of exercising one or more assessment objects (i.e., activities or mechanisms) under specified conditions to compare actual with expected behavior. @@ -1272,10 +1272,10 @@
    - + The type of remediation tracking entry. Can be multi-valued. - + Contacted vendor to determine the status of a pending fix to a known vulnerability. Information related to the current state of response to this risk. A significant step in the response plan has been achieved. @@ -1305,13 +1305,13 @@ - + The risk has been confirmed to be a false positive. The risk has been accepted. No further action will be taken. The risk has been adjusted. A numeric value indicating the sequence in which risks should be addressed. (Lower numbers are higher priority) - + @@ -1401,21 +1401,21 @@ - + Indicates if the facet is 'initial' as first identified, or 'adjusted' indicating that the value has be changed after some adjustments have been made (e.g., to identify residual risk). - + As first identified. Indicates that residual risk remains after some adjustments have been made. - + General likelihood rating. General impact rating. General risk rating. General severity rating. - + Likelihood as defined by FedRAMP. The class can be used to specify 'initial' and 'adjusted' risk states. Impact as defined by FedRAMP. The class can be used to specify 'initial' and 'adjusted' risk states. Risk as calculated according to FedRAMP. The class can be used to specify 'initial' and 'adjusted' risk states. @@ -1683,10 +1683,10 @@ - + - + The risk will be eliminated. The risk will be reduced. The risk will be transferred to another organization or entity. @@ -1766,11 +1766,11 @@ - + The assessment method to use. This typically appears on parts with the name "objective". - - + + The process of holding discussions with individuals or groups of individuals within an organization to once again, facilitate assessor understanding, achieve clarification, or obtain evidence. The process of reviewing, inspecting, observing, studying, or analyzing one or more assessment objects (i.e., specifications, mechanisms, or activities). The process of exercising one or more assessment objects (i.e., activities or mechanisms) under specified conditions to compare actual with expected behavior. diff --git a/src/metaschema/oscal_assessment-plan_metaschema.xml b/src/metaschema/oscal_assessment-plan_metaschema.xml index 5e2306939a..2c58c68cc4 100644 --- a/src/metaschema/oscal_assessment-plan_metaschema.xml +++ b/src/metaschema/oscal_assessment-plan_metaschema.xml @@ -91,7 +91,7 @@ - + Defines the circumstances, conditions, degree, and manner in which the use of cyber-attack techniques or actions may be applied to the assessment. Any information the assessor should make known to the system owner or authorizing official. Has child 'item' parts for each individual disclosure. Defines any assessment activities which the system owner or authorizing official wishes to ensure are performed as part of the assessment. diff --git a/src/metaschema/oscal_catalog_metaschema.xml b/src/metaschema/oscal_catalog_metaschema.xml index ef63cef286..fc2a4d25a2 100644 --- a/src/metaschema/oscal_catalog_metaschema.xml +++ b/src/metaschema/oscal_catalog_metaschema.xml @@ -54,7 +54,7 @@ The tool used to produce a resolved profile. The document-level uuid of the source profile from which the catalog was produced by profile resolution. - + The profile from which the catalog was produced by profile resolution. The document-level uuid of the profile from which the catalog was produced by profile resolution. diff --git a/src/metaschema/oscal_component_metaschema.xml b/src/metaschema/oscal_component_metaschema.xml index c579e43750..b5812a32dc 100644 --- a/src/metaschema/oscal_component_metaschema.xml +++ b/src/metaschema/oscal_component_metaschema.xml @@ -148,7 +148,7 @@ - + @@ -177,7 +177,7 @@ &allowed-values-responsible-roles-component-production; - + &allowed-values-property-name-asset-type-values; @@ -185,22 +185,22 @@ - + The component allows an authenticated scan. The component does not allow an authenticated scan. - + The component is virtualized. The component is not virtualized. - + The component is publicly accessible. The component is not publicly accessible. - + The component is implemented within the system boundary. The component is implemented outside the system boundary. @@ -210,8 +210,8 @@ - - + + @@ -221,7 +221,7 @@ - + &allowed-values-component_component_software; diff --git a/src/metaschema/oscal_control-common_metaschema.xml b/src/metaschema/oscal_control-common_metaschema.xml index c2d544caef..e5506cd4cf 100644 --- a/src/metaschema/oscal_control-common_metaschema.xml +++ b/src/metaschema/oscal_control-common_metaschema.xml @@ -244,7 +244,7 @@ Parameter Cardinality Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted. - + Only one value is permitted. One or more values are permitted. diff --git a/src/metaschema/oscal_implementation-common_metaschema.xml b/src/metaschema/oscal_implementation-common_metaschema.xml index bf72c46a95..29d57fec3a 100644 --- a/src/metaschema/oscal_implementation-common_metaschema.xml +++ b/src/metaschema/oscal_implementation-common_metaschema.xml @@ -87,7 +87,7 @@ - + Relative placement of component ('internal' or 'external') to the system. UUID of the related leveraged-authorization assembly in this SSP. @@ -120,26 +120,26 @@ &allowed-values-responsible-roles-component-production; - + &allowed-values-property-name-asset-type-values; - + The component allows an authenticated scan. The component does not allow an authenticated scan. - + The component is publicly accessible. The component is not publicly accessible. - + The component is virtualized. The component is not virtualized. - + The component is implemented within the system boundary. The component is implemented outside the system boundary. @@ -148,14 +148,14 @@ - - + + - + The name of the company or organization @@ -172,7 +172,7 @@ - + &allowed-values-component_component_software; @@ -188,7 +188,7 @@ - + Title of the Interconnection Security Agreement (ISA). Date of the Interconnection Security Agreement (ISA). The name of the remote interconnected system. @@ -196,7 +196,7 @@ An Internet Protocol Version 6 interconnection address An Internet Protocol Version 6 interconnection address - + The identified IP address is for this system. The identified IP address is for the remote system to which this system is connected. @@ -210,10 +210,10 @@ Interconnection Security Agreement (ISA) authorizing official for this system. Interconnection Security Agreement (ISA) authorizing official for the remote interconnected system. - - - - + + + + Data from the remote system flows into this system. Data from this system flows to the remote system. @@ -377,16 +377,16 @@ - + The type of user, such as internal, external, or general-public. The user's privilege level within the system, such as privileged, non-privileged, no-logical-access. - + A user account for a person or entity that is part of the organization who owns or operates the system. A user account for a person or entity that is not part of the organization who owns or operates the system. A user of the system considered to be outside - + This role has elevated access to the system, such as a group or system administrator. This role has typical user-level access to the system without elevated access. This role has no access to the system, such as a manager who approves access as part of a process. @@ -506,13 +506,13 @@ - + &allowed-values-component_component_property-name; &allowed-values-component_inventory-item_property-name; - + @@ -532,7 +532,7 @@ - + The Internet Protocol v4 Address of the asset. The Internet Protocol v6 Address of the asset. The full-qualified domain name (FQDN) of the asset. @@ -564,16 +564,16 @@ &allowed-values-component_inventory-item_property-name; - + &allowed-values-property-name-asset-type-values; - + The name of the company or organization - + The asset is included in periodic vulnerability scanning. The asset is not included in periodic vulnerability scanning. diff --git a/src/metaschema/oscal_metadata_metaschema.xml b/src/metaschema/oscal_metadata_metaschema.xml index e87a0a841c..3c665a32e6 100644 --- a/src/metaschema/oscal_metadata_metaschema.xml +++ b/src/metaschema/oscal_metadata_metaschema.xml @@ -600,7 +600,7 @@ - + Identifies the type of resource represented. The most specific appropriate type value SHOULD be used. For resources representing a published document, this represents the version number of that document. For resources representing a published document, this represents the publication date of that document. @@ -696,13 +696,6 @@ Property Name A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object. - - - - - A label or descriptor that is tied to a sensitivity or classification marking system. An optional class can be used to define the specific marking system used for the associated value. - - Property Universally Unique Identifier @@ -740,6 +733,11 @@ + + + A label or descriptor that is tied to a sensitivity or classification marking system. An optional class can be used to define the specific marking system used for the associated value. + +

    Properties permit the deployment and management of arbitrary controlled values, within OSCAL objects. A property can be included for any purpose useful to an application or implementation. Typically, properties will be used to sort, filter, select, order, and arrange OSCAL content objects, to relate OSCAL objects to one another, or to associate an OSCAL object to class hierarchies, taxonomies, or external authorities. Thus, the lexical composition of properties may be constrained by external processes to ensure consistency.

    Property allows for associated remarks that describe why the specific property value was applied to the containing object, or the significance of the value in the context of the containing object.

    diff --git a/src/metaschema/oscal_profile_metaschema.xml b/src/metaschema/oscal_profile_metaschema.xml index 5d3ea80e06..f60103e09b 100644 --- a/src/metaschema/oscal_profile_metaschema.xml +++ b/src/metaschema/oscal_profile_metaschema.xml @@ -377,7 +377,7 @@ - + &allowed-values-control-group-property-name; diff --git a/src/metaschema/oscal_ssp_metaschema.xml b/src/metaschema/oscal_ssp_metaschema.xml index a7bb0a1294..d311b2af0a 100644 --- a/src/metaschema/oscal_ssp_metaschema.xml +++ b/src/metaschema/oscal_ssp_metaschema.xml @@ -129,7 +129,7 @@ - + A value of 1, 2, or 3 as defined by SP 800-63-3. A value of 1, 2, or 3 as defined by SP 800-63-3. @@ -145,11 +145,11 @@ As defined by SP 800-63-3. - + The associated value is one of: public-cloud, private-cloud, community-cloud, government-only-cloud, hybrid-cloud, or other. The associated value is one of: saas, paas, iaas, or other. - + The public cloud deployment model as defined by The NIST Definition of Cloud Computing. The private cloud deployment model as defined by The NIST Definition of Cloud Computing. @@ -163,7 +163,7 @@

    The hybrid cloud deployment model, as defined by The NIST Definition of Cloud Computing, can be supported by selecting two or more of the existing deployment models.

    - + Software as a service (SaaS) cloud service model as defined by The NIST Definition of Cloud Computing. Platform as a service (PaaS) cloud service model as defined by The NIST Definition of Cloud Computing. @@ -269,14 +269,14 @@ - + Is this a privacy sensitive system? yes or no - + The system is privacy sensitive. The system is not privacy sensitive. - + A link to the privacy impact assessment. @@ -439,7 +439,7 @@ - + A reference to the diagram image. @@ -564,7 +564,7 @@ - + A reference to the system security plan for the leveraged authorization. @@ -639,7 +639,8 @@ - + + The component allows an authenticated scan. The component does not allow an authenticated scan. @@ -718,17 +719,17 @@ - + Identifies the source of the implemented control. Any control-origination prop defined in a child context will override the parent value. - + The control is implemented by the organization owning the system, but is not specific to the system itself. The control is implemented specifically to this system. The control is provided by the system, but must be configured by the customer. The control must be implemented by the customer. This control is inherited from an underlying system. - + Indicates all or some portion of this control is inherited from an underlying authorized system. @@ -1048,7 +1049,7 @@ - + A reference to the UUID of a control or statement by-component object that is used as evidence of implementation. From 1a21bcfb4bfe227236b311ad15b37c14860346a8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 7 Dec 2022 14:16:40 -0500 Subject: [PATCH 117/138] Bump xmlcalabash from 1.5.1-100 to 1.5.3-110 in /build (#1575) * Bump xmlcalabash from 1.5.1-100 to 1.5.3-110 in /build Bumps [xmlcalabash](https://github.com/ndw/xmlcalabash1) from 1.5.1-100 to 1.5.3-110. - [Release notes](https://github.com/ndw/xmlcalabash1/releases) - [Commits](https://github.com/ndw/xmlcalabash1/compare/1.5.1-100...1.5.3-110) --- updated-dependencies: - dependency-name: com.xmlcalabash:xmlcalabash dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] * Update pom.xml Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: David Waltermire --- build/pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/build/pom.xml b/build/pom.xml index 4363500fc7..552725a4fe 100644 --- a/build/pom.xml +++ b/build/pom.xml @@ -34,12 +34,12 @@ net.sf.saxon Saxon-HE - 10.8 + 11.4 com.xmlcalabash xmlcalabash - 1.5.1-100 + 1.5.3-110 From eb3822559ed6ae904695a625cfdcb54d20323f45 Mon Sep 17 00:00:00 2001 From: OSCAL GitHub Actions Bot Date: Wed, 7 Dec 2022 19:22:05 +0000 Subject: [PATCH 118/138] Publishing generated metaschema resources [ci skip] --- ..._assessment-plan_xml-to-json-converter.xsl | 3340 +-- ...sessment-results_xml-to-json-converter.xsl | 6030 ++--- .../oscal_catalog_xml-to-json-converter.xsl | 2350 +- .../oscal_complete_xml-to-json-converter.xsl | 19160 +++++++------- .../oscal_component_xml-to-json-converter.xsl | 2092 +- .../oscal_mapping_xml-to-json-converter.xsl | 1580 +- .../oscal_poam_xml-to-json-converter.xsl | 4604 ++-- .../oscal_profile_xml-to-json-converter.xsl | 2310 +- .../oscal_ssp_xml-to-json-converter.xsl | 3572 +-- json/schema/oscal_assessment-plan_schema.json | 5565 +++-- .../oscal_assessment-results_schema.json | 5841 +++-- json/schema/oscal_catalog_schema.json | 2325 +- json/schema/oscal_complete_schema.json | 10119 ++++---- json/schema/oscal_component_schema.json | 3035 ++- json/schema/oscal_mapping_schema.json | 1765 +- json/schema/oscal_poam_schema.json | 5707 +++-- json/schema/oscal_profile_schema.json | 2515 +- json/schema/oscal_ssp_schema.json | 4051 ++- ..._assessment-plan_json-to-xml-converter.xsl | 3332 +-- ...sessment-results_json-to-xml-converter.xsl | 6228 ++--- .../oscal_catalog_json-to-xml-converter.xsl | 2476 +- .../oscal_complete_json-to-xml-converter.xsl | 20726 ++++++++-------- .../oscal_component_json-to-xml-converter.xsl | 2020 +- .../oscal_mapping_json-to-xml-converter.xsl | 1470 +- .../oscal_poam_json-to-xml-converter.xsl | 4712 ++-- .../oscal_profile_json-to-xml-converter.xsl | 2338 +- .../oscal_ssp_json-to-xml-converter.xsl | 3592 +-- xml/schema/oscal_assessment-plan_schema.xsd | 1144 +- .../oscal_assessment-results_schema.xsd | 1204 +- xml/schema/oscal_catalog_schema.xsd | 486 +- xml/schema/oscal_complete_schema.xsd | 2374 +- xml/schema/oscal_component_schema.xsd | 584 +- xml/schema/oscal_mapping_schema.xsd | 362 +- xml/schema/oscal_poam_schema.xsd | 1158 +- xml/schema/oscal_profile_schema.xsd | 504 +- xml/schema/oscal_ssp_schema.xsd | 900 +- 36 files changed, 70763 insertions(+), 70808 deletions(-) diff --git a/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl b/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl index cbede8b29b..4f0569809f 100644 --- a/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl +++ b/json/convert/oscal_assessment-plan_xml-to-json-converter.xsl @@ -1,11 +1,11 @@ + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsl="http://www.w3.org/1999/XSL/Transform" + version="3.0" + exclude-result-prefixes="#all" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + select="$file ! document(.,$source-xml)"> { $err:description } @@ -60,7 +60,7 @@ + select="xml-to-json($new-json-xml, $write-options)"> { $err:description } @@ -81,7 +81,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -115,7 +115,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -187,7 +187,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -200,7 +200,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -211,7 +211,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -240,7 +240,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -272,7 +272,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -283,7 +283,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -324,7 +324,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -353,7 +353,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -369,7 +369,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -378,7 +378,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -415,7 +415,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -454,7 +454,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -469,7 +469,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -499,7 +499,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -515,17 +515,17 @@ + group-by="true()"> + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose"> + as-type="markup-multiline" + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE"> @@ -547,7 +547,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -563,17 +563,17 @@ + group-by="true()"> + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose"> + as-type="markup-multiline" + _metaschema-xml-id="/assembly/oscal-assessment-common/assessment-part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-assessment-common/assessment-part/prose/PROSE"> @@ -595,7 +595,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -634,11 +634,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="reviewed-controls" + gi="reviewed-controls"> reviewed-controls @@ -675,41 +675,41 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="include-all" + key="include-all" + gi="include-all"> include-all + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="select-objective-by-id" + gi="include-objective"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="select-objective-by-id" + gi="exclude-objective"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="related-controls" + gi="related-controls"> related-controls @@ -746,7 +746,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -784,7 +784,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -807,7 +807,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -830,11 +830,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="assessment-assets" + gi="assessment-assets"> assessment-assets @@ -855,7 +855,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -916,7 +916,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -954,7 +954,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -970,80 +970,80 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="remarks" + key="remarks" + gi="remarks" + in-json="SCALAR"> remarks + group-by="true()"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="location-uuid" + gi="location-uuid" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="party-uuid" + gi="party-uuid" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + gi="role-id" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="function-performed" + gi="function-performed" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1053,770 +1053,770 @@ + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="value" + key="value" + gi="value"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="group" + key="group" + gi="group"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="rel" + key="rel" + gi="rel"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="resource-fragment" + key="resource-fragment" + gi="resource-fragment"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="location-type" + key="type" + gi="type"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="type" + key="type" + gi="type"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="type" + key="type" + gi="type"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="system" + key="system" + gi="system"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="system-component-type" + key="type" + gi="type"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="state" + key="state" + gi="state"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="nonNegativeInteger" + name="start" + key="start" + gi="start"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="nonNegativeInteger" + name="end" + key="end" + gi="end"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="transport" + key="transport" + gi="transport"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="objective-id" + key="objective-id" + gi="objective-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="subject-uuid" + key="subject-uuid" + gi="subject-uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="subject-type" + key="type" + gi="type"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="positiveInteger" + name="period" + key="period" + gi="period"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="unit" + key="unit" + gi="unit"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="task-uuid" + key="task-uuid" + gi="task-uuid"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="activity-uuid" + key="activity-uuid" + gi="activity-uuid"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="algorithm" + key="algorithm" + gi="algorithm"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="filename" + key="filename" + gi="filename"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1826,15 +1826,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -1844,15 +1844,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -1862,15 +1862,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -1880,15 +1880,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -1898,8 +1898,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1925,14 +1925,14 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -1940,15 +1940,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1958,15 +1958,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -1976,15 +1976,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -1994,15 +1994,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -2012,15 +2012,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -2030,15 +2030,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2048,13 +2048,13 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -2062,15 +2062,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2080,8 +2080,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2106,15 +2106,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2124,15 +2124,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -2142,37 +2142,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2182,8 +2182,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2228,15 +2228,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2246,8 +2246,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2268,29 +2268,29 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -2300,15 +2300,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -2318,15 +2318,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -2336,15 +2336,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -2354,27 +2354,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -2382,30 +2382,30 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2415,8 +2415,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2483,15 +2483,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -2501,15 +2501,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -2519,13 +2519,13 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="external-id" + gi="external-id"> @@ -2533,15 +2533,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2551,27 +2551,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -2579,8 +2579,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2598,29 +2598,29 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -2630,15 +2630,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -2648,15 +2648,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -2666,15 +2666,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -2684,29 +2684,29 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2716,15 +2716,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2734,15 +2734,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2752,12 +2752,12 @@ + priority="3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="local-definitions" + gi="local-definitions"> local-definitions @@ -2800,15 +2800,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2818,37 +2818,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -2858,15 +2858,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2876,8 +2876,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2888,15 +2888,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2906,15 +2906,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2924,37 +2924,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2964,15 +2964,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2982,8 +2982,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3012,15 +3012,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3030,15 +3030,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3048,15 +3048,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3066,15 +3066,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -3084,37 +3084,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3124,15 +3124,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3142,59 +3142,59 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3204,15 +3204,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3222,15 +3222,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3240,15 +3240,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3258,37 +3258,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3298,8 +3298,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3331,15 +3331,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3349,37 +3349,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3389,37 +3389,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3429,8 +3429,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3467,37 +3467,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3507,8 +3507,8 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3522,22 +3522,22 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3551,22 +3551,22 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3603,37 +3603,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3643,15 +3643,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3661,37 +3661,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3701,8 +3701,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3739,37 +3739,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3779,8 +3779,8 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3794,22 +3794,22 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3823,22 +3823,22 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3875,37 +3875,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3915,15 +3915,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3933,12 +3933,12 @@ + priority="3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="terms-and-conditions" + gi="terms-and-conditions"> terms-and-conditions @@ -3952,15 +3952,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3970,15 +3970,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3988,37 +3988,37 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4028,8 +4028,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4066,37 +4066,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4106,8 +4106,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4121,22 +4121,22 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4150,22 +4150,22 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4202,37 +4202,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4242,37 +4242,37 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4282,15 +4282,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4300,15 +4300,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4318,15 +4318,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4336,37 +4336,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -4376,15 +4376,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4394,8 +4394,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4406,15 +4406,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4424,15 +4424,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4442,8 +4442,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4473,15 +4473,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4491,15 +4491,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4509,8 +4509,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4539,15 +4539,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4557,15 +4557,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4575,15 +4575,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4593,37 +4593,37 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4633,8 +4633,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4646,8 +4646,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4657,13 +4657,13 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="within-date-range" + key="within-date-range" + gi="within-date-range"> within-date-range @@ -4672,13 +4672,13 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="at-frequency" + key="at-frequency" + gi="at-frequency"> at-frequency @@ -4687,8 +4687,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4696,8 +4696,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4733,15 +4733,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4751,15 +4751,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4769,37 +4769,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4809,15 +4809,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4827,15 +4827,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4845,37 +4845,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4885,15 +4885,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4903,15 +4903,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4921,15 +4921,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4939,8 +4939,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4973,15 +4973,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4991,35 +4991,35 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -5027,8 +5027,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5052,15 +5052,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5070,15 +5070,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5088,8 +5088,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5104,14 +5104,14 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -5123,10 +5123,10 @@ + mode="cast-prose" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -5134,43 +5134,43 @@ + name="ns" + select="/*/@namespace"/> + match="group" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="group[@in-json='BY_KEY']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="flag[@key=../@json-key-flag]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"/> + match="group[@in-json='SINGLETON_OR_ARRAY'][count(*)=1]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + priority="2" + match="group/assembly | group/field" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -5188,10 +5188,10 @@ + priority="3" + match="group/field[@in-json='SCALAR']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -5200,33 +5200,33 @@ + match="/assembly" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="assembly" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="field" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="field[@in-json='SCALAR']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="flag[@key=../value/@key-flag]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"/> + match="flag" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + namespace="http://www.w3.org/2005/xpath-functions"> + priority="2" + match="field[exists(@json-key-flag)]/value" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -5261,12 +5261,12 @@ + match="value" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + namespace="http://www.w3.org/2005/xpath-functions"> @@ -5281,46 +5281,46 @@ + match="*" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="value[@as-type='markup-line']" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="value[@as-type='markup-multiline']" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + name="conditional-lf" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="text()[empty(ancestor::pre)]" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="text()" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -5329,18 +5329,18 @@ + mode="md" + match="p" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="h1 | h2 | h3 | h4 | h5 | h6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -5348,40 +5348,40 @@ # + mode="mark" + match="h1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"># ## + mode="mark" + match="h2" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">## ### + mode="mark" + match="h3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">### #### + mode="mark" + match="h4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">#### ##### + mode="mark" + match="h5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">##### ###### + mode="mark" + match="h6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">###### + mode="md" + match="table" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="tr" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -5395,19 +5395,19 @@ + mode="md" + match="th | td" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> | | + mode="md" + priority="1" + match="pre" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ``` @@ -5416,24 +5416,24 @@ ``` + mode="md" + priority="1" + match="ul | ol" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="ul//ul | ol//ol | ol//ul | ul//ol" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="li" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -5443,9 +5443,9 @@ + mode="md" + match="ol/li" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -5455,49 +5455,49 @@ + mode="md" + match="code | span[contains(@class, 'code')]" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ` ` + mode="md" + match="em | i" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> * * + mode="md" + match="strong | b" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ** ** + mode="md" + match="q" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> " " + mode="md" + match="insert" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> {{ insert: }} + mode="md" + match="a" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> [ ] @@ -5506,9 +5506,9 @@ ) + mode="md" + match="img" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ![ ] diff --git a/json/convert/oscal_assessment-results_xml-to-json-converter.xsl b/json/convert/oscal_assessment-results_xml-to-json-converter.xsl index dcd71a01d5..94478f65bc 100644 --- a/json/convert/oscal_assessment-results_xml-to-json-converter.xsl +++ b/json/convert/oscal_assessment-results_xml-to-json-converter.xsl @@ -1,11 +1,11 @@ + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsl="http://www.w3.org/1999/XSL/Transform" + version="3.0" + exclude-result-prefixes="#all" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + select="$file ! document(.,$source-xml)"> { $err:description } @@ -60,7 +60,7 @@ + select="xml-to-json($new-json-xml, $write-options)"> { $err:description } @@ -81,11 +81,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="assessment-results" + gi="assessment-results"> assessment-results @@ -107,7 +107,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -179,7 +179,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -192,7 +192,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -203,7 +203,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -232,7 +232,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -264,7 +264,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -275,7 +275,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -305,7 +305,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -321,17 +321,17 @@ + group-by="true()"> + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose"> + as-type="markup-multiline" + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE"> @@ -353,7 +353,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -369,17 +369,17 @@ + group-by="true()"> + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose"> + as-type="markup-multiline" + _metaschema-xml-id="/assembly/oscal-assessment-common/assessment-part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-assessment-common/assessment-part/prose/PROSE"> @@ -401,7 +401,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -440,11 +440,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="reviewed-controls" + gi="reviewed-controls"> reviewed-controls @@ -481,37 +481,37 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="include-all" + key="include-all" + gi="include-all"> include-all + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="select-objective-by-id" + gi="include-objective"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="select-objective-by-id" + gi="exclude-objective"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -540,11 +540,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="related-controls" + gi="related-controls"> related-controls @@ -581,7 +581,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -638,7 +638,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -679,7 +679,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -695,7 +695,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -704,7 +704,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -741,7 +741,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -780,7 +780,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -795,11 +795,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="assessment-assets" + gi="assessment-assets"> assessment-assets @@ -820,7 +820,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -881,7 +881,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -944,7 +944,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -982,7 +982,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1005,7 +1005,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1028,7 +1028,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1036,7 +1036,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1073,7 +1073,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1134,7 +1134,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1157,7 +1157,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1180,7 +1180,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1249,7 +1249,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1277,7 +1277,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1324,7 +1324,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1354,11 +1354,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="implementation-status" + gi="implementation-status"> implementation-status @@ -1367,7 +1367,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1383,87 +1383,87 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="remarks" + key="remarks" + gi="remarks" + in-json="SCALAR"> remarks + group-by="true()"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="location-uuid" + gi="location-uuid" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="party-uuid" + gi="party-uuid" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + gi="role-id" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="function-performed" + gi="function-performed" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="risk-status" + key="status" + gi="status" + in-json="SCALAR"> status @@ -1473,7 +1473,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1484,14 +1484,14 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="risk-status" + key="status-change" + gi="status-change" + in-json="SCALAR"> status-change @@ -1501,7 +1501,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1511,1153 +1511,1153 @@ + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="value" + key="value" + gi="value"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="group" + key="group" + gi="group"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="rel" + key="rel" + gi="rel"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="resource-fragment" + key="resource-fragment" + gi="resource-fragment"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="location-type" + key="type" + gi="type"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="type" + key="type" + gi="type"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="type" + key="type" + gi="type"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="system" + key="system" + gi="system"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="objective-id" + key="objective-id" + gi="objective-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="system-component-type" + key="type" + gi="type"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="state" + key="state" + gi="state"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="nonNegativeInteger" + name="start" + key="start" + gi="start"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="nonNegativeInteger" + name="end" + key="end" + gi="end"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="transport" + key="transport" + gi="transport"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="positiveInteger" + name="period" + key="period" + gi="period"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="unit" + key="unit" + gi="unit"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="task-uuid" + key="task-uuid" + gi="task-uuid"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="activity-uuid" + key="activity-uuid" + gi="activity-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="subject-uuid" + key="subject-uuid" + gi="subject-uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="subject-type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="party-uuid" + key="party-uuid" + gi="party-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="task-uuid" + key="task-uuid" + gi="task-uuid"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="subject-placeholder-uuid" + key="subject-placeholder-uuid" + gi="subject-placeholder-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="actor-uuid" + key="actor-uuid" + gi="actor-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="subject-uuid" + key="subject-uuid" + gi="subject-uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="subject-type" + key="type" + gi="type"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="system" + key="system" + gi="system"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="name" + key="name" + gi="name"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="system" + key="system" + gi="system"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="value" + key="value" + gi="value"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="implementation-uuid" + key="implementation-uuid" + gi="implementation-uuid"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="lifecycle" + key="lifecycle" + gi="lifecycle"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="response-uuid" + key="response-uuid" + gi="response-uuid"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="observation-uuid" + key="observation-uuid" + gi="observation-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="target-id" + key="target-id" + gi="target-id"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="state" + key="state" + gi="state"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="reason" + key="reason" + gi="reason"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="state" + key="state" + gi="state"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="observation-uuid" + key="observation-uuid" + gi="observation-uuid"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="risk-uuid" + key="risk-uuid" + gi="risk-uuid"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="algorithm" + key="algorithm" + gi="algorithm"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="filename" + key="filename" + gi="filename"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2667,15 +2667,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -2685,15 +2685,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -2703,15 +2703,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -2721,15 +2721,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -2739,8 +2739,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2766,14 +2766,14 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -2781,15 +2781,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2799,15 +2799,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -2817,15 +2817,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -2835,15 +2835,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -2853,15 +2853,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -2871,15 +2871,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2889,13 +2889,13 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -2903,15 +2903,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2921,8 +2921,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2947,15 +2947,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2965,15 +2965,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -2983,37 +2983,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3023,8 +3023,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3069,15 +3069,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3087,8 +3087,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3109,29 +3109,29 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -3141,15 +3141,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -3159,15 +3159,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -3177,15 +3177,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -3195,27 +3195,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -3223,30 +3223,30 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3256,8 +3256,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3324,15 +3324,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -3342,15 +3342,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -3360,13 +3360,13 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="external-id" + gi="external-id"> @@ -3374,15 +3374,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3392,27 +3392,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -3420,8 +3420,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3439,29 +3439,29 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -3471,15 +3471,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -3489,15 +3489,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -3507,15 +3507,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -3525,29 +3525,29 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3557,15 +3557,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3575,15 +3575,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3593,12 +3593,12 @@ + priority="3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="local-definitions" + gi="local-definitions"> local-definitions @@ -3620,37 +3620,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3660,15 +3660,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3678,15 +3678,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3696,15 +3696,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3714,37 +3714,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3754,8 +3754,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3787,15 +3787,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3805,37 +3805,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3845,37 +3845,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3885,8 +3885,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3923,37 +3923,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3963,8 +3963,8 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3978,22 +3978,22 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4007,22 +4007,22 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4059,37 +4059,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4099,15 +4099,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4117,37 +4117,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4157,8 +4157,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4195,37 +4195,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4235,8 +4235,8 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4250,22 +4250,22 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4279,22 +4279,22 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4331,37 +4331,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4371,15 +4371,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4389,15 +4389,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4407,37 +4407,37 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start" + in-json="SCALAR"> start @@ -4447,15 +4447,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end" + in-json="SCALAR"> end @@ -4465,15 +4465,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4483,12 +4483,12 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="local-definitions" + gi="local-definitions"> local-definitions @@ -4524,15 +4524,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4542,37 +4542,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -4582,15 +4582,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4600,8 +4600,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4612,15 +4612,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4630,15 +4630,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4648,37 +4648,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4688,15 +4688,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4706,8 +4706,8 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4736,15 +4736,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4754,15 +4754,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4772,15 +4772,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4790,15 +4790,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -4808,37 +4808,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4848,15 +4848,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4866,37 +4866,37 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4906,37 +4906,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -4946,15 +4946,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4964,8 +4964,8 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4976,15 +4976,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4994,15 +4994,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5012,8 +5012,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5043,15 +5043,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5061,15 +5061,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5079,8 +5079,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5109,15 +5109,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5127,15 +5127,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5145,15 +5145,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5163,37 +5163,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5203,8 +5203,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5216,8 +5216,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5227,13 +5227,13 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="within-date-range" + key="within-date-range" + gi="within-date-range"> within-date-range @@ -5242,13 +5242,13 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="at-frequency" + key="at-frequency" + gi="at-frequency"> at-frequency @@ -5257,8 +5257,8 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5266,8 +5266,8 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5303,15 +5303,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5321,15 +5321,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5339,37 +5339,37 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5379,15 +5379,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5397,15 +5397,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5415,37 +5415,37 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5455,15 +5455,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5473,15 +5473,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5491,15 +5491,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5509,37 +5509,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5549,8 +5549,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5587,37 +5587,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5627,8 +5627,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5642,22 +5642,22 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5671,22 +5671,22 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5723,37 +5723,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5763,8 +5763,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5784,15 +5784,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5802,15 +5802,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5820,15 +5820,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5838,8 +5838,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5855,8 +5855,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5896,15 +5896,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5914,37 +5914,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start" + in-json="SCALAR"> start @@ -5954,15 +5954,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end" + in-json="SCALAR"> end @@ -5972,15 +5972,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5990,15 +5990,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6008,15 +6008,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6026,37 +6026,37 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6066,15 +6066,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6084,15 +6084,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6102,12 +6102,12 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -6122,37 +6122,37 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6162,15 +6162,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6180,15 +6180,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6198,15 +6198,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6216,37 +6216,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6256,43 +6256,43 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="method" + gi="method" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + gi="type" + in-json="SCALAR"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6302,15 +6302,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6320,15 +6320,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6338,37 +6338,37 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6378,15 +6378,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6396,15 +6396,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6414,12 +6414,12 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -6434,37 +6434,37 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6474,15 +6474,15 @@ + priority="19" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6492,15 +6492,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6510,8 +6510,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -6535,15 +6535,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6553,15 +6553,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6571,8 +6571,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -6595,37 +6595,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6635,15 +6635,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="collected" + key="collected" + gi="collected" + in-json="SCALAR"> collected @@ -6653,15 +6653,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="expires" + key="expires" + gi="expires" + in-json="SCALAR"> expires @@ -6671,15 +6671,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6689,59 +6689,59 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="statement" + key="statement" + gi="statement" + in-json="SCALAR"> statement + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6751,15 +6751,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6769,15 +6769,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6787,15 +6787,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6805,37 +6805,37 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6845,15 +6845,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6863,15 +6863,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6881,12 +6881,12 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -6901,37 +6901,37 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6941,15 +6941,15 @@ + priority="19" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6959,15 +6959,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6977,15 +6977,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6995,15 +6995,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7013,15 +7013,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7031,15 +7031,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7049,37 +7049,37 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7089,15 +7089,15 @@ + priority="19" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7107,15 +7107,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7125,12 +7125,12 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -7145,37 +7145,37 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7185,15 +7185,15 @@ + priority="20" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7203,15 +7203,15 @@ + priority="19" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7221,8 +7221,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -7246,15 +7246,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7264,8 +7264,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -7295,37 +7295,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7335,8 +7335,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -7360,15 +7360,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -7378,15 +7378,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7396,15 +7396,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="deadline" + key="deadline" + gi="deadline" + in-json="SCALAR"> deadline @@ -7414,8 +7414,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -7461,15 +7461,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -7479,37 +7479,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7519,15 +7519,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7537,15 +7537,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7555,15 +7555,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7573,37 +7573,37 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7613,15 +7613,15 @@ + priority="20" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7631,15 +7631,15 @@ + priority="19" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7649,12 +7649,12 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -7669,37 +7669,37 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7709,15 +7709,15 @@ + priority="21" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7727,15 +7727,15 @@ + priority="20" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7745,8 +7745,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -7777,8 +7777,8 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -7802,15 +7802,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -7820,15 +7820,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7838,15 +7838,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -7856,37 +7856,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7896,15 +7896,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -7914,37 +7914,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7954,8 +7954,8 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -7967,8 +7967,8 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -7978,13 +7978,13 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="within-date-range" + key="within-date-range" + gi="within-date-range"> within-date-range @@ -7993,13 +7993,13 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="at-frequency" + key="at-frequency" + gi="at-frequency"> at-frequency @@ -8008,8 +8008,8 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -8017,8 +8017,8 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -8054,15 +8054,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8072,15 +8072,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8090,37 +8090,37 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8130,15 +8130,15 @@ + priority="20" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8148,15 +8148,15 @@ + priority="19" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8166,37 +8166,37 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8206,15 +8206,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8224,15 +8224,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8242,15 +8242,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8260,8 +8260,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -8277,8 +8277,8 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -8319,15 +8319,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -8337,37 +8337,37 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start" + in-json="SCALAR"> start @@ -8377,15 +8377,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end" + in-json="SCALAR"> end @@ -8395,15 +8395,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8413,8 +8413,8 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -8443,15 +8443,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8461,15 +8461,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8479,15 +8479,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8497,37 +8497,37 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8537,15 +8537,15 @@ + priority="21" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8555,15 +8555,15 @@ + priority="20" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8573,12 +8573,12 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -8593,37 +8593,37 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="19" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8633,15 +8633,15 @@ + priority="22" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8651,15 +8651,15 @@ + priority="21" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8669,23 +8669,23 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -8695,37 +8695,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8735,15 +8735,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8753,15 +8753,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8771,15 +8771,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8789,37 +8789,37 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8829,15 +8829,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8847,15 +8847,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8865,12 +8865,12 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -8885,37 +8885,37 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8925,15 +8925,15 @@ + priority="19" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8943,15 +8943,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8961,15 +8961,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -8979,37 +8979,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -9019,8 +9019,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -9032,15 +9032,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="implementation-statement-uuid" + key="implementation-statement-uuid" + gi="implementation-statement-uuid" + in-json="SCALAR"> implementation-statement-uuid @@ -9050,24 +9050,24 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -9100,15 +9100,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -9118,35 +9118,35 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -9154,8 +9154,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -9179,15 +9179,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -9197,15 +9197,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -9215,8 +9215,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -9231,14 +9231,14 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -9250,10 +9250,10 @@ + mode="cast-prose" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -9261,43 +9261,43 @@ + name="ns" + select="/*/@namespace"/> + match="group" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="group[@in-json='BY_KEY']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="flag[@key=../@json-key-flag]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"/> + match="group[@in-json='SINGLETON_OR_ARRAY'][count(*)=1]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + priority="2" + match="group/assembly | group/field" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -9315,10 +9315,10 @@ + priority="3" + match="group/field[@in-json='SCALAR']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -9327,33 +9327,33 @@ + match="/assembly" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="assembly" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="field" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="field[@in-json='SCALAR']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="flag[@key=../value/@key-flag]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"/> + match="flag" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + namespace="http://www.w3.org/2005/xpath-functions"> + priority="2" + match="field[exists(@json-key-flag)]/value" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -9388,12 +9388,12 @@ + match="value" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + namespace="http://www.w3.org/2005/xpath-functions"> @@ -9408,46 +9408,46 @@ + match="*" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="value[@as-type='markup-line']" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="value[@as-type='markup-multiline']" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + name="conditional-lf" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="text()[empty(ancestor::pre)]" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="text()" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -9456,18 +9456,18 @@ + mode="md" + match="p" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="h1 | h2 | h3 | h4 | h5 | h6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -9475,40 +9475,40 @@ # + mode="mark" + match="h1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"># ## + mode="mark" + match="h2" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">## ### + mode="mark" + match="h3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">### #### + mode="mark" + match="h4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">#### ##### + mode="mark" + match="h5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">##### ###### + mode="mark" + match="h6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">###### + mode="md" + match="table" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="tr" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -9522,19 +9522,19 @@ + mode="md" + match="th | td" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> | | + mode="md" + priority="1" + match="pre" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ``` @@ -9543,24 +9543,24 @@ ``` + mode="md" + priority="1" + match="ul | ol" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="ul//ul | ol//ol | ol//ul | ul//ol" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="li" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -9570,9 +9570,9 @@ + mode="md" + match="ol/li" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -9582,49 +9582,49 @@ + mode="md" + match="code | span[contains(@class, 'code')]" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ` ` + mode="md" + match="em | i" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> * * + mode="md" + match="strong | b" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ** ** + mode="md" + match="q" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> " " + mode="md" + match="insert" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> {{ insert: }} + mode="md" + match="a" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> [ ] @@ -9633,9 +9633,9 @@ ) + mode="md" + match="img" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ![ ] diff --git a/json/convert/oscal_catalog_xml-to-json-converter.xsl b/json/convert/oscal_catalog_xml-to-json-converter.xsl index ae5a55e6aa..d97f6df8eb 100644 --- a/json/convert/oscal_catalog_xml-to-json-converter.xsl +++ b/json/convert/oscal_catalog_xml-to-json-converter.xsl @@ -1,11 +1,11 @@ + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsl="http://www.w3.org/1999/XSL/Transform" + version="3.0" + exclude-result-prefixes="#all" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + select="$file ! document(.,$source-xml)"> { $err:description } @@ -60,7 +60,7 @@ + select="xml-to-json($new-json-xml, $write-options)"> { $err:description } @@ -81,7 +81,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -117,7 +117,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -189,7 +189,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -202,7 +202,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -213,7 +213,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -242,7 +242,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -274,7 +274,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -322,7 +322,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -336,21 +336,21 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + group-by="true()"> + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose"> + as-type="markup-multiline" + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE"> @@ -358,7 +358,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -375,7 +375,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -420,7 +420,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -436,17 +436,17 @@ + group-by="true()"> + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose"> + as-type="markup-multiline" + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE"> @@ -468,11 +468,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="target-resource" + gi="target-resource"> target-resource @@ -532,7 +532,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -555,7 +555,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -578,7 +578,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -629,7 +629,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -645,67 +645,67 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="remarks" + key="remarks" + gi="remarks" + in-json="SCALAR"> remarks + group-by="true()"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="location-uuid" + gi="location-uuid" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="party-uuid" + gi="party-uuid" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -715,534 +715,534 @@ + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="value" + key="value" + gi="value"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="group" + key="group" + gi="group"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="rel" + key="rel" + gi="rel"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="resource-fragment" + key="resource-fragment" + gi="resource-fragment"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="location-type" + key="type" + gi="type"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="type" + key="type" + gi="type"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="type" + key="type" + gi="type"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="system" + key="system" + gi="system"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="depends-on" + key="depends-on" + deprecated="1.0.1" + gi="depends-on"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="how-many" + key="how-many" + gi="how-many"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="id-ref" + key="id-ref" + gi="id-ref"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="algorithm" + key="algorithm" + gi="algorithm"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="filename" + key="filename" + gi="filename"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1252,15 +1252,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -1270,15 +1270,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -1288,15 +1288,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -1306,15 +1306,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -1324,8 +1324,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1351,14 +1351,14 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -1366,15 +1366,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1384,15 +1384,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -1402,15 +1402,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -1420,15 +1420,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -1438,15 +1438,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -1456,15 +1456,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1474,13 +1474,13 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -1488,15 +1488,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1506,8 +1506,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1532,15 +1532,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1550,15 +1550,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -1568,37 +1568,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1608,8 +1608,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1654,15 +1654,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1672,8 +1672,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1694,29 +1694,29 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -1726,15 +1726,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -1744,15 +1744,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -1762,15 +1762,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -1780,27 +1780,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -1808,30 +1808,30 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1841,8 +1841,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1909,15 +1909,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -1927,15 +1927,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -1945,13 +1945,13 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="external-id" + gi="external-id"> @@ -1959,15 +1959,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1977,27 +1977,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -2005,8 +2005,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2024,29 +2024,29 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -2056,15 +2056,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -2074,15 +2074,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -2092,15 +2092,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -2110,29 +2110,29 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2142,15 +2142,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2160,15 +2160,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2178,15 +2178,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2196,15 +2196,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -2214,52 +2214,52 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2267,15 +2267,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -2285,29 +2285,29 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2317,15 +2317,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2335,15 +2335,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -2353,52 +2353,52 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2406,15 +2406,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -2424,29 +2424,29 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2456,15 +2456,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2474,15 +2474,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2492,8 +2492,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2511,15 +2511,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2529,15 +2529,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2547,14 +2547,14 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="relationship" + key="relationship" + gi="relationship"> relationship @@ -2565,15 +2565,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2583,15 +2583,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2601,15 +2601,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2619,15 +2619,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2637,15 +2637,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -2655,52 +2655,52 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2708,15 +2708,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -2726,29 +2726,29 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2758,15 +2758,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2776,15 +2776,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2794,15 +2794,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2812,15 +2812,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2830,15 +2830,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -2848,52 +2848,52 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage + group-by="true()"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2901,15 +2901,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -2919,29 +2919,29 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2951,15 +2951,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2969,15 +2969,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2987,8 +2987,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3006,15 +3006,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3024,15 +3024,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3042,14 +3042,14 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="relationship" + key="relationship" + gi="relationship"> relationship @@ -3060,15 +3060,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3078,15 +3078,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3096,8 +3096,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3130,15 +3130,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3148,35 +3148,35 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -3184,8 +3184,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3209,15 +3209,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3227,15 +3227,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3245,8 +3245,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3261,14 +3261,14 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -3280,10 +3280,10 @@ + mode="cast-prose" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3291,43 +3291,43 @@ + name="ns" + select="/*/@namespace"/> + match="group" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="group[@in-json='BY_KEY']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="flag[@key=../@json-key-flag]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"/> + match="group[@in-json='SINGLETON_OR_ARRAY'][count(*)=1]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + priority="2" + match="group/assembly | group/field" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3345,10 +3345,10 @@ + priority="3" + match="group/field[@in-json='SCALAR']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3357,33 +3357,33 @@ + match="/assembly" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="assembly" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="field" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="field[@in-json='SCALAR']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="flag[@key=../value/@key-flag]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"/> + match="flag" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + namespace="http://www.w3.org/2005/xpath-functions"> + priority="2" + match="field[exists(@json-key-flag)]/value" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3418,12 +3418,12 @@ + match="value" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + namespace="http://www.w3.org/2005/xpath-functions"> @@ -3438,46 +3438,46 @@ + match="*" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="value[@as-type='markup-line']" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="value[@as-type='markup-multiline']" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + name="conditional-lf" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="text()[empty(ancestor::pre)]" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="text()" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3486,18 +3486,18 @@ + mode="md" + match="p" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="h1 | h2 | h3 | h4 | h5 | h6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3505,40 +3505,40 @@ # + mode="mark" + match="h1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"># ## + mode="mark" + match="h2" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">## ### + mode="mark" + match="h3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">### #### + mode="mark" + match="h4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">#### ##### + mode="mark" + match="h5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">##### ###### + mode="mark" + match="h6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">###### + mode="md" + match="table" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="tr" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3552,19 +3552,19 @@ + mode="md" + match="th | td" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> | | + mode="md" + priority="1" + match="pre" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ``` @@ -3573,24 +3573,24 @@ ``` + mode="md" + priority="1" + match="ul | ol" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="ul//ul | ol//ol | ol//ul | ul//ol" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="li" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3600,9 +3600,9 @@ + mode="md" + match="ol/li" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3612,49 +3612,49 @@ + mode="md" + match="code | span[contains(@class, 'code')]" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ` ` + mode="md" + match="em | i" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> * * + mode="md" + match="strong | b" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ** ** + mode="md" + match="q" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> " " + mode="md" + match="insert" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> {{ insert: }} + mode="md" + match="a" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> [ ] @@ -3663,9 +3663,9 @@ ) + mode="md" + match="img" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ![ ] diff --git a/json/convert/oscal_complete_xml-to-json-converter.xsl b/json/convert/oscal_complete_xml-to-json-converter.xsl index d346032432..ccc9d4773f 100644 --- a/json/convert/oscal_complete_xml-to-json-converter.xsl +++ b/json/convert/oscal_complete_xml-to-json-converter.xsl @@ -1,11 +1,11 @@ + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsl="http://www.w3.org/1999/XSL/Transform" + version="3.0" + exclude-result-prefixes="#all" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + select="$file ! document(.,$source-xml)"> { $err:description } @@ -60,7 +60,7 @@ + select="xml-to-json($new-json-xml, $write-options)"> { $err:description } @@ -81,7 +81,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -117,7 +117,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -189,7 +189,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -202,7 +202,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -213,7 +213,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -242,7 +242,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -274,7 +274,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -322,7 +322,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -336,21 +336,21 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + group-by="true()"> + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose"> + as-type="markup-multiline" + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE"> @@ -358,7 +358,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -375,7 +375,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -420,7 +420,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -436,17 +436,17 @@ + group-by="true()"> + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose"> + as-type="markup-multiline" + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE"> @@ -468,7 +468,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -484,17 +484,17 @@ + group-by="true()"> + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose"> + as-type="markup-multiline" + _metaschema-xml-id="/assembly/oscal-assessment-common/assessment-part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-assessment-common/assessment-part/prose/PROSE"> @@ -516,11 +516,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="target-resource" + gi="target-resource"> target-resource @@ -580,7 +580,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -603,7 +603,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -626,7 +626,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -656,7 +656,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -707,7 +707,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -758,7 +758,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -774,11 +774,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="mapping-collection" + gi="mapping-collection"> mapping-collection @@ -798,7 +798,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -817,11 +817,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="source-resource" + gi="source-resource"> source-resource @@ -845,7 +845,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -869,7 +869,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -891,19 +891,19 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="include-all" + key="include-all" + gi="include-all"> include-all + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -916,7 +916,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -938,7 +938,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -961,11 +961,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="component-definition" + gi="component-definition"> component-definition @@ -999,16 +999,16 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="import-component-definition" + gi="import-component-definition"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1055,7 +1055,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1096,7 +1096,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1125,7 +1125,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1141,7 +1141,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1150,7 +1150,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1165,7 +1165,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1203,7 +1203,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1211,11 +1211,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="system-security-plan" + gi="system-security-plan"> system-security-plan @@ -1232,7 +1232,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1243,11 +1243,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="system-characteristics" + gi="system-characteristics"> system-characteristics @@ -1294,11 +1294,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="system-information" + gi="system-information"> system-information @@ -1326,11 +1326,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="confidentiality-impact" + gi="confidentiality-impact"> confidentiality-impact @@ -1354,7 +1354,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1380,7 +1380,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1406,11 +1406,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="security-impact-level" + gi="security-impact-level"> security-impact-level @@ -1420,11 +1420,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="authorization-boundary" + gi="authorization-boundary"> authorization-boundary @@ -1454,7 +1454,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1478,11 +1478,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="network-architecture" + gi="network-architecture"> network-architecture @@ -1512,7 +1512,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1544,11 +1544,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="system-implementation" + gi="system-implementation"> system-implementation @@ -1598,7 +1598,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1637,7 +1637,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1652,7 +1652,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1689,7 +1689,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1743,11 +1743,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="implementation-status" + gi="implementation-status"> implementation-status @@ -1756,7 +1756,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1790,7 +1790,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1801,7 +1801,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1831,7 +1831,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1870,11 +1870,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="reviewed-controls" + gi="reviewed-controls"> reviewed-controls @@ -1911,29 +1911,29 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="select-objective-by-id" + gi="include-objective"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="select-objective-by-id" + gi="exclude-objective"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="related-controls" + gi="related-controls"> related-controls @@ -1970,7 +1970,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2008,7 +2008,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2031,7 +2031,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2054,11 +2054,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="assessment-assets" + gi="assessment-assets"> assessment-assets @@ -2079,7 +2079,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2140,7 +2140,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2178,11 +2178,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="assessment-results" + gi="assessment-results"> assessment-results @@ -2204,7 +2204,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2215,7 +2215,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2272,7 +2272,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2333,7 +2333,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2341,7 +2341,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2378,7 +2378,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2439,7 +2439,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2462,7 +2462,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2485,7 +2485,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2554,7 +2554,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2582,7 +2582,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2629,11 +2629,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="plan-of-action-and-milestones" + gi="plan-of-action-and-milestones"> plan-of-action-and-milestones @@ -2677,11 +2677,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="local-definitions" + gi="local-definitions"> local-definitions @@ -2704,7 +2704,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2756,67 +2756,67 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="remarks" + key="remarks" + gi="remarks" + in-json="SCALAR"> remarks + group-by="true()"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="location-uuid" + gi="location-uuid" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="party-uuid" + gi="party-uuid" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2826,12 +2826,12 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="system-id" + gi="system-id"> system-id @@ -2842,40 +2842,40 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + gi="role-id" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="function-performed" + gi="function-performed" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="risk-status" + key="status" + gi="status" + in-json="SCALAR"> status @@ -2885,7 +2885,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2896,14 +2896,14 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="risk-status" + key="status-change" + gi="status-change" + in-json="SCALAR"> status-change @@ -2913,1998 +2913,1998 @@ + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="value" + key="value" + gi="value"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="group" + key="group" + gi="group"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="rel" + key="rel" + gi="rel"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="resource-fragment" + key="resource-fragment" + gi="resource-fragment"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="location-type" + key="type" + gi="type"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="type" + key="type" + gi="type"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="type" + key="type" + gi="type"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="system" + key="system" + gi="system"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="depends-on" + key="depends-on" + deprecated="1.0.1" + gi="depends-on"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="how-many" + key="how-many" + gi="how-many"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="id-ref" + key="id-ref" + gi="id-ref"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="algorithm" + key="algorithm" + gi="algorithm"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="filename" + key="filename" + gi="filename"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="with-child-controls" + key="with-child-controls" + gi="with-child-controls"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="pattern" + key="pattern" + gi="pattern"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="method" + key="method" + gi="method"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="order" + key="order" + gi="order"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="param-id" + key="param-id" + gi="param-id"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="depends-on" + key="depends-on" + deprecated="1.0.1" + gi="depends-on"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="by-name" + key="by-name" + gi="by-name"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="by-class" + key="by-class" + gi="by-class"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="by-id" + key="by-id" + gi="by-id"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="by-item-name" + key="by-item-name" + gi="by-item-name"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="by-ns" + key="by-ns" + gi="by-ns"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="position" + key="position" + default="ending" + gi="position"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="by-id" + key="by-id" + gi="by-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="defined-component-type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="nonNegativeInteger" + name="start" + key="start" + gi="start"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="nonNegativeInteger" + name="end" + key="end" + gi="end"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="transport" + key="transport" + gi="transport"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="source" + key="source" + gi="source"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="param-id" + key="param-id" + gi="param-id"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + key="statement-id" + gi="statement-id"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="identifier-type" + key="identifier-type" + gi="identifier-type"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="system" + key="system" + gi="system"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="system-component-type" + key="type" + gi="type"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="state" + key="state" + gi="state"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + key="statement-id" + gi="statement-id"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="state" + key="state" + gi="state"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="provided-uuid" + key="provided-uuid" + gi="provided-uuid"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="provided-uuid" + key="provided-uuid" + gi="provided-uuid"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="responsibility-uuid" + key="responsibility-uuid" + gi="responsibility-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="objective-id" + key="objective-id" + gi="objective-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="subject-uuid" + key="subject-uuid" + gi="subject-uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="subject-type" + key="type" + gi="type"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="positiveInteger" + name="period" + key="period" + gi="period"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="unit" + key="unit" + gi="unit"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="task-uuid" + key="task-uuid" + gi="task-uuid"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="activity-uuid" + key="activity-uuid" + gi="activity-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="party-uuid" + key="party-uuid" + gi="party-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="task-uuid" + key="task-uuid" + gi="task-uuid"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="subject-placeholder-uuid" + key="subject-placeholder-uuid" + gi="subject-placeholder-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="actor-uuid" + key="actor-uuid" + gi="actor-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="subject-uuid" + key="subject-uuid" + gi="subject-uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="subject-type" + key="type" + gi="type"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="system" + key="system" + gi="system"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="name" + key="name" + gi="name"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="system" + key="system" + gi="system"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="value" + key="value" + gi="value"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="implementation-uuid" + key="implementation-uuid" + gi="implementation-uuid"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="lifecycle" + key="lifecycle" + gi="lifecycle"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="response-uuid" + key="response-uuid" + gi="response-uuid"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="observation-uuid" + key="observation-uuid" + gi="observation-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="target-id" + key="target-id" + gi="target-id"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="state" + key="state" + gi="state"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="reason" + key="reason" + gi="reason"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="observation-uuid" + key="observation-uuid" + gi="observation-uuid"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="risk-uuid" + key="risk-uuid" + gi="risk-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="finding-uuid" + key="finding-uuid" + gi="finding-uuid"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="observation-uuid" + key="observation-uuid" + gi="observation-uuid"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="risk-uuid" + key="risk-uuid" + gi="risk-uuid"> + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4914,15 +4914,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -4932,15 +4932,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -4950,15 +4950,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -4968,15 +4968,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -4986,8 +4986,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5013,14 +5013,14 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -5028,15 +5028,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5046,15 +5046,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -5064,15 +5064,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -5082,15 +5082,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -5100,15 +5100,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -5118,15 +5118,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5136,13 +5136,13 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -5150,15 +5150,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5168,8 +5168,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5194,15 +5194,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5212,15 +5212,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -5230,37 +5230,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5270,8 +5270,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5316,15 +5316,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5334,8 +5334,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5356,29 +5356,29 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -5388,15 +5388,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -5406,15 +5406,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -5424,15 +5424,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -5442,27 +5442,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -5470,30 +5470,30 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5503,8 +5503,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5571,15 +5571,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -5589,15 +5589,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -5607,13 +5607,13 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="external-id" + gi="external-id"> @@ -5621,15 +5621,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5639,27 +5639,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -5667,8 +5667,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5686,29 +5686,29 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -5718,15 +5718,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -5736,15 +5736,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -5754,15 +5754,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -5772,29 +5772,29 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5804,15 +5804,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5822,15 +5822,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5840,15 +5840,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5858,15 +5858,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -5876,52 +5876,52 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5929,15 +5929,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -5947,29 +5947,29 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5979,15 +5979,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5997,15 +5997,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -6015,52 +6015,52 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -6068,15 +6068,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -6086,29 +6086,29 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6118,15 +6118,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6136,15 +6136,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6154,8 +6154,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -6173,15 +6173,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6191,15 +6191,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6209,14 +6209,14 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="relationship" + key="relationship" + gi="relationship"> relationship @@ -6227,15 +6227,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6245,15 +6245,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6263,15 +6263,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6281,15 +6281,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6299,15 +6299,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -6317,52 +6317,52 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -6370,15 +6370,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -6388,29 +6388,29 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6420,15 +6420,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6438,15 +6438,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6456,15 +6456,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6474,15 +6474,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6492,15 +6492,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -6510,52 +6510,52 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage + group-by="true()"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -6563,15 +6563,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -6581,29 +6581,29 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6613,15 +6613,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6631,15 +6631,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6649,8 +6649,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -6668,15 +6668,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6686,15 +6686,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6704,14 +6704,14 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="relationship" + key="relationship" + gi="relationship"> relationship @@ -6722,15 +6722,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6740,15 +6740,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6758,8 +6758,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -6792,15 +6792,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6810,35 +6810,35 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -6846,8 +6846,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -6871,15 +6871,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6889,15 +6889,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6907,8 +6907,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -6923,14 +6923,14 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -6942,15 +6942,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6960,15 +6960,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -6978,15 +6978,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -6996,15 +6996,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -7014,15 +7014,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -7032,8 +7032,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -7059,14 +7059,14 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -7074,15 +7074,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -7092,15 +7092,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -7110,15 +7110,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -7128,15 +7128,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -7146,15 +7146,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -7164,15 +7164,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7182,13 +7182,13 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -7196,15 +7196,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7214,8 +7214,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -7240,15 +7240,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -7258,15 +7258,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -7276,37 +7276,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7316,8 +7316,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -7362,15 +7362,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -7380,8 +7380,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -7402,29 +7402,29 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -7434,15 +7434,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -7452,15 +7452,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -7470,15 +7470,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -7488,27 +7488,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -7516,30 +7516,30 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7549,8 +7549,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -7617,15 +7617,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -7635,15 +7635,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -7653,13 +7653,13 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="external-id" + gi="external-id"> @@ -7667,15 +7667,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7685,27 +7685,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -7713,8 +7713,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -7732,29 +7732,29 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -7764,15 +7764,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -7782,15 +7782,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -7800,15 +7800,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -7818,29 +7818,29 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7850,15 +7850,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7868,15 +7868,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7886,15 +7886,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7904,15 +7904,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7922,15 +7922,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7940,14 +7940,14 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="relationship" + key="relationship" + gi="relationship"> relationship @@ -7958,15 +7958,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7976,15 +7976,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7994,8 +7994,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -8028,15 +8028,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -8046,35 +8046,35 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -8082,8 +8082,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -8107,15 +8107,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8125,15 +8125,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8143,8 +8143,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -8159,14 +8159,14 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -8178,15 +8178,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -8196,15 +8196,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -8214,15 +8214,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -8232,15 +8232,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -8250,15 +8250,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -8268,8 +8268,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -8295,14 +8295,14 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -8310,15 +8310,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -8328,15 +8328,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -8346,15 +8346,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -8364,15 +8364,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -8382,15 +8382,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -8400,15 +8400,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8418,13 +8418,13 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -8432,15 +8432,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8450,8 +8450,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -8476,15 +8476,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -8494,15 +8494,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -8512,37 +8512,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8552,8 +8552,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -8598,15 +8598,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -8616,8 +8616,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -8638,29 +8638,29 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -8670,15 +8670,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -8688,15 +8688,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -8706,15 +8706,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -8724,27 +8724,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -8752,30 +8752,30 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8785,8 +8785,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -8853,15 +8853,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -8871,15 +8871,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -8889,13 +8889,13 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="external-id" + gi="external-id"> @@ -8903,15 +8903,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8921,27 +8921,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -8949,8 +8949,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -8968,29 +8968,29 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -9000,15 +9000,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -9018,15 +9018,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -9036,15 +9036,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -9054,29 +9054,29 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -9086,15 +9086,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -9104,15 +9104,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -9122,8 +9122,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -9144,30 +9144,30 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -9188,30 +9188,30 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -9221,8 +9221,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -9231,15 +9231,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="boolean" + name="as-is" + key="as-is" + gi="as-is" + in-json="SCALAR"> as-is @@ -9249,8 +9249,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -9273,15 +9273,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -9291,15 +9291,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -9309,15 +9309,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -9327,52 +9327,52 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage + group-by="true()"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -9380,15 +9380,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -9398,29 +9398,29 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -9430,15 +9430,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -9448,15 +9448,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -9466,8 +9466,8 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -9488,30 +9488,30 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -9532,30 +9532,30 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -9576,30 +9576,30 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -9620,30 +9620,30 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -9690,15 +9690,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -9708,15 +9708,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -9726,52 +9726,52 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -9779,15 +9779,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -9797,22 +9797,22 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -9833,8 +9833,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -9845,8 +9845,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -9883,15 +9883,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -9901,15 +9901,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -9919,15 +9919,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -9937,52 +9937,52 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage + group-by="true()"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -9990,15 +9990,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -10008,29 +10008,29 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -10040,15 +10040,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -10058,15 +10058,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -10076,8 +10076,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -10110,15 +10110,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -10128,35 +10128,35 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -10164,8 +10164,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -10189,15 +10189,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -10207,15 +10207,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -10225,8 +10225,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -10241,14 +10241,14 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -10260,15 +10260,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -10278,15 +10278,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -10296,15 +10296,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -10314,15 +10314,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -10332,15 +10332,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -10350,8 +10350,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -10377,14 +10377,14 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -10392,15 +10392,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -10410,15 +10410,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -10428,15 +10428,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -10446,15 +10446,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -10464,15 +10464,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -10482,15 +10482,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -10500,13 +10500,13 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -10514,15 +10514,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -10532,8 +10532,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -10558,15 +10558,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -10576,15 +10576,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -10594,37 +10594,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -10634,8 +10634,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -10680,15 +10680,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -10698,8 +10698,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -10720,29 +10720,29 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -10752,15 +10752,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -10770,15 +10770,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -10788,15 +10788,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -10806,27 +10806,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -10834,30 +10834,30 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -10867,8 +10867,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -10935,15 +10935,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -10953,15 +10953,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -10971,13 +10971,13 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="external-id" + gi="external-id"> @@ -10985,15 +10985,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11003,27 +11003,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -11031,8 +11031,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -11050,29 +11050,29 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -11082,15 +11082,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -11100,15 +11100,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -11118,15 +11118,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -11136,29 +11136,29 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11168,15 +11168,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11186,15 +11186,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11204,15 +11204,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -11222,37 +11222,37 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -11262,15 +11262,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11280,15 +11280,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11298,15 +11298,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -11316,8 +11316,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -11354,37 +11354,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11394,22 +11394,22 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -11454,37 +11454,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11494,29 +11494,29 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11526,8 +11526,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -11558,37 +11558,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11598,15 +11598,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11616,37 +11616,37 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11656,30 +11656,30 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -11716,37 +11716,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11756,22 +11756,22 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -11816,37 +11816,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11856,29 +11856,29 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11888,8 +11888,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -11920,37 +11920,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11960,15 +11960,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11978,8 +11978,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -12012,15 +12012,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -12030,35 +12030,35 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -12066,8 +12066,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -12091,15 +12091,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -12109,15 +12109,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -12127,8 +12127,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -12143,14 +12143,14 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -12162,15 +12162,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -12180,15 +12180,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -12198,15 +12198,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -12216,15 +12216,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -12234,15 +12234,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -12252,8 +12252,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -12279,14 +12279,14 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -12294,15 +12294,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -12312,15 +12312,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -12330,15 +12330,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -12348,15 +12348,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -12366,15 +12366,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -12384,15 +12384,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -12402,13 +12402,13 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -12416,15 +12416,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -12434,8 +12434,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -12460,15 +12460,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -12478,15 +12478,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -12496,37 +12496,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -12536,8 +12536,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -12582,15 +12582,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -12600,8 +12600,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -12622,29 +12622,29 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -12654,15 +12654,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -12672,15 +12672,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -12690,15 +12690,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -12708,27 +12708,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -12736,30 +12736,30 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -12769,8 +12769,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -12837,15 +12837,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -12855,15 +12855,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -12873,13 +12873,13 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="external-id" + gi="external-id"> @@ -12887,15 +12887,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -12905,27 +12905,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -12933,8 +12933,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -12952,29 +12952,29 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -12984,15 +12984,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -13002,15 +13002,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -13020,15 +13020,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -13038,29 +13038,29 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13070,15 +13070,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13088,15 +13088,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13106,15 +13106,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="system-name" + key="system-name" + gi="system-name" + in-json="SCALAR"> system-name @@ -13124,15 +13124,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="system-name-short" + key="system-name-short" + gi="system-name-short" + in-json="SCALAR"> system-name-short @@ -13142,37 +13142,37 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13182,15 +13182,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="date" + name="date-authorized" + key="date-authorized" + gi="date-authorized" + in-json="SCALAR"> date-authorized @@ -13200,15 +13200,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="security-sensitivity-level" + key="security-sensitivity-level" + gi="security-sensitivity-level" + in-json="SCALAR"> security-sensitivity-level @@ -13218,15 +13218,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13236,8 +13236,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -13270,15 +13270,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -13288,30 +13288,30 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -13325,29 +13325,29 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="information-type-id" + gi="information-type-id" + in-json="SCALAR"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13357,15 +13357,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13375,15 +13375,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="base" + key="base" + gi="base" + in-json="SCALAR"> base @@ -13393,15 +13393,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="selected" + key="selected" + gi="selected" + in-json="SCALAR"> selected @@ -13411,37 +13411,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="adjustment-justification" + key="adjustment-justification" + gi="adjustment-justification" + in-json="SCALAR"> adjustment-justification + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13451,15 +13451,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="base" + key="base" + gi="base" + in-json="SCALAR"> base @@ -13469,15 +13469,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="selected" + key="selected" + gi="selected" + in-json="SCALAR"> selected @@ -13487,37 +13487,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="adjustment-justification" + key="adjustment-justification" + gi="adjustment-justification" + in-json="SCALAR"> adjustment-justification + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13527,15 +13527,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="base" + key="base" + gi="base" + in-json="SCALAR"> base @@ -13545,15 +13545,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="selected" + key="selected" + gi="selected" + in-json="SCALAR"> selected @@ -13563,37 +13563,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="adjustment-justification" + key="adjustment-justification" + gi="adjustment-justification" + in-json="SCALAR"> adjustment-justification + group-by="true()"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="security-objective-confidentiality" + key="security-objective-confidentiality" + gi="security-objective-confidentiality" + in-json="SCALAR"> security-objective-confidentiality @@ -13603,15 +13603,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="security-objective-integrity" + key="security-objective-integrity" + gi="security-objective-integrity" + in-json="SCALAR"> security-objective-integrity @@ -13621,15 +13621,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="security-objective-availability" + key="security-objective-availability" + gi="security-objective-availability" + in-json="SCALAR"> security-objective-availability @@ -13639,8 +13639,8 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -13651,37 +13651,37 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13691,37 +13691,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13731,15 +13731,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="caption" + key="caption" + gi="caption" + in-json="SCALAR"> caption @@ -13749,37 +13749,37 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13789,37 +13789,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13829,15 +13829,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="caption" + key="caption" + gi="caption" + in-json="SCALAR"> caption @@ -13847,37 +13847,37 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13887,37 +13887,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13927,15 +13927,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="caption" + key="caption" + gi="caption" + in-json="SCALAR"> caption @@ -13945,15 +13945,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13963,15 +13963,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13981,8 +13981,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -14007,15 +14007,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -14025,15 +14025,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14043,15 +14043,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="party-uuid" + key="party-uuid" + gi="party-uuid" + in-json="SCALAR"> party-uuid @@ -14061,15 +14061,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="date" + name="date-authorized" + key="date-authorized" + gi="date-authorized" + in-json="SCALAR"> date-authorized @@ -14079,15 +14079,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -14097,15 +14097,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -14115,37 +14115,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14155,15 +14155,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -14173,37 +14173,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -14213,37 +14213,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -14253,15 +14253,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14271,8 +14271,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -14283,15 +14283,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14301,15 +14301,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -14319,37 +14319,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14359,15 +14359,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14377,8 +14377,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -14407,15 +14407,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14425,15 +14425,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14443,12 +14443,12 @@ + priority="3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="control-implementation" + gi="control-implementation"> control-implementation @@ -14470,44 +14470,44 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -14558,15 +14558,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14576,29 +14576,29 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14608,8 +14608,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -14646,15 +14646,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14664,15 +14664,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14682,37 +14682,37 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14722,22 +14722,22 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -14776,37 +14776,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14816,8 +14816,8 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -14847,37 +14847,37 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14887,15 +14887,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14905,8 +14905,8 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -14937,37 +14937,37 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14977,15 +14977,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14995,8 +14995,8 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -15026,37 +15026,37 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15066,15 +15066,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15084,8 +15084,8 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -15116,37 +15116,37 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15156,15 +15156,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15174,15 +15174,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15192,37 +15192,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15232,22 +15232,22 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -15286,37 +15286,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15326,8 +15326,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -15357,37 +15357,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15397,15 +15397,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15415,8 +15415,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -15447,37 +15447,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15487,15 +15487,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15505,8 +15505,8 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -15536,37 +15536,37 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15576,15 +15576,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15594,8 +15594,8 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -15626,37 +15626,37 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15666,15 +15666,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15684,15 +15684,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15702,8 +15702,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -15736,15 +15736,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -15754,35 +15754,35 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -15790,8 +15790,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -15815,15 +15815,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15833,15 +15833,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15851,8 +15851,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -15867,14 +15867,14 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -15886,15 +15886,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -15904,15 +15904,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -15922,15 +15922,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -15940,15 +15940,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -15958,15 +15958,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -15976,8 +15976,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -16003,14 +16003,14 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -16018,15 +16018,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -16036,15 +16036,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -16054,15 +16054,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -16072,15 +16072,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -16090,15 +16090,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -16108,15 +16108,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -16126,13 +16126,13 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -16140,15 +16140,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -16158,8 +16158,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -16184,15 +16184,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -16202,15 +16202,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -16220,37 +16220,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -16260,8 +16260,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -16306,15 +16306,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -16324,8 +16324,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -16346,29 +16346,29 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -16378,15 +16378,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -16396,15 +16396,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -16414,15 +16414,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -16432,27 +16432,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -16460,30 +16460,30 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -16493,8 +16493,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -16561,15 +16561,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -16579,15 +16579,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -16597,13 +16597,13 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="external-id" + gi="external-id"> @@ -16611,15 +16611,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -16629,27 +16629,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -16657,8 +16657,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -16676,29 +16676,29 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -16708,15 +16708,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -16726,15 +16726,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -16744,15 +16744,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -16762,29 +16762,29 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -16794,15 +16794,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -16812,15 +16812,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -16830,12 +16830,12 @@ + priority="3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="local-definitions" + gi="local-definitions"> local-definitions @@ -16878,15 +16878,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -16896,37 +16896,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -16936,15 +16936,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -16954,8 +16954,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -16966,15 +16966,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -16984,15 +16984,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -17002,37 +17002,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17042,15 +17042,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17060,8 +17060,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -17090,15 +17090,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17108,15 +17108,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17126,15 +17126,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -17144,15 +17144,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -17162,37 +17162,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17202,15 +17202,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -17220,59 +17220,59 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17282,15 +17282,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -17300,15 +17300,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17318,15 +17318,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -17336,37 +17336,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17376,8 +17376,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -17409,15 +17409,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -17427,37 +17427,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17467,37 +17467,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17507,8 +17507,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -17545,37 +17545,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17585,8 +17585,8 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -17600,22 +17600,22 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -17629,22 +17629,22 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -17681,37 +17681,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17721,15 +17721,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17739,37 +17739,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17779,8 +17779,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -17817,37 +17817,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17857,8 +17857,8 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -17872,22 +17872,22 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -17901,22 +17901,22 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -17953,37 +17953,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17993,15 +17993,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18011,12 +18011,12 @@ + priority="3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="terms-and-conditions" + gi="terms-and-conditions"> terms-and-conditions @@ -18030,15 +18030,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -18048,15 +18048,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18066,37 +18066,37 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18106,8 +18106,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -18144,37 +18144,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18184,8 +18184,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -18199,22 +18199,22 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -18228,22 +18228,22 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -18280,37 +18280,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18320,37 +18320,37 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18360,15 +18360,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18378,15 +18378,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18396,15 +18396,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -18414,37 +18414,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -18454,15 +18454,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18472,8 +18472,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -18484,15 +18484,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18502,15 +18502,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -18520,8 +18520,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -18551,15 +18551,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -18569,15 +18569,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18587,8 +18587,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -18617,15 +18617,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18635,15 +18635,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18653,15 +18653,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -18671,37 +18671,37 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18711,8 +18711,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -18724,8 +18724,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -18735,13 +18735,13 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="within-date-range" + key="within-date-range" + gi="within-date-range"> within-date-range @@ -18750,13 +18750,13 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="at-frequency" + key="at-frequency" + gi="at-frequency"> at-frequency @@ -18765,8 +18765,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -18774,8 +18774,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -18811,15 +18811,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18829,15 +18829,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18847,37 +18847,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18887,15 +18887,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18905,15 +18905,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18923,37 +18923,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18963,15 +18963,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18981,15 +18981,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18999,15 +18999,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -19017,8 +19017,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -19051,15 +19051,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -19069,35 +19069,35 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -19105,8 +19105,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -19130,15 +19130,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -19148,15 +19148,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -19166,8 +19166,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -19182,14 +19182,14 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -19201,15 +19201,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -19219,15 +19219,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -19237,15 +19237,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -19255,15 +19255,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -19273,15 +19273,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -19291,8 +19291,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -19318,14 +19318,14 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -19333,15 +19333,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -19351,15 +19351,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -19369,15 +19369,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -19387,15 +19387,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -19405,15 +19405,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -19423,15 +19423,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -19441,13 +19441,13 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -19455,15 +19455,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -19473,8 +19473,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -19499,15 +19499,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -19517,15 +19517,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -19535,37 +19535,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -19575,8 +19575,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -19621,15 +19621,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -19639,8 +19639,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -19661,29 +19661,29 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -19693,15 +19693,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -19711,15 +19711,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -19729,15 +19729,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -19747,27 +19747,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -19775,30 +19775,30 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -19808,8 +19808,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -19876,15 +19876,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -19894,15 +19894,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -19912,13 +19912,13 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="external-id" + gi="external-id"> @@ -19926,15 +19926,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -19944,27 +19944,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -19972,8 +19972,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -19991,29 +19991,29 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -20023,15 +20023,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -20041,15 +20041,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -20059,15 +20059,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -20077,29 +20077,29 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20109,15 +20109,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20127,15 +20127,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20145,12 +20145,12 @@ + priority="3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="local-definitions" + gi="local-definitions"> local-definitions @@ -20172,37 +20172,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20212,15 +20212,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -20230,15 +20230,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20248,15 +20248,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -20266,37 +20266,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20306,8 +20306,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -20339,15 +20339,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -20357,37 +20357,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20397,37 +20397,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20437,8 +20437,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -20475,37 +20475,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20515,8 +20515,8 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -20530,22 +20530,22 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -20559,22 +20559,22 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -20611,37 +20611,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20651,15 +20651,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20669,37 +20669,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20709,8 +20709,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -20747,37 +20747,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20787,8 +20787,8 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -20802,22 +20802,22 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -20831,22 +20831,22 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -20883,37 +20883,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20923,15 +20923,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20941,15 +20941,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -20959,37 +20959,37 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start" + in-json="SCALAR"> start @@ -20999,15 +20999,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end" + in-json="SCALAR"> end @@ -21017,15 +21017,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21035,12 +21035,12 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="local-definitions" + gi="local-definitions"> local-definitions @@ -21076,15 +21076,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -21094,37 +21094,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -21134,15 +21134,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21152,8 +21152,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -21164,15 +21164,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21182,15 +21182,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -21200,37 +21200,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21240,15 +21240,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21258,8 +21258,8 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -21288,15 +21288,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21306,15 +21306,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21324,15 +21324,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -21342,15 +21342,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -21360,37 +21360,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21400,15 +21400,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -21418,37 +21418,37 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -21458,37 +21458,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -21498,15 +21498,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21516,8 +21516,8 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -21528,15 +21528,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21546,15 +21546,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -21564,8 +21564,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -21595,15 +21595,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -21613,15 +21613,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21631,8 +21631,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -21661,15 +21661,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21679,15 +21679,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21697,15 +21697,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -21715,37 +21715,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21755,8 +21755,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -21768,8 +21768,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -21779,13 +21779,13 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="within-date-range" + key="within-date-range" + gi="within-date-range"> within-date-range @@ -21794,13 +21794,13 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="at-frequency" + key="at-frequency" + gi="at-frequency"> at-frequency @@ -21809,8 +21809,8 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -21818,8 +21818,8 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -21855,15 +21855,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21873,15 +21873,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21891,37 +21891,37 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21931,15 +21931,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21949,15 +21949,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21967,37 +21967,37 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22007,15 +22007,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22025,15 +22025,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22043,15 +22043,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22061,37 +22061,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22101,8 +22101,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -22139,37 +22139,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22179,8 +22179,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -22194,22 +22194,22 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -22223,22 +22223,22 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -22275,37 +22275,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22315,8 +22315,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -22336,15 +22336,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22354,15 +22354,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -22372,15 +22372,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22390,8 +22390,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -22407,8 +22407,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -22448,15 +22448,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -22466,37 +22466,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start" + in-json="SCALAR"> start @@ -22506,15 +22506,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end" + in-json="SCALAR"> end @@ -22524,15 +22524,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22542,15 +22542,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22560,15 +22560,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22578,37 +22578,37 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22618,15 +22618,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22636,15 +22636,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22654,12 +22654,12 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -22674,37 +22674,37 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22714,15 +22714,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22732,15 +22732,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22750,15 +22750,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -22768,37 +22768,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22808,43 +22808,43 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="method" + gi="method" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + gi="type" + in-json="SCALAR"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22854,15 +22854,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22872,15 +22872,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22890,37 +22890,37 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22930,15 +22930,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22948,15 +22948,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22966,12 +22966,12 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -22986,37 +22986,37 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23026,15 +23026,15 @@ + priority="19" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23044,15 +23044,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23062,8 +23062,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -23087,15 +23087,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -23105,15 +23105,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23123,8 +23123,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -23147,37 +23147,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23187,15 +23187,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="collected" + key="collected" + gi="collected" + in-json="SCALAR"> collected @@ -23205,15 +23205,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="expires" + key="expires" + gi="expires" + in-json="SCALAR"> expires @@ -23223,15 +23223,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -23241,59 +23241,59 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="statement" + key="statement" + gi="statement" + in-json="SCALAR"> statement + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23303,15 +23303,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23321,15 +23321,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23339,15 +23339,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23357,37 +23357,37 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23397,15 +23397,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23415,15 +23415,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23433,12 +23433,12 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -23453,37 +23453,37 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23493,15 +23493,15 @@ + priority="19" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23511,15 +23511,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23529,15 +23529,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23547,15 +23547,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23565,15 +23565,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23583,15 +23583,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23601,37 +23601,37 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23641,15 +23641,15 @@ + priority="19" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23659,15 +23659,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23677,12 +23677,12 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -23697,37 +23697,37 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23737,15 +23737,15 @@ + priority="20" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23755,15 +23755,15 @@ + priority="19" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23773,8 +23773,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -23798,15 +23798,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23816,8 +23816,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -23847,37 +23847,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23887,8 +23887,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -23912,15 +23912,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -23930,15 +23930,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23948,15 +23948,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="deadline" + key="deadline" + gi="deadline" + in-json="SCALAR"> deadline @@ -23966,8 +23966,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -24013,15 +24013,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -24031,37 +24031,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24071,15 +24071,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24089,15 +24089,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24107,15 +24107,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24125,37 +24125,37 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24165,15 +24165,15 @@ + priority="20" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24183,15 +24183,15 @@ + priority="19" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24201,12 +24201,12 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -24221,37 +24221,37 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24261,15 +24261,15 @@ + priority="21" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24279,15 +24279,15 @@ + priority="20" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24297,8 +24297,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -24329,8 +24329,8 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -24354,15 +24354,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -24372,15 +24372,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24390,15 +24390,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -24408,37 +24408,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24448,15 +24448,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -24466,37 +24466,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24506,8 +24506,8 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -24519,8 +24519,8 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -24530,13 +24530,13 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="within-date-range" + key="within-date-range" + gi="within-date-range"> within-date-range @@ -24545,13 +24545,13 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="at-frequency" + key="at-frequency" + gi="at-frequency"> at-frequency @@ -24560,8 +24560,8 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -24569,8 +24569,8 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -24606,15 +24606,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24624,15 +24624,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24642,37 +24642,37 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24682,15 +24682,15 @@ + priority="20" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24700,15 +24700,15 @@ + priority="19" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24718,37 +24718,37 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24758,15 +24758,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24776,15 +24776,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24794,15 +24794,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24812,8 +24812,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -24829,8 +24829,8 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -24871,15 +24871,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -24889,37 +24889,37 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start" + in-json="SCALAR"> start @@ -24929,15 +24929,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end" + in-json="SCALAR"> end @@ -24947,15 +24947,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24965,8 +24965,8 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -24995,15 +24995,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25013,15 +25013,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25031,15 +25031,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25049,37 +25049,37 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25089,15 +25089,15 @@ + priority="21" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25107,15 +25107,15 @@ + priority="20" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25125,12 +25125,12 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -25145,37 +25145,37 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="19" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25185,15 +25185,15 @@ + priority="22" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25203,15 +25203,15 @@ + priority="21" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25221,23 +25221,23 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -25247,37 +25247,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25287,15 +25287,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25305,15 +25305,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25323,15 +25323,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25341,37 +25341,37 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25381,15 +25381,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25399,15 +25399,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25417,12 +25417,12 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -25437,37 +25437,37 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25477,15 +25477,15 @@ + priority="19" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25495,15 +25495,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25513,15 +25513,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -25531,37 +25531,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25571,8 +25571,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -25584,15 +25584,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="implementation-statement-uuid" + key="implementation-statement-uuid" + gi="implementation-statement-uuid" + in-json="SCALAR"> implementation-statement-uuid @@ -25602,24 +25602,24 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -25652,15 +25652,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -25670,35 +25670,35 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -25706,8 +25706,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -25731,15 +25731,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25749,15 +25749,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25767,8 +25767,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -25783,14 +25783,14 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -25802,15 +25802,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -25820,15 +25820,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -25838,15 +25838,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -25856,15 +25856,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -25874,15 +25874,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -25892,8 +25892,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -25919,14 +25919,14 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -25934,15 +25934,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -25952,15 +25952,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -25970,15 +25970,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -25988,15 +25988,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -26006,15 +26006,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -26024,15 +26024,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26042,13 +26042,13 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -26056,15 +26056,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26074,8 +26074,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -26100,15 +26100,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -26118,15 +26118,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -26136,37 +26136,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26176,8 +26176,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -26222,15 +26222,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -26240,8 +26240,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -26262,29 +26262,29 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -26294,15 +26294,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -26312,15 +26312,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -26330,15 +26330,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -26348,27 +26348,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -26376,30 +26376,30 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26409,8 +26409,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -26477,15 +26477,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -26495,15 +26495,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -26513,13 +26513,13 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="external-id" + gi="external-id"> @@ -26527,15 +26527,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26545,27 +26545,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -26573,8 +26573,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -26592,29 +26592,29 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -26624,15 +26624,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -26642,15 +26642,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -26660,15 +26660,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -26678,29 +26678,29 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26710,15 +26710,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26728,15 +26728,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26746,15 +26746,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -26764,37 +26764,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -26804,15 +26804,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26822,8 +26822,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -26834,15 +26834,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26852,15 +26852,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -26870,37 +26870,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26910,15 +26910,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26928,8 +26928,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -26958,15 +26958,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26976,15 +26976,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26994,15 +26994,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -27012,37 +27012,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -27052,15 +27052,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27070,8 +27070,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -27082,15 +27082,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27100,15 +27100,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -27118,8 +27118,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -27149,15 +27149,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -27167,15 +27167,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27185,8 +27185,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -27215,15 +27215,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27233,15 +27233,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27251,15 +27251,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -27269,37 +27269,37 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27309,43 +27309,43 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="method" + gi="method" + in-json="SCALAR"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + gi="type" + in-json="SCALAR"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27355,15 +27355,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27373,15 +27373,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27391,37 +27391,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27431,15 +27431,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27449,15 +27449,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27467,12 +27467,12 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -27487,37 +27487,37 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27527,15 +27527,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27545,15 +27545,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27563,8 +27563,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -27588,15 +27588,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -27606,15 +27606,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27624,8 +27624,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -27648,37 +27648,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27688,15 +27688,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="collected" + key="collected" + gi="collected" + in-json="SCALAR"> collected @@ -27706,15 +27706,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="expires" + key="expires" + gi="expires" + in-json="SCALAR"> expires @@ -27724,15 +27724,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -27742,59 +27742,59 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="statement" + key="statement" + gi="statement" + in-json="SCALAR"> statement + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27804,15 +27804,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27822,15 +27822,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27840,15 +27840,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27858,37 +27858,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27898,15 +27898,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27916,15 +27916,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27934,12 +27934,12 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -27954,37 +27954,37 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27994,15 +27994,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28012,15 +28012,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28030,15 +28030,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28048,15 +28048,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28066,15 +28066,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28084,15 +28084,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28102,37 +28102,37 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28142,15 +28142,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28160,15 +28160,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28178,12 +28178,12 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -28198,37 +28198,37 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28238,15 +28238,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28256,15 +28256,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28274,8 +28274,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -28299,15 +28299,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28317,8 +28317,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -28348,37 +28348,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28388,8 +28388,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -28413,15 +28413,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -28431,15 +28431,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28449,15 +28449,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="deadline" + key="deadline" + gi="deadline" + in-json="SCALAR"> deadline @@ -28467,8 +28467,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -28514,15 +28514,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -28532,37 +28532,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28572,15 +28572,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28590,15 +28590,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28608,15 +28608,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28626,37 +28626,37 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28666,15 +28666,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28684,15 +28684,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28702,12 +28702,12 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -28722,37 +28722,37 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28762,15 +28762,15 @@ + priority="19" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28780,15 +28780,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28798,8 +28798,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -28830,8 +28830,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -28855,15 +28855,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -28873,15 +28873,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28891,15 +28891,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -28909,37 +28909,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28949,15 +28949,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -28967,37 +28967,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29007,8 +29007,8 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -29020,8 +29020,8 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -29031,13 +29031,13 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="within-date-range" + key="within-date-range" + gi="within-date-range"> within-date-range @@ -29046,13 +29046,13 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="at-frequency" + key="at-frequency" + gi="at-frequency"> at-frequency @@ -29061,8 +29061,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -29070,8 +29070,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -29107,15 +29107,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29125,15 +29125,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29143,37 +29143,37 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29183,15 +29183,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29201,15 +29201,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29219,37 +29219,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29259,15 +29259,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29277,15 +29277,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29295,15 +29295,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29313,8 +29313,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -29330,8 +29330,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -29372,15 +29372,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -29390,37 +29390,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start" + in-json="SCALAR"> start @@ -29430,15 +29430,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end" + in-json="SCALAR"> end @@ -29448,15 +29448,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29466,8 +29466,8 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -29496,15 +29496,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29514,15 +29514,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29532,15 +29532,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29550,37 +29550,37 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29590,15 +29590,15 @@ + priority="19" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29608,15 +29608,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29626,12 +29626,12 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -29646,37 +29646,37 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29686,15 +29686,15 @@ + priority="20" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29704,15 +29704,15 @@ + priority="19" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29722,23 +29722,23 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -29748,37 +29748,37 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29788,15 +29788,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29806,15 +29806,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29824,15 +29824,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29842,37 +29842,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29882,15 +29882,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29900,15 +29900,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29918,12 +29918,12 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -29938,37 +29938,37 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29978,15 +29978,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29996,15 +29996,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30014,15 +30014,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -30032,37 +30032,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30072,8 +30072,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -30085,15 +30085,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="implementation-statement-uuid" + key="implementation-statement-uuid" + gi="implementation-statement-uuid" + in-json="SCALAR"> implementation-statement-uuid @@ -30103,31 +30103,31 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -30137,37 +30137,37 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30177,8 +30177,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -30191,15 +30191,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30209,32 +30209,32 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -30267,15 +30267,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -30285,35 +30285,35 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -30321,8 +30321,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -30346,15 +30346,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30364,15 +30364,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30382,8 +30382,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -30398,14 +30398,14 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -30417,10 +30417,10 @@ + mode="cast-prose" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -30428,43 +30428,43 @@ + name="ns" + select="/*/@namespace"/> + match="group" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="group[@in-json='BY_KEY']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="flag[@key=../@json-key-flag]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"/> + match="group[@in-json='SINGLETON_OR_ARRAY'][count(*)=1]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + priority="2" + match="group/assembly | group/field" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -30482,10 +30482,10 @@ + priority="3" + match="group/field[@in-json='SCALAR']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -30494,33 +30494,33 @@ + match="/assembly" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="assembly" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="field" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="field[@in-json='SCALAR']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="flag[@key=../value/@key-flag]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"/> + match="flag" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + namespace="http://www.w3.org/2005/xpath-functions"> + priority="2" + match="field[exists(@json-key-flag)]/value" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -30555,12 +30555,12 @@ + match="value" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + namespace="http://www.w3.org/2005/xpath-functions"> @@ -30575,46 +30575,46 @@ + match="*" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="value[@as-type='markup-line']" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="value[@as-type='markup-multiline']" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + name="conditional-lf" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="text()[empty(ancestor::pre)]" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="text()" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -30623,18 +30623,18 @@ + mode="md" + match="p" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="h1 | h2 | h3 | h4 | h5 | h6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -30642,40 +30642,40 @@ # + mode="mark" + match="h1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"># ## + mode="mark" + match="h2" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">## ### + mode="mark" + match="h3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">### #### + mode="mark" + match="h4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">#### ##### + mode="mark" + match="h5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">##### ###### + mode="mark" + match="h6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">###### + mode="md" + match="table" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="tr" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -30689,19 +30689,19 @@ + mode="md" + match="th | td" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> | | + mode="md" + priority="1" + match="pre" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ``` @@ -30710,24 +30710,24 @@ ``` + mode="md" + priority="1" + match="ul | ol" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="ul//ul | ol//ol | ol//ul | ul//ol" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="li" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -30737,9 +30737,9 @@ + mode="md" + match="ol/li" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -30749,49 +30749,49 @@ + mode="md" + match="code | span[contains(@class, 'code')]" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ` ` + mode="md" + match="em | i" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> * * + mode="md" + match="strong | b" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ** ** + mode="md" + match="q" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> " " + mode="md" + match="insert" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> {{ insert: }} + mode="md" + match="a" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> [ ] @@ -30800,9 +30800,9 @@ ) + mode="md" + match="img" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ![ ] diff --git a/json/convert/oscal_component_xml-to-json-converter.xsl b/json/convert/oscal_component_xml-to-json-converter.xsl index d3d5d4c994..5d083aceb1 100644 --- a/json/convert/oscal_component_xml-to-json-converter.xsl +++ b/json/convert/oscal_component_xml-to-json-converter.xsl @@ -1,11 +1,11 @@ + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsl="http://www.w3.org/1999/XSL/Transform" + version="3.0" + exclude-result-prefixes="#all" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + select="$file ! document(.,$source-xml)"> { $err:description } @@ -60,7 +60,7 @@ + select="xml-to-json($new-json-xml, $write-options)"> { $err:description } @@ -81,11 +81,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="component-definition" + gi="component-definition"> component-definition @@ -119,7 +119,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -191,7 +191,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -204,7 +204,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -215,7 +215,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -244,7 +244,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -276,16 +276,16 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="import-component-definition" + gi="import-component-definition"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -332,7 +332,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -361,7 +361,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -377,7 +377,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -386,7 +386,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -401,7 +401,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -439,7 +439,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -447,7 +447,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -463,54 +463,54 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="remarks" + key="remarks" + gi="remarks" + in-json="SCALAR"> remarks + group-by="true()"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="location-uuid" + gi="location-uuid" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="party-uuid" + gi="party-uuid" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -520,543 +520,543 @@ + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="value" + key="value" + gi="value"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="group" + key="group" + gi="group"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="rel" + key="rel" + gi="rel"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="resource-fragment" + key="resource-fragment" + gi="resource-fragment"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="location-type" + key="type" + gi="type"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="type" + key="type" + gi="type"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="type" + key="type" + gi="type"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="system" + key="system" + gi="system"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="defined-component-type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="nonNegativeInteger" + name="start" + key="start" + gi="start"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="nonNegativeInteger" + name="end" + key="end" + gi="end"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="transport" + key="transport" + gi="transport"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="source" + key="source" + gi="source"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="param-id" + key="param-id" + gi="param-id"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + key="statement-id" + gi="statement-id"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="algorithm" + key="algorithm" + gi="algorithm"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="filename" + key="filename" + gi="filename"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1066,15 +1066,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -1084,15 +1084,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -1102,15 +1102,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -1120,15 +1120,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -1138,8 +1138,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1165,14 +1165,14 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -1180,15 +1180,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1198,15 +1198,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -1216,15 +1216,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -1234,15 +1234,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -1252,15 +1252,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -1270,15 +1270,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1288,13 +1288,13 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -1302,15 +1302,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1320,8 +1320,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1346,15 +1346,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1364,15 +1364,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -1382,37 +1382,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1422,8 +1422,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1468,15 +1468,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1486,8 +1486,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1508,29 +1508,29 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -1540,15 +1540,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -1558,15 +1558,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -1576,15 +1576,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -1594,27 +1594,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -1622,30 +1622,30 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1655,8 +1655,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1723,15 +1723,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -1741,15 +1741,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -1759,13 +1759,13 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="external-id" + gi="external-id"> @@ -1773,15 +1773,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1791,27 +1791,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -1819,8 +1819,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1838,29 +1838,29 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -1870,15 +1870,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -1888,15 +1888,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -1906,15 +1906,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -1924,29 +1924,29 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1956,15 +1956,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1974,15 +1974,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1992,15 +1992,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2010,37 +2010,37 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -2050,15 +2050,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2068,15 +2068,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2086,15 +2086,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2104,8 +2104,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2142,37 +2142,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2182,22 +2182,22 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2242,37 +2242,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2282,29 +2282,29 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2314,8 +2314,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2346,37 +2346,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2386,15 +2386,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2404,37 +2404,37 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2444,30 +2444,30 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2504,37 +2504,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2544,22 +2544,22 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2604,37 +2604,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2644,29 +2644,29 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2676,8 +2676,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2708,37 +2708,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2748,15 +2748,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2766,8 +2766,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2800,15 +2800,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2818,35 +2818,35 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -2854,8 +2854,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2879,15 +2879,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2897,15 +2897,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2915,8 +2915,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2931,14 +2931,14 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -2950,10 +2950,10 @@ + mode="cast-prose" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -2961,43 +2961,43 @@ + name="ns" + select="/*/@namespace"/> + match="group" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="group[@in-json='BY_KEY']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="flag[@key=../@json-key-flag]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"/> + match="group[@in-json='SINGLETON_OR_ARRAY'][count(*)=1]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + priority="2" + match="group/assembly | group/field" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3015,10 +3015,10 @@ + priority="3" + match="group/field[@in-json='SCALAR']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3027,33 +3027,33 @@ + match="/assembly" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="assembly" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="field" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="field[@in-json='SCALAR']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="flag[@key=../value/@key-flag]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"/> + match="flag" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + namespace="http://www.w3.org/2005/xpath-functions"> + priority="2" + match="field[exists(@json-key-flag)]/value" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3088,12 +3088,12 @@ + match="value" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + namespace="http://www.w3.org/2005/xpath-functions"> @@ -3108,46 +3108,46 @@ + match="*" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="value[@as-type='markup-line']" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="value[@as-type='markup-multiline']" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + name="conditional-lf" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="text()[empty(ancestor::pre)]" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="text()" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3156,18 +3156,18 @@ + mode="md" + match="p" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="h1 | h2 | h3 | h4 | h5 | h6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3175,40 +3175,40 @@ # + mode="mark" + match="h1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"># ## + mode="mark" + match="h2" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">## ### + mode="mark" + match="h3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">### #### + mode="mark" + match="h4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">#### ##### + mode="mark" + match="h5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">##### ###### + mode="mark" + match="h6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">###### + mode="md" + match="table" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="tr" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3222,19 +3222,19 @@ + mode="md" + match="th | td" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> | | + mode="md" + priority="1" + match="pre" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ``` @@ -3243,24 +3243,24 @@ ``` + mode="md" + priority="1" + match="ul | ol" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="ul//ul | ol//ol | ol//ul | ul//ol" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="li" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3270,9 +3270,9 @@ + mode="md" + match="ol/li" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3282,49 +3282,49 @@ + mode="md" + match="code | span[contains(@class, 'code')]" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ` ` + mode="md" + match="em | i" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> * * + mode="md" + match="strong | b" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ** ** + mode="md" + match="q" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> " " + mode="md" + match="insert" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> {{ insert: }} + mode="md" + match="a" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> [ ] @@ -3333,9 +3333,9 @@ ) + mode="md" + match="img" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ![ ] diff --git a/json/convert/oscal_mapping_xml-to-json-converter.xsl b/json/convert/oscal_mapping_xml-to-json-converter.xsl index c186dc483d..c4984b5c10 100644 --- a/json/convert/oscal_mapping_xml-to-json-converter.xsl +++ b/json/convert/oscal_mapping_xml-to-json-converter.xsl @@ -1,11 +1,11 @@ + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsl="http://www.w3.org/1999/XSL/Transform" + version="3.0" + exclude-result-prefixes="#all" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + select="$file ! document(.,$source-xml)"> { $err:description } @@ -60,7 +60,7 @@ + select="xml-to-json($new-json-xml, $write-options)"> { $err:description } @@ -81,11 +81,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="mapping-collection" + gi="mapping-collection"> mapping-collection @@ -105,7 +105,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -177,7 +177,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -190,7 +190,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -201,7 +201,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -230,7 +230,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -262,7 +262,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -281,11 +281,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="source-resource" + gi="source-resource"> source-resource @@ -309,11 +309,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="target-resource" + gi="target-resource"> target-resource @@ -373,7 +373,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -396,7 +396,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -419,7 +419,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -435,54 +435,54 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="remarks" + key="remarks" + gi="remarks" + in-json="SCALAR"> remarks + group-by="true()"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="location-uuid" + gi="location-uuid" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="party-uuid" + gi="party-uuid" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -492,416 +492,416 @@ + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="value" + key="value" + gi="value"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="group" + key="group" + gi="group"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="rel" + key="rel" + gi="rel"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="resource-fragment" + key="resource-fragment" + gi="resource-fragment"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="location-type" + key="type" + gi="type"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="type" + key="type" + gi="type"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="type" + key="type" + gi="type"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="system" + key="system" + gi="system"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="id-ref" + key="id-ref" + gi="id-ref"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="algorithm" + key="algorithm" + gi="algorithm"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="filename" + key="filename" + gi="filename"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -911,15 +911,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -929,15 +929,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -947,15 +947,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -965,15 +965,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -983,8 +983,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1010,14 +1010,14 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -1025,15 +1025,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1043,15 +1043,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -1061,15 +1061,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -1079,15 +1079,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -1097,15 +1097,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -1115,15 +1115,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1133,13 +1133,13 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -1147,15 +1147,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1165,8 +1165,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1191,15 +1191,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1209,15 +1209,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -1227,37 +1227,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1267,8 +1267,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1313,15 +1313,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1331,8 +1331,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1353,29 +1353,29 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -1385,15 +1385,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -1403,15 +1403,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -1421,15 +1421,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -1439,27 +1439,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -1467,30 +1467,30 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1500,8 +1500,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1568,15 +1568,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -1586,15 +1586,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -1604,13 +1604,13 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="external-id" + gi="external-id"> @@ -1618,15 +1618,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1636,27 +1636,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -1664,8 +1664,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1683,29 +1683,29 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -1715,15 +1715,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -1733,15 +1733,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -1751,15 +1751,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -1769,29 +1769,29 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1801,15 +1801,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1819,15 +1819,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1837,15 +1837,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1855,15 +1855,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1873,15 +1873,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1891,14 +1891,14 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="relationship" + key="relationship" + gi="relationship"> relationship @@ -1909,15 +1909,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1927,15 +1927,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1945,8 +1945,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1979,15 +1979,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1997,35 +1997,35 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -2033,8 +2033,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2058,15 +2058,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2076,15 +2076,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2094,8 +2094,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2110,14 +2110,14 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -2129,10 +2129,10 @@ + mode="cast-prose" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -2140,43 +2140,43 @@ + name="ns" + select="/*/@namespace"/> + match="group" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="group[@in-json='BY_KEY']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="flag[@key=../@json-key-flag]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"/> + match="group[@in-json='SINGLETON_OR_ARRAY'][count(*)=1]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + priority="2" + match="group/assembly | group/field" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -2194,10 +2194,10 @@ + priority="3" + match="group/field[@in-json='SCALAR']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -2206,33 +2206,33 @@ + match="/assembly" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="assembly" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="field" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="field[@in-json='SCALAR']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="flag[@key=../value/@key-flag]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"/> + match="flag" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + namespace="http://www.w3.org/2005/xpath-functions"> + priority="2" + match="field[exists(@json-key-flag)]/value" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -2267,12 +2267,12 @@ + match="value" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + namespace="http://www.w3.org/2005/xpath-functions"> @@ -2287,46 +2287,46 @@ + match="*" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="value[@as-type='markup-line']" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="value[@as-type='markup-multiline']" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + name="conditional-lf" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="text()[empty(ancestor::pre)]" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="text()" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -2335,18 +2335,18 @@ + mode="md" + match="p" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="h1 | h2 | h3 | h4 | h5 | h6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -2354,40 +2354,40 @@ # + mode="mark" + match="h1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"># ## + mode="mark" + match="h2" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">## ### + mode="mark" + match="h3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">### #### + mode="mark" + match="h4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">#### ##### + mode="mark" + match="h5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">##### ###### + mode="mark" + match="h6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">###### + mode="md" + match="table" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="tr" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -2401,19 +2401,19 @@ + mode="md" + match="th | td" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> | | + mode="md" + priority="1" + match="pre" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ``` @@ -2422,24 +2422,24 @@ ``` + mode="md" + priority="1" + match="ul | ol" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="ul//ul | ol//ol | ol//ul | ul//ol" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="li" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -2449,9 +2449,9 @@ + mode="md" + match="ol/li" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -2461,49 +2461,49 @@ + mode="md" + match="code | span[contains(@class, 'code')]" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ` ` + mode="md" + match="em | i" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> * * + mode="md" + match="strong | b" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ** ** + mode="md" + match="q" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> " " + mode="md" + match="insert" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> {{ insert: }} + mode="md" + match="a" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> [ ] @@ -2512,9 +2512,9 @@ ) + mode="md" + match="img" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ![ ] diff --git a/json/convert/oscal_poam_xml-to-json-converter.xsl b/json/convert/oscal_poam_xml-to-json-converter.xsl index 0aaed8f182..a87dfe8521 100644 --- a/json/convert/oscal_poam_xml-to-json-converter.xsl +++ b/json/convert/oscal_poam_xml-to-json-converter.xsl @@ -1,11 +1,11 @@ + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsl="http://www.w3.org/1999/XSL/Transform" + version="3.0" + exclude-result-prefixes="#all" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + select="$file ! document(.,$source-xml)"> { $err:description } @@ -60,7 +60,7 @@ + select="xml-to-json($new-json-xml, $write-options)"> { $err:description } @@ -81,11 +81,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="plan-of-action-and-milestones" + gi="plan-of-action-and-milestones"> plan-of-action-and-milestones @@ -129,7 +129,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -201,7 +201,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -214,7 +214,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -225,7 +225,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -254,7 +254,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -286,7 +286,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -297,11 +297,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="local-definitions" + gi="local-definitions"> local-definitions @@ -324,7 +324,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -365,7 +365,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -394,7 +394,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -410,7 +410,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -419,7 +419,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -456,11 +456,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="assessment-assets" + gi="assessment-assets"> assessment-assets @@ -481,7 +481,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -542,7 +542,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -565,7 +565,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -588,7 +588,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -625,7 +625,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -663,19 +663,19 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="include-all" + key="include-all" + gi="include-all"> include-all + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -698,7 +698,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -721,7 +721,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -790,7 +790,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -818,7 +818,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -879,7 +879,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -887,7 +887,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -934,7 +934,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -964,11 +964,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="implementation-status" + gi="implementation-status"> implementation-status @@ -977,7 +977,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1029,7 +1029,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1045,60 +1045,60 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="remarks" + key="remarks" + gi="remarks" + in-json="SCALAR"> remarks + group-by="true()"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="location-uuid" + gi="location-uuid" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="party-uuid" + gi="party-uuid" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="system-id" + key="system-id" + gi="system-id"> system-id @@ -1109,14 +1109,14 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="risk-status" + key="status" + gi="status" + in-json="SCALAR"> status @@ -1126,7 +1126,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1137,14 +1137,14 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="risk-status" + key="status-change" + gi="status-change" + in-json="SCALAR"> status-change @@ -1154,7 +1154,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1164,1037 +1164,1037 @@ + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="value" + key="value" + gi="value"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="group" + key="group" + gi="group"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="rel" + key="rel" + gi="rel"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="resource-fragment" + key="resource-fragment" + gi="resource-fragment"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="location-type" + key="type" + gi="type"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="type" + key="type" + gi="type"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="type" + key="type" + gi="type"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="system" + key="system" + gi="system"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="identifier-type" + key="identifier-type" + gi="identifier-type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="system-component-type" + key="type" + gi="type"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="state" + key="state" + gi="state"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="nonNegativeInteger" + name="start" + key="start" + gi="start"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="nonNegativeInteger" + name="end" + key="end" + gi="end"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="transport" + key="transport" + gi="transport"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="actor-uuid" + key="actor-uuid" + gi="actor-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="task-uuid" + key="task-uuid" + gi="task-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="subject-uuid" + key="subject-uuid" + gi="subject-uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="subject-type" + key="type" + gi="type"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="subject-placeholder-uuid" + key="subject-placeholder-uuid" + gi="subject-placeholder-uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="subject-uuid" + key="subject-uuid" + gi="subject-uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="subject-type" + key="type" + gi="type"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="system" + key="system" + gi="system"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="name" + key="name" + gi="name"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="system" + key="system" + gi="system"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="value" + key="value" + gi="value"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="implementation-uuid" + key="implementation-uuid" + gi="implementation-uuid"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="lifecycle" + key="lifecycle" + gi="lifecycle"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="positiveInteger" + name="period" + key="period" + gi="period"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="unit" + key="unit" + gi="unit"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="task-uuid" + key="task-uuid" + gi="task-uuid"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="activity-uuid" + key="activity-uuid" + gi="activity-uuid"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="party-uuid" + key="party-uuid" + gi="party-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="response-uuid" + key="response-uuid" + gi="response-uuid"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="observation-uuid" + key="observation-uuid" + gi="observation-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="target-id" + key="target-id" + gi="target-id"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="state" + key="state" + gi="state"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="reason" + key="reason" + gi="reason"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="state" + key="state" + gi="state"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="observation-uuid" + key="observation-uuid" + gi="observation-uuid"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="risk-uuid" + key="risk-uuid" + gi="risk-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="finding-uuid" + key="finding-uuid" + gi="finding-uuid"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="observation-uuid" + key="observation-uuid" + gi="observation-uuid"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="risk-uuid" + key="risk-uuid" + gi="risk-uuid"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="algorithm" + key="algorithm" + gi="algorithm"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="filename" + key="filename" + gi="filename"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2204,15 +2204,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -2222,15 +2222,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -2240,15 +2240,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -2258,15 +2258,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -2276,8 +2276,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2303,14 +2303,14 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -2318,15 +2318,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2336,15 +2336,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -2354,15 +2354,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -2372,15 +2372,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -2390,15 +2390,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -2408,15 +2408,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2426,13 +2426,13 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -2440,15 +2440,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2458,8 +2458,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2484,15 +2484,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2502,15 +2502,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -2520,37 +2520,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2560,8 +2560,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2606,15 +2606,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2624,8 +2624,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2646,29 +2646,29 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -2678,15 +2678,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -2696,15 +2696,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -2714,15 +2714,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -2732,27 +2732,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -2760,30 +2760,30 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2793,8 +2793,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2861,15 +2861,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -2879,15 +2879,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -2897,13 +2897,13 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="external-id" + gi="external-id"> @@ -2911,15 +2911,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2929,27 +2929,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -2957,8 +2957,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2976,29 +2976,29 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -3008,15 +3008,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -3026,15 +3026,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -3044,15 +3044,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -3062,29 +3062,29 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3094,15 +3094,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3112,15 +3112,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3130,15 +3130,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3148,37 +3148,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -3188,15 +3188,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3206,8 +3206,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3218,15 +3218,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3236,15 +3236,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3254,37 +3254,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3294,15 +3294,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3312,8 +3312,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3342,15 +3342,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3360,15 +3360,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3378,15 +3378,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3396,37 +3396,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -3436,15 +3436,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3454,8 +3454,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3466,15 +3466,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3484,15 +3484,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3502,8 +3502,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3533,15 +3533,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3551,15 +3551,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3569,8 +3569,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3599,15 +3599,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3617,15 +3617,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3635,15 +3635,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3653,37 +3653,37 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3693,43 +3693,43 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="method" + gi="method" + in-json="SCALAR"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + gi="type" + in-json="SCALAR"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3739,15 +3739,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3757,15 +3757,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3775,37 +3775,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3815,15 +3815,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3833,15 +3833,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3851,12 +3851,12 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -3871,37 +3871,37 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3911,15 +3911,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3929,15 +3929,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3947,8 +3947,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3972,15 +3972,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3990,15 +3990,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4008,8 +4008,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4032,37 +4032,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4072,15 +4072,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="collected" + key="collected" + gi="collected" + in-json="SCALAR"> collected @@ -4090,15 +4090,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="expires" + key="expires" + gi="expires" + in-json="SCALAR"> expires @@ -4108,15 +4108,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4126,59 +4126,59 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="statement" + key="statement" + gi="statement" + in-json="SCALAR"> statement + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4188,15 +4188,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4206,15 +4206,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4224,15 +4224,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4242,37 +4242,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4282,15 +4282,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4300,15 +4300,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4318,12 +4318,12 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -4338,37 +4338,37 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4378,15 +4378,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4396,15 +4396,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4414,15 +4414,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4432,15 +4432,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4450,15 +4450,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4468,15 +4468,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4486,37 +4486,37 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4526,15 +4526,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4544,15 +4544,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4562,12 +4562,12 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -4582,37 +4582,37 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4622,15 +4622,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4640,15 +4640,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4658,8 +4658,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4683,15 +4683,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4701,8 +4701,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4732,37 +4732,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4772,8 +4772,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4797,15 +4797,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4815,15 +4815,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4833,15 +4833,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="deadline" + key="deadline" + gi="deadline" + in-json="SCALAR"> deadline @@ -4851,8 +4851,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4898,15 +4898,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4916,37 +4916,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4956,15 +4956,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4974,15 +4974,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4992,15 +4992,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5010,37 +5010,37 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5050,15 +5050,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5068,15 +5068,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5086,12 +5086,12 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -5106,37 +5106,37 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5146,15 +5146,15 @@ + priority="19" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5164,15 +5164,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5182,8 +5182,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5214,8 +5214,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5239,15 +5239,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5257,15 +5257,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5275,15 +5275,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5293,37 +5293,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5333,15 +5333,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5351,37 +5351,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5391,8 +5391,8 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5404,8 +5404,8 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5415,13 +5415,13 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="within-date-range" + key="within-date-range" + gi="within-date-range"> within-date-range @@ -5430,13 +5430,13 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="at-frequency" + key="at-frequency" + gi="at-frequency"> at-frequency @@ -5445,8 +5445,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5454,8 +5454,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5491,15 +5491,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5509,15 +5509,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5527,37 +5527,37 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5567,15 +5567,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5585,15 +5585,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5603,37 +5603,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5643,15 +5643,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5661,15 +5661,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5679,15 +5679,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5697,8 +5697,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5714,8 +5714,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5756,15 +5756,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5774,37 +5774,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start" + in-json="SCALAR"> start @@ -5814,15 +5814,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end" + in-json="SCALAR"> end @@ -5832,15 +5832,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5850,8 +5850,8 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5880,15 +5880,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5898,15 +5898,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5916,15 +5916,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5934,37 +5934,37 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5974,15 +5974,15 @@ + priority="19" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5992,15 +5992,15 @@ + priority="18" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6010,12 +6010,12 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -6030,37 +6030,37 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6070,15 +6070,15 @@ + priority="20" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6088,15 +6088,15 @@ + priority="19" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6106,23 +6106,23 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6132,37 +6132,37 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6172,15 +6172,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6190,15 +6190,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6208,15 +6208,15 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6226,37 +6226,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6266,15 +6266,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6284,15 +6284,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6302,12 +6302,12 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -6322,37 +6322,37 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6362,15 +6362,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6380,15 +6380,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6398,15 +6398,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6416,37 +6416,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6456,8 +6456,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -6469,15 +6469,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="implementation-statement-uuid" + key="implementation-statement-uuid" + gi="implementation-statement-uuid" + in-json="SCALAR"> implementation-statement-uuid @@ -6487,31 +6487,31 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6521,37 +6521,37 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6561,8 +6561,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -6575,15 +6575,15 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6593,32 +6593,32 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -6651,15 +6651,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6669,35 +6669,35 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -6705,8 +6705,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -6730,15 +6730,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6748,15 +6748,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6766,8 +6766,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -6782,14 +6782,14 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -6801,10 +6801,10 @@ + mode="cast-prose" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -6812,43 +6812,43 @@ + name="ns" + select="/*/@namespace"/> + match="group" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="group[@in-json='BY_KEY']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="flag[@key=../@json-key-flag]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"/> + match="group[@in-json='SINGLETON_OR_ARRAY'][count(*)=1]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + priority="2" + match="group/assembly | group/field" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -6866,10 +6866,10 @@ + priority="3" + match="group/field[@in-json='SCALAR']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -6878,33 +6878,33 @@ + match="/assembly" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="assembly" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="field" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="field[@in-json='SCALAR']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="flag[@key=../value/@key-flag]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"/> + match="flag" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + namespace="http://www.w3.org/2005/xpath-functions"> + priority="2" + match="field[exists(@json-key-flag)]/value" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -6939,12 +6939,12 @@ + match="value" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + namespace="http://www.w3.org/2005/xpath-functions"> @@ -6959,46 +6959,46 @@ + match="*" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="value[@as-type='markup-line']" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="value[@as-type='markup-multiline']" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + name="conditional-lf" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="text()[empty(ancestor::pre)]" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="text()" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -7007,18 +7007,18 @@ + mode="md" + match="p" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="h1 | h2 | h3 | h4 | h5 | h6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -7026,40 +7026,40 @@ # + mode="mark" + match="h1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"># ## + mode="mark" + match="h2" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">## ### + mode="mark" + match="h3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">### #### + mode="mark" + match="h4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">#### ##### + mode="mark" + match="h5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">##### ###### + mode="mark" + match="h6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">###### + mode="md" + match="table" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="tr" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -7073,19 +7073,19 @@ + mode="md" + match="th | td" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> | | + mode="md" + priority="1" + match="pre" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ``` @@ -7094,24 +7094,24 @@ ``` + mode="md" + priority="1" + match="ul | ol" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="ul//ul | ol//ol | ol//ul | ul//ol" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="li" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -7121,9 +7121,9 @@ + mode="md" + match="ol/li" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -7133,49 +7133,49 @@ + mode="md" + match="code | span[contains(@class, 'code')]" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ` ` + mode="md" + match="em | i" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> * * + mode="md" + match="strong | b" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ** ** + mode="md" + match="q" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> " " + mode="md" + match="insert" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> {{ insert: }} + mode="md" + match="a" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> [ ] @@ -7184,9 +7184,9 @@ ) + mode="md" + match="img" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ![ ] diff --git a/json/convert/oscal_profile_xml-to-json-converter.xsl b/json/convert/oscal_profile_xml-to-json-converter.xsl index a9a575ca34..4e377c5ab0 100644 --- a/json/convert/oscal_profile_xml-to-json-converter.xsl +++ b/json/convert/oscal_profile_xml-to-json-converter.xsl @@ -1,11 +1,11 @@ + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsl="http://www.w3.org/1999/XSL/Transform" + version="3.0" + exclude-result-prefixes="#all" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + select="$file ! document(.,$source-xml)"> { $err:description } @@ -60,7 +60,7 @@ + select="xml-to-json($new-json-xml, $write-options)"> { $err:description } @@ -81,7 +81,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -105,7 +105,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -177,7 +177,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -190,7 +190,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -201,7 +201,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -230,7 +230,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -262,7 +262,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -284,19 +284,19 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + name="include-all" + key="include-all" + gi="include-all"> include-all + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -309,7 +309,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -360,7 +360,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -408,7 +408,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -422,21 +422,21 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + group-by="true()"> + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose"> + as-type="markup-multiline" + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE"> @@ -444,7 +444,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -461,7 +461,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -477,17 +477,17 @@ + group-by="true()"> + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose"> + as-type="markup-multiline" + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE"> @@ -509,7 +509,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -531,7 +531,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -554,7 +554,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -570,67 +570,67 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="remarks" + key="remarks" + gi="remarks" + in-json="SCALAR"> remarks + group-by="true()"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="location-uuid" + gi="location-uuid" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="party-uuid" + gi="party-uuid" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -640,613 +640,613 @@ + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="value" + key="value" + gi="value"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="group" + key="group" + gi="group"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="rel" + key="rel" + gi="rel"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="resource-fragment" + key="resource-fragment" + gi="resource-fragment"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="location-type" + key="type" + gi="type"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="type" + key="type" + gi="type"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="type" + key="type" + gi="type"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="system" + key="system" + gi="system"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="with-child-controls" + key="with-child-controls" + gi="with-child-controls"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="pattern" + key="pattern" + gi="pattern"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="method" + key="method" + gi="method"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="depends-on" + key="depends-on" + deprecated="1.0.1" + gi="depends-on"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="how-many" + key="how-many" + gi="how-many"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="order" + key="order" + gi="order"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="param-id" + key="param-id" + gi="param-id"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="depends-on" + key="depends-on" + deprecated="1.0.1" + gi="depends-on"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="by-name" + key="by-name" + gi="by-name"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="by-class" + key="by-class" + gi="by-class"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="by-id" + key="by-id" + gi="by-id"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="by-item-name" + key="by-item-name" + gi="by-item-name"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="by-ns" + key="by-ns" + gi="by-ns"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="position" + key="position" + default="ending" + gi="position"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="by-id" + key="by-id" + gi="by-id"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="algorithm" + key="algorithm" + gi="algorithm"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="filename" + key="filename" + gi="filename"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1256,15 +1256,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -1274,15 +1274,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -1292,15 +1292,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -1310,15 +1310,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -1328,8 +1328,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1355,14 +1355,14 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -1370,15 +1370,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1388,15 +1388,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -1406,15 +1406,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -1424,15 +1424,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -1442,15 +1442,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -1460,15 +1460,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1478,13 +1478,13 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -1492,15 +1492,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1510,8 +1510,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1536,15 +1536,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1554,15 +1554,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -1572,37 +1572,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1612,8 +1612,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1658,15 +1658,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1676,8 +1676,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1698,29 +1698,29 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -1730,15 +1730,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -1748,15 +1748,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -1766,15 +1766,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -1784,27 +1784,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -1812,30 +1812,30 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1845,8 +1845,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1913,15 +1913,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -1931,15 +1931,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -1949,13 +1949,13 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="external-id" + gi="external-id"> @@ -1963,15 +1963,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1981,27 +1981,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -2009,8 +2009,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2028,29 +2028,29 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -2060,15 +2060,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -2078,15 +2078,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -2096,15 +2096,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -2114,29 +2114,29 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2146,15 +2146,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2164,15 +2164,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2182,8 +2182,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2204,30 +2204,30 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2248,30 +2248,30 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2281,8 +2281,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2291,15 +2291,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="boolean" + name="as-is" + key="as-is" + gi="as-is" + in-json="SCALAR"> as-is @@ -2309,8 +2309,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2333,15 +2333,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2351,15 +2351,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2369,15 +2369,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -2387,52 +2387,52 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage + group-by="true()"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2440,15 +2440,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -2458,29 +2458,29 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2490,15 +2490,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2508,15 +2508,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2526,8 +2526,8 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2548,30 +2548,30 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2592,30 +2592,30 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2636,30 +2636,30 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2680,30 +2680,30 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2750,15 +2750,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2768,15 +2768,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -2786,52 +2786,52 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2839,15 +2839,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -2857,22 +2857,22 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2893,8 +2893,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2905,8 +2905,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2943,15 +2943,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2961,15 +2961,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2979,15 +2979,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -2997,52 +2997,52 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage + group-by="true()"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3050,15 +3050,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -3068,29 +3068,29 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3100,15 +3100,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3118,15 +3118,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3136,8 +3136,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3170,15 +3170,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3188,35 +3188,35 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -3224,8 +3224,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3249,15 +3249,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3267,15 +3267,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3285,8 +3285,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3301,14 +3301,14 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -3320,10 +3320,10 @@ + mode="cast-prose" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3331,43 +3331,43 @@ + name="ns" + select="/*/@namespace"/> + match="group" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="group[@in-json='BY_KEY']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="flag[@key=../@json-key-flag]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"/> + match="group[@in-json='SINGLETON_OR_ARRAY'][count(*)=1]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + priority="2" + match="group/assembly | group/field" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3385,10 +3385,10 @@ + priority="3" + match="group/field[@in-json='SCALAR']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3397,33 +3397,33 @@ + match="/assembly" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="assembly" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="field" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="field[@in-json='SCALAR']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="flag[@key=../value/@key-flag]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"/> + match="flag" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + namespace="http://www.w3.org/2005/xpath-functions"> + priority="2" + match="field[exists(@json-key-flag)]/value" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3458,12 +3458,12 @@ + match="value" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + namespace="http://www.w3.org/2005/xpath-functions"> @@ -3478,46 +3478,46 @@ + match="*" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="value[@as-type='markup-line']" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="value[@as-type='markup-multiline']" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + name="conditional-lf" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="text()[empty(ancestor::pre)]" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="text()" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3526,18 +3526,18 @@ + mode="md" + match="p" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="h1 | h2 | h3 | h4 | h5 | h6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3545,40 +3545,40 @@ # + mode="mark" + match="h1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"># ## + mode="mark" + match="h2" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">## ### + mode="mark" + match="h3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">### #### + mode="mark" + match="h4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">#### ##### + mode="mark" + match="h5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">##### ###### + mode="mark" + match="h6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">###### + mode="md" + match="table" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="tr" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3592,19 +3592,19 @@ + mode="md" + match="th | td" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> | | + mode="md" + priority="1" + match="pre" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ``` @@ -3613,24 +3613,24 @@ ``` + mode="md" + priority="1" + match="ul | ol" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="ul//ul | ol//ol | ol//ul | ul//ol" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="li" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3640,9 +3640,9 @@ + mode="md" + match="ol/li" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3652,49 +3652,49 @@ + mode="md" + match="code | span[contains(@class, 'code')]" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ` ` + mode="md" + match="em | i" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> * * + mode="md" + match="strong | b" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ** ** + mode="md" + match="q" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> " " + mode="md" + match="insert" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> {{ insert: }} + mode="md" + match="a" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> [ ] @@ -3703,9 +3703,9 @@ ) + mode="md" + match="img" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ![ ] diff --git a/json/convert/oscal_ssp_xml-to-json-converter.xsl b/json/convert/oscal_ssp_xml-to-json-converter.xsl index 6a3402a748..10273d9812 100644 --- a/json/convert/oscal_ssp_xml-to-json-converter.xsl +++ b/json/convert/oscal_ssp_xml-to-json-converter.xsl @@ -1,11 +1,11 @@ + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsl="http://www.w3.org/1999/XSL/Transform" + version="3.0" + exclude-result-prefixes="#all" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + select="$file ! document(.,$source-xml)"> { $err:description } @@ -60,7 +60,7 @@ + select="xml-to-json($new-json-xml, $write-options)"> { $err:description } @@ -81,11 +81,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="system-security-plan" + gi="system-security-plan"> system-security-plan @@ -102,7 +102,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -174,7 +174,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -187,7 +187,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -198,7 +198,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -227,7 +227,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -259,7 +259,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -270,11 +270,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="system-characteristics" + gi="system-characteristics"> system-characteristics @@ -321,11 +321,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="system-information" + gi="system-information"> system-information @@ -353,11 +353,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="confidentiality-impact" + gi="confidentiality-impact"> confidentiality-impact @@ -381,7 +381,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -407,7 +407,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -433,11 +433,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="security-impact-level" + gi="security-impact-level"> security-impact-level @@ -447,11 +447,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="authorization-boundary" + gi="authorization-boundary"> authorization-boundary @@ -481,7 +481,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -505,11 +505,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="network-architecture" + gi="network-architecture"> network-architecture @@ -539,7 +539,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -571,11 +571,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="system-implementation" + gi="system-implementation"> system-implementation @@ -625,7 +625,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -664,7 +664,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -679,7 +679,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -720,7 +720,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -749,7 +749,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -765,7 +765,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -774,7 +774,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -811,7 +811,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -826,7 +826,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -880,11 +880,11 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="implementation-status" + gi="implementation-status"> implementation-status @@ -893,7 +893,7 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -909,59 +909,59 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="remarks" + key="remarks" + gi="remarks" + in-json="SCALAR"> remarks + group-by="true()"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="location-uuid" + gi="location-uuid" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="party-uuid" + gi="party-uuid" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="system-id" + gi="system-id"> @@ -969,33 +969,33 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + gi="role-id" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="function-performed" + gi="function-performed" + in-json="SCALAR"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1005,705 +1005,705 @@ + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="value" + key="value" + gi="value"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="class" + key="class" + gi="class"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="group" + key="group" + gi="group"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="rel" + key="rel" + gi="rel"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="resource-fragment" + key="resource-fragment" + gi="resource-fragment"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="location-type" + key="type" + gi="type"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="type" + key="type" + gi="type"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="type" + key="type" + gi="type"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="type" + key="type" + gi="type"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="system" + key="system" + gi="system"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="identifier-type" + key="identifier-type" + gi="identifier-type"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="system" + key="system" + gi="system"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="system-component-type" + key="type" + gi="type"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="state" + key="state" + gi="state"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="nonNegativeInteger" + name="start" + key="start" + gi="start"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="nonNegativeInteger" + name="end" + key="end" + gi="end"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="transport" + key="transport" + gi="transport"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="param-id" + key="param-id" + gi="param-id"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="statement-id" + key="statement-id" + gi="statement-id"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="state" + key="state" + gi="state"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="provided-uuid" + key="provided-uuid" + gi="provided-uuid"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="provided-uuid" + key="provided-uuid" + gi="provided-uuid"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="responsibility-uuid" + key="responsibility-uuid" + gi="responsibility-uuid"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="algorithm" + key="algorithm" + gi="algorithm"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="token" + name="filename" + key="filename" + gi="filename"> + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1713,15 +1713,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -1731,15 +1731,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -1749,15 +1749,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -1767,15 +1767,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -1785,8 +1785,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1812,14 +1812,14 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -1827,15 +1827,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1845,15 +1845,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -1863,15 +1863,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -1881,15 +1881,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -1899,15 +1899,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -1917,15 +1917,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1935,13 +1935,13 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -1949,15 +1949,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1967,8 +1967,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -1993,15 +1993,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2011,15 +2011,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -2029,37 +2029,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2069,8 +2069,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2115,15 +2115,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2133,8 +2133,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2155,29 +2155,29 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -2187,15 +2187,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -2205,15 +2205,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -2223,15 +2223,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -2241,27 +2241,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -2269,30 +2269,30 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2302,8 +2302,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2370,15 +2370,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -2388,15 +2388,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -2406,13 +2406,13 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="external-id" + gi="external-id"> @@ -2420,15 +2420,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2438,27 +2438,27 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="telephone-number" + gi="telephone-number"> @@ -2466,8 +2466,8 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2485,29 +2485,29 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -2517,15 +2517,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -2535,15 +2535,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -2553,15 +2553,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -2571,29 +2571,29 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2603,15 +2603,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2621,15 +2621,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2639,15 +2639,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="system-name" + key="system-name" + gi="system-name" + in-json="SCALAR"> system-name @@ -2657,15 +2657,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="system-name-short" + key="system-name-short" + gi="system-name-short" + in-json="SCALAR"> system-name-short @@ -2675,37 +2675,37 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2715,15 +2715,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="date" + name="date-authorized" + key="date-authorized" + gi="date-authorized" + in-json="SCALAR"> date-authorized @@ -2733,15 +2733,15 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="security-sensitivity-level" + key="security-sensitivity-level" + gi="security-sensitivity-level" + in-json="SCALAR"> security-sensitivity-level @@ -2751,15 +2751,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2769,8 +2769,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2803,15 +2803,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2821,30 +2821,30 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -2858,29 +2858,29 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="information-type-id" + gi="information-type-id" + in-json="SCALAR"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2890,15 +2890,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2908,15 +2908,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="base" + key="base" + gi="base" + in-json="SCALAR"> base @@ -2926,15 +2926,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="selected" + key="selected" + gi="selected" + in-json="SCALAR"> selected @@ -2944,37 +2944,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="adjustment-justification" + key="adjustment-justification" + gi="adjustment-justification" + in-json="SCALAR"> adjustment-justification + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2984,15 +2984,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="base" + key="base" + gi="base" + in-json="SCALAR"> base @@ -3002,15 +3002,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="selected" + key="selected" + gi="selected" + in-json="SCALAR"> selected @@ -3020,37 +3020,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="adjustment-justification" + key="adjustment-justification" + gi="adjustment-justification" + in-json="SCALAR"> adjustment-justification + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3060,15 +3060,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="base" + key="base" + gi="base" + in-json="SCALAR"> base @@ -3078,15 +3078,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="selected" + key="selected" + gi="selected" + in-json="SCALAR"> selected @@ -3096,37 +3096,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="adjustment-justification" + key="adjustment-justification" + gi="adjustment-justification" + in-json="SCALAR"> adjustment-justification + group-by="true()"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="security-objective-confidentiality" + key="security-objective-confidentiality" + gi="security-objective-confidentiality" + in-json="SCALAR"> security-objective-confidentiality @@ -3136,15 +3136,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="security-objective-integrity" + key="security-objective-integrity" + gi="security-objective-integrity" + in-json="SCALAR"> security-objective-integrity @@ -3154,15 +3154,15 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="security-objective-availability" + key="security-objective-availability" + gi="security-objective-availability" + in-json="SCALAR"> security-objective-availability @@ -3172,8 +3172,8 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3184,37 +3184,37 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3224,37 +3224,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3264,15 +3264,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="caption" + key="caption" + gi="caption" + in-json="SCALAR"> caption @@ -3282,37 +3282,37 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3322,37 +3322,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3362,15 +3362,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="caption" + key="caption" + gi="caption" + in-json="SCALAR"> caption @@ -3380,37 +3380,37 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3420,37 +3420,37 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3460,15 +3460,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="caption" + key="caption" + gi="caption" + in-json="SCALAR"> caption @@ -3478,15 +3478,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3496,15 +3496,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3514,8 +3514,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3540,15 +3540,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3558,15 +3558,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3576,15 +3576,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="uuid" + name="party-uuid" + key="party-uuid" + gi="party-uuid" + in-json="SCALAR"> party-uuid @@ -3594,15 +3594,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="date" + name="date-authorized" + key="date-authorized" + gi="date-authorized" + in-json="SCALAR"> date-authorized @@ -3612,15 +3612,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3630,15 +3630,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -3648,37 +3648,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3688,15 +3688,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3706,37 +3706,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3746,37 +3746,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -3786,15 +3786,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3804,8 +3804,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3816,15 +3816,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3834,15 +3834,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3852,37 +3852,37 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3892,15 +3892,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3910,8 +3910,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -3940,15 +3940,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3958,15 +3958,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3976,12 +3976,12 @@ + priority="3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + key="control-implementation" + gi="control-implementation"> control-implementation @@ -4003,44 +4003,44 @@ + priority="4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4091,15 +4091,15 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4109,29 +4109,29 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4141,8 +4141,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4179,15 +4179,15 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4197,15 +4197,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4215,37 +4215,37 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4255,22 +4255,22 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4309,37 +4309,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4349,8 +4349,8 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4380,37 +4380,37 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4420,15 +4420,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4438,8 +4438,8 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4470,37 +4470,37 @@ + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4510,15 +4510,15 @@ + priority="17" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4528,8 +4528,8 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4559,37 +4559,37 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4599,15 +4599,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4617,8 +4617,8 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4649,37 +4649,37 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4689,15 +4689,15 @@ + priority="16" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4707,15 +4707,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4725,37 +4725,37 @@ + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4765,22 +4765,22 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + priority="8" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4819,37 +4819,37 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4859,8 +4859,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4890,37 +4890,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4930,15 +4930,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4948,8 +4948,8 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -4980,37 +4980,37 @@ + priority="11" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="13" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5020,15 +5020,15 @@ + priority="15" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5038,8 +5038,8 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5069,37 +5069,37 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5109,15 +5109,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5127,8 +5127,8 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5159,37 +5159,37 @@ + priority="10" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5199,15 +5199,15 @@ + priority="14" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5217,15 +5217,15 @@ + priority="12" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5235,8 +5235,8 @@ + priority="5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5269,15 +5269,15 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5287,35 +5287,35 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description + group-by="true()"> + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="string" + name="document-id" + gi="document-id"> @@ -5323,8 +5323,8 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5348,15 +5348,15 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5366,15 +5366,15 @@ + priority="9" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5384,8 +5384,8 @@ + priority="7" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> @@ -5400,14 +5400,14 @@ + priority="6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -5419,10 +5419,10 @@ + mode="cast-prose" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/1.0"> + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -5430,43 +5430,43 @@ + name="ns" + select="/*/@namespace"/> + match="group" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="group[@in-json='BY_KEY']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="flag[@key=../@json-key-flag]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"/> + match="group[@in-json='SINGLETON_OR_ARRAY'][count(*)=1]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + priority="2" + match="group/assembly | group/field" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -5484,10 +5484,10 @@ + priority="3" + match="group/field[@in-json='SCALAR']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -5496,33 +5496,33 @@ + match="/assembly" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="assembly" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="field" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="field[@in-json='SCALAR']" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="flag[@key=../value/@key-flag]" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"/> + match="flag" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + namespace="http://www.w3.org/2005/xpath-functions"> + priority="2" + match="field[exists(@json-key-flag)]/value" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -5557,12 +5557,12 @@ + match="value" + mode="write-json" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + namespace="http://www.w3.org/2005/xpath-functions"> @@ -5577,46 +5577,46 @@ + match="*" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="value[@as-type='markup-line']" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + match="value[@as-type='markup-multiline']" + mode="cast-data" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + name="conditional-lf" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="text()[empty(ancestor::pre)]" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="text()" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -5625,18 +5625,18 @@ + mode="md" + match="p" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="h1 | h2 | h3 | h4 | h5 | h6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -5644,40 +5644,40 @@ # + mode="mark" + match="h1" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"># ## + mode="mark" + match="h2" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">## ### + mode="mark" + match="h3" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">### #### + mode="mark" + match="h4" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">#### ##### + mode="mark" + match="h5" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">##### ###### + mode="mark" + match="h6" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel">###### + mode="md" + match="table" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="tr" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -5691,19 +5691,19 @@ + mode="md" + match="th | td" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> | | + mode="md" + priority="1" + match="pre" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ``` @@ -5712,24 +5712,24 @@ ``` + mode="md" + priority="1" + match="ul | ol" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="ul//ul | ol//ol | ol//ul | ul//ol" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + mode="md" + match="li" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -5739,9 +5739,9 @@ + mode="md" + match="ol/li" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -5751,49 +5751,49 @@ + mode="md" + match="code | span[contains(@class, 'code')]" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ` ` + mode="md" + match="em | i" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> * * + mode="md" + match="strong | b" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ** ** + mode="md" + match="q" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> " " + mode="md" + match="insert" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> {{ insert: }} + mode="md" + match="a" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> [ ] @@ -5802,9 +5802,9 @@ ) + mode="md" + match="img" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> ![ ] diff --git a/json/schema/oscal_assessment-plan_schema.json b/json/schema/oscal_assessment-plan_schema.json index 79ffb9845c..95218836b2 100644 --- a/json/schema/oscal_assessment-plan_schema.json +++ b/json/schema/oscal_assessment-plan_schema.json @@ -1,2823 +1,2818 @@ - { "$schema" : "http://json-schema.org/draft-07/schema#", - "$id" : "http://csrc.nist.gov/ns/oscal/1.0.4/oscal-ap-schema.json", - "$comment" : "OSCAL Assessment Plan Model: JSON Schema", + { "$schema" : "http://json-schema.org/draft-07/schema#", + "$id" : "http://csrc.nist.gov/ns/oscal/1.0.4/oscal-ap-schema.json", + "$comment" : "OSCAL Assessment Plan Model: JSON Schema", + "type" : "object", + "definitions" : + { "oscal-ap-oscal-ap:assessment-plan" : + { "title" : "Security Assessment Plan (SAP)", + "description" : "An assessment plan, such as those provided by a FedRAMP assessor.", + "$id" : "#assembly_oscal-ap_assessment-plan", "type" : "object", - "definitions" : - { "oscal-ap-oscal-ap:assessment-plan" : - { "title" : "Security Assessment Plan (SAP)", - "description" : "An assessment plan, such as those provided by a FedRAMP assessor.", - "$id" : "#assembly_oscal-ap_assessment-plan", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Assessment Plan Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment plan in this or other OSCAL instances. The locally defined UUID of the assessment plan can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "metadata" : - { "$ref" : "#assembly_oscal-metadata_metadata" }, - "import-ssp" : - { "$ref" : "#assembly_oscal-assessment-common_import-ssp" }, - "local-definitions" : - { "title" : "Local Definitions", - "description" : "Used to define data objects that are used in the assessment plan, that do not appear in the referenced SSP.", - "type" : "object", - "properties" : - { "components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, - "inventory-items" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_inventory-item" } }, - "users" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_system-user" } }, - "objectives-and-methods" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_local-objective" } }, - "activities" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_activity" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "additionalProperties" : false }, - "terms-and-conditions" : - { "title" : "Assessment Plan Terms and Conditions", - "description" : "Used to define various terms and conditions under which an assessment, described by the plan, can be performed. Each child part defines a different type of term or condition.", - "type" : "object", - "properties" : - { "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-part" } } }, - "additionalProperties" : false }, - "reviewed-controls" : - { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, - "assessment-subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, - "assessment-assets" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-assets" }, - "tasks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_task" } }, - "back-matter" : - { "$ref" : "#assembly_oscal-metadata_back-matter" } }, - "required" : - [ "uuid", - "metadata", - "import-ssp", - "reviewed-controls" ], - "additionalProperties" : false }, - "oscal-ap-oscal-metadata:metadata" : - { "title" : "Document Metadata", - "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", - "$id" : "#assembly_oscal-metadata_metadata", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "revisions" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Revision History Entry", - "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "version" ], - "additionalProperties" : false } }, - "document-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_document-id" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Role", - "description" : "Defines a function, which might be assigned to a party in a specific situation.", - "type" : "object", - "properties" : - { "id" : - { "title" : "Role Identifier", - "description" : "A unique identifier for the role.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Role Title", - "description" : "A name given to the role, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "Role Short Name", - "description" : "A short common name, abbreviation, or acronym for the role.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "Role Description", - "description" : "A summary of the role's purpose and associated responsibilities.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id", - "title" ], - "additionalProperties" : false } }, - "locations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location", - "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Location Universally Unique Identifier", - "description" : "A unique ID for the location, for reference.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Location Title", - "description" : "A name given to the location, which may be used by a tool for display and navigation.", - "type" : "string" }, - "address" : - { "$ref" : "#assembly_oscal-metadata_address" }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "urls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location URL", - "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", - "$ref" : "#/definitions/URIDatatype" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false } }, - "parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party", - "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Party Universally Unique Identifier", - "description" : "A unique identifier for the party.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Party Type", - "description" : "A category describing the kind of party the object describes.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "person", - "organization" ] } ] }, - "name" : - { "title" : "Party Name", - "description" : "The full name of the party. This is typically the legal name associated with the party.", - "$ref" : "#/definitions/StringDatatype" }, - "short-name" : - { "title" : "Party Short Name", - "description" : "A short common name, abbreviation, or acronym for the party.", - "$ref" : "#/definitions/StringDatatype" }, - "external-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party External Identifier", - "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "External Identifier Schema", - "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id", - "scheme" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_address" } }, - "location-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_location-uuid" } }, - "member-of-organizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Organizational Affiliation", - "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type" ], - "additionalProperties" : false } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "actions" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_action" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "title", - "last-modified", - "version", - "oscal-version" ], - "additionalProperties" : false }, - "oscal-ap-oscal-metadata:location-uuid" : - { "title" : "Location Universally Unique Identifier Reference", - "description" : "Reference to a location by UUID.", - "$id" : "#field_oscal-metadata_location-uuid", - "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-ap-oscal-metadata:party-uuid" : - { "title" : "Party Universally Unique Identifier Reference", - "description" : "Reference to a party by UUID.", - "$id" : "#field_oscal-metadata_party-uuid", - "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-ap-oscal-metadata:role-id" : - { "title" : "Role Identifier Reference", - "description" : "Reference to a role by UUID.", - "$id" : "#field_oscal-metadata_role-id", - "$ref" : "#/definitions/TokenDatatype" }, - "oscal-ap-oscal-metadata:back-matter" : - { "title" : "Back matter", - "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", - "$id" : "#assembly_oscal-metadata_back-matter", - "type" : "object", - "properties" : - { "resources" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Resource", - "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Resource Universally Unique Identifier", - "description" : "A unique identifier for a resource.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Resource Title", - "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", - "type" : "string" }, - "description" : - { "title" : "Resource Description", - "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "document-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_document-id" } }, - "citation" : - { "title" : "Citation", - "description" : "An optional citation consisting of end note text using structured markup.", - "type" : "object", - "properties" : - { "text" : - { "title" : "Citation Text", - "description" : "A line of citation text.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "text" ], - "additionalProperties" : false }, - "rlinks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Resource link", - "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", - "type" : "object", - "properties" : - { "href" : - { "title" : "Hypertext Reference", - "description" : "A resolvable URL pointing to the referenced resource.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "media-type" : - { "title" : "Media Type", - "description" : "A label that indicates the nature of a resource, as a data serialization or format.", - "$ref" : "#/definitions/StringDatatype" }, - "hashes" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_hash" } } }, - "required" : - [ "href" ], - "additionalProperties" : false } }, - "base64" : - { "title" : "Base64", - "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", - "type" : "object", - "properties" : - { "filename" : - { "title" : "File Name", - "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "$ref" : "#/definitions/TokenDatatype" }, - "media-type" : - { "title" : "Media Type", - "description" : "A label that indicates the nature of a resource, as a data serialization or format.", - "$ref" : "#/definitions/StringDatatype" }, - "value" : - { "type" : "string" } }, - "required" : - [ "value" ], - "additionalProperties" : false }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false } } }, - "additionalProperties" : false }, - "oscal-ap-oscal-metadata:property" : - { "title" : "Property", - "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", - "$id" : "#assembly_oscal-metadata_property", - "type" : "object", - "properties" : - { "name" : - { "title" : "Property Name", - "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "marking" ] } ] }, - "uuid" : - { "title" : "Property Universally Unique Identifier", - "description" : "A unique identifier for a property.", - "$ref" : "#/definitions/UUIDDatatype" }, - "ns" : - { "title" : "Property Namespace", - "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", - "$ref" : "#/definitions/URIDatatype" }, - "value" : - { "title" : "Property Value", - "description" : "Indicates the value of the attribute, characteristic, or quality.", - "$ref" : "#/definitions/StringDatatype" }, - "class" : - { "title" : "Property Class", - "description" : "A textual label that provides a sub-type or characterization of the property's name.", - "$ref" : "#/definitions/TokenDatatype" }, - "group" : - { "title" : "Property Group", - "description" : "An identifier for relating distinct sets of properties.", - "$ref" : "#/definitions/TokenDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "name", - "value" ], - "additionalProperties" : false }, - "oscal-ap-oscal-metadata:link" : - { "title" : "Link", - "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", - "$id" : "#assembly_oscal-metadata_link", - "type" : "object", - "properties" : - { "href" : - { "title" : "Hypertext Reference", - "description" : "A resolvable URL reference to a resource.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "rel" : - { "title" : "Link Relation Type", - "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", - "$ref" : "#/definitions/TokenDatatype" }, - "media-type" : - { "title" : "Media Type", - "description" : "A label that indicates the nature of a resource, as a data serialization or format.", - "$ref" : "#/definitions/StringDatatype" }, - "resource-fragment" : - { "title" : "Resource Fragment", - "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", - "$ref" : "#/definitions/StringDatatype" }, - "text" : - { "title" : "Link Text", - "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", - "type" : "string" } }, - "required" : - [ "href" ], - "additionalProperties" : false }, - "oscal-ap-oscal-metadata:responsible-party" : - { "title" : "Responsible Party", - "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", - "$id" : "#assembly_oscal-metadata_responsible-party", - "type" : "object", - "properties" : - { "role-id" : - { "title" : "Responsible Role", - "description" : "A reference to a role performed by a party.", - "$ref" : "#/definitions/TokenDatatype" }, - "party-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_party-uuid" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "role-id", - "party-uuids" ], - "additionalProperties" : false }, - "oscal-ap-oscal-metadata:action" : - { "title" : "Action", - "description" : "An action applied by a role within a given party to the content.", - "$id" : "#assembly_oscal-metadata_action", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Action Universally Unique Identifier", - "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "date" : - { "title" : "Action Occurrence Date", - "description" : "The date and time when the action occurred.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "type" : - { "title" : "Action Type", - "description" : "The type of action documented by the assembly, such as an approval.", - "$ref" : "#/definitions/TokenDatatype" }, - "system" : - { "title" : "Action Type System", - "description" : "Specifies the action type system used.", - "$ref" : "#/definitions/URIDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type", - "system" ], - "additionalProperties" : false }, - "oscal-ap-oscal-metadata:responsible-role" : - { "title" : "Responsible Role", - "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", - "$id" : "#assembly_oscal-metadata_responsible-role", - "type" : "object", - "properties" : - { "role-id" : - { "title" : "Responsible Role ID", - "description" : "A human-oriented identifier reference to a role performed.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "party-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_party-uuid" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "role-id" ], - "additionalProperties" : false }, - "oscal-ap-oscal-metadata:hash" : - { "title" : "Hash", - "description" : "A representation of a cryptographic digest generated over a resource using a specified hash algorithm.", - "$id" : "#field_oscal-metadata_hash", - "type" : "object", - "properties" : - { "algorithm" : - { "title" : "Hash algorithm", - "description" : "The digest method by which a hash is derived.", - "$ref" : "#/definitions/StringDatatype" }, - "value" : - { "type" : "string" } }, - "required" : - [ "value", - "algorithm" ], - "additionalProperties" : false }, - "oscal-ap-oscal-metadata:remarks" : - { "title" : "Remarks", - "description" : "Additional commentary about the containing object.", - "$id" : "#field_oscal-metadata_remarks", - "type" : "string" }, - "oscal-ap-oscal-metadata:published" : - { "title" : "Publication Timestamp", - "description" : "The date and time the document was last made available.", - "$id" : "#field_oscal-metadata_published", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "oscal-ap-oscal-metadata:last-modified" : - { "title" : "Last Modified Timestamp", - "description" : "The date and time the document was last stored for later retrieval.", - "$id" : "#field_oscal-metadata_last-modified", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "oscal-ap-oscal-metadata:version" : - { "title" : "Document Version", - "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", - "$id" : "#field_oscal-metadata_version", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-ap-oscal-metadata:oscal-version" : - { "title" : "OSCAL Version", - "description" : "The OSCAL model version the document was authored against and will conform to as valid.", - "$id" : "#field_oscal-metadata_oscal-version", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-ap-oscal-metadata:email-address" : - { "title" : "Email Address", - "description" : "An email address as defined by RFC 5322 Section 3.4.1.", - "$id" : "#field_oscal-metadata_email-address", - "$ref" : "#/definitions/EmailAddressDatatype" }, - "oscal-ap-oscal-metadata:telephone-number" : - { "title" : "Telephone Number", - "description" : "A telephone service number as defined by ITU-T E.164.", - "$id" : "#field_oscal-metadata_telephone-number", - "type" : "object", - "properties" : - { "type" : - { "title" : "type flag", - "description" : "Indicates the type of phone number.", - "$ref" : "#/definitions/StringDatatype" }, - "number" : - { "type" : "string" } }, - "required" : - [ "number" ], - "additionalProperties" : false }, - "oscal-ap-oscal-metadata:address" : - { "title" : "Address", - "description" : "A postal address for the location.", - "$id" : "#assembly_oscal-metadata_address", - "type" : "object", - "properties" : - { "type" : - { "title" : "Address Type", - "description" : "Indicates the type of address.", - "$ref" : "#/definitions/TokenDatatype" }, - "addr-lines" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_addr-line" } }, - "city" : - { "title" : "City", - "description" : "City, town or geographical region for the mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "state" : - { "title" : "State", - "description" : "State, province or analogous geographical region for a mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "postal-code" : - { "title" : "Postal Code", - "description" : "Postal or ZIP code for mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "country" : - { "title" : "Country Code", - "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", - "$ref" : "#/definitions/StringDatatype" } }, - "additionalProperties" : false }, - "oscal-ap-oscal-metadata:addr-line" : - { "title" : "Address line", - "description" : "A single line of an address.", - "$id" : "#field_oscal-metadata_addr-line", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-ap-oscal-metadata:document-id" : - { "title" : "Document Identifier", - "description" : "A document identifier qualified by an identifier scheme.", - "$id" : "#field_oscal-metadata_document-id", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "Document Identification Scheme", - "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "$ref" : "#/definitions/URIDatatype" }, - "identifier" : - { "type" : "string" } }, - "required" : - [ "identifier" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:import-ssp" : - { "title" : "Import System Security Plan", - "description" : "Used by the assessment plan and POA&M to import information about the system.", - "$id" : "#assembly_oscal-assessment-common_import-ssp", - "type" : "object", - "properties" : - { "href" : - { "title" : "System Security Plan Reference", - "description" : "A resolvable URL reference to the system security plan for the system being assessed.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "href" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:local-objective" : - { "title" : "Assessment-Specific Control Objective", - "description" : "A local definition of a control objective for this assessment. Uses catalog syntax for control objective and assessment actions.", - "$id" : "#assembly_oscal-assessment-common_local-objective", - "type" : "object", - "properties" : - { "control-id" : - { "title" : "Control Identifier Reference", - "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "$ref" : "#/definitions/TokenDatatype" }, - "description" : - { "title" : "Objective Description", - "description" : "A human-readable description of this control objective.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_part" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "control-id", - "parts" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:assessment-method" : - { "title" : "Assessment Method", - "description" : "A local definition of a control objective. Uses catalog syntax for control objective and assessment activities.", - "$id" : "#assembly_oscal-assessment-common_assessment-method", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Assessment Method Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Assessment Method Description", - "description" : "A human-readable description of this assessment method.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "part" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-part" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "part" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:activity" : - { "title" : "Activity", - "description" : "Identifies an assessment or related process that can be performed. In the assessment plan, this is an intended activity which may be associated with an assessment task. In the assessment results, this an activity that was actually performed as part of an assessment.", - "$id" : "#assembly_oscal-assessment-common_activity", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Assessment Activity Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Included Activity Title", - "description" : "The title for this included activity.", - "type" : "string" }, - "description" : - { "title" : "Included Activity Description", - "description" : "A human-readable description of this included activity.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "steps" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Step", - "description" : "Identifies an individual step in a series of steps related to an activity, such as an assessment test or examination procedure.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Step Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Step Title", - "description" : "The title for this step.", - "type" : "string" }, - "description" : - { "title" : "Step Description", - "description" : "A human-readable description of this step.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "reviewed-controls" : - { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false } }, - "related-controls" : - { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:task" : - { "title" : "Task", - "description" : "Represents a scheduled event or milestone, which may be associated with a series of assessment actions.", - "$id" : "#assembly_oscal-assessment-common_task", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Task Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Task Type", - "description" : "The type of task.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Task Title", - "description" : "The title for this task.", - "type" : "string" }, - "description" : - { "title" : "Task Description", - "description" : "A human-readable description of this task.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "timing" : - { "title" : "Event Timing", - "description" : "The timing under which the task is intended to occur.", - "type" : "object", - "properties" : - { "on-date" : - { "title" : "On Date Condition", - "description" : "The task is intended to occur on the specified date.", - "type" : "object", - "properties" : - { "date" : - { "title" : "On Date Condition", - "description" : "The task must occur on the specified date.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, - "required" : - [ "date" ], - "additionalProperties" : false }, - "within-date-range" : - { "title" : "On Date Range Condition", - "description" : "The task is intended to occur within the specified date range.", - "type" : "object", - "properties" : - { "start" : - { "title" : "Start Date Condition", - "description" : "The task must occur on or after the specified date.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "end" : - { "title" : "End Date Condition", - "description" : "The task must occur on or before the specified date.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, - "required" : - [ "start", - "end" ], - "additionalProperties" : false }, - "at-frequency" : - { "title" : "Frequency Condition", - "description" : "The task is intended to occur at the specified frequency.", - "type" : "object", - "properties" : - { "period" : - { "title" : "Period", - "description" : "The task must occur after the specified period has elapsed.", - "$ref" : "#/definitions/PositiveIntegerDatatype" }, - "unit" : - { "title" : "Time Unit", - "description" : "The unit of time for the period.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "seconds", - "minutes", - "hours", - "days", - "months", - "years" ] } ] } }, - "required" : - [ "period", - "unit" ], - "additionalProperties" : false } }, - "additionalProperties" : false }, - "dependencies" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Task Dependency", - "description" : "Used to indicate that a task is dependent on another task.", - "type" : "object", - "properties" : - { "task-uuid" : - { "title" : "Task Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a unique task.", - "$ref" : "#/definitions/UUIDDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "task-uuid" ], - "additionalProperties" : false } }, - "tasks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_task" } }, - "associated-activities" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Associated Activity", - "description" : "Identifies an individual activity to be performed as part of a task.", - "type" : "object", - "properties" : - { "activity-uuid" : - { "title" : "Activity Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to an activity defined in the list of activities.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "activity-uuid", - "subjects" ], - "additionalProperties" : false } }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type", - "title" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:reviewed-controls" : - { "title" : "Reviewed Controls and Control Objectives", - "description" : "Identifies the controls being assessed and their control objectives.", - "$id" : "#assembly_oscal-assessment-common_reviewed-controls", - "type" : "object", - "properties" : - { "description" : - { "title" : "Control Objective Description", - "description" : "A human-readable description of control objectives.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "control-selections" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Assessed Controls", - "description" : "Identifies the controls being assessed. In the assessment plan, these are the planned controls. In the assessment results, these are the actual controls, and reflects any changes from the plan.", - "type" : "object", - "properties" : - { "description" : - { "title" : "Assessed Controls Description", - "description" : "A human-readable description of in-scope controls specified for assessment.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "include-all" : - { "$ref" : "#assembly_oscal-control-common_include-all" }, - "include-controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-control-by-id" } }, - "exclude-controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-control-by-id" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "additionalProperties" : false } }, - "control-objective-selections" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Referenced Control Objectives", - "description" : "Identifies the control objectives of the assessment. In the assessment plan, these are the planned objectives. In the assessment results, these are the assessed objectives, and reflects any changes from the plan.", - "type" : "object", - "properties" : - { "description" : - { "title" : "Control Objectives Description", - "description" : "A human-readable description of this collection of control objectives.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "include-all" : - { "$ref" : "#assembly_oscal-control-common_include-all" }, - "include-objectives" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-objective-by-id" } }, - "exclude-objectives" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-objective-by-id" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "control-selections" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:select-control-by-id" : - { "title" : "Select Control", - "description" : "Used to select a control for inclusion/exclusion based on one or more control identifiers. A set of statement identifiers can be used to target the inclusion/exclusion to only specific control statements providing more granularity over the specific statements that are within the asessment scope.", - "$id" : "#assembly_oscal-assessment-common_select-control-by-id", - "type" : "object", - "properties" : - { "control-id" : - { "title" : "Control Identifier Reference", - "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "$ref" : "#/definitions/TokenDatatype" }, - "statement-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Include Specific Statements", - "description" : "Used to constrain the selection to only specificity identified statements.", - "$ref" : "#/definitions/TokenDatatype" } } }, - "required" : - [ "control-id" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:select-objective-by-id" : - { "title" : "Select Objective", - "description" : "Used to select a control objective for inclusion/exclusion based on the control objective's identifier.", - "$id" : "#assembly_oscal-assessment-common_select-objective-by-id", - "type" : "object", - "properties" : - { "objective-id" : - { "title" : "Objective ID", - "description" : "Points to an assessment objective.", - "$ref" : "#/definitions/TokenDatatype" } }, - "required" : - [ "objective-id" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:assessment-subject-placeholder" : - { "title" : "Assessment Subject Placeholder", - "description" : "Used when the assessment subjects will be determined as part of one or more other assessment activities. These assessment subjects will be recorded in the assessment results in the assessment log.", - "$id" : "#assembly_oscal-assessment-common_assessment-subject-placeholder", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Assessment Subject Placeholder Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Assessment Subject Placeholder Description", - "description" : "A human-readable description of intent of this assessment subject placeholder.", - "type" : "string" }, - "sources" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Assessment Subject Source", - "description" : "Assessment subjects will be identified while conducting the referenced activity-instance.", - "type" : "object", - "properties" : - { "task-uuid" : - { "title" : "Task Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "task-uuid" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "sources" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:assessment-subject" : - { "title" : "Subject of Assessment", - "description" : "Identifies system elements being assessed, such as components, inventory items, and locations. In the assessment plan, this identifies a planned assessment subject. In the assessment results this is an actual assessment subject, and reflects any changes from the plan. exactly what will be the focus of this assessment. Any subjects not identified in this way are out-of-scope.", - "$id" : "#assembly_oscal-assessment-common_assessment-subject", - "type" : "object", - "properties" : - { "type" : - { "title" : "Subject Type", - "description" : "Indicates the type of assessment subject, such as a component, inventory, item, location, or party represented by this selection statement.", - "$ref" : "#/definitions/TokenDatatype" }, - "description" : - { "title" : "Include Subjects Description", - "description" : "A human-readable description of the collection of subjects being included in this assessment.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "include-all" : - { "$ref" : "#assembly_oscal-control-common_include-all" }, - "include-subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-subject-by-id" } }, - "exclude-subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-subject-by-id" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "type" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:select-subject-by-id" : - { "title" : "Select Assessment Subject", - "description" : "Identifies a set of assessment subjects to include/exclude by UUID.", - "$id" : "#assembly_oscal-assessment-common_select-subject-by-id", - "type" : "object", - "properties" : - { "subject-uuid" : - { "title" : "Subject Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Subject Universally Unique Identifier Reference Type", - "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "subject-uuid", - "type" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:subject-reference" : - { "title" : "Identifies the Subject", - "description" : "A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else.", - "$id" : "#assembly_oscal-assessment-common_subject-reference", - "type" : "object", - "properties" : - { "subject-uuid" : - { "title" : "Subject Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Subject Universally Unique Identifier Reference Type", - "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Subject Reference Title", - "description" : "The title or name for the referenced subject.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "subject-uuid", - "type" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:assessment-assets" : - { "title" : "Assessment Assets", - "description" : "Identifies the assets used to perform this assessment, such as the assessment team, scanning tools, and assumptions.", - "$id" : "#assembly_oscal-assessment-common_assessment-assets", - "type" : "object", - "properties" : - { "components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, - "assessment-platforms" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Assessment Platform", - "description" : "Used to represent the toolset used to perform aspects of the assessment.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Assessment Platform Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Assessment Platform Title", - "description" : "The title or name for the assessment platform.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "uses-components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Uses Component", - "description" : "The set of components that are used by the assessment platform.", - "type" : "object", - "properties" : - { "component-uuid" : - { "title" : "Component Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "component-uuid" ], - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false } } }, - "required" : - [ "assessment-platforms" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:finding-target" : - { "title" : "Objective Status", - "description" : "Captures an assessor's conclusions regarding the degree to which an objective is satisfied.", - "$id" : "#assembly_oscal-assessment-common_finding-target", - "type" : "object", - "properties" : - { "type" : - { "title" : "Finding Target Type", - "description" : "Identifies the type of the target.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "statement-id", - "objective-id" ] } ] }, - "target-id" : - { "title" : "Finding Target Identifier Reference", - "description" : "A machine-oriented identifier reference for a specific target qualified by the type.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Objective Status Title", - "description" : "The title for this objective status.", - "type" : "string" }, - "description" : - { "title" : "Objective Status Description", - "description" : "A human-readable description of the assessor's conclusions regarding the degree to which an objective is satisfied.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "status" : - { "title" : "Objective Status", - "description" : "A determination of if the objective is satisfied or not within a given system.", - "type" : "object", - "properties" : - { "state" : - { "title" : "Objective Status State", - "description" : "An indication as to whether the objective is satisfied or not.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "satisfied", - "not-satisfied" ] } ] }, - "reason" : - { "title" : "Objective Status Reason", - "description" : "The reason the objective was given it's status.", - "$ref" : "#/definitions/TokenDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "state" ], - "additionalProperties" : false }, - "implementation-status" : - { "$ref" : "#assembly_oscal-implementation-common_implementation-status" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "type", - "target-id", - "status" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:finding" : - { "title" : "Finding", - "description" : "Describes an individual finding.", - "$id" : "#assembly_oscal-assessment-common_finding", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Finding Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Finding Title", - "description" : "The title for this finding.", - "type" : "string" }, - "description" : - { "title" : "Finding Description", - "description" : "A human-readable description of this finding.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "origins" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin" } }, - "target" : - { "$ref" : "#assembly_oscal-assessment-common_finding-target" }, - "implementation-statement-uuid" : - { "title" : "Implementation Statement UUID", - "description" : "A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related.", - "$ref" : "#/definitions/UUIDDatatype" }, - "related-observations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Related Observation", - "description" : "Relates the finding to a set of referenced observations that were used to determine the finding.", - "type" : "object", - "properties" : - { "observation-uuid" : - { "title" : "Observation Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "observation-uuid" ], - "additionalProperties" : false } }, - "related-risks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Associated Risk", - "description" : "Relates the finding to a set of referenced risks that were used to determine the finding.", - "type" : "object", - "properties" : - { "risk-uuid" : - { "title" : "Risk Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a risk defined in the list of risks.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "risk-uuid" ], - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "title", - "description", - "target" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:observation" : - { "title" : "Observation", - "description" : "Describes an individual observation.", - "$id" : "#assembly_oscal-assessment-common_observation", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Observation Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Observation Title", - "description" : "The title for this observation.", - "type" : "string" }, - "description" : - { "title" : "Observation Description", - "description" : "A human-readable description of this assessment observation.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "methods" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Observation Method", - "description" : "Identifies how the observation was made.", - "$ref" : "#/definitions/StringDatatype" } }, - "types" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Observation Type", - "description" : "Identifies the nature of the observation. More than one may be used to further qualify and enable filtering.", - "$ref" : "#/definitions/TokenDatatype" } }, - "origins" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin" } }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } }, - "relevant-evidence" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Relevant Evidence", - "description" : "Links this observation to relevant evidence.", - "type" : "object", - "properties" : - { "href" : - { "title" : "Relevant Evidence Reference", - "description" : "A resolvable URL reference to relevant evidence.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "description" : - { "title" : "Relevant Evidence Description", - "description" : "A human-readable description of this evidence.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "description" ], - "additionalProperties" : false } }, - "collected" : - { "title" : "Collected Field", - "description" : "Date/time stamp identifying when the finding information was collected.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "expires" : - { "title" : "Expires Field", - "description" : "Date/time identifying when the finding information is out-of-date and no longer valid. Typically used with continuous assessment scenarios.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description", - "methods", - "collected" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:origin" : - { "title" : "Origin", - "description" : "Identifies the source of the finding, such as a tool, interviewed person, or activity.", - "$id" : "#assembly_oscal-assessment-common_origin", - "type" : "object", - "properties" : - { "actors" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin-actor" } }, - "related-tasks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_related-task" } } }, - "required" : - [ "actors" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:origin-actor" : - { "title" : "Originating Actor", - "description" : "The actor that produces an observation, a finding, or a risk. One or more actor type can be used to specify a person that is using a tool.", - "$id" : "#assembly_oscal-assessment-common_origin-actor", - "type" : "object", - "properties" : - { "type" : - { "title" : "Actor Type", - "description" : "The kind of actor.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "tool", - "assessment-platform", - "party" ] } ] }, - "actor-uuid" : - { "title" : "Actor Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to the tool or person based on the associated type.", - "$ref" : "#/definitions/UUIDDatatype" }, - "role-id" : - { "title" : "Actor Role", - "description" : "For a party, this can optionally be used to specify the role the actor was performing.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "type", - "actor-uuid" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:related-task" : - { "title" : "Task Reference", - "description" : "Identifies an individual task for which the containing object is a consequence of.", - "$id" : "#assembly_oscal-assessment-common_related-task", - "type" : "object", - "properties" : - { "task-uuid" : - { "title" : "Task Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a unique task.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, - "identified-subject" : - { "title" : "Identified Subject", - "description" : "Used to detail assessment subjects that were identfied by this task.", - "type" : "object", - "properties" : - { "subject-placeholder-uuid" : - { "title" : "Assessment Subject Placeholder Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task.", - "$ref" : "#/definitions/UUIDDatatype" }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } } }, - "required" : - [ "subject-placeholder-uuid", - "subjects" ], - "additionalProperties" : false }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "task-uuid" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:threat-id" : - { "title" : "Threat ID", - "description" : "A pointer, by ID, to an externally-defined threat.", - "$id" : "#field_oscal-assessment-common_threat-id", - "type" : "object", - "properties" : - { "system" : - { "title" : "Threat Type Identification System", - "description" : "Specifies the source of the threat information.", - "$ref" : "#/definitions/URIDatatype" }, - "href" : - { "title" : "Threat Information Resource Reference", - "description" : "An optional location for the threat data, from which this ID originates.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id", - "system" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:risk" : - { "title" : "Identified Risk", - "description" : "An identified risk.", - "$id" : "#assembly_oscal-assessment-common_risk", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Risk Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Risk Title", - "description" : "The title for this risk.", - "type" : "string" }, - "description" : - { "title" : "Risk Description", - "description" : "A human-readable summary of the identified risk, to include a statement of how the risk impacts the system.", - "type" : "string" }, - "statement" : - { "title" : "Risk Statement", - "description" : "An summary of impact for how the risk affects the system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "status" : - { "$ref" : "#field_oscal-assessment-common_risk-status" }, - "origins" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin" } }, - "threat-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-assessment-common_threat-id" } }, - "characterizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_characterization" } }, - "mitigating-factors" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Mitigating Factor", - "description" : "Describes an existing mitigating factor that may affect the overall determination of the risk, with an optional link to an implementation statement in the SSP.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Mitigating Factor Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "implementation-uuid" : - { "title" : "Implementation UUID", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Mitigating Factor Description", - "description" : "A human-readable description of this mitigating factor.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false } }, - "deadline" : - { "title" : "Risk Resolution Deadline", - "description" : "The date/time by which the risk must be resolved.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "remediations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_response" } }, - "risk-log" : - { "title" : "Risk Log", - "description" : "A log of all risk-related tasks taken.", - "type" : "object", - "properties" : - { "entries" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Risk Log Entry", - "description" : "Identifies an individual risk response that occurred as part of managing an identified risk.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Risk Log Entry Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Title", - "description" : "The title for this risk log entry.", - "type" : "string" }, - "description" : - { "title" : "Risk Task Description", - "description" : "A human-readable description of what was done regarding the risk.", - "type" : "string" }, - "start" : - { "title" : "Start", - "description" : "Identifies the start date and time of the event.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "end" : - { "title" : "End", - "description" : "Identifies the end date and time of the event. If the event is a point in time, the start and end will be the same date and time.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "logged-by" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_logged-by" } }, - "status-change" : - { "$ref" : "#field_oscal-assessment-common_risk-status" }, - "related-responses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Risk Response Reference", - "description" : "Identifies an individual risk response that this log entry is for.", - "type" : "object", - "properties" : - { "response-uuid" : - { "title" : "Response Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a unique risk response.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "related-tasks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_related-task" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "response-uuid" ], - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "start" ], - "additionalProperties" : false } } }, - "required" : - [ "entries" ], - "additionalProperties" : false }, - "related-observations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Related Observation", - "description" : "Relates the finding to a set of referenced observations that were used to determine the finding.", - "type" : "object", - "properties" : - { "observation-uuid" : - { "title" : "Observation Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "observation-uuid" ], - "additionalProperties" : false } } }, - "required" : - [ "uuid", - "title", - "description", - "statement", - "status" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:logged-by" : - { "title" : "Logged By", - "description" : "Used to indicate who created a log entry in what role.", - "$id" : "#assembly_oscal-assessment-common_logged-by", - "type" : "object", - "properties" : - { "party-uuid" : - { "title" : "Party UUID Reference", - "description" : "A machine-oriented identifier reference to the party who is making the log entry.", - "$ref" : "#/definitions/UUIDDatatype" }, - "role-id" : - { "title" : "Actor Role", - "description" : "A point to the role-id of the role in which the party is making the log entry.", - "$ref" : "#/definitions/TokenDatatype" } }, - "required" : - [ "party-uuid" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:risk-status" : - { "title" : "Risk Status", - "description" : "Describes the status of the associated risk.", - "$id" : "#field_oscal-assessment-common_risk-status", - "$ref" : "#/definitions/TokenDatatype" }, - "oscal-ap-oscal-assessment-common:characterization" : - { "title" : "Characterization", - "description" : "A collection of descriptive data about the containing object from a specific origin.", - "$id" : "#assembly_oscal-assessment-common_characterization", - "type" : "object", - "properties" : - { "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "origin" : - { "$ref" : "#assembly_oscal-assessment-common_origin" }, - "facets" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Facet", - "description" : "An individual characteristic that is part of a larger set produced by the same actor.", - "type" : "object", - "properties" : - { "name" : - { "title" : "Facet Name", - "description" : "The name of the risk metric within the specified system.", - "$ref" : "#/definitions/TokenDatatype" }, - "system" : - { "title" : "Naming System", - "description" : "Specifies the naming system under which this risk metric is organized, which allows for the same names to be used in different systems controlled by different parties. This avoids the potential of a name clash.", - "$ref" : "#/definitions/URIDatatype" }, - "value" : - { "title" : "Facet Value", - "description" : "Indicates the value of the facet.", - "$ref" : "#/definitions/StringDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "name", - "system", - "value" ], - "additionalProperties" : false } } }, - "required" : - [ "origin", - "facets" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:response" : - { "title" : "Risk Response", - "description" : "Describes either recommended or an actual plan for addressing the risk.", - "$id" : "#assembly_oscal-assessment-common_response", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Remediation Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "lifecycle" : - { "title" : "Remediation Intent", - "description" : "Identifies whether this is a recommendation, such as from an assessor or tool, or an actual plan accepted by the system owner.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Response Title", - "description" : "The title for this response activity.", - "type" : "string" }, - "description" : - { "title" : "Response Description", - "description" : "A human-readable description of this response plan.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "origins" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin" } }, - "required-assets" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Required Asset", - "description" : "Identifies an asset required to achieve remediation.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Required Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } }, - "title" : - { "title" : "Title for Required Asset", - "description" : "The title for this required asset.", - "type" : "string" }, - "description" : - { "title" : "Description of Required Asset", - "description" : "A human-readable description of this required asset.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false } }, - "tasks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_task" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "lifecycle", - "title", - "description" ], - "additionalProperties" : false }, - "oscal-ap-oscal-assessment-common:assessment-part" : - { "title" : "Assessment Part", - "description" : "A partition of an assessment plan or results or a child of another part.", - "$id" : "#assembly_oscal-assessment-common_assessment-part", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Part Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "name" : - { "title" : "Part Name", - "description" : "A textual label that uniquely identifies the part's semantic type.", - "$ref" : "#/definitions/TokenDatatype" }, - "ns" : - { "title" : "Part Namespace", - "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", - "$ref" : "#/definitions/URIDatatype" }, - "class" : - { "title" : "Part Class", - "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Part Title", - "description" : "A name given to the part, which may be used by a tool for display and navigation.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "prose" : - { "title" : "Part Text", - "description" : "Permits multiple paragraphs, lists, tables etc.", - "type" : "string" }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-part" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "name" ], - "additionalProperties" : false }, - "oscal-ap-oscal-control-common:part" : - { "title" : "Part", - "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", - "$id" : "#assembly_oscal-control-common_part", - "type" : "object", - "properties" : - { "id" : - { "title" : "Part Identifier", - "description" : "A unique identifier for the part.", - "$ref" : "#/definitions/TokenDatatype" }, - "name" : - { "title" : "Part Name", - "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", - "$ref" : "#/definitions/TokenDatatype" }, - "ns" : - { "title" : "Part Namespace", - "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", - "$ref" : "#/definitions/URIDatatype" }, - "class" : - { "title" : "Part Class", - "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Part Title", - "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "prose" : - { "title" : "Part Text", - "description" : "Permits multiple paragraphs, lists, tables etc.", - "type" : "string" }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_part" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "name" ], - "additionalProperties" : false }, - "oscal-ap-oscal-control-common:parameter" : - { "title" : "Parameter", - "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", - "$id" : "#assembly_oscal-control-common_parameter", - "type" : "object", - "properties" : - { "id" : - { "title" : "Parameter Identifier", - "description" : "A unique identifier for the parameter.", - "$ref" : "#/definitions/TokenDatatype" }, - "class" : - { "title" : "Parameter Class", - "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", - "$ref" : "#/definitions/TokenDatatype" }, - "depends-on" : - { "title" : "Depends on", - "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "label" : - { "title" : "Parameter Label", - "description" : "A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned.", - "type" : "string" }, - "usage" : - { "title" : "Parameter Usage Description", - "description" : "Describes the purpose and use of a parameter.", - "type" : "string" }, - "constraints" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, - "guidelines" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, - "values" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-control-common_parameter-value" } }, - "select" : - { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id" ], - "additionalProperties" : false }, - "oscal-ap-oscal-control-common:parameter-constraint" : - { "title" : "Constraint", - "description" : "A formal or informal expression of a constraint or test.", - "$id" : "#assembly_oscal-control-common_parameter-constraint", - "type" : "object", - "properties" : - { "description" : - { "title" : "Constraint Description", - "description" : "A textual summary of the constraint to be applied.", - "type" : "string" }, - "tests" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Constraint Test", - "description" : "A test expression which is expected to be evaluated by a tool.", - "type" : "object", - "properties" : - { "expression" : - { "title" : "Constraint test", - "description" : "A formal (executable) expression of a constraint.", - "$ref" : "#/definitions/StringDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "expression" ], - "additionalProperties" : false } } }, - "additionalProperties" : false }, - "oscal-ap-oscal-control-common:parameter-guideline" : - { "title" : "Guideline", - "description" : "A prose statement that provides a recommendation for the use of a parameter.", - "$id" : "#assembly_oscal-control-common_parameter-guideline", - "type" : "object", - "properties" : - { "prose" : - { "title" : "Guideline Text", - "description" : "Prose permits multiple paragraphs, lists, tables etc.", - "type" : "string" } }, - "required" : - [ "prose" ], - "additionalProperties" : false }, - "oscal-ap-oscal-control-common:parameter-value" : - { "title" : "Parameter Value", - "description" : "A parameter value or set of values.", - "$id" : "#field_oscal-control-common_parameter-value", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-ap-oscal-control-common:parameter-selection" : - { "title" : "Selection", - "description" : "Presenting a choice among alternatives.", - "$id" : "#assembly_oscal-control-common_parameter-selection", - "type" : "object", - "properties" : - { "how-many" : - { "title" : "Parameter Cardinality", - "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "one", - "one-or-more" ] } ] }, - "choice" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Choice", - "description" : "A value selection among several such options.", - "type" : "string" } } }, - "additionalProperties" : false }, - "oscal-ap-oscal-control-common:include-all" : - { "title" : "Include All", - "description" : "Include all controls from the imported catalog or profile resources.", - "$id" : "#assembly_oscal-control-common_include-all", - "type" : "object", - "additionalProperties" : false }, - "oscal-ap-oscal-implementation-common:system-component" : - { "title" : "Component", - "description" : "A defined component that can be part of an implemented system.", - "$id" : "#assembly_oscal-implementation-common_system-component", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Component Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Component Type", - "description" : "A category describing the purpose of the component.", - "$ref" : "#/definitions/StringDatatype" }, - "title" : - { "title" : "Component Title", - "description" : "A human readable name for the system component.", - "type" : "string" }, - "description" : - { "title" : "Component Description", - "description" : "A description of the component, including information about its function.", - "type" : "string" }, - "purpose" : - { "title" : "Purpose", - "description" : "A summary of the technological or business purpose of the component.", - "type" : "string" }, + "properties" : + { "uuid" : + { "title" : "Assessment Plan Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment plan in this or other OSCAL instances. The locally defined UUID of the assessment plan can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "metadata" : + { "$ref" : "#assembly_oscal-metadata_metadata" }, + "import-ssp" : + { "$ref" : "#assembly_oscal-assessment-common_import-ssp" }, + "local-definitions" : + { "title" : "Local Definitions", + "description" : "Used to define data objects that are used in the assessment plan, that do not appear in the referenced SSP.", + "type" : "object", + "properties" : + { "components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, + "inventory-items" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_inventory-item" } }, + "users" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_system-user" } }, + "objectives-and-methods" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_local-objective" } }, + "activities" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_activity" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "additionalProperties" : false }, + "terms-and-conditions" : + { "title" : "Assessment Plan Terms and Conditions", + "description" : "Used to define various terms and conditions under which an assessment, described by the plan, can be performed. Each child part defines a different type of term or condition.", + "type" : "object", + "properties" : + { "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-part" } } }, + "additionalProperties" : false }, + "reviewed-controls" : + { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, + "assessment-subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, + "assessment-assets" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-assets" }, + "tasks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_task" } }, + "back-matter" : + { "$ref" : "#assembly_oscal-metadata_back-matter" } }, + "required" : + [ "uuid", + "metadata", + "import-ssp", + "reviewed-controls" ], + "additionalProperties" : false }, + "oscal-ap-oscal-metadata:metadata" : + { "title" : "Document Metadata", + "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", + "$id" : "#assembly_oscal-metadata_metadata", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "revisions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Revision History Entry", + "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "version" ], + "additionalProperties" : false } }, + "document-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_document-id" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Role", + "description" : "Defines a function, which might be assigned to a party in a specific situation.", + "type" : "object", + "properties" : + { "id" : + { "title" : "Role Identifier", + "description" : "A unique identifier for the role.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Role Title", + "description" : "A name given to the role, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "Role Short Name", + "description" : "A short common name, abbreviation, or acronym for the role.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "Role Description", + "description" : "A summary of the role's purpose and associated responsibilities.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id", + "title" ], + "additionalProperties" : false } }, + "locations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location", + "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Location Universally Unique Identifier", + "description" : "A unique ID for the location, for reference.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Location Title", + "description" : "A name given to the location, which may be used by a tool for display and navigation.", + "type" : "string" }, + "address" : + { "$ref" : "#assembly_oscal-metadata_address" }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "urls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location URL", + "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", + "$ref" : "#/definitions/URIDatatype" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } }, + "parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party", + "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Party Universally Unique Identifier", + "description" : "A unique identifier for the party.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Party Type", + "description" : "A category describing the kind of party the object describes.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, + "name" : + { "title" : "Party Name", + "description" : "The full name of the party. This is typically the legal name associated with the party.", + "$ref" : "#/definitions/StringDatatype" }, + "short-name" : + { "title" : "Party Short Name", + "description" : "A short common name, abbreviation, or acronym for the party.", + "$ref" : "#/definitions/StringDatatype" }, + "external-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party External Identifier", + "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "External Identifier Schema", + "description" : "Indicates the type of external identifier.", + "$ref" : "#/definitions/URIDatatype" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id", + "scheme" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_address" } }, + "location-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_location-uuid" } }, + "member-of-organizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Organizational Affiliation", + "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type" ], + "additionalProperties" : false } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "actions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_action" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "title", + "last-modified", + "version", + "oscal-version" ], + "additionalProperties" : false }, + "oscal-ap-oscal-metadata:location-uuid" : + { "title" : "Location Universally Unique Identifier Reference", + "description" : "Reference to a location by UUID.", + "$id" : "#field_oscal-metadata_location-uuid", + "$ref" : "#/definitions/UUIDDatatype" }, + "oscal-ap-oscal-metadata:party-uuid" : + { "title" : "Party Universally Unique Identifier Reference", + "description" : "Reference to a party by UUID.", + "$id" : "#field_oscal-metadata_party-uuid", + "$ref" : "#/definitions/UUIDDatatype" }, + "oscal-ap-oscal-metadata:role-id" : + { "title" : "Role Identifier Reference", + "description" : "Reference to a role by UUID.", + "$id" : "#field_oscal-metadata_role-id", + "$ref" : "#/definitions/TokenDatatype" }, + "oscal-ap-oscal-metadata:back-matter" : + { "title" : "Back matter", + "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", + "$id" : "#assembly_oscal-metadata_back-matter", + "type" : "object", + "properties" : + { "resources" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Resource", + "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Resource Universally Unique Identifier", + "description" : "A unique identifier for a resource.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Resource Title", + "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", + "type" : "string" }, + "description" : + { "title" : "Resource Description", + "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "document-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_document-id" } }, + "citation" : + { "title" : "Citation", + "description" : "An optional citation consisting of end note text using structured markup.", + "type" : "object", + "properties" : + { "text" : + { "title" : "Citation Text", + "description" : "A line of citation text.", + "type" : "string" }, "props" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, "links" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "status" : - { "title" : "Status", - "description" : "Describes the operational status of the system component.", - "type" : "object", - "properties" : - { "state" : - { "title" : "State", - "description" : "The operational status.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "under-development", - "operational", - "disposition", - "other" ] } ] }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "state" ], - "additionalProperties" : false }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "protocols" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_protocol" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type", - "title", - "description", - "status" ], - "additionalProperties" : false }, - "oscal-ap-oscal-implementation-common:protocol" : - { "title" : "Service Protocol Information", - "description" : "Information about the protocol used to provide a service.", - "$id" : "#assembly_oscal-implementation-common_protocol", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "text" ], + "additionalProperties" : false }, + "rlinks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Resource link", + "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", + "type" : "object", + "properties" : + { "href" : + { "title" : "Hypertext Reference", + "description" : "A resolvable URL pointing to the referenced resource.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "media-type" : + { "title" : "Media Type", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", + "$ref" : "#/definitions/StringDatatype" }, + "hashes" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_hash" } } }, + "required" : + [ "href" ], + "additionalProperties" : false } }, + "base64" : + { "title" : "Base64", + "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", + "type" : "object", + "properties" : + { "filename" : + { "title" : "File Name", + "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", + "$ref" : "#/definitions/TokenDatatype" }, + "media-type" : + { "title" : "Media Type", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", + "$ref" : "#/definitions/StringDatatype" }, + "value" : + { "type" : "string" } }, + "required" : + [ "value" ], + "additionalProperties" : false }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } } }, + "additionalProperties" : false }, + "oscal-ap-oscal-metadata:property" : + { "title" : "Property", + "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", + "$id" : "#assembly_oscal-metadata_property", + "type" : "object", + "properties" : + { "name" : + { "title" : "Property Name", + "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", + "$ref" : "#/definitions/TokenDatatype" }, + "uuid" : + { "title" : "Property Universally Unique Identifier", + "description" : "A unique identifier for a property.", + "$ref" : "#/definitions/UUIDDatatype" }, + "ns" : + { "title" : "Property Namespace", + "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "value" : + { "title" : "Property Value", + "description" : "Indicates the value of the attribute, characteristic, or quality.", + "$ref" : "#/definitions/StringDatatype" }, + "class" : + { "title" : "Property Class", + "description" : "A textual label that provides a sub-type or characterization of the property's name.", + "$ref" : "#/definitions/TokenDatatype" }, + "group" : + { "title" : "Property Group", + "description" : "An identifier for relating distinct sets of properties.", + "$ref" : "#/definitions/TokenDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "name", + "value" ], + "additionalProperties" : false }, + "oscal-ap-oscal-metadata:link" : + { "title" : "Link", + "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", + "$id" : "#assembly_oscal-metadata_link", + "type" : "object", + "properties" : + { "href" : + { "title" : "Hypertext Reference", + "description" : "A resolvable URL reference to a resource.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "rel" : + { "title" : "Link Relation Type", + "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", + "$ref" : "#/definitions/TokenDatatype" }, + "media-type" : + { "title" : "Media Type", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", + "$ref" : "#/definitions/StringDatatype" }, + "resource-fragment" : + { "title" : "Resource Fragment", + "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", + "$ref" : "#/definitions/StringDatatype" }, + "text" : + { "title" : "Link Text", + "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", + "type" : "string" } }, + "required" : + [ "href" ], + "additionalProperties" : false }, + "oscal-ap-oscal-metadata:responsible-party" : + { "title" : "Responsible Party", + "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", + "$id" : "#assembly_oscal-metadata_responsible-party", + "type" : "object", + "properties" : + { "role-id" : + { "title" : "Responsible Role", + "description" : "A reference to a role performed by a party.", + "$ref" : "#/definitions/TokenDatatype" }, + "party-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_party-uuid" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "role-id", + "party-uuids" ], + "additionalProperties" : false }, + "oscal-ap-oscal-metadata:action" : + { "title" : "Action", + "description" : "An action applied by a role within a given party to the content.", + "$id" : "#assembly_oscal-metadata_action", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Action Universally Unique Identifier", + "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "date" : + { "title" : "Action Occurrence Date", + "description" : "The date and time when the action occurred.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "type" : + { "title" : "Action Type", + "description" : "The type of action documented by the assembly, such as an approval.", + "$ref" : "#/definitions/TokenDatatype" }, + "system" : + { "title" : "Action Type System", + "description" : "Specifies the action type system used.", + "$ref" : "#/definitions/URIDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "system" ], + "additionalProperties" : false }, + "oscal-ap-oscal-metadata:responsible-role" : + { "title" : "Responsible Role", + "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", + "$id" : "#assembly_oscal-metadata_responsible-role", + "type" : "object", + "properties" : + { "role-id" : + { "title" : "Responsible Role ID", + "description" : "A human-oriented identifier reference to a role performed.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "party-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_party-uuid" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "role-id" ], + "additionalProperties" : false }, + "oscal-ap-oscal-metadata:hash" : + { "title" : "Hash", + "description" : "A representation of a cryptographic digest generated over a resource using a specified hash algorithm.", + "$id" : "#field_oscal-metadata_hash", + "type" : "object", + "properties" : + { "algorithm" : + { "title" : "Hash algorithm", + "description" : "The digest method by which a hash is derived.", + "$ref" : "#/definitions/StringDatatype" }, + "value" : + { "type" : "string" } }, + "required" : + [ "value", + "algorithm" ], + "additionalProperties" : false }, + "oscal-ap-oscal-metadata:remarks" : + { "title" : "Remarks", + "description" : "Additional commentary about the containing object.", + "$id" : "#field_oscal-metadata_remarks", + "type" : "string" }, + "oscal-ap-oscal-metadata:published" : + { "title" : "Publication Timestamp", + "description" : "The date and time the document was last made available.", + "$id" : "#field_oscal-metadata_published", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "oscal-ap-oscal-metadata:last-modified" : + { "title" : "Last Modified Timestamp", + "description" : "The date and time the document was last stored for later retrieval.", + "$id" : "#field_oscal-metadata_last-modified", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "oscal-ap-oscal-metadata:version" : + { "title" : "Document Version", + "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", + "$id" : "#field_oscal-metadata_version", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-ap-oscal-metadata:oscal-version" : + { "title" : "OSCAL Version", + "description" : "The OSCAL model version the document was authored against and will conform to as valid.", + "$id" : "#field_oscal-metadata_oscal-version", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-ap-oscal-metadata:email-address" : + { "title" : "Email Address", + "description" : "An email address as defined by RFC 5322 Section 3.4.1.", + "$id" : "#field_oscal-metadata_email-address", + "$ref" : "#/definitions/EmailAddressDatatype" }, + "oscal-ap-oscal-metadata:telephone-number" : + { "title" : "Telephone Number", + "description" : "A telephone service number as defined by ITU-T E.164.", + "$id" : "#field_oscal-metadata_telephone-number", + "type" : "object", + "properties" : + { "type" : + { "title" : "type flag", + "description" : "Indicates the type of phone number.", + "$ref" : "#/definitions/StringDatatype" }, + "number" : + { "type" : "string" } }, + "required" : + [ "number" ], + "additionalProperties" : false }, + "oscal-ap-oscal-metadata:address" : + { "title" : "Address", + "description" : "A postal address for the location.", + "$id" : "#assembly_oscal-metadata_address", + "type" : "object", + "properties" : + { "type" : + { "title" : "Address Type", + "description" : "Indicates the type of address.", + "$ref" : "#/definitions/TokenDatatype" }, + "addr-lines" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_addr-line" } }, + "city" : + { "title" : "City", + "description" : "City, town or geographical region for the mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "state" : + { "title" : "State", + "description" : "State, province or analogous geographical region for a mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "postal-code" : + { "title" : "Postal Code", + "description" : "Postal or ZIP code for mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "country" : + { "title" : "Country Code", + "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", + "$ref" : "#/definitions/StringDatatype" } }, + "additionalProperties" : false }, + "oscal-ap-oscal-metadata:addr-line" : + { "title" : "Address line", + "description" : "A single line of an address.", + "$id" : "#field_oscal-metadata_addr-line", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-ap-oscal-metadata:document-id" : + { "title" : "Document Identifier", + "description" : "A document identifier qualified by an identifier scheme.", + "$id" : "#field_oscal-metadata_document-id", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "Document Identification Scheme", + "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", + "$ref" : "#/definitions/URIDatatype" }, + "identifier" : + { "type" : "string" } }, + "required" : + [ "identifier" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:import-ssp" : + { "title" : "Import System Security Plan", + "description" : "Used by the assessment plan and POA&M to import information about the system.", + "$id" : "#assembly_oscal-assessment-common_import-ssp", + "type" : "object", + "properties" : + { "href" : + { "title" : "System Security Plan Reference", + "description" : "A resolvable URL reference to the system security plan for the system being assessed.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "href" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:local-objective" : + { "title" : "Assessment-Specific Control Objective", + "description" : "A local definition of a control objective for this assessment. Uses catalog syntax for control objective and assessment actions.", + "$id" : "#assembly_oscal-assessment-common_local-objective", + "type" : "object", + "properties" : + { "control-id" : + { "title" : "Control Identifier Reference", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "$ref" : "#/definitions/TokenDatatype" }, + "description" : + { "title" : "Objective Description", + "description" : "A human-readable description of this control objective.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_part" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "control-id", + "parts" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:assessment-method" : + { "title" : "Assessment Method", + "description" : "A local definition of a control objective. Uses catalog syntax for control objective and assessment activities.", + "$id" : "#assembly_oscal-assessment-common_assessment-method", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Assessment Method Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Assessment Method Description", + "description" : "A human-readable description of this assessment method.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "part" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-part" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "part" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:activity" : + { "title" : "Activity", + "description" : "Identifies an assessment or related process that can be performed. In the assessment plan, this is an intended activity which may be associated with an assessment task. In the assessment results, this an activity that was actually performed as part of an assessment.", + "$id" : "#assembly_oscal-assessment-common_activity", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Assessment Activity Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Included Activity Title", + "description" : "The title for this included activity.", + "type" : "string" }, + "description" : + { "title" : "Included Activity Description", + "description" : "A human-readable description of this included activity.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "steps" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Step", + "description" : "Identifies an individual step in a series of steps related to an activity, such as an assessment test or examination procedure.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Step Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Step Title", + "description" : "The title for this step.", + "type" : "string" }, + "description" : + { "title" : "Step Description", + "description" : "A human-readable description of this step.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "reviewed-controls" : + { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false } }, + "related-controls" : + { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:task" : + { "title" : "Task", + "description" : "Represents a scheduled event or milestone, which may be associated with a series of assessment actions.", + "$id" : "#assembly_oscal-assessment-common_task", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Task Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Task Type", + "description" : "The type of task.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Task Title", + "description" : "The title for this task.", + "type" : "string" }, + "description" : + { "title" : "Task Description", + "description" : "A human-readable description of this task.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "timing" : + { "title" : "Event Timing", + "description" : "The timing under which the task is intended to occur.", + "type" : "object", + "properties" : + { "on-date" : + { "title" : "On Date Condition", + "description" : "The task is intended to occur on the specified date.", "type" : "object", "properties" : - { "uuid" : - { "title" : "Service Protocol Information Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "name" : - { "title" : "Protocol Name", - "description" : "The common name of the protocol, which should be the appropriate \"service name\" from the IANA Service Name and Transport Protocol Port Number Registry.", - "$ref" : "#/definitions/StringDatatype" }, - "title" : - { "title" : "Protocol Title", - "description" : "A human readable name for the protocol (e.g., Transport Layer Security).", - "type" : "string" }, - "port-ranges" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_port-range" } } }, + { "date" : + { "title" : "On Date Condition", + "description" : "The task must occur on the specified date.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, "required" : - [ "name" ], + [ "date" ], "additionalProperties" : false }, - "oscal-ap-oscal-implementation-common:port-range" : - { "title" : "Port Range", - "description" : "Where applicable this is the IPv4 port range on which the service operates.", - "$id" : "#assembly_oscal-implementation-common_port-range", + "within-date-range" : + { "title" : "On Date Range Condition", + "description" : "The task is intended to occur within the specified date range.", "type" : "object", "properties" : { "start" : - { "title" : "Start", - "description" : "Indicates the starting port number in a port range", - "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, - "end" : - { "title" : "End", - "description" : "Indicates the ending port number in a port range", - "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, - "transport" : - { "title" : "Transport", - "description" : "Indicates the transport type.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "TCP", - "UDP" ] } ] } }, - "additionalProperties" : false }, - "oscal-ap-oscal-implementation-common:implementation-status" : - { "title" : "Implementation Status", - "description" : "Indicates the degree to which the a given control is implemented.", - "$id" : "#assembly_oscal-implementation-common_implementation-status", - "type" : "object", - "properties" : - { "state" : - { "title" : "Implementation State", - "description" : "Identifies the implementation status of the control or control objective.", - "$ref" : "#/definitions/TokenDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, + { "title" : "Start Date Condition", + "description" : "The task must occur on or after the specified date.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "end" : + { "title" : "End Date Condition", + "description" : "The task must occur on or before the specified date.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, "required" : - [ "state" ], + [ "start", + "end" ], "additionalProperties" : false }, - "oscal-ap-oscal-implementation-common:system-user" : - { "title" : "System User", - "description" : "A type of user that interacts with the system based on an associated role.", - "$id" : "#assembly_oscal-implementation-common_system-user", + "at-frequency" : + { "title" : "Frequency Condition", + "description" : "The task is intended to occur at the specified frequency.", "type" : "object", "properties" : - { "uuid" : - { "title" : "User Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + { "period" : + { "title" : "Period", + "description" : "The task must occur after the specified period has elapsed.", + "$ref" : "#/definitions/PositiveIntegerDatatype" }, + "unit" : + { "title" : "Time Unit", + "description" : "The unit of time for the period.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "seconds", + "minutes", + "hours", + "days", + "months", + "years" ] } ] } }, + "required" : + [ "period", + "unit" ], + "additionalProperties" : false } }, + "additionalProperties" : false }, + "dependencies" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Task Dependency", + "description" : "Used to indicate that a task is dependent on another task.", + "type" : "object", + "properties" : + { "task-uuid" : + { "title" : "Task Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a unique task.", + "$ref" : "#/definitions/UUIDDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "task-uuid" ], + "additionalProperties" : false } }, + "tasks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_task" } }, + "associated-activities" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Associated Activity", + "description" : "Identifies an individual activity to be performed as part of a task.", + "type" : "object", + "properties" : + { "activity-uuid" : + { "title" : "Activity Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to an activity defined in the list of activities.", + "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "activity-uuid", + "subjects" ], + "additionalProperties" : false } }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "title" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:reviewed-controls" : + { "title" : "Reviewed Controls and Control Objectives", + "description" : "Identifies the controls being assessed and their control objectives.", + "$id" : "#assembly_oscal-assessment-common_reviewed-controls", + "type" : "object", + "properties" : + { "description" : + { "title" : "Control Objective Description", + "description" : "A human-readable description of control objectives.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "control-selections" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Assessed Controls", + "description" : "Identifies the controls being assessed. In the assessment plan, these are the planned controls. In the assessment results, these are the actual controls, and reflects any changes from the plan.", + "type" : "object", + "properties" : + { "description" : + { "title" : "Assessed Controls Description", + "description" : "A human-readable description of in-scope controls specified for assessment.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "include-all" : + { "$ref" : "#assembly_oscal-control-common_include-all" }, + "include-controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-control-by-id" } }, + "exclude-controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-control-by-id" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "additionalProperties" : false } }, + "control-objective-selections" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Referenced Control Objectives", + "description" : "Identifies the control objectives of the assessment. In the assessment plan, these are the planned objectives. In the assessment results, these are the assessed objectives, and reflects any changes from the plan.", + "type" : "object", + "properties" : + { "description" : + { "title" : "Control Objectives Description", + "description" : "A human-readable description of this collection of control objectives.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "include-all" : + { "$ref" : "#assembly_oscal-control-common_include-all" }, + "include-objectives" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-objective-by-id" } }, + "exclude-objectives" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-objective-by-id" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "control-selections" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:select-control-by-id" : + { "title" : "Select Control", + "description" : "Used to select a control for inclusion/exclusion based on one or more control identifiers. A set of statement identifiers can be used to target the inclusion/exclusion to only specific control statements providing more granularity over the specific statements that are within the asessment scope.", + "$id" : "#assembly_oscal-assessment-common_select-control-by-id", + "type" : "object", + "properties" : + { "control-id" : + { "title" : "Control Identifier Reference", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "$ref" : "#/definitions/TokenDatatype" }, + "statement-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Include Specific Statements", + "description" : "Used to constrain the selection to only specificity identified statements.", + "$ref" : "#/definitions/TokenDatatype" } } }, + "required" : + [ "control-id" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:select-objective-by-id" : + { "title" : "Select Objective", + "description" : "Used to select a control objective for inclusion/exclusion based on the control objective's identifier.", + "$id" : "#assembly_oscal-assessment-common_select-objective-by-id", + "type" : "object", + "properties" : + { "objective-id" : + { "title" : "Objective ID", + "description" : "Points to an assessment objective.", + "$ref" : "#/definitions/TokenDatatype" } }, + "required" : + [ "objective-id" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:assessment-subject-placeholder" : + { "title" : "Assessment Subject Placeholder", + "description" : "Used when the assessment subjects will be determined as part of one or more other assessment activities. These assessment subjects will be recorded in the assessment results in the assessment log.", + "$id" : "#assembly_oscal-assessment-common_assessment-subject-placeholder", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Assessment Subject Placeholder Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Assessment Subject Placeholder Description", + "description" : "A human-readable description of intent of this assessment subject placeholder.", + "type" : "string" }, + "sources" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Assessment Subject Source", + "description" : "Assessment subjects will be identified while conducting the referenced activity-instance.", + "type" : "object", + "properties" : + { "task-uuid" : + { "title" : "Task Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "task-uuid" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "sources" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:assessment-subject" : + { "title" : "Subject of Assessment", + "description" : "Identifies system elements being assessed, such as components, inventory items, and locations. In the assessment plan, this identifies a planned assessment subject. In the assessment results this is an actual assessment subject, and reflects any changes from the plan. exactly what will be the focus of this assessment. Any subjects not identified in this way are out-of-scope.", + "$id" : "#assembly_oscal-assessment-common_assessment-subject", + "type" : "object", + "properties" : + { "type" : + { "title" : "Subject Type", + "description" : "Indicates the type of assessment subject, such as a component, inventory, item, location, or party represented by this selection statement.", + "$ref" : "#/definitions/TokenDatatype" }, + "description" : + { "title" : "Include Subjects Description", + "description" : "A human-readable description of the collection of subjects being included in this assessment.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "include-all" : + { "$ref" : "#assembly_oscal-control-common_include-all" }, + "include-subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-subject-by-id" } }, + "exclude-subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-subject-by-id" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "type" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:select-subject-by-id" : + { "title" : "Select Assessment Subject", + "description" : "Identifies a set of assessment subjects to include/exclude by UUID.", + "$id" : "#assembly_oscal-assessment-common_select-subject-by-id", + "type" : "object", + "properties" : + { "subject-uuid" : + { "title" : "Subject Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Subject Universally Unique Identifier Reference Type", + "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "subject-uuid", + "type" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:subject-reference" : + { "title" : "Identifies the Subject", + "description" : "A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else.", + "$id" : "#assembly_oscal-assessment-common_subject-reference", + "type" : "object", + "properties" : + { "subject-uuid" : + { "title" : "Subject Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Subject Universally Unique Identifier Reference Type", + "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Subject Reference Title", + "description" : "The title or name for the referenced subject.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "subject-uuid", + "type" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:assessment-assets" : + { "title" : "Assessment Assets", + "description" : "Identifies the assets used to perform this assessment, such as the assessment team, scanning tools, and assumptions.", + "$id" : "#assembly_oscal-assessment-common_assessment-assets", + "type" : "object", + "properties" : + { "components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, + "assessment-platforms" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Assessment Platform", + "description" : "Used to represent the toolset used to perform aspects of the assessment.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Assessment Platform Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Assessment Platform Title", + "description" : "The title or name for the assessment platform.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "uses-components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Uses Component", + "description" : "The set of components that are used by the assessment platform.", + "type" : "object", + "properties" : + { "component-uuid" : + { "title" : "Component Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "User Title", - "description" : "A name given to the user, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "User Short Name", - "description" : "A short common name, abbreviation, or acronym for the user.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "User Description", - "description" : "A summary of the user's purpose within the system.", - "type" : "string" }, - "props" : - { "type" : "array", + "props" : + { "type" : "array", "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", + "links" : + { "type" : "array", "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-metadata_link" } }, - "role-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_role-id" } }, - "authorized-privileges" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_authorized-privilege" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false }, - "oscal-ap-oscal-implementation-common:authorized-privilege" : - { "title" : "Privilege", - "description" : "Identifies a specific system privilege held by the user, along with an associated description and/or rationale for the privilege.", - "$id" : "#assembly_oscal-implementation-common_authorized-privilege", - "type" : "object", - "properties" : - { "title" : - { "title" : "Privilege Title", - "description" : "A human readable name for the privilege.", - "type" : "string" }, - "description" : - { "title" : "Privilege Description", - "description" : "A summary of the privilege's purpose within the system.", - "type" : "string" }, - "functions-performed" : - { "type" : "array", + "responsible-parties" : + { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#field_oscal-implementation-common_function-performed" } } }, - "required" : - [ "title", - "functions-performed" ], - "additionalProperties" : false }, - "oscal-ap-oscal-implementation-common:function-performed" : - { "title" : "Functions Performed", - "description" : "Describes a function performed for a given authorized privilege by this user class.", - "$id" : "#field_oscal-implementation-common_function-performed", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-ap-oscal-implementation-common:inventory-item" : - { "title" : "Inventory Item", - "description" : "A single managed inventory item within the system.", - "$id" : "#assembly_oscal-implementation-common_inventory-item", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Inventory Item Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "component-uuid" ], + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } } }, + "required" : + [ "assessment-platforms" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:finding-target" : + { "title" : "Objective Status", + "description" : "Captures an assessor's conclusions regarding the degree to which an objective is satisfied.", + "$id" : "#assembly_oscal-assessment-common_finding-target", + "type" : "object", + "properties" : + { "type" : + { "title" : "Finding Target Type", + "description" : "Identifies the type of the target.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "statement-id", + "objective-id" ] } ] }, + "target-id" : + { "title" : "Finding Target Identifier Reference", + "description" : "A machine-oriented identifier reference for a specific target qualified by the type.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Objective Status Title", + "description" : "The title for this objective status.", + "type" : "string" }, + "description" : + { "title" : "Objective Status Description", + "description" : "A human-readable description of the assessor's conclusions regarding the degree to which an objective is satisfied.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "status" : + { "title" : "Objective Status", + "description" : "A determination of if the objective is satisfied or not within a given system.", + "type" : "object", + "properties" : + { "state" : + { "title" : "Objective Status State", + "description" : "An indication as to whether the objective is satisfied or not.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "satisfied", + "not-satisfied" ] } ] }, + "reason" : + { "title" : "Objective Status Reason", + "description" : "The reason the objective was given it's status.", + "$ref" : "#/definitions/TokenDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "state" ], + "additionalProperties" : false }, + "implementation-status" : + { "$ref" : "#assembly_oscal-implementation-common_implementation-status" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "type", + "target-id", + "status" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:finding" : + { "title" : "Finding", + "description" : "Describes an individual finding.", + "$id" : "#assembly_oscal-assessment-common_finding", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Finding Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Finding Title", + "description" : "The title for this finding.", + "type" : "string" }, + "description" : + { "title" : "Finding Description", + "description" : "A human-readable description of this finding.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "origins" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin" } }, + "target" : + { "$ref" : "#assembly_oscal-assessment-common_finding-target" }, + "implementation-statement-uuid" : + { "title" : "Implementation Statement UUID", + "description" : "A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related.", + "$ref" : "#/definitions/UUIDDatatype" }, + "related-observations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Related Observation", + "description" : "Relates the finding to a set of referenced observations that were used to determine the finding.", + "type" : "object", + "properties" : + { "observation-uuid" : + { "title" : "Observation Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "observation-uuid" ], + "additionalProperties" : false } }, + "related-risks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Associated Risk", + "description" : "Relates the finding to a set of referenced risks that were used to determine the finding.", + "type" : "object", + "properties" : + { "risk-uuid" : + { "title" : "Risk Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a risk defined in the list of risks.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "risk-uuid" ], + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "title", + "description", + "target" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:observation" : + { "title" : "Observation", + "description" : "Describes an individual observation.", + "$id" : "#assembly_oscal-assessment-common_observation", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Observation Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Observation Title", + "description" : "The title for this observation.", + "type" : "string" }, + "description" : + { "title" : "Observation Description", + "description" : "A human-readable description of this assessment observation.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "methods" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Observation Method", + "description" : "Identifies how the observation was made.", + "$ref" : "#/definitions/StringDatatype" } }, + "types" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Observation Type", + "description" : "Identifies the nature of the observation. More than one may be used to further qualify and enable filtering.", + "$ref" : "#/definitions/TokenDatatype" } }, + "origins" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin" } }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } }, + "relevant-evidence" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Relevant Evidence", + "description" : "Links this observation to relevant evidence.", + "type" : "object", + "properties" : + { "href" : + { "title" : "Relevant Evidence Reference", + "description" : "A resolvable URL reference to relevant evidence.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "description" : + { "title" : "Relevant Evidence Description", + "description" : "A human-readable description of this evidence.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "description" ], + "additionalProperties" : false } }, + "collected" : + { "title" : "Collected Field", + "description" : "Date/time stamp identifying when the finding information was collected.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "expires" : + { "title" : "Expires Field", + "description" : "Date/time identifying when the finding information is out-of-date and no longer valid. Typically used with continuous assessment scenarios.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description", + "methods", + "collected" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:origin" : + { "title" : "Origin", + "description" : "Identifies the source of the finding, such as a tool, interviewed person, or activity.", + "$id" : "#assembly_oscal-assessment-common_origin", + "type" : "object", + "properties" : + { "actors" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin-actor" } }, + "related-tasks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_related-task" } } }, + "required" : + [ "actors" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:origin-actor" : + { "title" : "Originating Actor", + "description" : "The actor that produces an observation, a finding, or a risk. One or more actor type can be used to specify a person that is using a tool.", + "$id" : "#assembly_oscal-assessment-common_origin-actor", + "type" : "object", + "properties" : + { "type" : + { "title" : "Actor Type", + "description" : "The kind of actor.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "tool", + "assessment-platform", + "party" ] } ] }, + "actor-uuid" : + { "title" : "Actor Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to the tool or person based on the associated type.", + "$ref" : "#/definitions/UUIDDatatype" }, + "role-id" : + { "title" : "Actor Role", + "description" : "For a party, this can optionally be used to specify the role the actor was performing.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "type", + "actor-uuid" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:related-task" : + { "title" : "Task Reference", + "description" : "Identifies an individual task for which the containing object is a consequence of.", + "$id" : "#assembly_oscal-assessment-common_related-task", + "type" : "object", + "properties" : + { "task-uuid" : + { "title" : "Task Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a unique task.", + "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, + "identified-subject" : + { "title" : "Identified Subject", + "description" : "Used to detail assessment subjects that were identfied by this task.", + "type" : "object", + "properties" : + { "subject-placeholder-uuid" : + { "title" : "Assessment Subject Placeholder Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task.", + "$ref" : "#/definitions/UUIDDatatype" }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } } }, + "required" : + [ "subject-placeholder-uuid", + "subjects" ], + "additionalProperties" : false }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "task-uuid" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:threat-id" : + { "title" : "Threat ID", + "description" : "A pointer, by ID, to an externally-defined threat.", + "$id" : "#field_oscal-assessment-common_threat-id", + "type" : "object", + "properties" : + { "system" : + { "title" : "Threat Type Identification System", + "description" : "Specifies the source of the threat information.", + "$ref" : "#/definitions/URIDatatype" }, + "href" : + { "title" : "Threat Information Resource Reference", + "description" : "An optional location for the threat data, from which this ID originates.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id", + "system" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:risk" : + { "title" : "Identified Risk", + "description" : "An identified risk.", + "$id" : "#assembly_oscal-assessment-common_risk", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Risk Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Risk Title", + "description" : "The title for this risk.", + "type" : "string" }, + "description" : + { "title" : "Risk Description", + "description" : "A human-readable summary of the identified risk, to include a statement of how the risk impacts the system.", + "type" : "string" }, + "statement" : + { "title" : "Risk Statement", + "description" : "An summary of impact for how the risk affects the system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "status" : + { "$ref" : "#field_oscal-assessment-common_risk-status" }, + "origins" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin" } }, + "threat-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-assessment-common_threat-id" } }, + "characterizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_characterization" } }, + "mitigating-factors" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Mitigating Factor", + "description" : "Describes an existing mitigating factor that may affect the overall determination of the risk, with an optional link to an implementation statement in the SSP.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Mitigating Factor Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "implementation-uuid" : + { "title" : "Implementation UUID", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Mitigating Factor Description", + "description" : "A human-readable description of this mitigating factor.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false } }, + "deadline" : + { "title" : "Risk Resolution Deadline", + "description" : "The date/time by which the risk must be resolved.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "remediations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_response" } }, + "risk-log" : + { "title" : "Risk Log", + "description" : "A log of all risk-related tasks taken.", + "type" : "object", + "properties" : + { "entries" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Risk Log Entry", + "description" : "Identifies an individual risk response that occurred as part of managing an identified risk.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Risk Log Entry Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Title", + "description" : "The title for this risk log entry.", + "type" : "string" }, "description" : - { "title" : "Inventory Item Description", - "description" : "A summary of the inventory item stating its purpose within the system.", - "type" : "string" }, + { "title" : "Risk Task Description", + "description" : "A human-readable description of what was done regarding the risk.", + "type" : "string" }, + "start" : + { "title" : "Start", + "description" : "Identifies the start date and time of the event.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "end" : + { "title" : "End", + "description" : "Identifies the end date and time of the event. If the event is a point in time, the start and end will be the same date and time.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "props" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, "links" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "implemented-components" : + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "logged-by" : { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Implemented Component", - "description" : "The set of components that are implemented in a given system inventory item.", - "type" : "object", - "properties" : - { "component-uuid" : - { "title" : "Component Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "component-uuid" ], - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false }, - "oscal-ap-oscal-implementation-common:set-parameter" : - { "title" : "Set Parameter Value", - "description" : "Identifies the parameter that will be set by the enclosed value.", - "$id" : "#assembly_oscal-implementation-common_set-parameter", - "type" : "object", - "properties" : - { "param-id" : - { "title" : "Parameter ID", - "description" : "A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context.", - "$ref" : "#/definitions/TokenDatatype" }, - "values" : + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_logged-by" } }, + "status-change" : + { "$ref" : "#field_oscal-assessment-common_risk-status" }, + "related-responses" : { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Parameter Value", - "description" : "A parameter value or set of values.", - "$ref" : "#/definitions/StringDatatype" } }, + "minItems" : 1, + "items" : + { "title" : "Risk Response Reference", + "description" : "Identifies an individual risk response that this log entry is for.", + "type" : "object", + "properties" : + { "response-uuid" : + { "title" : "Response Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a unique risk response.", + "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "related-tasks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_related-task" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "response-uuid" ], + "additionalProperties" : false } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "param-id", - "values" ], - "additionalProperties" : false }, - "oscal-ap-oscal-implementation-common:system-id" : - { "title" : "System Identification", - "description" : "A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document.", - "$id" : "#field_oscal-implementation-common_system-id", - "type" : "object", - "properties" : - { "identifier-type" : - { "title" : "Identification System Type", - "description" : "Identifies the identification system from which the provided identifier was assigned.", - "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id" ], - "additionalProperties" : false }, - "Base64Datatype" : - { "type" : "string", - "pattern" : "^[0-9A-Fa-f]+$", - "contentEncoding" : "base64" }, - "DateTimeWithTimezoneDatatype" : - { "type" : "string", - "format" : "date-time", - "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, - "EmailAddressDatatype" : - { "type" : "string", - "format" : "email", - "pattern" : "^.+@.+$" }, - "IntegerDatatype" : - { "type" : "integer" }, - "NonNegativeIntegerDatatype" : - { "allOf" : - [ - { "$ref" : "#/definitions/IntegerDatatype" }, - - { "minimum" : 0, - "type" : "number" } ] }, - "PositiveIntegerDatatype" : - { "allOf" : + "required" : + [ "uuid", + "start" ], + "additionalProperties" : false } } }, + "required" : + [ "entries" ], + "additionalProperties" : false }, + "related-observations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Related Observation", + "description" : "Relates the finding to a set of referenced observations that were used to determine the finding.", + "type" : "object", + "properties" : + { "observation-uuid" : + { "title" : "Observation Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "observation-uuid" ], + "additionalProperties" : false } } }, + "required" : + [ "uuid", + "title", + "description", + "statement", + "status" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:logged-by" : + { "title" : "Logged By", + "description" : "Used to indicate who created a log entry in what role.", + "$id" : "#assembly_oscal-assessment-common_logged-by", + "type" : "object", + "properties" : + { "party-uuid" : + { "title" : "Party UUID Reference", + "description" : "A machine-oriented identifier reference to the party who is making the log entry.", + "$ref" : "#/definitions/UUIDDatatype" }, + "role-id" : + { "title" : "Actor Role", + "description" : "A point to the role-id of the role in which the party is making the log entry.", + "$ref" : "#/definitions/TokenDatatype" } }, + "required" : + [ "party-uuid" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:risk-status" : + { "title" : "Risk Status", + "description" : "Describes the status of the associated risk.", + "$id" : "#field_oscal-assessment-common_risk-status", + "$ref" : "#/definitions/TokenDatatype" }, + "oscal-ap-oscal-assessment-common:characterization" : + { "title" : "Characterization", + "description" : "A collection of descriptive data about the containing object from a specific origin.", + "$id" : "#assembly_oscal-assessment-common_characterization", + "type" : "object", + "properties" : + { "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "origin" : + { "$ref" : "#assembly_oscal-assessment-common_origin" }, + "facets" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Facet", + "description" : "An individual characteristic that is part of a larger set produced by the same actor.", + "type" : "object", + "properties" : + { "name" : + { "title" : "Facet Name", + "description" : "The name of the risk metric within the specified system.", + "$ref" : "#/definitions/TokenDatatype" }, + "system" : + { "title" : "Naming System", + "description" : "Specifies the naming system under which this risk metric is organized, which allows for the same names to be used in different systems controlled by different parties. This avoids the potential of a name clash.", + "$ref" : "#/definitions/URIDatatype" }, + "value" : + { "title" : "Facet Value", + "description" : "Indicates the value of the facet.", + "$ref" : "#/definitions/StringDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "name", + "system", + "value" ], + "additionalProperties" : false } } }, + "required" : + [ "origin", + "facets" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:response" : + { "title" : "Risk Response", + "description" : "Describes either recommended or an actual plan for addressing the risk.", + "$id" : "#assembly_oscal-assessment-common_response", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Remediation Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "lifecycle" : + { "title" : "Remediation Intent", + "description" : "Identifies whether this is a recommendation, such as from an assessor or tool, or an actual plan accepted by the system owner.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Response Title", + "description" : "The title for this response activity.", + "type" : "string" }, + "description" : + { "title" : "Response Description", + "description" : "A human-readable description of this response plan.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "origins" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin" } }, + "required-assets" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Required Asset", + "description" : "Identifies an asset required to achieve remediation.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Required Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } }, + "title" : + { "title" : "Title for Required Asset", + "description" : "The title for this required asset.", + "type" : "string" }, + "description" : + { "title" : "Description of Required Asset", + "description" : "A human-readable description of this required asset.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false } }, + "tasks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_task" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "lifecycle", + "title", + "description" ], + "additionalProperties" : false }, + "oscal-ap-oscal-assessment-common:assessment-part" : + { "title" : "Assessment Part", + "description" : "A partition of an assessment plan or results or a child of another part.", + "$id" : "#assembly_oscal-assessment-common_assessment-part", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Part Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "name" : + { "title" : "Part Name", + "description" : "A textual label that uniquely identifies the part's semantic type.", + "$ref" : "#/definitions/TokenDatatype" }, + "ns" : + { "title" : "Part Namespace", + "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "class" : + { "title" : "Part Class", + "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Part Title", + "description" : "A name given to the part, which may be used by a tool for display and navigation.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "prose" : + { "title" : "Part Text", + "description" : "Permits multiple paragraphs, lists, tables etc.", + "type" : "string" }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-part" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "name" ], + "additionalProperties" : false }, + "oscal-ap-oscal-control-common:part" : + { "title" : "Part", + "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", + "$id" : "#assembly_oscal-control-common_part", + "type" : "object", + "properties" : + { "id" : + { "title" : "Part Identifier", + "description" : "A unique identifier for the part.", + "$ref" : "#/definitions/TokenDatatype" }, + "name" : + { "title" : "Part Name", + "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", + "$ref" : "#/definitions/TokenDatatype" }, + "ns" : + { "title" : "Part Namespace", + "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "class" : + { "title" : "Part Class", + "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Part Title", + "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "prose" : + { "title" : "Part Text", + "description" : "Permits multiple paragraphs, lists, tables etc.", + "type" : "string" }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_part" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "name" ], + "additionalProperties" : false }, + "oscal-ap-oscal-control-common:parameter" : + { "title" : "Parameter", + "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", + "$id" : "#assembly_oscal-control-common_parameter", + "type" : "object", + "properties" : + { "id" : + { "title" : "Parameter Identifier", + "description" : "A unique identifier for the parameter.", + "$ref" : "#/definitions/TokenDatatype" }, + "class" : + { "title" : "Parameter Class", + "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", + "$ref" : "#/definitions/TokenDatatype" }, + "depends-on" : + { "title" : "Depends on", + "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "label" : + { "title" : "Parameter Label", + "description" : "A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned.", + "type" : "string" }, + "usage" : + { "title" : "Parameter Usage Description", + "description" : "Describes the purpose and use of a parameter.", + "type" : "string" }, + "constraints" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, + "guidelines" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, + "values" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-control-common_parameter-value" } }, + "select" : + { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id" ], + "additionalProperties" : false }, + "oscal-ap-oscal-control-common:parameter-constraint" : + { "title" : "Constraint", + "description" : "A formal or informal expression of a constraint or test.", + "$id" : "#assembly_oscal-control-common_parameter-constraint", + "type" : "object", + "properties" : + { "description" : + { "title" : "Constraint Description", + "description" : "A textual summary of the constraint to be applied.", + "type" : "string" }, + "tests" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Constraint Test", + "description" : "A test expression which is expected to be evaluated by a tool.", + "type" : "object", + "properties" : + { "expression" : + { "title" : "Constraint test", + "description" : "A formal (executable) expression of a constraint.", + "$ref" : "#/definitions/StringDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "expression" ], + "additionalProperties" : false } } }, + "additionalProperties" : false }, + "oscal-ap-oscal-control-common:parameter-guideline" : + { "title" : "Guideline", + "description" : "A prose statement that provides a recommendation for the use of a parameter.", + "$id" : "#assembly_oscal-control-common_parameter-guideline", + "type" : "object", + "properties" : + { "prose" : + { "title" : "Guideline Text", + "description" : "Prose permits multiple paragraphs, lists, tables etc.", + "type" : "string" } }, + "required" : + [ "prose" ], + "additionalProperties" : false }, + "oscal-ap-oscal-control-common:parameter-value" : + { "title" : "Parameter Value", + "description" : "A parameter value or set of values.", + "$id" : "#field_oscal-control-common_parameter-value", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-ap-oscal-control-common:parameter-selection" : + { "title" : "Selection", + "description" : "Presenting a choice among alternatives.", + "$id" : "#assembly_oscal-control-common_parameter-selection", + "type" : "object", + "properties" : + { "how-many" : + { "title" : "Parameter Cardinality", + "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "one", + "one-or-more" ] } ] }, + "choice" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Choice", + "description" : "A value selection among several such options.", + "type" : "string" } } }, + "additionalProperties" : false }, + "oscal-ap-oscal-control-common:include-all" : + { "title" : "Include All", + "description" : "Include all controls from the imported catalog or profile resources.", + "$id" : "#assembly_oscal-control-common_include-all", + "type" : "object", + "additionalProperties" : false }, + "oscal-ap-oscal-implementation-common:system-component" : + { "title" : "Component", + "description" : "A defined component that can be part of an implemented system.", + "$id" : "#assembly_oscal-implementation-common_system-component", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Component Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Component Type", + "description" : "A category describing the purpose of the component.", + "$ref" : "#/definitions/StringDatatype" }, + "title" : + { "title" : "Component Title", + "description" : "A human readable name for the system component.", + "type" : "string" }, + "description" : + { "title" : "Component Description", + "description" : "A description of the component, including information about its function.", + "type" : "string" }, + "purpose" : + { "title" : "Purpose", + "description" : "A summary of the technological or business purpose of the component.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "status" : + { "title" : "Status", + "description" : "Describes the operational status of the system component.", + "type" : "object", + "properties" : + { "state" : + { "title" : "State", + "description" : "The operational status.", + "allOf" : [ - { "$ref" : "#/definitions/IntegerDatatype" }, - - { "minimum" : 1, - "type" : "number" } ] }, - "StringDatatype" : - { "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, - "TokenDatatype" : - { "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, - "URIDatatype" : - { "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, - "URIReferenceDatatype" : - { "type" : "string", - "format" : "uri-reference" }, - "UUIDDatatype" : - { "type" : "string", - "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "under-development", + "operational", + "disposition", + "other" ] } ] }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "state" ], + "additionalProperties" : false }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "protocols" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_protocol" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "title", + "description", + "status" ], + "additionalProperties" : false }, + "oscal-ap-oscal-implementation-common:protocol" : + { "title" : "Service Protocol Information", + "description" : "Information about the protocol used to provide a service.", + "$id" : "#assembly_oscal-implementation-common_protocol", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Service Protocol Information Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "name" : + { "title" : "Protocol Name", + "description" : "The common name of the protocol, which should be the appropriate \"service name\" from the IANA Service Name and Transport Protocol Port Number Registry.", + "$ref" : "#/definitions/StringDatatype" }, + "title" : + { "title" : "Protocol Title", + "description" : "A human readable name for the protocol (e.g., Transport Layer Security).", + "type" : "string" }, + "port-ranges" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_port-range" } } }, + "required" : + [ "name" ], + "additionalProperties" : false }, + "oscal-ap-oscal-implementation-common:port-range" : + { "title" : "Port Range", + "description" : "Where applicable this is the IPv4 port range on which the service operates.", + "$id" : "#assembly_oscal-implementation-common_port-range", + "type" : "object", + "properties" : + { "start" : + { "title" : "Start", + "description" : "Indicates the starting port number in a port range", + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, + "end" : + { "title" : "End", + "description" : "Indicates the ending port number in a port range", + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, + "transport" : + { "title" : "Transport", + "description" : "Indicates the transport type.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "TCP", + "UDP" ] } ] } }, + "additionalProperties" : false }, + "oscal-ap-oscal-implementation-common:implementation-status" : + { "title" : "Implementation Status", + "description" : "Indicates the degree to which the a given control is implemented.", + "$id" : "#assembly_oscal-implementation-common_implementation-status", + "type" : "object", + "properties" : + { "state" : + { "title" : "Implementation State", + "description" : "Identifies the implementation status of the control or control objective.", + "$ref" : "#/definitions/TokenDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "state" ], + "additionalProperties" : false }, + "oscal-ap-oscal-implementation-common:system-user" : + { "title" : "System User", + "description" : "A type of user that interacts with the system based on an associated role.", + "$id" : "#assembly_oscal-implementation-common_system-user", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "User Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "User Title", + "description" : "A name given to the user, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "User Short Name", + "description" : "A short common name, abbreviation, or acronym for the user.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "User Description", + "description" : "A summary of the user's purpose within the system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "role-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_role-id" } }, + "authorized-privileges" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_authorized-privilege" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false }, + "oscal-ap-oscal-implementation-common:authorized-privilege" : + { "title" : "Privilege", + "description" : "Identifies a specific system privilege held by the user, along with an associated description and/or rationale for the privilege.", + "$id" : "#assembly_oscal-implementation-common_authorized-privilege", + "type" : "object", + "properties" : + { "title" : + { "title" : "Privilege Title", + "description" : "A human readable name for the privilege.", + "type" : "string" }, + "description" : + { "title" : "Privilege Description", + "description" : "A summary of the privilege's purpose within the system.", + "type" : "string" }, + "functions-performed" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-implementation-common_function-performed" } } }, + "required" : + [ "title", + "functions-performed" ], + "additionalProperties" : false }, + "oscal-ap-oscal-implementation-common:function-performed" : + { "title" : "Functions Performed", + "description" : "Describes a function performed for a given authorized privilege by this user class.", + "$id" : "#field_oscal-implementation-common_function-performed", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-ap-oscal-implementation-common:inventory-item" : + { "title" : "Inventory Item", + "description" : "A single managed inventory item within the system.", + "$id" : "#assembly_oscal-implementation-common_inventory-item", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Inventory Item Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Inventory Item Description", + "description" : "A summary of the inventory item stating its purpose within the system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "implemented-components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Implemented Component", + "description" : "The set of components that are implemented in a given system inventory item.", + "type" : "object", + "properties" : + { "component-uuid" : + { "title" : "Component Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", + "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "component-uuid" ], + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false }, + "oscal-ap-oscal-implementation-common:set-parameter" : + { "title" : "Set Parameter Value", + "description" : "Identifies the parameter that will be set by the enclosed value.", + "$id" : "#assembly_oscal-implementation-common_set-parameter", + "type" : "object", + "properties" : + { "param-id" : + { "title" : "Parameter ID", + "description" : "A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context.", + "$ref" : "#/definitions/TokenDatatype" }, + "values" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Parameter Value", + "description" : "A parameter value or set of values.", + "$ref" : "#/definitions/StringDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "param-id", + "values" ], + "additionalProperties" : false }, + "oscal-ap-oscal-implementation-common:system-id" : + { "title" : "System Identification", + "description" : "A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document.", + "$id" : "#field_oscal-implementation-common_system-id", + "type" : "object", "properties" : - { "assessment-plan" : - { "$ref" : "#assembly_oscal-ap_assessment-plan" } }, + { "identifier-type" : + { "title" : "Identification System Type", + "description" : "Identifies the identification system from which the provided identifier was assigned.", + "$ref" : "#/definitions/URIDatatype" }, + "id" : + { "type" : "string" } }, "required" : - [ "assessment-plan" ], - "additionalProperties" : false, - "maxProperties" : 1 } \ No newline at end of file + [ "id" ], + "additionalProperties" : false }, + "Base64Datatype" : + { "type" : "string", + "pattern" : "^[0-9A-Fa-f]+$", + "contentEncoding" : "base64" }, + "DateTimeWithTimezoneDatatype" : + { "type" : "string", + "format" : "date-time", + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, + "EmailAddressDatatype" : + { "type" : "string", + "format" : "email", + "pattern" : "^.+@.+$" }, + "IntegerDatatype" : + { "type" : "integer" }, + "NonNegativeIntegerDatatype" : + { "allOf" : + [ + { "$ref" : "#/definitions/IntegerDatatype" }, + + { "minimum" : 0, + "type" : "number" } ] }, + "PositiveIntegerDatatype" : + { "allOf" : + [ + { "$ref" : "#/definitions/IntegerDatatype" }, + + { "minimum" : 1, + "type" : "number" } ] }, + "StringDatatype" : + { "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "TokenDatatype" : + { "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "URIDatatype" : + { "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "URIReferenceDatatype" : + { "type" : "string", + "format" : "uri-reference" }, + "UUIDDatatype" : + { "type" : "string", + "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "properties" : + { "assessment-plan" : + { "$ref" : "#assembly_oscal-ap_assessment-plan" } }, + "required" : + [ "assessment-plan" ], + "additionalProperties" : false, + "maxProperties" : 1 } \ No newline at end of file diff --git a/json/schema/oscal_assessment-results_schema.json b/json/schema/oscal_assessment-results_schema.json index 8116a32f3b..4e42d5e9cb 100644 --- a/json/schema/oscal_assessment-results_schema.json +++ b/json/schema/oscal_assessment-results_schema.json @@ -1,2976 +1,2971 @@ - { "$schema" : "http://json-schema.org/draft-07/schema#", - "$id" : "http://csrc.nist.gov/ns/oscal/1.0.4/oscal-ar-schema.json", - "$comment" : "OSCAL Assessment Results Model: JSON Schema", + { "$schema" : "http://json-schema.org/draft-07/schema#", + "$id" : "http://csrc.nist.gov/ns/oscal/1.0.4/oscal-ar-schema.json", + "$comment" : "OSCAL Assessment Results Model: JSON Schema", + "type" : "object", + "definitions" : + { "oscal-ar-oscal-ar:assessment-results" : + { "title" : "Security Assessment Results (SAR)", + "description" : "Security assessment results, such as those provided by a FedRAMP assessor in the FedRAMP Security Assessment Report.", + "$id" : "#assembly_oscal-ar_assessment-results", "type" : "object", - "definitions" : - { "oscal-ar-oscal-ar:assessment-results" : - { "title" : "Security Assessment Results (SAR)", - "description" : "Security assessment results, such as those provided by a FedRAMP assessor in the FedRAMP Security Assessment Report.", - "$id" : "#assembly_oscal-ar_assessment-results", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Assessment Results Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment results instance in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "metadata" : - { "$ref" : "#assembly_oscal-metadata_metadata" }, - "import-ap" : - { "$ref" : "#assembly_oscal-ar_import-ap" }, - "local-definitions" : - { "title" : "Local Definitions", - "description" : "Used to define data objects that are used in the assessment plan, that do not appear in the referenced SSP.", - "type" : "object", - "properties" : - { "objectives-and-methods" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_local-objective" } }, - "activities" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_activity" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "additionalProperties" : false }, - "results" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-ar_result" } }, - "back-matter" : - { "$ref" : "#assembly_oscal-metadata_back-matter" } }, - "required" : - [ "uuid", - "metadata", - "import-ap", - "results" ], - "additionalProperties" : false }, - "oscal-ar-oscal-ar:result" : - { "title" : "Assessment Result", - "description" : "Used by the assessment results and POA&M. In the assessment results, this identifies all of the assessment observations and findings, initial and residual risks, deviations, and disposition. In the POA&M, this identifies initial and residual risks, deviations, and disposition.", - "$id" : "#assembly_oscal-ar_result", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Results Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this set of results in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, + "properties" : + { "uuid" : + { "title" : "Assessment Results Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment results instance in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "metadata" : + { "$ref" : "#assembly_oscal-metadata_metadata" }, + "import-ap" : + { "$ref" : "#assembly_oscal-ar_import-ap" }, + "local-definitions" : + { "title" : "Local Definitions", + "description" : "Used to define data objects that are used in the assessment plan, that do not appear in the referenced SSP.", + "type" : "object", + "properties" : + { "objectives-and-methods" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_local-objective" } }, + "activities" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_activity" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "additionalProperties" : false }, + "results" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-ar_result" } }, + "back-matter" : + { "$ref" : "#assembly_oscal-metadata_back-matter" } }, + "required" : + [ "uuid", + "metadata", + "import-ap", + "results" ], + "additionalProperties" : false }, + "oscal-ar-oscal-ar:result" : + { "title" : "Assessment Result", + "description" : "Used by the assessment results and POA&M. In the assessment results, this identifies all of the assessment observations and findings, initial and residual risks, deviations, and disposition. In the POA&M, this identifies initial and residual risks, deviations, and disposition.", + "$id" : "#assembly_oscal-ar_result", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Results Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this set of results in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Results Title", + "description" : "The title for this set of results.", + "type" : "string" }, + "description" : + { "title" : "Results Description", + "description" : "A human-readable description of this set of test results.", + "type" : "string" }, + "start" : + { "title" : "start field", + "description" : "Date/time stamp identifying the start of the evidence collection reflected in these results.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "end" : + { "title" : "end field", + "description" : "Date/time stamp identifying the end of the evidence collection reflected in these results. In a continuous motoring scenario, this may contain the same value as start if appropriate.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "local-definitions" : + { "title" : "Local Definitions", + "description" : "Used to define data objects that are used in the assessment plan, that do not appear in the referenced SSP.", + "type" : "object", + "properties" : + { "components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, + "inventory-items" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_inventory-item" } }, + "users" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_system-user" } }, + "assessment-assets" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-assets" }, + "tasks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_task" } } }, + "additionalProperties" : false }, + "reviewed-controls" : + { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, + "attestations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Attestation Statements", + "description" : "A set of textual statements, typically written by the assessor.", + "type" : "object", + "properties" : + { "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-part" } } }, + "required" : + [ "parts" ], + "additionalProperties" : false } }, + "assessment-log" : + { "title" : "Assessment Log", + "description" : "A log of all assessment-related actions taken.", + "type" : "object", + "properties" : + { "entries" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Assessment Log Entry", + "description" : "Identifies the result of an action and/or task that occurred as part of executing an assessment plan or an assessment event that occurred in producing the assessment results.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Assessment Log Entry Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference an assessment event in this or other OSCAL instances. The locally defined UUID of the assessment log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, "title" : - { "title" : "Results Title", - "description" : "The title for this set of results.", - "type" : "string" }, + { "title" : "Action Title", + "description" : "The title for this event.", + "type" : "string" }, "description" : - { "title" : "Results Description", - "description" : "A human-readable description of this set of test results.", - "type" : "string" }, + { "title" : "Action Description", + "description" : "A human-readable description of this event.", + "type" : "string" }, "start" : - { "title" : "start field", - "description" : "Date/time stamp identifying the start of the evidence collection reflected in these results.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + { "title" : "Start", + "description" : "Identifies the start date and time of an event.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "end" : - { "title" : "end field", - "description" : "Date/time stamp identifying the end of the evidence collection reflected in these results. In a continuous motoring scenario, this may contain the same value as start if appropriate.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + { "title" : "End", + "description" : "Identifies the end date and time of an event. If the event is a point in time, the start and end will be the same date and time.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "props" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, "links" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "local-definitions" : - { "title" : "Local Definitions", - "description" : "Used to define data objects that are used in the assessment plan, that do not appear in the referenced SSP.", - "type" : "object", - "properties" : - { "components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, - "inventory-items" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_inventory-item" } }, - "users" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_system-user" } }, - "assessment-assets" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-assets" }, - "tasks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_task" } } }, - "additionalProperties" : false }, - "reviewed-controls" : - { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, - "attestations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Attestation Statements", - "description" : "A set of textual statements, typically written by the assessor.", - "type" : "object", - "properties" : - { "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-part" } } }, - "required" : - [ "parts" ], - "additionalProperties" : false } }, - "assessment-log" : - { "title" : "Assessment Log", - "description" : "A log of all assessment-related actions taken.", - "type" : "object", - "properties" : - { "entries" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Assessment Log Entry", - "description" : "Identifies the result of an action and/or task that occurred as part of executing an assessment plan or an assessment event that occurred in producing the assessment results.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Assessment Log Entry Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference an assessment event in this or other OSCAL instances. The locally defined UUID of the assessment log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Action Title", - "description" : "The title for this event.", - "type" : "string" }, - "description" : - { "title" : "Action Description", - "description" : "A human-readable description of this event.", - "type" : "string" }, - "start" : - { "title" : "Start", - "description" : "Identifies the start date and time of an event.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "end" : - { "title" : "End", - "description" : "Identifies the end date and time of an event. If the event is a point in time, the start and end will be the same date and time.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "logged-by" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_logged-by" } }, - "related-tasks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_related-task" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "start" ], - "additionalProperties" : false } } }, - "required" : - [ "entries" ], - "additionalProperties" : false }, - "observations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_observation" } }, - "risks" : + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "logged-by" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_risk" } }, - "findings" : + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_logged-by" } }, + "related-tasks" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_finding" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "title", - "description", - "start", - "reviewed-controls" ], - "additionalProperties" : false }, - "oscal-ar-oscal-ar:import-ap" : - { "title" : "Import Assessment Plan", - "description" : "Used by assessment-results to import information about the original plan for assessing the system.", - "$id" : "#assembly_oscal-ar_import-ap", - "type" : "object", - "properties" : - { "href" : - { "title" : "Assessment Plan Reference", - "description" : "A resolvable URL reference to the assessment plan governing the assessment activities.", - "$ref" : "#/definitions/URIReferenceDatatype" }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_related-task" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "href" ], - "additionalProperties" : false }, - "oscal-ar-oscal-metadata:metadata" : - { "title" : "Document Metadata", - "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", - "$id" : "#assembly_oscal-metadata_metadata", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "revisions" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Revision History Entry", - "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "version" ], - "additionalProperties" : false } }, - "document-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_document-id" } }, + "required" : + [ "uuid", + "start" ], + "additionalProperties" : false } } }, + "required" : + [ "entries" ], + "additionalProperties" : false }, + "observations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_observation" } }, + "risks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_risk" } }, + "findings" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_finding" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "title", + "description", + "start", + "reviewed-controls" ], + "additionalProperties" : false }, + "oscal-ar-oscal-ar:import-ap" : + { "title" : "Import Assessment Plan", + "description" : "Used by assessment-results to import information about the original plan for assessing the system.", + "$id" : "#assembly_oscal-ar_import-ap", + "type" : "object", + "properties" : + { "href" : + { "title" : "Assessment Plan Reference", + "description" : "A resolvable URL reference to the assessment plan governing the assessment activities.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "href" ], + "additionalProperties" : false }, + "oscal-ar-oscal-metadata:metadata" : + { "title" : "Document Metadata", + "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", + "$id" : "#assembly_oscal-metadata_metadata", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "revisions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Revision History Entry", + "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "version" ], + "additionalProperties" : false } }, + "document-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_document-id" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Role", + "description" : "Defines a function, which might be assigned to a party in a specific situation.", + "type" : "object", + "properties" : + { "id" : + { "title" : "Role Identifier", + "description" : "A unique identifier for the role.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Role Title", + "description" : "A name given to the role, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "Role Short Name", + "description" : "A short common name, abbreviation, or acronym for the role.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "Role Description", + "description" : "A summary of the role's purpose and associated responsibilities.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id", + "title" ], + "additionalProperties" : false } }, + "locations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location", + "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Location Universally Unique Identifier", + "description" : "A unique ID for the location, for reference.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Location Title", + "description" : "A name given to the location, which may be used by a tool for display and navigation.", + "type" : "string" }, + "address" : + { "$ref" : "#assembly_oscal-metadata_address" }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "urls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location URL", + "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", + "$ref" : "#/definitions/URIDatatype" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } }, + "parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party", + "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Party Universally Unique Identifier", + "description" : "A unique identifier for the party.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Party Type", + "description" : "A category describing the kind of party the object describes.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, + "name" : + { "title" : "Party Name", + "description" : "The full name of the party. This is typically the legal name associated with the party.", + "$ref" : "#/definitions/StringDatatype" }, + "short-name" : + { "title" : "Party Short Name", + "description" : "A short common name, abbreviation, or acronym for the party.", + "$ref" : "#/definitions/StringDatatype" }, + "external-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party External Identifier", + "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "External Identifier Schema", + "description" : "Indicates the type of external identifier.", + "$ref" : "#/definitions/URIDatatype" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id", + "scheme" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_address" } }, + "location-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_location-uuid" } }, + "member-of-organizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Organizational Affiliation", + "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type" ], + "additionalProperties" : false } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "actions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_action" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "title", + "last-modified", + "version", + "oscal-version" ], + "additionalProperties" : false }, + "oscal-ar-oscal-metadata:location-uuid" : + { "title" : "Location Universally Unique Identifier Reference", + "description" : "Reference to a location by UUID.", + "$id" : "#field_oscal-metadata_location-uuid", + "$ref" : "#/definitions/UUIDDatatype" }, + "oscal-ar-oscal-metadata:party-uuid" : + { "title" : "Party Universally Unique Identifier Reference", + "description" : "Reference to a party by UUID.", + "$id" : "#field_oscal-metadata_party-uuid", + "$ref" : "#/definitions/UUIDDatatype" }, + "oscal-ar-oscal-metadata:role-id" : + { "title" : "Role Identifier Reference", + "description" : "Reference to a role by UUID.", + "$id" : "#field_oscal-metadata_role-id", + "$ref" : "#/definitions/TokenDatatype" }, + "oscal-ar-oscal-metadata:back-matter" : + { "title" : "Back matter", + "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", + "$id" : "#assembly_oscal-metadata_back-matter", + "type" : "object", + "properties" : + { "resources" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Resource", + "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Resource Universally Unique Identifier", + "description" : "A unique identifier for a resource.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Resource Title", + "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", + "type" : "string" }, + "description" : + { "title" : "Resource Description", + "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "document-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_document-id" } }, + "citation" : + { "title" : "Citation", + "description" : "An optional citation consisting of end note text using structured markup.", + "type" : "object", + "properties" : + { "text" : + { "title" : "Citation Text", + "description" : "A line of citation text.", + "type" : "string" }, "props" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, "links" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Role", - "description" : "Defines a function, which might be assigned to a party in a specific situation.", - "type" : "object", - "properties" : - { "id" : - { "title" : "Role Identifier", - "description" : "A unique identifier for the role.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Role Title", - "description" : "A name given to the role, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "Role Short Name", - "description" : "A short common name, abbreviation, or acronym for the role.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "Role Description", - "description" : "A summary of the role's purpose and associated responsibilities.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id", - "title" ], - "additionalProperties" : false } }, - "locations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location", - "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Location Universally Unique Identifier", - "description" : "A unique ID for the location, for reference.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Location Title", - "description" : "A name given to the location, which may be used by a tool for display and navigation.", - "type" : "string" }, - "address" : - { "$ref" : "#assembly_oscal-metadata_address" }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "urls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location URL", - "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", - "$ref" : "#/definitions/URIDatatype" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false } }, - "parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party", - "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Party Universally Unique Identifier", - "description" : "A unique identifier for the party.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Party Type", - "description" : "A category describing the kind of party the object describes.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "person", - "organization" ] } ] }, - "name" : - { "title" : "Party Name", - "description" : "The full name of the party. This is typically the legal name associated with the party.", - "$ref" : "#/definitions/StringDatatype" }, - "short-name" : - { "title" : "Party Short Name", - "description" : "A short common name, abbreviation, or acronym for the party.", - "$ref" : "#/definitions/StringDatatype" }, - "external-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party External Identifier", - "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "External Identifier Schema", - "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id", - "scheme" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_address" } }, - "location-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_location-uuid" } }, - "member-of-organizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Organizational Affiliation", - "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type" ], - "additionalProperties" : false } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "actions" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_action" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "title", - "last-modified", - "version", - "oscal-version" ], - "additionalProperties" : false }, - "oscal-ar-oscal-metadata:location-uuid" : - { "title" : "Location Universally Unique Identifier Reference", - "description" : "Reference to a location by UUID.", - "$id" : "#field_oscal-metadata_location-uuid", - "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-ar-oscal-metadata:party-uuid" : - { "title" : "Party Universally Unique Identifier Reference", - "description" : "Reference to a party by UUID.", - "$id" : "#field_oscal-metadata_party-uuid", - "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-ar-oscal-metadata:role-id" : - { "title" : "Role Identifier Reference", - "description" : "Reference to a role by UUID.", - "$id" : "#field_oscal-metadata_role-id", - "$ref" : "#/definitions/TokenDatatype" }, - "oscal-ar-oscal-metadata:back-matter" : - { "title" : "Back matter", - "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", - "$id" : "#assembly_oscal-metadata_back-matter", - "type" : "object", - "properties" : - { "resources" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Resource", - "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Resource Universally Unique Identifier", - "description" : "A unique identifier for a resource.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Resource Title", - "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", - "type" : "string" }, - "description" : - { "title" : "Resource Description", - "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "document-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_document-id" } }, - "citation" : - { "title" : "Citation", - "description" : "An optional citation consisting of end note text using structured markup.", - "type" : "object", - "properties" : - { "text" : - { "title" : "Citation Text", - "description" : "A line of citation text.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "text" ], - "additionalProperties" : false }, - "rlinks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Resource link", - "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", - "type" : "object", - "properties" : - { "href" : - { "title" : "Hypertext Reference", - "description" : "A resolvable URL pointing to the referenced resource.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "media-type" : - { "title" : "Media Type", - "description" : "A label that indicates the nature of a resource, as a data serialization or format.", - "$ref" : "#/definitions/StringDatatype" }, - "hashes" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_hash" } } }, - "required" : - [ "href" ], - "additionalProperties" : false } }, - "base64" : - { "title" : "Base64", - "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", - "type" : "object", - "properties" : - { "filename" : - { "title" : "File Name", - "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "$ref" : "#/definitions/TokenDatatype" }, - "media-type" : - { "title" : "Media Type", - "description" : "A label that indicates the nature of a resource, as a data serialization or format.", - "$ref" : "#/definitions/StringDatatype" }, - "value" : - { "type" : "string" } }, - "required" : - [ "value" ], - "additionalProperties" : false }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false } } }, - "additionalProperties" : false }, - "oscal-ar-oscal-metadata:property" : - { "title" : "Property", - "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", - "$id" : "#assembly_oscal-metadata_property", - "type" : "object", - "properties" : - { "name" : - { "title" : "Property Name", - "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "marking" ] } ] }, - "uuid" : - { "title" : "Property Universally Unique Identifier", - "description" : "A unique identifier for a property.", - "$ref" : "#/definitions/UUIDDatatype" }, - "ns" : - { "title" : "Property Namespace", - "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", - "$ref" : "#/definitions/URIDatatype" }, - "value" : - { "title" : "Property Value", - "description" : "Indicates the value of the attribute, characteristic, or quality.", - "$ref" : "#/definitions/StringDatatype" }, - "class" : - { "title" : "Property Class", - "description" : "A textual label that provides a sub-type or characterization of the property's name.", - "$ref" : "#/definitions/TokenDatatype" }, - "group" : - { "title" : "Property Group", - "description" : "An identifier for relating distinct sets of properties.", - "$ref" : "#/definitions/TokenDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "name", - "value" ], - "additionalProperties" : false }, - "oscal-ar-oscal-metadata:link" : - { "title" : "Link", - "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", - "$id" : "#assembly_oscal-metadata_link", - "type" : "object", - "properties" : - { "href" : - { "title" : "Hypertext Reference", - "description" : "A resolvable URL reference to a resource.", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "text" ], + "additionalProperties" : false }, + "rlinks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Resource link", + "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", + "type" : "object", + "properties" : + { "href" : + { "title" : "Hypertext Reference", + "description" : "A resolvable URL pointing to the referenced resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, - "rel" : - { "title" : "Link Relation Type", - "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", - "$ref" : "#/definitions/TokenDatatype" }, - "media-type" : - { "title" : "Media Type", + "media-type" : + { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, - "resource-fragment" : - { "title" : "Resource Fragment", - "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", - "$ref" : "#/definitions/StringDatatype" }, - "text" : - { "title" : "Link Text", - "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", - "type" : "string" } }, + "hashes" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_hash" } } }, + "required" : + [ "href" ], + "additionalProperties" : false } }, + "base64" : + { "title" : "Base64", + "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", + "type" : "object", + "properties" : + { "filename" : + { "title" : "File Name", + "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", + "$ref" : "#/definitions/TokenDatatype" }, + "media-type" : + { "title" : "Media Type", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", + "$ref" : "#/definitions/StringDatatype" }, + "value" : + { "type" : "string" } }, + "required" : + [ "value" ], + "additionalProperties" : false }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } } }, + "additionalProperties" : false }, + "oscal-ar-oscal-metadata:property" : + { "title" : "Property", + "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", + "$id" : "#assembly_oscal-metadata_property", + "type" : "object", + "properties" : + { "name" : + { "title" : "Property Name", + "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", + "$ref" : "#/definitions/TokenDatatype" }, + "uuid" : + { "title" : "Property Universally Unique Identifier", + "description" : "A unique identifier for a property.", + "$ref" : "#/definitions/UUIDDatatype" }, + "ns" : + { "title" : "Property Namespace", + "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "value" : + { "title" : "Property Value", + "description" : "Indicates the value of the attribute, characteristic, or quality.", + "$ref" : "#/definitions/StringDatatype" }, + "class" : + { "title" : "Property Class", + "description" : "A textual label that provides a sub-type or characterization of the property's name.", + "$ref" : "#/definitions/TokenDatatype" }, + "group" : + { "title" : "Property Group", + "description" : "An identifier for relating distinct sets of properties.", + "$ref" : "#/definitions/TokenDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "name", + "value" ], + "additionalProperties" : false }, + "oscal-ar-oscal-metadata:link" : + { "title" : "Link", + "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", + "$id" : "#assembly_oscal-metadata_link", + "type" : "object", + "properties" : + { "href" : + { "title" : "Hypertext Reference", + "description" : "A resolvable URL reference to a resource.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "rel" : + { "title" : "Link Relation Type", + "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", + "$ref" : "#/definitions/TokenDatatype" }, + "media-type" : + { "title" : "Media Type", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", + "$ref" : "#/definitions/StringDatatype" }, + "resource-fragment" : + { "title" : "Resource Fragment", + "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", + "$ref" : "#/definitions/StringDatatype" }, + "text" : + { "title" : "Link Text", + "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", + "type" : "string" } }, + "required" : + [ "href" ], + "additionalProperties" : false }, + "oscal-ar-oscal-metadata:responsible-party" : + { "title" : "Responsible Party", + "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", + "$id" : "#assembly_oscal-metadata_responsible-party", + "type" : "object", + "properties" : + { "role-id" : + { "title" : "Responsible Role", + "description" : "A reference to a role performed by a party.", + "$ref" : "#/definitions/TokenDatatype" }, + "party-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_party-uuid" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "role-id", + "party-uuids" ], + "additionalProperties" : false }, + "oscal-ar-oscal-metadata:action" : + { "title" : "Action", + "description" : "An action applied by a role within a given party to the content.", + "$id" : "#assembly_oscal-metadata_action", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Action Universally Unique Identifier", + "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "date" : + { "title" : "Action Occurrence Date", + "description" : "The date and time when the action occurred.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "type" : + { "title" : "Action Type", + "description" : "The type of action documented by the assembly, such as an approval.", + "$ref" : "#/definitions/TokenDatatype" }, + "system" : + { "title" : "Action Type System", + "description" : "Specifies the action type system used.", + "$ref" : "#/definitions/URIDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "system" ], + "additionalProperties" : false }, + "oscal-ar-oscal-metadata:responsible-role" : + { "title" : "Responsible Role", + "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", + "$id" : "#assembly_oscal-metadata_responsible-role", + "type" : "object", + "properties" : + { "role-id" : + { "title" : "Responsible Role ID", + "description" : "A human-oriented identifier reference to a role performed.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "party-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_party-uuid" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "role-id" ], + "additionalProperties" : false }, + "oscal-ar-oscal-metadata:hash" : + { "title" : "Hash", + "description" : "A representation of a cryptographic digest generated over a resource using a specified hash algorithm.", + "$id" : "#field_oscal-metadata_hash", + "type" : "object", + "properties" : + { "algorithm" : + { "title" : "Hash algorithm", + "description" : "The digest method by which a hash is derived.", + "$ref" : "#/definitions/StringDatatype" }, + "value" : + { "type" : "string" } }, + "required" : + [ "value", + "algorithm" ], + "additionalProperties" : false }, + "oscal-ar-oscal-metadata:remarks" : + { "title" : "Remarks", + "description" : "Additional commentary about the containing object.", + "$id" : "#field_oscal-metadata_remarks", + "type" : "string" }, + "oscal-ar-oscal-metadata:published" : + { "title" : "Publication Timestamp", + "description" : "The date and time the document was last made available.", + "$id" : "#field_oscal-metadata_published", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "oscal-ar-oscal-metadata:last-modified" : + { "title" : "Last Modified Timestamp", + "description" : "The date and time the document was last stored for later retrieval.", + "$id" : "#field_oscal-metadata_last-modified", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "oscal-ar-oscal-metadata:version" : + { "title" : "Document Version", + "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", + "$id" : "#field_oscal-metadata_version", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-ar-oscal-metadata:oscal-version" : + { "title" : "OSCAL Version", + "description" : "The OSCAL model version the document was authored against and will conform to as valid.", + "$id" : "#field_oscal-metadata_oscal-version", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-ar-oscal-metadata:email-address" : + { "title" : "Email Address", + "description" : "An email address as defined by RFC 5322 Section 3.4.1.", + "$id" : "#field_oscal-metadata_email-address", + "$ref" : "#/definitions/EmailAddressDatatype" }, + "oscal-ar-oscal-metadata:telephone-number" : + { "title" : "Telephone Number", + "description" : "A telephone service number as defined by ITU-T E.164.", + "$id" : "#field_oscal-metadata_telephone-number", + "type" : "object", + "properties" : + { "type" : + { "title" : "type flag", + "description" : "Indicates the type of phone number.", + "$ref" : "#/definitions/StringDatatype" }, + "number" : + { "type" : "string" } }, + "required" : + [ "number" ], + "additionalProperties" : false }, + "oscal-ar-oscal-metadata:address" : + { "title" : "Address", + "description" : "A postal address for the location.", + "$id" : "#assembly_oscal-metadata_address", + "type" : "object", + "properties" : + { "type" : + { "title" : "Address Type", + "description" : "Indicates the type of address.", + "$ref" : "#/definitions/TokenDatatype" }, + "addr-lines" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_addr-line" } }, + "city" : + { "title" : "City", + "description" : "City, town or geographical region for the mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "state" : + { "title" : "State", + "description" : "State, province or analogous geographical region for a mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "postal-code" : + { "title" : "Postal Code", + "description" : "Postal or ZIP code for mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "country" : + { "title" : "Country Code", + "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", + "$ref" : "#/definitions/StringDatatype" } }, + "additionalProperties" : false }, + "oscal-ar-oscal-metadata:addr-line" : + { "title" : "Address line", + "description" : "A single line of an address.", + "$id" : "#field_oscal-metadata_addr-line", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-ar-oscal-metadata:document-id" : + { "title" : "Document Identifier", + "description" : "A document identifier qualified by an identifier scheme.", + "$id" : "#field_oscal-metadata_document-id", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "Document Identification Scheme", + "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", + "$ref" : "#/definitions/URIDatatype" }, + "identifier" : + { "type" : "string" } }, + "required" : + [ "identifier" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:import-ssp" : + { "title" : "Import System Security Plan", + "description" : "Used by the assessment plan and POA&M to import information about the system.", + "$id" : "#assembly_oscal-assessment-common_import-ssp", + "type" : "object", + "properties" : + { "href" : + { "title" : "System Security Plan Reference", + "description" : "A resolvable URL reference to the system security plan for the system being assessed.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "href" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:local-objective" : + { "title" : "Assessment-Specific Control Objective", + "description" : "A local definition of a control objective for this assessment. Uses catalog syntax for control objective and assessment actions.", + "$id" : "#assembly_oscal-assessment-common_local-objective", + "type" : "object", + "properties" : + { "control-id" : + { "title" : "Control Identifier Reference", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "$ref" : "#/definitions/TokenDatatype" }, + "description" : + { "title" : "Objective Description", + "description" : "A human-readable description of this control objective.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_part" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "control-id", + "parts" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:assessment-method" : + { "title" : "Assessment Method", + "description" : "A local definition of a control objective. Uses catalog syntax for control objective and assessment activities.", + "$id" : "#assembly_oscal-assessment-common_assessment-method", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Assessment Method Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Assessment Method Description", + "description" : "A human-readable description of this assessment method.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "part" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-part" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "part" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:activity" : + { "title" : "Activity", + "description" : "Identifies an assessment or related process that can be performed. In the assessment plan, this is an intended activity which may be associated with an assessment task. In the assessment results, this an activity that was actually performed as part of an assessment.", + "$id" : "#assembly_oscal-assessment-common_activity", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Assessment Activity Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Included Activity Title", + "description" : "The title for this included activity.", + "type" : "string" }, + "description" : + { "title" : "Included Activity Description", + "description" : "A human-readable description of this included activity.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "steps" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Step", + "description" : "Identifies an individual step in a series of steps related to an activity, such as an assessment test or examination procedure.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Step Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Step Title", + "description" : "The title for this step.", + "type" : "string" }, + "description" : + { "title" : "Step Description", + "description" : "A human-readable description of this step.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "reviewed-controls" : + { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false } }, + "related-controls" : + { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:task" : + { "title" : "Task", + "description" : "Represents a scheduled event or milestone, which may be associated with a series of assessment actions.", + "$id" : "#assembly_oscal-assessment-common_task", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Task Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Task Type", + "description" : "The type of task.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Task Title", + "description" : "The title for this task.", + "type" : "string" }, + "description" : + { "title" : "Task Description", + "description" : "A human-readable description of this task.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "timing" : + { "title" : "Event Timing", + "description" : "The timing under which the task is intended to occur.", + "type" : "object", + "properties" : + { "on-date" : + { "title" : "On Date Condition", + "description" : "The task is intended to occur on the specified date.", + "type" : "object", + "properties" : + { "date" : + { "title" : "On Date Condition", + "description" : "The task must occur on the specified date.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, "required" : - [ "href" ], + [ "date" ], "additionalProperties" : false }, - "oscal-ar-oscal-metadata:responsible-party" : - { "title" : "Responsible Party", - "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", - "$id" : "#assembly_oscal-metadata_responsible-party", + "within-date-range" : + { "title" : "On Date Range Condition", + "description" : "The task is intended to occur within the specified date range.", "type" : "object", "properties" : - { "role-id" : - { "title" : "Responsible Role", - "description" : "A reference to a role performed by a party.", - "$ref" : "#/definitions/TokenDatatype" }, - "party-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_party-uuid" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, + { "start" : + { "title" : "Start Date Condition", + "description" : "The task must occur on or after the specified date.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "end" : + { "title" : "End Date Condition", + "description" : "The task must occur on or before the specified date.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, "required" : - [ "role-id", - "party-uuids" ], + [ "start", + "end" ], "additionalProperties" : false }, - "oscal-ar-oscal-metadata:action" : - { "title" : "Action", - "description" : "An action applied by a role within a given party to the content.", - "$id" : "#assembly_oscal-metadata_action", + "at-frequency" : + { "title" : "Frequency Condition", + "description" : "The task is intended to occur at the specified frequency.", "type" : "object", "properties" : - { "uuid" : - { "title" : "Action Universally Unique Identifier", - "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", + { "period" : + { "title" : "Period", + "description" : "The task must occur after the specified period has elapsed.", + "$ref" : "#/definitions/PositiveIntegerDatatype" }, + "unit" : + { "title" : "Time Unit", + "description" : "The unit of time for the period.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "seconds", + "minutes", + "hours", + "days", + "months", + "years" ] } ] } }, + "required" : + [ "period", + "unit" ], + "additionalProperties" : false } }, + "additionalProperties" : false }, + "dependencies" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Task Dependency", + "description" : "Used to indicate that a task is dependent on another task.", + "type" : "object", + "properties" : + { "task-uuid" : + { "title" : "Task Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a unique task.", + "$ref" : "#/definitions/UUIDDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "task-uuid" ], + "additionalProperties" : false } }, + "tasks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_task" } }, + "associated-activities" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Associated Activity", + "description" : "Identifies an individual activity to be performed as part of a task.", + "type" : "object", + "properties" : + { "activity-uuid" : + { "title" : "Activity Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to an activity defined in the list of activities.", + "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "activity-uuid", + "subjects" ], + "additionalProperties" : false } }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "title" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:reviewed-controls" : + { "title" : "Reviewed Controls and Control Objectives", + "description" : "Identifies the controls being assessed and their control objectives.", + "$id" : "#assembly_oscal-assessment-common_reviewed-controls", + "type" : "object", + "properties" : + { "description" : + { "title" : "Control Objective Description", + "description" : "A human-readable description of control objectives.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "control-selections" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Assessed Controls", + "description" : "Identifies the controls being assessed. In the assessment plan, these are the planned controls. In the assessment results, these are the actual controls, and reflects any changes from the plan.", + "type" : "object", + "properties" : + { "description" : + { "title" : "Assessed Controls Description", + "description" : "A human-readable description of in-scope controls specified for assessment.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "include-all" : + { "$ref" : "#assembly_oscal-control-common_include-all" }, + "include-controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-control-by-id" } }, + "exclude-controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-control-by-id" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "additionalProperties" : false } }, + "control-objective-selections" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Referenced Control Objectives", + "description" : "Identifies the control objectives of the assessment. In the assessment plan, these are the planned objectives. In the assessment results, these are the assessed objectives, and reflects any changes from the plan.", + "type" : "object", + "properties" : + { "description" : + { "title" : "Control Objectives Description", + "description" : "A human-readable description of this collection of control objectives.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "include-all" : + { "$ref" : "#assembly_oscal-control-common_include-all" }, + "include-objectives" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-objective-by-id" } }, + "exclude-objectives" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-objective-by-id" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "control-selections" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:select-control-by-id" : + { "title" : "Select Control", + "description" : "Used to select a control for inclusion/exclusion based on one or more control identifiers. A set of statement identifiers can be used to target the inclusion/exclusion to only specific control statements providing more granularity over the specific statements that are within the asessment scope.", + "$id" : "#assembly_oscal-assessment-common_select-control-by-id", + "type" : "object", + "properties" : + { "control-id" : + { "title" : "Control Identifier Reference", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "$ref" : "#/definitions/TokenDatatype" }, + "statement-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Include Specific Statements", + "description" : "Used to constrain the selection to only specificity identified statements.", + "$ref" : "#/definitions/TokenDatatype" } } }, + "required" : + [ "control-id" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:select-objective-by-id" : + { "title" : "Select Objective", + "description" : "Used to select a control objective for inclusion/exclusion based on the control objective's identifier.", + "$id" : "#assembly_oscal-assessment-common_select-objective-by-id", + "type" : "object", + "properties" : + { "objective-id" : + { "title" : "Objective ID", + "description" : "Points to an assessment objective.", + "$ref" : "#/definitions/TokenDatatype" } }, + "required" : + [ "objective-id" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:assessment-subject-placeholder" : + { "title" : "Assessment Subject Placeholder", + "description" : "Used when the assessment subjects will be determined as part of one or more other assessment activities. These assessment subjects will be recorded in the assessment results in the assessment log.", + "$id" : "#assembly_oscal-assessment-common_assessment-subject-placeholder", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Assessment Subject Placeholder Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Assessment Subject Placeholder Description", + "description" : "A human-readable description of intent of this assessment subject placeholder.", + "type" : "string" }, + "sources" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Assessment Subject Source", + "description" : "Assessment subjects will be identified while conducting the referenced activity-instance.", + "type" : "object", + "properties" : + { "task-uuid" : + { "title" : "Task Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "task-uuid" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "sources" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:assessment-subject" : + { "title" : "Subject of Assessment", + "description" : "Identifies system elements being assessed, such as components, inventory items, and locations. In the assessment plan, this identifies a planned assessment subject. In the assessment results this is an actual assessment subject, and reflects any changes from the plan. exactly what will be the focus of this assessment. Any subjects not identified in this way are out-of-scope.", + "$id" : "#assembly_oscal-assessment-common_assessment-subject", + "type" : "object", + "properties" : + { "type" : + { "title" : "Subject Type", + "description" : "Indicates the type of assessment subject, such as a component, inventory, item, location, or party represented by this selection statement.", + "$ref" : "#/definitions/TokenDatatype" }, + "description" : + { "title" : "Include Subjects Description", + "description" : "A human-readable description of the collection of subjects being included in this assessment.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "include-all" : + { "$ref" : "#assembly_oscal-control-common_include-all" }, + "include-subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-subject-by-id" } }, + "exclude-subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-subject-by-id" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "type" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:select-subject-by-id" : + { "title" : "Select Assessment Subject", + "description" : "Identifies a set of assessment subjects to include/exclude by UUID.", + "$id" : "#assembly_oscal-assessment-common_select-subject-by-id", + "type" : "object", + "properties" : + { "subject-uuid" : + { "title" : "Subject Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Subject Universally Unique Identifier Reference Type", + "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "subject-uuid", + "type" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:subject-reference" : + { "title" : "Identifies the Subject", + "description" : "A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else.", + "$id" : "#assembly_oscal-assessment-common_subject-reference", + "type" : "object", + "properties" : + { "subject-uuid" : + { "title" : "Subject Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Subject Universally Unique Identifier Reference Type", + "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Subject Reference Title", + "description" : "The title or name for the referenced subject.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "subject-uuid", + "type" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:assessment-assets" : + { "title" : "Assessment Assets", + "description" : "Identifies the assets used to perform this assessment, such as the assessment team, scanning tools, and assumptions.", + "$id" : "#assembly_oscal-assessment-common_assessment-assets", + "type" : "object", + "properties" : + { "components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, + "assessment-platforms" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Assessment Platform", + "description" : "Used to represent the toolset used to perform aspects of the assessment.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Assessment Platform Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Assessment Platform Title", + "description" : "The title or name for the assessment platform.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "uses-components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Uses Component", + "description" : "The set of components that are used by the assessment platform.", + "type" : "object", + "properties" : + { "component-uuid" : + { "title" : "Component Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", "$ref" : "#/definitions/UUIDDatatype" }, - "date" : - { "title" : "Action Occurrence Date", - "description" : "The date and time when the action occurred.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "type" : - { "title" : "Action Type", - "description" : "The type of action documented by the assembly, such as an approval.", - "$ref" : "#/definitions/TokenDatatype" }, - "system" : - { "title" : "Action Type System", - "description" : "Specifies the action type system used.", - "$ref" : "#/definitions/URIDatatype" }, - "props" : - { "type" : "array", + "props" : + { "type" : "array", "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", + "links" : + { "type" : "array", "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", + "responsible-parties" : + { "type" : "array", "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type", - "system" ], - "additionalProperties" : false }, - "oscal-ar-oscal-metadata:responsible-role" : - { "title" : "Responsible Role", - "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", - "$id" : "#assembly_oscal-metadata_responsible-role", - "type" : "object", - "properties" : - { "role-id" : - { "title" : "Responsible Role ID", - "description" : "A human-oriented identifier reference to a role performed.", - "$ref" : "#/definitions/TokenDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "component-uuid" ], + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } } }, + "required" : + [ "assessment-platforms" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:finding-target" : + { "title" : "Objective Status", + "description" : "Captures an assessor's conclusions regarding the degree to which an objective is satisfied.", + "$id" : "#assembly_oscal-assessment-common_finding-target", + "type" : "object", + "properties" : + { "type" : + { "title" : "Finding Target Type", + "description" : "Identifies the type of the target.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "statement-id", + "objective-id" ] } ] }, + "target-id" : + { "title" : "Finding Target Identifier Reference", + "description" : "A machine-oriented identifier reference for a specific target qualified by the type.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Objective Status Title", + "description" : "The title for this objective status.", + "type" : "string" }, + "description" : + { "title" : "Objective Status Description", + "description" : "A human-readable description of the assessor's conclusions regarding the degree to which an objective is satisfied.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "status" : + { "title" : "Objective Status", + "description" : "A determination of if the objective is satisfied or not within a given system.", + "type" : "object", + "properties" : + { "state" : + { "title" : "Objective Status State", + "description" : "An indication as to whether the objective is satisfied or not.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "satisfied", + "not-satisfied" ] } ] }, + "reason" : + { "title" : "Objective Status Reason", + "description" : "The reason the objective was given it's status.", + "$ref" : "#/definitions/TokenDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "state" ], + "additionalProperties" : false }, + "implementation-status" : + { "$ref" : "#assembly_oscal-implementation-common_implementation-status" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "type", + "target-id", + "status" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:finding" : + { "title" : "Finding", + "description" : "Describes an individual finding.", + "$id" : "#assembly_oscal-assessment-common_finding", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Finding Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Finding Title", + "description" : "The title for this finding.", + "type" : "string" }, + "description" : + { "title" : "Finding Description", + "description" : "A human-readable description of this finding.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "origins" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin" } }, + "target" : + { "$ref" : "#assembly_oscal-assessment-common_finding-target" }, + "implementation-statement-uuid" : + { "title" : "Implementation Statement UUID", + "description" : "A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related.", + "$ref" : "#/definitions/UUIDDatatype" }, + "related-observations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Related Observation", + "description" : "Relates the finding to a set of referenced observations that were used to determine the finding.", + "type" : "object", + "properties" : + { "observation-uuid" : + { "title" : "Observation Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "observation-uuid" ], + "additionalProperties" : false } }, + "related-risks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Associated Risk", + "description" : "Relates the finding to a set of referenced risks that were used to determine the finding.", + "type" : "object", + "properties" : + { "risk-uuid" : + { "title" : "Risk Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a risk defined in the list of risks.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "risk-uuid" ], + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "title", + "description", + "target" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:observation" : + { "title" : "Observation", + "description" : "Describes an individual observation.", + "$id" : "#assembly_oscal-assessment-common_observation", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Observation Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Observation Title", + "description" : "The title for this observation.", + "type" : "string" }, + "description" : + { "title" : "Observation Description", + "description" : "A human-readable description of this assessment observation.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "methods" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Observation Method", + "description" : "Identifies how the observation was made.", + "$ref" : "#/definitions/StringDatatype" } }, + "types" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Observation Type", + "description" : "Identifies the nature of the observation. More than one may be used to further qualify and enable filtering.", + "$ref" : "#/definitions/TokenDatatype" } }, + "origins" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin" } }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } }, + "relevant-evidence" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Relevant Evidence", + "description" : "Links this observation to relevant evidence.", + "type" : "object", + "properties" : + { "href" : + { "title" : "Relevant Evidence Reference", + "description" : "A resolvable URL reference to relevant evidence.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "description" : + { "title" : "Relevant Evidence Description", + "description" : "A human-readable description of this evidence.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "description" ], + "additionalProperties" : false } }, + "collected" : + { "title" : "Collected Field", + "description" : "Date/time stamp identifying when the finding information was collected.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "expires" : + { "title" : "Expires Field", + "description" : "Date/time identifying when the finding information is out-of-date and no longer valid. Typically used with continuous assessment scenarios.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description", + "methods", + "collected" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:origin" : + { "title" : "Origin", + "description" : "Identifies the source of the finding, such as a tool, interviewed person, or activity.", + "$id" : "#assembly_oscal-assessment-common_origin", + "type" : "object", + "properties" : + { "actors" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin-actor" } }, + "related-tasks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_related-task" } } }, + "required" : + [ "actors" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:origin-actor" : + { "title" : "Originating Actor", + "description" : "The actor that produces an observation, a finding, or a risk. One or more actor type can be used to specify a person that is using a tool.", + "$id" : "#assembly_oscal-assessment-common_origin-actor", + "type" : "object", + "properties" : + { "type" : + { "title" : "Actor Type", + "description" : "The kind of actor.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "tool", + "assessment-platform", + "party" ] } ] }, + "actor-uuid" : + { "title" : "Actor Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to the tool or person based on the associated type.", + "$ref" : "#/definitions/UUIDDatatype" }, + "role-id" : + { "title" : "Actor Role", + "description" : "For a party, this can optionally be used to specify the role the actor was performing.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "type", + "actor-uuid" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:related-task" : + { "title" : "Task Reference", + "description" : "Identifies an individual task for which the containing object is a consequence of.", + "$id" : "#assembly_oscal-assessment-common_related-task", + "type" : "object", + "properties" : + { "task-uuid" : + { "title" : "Task Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a unique task.", + "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, + "identified-subject" : + { "title" : "Identified Subject", + "description" : "Used to detail assessment subjects that were identfied by this task.", + "type" : "object", + "properties" : + { "subject-placeholder-uuid" : + { "title" : "Assessment Subject Placeholder Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task.", + "$ref" : "#/definitions/UUIDDatatype" }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } } }, + "required" : + [ "subject-placeholder-uuid", + "subjects" ], + "additionalProperties" : false }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "task-uuid" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:threat-id" : + { "title" : "Threat ID", + "description" : "A pointer, by ID, to an externally-defined threat.", + "$id" : "#field_oscal-assessment-common_threat-id", + "type" : "object", + "properties" : + { "system" : + { "title" : "Threat Type Identification System", + "description" : "Specifies the source of the threat information.", + "$ref" : "#/definitions/URIDatatype" }, + "href" : + { "title" : "Threat Information Resource Reference", + "description" : "An optional location for the threat data, from which this ID originates.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id", + "system" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:risk" : + { "title" : "Identified Risk", + "description" : "An identified risk.", + "$id" : "#assembly_oscal-assessment-common_risk", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Risk Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Risk Title", + "description" : "The title for this risk.", + "type" : "string" }, + "description" : + { "title" : "Risk Description", + "description" : "A human-readable summary of the identified risk, to include a statement of how the risk impacts the system.", + "type" : "string" }, + "statement" : + { "title" : "Risk Statement", + "description" : "An summary of impact for how the risk affects the system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "status" : + { "$ref" : "#field_oscal-assessment-common_risk-status" }, + "origins" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin" } }, + "threat-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-assessment-common_threat-id" } }, + "characterizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_characterization" } }, + "mitigating-factors" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Mitigating Factor", + "description" : "Describes an existing mitigating factor that may affect the overall determination of the risk, with an optional link to an implementation statement in the SSP.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Mitigating Factor Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "implementation-uuid" : + { "title" : "Implementation UUID", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Mitigating Factor Description", + "description" : "A human-readable description of this mitigating factor.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false } }, + "deadline" : + { "title" : "Risk Resolution Deadline", + "description" : "The date/time by which the risk must be resolved.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "remediations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_response" } }, + "risk-log" : + { "title" : "Risk Log", + "description" : "A log of all risk-related tasks taken.", + "type" : "object", + "properties" : + { "entries" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Risk Log Entry", + "description" : "Identifies an individual risk response that occurred as part of managing an identified risk.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Risk Log Entry Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Title", + "description" : "The title for this risk log entry.", + "type" : "string" }, + "description" : + { "title" : "Risk Task Description", + "description" : "A human-readable description of what was done regarding the risk.", + "type" : "string" }, + "start" : + { "title" : "Start", + "description" : "Identifies the start date and time of the event.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "end" : + { "title" : "End", + "description" : "Identifies the end date and time of the event. If the event is a point in time, the start and end will be the same date and time.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "props" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, "links" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "party-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_party-uuid" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "role-id" ], - "additionalProperties" : false }, - "oscal-ar-oscal-metadata:hash" : - { "title" : "Hash", - "description" : "A representation of a cryptographic digest generated over a resource using a specified hash algorithm.", - "$id" : "#field_oscal-metadata_hash", - "type" : "object", - "properties" : - { "algorithm" : - { "title" : "Hash algorithm", - "description" : "The digest method by which a hash is derived.", - "$ref" : "#/definitions/StringDatatype" }, - "value" : - { "type" : "string" } }, - "required" : - [ "value", - "algorithm" ], - "additionalProperties" : false }, - "oscal-ar-oscal-metadata:remarks" : - { "title" : "Remarks", - "description" : "Additional commentary about the containing object.", - "$id" : "#field_oscal-metadata_remarks", - "type" : "string" }, - "oscal-ar-oscal-metadata:published" : - { "title" : "Publication Timestamp", - "description" : "The date and time the document was last made available.", - "$id" : "#field_oscal-metadata_published", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "oscal-ar-oscal-metadata:last-modified" : - { "title" : "Last Modified Timestamp", - "description" : "The date and time the document was last stored for later retrieval.", - "$id" : "#field_oscal-metadata_last-modified", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "oscal-ar-oscal-metadata:version" : - { "title" : "Document Version", - "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", - "$id" : "#field_oscal-metadata_version", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-ar-oscal-metadata:oscal-version" : - { "title" : "OSCAL Version", - "description" : "The OSCAL model version the document was authored against and will conform to as valid.", - "$id" : "#field_oscal-metadata_oscal-version", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-ar-oscal-metadata:email-address" : - { "title" : "Email Address", - "description" : "An email address as defined by RFC 5322 Section 3.4.1.", - "$id" : "#field_oscal-metadata_email-address", - "$ref" : "#/definitions/EmailAddressDatatype" }, - "oscal-ar-oscal-metadata:telephone-number" : - { "title" : "Telephone Number", - "description" : "A telephone service number as defined by ITU-T E.164.", - "$id" : "#field_oscal-metadata_telephone-number", - "type" : "object", - "properties" : - { "type" : - { "title" : "type flag", - "description" : "Indicates the type of phone number.", - "$ref" : "#/definitions/StringDatatype" }, - "number" : - { "type" : "string" } }, - "required" : - [ "number" ], - "additionalProperties" : false }, - "oscal-ar-oscal-metadata:address" : - { "title" : "Address", - "description" : "A postal address for the location.", - "$id" : "#assembly_oscal-metadata_address", - "type" : "object", - "properties" : - { "type" : - { "title" : "Address Type", - "description" : "Indicates the type of address.", - "$ref" : "#/definitions/TokenDatatype" }, - "addr-lines" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_addr-line" } }, - "city" : - { "title" : "City", - "description" : "City, town or geographical region for the mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "state" : - { "title" : "State", - "description" : "State, province or analogous geographical region for a mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "postal-code" : - { "title" : "Postal Code", - "description" : "Postal or ZIP code for mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "country" : - { "title" : "Country Code", - "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", - "$ref" : "#/definitions/StringDatatype" } }, - "additionalProperties" : false }, - "oscal-ar-oscal-metadata:addr-line" : - { "title" : "Address line", - "description" : "A single line of an address.", - "$id" : "#field_oscal-metadata_addr-line", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-ar-oscal-metadata:document-id" : - { "title" : "Document Identifier", - "description" : "A document identifier qualified by an identifier scheme.", - "$id" : "#field_oscal-metadata_document-id", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "Document Identification Scheme", - "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "$ref" : "#/definitions/URIDatatype" }, - "identifier" : - { "type" : "string" } }, - "required" : - [ "identifier" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:import-ssp" : - { "title" : "Import System Security Plan", - "description" : "Used by the assessment plan and POA&M to import information about the system.", - "$id" : "#assembly_oscal-assessment-common_import-ssp", - "type" : "object", - "properties" : - { "href" : - { "title" : "System Security Plan Reference", - "description" : "A resolvable URL reference to the system security plan for the system being assessed.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "href" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:local-objective" : - { "title" : "Assessment-Specific Control Objective", - "description" : "A local definition of a control objective for this assessment. Uses catalog syntax for control objective and assessment actions.", - "$id" : "#assembly_oscal-assessment-common_local-objective", - "type" : "object", - "properties" : - { "control-id" : - { "title" : "Control Identifier Reference", - "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "$ref" : "#/definitions/TokenDatatype" }, - "description" : - { "title" : "Objective Description", - "description" : "A human-readable description of this control objective.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_part" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "control-id", - "parts" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:assessment-method" : - { "title" : "Assessment Method", - "description" : "A local definition of a control objective. Uses catalog syntax for control objective and assessment activities.", - "$id" : "#assembly_oscal-assessment-common_assessment-method", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Assessment Method Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Assessment Method Description", - "description" : "A human-readable description of this assessment method.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "part" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-part" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "part" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:activity" : - { "title" : "Activity", - "description" : "Identifies an assessment or related process that can be performed. In the assessment plan, this is an intended activity which may be associated with an assessment task. In the assessment results, this an activity that was actually performed as part of an assessment.", - "$id" : "#assembly_oscal-assessment-common_activity", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Assessment Activity Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Included Activity Title", - "description" : "The title for this included activity.", - "type" : "string" }, - "description" : - { "title" : "Included Activity Description", - "description" : "A human-readable description of this included activity.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "steps" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Step", - "description" : "Identifies an individual step in a series of steps related to an activity, such as an assessment test or examination procedure.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Step Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Step Title", - "description" : "The title for this step.", - "type" : "string" }, - "description" : - { "title" : "Step Description", - "description" : "A human-readable description of this step.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "reviewed-controls" : - { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false } }, - "related-controls" : - { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:task" : - { "title" : "Task", - "description" : "Represents a scheduled event or milestone, which may be associated with a series of assessment actions.", - "$id" : "#assembly_oscal-assessment-common_task", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Task Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Task Type", - "description" : "The type of task.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Task Title", - "description" : "The title for this task.", - "type" : "string" }, - "description" : - { "title" : "Task Description", - "description" : "A human-readable description of this task.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "timing" : - { "title" : "Event Timing", - "description" : "The timing under which the task is intended to occur.", - "type" : "object", - "properties" : - { "on-date" : - { "title" : "On Date Condition", - "description" : "The task is intended to occur on the specified date.", - "type" : "object", - "properties" : - { "date" : - { "title" : "On Date Condition", - "description" : "The task must occur on the specified date.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, - "required" : - [ "date" ], - "additionalProperties" : false }, - "within-date-range" : - { "title" : "On Date Range Condition", - "description" : "The task is intended to occur within the specified date range.", - "type" : "object", - "properties" : - { "start" : - { "title" : "Start Date Condition", - "description" : "The task must occur on or after the specified date.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "end" : - { "title" : "End Date Condition", - "description" : "The task must occur on or before the specified date.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, - "required" : - [ "start", - "end" ], - "additionalProperties" : false }, - "at-frequency" : - { "title" : "Frequency Condition", - "description" : "The task is intended to occur at the specified frequency.", - "type" : "object", - "properties" : - { "period" : - { "title" : "Period", - "description" : "The task must occur after the specified period has elapsed.", - "$ref" : "#/definitions/PositiveIntegerDatatype" }, - "unit" : - { "title" : "Time Unit", - "description" : "The unit of time for the period.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "seconds", - "minutes", - "hours", - "days", - "months", - "years" ] } ] } }, - "required" : - [ "period", - "unit" ], - "additionalProperties" : false } }, - "additionalProperties" : false }, - "dependencies" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Task Dependency", - "description" : "Used to indicate that a task is dependent on another task.", - "type" : "object", - "properties" : - { "task-uuid" : - { "title" : "Task Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a unique task.", - "$ref" : "#/definitions/UUIDDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "task-uuid" ], - "additionalProperties" : false } }, - "tasks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_task" } }, - "associated-activities" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Associated Activity", - "description" : "Identifies an individual activity to be performed as part of a task.", - "type" : "object", - "properties" : - { "activity-uuid" : - { "title" : "Activity Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to an activity defined in the list of activities.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "activity-uuid", - "subjects" ], - "additionalProperties" : false } }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type", - "title" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:reviewed-controls" : - { "title" : "Reviewed Controls and Control Objectives", - "description" : "Identifies the controls being assessed and their control objectives.", - "$id" : "#assembly_oscal-assessment-common_reviewed-controls", - "type" : "object", - "properties" : - { "description" : - { "title" : "Control Objective Description", - "description" : "A human-readable description of control objectives.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "control-selections" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Assessed Controls", - "description" : "Identifies the controls being assessed. In the assessment plan, these are the planned controls. In the assessment results, these are the actual controls, and reflects any changes from the plan.", - "type" : "object", - "properties" : - { "description" : - { "title" : "Assessed Controls Description", - "description" : "A human-readable description of in-scope controls specified for assessment.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "include-all" : - { "$ref" : "#assembly_oscal-control-common_include-all" }, - "include-controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-control-by-id" } }, - "exclude-controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-control-by-id" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "additionalProperties" : false } }, - "control-objective-selections" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Referenced Control Objectives", - "description" : "Identifies the control objectives of the assessment. In the assessment plan, these are the planned objectives. In the assessment results, these are the assessed objectives, and reflects any changes from the plan.", - "type" : "object", - "properties" : - { "description" : - { "title" : "Control Objectives Description", - "description" : "A human-readable description of this collection of control objectives.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "include-all" : - { "$ref" : "#assembly_oscal-control-common_include-all" }, - "include-objectives" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-objective-by-id" } }, - "exclude-objectives" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-objective-by-id" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "control-selections" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:select-control-by-id" : - { "title" : "Select Control", - "description" : "Used to select a control for inclusion/exclusion based on one or more control identifiers. A set of statement identifiers can be used to target the inclusion/exclusion to only specific control statements providing more granularity over the specific statements that are within the asessment scope.", - "$id" : "#assembly_oscal-assessment-common_select-control-by-id", - "type" : "object", - "properties" : - { "control-id" : - { "title" : "Control Identifier Reference", - "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "$ref" : "#/definitions/TokenDatatype" }, - "statement-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Include Specific Statements", - "description" : "Used to constrain the selection to only specificity identified statements.", - "$ref" : "#/definitions/TokenDatatype" } } }, - "required" : - [ "control-id" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:select-objective-by-id" : - { "title" : "Select Objective", - "description" : "Used to select a control objective for inclusion/exclusion based on the control objective's identifier.", - "$id" : "#assembly_oscal-assessment-common_select-objective-by-id", - "type" : "object", - "properties" : - { "objective-id" : - { "title" : "Objective ID", - "description" : "Points to an assessment objective.", - "$ref" : "#/definitions/TokenDatatype" } }, - "required" : - [ "objective-id" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:assessment-subject-placeholder" : - { "title" : "Assessment Subject Placeholder", - "description" : "Used when the assessment subjects will be determined as part of one or more other assessment activities. These assessment subjects will be recorded in the assessment results in the assessment log.", - "$id" : "#assembly_oscal-assessment-common_assessment-subject-placeholder", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Assessment Subject Placeholder Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Assessment Subject Placeholder Description", - "description" : "A human-readable description of intent of this assessment subject placeholder.", - "type" : "string" }, - "sources" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Assessment Subject Source", - "description" : "Assessment subjects will be identified while conducting the referenced activity-instance.", - "type" : "object", - "properties" : - { "task-uuid" : - { "title" : "Task Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "task-uuid" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "sources" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:assessment-subject" : - { "title" : "Subject of Assessment", - "description" : "Identifies system elements being assessed, such as components, inventory items, and locations. In the assessment plan, this identifies a planned assessment subject. In the assessment results this is an actual assessment subject, and reflects any changes from the plan. exactly what will be the focus of this assessment. Any subjects not identified in this way are out-of-scope.", - "$id" : "#assembly_oscal-assessment-common_assessment-subject", - "type" : "object", - "properties" : - { "type" : - { "title" : "Subject Type", - "description" : "Indicates the type of assessment subject, such as a component, inventory, item, location, or party represented by this selection statement.", - "$ref" : "#/definitions/TokenDatatype" }, - "description" : - { "title" : "Include Subjects Description", - "description" : "A human-readable description of the collection of subjects being included in this assessment.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "include-all" : - { "$ref" : "#assembly_oscal-control-common_include-all" }, - "include-subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-subject-by-id" } }, - "exclude-subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-subject-by-id" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "type" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:select-subject-by-id" : - { "title" : "Select Assessment Subject", - "description" : "Identifies a set of assessment subjects to include/exclude by UUID.", - "$id" : "#assembly_oscal-assessment-common_select-subject-by-id", - "type" : "object", - "properties" : - { "subject-uuid" : - { "title" : "Subject Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Subject Universally Unique Identifier Reference Type", - "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "subject-uuid", - "type" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:subject-reference" : - { "title" : "Identifies the Subject", - "description" : "A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else.", - "$id" : "#assembly_oscal-assessment-common_subject-reference", - "type" : "object", - "properties" : - { "subject-uuid" : - { "title" : "Subject Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Subject Universally Unique Identifier Reference Type", - "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Subject Reference Title", - "description" : "The title or name for the referenced subject.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "subject-uuid", - "type" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:assessment-assets" : - { "title" : "Assessment Assets", - "description" : "Identifies the assets used to perform this assessment, such as the assessment team, scanning tools, and assumptions.", - "$id" : "#assembly_oscal-assessment-common_assessment-assets", - "type" : "object", - "properties" : - { "components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, - "assessment-platforms" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Assessment Platform", - "description" : "Used to represent the toolset used to perform aspects of the assessment.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Assessment Platform Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Assessment Platform Title", - "description" : "The title or name for the assessment platform.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "uses-components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Uses Component", - "description" : "The set of components that are used by the assessment platform.", - "type" : "object", - "properties" : - { "component-uuid" : - { "title" : "Component Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "component-uuid" ], - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false } } }, - "required" : - [ "assessment-platforms" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:finding-target" : - { "title" : "Objective Status", - "description" : "Captures an assessor's conclusions regarding the degree to which an objective is satisfied.", - "$id" : "#assembly_oscal-assessment-common_finding-target", - "type" : "object", - "properties" : - { "type" : - { "title" : "Finding Target Type", - "description" : "Identifies the type of the target.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "statement-id", - "objective-id" ] } ] }, - "target-id" : - { "title" : "Finding Target Identifier Reference", - "description" : "A machine-oriented identifier reference for a specific target qualified by the type.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Objective Status Title", - "description" : "The title for this objective status.", - "type" : "string" }, - "description" : - { "title" : "Objective Status Description", - "description" : "A human-readable description of the assessor's conclusions regarding the degree to which an objective is satisfied.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "status" : - { "title" : "Objective Status", - "description" : "A determination of if the objective is satisfied or not within a given system.", - "type" : "object", - "properties" : - { "state" : - { "title" : "Objective Status State", - "description" : "An indication as to whether the objective is satisfied or not.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "satisfied", - "not-satisfied" ] } ] }, - "reason" : - { "title" : "Objective Status Reason", - "description" : "The reason the objective was given it's status.", - "$ref" : "#/definitions/TokenDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "state" ], - "additionalProperties" : false }, - "implementation-status" : - { "$ref" : "#assembly_oscal-implementation-common_implementation-status" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "type", - "target-id", - "status" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:finding" : - { "title" : "Finding", - "description" : "Describes an individual finding.", - "$id" : "#assembly_oscal-assessment-common_finding", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Finding Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Finding Title", - "description" : "The title for this finding.", - "type" : "string" }, - "description" : - { "title" : "Finding Description", - "description" : "A human-readable description of this finding.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "origins" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin" } }, - "target" : - { "$ref" : "#assembly_oscal-assessment-common_finding-target" }, - "implementation-statement-uuid" : - { "title" : "Implementation Statement UUID", - "description" : "A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related.", - "$ref" : "#/definitions/UUIDDatatype" }, - "related-observations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Related Observation", - "description" : "Relates the finding to a set of referenced observations that were used to determine the finding.", - "type" : "object", - "properties" : - { "observation-uuid" : - { "title" : "Observation Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "observation-uuid" ], - "additionalProperties" : false } }, - "related-risks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Associated Risk", - "description" : "Relates the finding to a set of referenced risks that were used to determine the finding.", - "type" : "object", - "properties" : - { "risk-uuid" : - { "title" : "Risk Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a risk defined in the list of risks.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "risk-uuid" ], - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "title", - "description", - "target" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:observation" : - { "title" : "Observation", - "description" : "Describes an individual observation.", - "$id" : "#assembly_oscal-assessment-common_observation", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Observation Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Observation Title", - "description" : "The title for this observation.", - "type" : "string" }, - "description" : - { "title" : "Observation Description", - "description" : "A human-readable description of this assessment observation.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "methods" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Observation Method", - "description" : "Identifies how the observation was made.", - "$ref" : "#/definitions/StringDatatype" } }, - "types" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Observation Type", - "description" : "Identifies the nature of the observation. More than one may be used to further qualify and enable filtering.", - "$ref" : "#/definitions/TokenDatatype" } }, - "origins" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin" } }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } }, - "relevant-evidence" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Relevant Evidence", - "description" : "Links this observation to relevant evidence.", - "type" : "object", - "properties" : - { "href" : - { "title" : "Relevant Evidence Reference", - "description" : "A resolvable URL reference to relevant evidence.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "description" : - { "title" : "Relevant Evidence Description", - "description" : "A human-readable description of this evidence.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "description" ], - "additionalProperties" : false } }, - "collected" : - { "title" : "Collected Field", - "description" : "Date/time stamp identifying when the finding information was collected.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "expires" : - { "title" : "Expires Field", - "description" : "Date/time identifying when the finding information is out-of-date and no longer valid. Typically used with continuous assessment scenarios.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description", - "methods", - "collected" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:origin" : - { "title" : "Origin", - "description" : "Identifies the source of the finding, such as a tool, interviewed person, or activity.", - "$id" : "#assembly_oscal-assessment-common_origin", - "type" : "object", - "properties" : - { "actors" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin-actor" } }, - "related-tasks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_related-task" } } }, - "required" : - [ "actors" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:origin-actor" : - { "title" : "Originating Actor", - "description" : "The actor that produces an observation, a finding, or a risk. One or more actor type can be used to specify a person that is using a tool.", - "$id" : "#assembly_oscal-assessment-common_origin-actor", - "type" : "object", - "properties" : - { "type" : - { "title" : "Actor Type", - "description" : "The kind of actor.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "tool", - "assessment-platform", - "party" ] } ] }, - "actor-uuid" : - { "title" : "Actor Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to the tool or person based on the associated type.", - "$ref" : "#/definitions/UUIDDatatype" }, - "role-id" : - { "title" : "Actor Role", - "description" : "For a party, this can optionally be used to specify the role the actor was performing.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "type", - "actor-uuid" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:related-task" : - { "title" : "Task Reference", - "description" : "Identifies an individual task for which the containing object is a consequence of.", - "$id" : "#assembly_oscal-assessment-common_related-task", - "type" : "object", - "properties" : - { "task-uuid" : - { "title" : "Task Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a unique task.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, - "identified-subject" : - { "title" : "Identified Subject", - "description" : "Used to detail assessment subjects that were identfied by this task.", - "type" : "object", - "properties" : - { "subject-placeholder-uuid" : - { "title" : "Assessment Subject Placeholder Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task.", - "$ref" : "#/definitions/UUIDDatatype" }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } } }, - "required" : - [ "subject-placeholder-uuid", - "subjects" ], - "additionalProperties" : false }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "task-uuid" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:threat-id" : - { "title" : "Threat ID", - "description" : "A pointer, by ID, to an externally-defined threat.", - "$id" : "#field_oscal-assessment-common_threat-id", - "type" : "object", - "properties" : - { "system" : - { "title" : "Threat Type Identification System", - "description" : "Specifies the source of the threat information.", - "$ref" : "#/definitions/URIDatatype" }, - "href" : - { "title" : "Threat Information Resource Reference", - "description" : "An optional location for the threat data, from which this ID originates.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id", - "system" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:risk" : - { "title" : "Identified Risk", - "description" : "An identified risk.", - "$id" : "#assembly_oscal-assessment-common_risk", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Risk Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Risk Title", - "description" : "The title for this risk.", - "type" : "string" }, - "description" : - { "title" : "Risk Description", - "description" : "A human-readable summary of the identified risk, to include a statement of how the risk impacts the system.", - "type" : "string" }, - "statement" : - { "title" : "Risk Statement", - "description" : "An summary of impact for how the risk affects the system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "status" : - { "$ref" : "#field_oscal-assessment-common_risk-status" }, - "origins" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin" } }, - "threat-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-assessment-common_threat-id" } }, - "characterizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_characterization" } }, - "mitigating-factors" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Mitigating Factor", - "description" : "Describes an existing mitigating factor that may affect the overall determination of the risk, with an optional link to an implementation statement in the SSP.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Mitigating Factor Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "implementation-uuid" : - { "title" : "Implementation UUID", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Mitigating Factor Description", - "description" : "A human-readable description of this mitigating factor.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false } }, - "deadline" : - { "title" : "Risk Resolution Deadline", - "description" : "The date/time by which the risk must be resolved.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "remediations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_response" } }, - "risk-log" : - { "title" : "Risk Log", - "description" : "A log of all risk-related tasks taken.", - "type" : "object", - "properties" : - { "entries" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Risk Log Entry", - "description" : "Identifies an individual risk response that occurred as part of managing an identified risk.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Risk Log Entry Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Title", - "description" : "The title for this risk log entry.", - "type" : "string" }, - "description" : - { "title" : "Risk Task Description", - "description" : "A human-readable description of what was done regarding the risk.", - "type" : "string" }, - "start" : - { "title" : "Start", - "description" : "Identifies the start date and time of the event.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "end" : - { "title" : "End", - "description" : "Identifies the end date and time of the event. If the event is a point in time, the start and end will be the same date and time.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "logged-by" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_logged-by" } }, - "status-change" : - { "$ref" : "#field_oscal-assessment-common_risk-status" }, - "related-responses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Risk Response Reference", - "description" : "Identifies an individual risk response that this log entry is for.", - "type" : "object", - "properties" : - { "response-uuid" : - { "title" : "Response Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a unique risk response.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "related-tasks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_related-task" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "response-uuid" ], - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "start" ], - "additionalProperties" : false } } }, - "required" : - [ "entries" ], - "additionalProperties" : false }, - "related-observations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Related Observation", - "description" : "Relates the finding to a set of referenced observations that were used to determine the finding.", - "type" : "object", - "properties" : - { "observation-uuid" : - { "title" : "Observation Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "observation-uuid" ], - "additionalProperties" : false } } }, - "required" : - [ "uuid", - "title", - "description", - "statement", - "status" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:logged-by" : - { "title" : "Logged By", - "description" : "Used to indicate who created a log entry in what role.", - "$id" : "#assembly_oscal-assessment-common_logged-by", - "type" : "object", - "properties" : - { "party-uuid" : - { "title" : "Party UUID Reference", - "description" : "A machine-oriented identifier reference to the party who is making the log entry.", - "$ref" : "#/definitions/UUIDDatatype" }, - "role-id" : - { "title" : "Actor Role", - "description" : "A point to the role-id of the role in which the party is making the log entry.", - "$ref" : "#/definitions/TokenDatatype" } }, - "required" : - [ "party-uuid" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:risk-status" : - { "title" : "Risk Status", - "description" : "Describes the status of the associated risk.", - "$id" : "#field_oscal-assessment-common_risk-status", - "$ref" : "#/definitions/TokenDatatype" }, - "oscal-ar-oscal-assessment-common:characterization" : - { "title" : "Characterization", - "description" : "A collection of descriptive data about the containing object from a specific origin.", - "$id" : "#assembly_oscal-assessment-common_characterization", - "type" : "object", - "properties" : - { "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "origin" : - { "$ref" : "#assembly_oscal-assessment-common_origin" }, - "facets" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Facet", - "description" : "An individual characteristic that is part of a larger set produced by the same actor.", - "type" : "object", - "properties" : - { "name" : - { "title" : "Facet Name", - "description" : "The name of the risk metric within the specified system.", - "$ref" : "#/definitions/TokenDatatype" }, - "system" : - { "title" : "Naming System", - "description" : "Specifies the naming system under which this risk metric is organized, which allows for the same names to be used in different systems controlled by different parties. This avoids the potential of a name clash.", - "$ref" : "#/definitions/URIDatatype" }, - "value" : - { "title" : "Facet Value", - "description" : "Indicates the value of the facet.", - "$ref" : "#/definitions/StringDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "name", - "system", - "value" ], - "additionalProperties" : false } } }, - "required" : - [ "origin", - "facets" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:response" : - { "title" : "Risk Response", - "description" : "Describes either recommended or an actual plan for addressing the risk.", - "$id" : "#assembly_oscal-assessment-common_response", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Remediation Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "lifecycle" : - { "title" : "Remediation Intent", - "description" : "Identifies whether this is a recommendation, such as from an assessor or tool, or an actual plan accepted by the system owner.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Response Title", - "description" : "The title for this response activity.", - "type" : "string" }, - "description" : - { "title" : "Response Description", - "description" : "A human-readable description of this response plan.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "origins" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin" } }, - "required-assets" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Required Asset", - "description" : "Identifies an asset required to achieve remediation.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Required Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } }, - "title" : - { "title" : "Title for Required Asset", - "description" : "The title for this required asset.", - "type" : "string" }, - "description" : - { "title" : "Description of Required Asset", - "description" : "A human-readable description of this required asset.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false } }, - "tasks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_task" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "lifecycle", - "title", - "description" ], - "additionalProperties" : false }, - "oscal-ar-oscal-assessment-common:assessment-part" : - { "title" : "Assessment Part", - "description" : "A partition of an assessment plan or results or a child of another part.", - "$id" : "#assembly_oscal-assessment-common_assessment-part", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Part Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "name" : - { "title" : "Part Name", - "description" : "A textual label that uniquely identifies the part's semantic type.", - "$ref" : "#/definitions/TokenDatatype" }, - "ns" : - { "title" : "Part Namespace", - "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", - "$ref" : "#/definitions/URIDatatype" }, - "class" : - { "title" : "Part Class", - "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Part Title", - "description" : "A name given to the part, which may be used by a tool for display and navigation.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "prose" : - { "title" : "Part Text", - "description" : "Permits multiple paragraphs, lists, tables etc.", - "type" : "string" }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-part" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "name" ], - "additionalProperties" : false }, - "oscal-ar-oscal-control-common:part" : - { "title" : "Part", - "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", - "$id" : "#assembly_oscal-control-common_part", - "type" : "object", - "properties" : - { "id" : - { "title" : "Part Identifier", - "description" : "A unique identifier for the part.", - "$ref" : "#/definitions/TokenDatatype" }, - "name" : - { "title" : "Part Name", - "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", - "$ref" : "#/definitions/TokenDatatype" }, - "ns" : - { "title" : "Part Namespace", - "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", - "$ref" : "#/definitions/URIDatatype" }, - "class" : - { "title" : "Part Class", - "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Part Title", - "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "prose" : - { "title" : "Part Text", - "description" : "Permits multiple paragraphs, lists, tables etc.", - "type" : "string" }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_part" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "name" ], - "additionalProperties" : false }, - "oscal-ar-oscal-control-common:parameter" : - { "title" : "Parameter", - "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", - "$id" : "#assembly_oscal-control-common_parameter", - "type" : "object", - "properties" : - { "id" : - { "title" : "Parameter Identifier", - "description" : "A unique identifier for the parameter.", - "$ref" : "#/definitions/TokenDatatype" }, - "class" : - { "title" : "Parameter Class", - "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", - "$ref" : "#/definitions/TokenDatatype" }, - "depends-on" : - { "title" : "Depends on", - "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "label" : - { "title" : "Parameter Label", - "description" : "A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned.", - "type" : "string" }, - "usage" : - { "title" : "Parameter Usage Description", - "description" : "Describes the purpose and use of a parameter.", - "type" : "string" }, - "constraints" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, - "guidelines" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, - "values" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-control-common_parameter-value" } }, - "select" : - { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id" ], - "additionalProperties" : false }, - "oscal-ar-oscal-control-common:parameter-constraint" : - { "title" : "Constraint", - "description" : "A formal or informal expression of a constraint or test.", - "$id" : "#assembly_oscal-control-common_parameter-constraint", - "type" : "object", - "properties" : - { "description" : - { "title" : "Constraint Description", - "description" : "A textual summary of the constraint to be applied.", - "type" : "string" }, - "tests" : + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "logged-by" : { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Constraint Test", - "description" : "A test expression which is expected to be evaluated by a tool.", - "type" : "object", - "properties" : - { "expression" : - { "title" : "Constraint test", - "description" : "A formal (executable) expression of a constraint.", - "$ref" : "#/definitions/StringDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "expression" ], - "additionalProperties" : false } } }, - "additionalProperties" : false }, - "oscal-ar-oscal-control-common:parameter-guideline" : - { "title" : "Guideline", - "description" : "A prose statement that provides a recommendation for the use of a parameter.", - "$id" : "#assembly_oscal-control-common_parameter-guideline", - "type" : "object", - "properties" : - { "prose" : - { "title" : "Guideline Text", - "description" : "Prose permits multiple paragraphs, lists, tables etc.", - "type" : "string" } }, - "required" : - [ "prose" ], - "additionalProperties" : false }, - "oscal-ar-oscal-control-common:parameter-value" : - { "title" : "Parameter Value", - "description" : "A parameter value or set of values.", - "$id" : "#field_oscal-control-common_parameter-value", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-ar-oscal-control-common:parameter-selection" : - { "title" : "Selection", - "description" : "Presenting a choice among alternatives.", - "$id" : "#assembly_oscal-control-common_parameter-selection", - "type" : "object", - "properties" : - { "how-many" : - { "title" : "Parameter Cardinality", - "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "one", - "one-or-more" ] } ] }, - "choice" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Choice", - "description" : "A value selection among several such options.", - "type" : "string" } } }, - "additionalProperties" : false }, - "oscal-ar-oscal-control-common:include-all" : - { "title" : "Include All", - "description" : "Include all controls from the imported catalog or profile resources.", - "$id" : "#assembly_oscal-control-common_include-all", - "type" : "object", - "additionalProperties" : false }, - "oscal-ar-oscal-implementation-common:system-component" : - { "title" : "Component", - "description" : "A defined component that can be part of an implemented system.", - "$id" : "#assembly_oscal-implementation-common_system-component", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Component Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Component Type", - "description" : "A category describing the purpose of the component.", - "$ref" : "#/definitions/StringDatatype" }, - "title" : - { "title" : "Component Title", - "description" : "A human readable name for the system component.", - "type" : "string" }, - "description" : - { "title" : "Component Description", - "description" : "A description of the component, including information about its function.", - "type" : "string" }, - "purpose" : - { "title" : "Purpose", - "description" : "A summary of the technological or business purpose of the component.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_logged-by" } }, + "status-change" : + { "$ref" : "#field_oscal-assessment-common_risk-status" }, + "related-responses" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "status" : - { "title" : "Status", - "description" : "Describes the operational status of the system component.", + "minItems" : 1, + "items" : + { "title" : "Risk Response Reference", + "description" : "Identifies an individual risk response that this log entry is for.", "type" : "object", "properties" : - { "state" : - { "title" : "State", - "description" : "The operational status.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "under-development", - "operational", - "disposition", - "other" ] } ] }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, + { "response-uuid" : + { "title" : "Response Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a unique risk response.", + "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "related-tasks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_related-task" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : - [ "state" ], - "additionalProperties" : false }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "protocols" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_protocol" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type", - "title", - "description", - "status" ], - "additionalProperties" : false }, - "oscal-ar-oscal-implementation-common:protocol" : - { "title" : "Service Protocol Information", - "description" : "Information about the protocol used to provide a service.", - "$id" : "#assembly_oscal-implementation-common_protocol", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Service Protocol Information Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "name" : - { "title" : "Protocol Name", - "description" : "The common name of the protocol, which should be the appropriate \"service name\" from the IANA Service Name and Transport Protocol Port Number Registry.", - "$ref" : "#/definitions/StringDatatype" }, - "title" : - { "title" : "Protocol Title", - "description" : "A human readable name for the protocol (e.g., Transport Layer Security).", - "type" : "string" }, - "port-ranges" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_port-range" } } }, - "required" : - [ "name" ], - "additionalProperties" : false }, - "oscal-ar-oscal-implementation-common:port-range" : - { "title" : "Port Range", - "description" : "Where applicable this is the IPv4 port range on which the service operates.", - "$id" : "#assembly_oscal-implementation-common_port-range", - "type" : "object", - "properties" : - { "start" : - { "title" : "Start", - "description" : "Indicates the starting port number in a port range", - "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, - "end" : - { "title" : "End", - "description" : "Indicates the ending port number in a port range", - "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, - "transport" : - { "title" : "Transport", - "description" : "Indicates the transport type.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "TCP", - "UDP" ] } ] } }, - "additionalProperties" : false }, - "oscal-ar-oscal-implementation-common:implementation-status" : - { "title" : "Implementation Status", - "description" : "Indicates the degree to which the a given control is implemented.", - "$id" : "#assembly_oscal-implementation-common_implementation-status", - "type" : "object", - "properties" : - { "state" : - { "title" : "Implementation State", - "description" : "Identifies the implementation status of the control or control objective.", - "$ref" : "#/definitions/TokenDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "state" ], - "additionalProperties" : false }, - "oscal-ar-oscal-implementation-common:system-user" : - { "title" : "System User", - "description" : "A type of user that interacts with the system based on an associated role.", - "$id" : "#assembly_oscal-implementation-common_system-user", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "User Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "User Title", - "description" : "A name given to the user, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "User Short Name", - "description" : "A short common name, abbreviation, or acronym for the user.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "User Description", - "description" : "A summary of the user's purpose within the system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "role-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_role-id" } }, - "authorized-privileges" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_authorized-privilege" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false }, - "oscal-ar-oscal-implementation-common:authorized-privilege" : - { "title" : "Privilege", - "description" : "Identifies a specific system privilege held by the user, along with an associated description and/or rationale for the privilege.", - "$id" : "#assembly_oscal-implementation-common_authorized-privilege", - "type" : "object", - "properties" : - { "title" : - { "title" : "Privilege Title", - "description" : "A human readable name for the privilege.", - "type" : "string" }, - "description" : - { "title" : "Privilege Description", - "description" : "A summary of the privilege's purpose within the system.", - "type" : "string" }, - "functions-performed" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-implementation-common_function-performed" } } }, - "required" : - [ "title", - "functions-performed" ], - "additionalProperties" : false }, - "oscal-ar-oscal-implementation-common:function-performed" : - { "title" : "Functions Performed", - "description" : "Describes a function performed for a given authorized privilege by this user class.", - "$id" : "#field_oscal-implementation-common_function-performed", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-ar-oscal-implementation-common:inventory-item" : - { "title" : "Inventory Item", - "description" : "A single managed inventory item within the system.", - "$id" : "#assembly_oscal-implementation-common_inventory-item", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Inventory Item Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Inventory Item Description", - "description" : "A summary of the inventory item stating its purpose within the system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "implemented-components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Implemented Component", - "description" : "The set of components that are implemented in a given system inventory item.", - "type" : "object", - "properties" : - { "component-uuid" : - { "title" : "Component Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "component-uuid" ], - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false }, - "oscal-ar-oscal-implementation-common:set-parameter" : - { "title" : "Set Parameter Value", - "description" : "Identifies the parameter that will be set by the enclosed value.", - "$id" : "#assembly_oscal-implementation-common_set-parameter", - "type" : "object", - "properties" : - { "param-id" : - { "title" : "Parameter ID", - "description" : "A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context.", - "$ref" : "#/definitions/TokenDatatype" }, - "values" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Parameter Value", - "description" : "A parameter value or set of values.", - "$ref" : "#/definitions/StringDatatype" } }, + [ "response-uuid" ], + "additionalProperties" : false } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "param-id", - "values" ], - "additionalProperties" : false }, - "oscal-ar-oscal-implementation-common:system-id" : - { "title" : "System Identification", - "description" : "A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document.", - "$id" : "#field_oscal-implementation-common_system-id", - "type" : "object", - "properties" : - { "identifier-type" : - { "title" : "Identification System Type", - "description" : "Identifies the identification system from which the provided identifier was assigned.", - "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id" ], - "additionalProperties" : false }, - "Base64Datatype" : - { "type" : "string", - "pattern" : "^[0-9A-Fa-f]+$", - "contentEncoding" : "base64" }, - "DateTimeWithTimezoneDatatype" : - { "type" : "string", - "format" : "date-time", - "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, - "EmailAddressDatatype" : - { "type" : "string", - "format" : "email", - "pattern" : "^.+@.+$" }, - "IntegerDatatype" : - { "type" : "integer" }, - "NonNegativeIntegerDatatype" : - { "allOf" : - [ - { "$ref" : "#/definitions/IntegerDatatype" }, - - { "minimum" : 0, - "type" : "number" } ] }, - "PositiveIntegerDatatype" : - { "allOf" : + "required" : + [ "uuid", + "start" ], + "additionalProperties" : false } } }, + "required" : + [ "entries" ], + "additionalProperties" : false }, + "related-observations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Related Observation", + "description" : "Relates the finding to a set of referenced observations that were used to determine the finding.", + "type" : "object", + "properties" : + { "observation-uuid" : + { "title" : "Observation Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "observation-uuid" ], + "additionalProperties" : false } } }, + "required" : + [ "uuid", + "title", + "description", + "statement", + "status" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:logged-by" : + { "title" : "Logged By", + "description" : "Used to indicate who created a log entry in what role.", + "$id" : "#assembly_oscal-assessment-common_logged-by", + "type" : "object", + "properties" : + { "party-uuid" : + { "title" : "Party UUID Reference", + "description" : "A machine-oriented identifier reference to the party who is making the log entry.", + "$ref" : "#/definitions/UUIDDatatype" }, + "role-id" : + { "title" : "Actor Role", + "description" : "A point to the role-id of the role in which the party is making the log entry.", + "$ref" : "#/definitions/TokenDatatype" } }, + "required" : + [ "party-uuid" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:risk-status" : + { "title" : "Risk Status", + "description" : "Describes the status of the associated risk.", + "$id" : "#field_oscal-assessment-common_risk-status", + "$ref" : "#/definitions/TokenDatatype" }, + "oscal-ar-oscal-assessment-common:characterization" : + { "title" : "Characterization", + "description" : "A collection of descriptive data about the containing object from a specific origin.", + "$id" : "#assembly_oscal-assessment-common_characterization", + "type" : "object", + "properties" : + { "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "origin" : + { "$ref" : "#assembly_oscal-assessment-common_origin" }, + "facets" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Facet", + "description" : "An individual characteristic that is part of a larger set produced by the same actor.", + "type" : "object", + "properties" : + { "name" : + { "title" : "Facet Name", + "description" : "The name of the risk metric within the specified system.", + "$ref" : "#/definitions/TokenDatatype" }, + "system" : + { "title" : "Naming System", + "description" : "Specifies the naming system under which this risk metric is organized, which allows for the same names to be used in different systems controlled by different parties. This avoids the potential of a name clash.", + "$ref" : "#/definitions/URIDatatype" }, + "value" : + { "title" : "Facet Value", + "description" : "Indicates the value of the facet.", + "$ref" : "#/definitions/StringDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "name", + "system", + "value" ], + "additionalProperties" : false } } }, + "required" : + [ "origin", + "facets" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:response" : + { "title" : "Risk Response", + "description" : "Describes either recommended or an actual plan for addressing the risk.", + "$id" : "#assembly_oscal-assessment-common_response", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Remediation Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "lifecycle" : + { "title" : "Remediation Intent", + "description" : "Identifies whether this is a recommendation, such as from an assessor or tool, or an actual plan accepted by the system owner.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Response Title", + "description" : "The title for this response activity.", + "type" : "string" }, + "description" : + { "title" : "Response Description", + "description" : "A human-readable description of this response plan.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "origins" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin" } }, + "required-assets" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Required Asset", + "description" : "Identifies an asset required to achieve remediation.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Required Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } }, + "title" : + { "title" : "Title for Required Asset", + "description" : "The title for this required asset.", + "type" : "string" }, + "description" : + { "title" : "Description of Required Asset", + "description" : "A human-readable description of this required asset.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false } }, + "tasks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_task" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "lifecycle", + "title", + "description" ], + "additionalProperties" : false }, + "oscal-ar-oscal-assessment-common:assessment-part" : + { "title" : "Assessment Part", + "description" : "A partition of an assessment plan or results or a child of another part.", + "$id" : "#assembly_oscal-assessment-common_assessment-part", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Part Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "name" : + { "title" : "Part Name", + "description" : "A textual label that uniquely identifies the part's semantic type.", + "$ref" : "#/definitions/TokenDatatype" }, + "ns" : + { "title" : "Part Namespace", + "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "class" : + { "title" : "Part Class", + "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Part Title", + "description" : "A name given to the part, which may be used by a tool for display and navigation.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "prose" : + { "title" : "Part Text", + "description" : "Permits multiple paragraphs, lists, tables etc.", + "type" : "string" }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-part" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "name" ], + "additionalProperties" : false }, + "oscal-ar-oscal-control-common:part" : + { "title" : "Part", + "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", + "$id" : "#assembly_oscal-control-common_part", + "type" : "object", + "properties" : + { "id" : + { "title" : "Part Identifier", + "description" : "A unique identifier for the part.", + "$ref" : "#/definitions/TokenDatatype" }, + "name" : + { "title" : "Part Name", + "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", + "$ref" : "#/definitions/TokenDatatype" }, + "ns" : + { "title" : "Part Namespace", + "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "class" : + { "title" : "Part Class", + "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Part Title", + "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "prose" : + { "title" : "Part Text", + "description" : "Permits multiple paragraphs, lists, tables etc.", + "type" : "string" }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_part" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "name" ], + "additionalProperties" : false }, + "oscal-ar-oscal-control-common:parameter" : + { "title" : "Parameter", + "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", + "$id" : "#assembly_oscal-control-common_parameter", + "type" : "object", + "properties" : + { "id" : + { "title" : "Parameter Identifier", + "description" : "A unique identifier for the parameter.", + "$ref" : "#/definitions/TokenDatatype" }, + "class" : + { "title" : "Parameter Class", + "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", + "$ref" : "#/definitions/TokenDatatype" }, + "depends-on" : + { "title" : "Depends on", + "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "label" : + { "title" : "Parameter Label", + "description" : "A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned.", + "type" : "string" }, + "usage" : + { "title" : "Parameter Usage Description", + "description" : "Describes the purpose and use of a parameter.", + "type" : "string" }, + "constraints" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, + "guidelines" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, + "values" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-control-common_parameter-value" } }, + "select" : + { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id" ], + "additionalProperties" : false }, + "oscal-ar-oscal-control-common:parameter-constraint" : + { "title" : "Constraint", + "description" : "A formal or informal expression of a constraint or test.", + "$id" : "#assembly_oscal-control-common_parameter-constraint", + "type" : "object", + "properties" : + { "description" : + { "title" : "Constraint Description", + "description" : "A textual summary of the constraint to be applied.", + "type" : "string" }, + "tests" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Constraint Test", + "description" : "A test expression which is expected to be evaluated by a tool.", + "type" : "object", + "properties" : + { "expression" : + { "title" : "Constraint test", + "description" : "A formal (executable) expression of a constraint.", + "$ref" : "#/definitions/StringDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "expression" ], + "additionalProperties" : false } } }, + "additionalProperties" : false }, + "oscal-ar-oscal-control-common:parameter-guideline" : + { "title" : "Guideline", + "description" : "A prose statement that provides a recommendation for the use of a parameter.", + "$id" : "#assembly_oscal-control-common_parameter-guideline", + "type" : "object", + "properties" : + { "prose" : + { "title" : "Guideline Text", + "description" : "Prose permits multiple paragraphs, lists, tables etc.", + "type" : "string" } }, + "required" : + [ "prose" ], + "additionalProperties" : false }, + "oscal-ar-oscal-control-common:parameter-value" : + { "title" : "Parameter Value", + "description" : "A parameter value or set of values.", + "$id" : "#field_oscal-control-common_parameter-value", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-ar-oscal-control-common:parameter-selection" : + { "title" : "Selection", + "description" : "Presenting a choice among alternatives.", + "$id" : "#assembly_oscal-control-common_parameter-selection", + "type" : "object", + "properties" : + { "how-many" : + { "title" : "Parameter Cardinality", + "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "one", + "one-or-more" ] } ] }, + "choice" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Choice", + "description" : "A value selection among several such options.", + "type" : "string" } } }, + "additionalProperties" : false }, + "oscal-ar-oscal-control-common:include-all" : + { "title" : "Include All", + "description" : "Include all controls from the imported catalog or profile resources.", + "$id" : "#assembly_oscal-control-common_include-all", + "type" : "object", + "additionalProperties" : false }, + "oscal-ar-oscal-implementation-common:system-component" : + { "title" : "Component", + "description" : "A defined component that can be part of an implemented system.", + "$id" : "#assembly_oscal-implementation-common_system-component", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Component Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Component Type", + "description" : "A category describing the purpose of the component.", + "$ref" : "#/definitions/StringDatatype" }, + "title" : + { "title" : "Component Title", + "description" : "A human readable name for the system component.", + "type" : "string" }, + "description" : + { "title" : "Component Description", + "description" : "A description of the component, including information about its function.", + "type" : "string" }, + "purpose" : + { "title" : "Purpose", + "description" : "A summary of the technological or business purpose of the component.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "status" : + { "title" : "Status", + "description" : "Describes the operational status of the system component.", + "type" : "object", + "properties" : + { "state" : + { "title" : "State", + "description" : "The operational status.", + "allOf" : [ - { "$ref" : "#/definitions/IntegerDatatype" }, - - { "minimum" : 1, - "type" : "number" } ] }, - "StringDatatype" : - { "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, - "TokenDatatype" : - { "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, - "URIDatatype" : - { "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, - "URIReferenceDatatype" : - { "type" : "string", - "format" : "uri-reference" }, - "UUIDDatatype" : - { "type" : "string", - "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "under-development", + "operational", + "disposition", + "other" ] } ] }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "state" ], + "additionalProperties" : false }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "protocols" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_protocol" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "title", + "description", + "status" ], + "additionalProperties" : false }, + "oscal-ar-oscal-implementation-common:protocol" : + { "title" : "Service Protocol Information", + "description" : "Information about the protocol used to provide a service.", + "$id" : "#assembly_oscal-implementation-common_protocol", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Service Protocol Information Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "name" : + { "title" : "Protocol Name", + "description" : "The common name of the protocol, which should be the appropriate \"service name\" from the IANA Service Name and Transport Protocol Port Number Registry.", + "$ref" : "#/definitions/StringDatatype" }, + "title" : + { "title" : "Protocol Title", + "description" : "A human readable name for the protocol (e.g., Transport Layer Security).", + "type" : "string" }, + "port-ranges" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_port-range" } } }, + "required" : + [ "name" ], + "additionalProperties" : false }, + "oscal-ar-oscal-implementation-common:port-range" : + { "title" : "Port Range", + "description" : "Where applicable this is the IPv4 port range on which the service operates.", + "$id" : "#assembly_oscal-implementation-common_port-range", + "type" : "object", + "properties" : + { "start" : + { "title" : "Start", + "description" : "Indicates the starting port number in a port range", + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, + "end" : + { "title" : "End", + "description" : "Indicates the ending port number in a port range", + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, + "transport" : + { "title" : "Transport", + "description" : "Indicates the transport type.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "TCP", + "UDP" ] } ] } }, + "additionalProperties" : false }, + "oscal-ar-oscal-implementation-common:implementation-status" : + { "title" : "Implementation Status", + "description" : "Indicates the degree to which the a given control is implemented.", + "$id" : "#assembly_oscal-implementation-common_implementation-status", + "type" : "object", + "properties" : + { "state" : + { "title" : "Implementation State", + "description" : "Identifies the implementation status of the control or control objective.", + "$ref" : "#/definitions/TokenDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "state" ], + "additionalProperties" : false }, + "oscal-ar-oscal-implementation-common:system-user" : + { "title" : "System User", + "description" : "A type of user that interacts with the system based on an associated role.", + "$id" : "#assembly_oscal-implementation-common_system-user", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "User Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "User Title", + "description" : "A name given to the user, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "User Short Name", + "description" : "A short common name, abbreviation, or acronym for the user.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "User Description", + "description" : "A summary of the user's purpose within the system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "role-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_role-id" } }, + "authorized-privileges" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_authorized-privilege" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false }, + "oscal-ar-oscal-implementation-common:authorized-privilege" : + { "title" : "Privilege", + "description" : "Identifies a specific system privilege held by the user, along with an associated description and/or rationale for the privilege.", + "$id" : "#assembly_oscal-implementation-common_authorized-privilege", + "type" : "object", + "properties" : + { "title" : + { "title" : "Privilege Title", + "description" : "A human readable name for the privilege.", + "type" : "string" }, + "description" : + { "title" : "Privilege Description", + "description" : "A summary of the privilege's purpose within the system.", + "type" : "string" }, + "functions-performed" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-implementation-common_function-performed" } } }, + "required" : + [ "title", + "functions-performed" ], + "additionalProperties" : false }, + "oscal-ar-oscal-implementation-common:function-performed" : + { "title" : "Functions Performed", + "description" : "Describes a function performed for a given authorized privilege by this user class.", + "$id" : "#field_oscal-implementation-common_function-performed", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-ar-oscal-implementation-common:inventory-item" : + { "title" : "Inventory Item", + "description" : "A single managed inventory item within the system.", + "$id" : "#assembly_oscal-implementation-common_inventory-item", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Inventory Item Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Inventory Item Description", + "description" : "A summary of the inventory item stating its purpose within the system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "implemented-components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Implemented Component", + "description" : "The set of components that are implemented in a given system inventory item.", + "type" : "object", + "properties" : + { "component-uuid" : + { "title" : "Component Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", + "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "component-uuid" ], + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false }, + "oscal-ar-oscal-implementation-common:set-parameter" : + { "title" : "Set Parameter Value", + "description" : "Identifies the parameter that will be set by the enclosed value.", + "$id" : "#assembly_oscal-implementation-common_set-parameter", + "type" : "object", + "properties" : + { "param-id" : + { "title" : "Parameter ID", + "description" : "A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context.", + "$ref" : "#/definitions/TokenDatatype" }, + "values" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Parameter Value", + "description" : "A parameter value or set of values.", + "$ref" : "#/definitions/StringDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "param-id", + "values" ], + "additionalProperties" : false }, + "oscal-ar-oscal-implementation-common:system-id" : + { "title" : "System Identification", + "description" : "A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document.", + "$id" : "#field_oscal-implementation-common_system-id", + "type" : "object", "properties" : - { "assessment-results" : - { "$ref" : "#assembly_oscal-ar_assessment-results" } }, + { "identifier-type" : + { "title" : "Identification System Type", + "description" : "Identifies the identification system from which the provided identifier was assigned.", + "$ref" : "#/definitions/URIDatatype" }, + "id" : + { "type" : "string" } }, "required" : - [ "assessment-results" ], - "additionalProperties" : false, - "maxProperties" : 1 } \ No newline at end of file + [ "id" ], + "additionalProperties" : false }, + "Base64Datatype" : + { "type" : "string", + "pattern" : "^[0-9A-Fa-f]+$", + "contentEncoding" : "base64" }, + "DateTimeWithTimezoneDatatype" : + { "type" : "string", + "format" : "date-time", + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, + "EmailAddressDatatype" : + { "type" : "string", + "format" : "email", + "pattern" : "^.+@.+$" }, + "IntegerDatatype" : + { "type" : "integer" }, + "NonNegativeIntegerDatatype" : + { "allOf" : + [ + { "$ref" : "#/definitions/IntegerDatatype" }, + + { "minimum" : 0, + "type" : "number" } ] }, + "PositiveIntegerDatatype" : + { "allOf" : + [ + { "$ref" : "#/definitions/IntegerDatatype" }, + + { "minimum" : 1, + "type" : "number" } ] }, + "StringDatatype" : + { "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "TokenDatatype" : + { "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "URIDatatype" : + { "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "URIReferenceDatatype" : + { "type" : "string", + "format" : "uri-reference" }, + "UUIDDatatype" : + { "type" : "string", + "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "properties" : + { "assessment-results" : + { "$ref" : "#assembly_oscal-ar_assessment-results" } }, + "required" : + [ "assessment-results" ], + "additionalProperties" : false, + "maxProperties" : 1 } \ No newline at end of file diff --git a/json/schema/oscal_catalog_schema.json b/json/schema/oscal_catalog_schema.json index d84d001c30..b3c4b6d914 100644 --- a/json/schema/oscal_catalog_schema.json +++ b/json/schema/oscal_catalog_schema.json @@ -1,1181 +1,1176 @@ - { "$schema" : "http://json-schema.org/draft-07/schema#", - "$id" : "http://csrc.nist.gov/ns/oscal/1.0.4/oscal-catalog-schema.json", - "$comment" : "OSCAL Control Catalog Model: JSON Schema", + { "$schema" : "http://json-schema.org/draft-07/schema#", + "$id" : "http://csrc.nist.gov/ns/oscal/1.0.4/oscal-catalog-schema.json", + "$comment" : "OSCAL Control Catalog Model: JSON Schema", + "type" : "object", + "definitions" : + { "oscal-catalog-oscal-catalog:catalog" : + { "title" : "Catalog", + "description" : "A structured, organized collection of control information.", + "$id" : "#assembly_oscal-catalog_catalog", "type" : "object", - "definitions" : - { "oscal-catalog-oscal-catalog:catalog" : - { "title" : "Catalog", - "description" : "A structured, organized collection of control information.", - "$id" : "#assembly_oscal-catalog_catalog", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Catalog Universally Unique Identifier", - "description" : "Provides a globally unique means to identify a given catalog instance.", - "$ref" : "#/definitions/UUIDDatatype" }, - "metadata" : - { "$ref" : "#assembly_oscal-metadata_metadata" }, - "params" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter" } }, - "controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-catalog_control" } }, - "groups" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-catalog_group" } }, - "back-matter" : - { "$ref" : "#assembly_oscal-metadata_back-matter" } }, - "required" : - [ "uuid", - "metadata" ], - "additionalProperties" : false }, - "oscal-catalog-oscal-catalog:group" : - { "title" : "Control Group", - "description" : "A group of controls, or of groups of controls.", - "$id" : "#assembly_oscal-catalog_group", - "type" : "object", - "properties" : - { "id" : - { "title" : "Group Identifier", - "description" : "Identifies the group for the purpose of cross-linking within the defining instance or from other instances that reference the catalog.", - "$ref" : "#/definitions/TokenDatatype" }, - "class" : - { "title" : "Group Class", - "description" : "A textual label that provides a sub-type or characterization of the group.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Group Title", - "description" : "A name given to the group, which may be used by a tool for display and navigation.", - "type" : "string" }, - "params" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_part" } }, - "groups" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-catalog_group" } }, - "controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-catalog_control" } } }, - "required" : - [ "title" ], - "additionalProperties" : false }, - "oscal-catalog-oscal-catalog:control" : - { "title" : "Control", - "description" : "A structured object representing a requirement or guideline, which when implemented will reduce an aspect of risk related to an information system and its information.", - "$id" : "#assembly_oscal-catalog_control", - "type" : "object", - "properties" : - { "id" : - { "title" : "Control Identifier", - "description" : "Identifies a control such that it can be referenced in the defining catalog and other OSCAL instances (e.g., profiles).", - "$ref" : "#/definitions/TokenDatatype" }, - "class" : - { "title" : "Control Class", - "description" : "A textual label that provides a sub-type or characterization of the control.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Control Title", - "description" : "A name given to the control, which may be used by a tool for display and navigation.", - "type" : "string" }, - "params" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_part" } }, - "mapping" : - { "title" : "Mapping", - "description" : "A mapping between the containing control and another resource.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Mapping Identifier", - "description" : "The unique identifier for the mapping.", - "$ref" : "#/definitions/UUIDDatatype" }, - "target-resource" : - { "$ref" : "#assembly_oscal-mapping-common_mapping-resource-reference" }, - "maps" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-mapping-common_map" } } }, - "required" : - [ "uuid", - "target-resource", - "maps" ], - "additionalProperties" : false }, - "controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-catalog_control" } } }, - "required" : - [ "id", - "title" ], - "additionalProperties" : false }, - "oscal-catalog-oscal-control-common:part" : - { "title" : "Part", - "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", - "$id" : "#assembly_oscal-control-common_part", - "type" : "object", - "properties" : - { "id" : - { "title" : "Part Identifier", - "description" : "A unique identifier for the part.", - "$ref" : "#/definitions/TokenDatatype" }, - "name" : - { "title" : "Part Name", - "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", - "$ref" : "#/definitions/TokenDatatype" }, - "ns" : - { "title" : "Part Namespace", - "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", + "properties" : + { "uuid" : + { "title" : "Catalog Universally Unique Identifier", + "description" : "Provides a globally unique means to identify a given catalog instance.", + "$ref" : "#/definitions/UUIDDatatype" }, + "metadata" : + { "$ref" : "#assembly_oscal-metadata_metadata" }, + "params" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter" } }, + "controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-catalog_control" } }, + "groups" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-catalog_group" } }, + "back-matter" : + { "$ref" : "#assembly_oscal-metadata_back-matter" } }, + "required" : + [ "uuid", + "metadata" ], + "additionalProperties" : false }, + "oscal-catalog-oscal-catalog:group" : + { "title" : "Control Group", + "description" : "A group of controls, or of groups of controls.", + "$id" : "#assembly_oscal-catalog_group", + "type" : "object", + "properties" : + { "id" : + { "title" : "Group Identifier", + "description" : "Identifies the group for the purpose of cross-linking within the defining instance or from other instances that reference the catalog.", + "$ref" : "#/definitions/TokenDatatype" }, + "class" : + { "title" : "Group Class", + "description" : "A textual label that provides a sub-type or characterization of the group.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Group Title", + "description" : "A name given to the group, which may be used by a tool for display and navigation.", + "type" : "string" }, + "params" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_part" } }, + "groups" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-catalog_group" } }, + "controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-catalog_control" } } }, + "required" : + [ "title" ], + "additionalProperties" : false }, + "oscal-catalog-oscal-catalog:control" : + { "title" : "Control", + "description" : "A structured object representing a requirement or guideline, which when implemented will reduce an aspect of risk related to an information system and its information.", + "$id" : "#assembly_oscal-catalog_control", + "type" : "object", + "properties" : + { "id" : + { "title" : "Control Identifier", + "description" : "Identifies a control such that it can be referenced in the defining catalog and other OSCAL instances (e.g., profiles).", + "$ref" : "#/definitions/TokenDatatype" }, + "class" : + { "title" : "Control Class", + "description" : "A textual label that provides a sub-type or characterization of the control.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Control Title", + "description" : "A name given to the control, which may be used by a tool for display and navigation.", + "type" : "string" }, + "params" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_part" } }, + "mapping" : + { "title" : "Mapping", + "description" : "A mapping between the containing control and another resource.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Mapping Identifier", + "description" : "The unique identifier for the mapping.", + "$ref" : "#/definitions/UUIDDatatype" }, + "target-resource" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-resource-reference" }, + "maps" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping-common_map" } } }, + "required" : + [ "uuid", + "target-resource", + "maps" ], + "additionalProperties" : false }, + "controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-catalog_control" } } }, + "required" : + [ "id", + "title" ], + "additionalProperties" : false }, + "oscal-catalog-oscal-control-common:part" : + { "title" : "Part", + "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", + "$id" : "#assembly_oscal-control-common_part", + "type" : "object", + "properties" : + { "id" : + { "title" : "Part Identifier", + "description" : "A unique identifier for the part.", + "$ref" : "#/definitions/TokenDatatype" }, + "name" : + { "title" : "Part Name", + "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", + "$ref" : "#/definitions/TokenDatatype" }, + "ns" : + { "title" : "Part Namespace", + "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "class" : + { "title" : "Part Class", + "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Part Title", + "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "prose" : + { "title" : "Part Text", + "description" : "Permits multiple paragraphs, lists, tables etc.", + "type" : "string" }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_part" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "name" ], + "additionalProperties" : false }, + "oscal-catalog-oscal-control-common:parameter" : + { "title" : "Parameter", + "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", + "$id" : "#assembly_oscal-control-common_parameter", + "type" : "object", + "properties" : + { "id" : + { "title" : "Parameter Identifier", + "description" : "A unique identifier for the parameter.", + "$ref" : "#/definitions/TokenDatatype" }, + "class" : + { "title" : "Parameter Class", + "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", + "$ref" : "#/definitions/TokenDatatype" }, + "depends-on" : + { "title" : "Depends on", + "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "label" : + { "title" : "Parameter Label", + "description" : "A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned.", + "type" : "string" }, + "usage" : + { "title" : "Parameter Usage Description", + "description" : "Describes the purpose and use of a parameter.", + "type" : "string" }, + "constraints" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, + "guidelines" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, + "values" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-control-common_parameter-value" } }, + "select" : + { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id" ], + "additionalProperties" : false }, + "oscal-catalog-oscal-control-common:parameter-constraint" : + { "title" : "Constraint", + "description" : "A formal or informal expression of a constraint or test.", + "$id" : "#assembly_oscal-control-common_parameter-constraint", + "type" : "object", + "properties" : + { "description" : + { "title" : "Constraint Description", + "description" : "A textual summary of the constraint to be applied.", + "type" : "string" }, + "tests" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Constraint Test", + "description" : "A test expression which is expected to be evaluated by a tool.", + "type" : "object", + "properties" : + { "expression" : + { "title" : "Constraint test", + "description" : "A formal (executable) expression of a constraint.", + "$ref" : "#/definitions/StringDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "expression" ], + "additionalProperties" : false } } }, + "additionalProperties" : false }, + "oscal-catalog-oscal-control-common:parameter-guideline" : + { "title" : "Guideline", + "description" : "A prose statement that provides a recommendation for the use of a parameter.", + "$id" : "#assembly_oscal-control-common_parameter-guideline", + "type" : "object", + "properties" : + { "prose" : + { "title" : "Guideline Text", + "description" : "Prose permits multiple paragraphs, lists, tables etc.", + "type" : "string" } }, + "required" : + [ "prose" ], + "additionalProperties" : false }, + "oscal-catalog-oscal-control-common:parameter-value" : + { "title" : "Parameter Value", + "description" : "A parameter value or set of values.", + "$id" : "#field_oscal-control-common_parameter-value", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-catalog-oscal-control-common:parameter-selection" : + { "title" : "Selection", + "description" : "Presenting a choice among alternatives.", + "$id" : "#assembly_oscal-control-common_parameter-selection", + "type" : "object", + "properties" : + { "how-many" : + { "title" : "Parameter Cardinality", + "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "one", + "one-or-more" ] } ] }, + "choice" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Choice", + "description" : "A value selection among several such options.", + "type" : "string" } } }, + "additionalProperties" : false }, + "oscal-catalog-oscal-control-common:include-all" : + { "title" : "Include All", + "description" : "Include all controls from the imported catalog or profile resources.", + "$id" : "#assembly_oscal-control-common_include-all", + "type" : "object", + "additionalProperties" : false }, + "oscal-catalog-oscal-metadata:metadata" : + { "title" : "Document Metadata", + "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", + "$id" : "#assembly_oscal-metadata_metadata", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "revisions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Revision History Entry", + "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "version" ], + "additionalProperties" : false } }, + "document-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_document-id" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Role", + "description" : "Defines a function, which might be assigned to a party in a specific situation.", + "type" : "object", + "properties" : + { "id" : + { "title" : "Role Identifier", + "description" : "A unique identifier for the role.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Role Title", + "description" : "A name given to the role, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "Role Short Name", + "description" : "A short common name, abbreviation, or acronym for the role.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "Role Description", + "description" : "A summary of the role's purpose and associated responsibilities.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id", + "title" ], + "additionalProperties" : false } }, + "locations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location", + "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Location Universally Unique Identifier", + "description" : "A unique ID for the location, for reference.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Location Title", + "description" : "A name given to the location, which may be used by a tool for display and navigation.", + "type" : "string" }, + "address" : + { "$ref" : "#assembly_oscal-metadata_address" }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "urls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location URL", + "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", + "$ref" : "#/definitions/URIDatatype" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } }, + "parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party", + "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Party Universally Unique Identifier", + "description" : "A unique identifier for the party.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Party Type", + "description" : "A category describing the kind of party the object describes.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, + "name" : + { "title" : "Party Name", + "description" : "The full name of the party. This is typically the legal name associated with the party.", + "$ref" : "#/definitions/StringDatatype" }, + "short-name" : + { "title" : "Party Short Name", + "description" : "A short common name, abbreviation, or acronym for the party.", + "$ref" : "#/definitions/StringDatatype" }, + "external-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party External Identifier", + "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "External Identifier Schema", + "description" : "Indicates the type of external identifier.", "$ref" : "#/definitions/URIDatatype" }, - "class" : - { "title" : "Part Class", - "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Part Title", - "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "prose" : - { "title" : "Part Text", - "description" : "Permits multiple paragraphs, lists, tables etc.", - "type" : "string" }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_part" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "name" ], - "additionalProperties" : false }, - "oscal-catalog-oscal-control-common:parameter" : - { "title" : "Parameter", - "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", - "$id" : "#assembly_oscal-control-common_parameter", - "type" : "object", - "properties" : - { "id" : - { "title" : "Parameter Identifier", - "description" : "A unique identifier for the parameter.", - "$ref" : "#/definitions/TokenDatatype" }, - "class" : - { "title" : "Parameter Class", - "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", - "$ref" : "#/definitions/TokenDatatype" }, - "depends-on" : - { "title" : "Depends on", - "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "label" : - { "title" : "Parameter Label", - "description" : "A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned.", - "type" : "string" }, - "usage" : - { "title" : "Parameter Usage Description", - "description" : "Describes the purpose and use of a parameter.", - "type" : "string" }, - "constraints" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, - "guidelines" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, - "values" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-control-common_parameter-value" } }, - "select" : - { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id" ], - "additionalProperties" : false }, - "oscal-catalog-oscal-control-common:parameter-constraint" : - { "title" : "Constraint", - "description" : "A formal or informal expression of a constraint or test.", - "$id" : "#assembly_oscal-control-common_parameter-constraint", - "type" : "object", - "properties" : - { "description" : - { "title" : "Constraint Description", - "description" : "A textual summary of the constraint to be applied.", - "type" : "string" }, - "tests" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Constraint Test", - "description" : "A test expression which is expected to be evaluated by a tool.", - "type" : "object", - "properties" : - { "expression" : - { "title" : "Constraint test", - "description" : "A formal (executable) expression of a constraint.", - "$ref" : "#/definitions/StringDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "expression" ], - "additionalProperties" : false } } }, - "additionalProperties" : false }, - "oscal-catalog-oscal-control-common:parameter-guideline" : - { "title" : "Guideline", - "description" : "A prose statement that provides a recommendation for the use of a parameter.", - "$id" : "#assembly_oscal-control-common_parameter-guideline", - "type" : "object", - "properties" : - { "prose" : - { "title" : "Guideline Text", - "description" : "Prose permits multiple paragraphs, lists, tables etc.", - "type" : "string" } }, - "required" : - [ "prose" ], - "additionalProperties" : false }, - "oscal-catalog-oscal-control-common:parameter-value" : - { "title" : "Parameter Value", - "description" : "A parameter value or set of values.", - "$id" : "#field_oscal-control-common_parameter-value", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-catalog-oscal-control-common:parameter-selection" : - { "title" : "Selection", - "description" : "Presenting a choice among alternatives.", - "$id" : "#assembly_oscal-control-common_parameter-selection", - "type" : "object", - "properties" : - { "how-many" : - { "title" : "Parameter Cardinality", - "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "one", - "one-or-more" ] } ] }, - "choice" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Choice", - "description" : "A value selection among several such options.", - "type" : "string" } } }, - "additionalProperties" : false }, - "oscal-catalog-oscal-control-common:include-all" : - { "title" : "Include All", - "description" : "Include all controls from the imported catalog or profile resources.", - "$id" : "#assembly_oscal-control-common_include-all", - "type" : "object", - "additionalProperties" : false }, - "oscal-catalog-oscal-metadata:metadata" : - { "title" : "Document Metadata", - "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", - "$id" : "#assembly_oscal-metadata_metadata", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "revisions" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Revision History Entry", - "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "version" ], - "additionalProperties" : false } }, - "document-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_document-id" } }, + "id" : + { "type" : "string" } }, + "required" : + [ "id", + "scheme" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_address" } }, + "location-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_location-uuid" } }, + "member-of-organizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Organizational Affiliation", + "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type" ], + "additionalProperties" : false } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "actions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_action" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "title", + "last-modified", + "version", + "oscal-version" ], + "additionalProperties" : false }, + "oscal-catalog-oscal-metadata:location-uuid" : + { "title" : "Location Universally Unique Identifier Reference", + "description" : "Reference to a location by UUID.", + "$id" : "#field_oscal-metadata_location-uuid", + "$ref" : "#/definitions/UUIDDatatype" }, + "oscal-catalog-oscal-metadata:party-uuid" : + { "title" : "Party Universally Unique Identifier Reference", + "description" : "Reference to a party by UUID.", + "$id" : "#field_oscal-metadata_party-uuid", + "$ref" : "#/definitions/UUIDDatatype" }, + "oscal-catalog-oscal-metadata:role-id" : + { "title" : "Role Identifier Reference", + "description" : "Reference to a role by UUID.", + "$id" : "#field_oscal-metadata_role-id", + "$ref" : "#/definitions/TokenDatatype" }, + "oscal-catalog-oscal-metadata:back-matter" : + { "title" : "Back matter", + "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", + "$id" : "#assembly_oscal-metadata_back-matter", + "type" : "object", + "properties" : + { "resources" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Resource", + "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Resource Universally Unique Identifier", + "description" : "A unique identifier for a resource.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Resource Title", + "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", + "type" : "string" }, + "description" : + { "title" : "Resource Description", + "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "document-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_document-id" } }, + "citation" : + { "title" : "Citation", + "description" : "An optional citation consisting of end note text using structured markup.", + "type" : "object", + "properties" : + { "text" : + { "title" : "Citation Text", + "description" : "A line of citation text.", + "type" : "string" }, "props" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, "links" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Role", - "description" : "Defines a function, which might be assigned to a party in a specific situation.", - "type" : "object", - "properties" : - { "id" : - { "title" : "Role Identifier", - "description" : "A unique identifier for the role.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Role Title", - "description" : "A name given to the role, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "Role Short Name", - "description" : "A short common name, abbreviation, or acronym for the role.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "Role Description", - "description" : "A summary of the role's purpose and associated responsibilities.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id", - "title" ], - "additionalProperties" : false } }, - "locations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location", - "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Location Universally Unique Identifier", - "description" : "A unique ID for the location, for reference.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Location Title", - "description" : "A name given to the location, which may be used by a tool for display and navigation.", - "type" : "string" }, - "address" : - { "$ref" : "#assembly_oscal-metadata_address" }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "urls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location URL", - "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", - "$ref" : "#/definitions/URIDatatype" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false } }, - "parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party", - "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Party Universally Unique Identifier", - "description" : "A unique identifier for the party.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Party Type", - "description" : "A category describing the kind of party the object describes.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "person", - "organization" ] } ] }, - "name" : - { "title" : "Party Name", - "description" : "The full name of the party. This is typically the legal name associated with the party.", - "$ref" : "#/definitions/StringDatatype" }, - "short-name" : - { "title" : "Party Short Name", - "description" : "A short common name, abbreviation, or acronym for the party.", - "$ref" : "#/definitions/StringDatatype" }, - "external-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party External Identifier", - "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "External Identifier Schema", - "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id", - "scheme" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_address" } }, - "location-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_location-uuid" } }, - "member-of-organizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Organizational Affiliation", - "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type" ], - "additionalProperties" : false } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "actions" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_action" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "title", - "last-modified", - "version", - "oscal-version" ], - "additionalProperties" : false }, - "oscal-catalog-oscal-metadata:location-uuid" : - { "title" : "Location Universally Unique Identifier Reference", - "description" : "Reference to a location by UUID.", - "$id" : "#field_oscal-metadata_location-uuid", - "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-catalog-oscal-metadata:party-uuid" : - { "title" : "Party Universally Unique Identifier Reference", - "description" : "Reference to a party by UUID.", - "$id" : "#field_oscal-metadata_party-uuid", - "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-catalog-oscal-metadata:role-id" : - { "title" : "Role Identifier Reference", - "description" : "Reference to a role by UUID.", - "$id" : "#field_oscal-metadata_role-id", - "$ref" : "#/definitions/TokenDatatype" }, - "oscal-catalog-oscal-metadata:back-matter" : - { "title" : "Back matter", - "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", - "$id" : "#assembly_oscal-metadata_back-matter", - "type" : "object", - "properties" : - { "resources" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Resource", - "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Resource Universally Unique Identifier", - "description" : "A unique identifier for a resource.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Resource Title", - "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", - "type" : "string" }, - "description" : - { "title" : "Resource Description", - "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "document-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_document-id" } }, - "citation" : - { "title" : "Citation", - "description" : "An optional citation consisting of end note text using structured markup.", - "type" : "object", - "properties" : - { "text" : - { "title" : "Citation Text", - "description" : "A line of citation text.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "text" ], - "additionalProperties" : false }, - "rlinks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Resource link", - "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", - "type" : "object", - "properties" : - { "href" : - { "title" : "Hypertext Reference", - "description" : "A resolvable URL pointing to the referenced resource.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "media-type" : - { "title" : "Media Type", - "description" : "A label that indicates the nature of a resource, as a data serialization or format.", - "$ref" : "#/definitions/StringDatatype" }, - "hashes" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_hash" } } }, - "required" : - [ "href" ], - "additionalProperties" : false } }, - "base64" : - { "title" : "Base64", - "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", - "type" : "object", - "properties" : - { "filename" : - { "title" : "File Name", - "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "$ref" : "#/definitions/TokenDatatype" }, - "media-type" : - { "title" : "Media Type", - "description" : "A label that indicates the nature of a resource, as a data serialization or format.", - "$ref" : "#/definitions/StringDatatype" }, - "value" : - { "type" : "string" } }, - "required" : - [ "value" ], - "additionalProperties" : false }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false } } }, - "additionalProperties" : false }, - "oscal-catalog-oscal-metadata:property" : - { "title" : "Property", - "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", - "$id" : "#assembly_oscal-metadata_property", - "type" : "object", - "properties" : - { "name" : - { "title" : "Property Name", - "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "marking" ] } ] }, - "uuid" : - { "title" : "Property Universally Unique Identifier", - "description" : "A unique identifier for a property.", - "$ref" : "#/definitions/UUIDDatatype" }, - "ns" : - { "title" : "Property Namespace", - "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", - "$ref" : "#/definitions/URIDatatype" }, - "value" : - { "title" : "Property Value", - "description" : "Indicates the value of the attribute, characteristic, or quality.", - "$ref" : "#/definitions/StringDatatype" }, - "class" : - { "title" : "Property Class", - "description" : "A textual label that provides a sub-type or characterization of the property's name.", - "$ref" : "#/definitions/TokenDatatype" }, - "group" : - { "title" : "Property Group", - "description" : "An identifier for relating distinct sets of properties.", - "$ref" : "#/definitions/TokenDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "name", - "value" ], - "additionalProperties" : false }, - "oscal-catalog-oscal-metadata:link" : - { "title" : "Link", - "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", - "$id" : "#assembly_oscal-metadata_link", - "type" : "object", - "properties" : - { "href" : - { "title" : "Hypertext Reference", - "description" : "A resolvable URL reference to a resource.", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "text" ], + "additionalProperties" : false }, + "rlinks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Resource link", + "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", + "type" : "object", + "properties" : + { "href" : + { "title" : "Hypertext Reference", + "description" : "A resolvable URL pointing to the referenced resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, - "rel" : - { "title" : "Link Relation Type", - "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", - "$ref" : "#/definitions/TokenDatatype" }, - "media-type" : - { "title" : "Media Type", + "media-type" : + { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, - "resource-fragment" : - { "title" : "Resource Fragment", - "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", - "$ref" : "#/definitions/StringDatatype" }, - "text" : - { "title" : "Link Text", - "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", - "type" : "string" } }, - "required" : - [ "href" ], - "additionalProperties" : false }, - "oscal-catalog-oscal-metadata:responsible-party" : - { "title" : "Responsible Party", - "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", - "$id" : "#assembly_oscal-metadata_responsible-party", - "type" : "object", - "properties" : - { "role-id" : - { "title" : "Responsible Role", - "description" : "A reference to a role performed by a party.", - "$ref" : "#/definitions/TokenDatatype" }, - "party-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_party-uuid" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "role-id", - "party-uuids" ], - "additionalProperties" : false }, - "oscal-catalog-oscal-metadata:action" : - { "title" : "Action", - "description" : "An action applied by a role within a given party to the content.", - "$id" : "#assembly_oscal-metadata_action", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Action Universally Unique Identifier", - "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "date" : - { "title" : "Action Occurrence Date", - "description" : "The date and time when the action occurred.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "type" : - { "title" : "Action Type", - "description" : "The type of action documented by the assembly, such as an approval.", - "$ref" : "#/definitions/TokenDatatype" }, - "system" : - { "title" : "Action Type System", - "description" : "Specifies the action type system used.", - "$ref" : "#/definitions/URIDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type", - "system" ], - "additionalProperties" : false }, - "oscal-catalog-oscal-metadata:responsible-role" : - { "title" : "Responsible Role", - "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", - "$id" : "#assembly_oscal-metadata_responsible-role", - "type" : "object", - "properties" : - { "role-id" : - { "title" : "Responsible Role ID", - "description" : "A human-oriented identifier reference to a role performed.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "party-uuids" : - { "type" : "array", + "hashes" : + { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#field_oscal-metadata_party-uuid" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "role-id" ], - "additionalProperties" : false }, - "oscal-catalog-oscal-metadata:hash" : - { "title" : "Hash", - "description" : "A representation of a cryptographic digest generated over a resource using a specified hash algorithm.", - "$id" : "#field_oscal-metadata_hash", - "type" : "object", - "properties" : - { "algorithm" : - { "title" : "Hash algorithm", - "description" : "The digest method by which a hash is derived.", - "$ref" : "#/definitions/StringDatatype" }, + { "$ref" : "#field_oscal-metadata_hash" } } }, + "required" : + [ "href" ], + "additionalProperties" : false } }, + "base64" : + { "title" : "Base64", + "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", + "type" : "object", + "properties" : + { "filename" : + { "title" : "File Name", + "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", + "$ref" : "#/definitions/TokenDatatype" }, + "media-type" : + { "title" : "Media Type", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", + "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, - "required" : - [ "value", - "algorithm" ], - "additionalProperties" : false }, - "oscal-catalog-oscal-metadata:remarks" : - { "title" : "Remarks", - "description" : "Additional commentary about the containing object.", - "$id" : "#field_oscal-metadata_remarks", - "type" : "string" }, - "oscal-catalog-oscal-metadata:published" : - { "title" : "Publication Timestamp", - "description" : "The date and time the document was last made available.", - "$id" : "#field_oscal-metadata_published", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "oscal-catalog-oscal-metadata:last-modified" : - { "title" : "Last Modified Timestamp", - "description" : "The date and time the document was last stored for later retrieval.", - "$id" : "#field_oscal-metadata_last-modified", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "oscal-catalog-oscal-metadata:version" : - { "title" : "Document Version", - "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", - "$id" : "#field_oscal-metadata_version", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-catalog-oscal-metadata:oscal-version" : - { "title" : "OSCAL Version", - "description" : "The OSCAL model version the document was authored against and will conform to as valid.", - "$id" : "#field_oscal-metadata_oscal-version", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-catalog-oscal-metadata:email-address" : - { "title" : "Email Address", - "description" : "An email address as defined by RFC 5322 Section 3.4.1.", - "$id" : "#field_oscal-metadata_email-address", - "$ref" : "#/definitions/EmailAddressDatatype" }, - "oscal-catalog-oscal-metadata:telephone-number" : - { "title" : "Telephone Number", - "description" : "A telephone service number as defined by ITU-T E.164.", - "$id" : "#field_oscal-metadata_telephone-number", - "type" : "object", - "properties" : - { "type" : - { "title" : "type flag", - "description" : "Indicates the type of phone number.", - "$ref" : "#/definitions/StringDatatype" }, - "number" : - { "type" : "string" } }, - "required" : - [ "number" ], - "additionalProperties" : false }, - "oscal-catalog-oscal-metadata:address" : - { "title" : "Address", - "description" : "A postal address for the location.", - "$id" : "#assembly_oscal-metadata_address", - "type" : "object", - "properties" : - { "type" : - { "title" : "Address Type", - "description" : "Indicates the type of address.", - "$ref" : "#/definitions/TokenDatatype" }, - "addr-lines" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_addr-line" } }, - "city" : - { "title" : "City", - "description" : "City, town or geographical region for the mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "state" : - { "title" : "State", - "description" : "State, province or analogous geographical region for a mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "postal-code" : - { "title" : "Postal Code", - "description" : "Postal or ZIP code for mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "country" : - { "title" : "Country Code", - "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", - "$ref" : "#/definitions/StringDatatype" } }, - "additionalProperties" : false }, - "oscal-catalog-oscal-metadata:addr-line" : - { "title" : "Address line", - "description" : "A single line of an address.", - "$id" : "#field_oscal-metadata_addr-line", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-catalog-oscal-metadata:document-id" : - { "title" : "Document Identifier", - "description" : "A document identifier qualified by an identifier scheme.", - "$id" : "#field_oscal-metadata_document-id", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "Document Identification Scheme", - "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "$ref" : "#/definitions/URIDatatype" }, - "identifier" : - { "type" : "string" } }, - "required" : - [ "identifier" ], - "additionalProperties" : false }, - "oscal-catalog-oscal-mapping-common:map" : - { "title" : "Mapping Entry", - "description" : "A relationship-based mapping between a source and target set consisting of members (i.e., controls, control statements) from the respective source and target.", - "$id" : "#assembly_oscal-mapping-common_map", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Mapping Entry Identifier", - "description" : "The unique identifier for the mapping entry.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "relationship" : - { "title" : "Mapping Entry Relationship", - "description" : "The relationship type for the mapping entry, which describes the relationship between the effective requirements of the specified source and target sets.", - "type" : "object", - "properties" : - { "ns" : - { "title" : "Relationship Value Namespace", - "description" : "A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name.", - "$ref" : "#/definitions/URIDatatype" }, - "type" : - { "type" : "string" } }, - "required" : - [ "type" ], - "additionalProperties" : false, - "enum" : - [ "equivalent-to", - "equal-to", - "subset-of", - "superset-of", - "intersects-with" ] }, - "sources" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-mapping-common_mapping-item" } }, - "targets" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-mapping-common_mapping-item" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "relationship", - "sources", - "targets" ], - "additionalProperties" : false }, - "oscal-catalog-oscal-mapping-common:mapping-item" : - { "title" : "Mapping Entry Item (source or target)", - "description" : "Identifies a specific edge within a source or target that is the subject of a mapping.", - "$id" : "#assembly_oscal-mapping-common_mapping-item", - "type" : "object", - "properties" : - { "type" : - { "title" : "Subject Type", - "description" : "The semantic type of the subject.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "control", - "statement" ] } ] }, - "id-ref" : - { "title" : "Subject Identifier Reference", - "description" : "A reference to an identified subject that is of the specified type.", - "$ref" : "#/definitions/StringDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "type", - "id-ref" ], - "additionalProperties" : false }, - "oscal-catalog-oscal-mapping-common:mapping-resource-reference" : - { "title" : "Mapped Resource Reference", - "description" : "A reference to a resource that is either the source or target of a mapping.", - "$id" : "#assembly_oscal-mapping-common_mapping-resource-reference", - "type" : "object", - "properties" : - { "type" : - { "title" : "Resource Type", - "description" : "The semantic type of the resource.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "catalog" ] } ] }, - "href" : - { "title" : "Catalog or Profile Reference", - "description" : "A resolvable URL reference to the base catalog or profile that this profile is tailoring.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "type", - "href" ], - "additionalProperties" : false }, - "Base64Datatype" : - { "type" : "string", - "pattern" : "^[0-9A-Fa-f]+$", - "contentEncoding" : "base64" }, - "DateTimeWithTimezoneDatatype" : - { "type" : "string", - "format" : "date-time", - "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, - "EmailAddressDatatype" : - { "type" : "string", - "format" : "email", - "pattern" : "^.+@.+$" }, - "StringDatatype" : - { "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, - "TokenDatatype" : - { "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, - "URIDatatype" : - { "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, - "URIReferenceDatatype" : - { "type" : "string", - "format" : "uri-reference" }, - "UUIDDatatype" : - { "type" : "string", - "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "required" : + [ "value" ], + "additionalProperties" : false }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } } }, + "additionalProperties" : false }, + "oscal-catalog-oscal-metadata:property" : + { "title" : "Property", + "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", + "$id" : "#assembly_oscal-metadata_property", + "type" : "object", + "properties" : + { "name" : + { "title" : "Property Name", + "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", + "$ref" : "#/definitions/TokenDatatype" }, + "uuid" : + { "title" : "Property Universally Unique Identifier", + "description" : "A unique identifier for a property.", + "$ref" : "#/definitions/UUIDDatatype" }, + "ns" : + { "title" : "Property Namespace", + "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "value" : + { "title" : "Property Value", + "description" : "Indicates the value of the attribute, characteristic, or quality.", + "$ref" : "#/definitions/StringDatatype" }, + "class" : + { "title" : "Property Class", + "description" : "A textual label that provides a sub-type or characterization of the property's name.", + "$ref" : "#/definitions/TokenDatatype" }, + "group" : + { "title" : "Property Group", + "description" : "An identifier for relating distinct sets of properties.", + "$ref" : "#/definitions/TokenDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "name", + "value" ], + "additionalProperties" : false }, + "oscal-catalog-oscal-metadata:link" : + { "title" : "Link", + "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", + "$id" : "#assembly_oscal-metadata_link", + "type" : "object", + "properties" : + { "href" : + { "title" : "Hypertext Reference", + "description" : "A resolvable URL reference to a resource.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "rel" : + { "title" : "Link Relation Type", + "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", + "$ref" : "#/definitions/TokenDatatype" }, + "media-type" : + { "title" : "Media Type", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", + "$ref" : "#/definitions/StringDatatype" }, + "resource-fragment" : + { "title" : "Resource Fragment", + "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", + "$ref" : "#/definitions/StringDatatype" }, + "text" : + { "title" : "Link Text", + "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", + "type" : "string" } }, + "required" : + [ "href" ], + "additionalProperties" : false }, + "oscal-catalog-oscal-metadata:responsible-party" : + { "title" : "Responsible Party", + "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", + "$id" : "#assembly_oscal-metadata_responsible-party", + "type" : "object", + "properties" : + { "role-id" : + { "title" : "Responsible Role", + "description" : "A reference to a role performed by a party.", + "$ref" : "#/definitions/TokenDatatype" }, + "party-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_party-uuid" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "role-id", + "party-uuids" ], + "additionalProperties" : false }, + "oscal-catalog-oscal-metadata:action" : + { "title" : "Action", + "description" : "An action applied by a role within a given party to the content.", + "$id" : "#assembly_oscal-metadata_action", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Action Universally Unique Identifier", + "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "date" : + { "title" : "Action Occurrence Date", + "description" : "The date and time when the action occurred.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "type" : + { "title" : "Action Type", + "description" : "The type of action documented by the assembly, such as an approval.", + "$ref" : "#/definitions/TokenDatatype" }, + "system" : + { "title" : "Action Type System", + "description" : "Specifies the action type system used.", + "$ref" : "#/definitions/URIDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "system" ], + "additionalProperties" : false }, + "oscal-catalog-oscal-metadata:responsible-role" : + { "title" : "Responsible Role", + "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", + "$id" : "#assembly_oscal-metadata_responsible-role", + "type" : "object", + "properties" : + { "role-id" : + { "title" : "Responsible Role ID", + "description" : "A human-oriented identifier reference to a role performed.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "party-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_party-uuid" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "role-id" ], + "additionalProperties" : false }, + "oscal-catalog-oscal-metadata:hash" : + { "title" : "Hash", + "description" : "A representation of a cryptographic digest generated over a resource using a specified hash algorithm.", + "$id" : "#field_oscal-metadata_hash", + "type" : "object", + "properties" : + { "algorithm" : + { "title" : "Hash algorithm", + "description" : "The digest method by which a hash is derived.", + "$ref" : "#/definitions/StringDatatype" }, + "value" : + { "type" : "string" } }, + "required" : + [ "value", + "algorithm" ], + "additionalProperties" : false }, + "oscal-catalog-oscal-metadata:remarks" : + { "title" : "Remarks", + "description" : "Additional commentary about the containing object.", + "$id" : "#field_oscal-metadata_remarks", + "type" : "string" }, + "oscal-catalog-oscal-metadata:published" : + { "title" : "Publication Timestamp", + "description" : "The date and time the document was last made available.", + "$id" : "#field_oscal-metadata_published", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "oscal-catalog-oscal-metadata:last-modified" : + { "title" : "Last Modified Timestamp", + "description" : "The date and time the document was last stored for later retrieval.", + "$id" : "#field_oscal-metadata_last-modified", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "oscal-catalog-oscal-metadata:version" : + { "title" : "Document Version", + "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", + "$id" : "#field_oscal-metadata_version", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-catalog-oscal-metadata:oscal-version" : + { "title" : "OSCAL Version", + "description" : "The OSCAL model version the document was authored against and will conform to as valid.", + "$id" : "#field_oscal-metadata_oscal-version", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-catalog-oscal-metadata:email-address" : + { "title" : "Email Address", + "description" : "An email address as defined by RFC 5322 Section 3.4.1.", + "$id" : "#field_oscal-metadata_email-address", + "$ref" : "#/definitions/EmailAddressDatatype" }, + "oscal-catalog-oscal-metadata:telephone-number" : + { "title" : "Telephone Number", + "description" : "A telephone service number as defined by ITU-T E.164.", + "$id" : "#field_oscal-metadata_telephone-number", + "type" : "object", + "properties" : + { "type" : + { "title" : "type flag", + "description" : "Indicates the type of phone number.", + "$ref" : "#/definitions/StringDatatype" }, + "number" : + { "type" : "string" } }, + "required" : + [ "number" ], + "additionalProperties" : false }, + "oscal-catalog-oscal-metadata:address" : + { "title" : "Address", + "description" : "A postal address for the location.", + "$id" : "#assembly_oscal-metadata_address", + "type" : "object", + "properties" : + { "type" : + { "title" : "Address Type", + "description" : "Indicates the type of address.", + "$ref" : "#/definitions/TokenDatatype" }, + "addr-lines" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_addr-line" } }, + "city" : + { "title" : "City", + "description" : "City, town or geographical region for the mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "state" : + { "title" : "State", + "description" : "State, province or analogous geographical region for a mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "postal-code" : + { "title" : "Postal Code", + "description" : "Postal or ZIP code for mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "country" : + { "title" : "Country Code", + "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", + "$ref" : "#/definitions/StringDatatype" } }, + "additionalProperties" : false }, + "oscal-catalog-oscal-metadata:addr-line" : + { "title" : "Address line", + "description" : "A single line of an address.", + "$id" : "#field_oscal-metadata_addr-line", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-catalog-oscal-metadata:document-id" : + { "title" : "Document Identifier", + "description" : "A document identifier qualified by an identifier scheme.", + "$id" : "#field_oscal-metadata_document-id", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "Document Identification Scheme", + "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", + "$ref" : "#/definitions/URIDatatype" }, + "identifier" : + { "type" : "string" } }, + "required" : + [ "identifier" ], + "additionalProperties" : false }, + "oscal-catalog-oscal-mapping-common:map" : + { "title" : "Mapping Entry", + "description" : "A relationship-based mapping between a source and target set consisting of members (i.e., controls, control statements) from the respective source and target.", + "$id" : "#assembly_oscal-mapping-common_map", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Mapping Entry Identifier", + "description" : "The unique identifier for the mapping entry.", + "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "relationship" : + { "title" : "Mapping Entry Relationship", + "description" : "The relationship type for the mapping entry, which describes the relationship between the effective requirements of the specified source and target sets.", + "type" : "object", + "properties" : + { "ns" : + { "title" : "Relationship Value Namespace", + "description" : "A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "type" : + { "type" : "string" } }, + "required" : + [ "type" ], + "additionalProperties" : false, + "enum" : + [ "equivalent-to", + "equal-to", + "subset-of", + "superset-of", + "intersects-with" ] }, + "sources" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-item" } }, + "targets" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-item" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "relationship", + "sources", + "targets" ], + "additionalProperties" : false }, + "oscal-catalog-oscal-mapping-common:mapping-item" : + { "title" : "Mapping Entry Item (source or target)", + "description" : "Identifies a specific edge within a source or target that is the subject of a mapping.", + "$id" : "#assembly_oscal-mapping-common_mapping-item", + "type" : "object", + "properties" : + { "type" : + { "title" : "Subject Type", + "description" : "The semantic type of the subject.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "control", + "statement" ] } ] }, + "id-ref" : + { "title" : "Subject Identifier Reference", + "description" : "A reference to an identified subject that is of the specified type.", + "$ref" : "#/definitions/StringDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "type", + "id-ref" ], + "additionalProperties" : false }, + "oscal-catalog-oscal-mapping-common:mapping-resource-reference" : + { "title" : "Mapped Resource Reference", + "description" : "A reference to a resource that is either the source or target of a mapping.", + "$id" : "#assembly_oscal-mapping-common_mapping-resource-reference", + "type" : "object", "properties" : - { "catalog" : - { "$ref" : "#assembly_oscal-catalog_catalog" } }, + { "type" : + { "title" : "Resource Type", + "description" : "The semantic type of the resource.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "catalog" ] } ] }, + "href" : + { "title" : "Catalog or Profile Reference", + "description" : "A resolvable URL reference to the base catalog or profile that this profile is tailoring.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : - [ "catalog" ], - "additionalProperties" : false, - "maxProperties" : 1 } \ No newline at end of file + [ "type", + "href" ], + "additionalProperties" : false }, + "Base64Datatype" : + { "type" : "string", + "pattern" : "^[0-9A-Fa-f]+$", + "contentEncoding" : "base64" }, + "DateTimeWithTimezoneDatatype" : + { "type" : "string", + "format" : "date-time", + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, + "EmailAddressDatatype" : + { "type" : "string", + "format" : "email", + "pattern" : "^.+@.+$" }, + "StringDatatype" : + { "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "TokenDatatype" : + { "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "URIDatatype" : + { "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "URIReferenceDatatype" : + { "type" : "string", + "format" : "uri-reference" }, + "UUIDDatatype" : + { "type" : "string", + "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "properties" : + { "catalog" : + { "$ref" : "#assembly_oscal-catalog_catalog" } }, + "required" : + [ "catalog" ], + "additionalProperties" : false, + "maxProperties" : 1 } \ No newline at end of file diff --git a/json/schema/oscal_complete_schema.json b/json/schema/oscal_complete_schema.json index 62168e689e..41f81c8704 100644 --- a/json/schema/oscal_complete_schema.json +++ b/json/schema/oscal_complete_schema.json @@ -1,5131 +1,5126 @@ - { "$schema" : "http://json-schema.org/draft-07/schema#", - "$id" : "http://csrc.nist.gov/ns/oscal/1.0/1.0.4/oscal-complete-schema.json", - "$comment" : "OSCAL Unified Model of Models: JSON Schema", + { "$schema" : "http://json-schema.org/draft-07/schema#", + "$id" : "http://csrc.nist.gov/ns/oscal/1.0/1.0.4/oscal-complete-schema.json", + "$comment" : "OSCAL Unified Model of Models: JSON Schema", + "type" : "object", + "definitions" : + { "oscal-complete-oscal-catalog:catalog" : + { "title" : "Catalog", + "description" : "A structured, organized collection of control information.", + "$id" : "#assembly_oscal-catalog_catalog", "type" : "object", - "definitions" : - { "oscal-complete-oscal-catalog:catalog" : - { "title" : "Catalog", - "description" : "A structured, organized collection of control information.", - "$id" : "#assembly_oscal-catalog_catalog", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Catalog Universally Unique Identifier", - "description" : "Provides a globally unique means to identify a given catalog instance.", - "$ref" : "#/definitions/UUIDDatatype" }, - "metadata" : - { "$ref" : "#assembly_oscal-metadata_metadata" }, - "params" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter" } }, - "controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-catalog_control" } }, - "groups" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-catalog_group" } }, - "back-matter" : - { "$ref" : "#assembly_oscal-metadata_back-matter" } }, - "required" : - [ "uuid", - "metadata" ], - "additionalProperties" : false }, - "oscal-complete-oscal-catalog:group" : - { "title" : "Control Group", - "description" : "A group of controls, or of groups of controls.", - "$id" : "#assembly_oscal-catalog_group", - "type" : "object", - "properties" : - { "id" : - { "title" : "Group Identifier", - "description" : "Identifies the group for the purpose of cross-linking within the defining instance or from other instances that reference the catalog.", - "$ref" : "#/definitions/TokenDatatype" }, - "class" : - { "title" : "Group Class", - "description" : "A textual label that provides a sub-type or characterization of the group.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Group Title", - "description" : "A name given to the group, which may be used by a tool for display and navigation.", - "type" : "string" }, - "params" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_part" } }, - "groups" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-catalog_group" } }, - "controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-catalog_control" } } }, - "required" : - [ "title" ], - "additionalProperties" : false }, - "oscal-complete-oscal-catalog:control" : - { "title" : "Control", - "description" : "A structured object representing a requirement or guideline, which when implemented will reduce an aspect of risk related to an information system and its information.", - "$id" : "#assembly_oscal-catalog_control", - "type" : "object", - "properties" : - { "id" : - { "title" : "Control Identifier", - "description" : "Identifies a control such that it can be referenced in the defining catalog and other OSCAL instances (e.g., profiles).", - "$ref" : "#/definitions/TokenDatatype" }, - "class" : - { "title" : "Control Class", - "description" : "A textual label that provides a sub-type or characterization of the control.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Control Title", - "description" : "A name given to the control, which may be used by a tool for display and navigation.", - "type" : "string" }, - "params" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_part" } }, - "mapping" : - { "title" : "Mapping", - "description" : "A mapping between the containing control and another resource.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Mapping Identifier", - "description" : "The unique identifier for the mapping.", - "$ref" : "#/definitions/UUIDDatatype" }, - "target-resource" : - { "$ref" : "#assembly_oscal-mapping-common_mapping-resource-reference" }, - "maps" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-mapping-common_map" } } }, - "required" : - [ "uuid", - "target-resource", - "maps" ], - "additionalProperties" : false }, - "controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-catalog_control" } } }, - "required" : - [ "id", - "title" ], - "additionalProperties" : false }, - "oscal-complete-oscal-control-common:part" : - { "title" : "Part", - "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", - "$id" : "#assembly_oscal-control-common_part", - "type" : "object", - "properties" : - { "id" : - { "title" : "Part Identifier", - "description" : "A unique identifier for the part.", - "$ref" : "#/definitions/TokenDatatype" }, - "name" : - { "title" : "Part Name", - "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", - "$ref" : "#/definitions/TokenDatatype" }, - "ns" : - { "title" : "Part Namespace", - "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", + "properties" : + { "uuid" : + { "title" : "Catalog Universally Unique Identifier", + "description" : "Provides a globally unique means to identify a given catalog instance.", + "$ref" : "#/definitions/UUIDDatatype" }, + "metadata" : + { "$ref" : "#assembly_oscal-metadata_metadata" }, + "params" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter" } }, + "controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-catalog_control" } }, + "groups" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-catalog_group" } }, + "back-matter" : + { "$ref" : "#assembly_oscal-metadata_back-matter" } }, + "required" : + [ "uuid", + "metadata" ], + "additionalProperties" : false }, + "oscal-complete-oscal-catalog:group" : + { "title" : "Control Group", + "description" : "A group of controls, or of groups of controls.", + "$id" : "#assembly_oscal-catalog_group", + "type" : "object", + "properties" : + { "id" : + { "title" : "Group Identifier", + "description" : "Identifies the group for the purpose of cross-linking within the defining instance or from other instances that reference the catalog.", + "$ref" : "#/definitions/TokenDatatype" }, + "class" : + { "title" : "Group Class", + "description" : "A textual label that provides a sub-type or characterization of the group.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Group Title", + "description" : "A name given to the group, which may be used by a tool for display and navigation.", + "type" : "string" }, + "params" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_part" } }, + "groups" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-catalog_group" } }, + "controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-catalog_control" } } }, + "required" : + [ "title" ], + "additionalProperties" : false }, + "oscal-complete-oscal-catalog:control" : + { "title" : "Control", + "description" : "A structured object representing a requirement or guideline, which when implemented will reduce an aspect of risk related to an information system and its information.", + "$id" : "#assembly_oscal-catalog_control", + "type" : "object", + "properties" : + { "id" : + { "title" : "Control Identifier", + "description" : "Identifies a control such that it can be referenced in the defining catalog and other OSCAL instances (e.g., profiles).", + "$ref" : "#/definitions/TokenDatatype" }, + "class" : + { "title" : "Control Class", + "description" : "A textual label that provides a sub-type or characterization of the control.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Control Title", + "description" : "A name given to the control, which may be used by a tool for display and navigation.", + "type" : "string" }, + "params" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_part" } }, + "mapping" : + { "title" : "Mapping", + "description" : "A mapping between the containing control and another resource.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Mapping Identifier", + "description" : "The unique identifier for the mapping.", + "$ref" : "#/definitions/UUIDDatatype" }, + "target-resource" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-resource-reference" }, + "maps" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping-common_map" } } }, + "required" : + [ "uuid", + "target-resource", + "maps" ], + "additionalProperties" : false }, + "controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-catalog_control" } } }, + "required" : + [ "id", + "title" ], + "additionalProperties" : false }, + "oscal-complete-oscal-control-common:part" : + { "title" : "Part", + "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", + "$id" : "#assembly_oscal-control-common_part", + "type" : "object", + "properties" : + { "id" : + { "title" : "Part Identifier", + "description" : "A unique identifier for the part.", + "$ref" : "#/definitions/TokenDatatype" }, + "name" : + { "title" : "Part Name", + "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", + "$ref" : "#/definitions/TokenDatatype" }, + "ns" : + { "title" : "Part Namespace", + "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "class" : + { "title" : "Part Class", + "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Part Title", + "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "prose" : + { "title" : "Part Text", + "description" : "Permits multiple paragraphs, lists, tables etc.", + "type" : "string" }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_part" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "name" ], + "additionalProperties" : false }, + "oscal-complete-oscal-control-common:parameter" : + { "title" : "Parameter", + "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", + "$id" : "#assembly_oscal-control-common_parameter", + "type" : "object", + "properties" : + { "id" : + { "title" : "Parameter Identifier", + "description" : "A unique identifier for the parameter.", + "$ref" : "#/definitions/TokenDatatype" }, + "class" : + { "title" : "Parameter Class", + "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", + "$ref" : "#/definitions/TokenDatatype" }, + "depends-on" : + { "title" : "Depends on", + "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "label" : + { "title" : "Parameter Label", + "description" : "A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned.", + "type" : "string" }, + "usage" : + { "title" : "Parameter Usage Description", + "description" : "Describes the purpose and use of a parameter.", + "type" : "string" }, + "constraints" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, + "guidelines" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, + "values" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-control-common_parameter-value" } }, + "select" : + { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id" ], + "additionalProperties" : false }, + "oscal-complete-oscal-control-common:parameter-constraint" : + { "title" : "Constraint", + "description" : "A formal or informal expression of a constraint or test.", + "$id" : "#assembly_oscal-control-common_parameter-constraint", + "type" : "object", + "properties" : + { "description" : + { "title" : "Constraint Description", + "description" : "A textual summary of the constraint to be applied.", + "type" : "string" }, + "tests" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Constraint Test", + "description" : "A test expression which is expected to be evaluated by a tool.", + "type" : "object", + "properties" : + { "expression" : + { "title" : "Constraint test", + "description" : "A formal (executable) expression of a constraint.", + "$ref" : "#/definitions/StringDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "expression" ], + "additionalProperties" : false } } }, + "additionalProperties" : false }, + "oscal-complete-oscal-control-common:parameter-guideline" : + { "title" : "Guideline", + "description" : "A prose statement that provides a recommendation for the use of a parameter.", + "$id" : "#assembly_oscal-control-common_parameter-guideline", + "type" : "object", + "properties" : + { "prose" : + { "title" : "Guideline Text", + "description" : "Prose permits multiple paragraphs, lists, tables etc.", + "type" : "string" } }, + "required" : + [ "prose" ], + "additionalProperties" : false }, + "oscal-complete-oscal-control-common:parameter-value" : + { "title" : "Parameter Value", + "description" : "A parameter value or set of values.", + "$id" : "#field_oscal-control-common_parameter-value", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-complete-oscal-control-common:parameter-selection" : + { "title" : "Selection", + "description" : "Presenting a choice among alternatives.", + "$id" : "#assembly_oscal-control-common_parameter-selection", + "type" : "object", + "properties" : + { "how-many" : + { "title" : "Parameter Cardinality", + "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "one", + "one-or-more" ] } ] }, + "choice" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Choice", + "description" : "A value selection among several such options.", + "type" : "string" } } }, + "additionalProperties" : false }, + "oscal-complete-oscal-control-common:include-all" : + { "title" : "Include All", + "description" : "Include all controls from the imported catalog or profile resources.", + "$id" : "#assembly_oscal-control-common_include-all", + "type" : "object", + "additionalProperties" : false }, + "oscal-complete-oscal-metadata:metadata" : + { "title" : "Document Metadata", + "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", + "$id" : "#assembly_oscal-metadata_metadata", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "revisions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Revision History Entry", + "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "version" ], + "additionalProperties" : false } }, + "document-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_document-id" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Role", + "description" : "Defines a function, which might be assigned to a party in a specific situation.", + "type" : "object", + "properties" : + { "id" : + { "title" : "Role Identifier", + "description" : "A unique identifier for the role.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Role Title", + "description" : "A name given to the role, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "Role Short Name", + "description" : "A short common name, abbreviation, or acronym for the role.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "Role Description", + "description" : "A summary of the role's purpose and associated responsibilities.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id", + "title" ], + "additionalProperties" : false } }, + "locations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location", + "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Location Universally Unique Identifier", + "description" : "A unique ID for the location, for reference.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Location Title", + "description" : "A name given to the location, which may be used by a tool for display and navigation.", + "type" : "string" }, + "address" : + { "$ref" : "#assembly_oscal-metadata_address" }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "urls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location URL", + "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", + "$ref" : "#/definitions/URIDatatype" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } }, + "parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party", + "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Party Universally Unique Identifier", + "description" : "A unique identifier for the party.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Party Type", + "description" : "A category describing the kind of party the object describes.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, + "name" : + { "title" : "Party Name", + "description" : "The full name of the party. This is typically the legal name associated with the party.", + "$ref" : "#/definitions/StringDatatype" }, + "short-name" : + { "title" : "Party Short Name", + "description" : "A short common name, abbreviation, or acronym for the party.", + "$ref" : "#/definitions/StringDatatype" }, + "external-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party External Identifier", + "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "External Identifier Schema", + "description" : "Indicates the type of external identifier.", "$ref" : "#/definitions/URIDatatype" }, - "class" : - { "title" : "Part Class", - "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Part Title", - "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", - "type" : "string" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id", + "scheme" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_address" } }, + "location-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_location-uuid" } }, + "member-of-organizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Organizational Affiliation", + "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type" ], + "additionalProperties" : false } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "actions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_action" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "title", + "last-modified", + "version", + "oscal-version" ], + "additionalProperties" : false }, + "oscal-complete-oscal-metadata:location-uuid" : + { "title" : "Location Universally Unique Identifier Reference", + "description" : "Reference to a location by UUID.", + "$id" : "#field_oscal-metadata_location-uuid", + "$ref" : "#/definitions/UUIDDatatype" }, + "oscal-complete-oscal-metadata:party-uuid" : + { "title" : "Party Universally Unique Identifier Reference", + "description" : "Reference to a party by UUID.", + "$id" : "#field_oscal-metadata_party-uuid", + "$ref" : "#/definitions/UUIDDatatype" }, + "oscal-complete-oscal-metadata:role-id" : + { "title" : "Role Identifier Reference", + "description" : "Reference to a role by UUID.", + "$id" : "#field_oscal-metadata_role-id", + "$ref" : "#/definitions/TokenDatatype" }, + "oscal-complete-oscal-metadata:back-matter" : + { "title" : "Back matter", + "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", + "$id" : "#assembly_oscal-metadata_back-matter", + "type" : "object", + "properties" : + { "resources" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Resource", + "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Resource Universally Unique Identifier", + "description" : "A unique identifier for a resource.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Resource Title", + "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", + "type" : "string" }, + "description" : + { "title" : "Resource Description", + "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "document-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_document-id" } }, + "citation" : + { "title" : "Citation", + "description" : "An optional citation consisting of end note text using structured markup.", + "type" : "object", + "properties" : + { "text" : + { "title" : "Citation Text", + "description" : "A line of citation text.", + "type" : "string" }, "props" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "prose" : - { "title" : "Part Text", - "description" : "Permits multiple paragraphs, lists, tables etc.", - "type" : "string" }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_part" } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, "links" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "name" ], - "additionalProperties" : false }, - "oscal-complete-oscal-control-common:parameter" : - { "title" : "Parameter", - "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", - "$id" : "#assembly_oscal-control-common_parameter", - "type" : "object", - "properties" : - { "id" : - { "title" : "Parameter Identifier", - "description" : "A unique identifier for the parameter.", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "text" ], + "additionalProperties" : false }, + "rlinks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Resource link", + "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", + "type" : "object", + "properties" : + { "href" : + { "title" : "Hypertext Reference", + "description" : "A resolvable URL pointing to the referenced resource.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "media-type" : + { "title" : "Media Type", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", + "$ref" : "#/definitions/StringDatatype" }, + "hashes" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_hash" } } }, + "required" : + [ "href" ], + "additionalProperties" : false } }, + "base64" : + { "title" : "Base64", + "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", + "type" : "object", + "properties" : + { "filename" : + { "title" : "File Name", + "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", + "$ref" : "#/definitions/TokenDatatype" }, + "media-type" : + { "title" : "Media Type", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", + "$ref" : "#/definitions/StringDatatype" }, + "value" : + { "type" : "string" } }, + "required" : + [ "value" ], + "additionalProperties" : false }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } } }, + "additionalProperties" : false }, + "oscal-complete-oscal-metadata:property" : + { "title" : "Property", + "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", + "$id" : "#assembly_oscal-metadata_property", + "type" : "object", + "properties" : + { "name" : + { "title" : "Property Name", + "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", + "$ref" : "#/definitions/TokenDatatype" }, + "uuid" : + { "title" : "Property Universally Unique Identifier", + "description" : "A unique identifier for a property.", + "$ref" : "#/definitions/UUIDDatatype" }, + "ns" : + { "title" : "Property Namespace", + "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "value" : + { "title" : "Property Value", + "description" : "Indicates the value of the attribute, characteristic, or quality.", + "$ref" : "#/definitions/StringDatatype" }, + "class" : + { "title" : "Property Class", + "description" : "A textual label that provides a sub-type or characterization of the property's name.", + "$ref" : "#/definitions/TokenDatatype" }, + "group" : + { "title" : "Property Group", + "description" : "An identifier for relating distinct sets of properties.", + "$ref" : "#/definitions/TokenDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "name", + "value" ], + "additionalProperties" : false }, + "oscal-complete-oscal-metadata:link" : + { "title" : "Link", + "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", + "$id" : "#assembly_oscal-metadata_link", + "type" : "object", + "properties" : + { "href" : + { "title" : "Hypertext Reference", + "description" : "A resolvable URL reference to a resource.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "rel" : + { "title" : "Link Relation Type", + "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", + "$ref" : "#/definitions/TokenDatatype" }, + "media-type" : + { "title" : "Media Type", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", + "$ref" : "#/definitions/StringDatatype" }, + "resource-fragment" : + { "title" : "Resource Fragment", + "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", + "$ref" : "#/definitions/StringDatatype" }, + "text" : + { "title" : "Link Text", + "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", + "type" : "string" } }, + "required" : + [ "href" ], + "additionalProperties" : false }, + "oscal-complete-oscal-metadata:responsible-party" : + { "title" : "Responsible Party", + "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", + "$id" : "#assembly_oscal-metadata_responsible-party", + "type" : "object", + "properties" : + { "role-id" : + { "title" : "Responsible Role", + "description" : "A reference to a role performed by a party.", + "$ref" : "#/definitions/TokenDatatype" }, + "party-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_party-uuid" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "role-id", + "party-uuids" ], + "additionalProperties" : false }, + "oscal-complete-oscal-metadata:action" : + { "title" : "Action", + "description" : "An action applied by a role within a given party to the content.", + "$id" : "#assembly_oscal-metadata_action", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Action Universally Unique Identifier", + "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "date" : + { "title" : "Action Occurrence Date", + "description" : "The date and time when the action occurred.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "type" : + { "title" : "Action Type", + "description" : "The type of action documented by the assembly, such as an approval.", + "$ref" : "#/definitions/TokenDatatype" }, + "system" : + { "title" : "Action Type System", + "description" : "Specifies the action type system used.", + "$ref" : "#/definitions/URIDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "system" ], + "additionalProperties" : false }, + "oscal-complete-oscal-metadata:responsible-role" : + { "title" : "Responsible Role", + "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", + "$id" : "#assembly_oscal-metadata_responsible-role", + "type" : "object", + "properties" : + { "role-id" : + { "title" : "Responsible Role ID", + "description" : "A human-oriented identifier reference to a role performed.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "party-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_party-uuid" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "role-id" ], + "additionalProperties" : false }, + "oscal-complete-oscal-metadata:hash" : + { "title" : "Hash", + "description" : "A representation of a cryptographic digest generated over a resource using a specified hash algorithm.", + "$id" : "#field_oscal-metadata_hash", + "type" : "object", + "properties" : + { "algorithm" : + { "title" : "Hash algorithm", + "description" : "The digest method by which a hash is derived.", + "$ref" : "#/definitions/StringDatatype" }, + "value" : + { "type" : "string" } }, + "required" : + [ "value", + "algorithm" ], + "additionalProperties" : false }, + "oscal-complete-oscal-metadata:remarks" : + { "title" : "Remarks", + "description" : "Additional commentary about the containing object.", + "$id" : "#field_oscal-metadata_remarks", + "type" : "string" }, + "oscal-complete-oscal-metadata:published" : + { "title" : "Publication Timestamp", + "description" : "The date and time the document was last made available.", + "$id" : "#field_oscal-metadata_published", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "oscal-complete-oscal-metadata:last-modified" : + { "title" : "Last Modified Timestamp", + "description" : "The date and time the document was last stored for later retrieval.", + "$id" : "#field_oscal-metadata_last-modified", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "oscal-complete-oscal-metadata:version" : + { "title" : "Document Version", + "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", + "$id" : "#field_oscal-metadata_version", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-complete-oscal-metadata:oscal-version" : + { "title" : "OSCAL Version", + "description" : "The OSCAL model version the document was authored against and will conform to as valid.", + "$id" : "#field_oscal-metadata_oscal-version", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-complete-oscal-metadata:email-address" : + { "title" : "Email Address", + "description" : "An email address as defined by RFC 5322 Section 3.4.1.", + "$id" : "#field_oscal-metadata_email-address", + "$ref" : "#/definitions/EmailAddressDatatype" }, + "oscal-complete-oscal-metadata:telephone-number" : + { "title" : "Telephone Number", + "description" : "A telephone service number as defined by ITU-T E.164.", + "$id" : "#field_oscal-metadata_telephone-number", + "type" : "object", + "properties" : + { "type" : + { "title" : "type flag", + "description" : "Indicates the type of phone number.", + "$ref" : "#/definitions/StringDatatype" }, + "number" : + { "type" : "string" } }, + "required" : + [ "number" ], + "additionalProperties" : false }, + "oscal-complete-oscal-metadata:address" : + { "title" : "Address", + "description" : "A postal address for the location.", + "$id" : "#assembly_oscal-metadata_address", + "type" : "object", + "properties" : + { "type" : + { "title" : "Address Type", + "description" : "Indicates the type of address.", + "$ref" : "#/definitions/TokenDatatype" }, + "addr-lines" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_addr-line" } }, + "city" : + { "title" : "City", + "description" : "City, town or geographical region for the mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "state" : + { "title" : "State", + "description" : "State, province or analogous geographical region for a mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "postal-code" : + { "title" : "Postal Code", + "description" : "Postal or ZIP code for mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "country" : + { "title" : "Country Code", + "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", + "$ref" : "#/definitions/StringDatatype" } }, + "additionalProperties" : false }, + "oscal-complete-oscal-metadata:addr-line" : + { "title" : "Address line", + "description" : "A single line of an address.", + "$id" : "#field_oscal-metadata_addr-line", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-complete-oscal-metadata:document-id" : + { "title" : "Document Identifier", + "description" : "A document identifier qualified by an identifier scheme.", + "$id" : "#field_oscal-metadata_document-id", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "Document Identification Scheme", + "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", + "$ref" : "#/definitions/URIDatatype" }, + "identifier" : + { "type" : "string" } }, + "required" : + [ "identifier" ], + "additionalProperties" : false }, + "oscal-complete-oscal-mapping-common:map" : + { "title" : "Mapping Entry", + "description" : "A relationship-based mapping between a source and target set consisting of members (i.e., controls, control statements) from the respective source and target.", + "$id" : "#assembly_oscal-mapping-common_map", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Mapping Entry Identifier", + "description" : "The unique identifier for the mapping entry.", + "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "relationship" : + { "title" : "Mapping Entry Relationship", + "description" : "The relationship type for the mapping entry, which describes the relationship between the effective requirements of the specified source and target sets.", + "type" : "object", + "properties" : + { "ns" : + { "title" : "Relationship Value Namespace", + "description" : "A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "type" : + { "type" : "string" } }, + "required" : + [ "type" ], + "additionalProperties" : false, + "enum" : + [ "equivalent-to", + "equal-to", + "subset-of", + "superset-of", + "intersects-with" ] }, + "sources" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-item" } }, + "targets" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-item" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "relationship", + "sources", + "targets" ], + "additionalProperties" : false }, + "oscal-complete-oscal-mapping-common:mapping-item" : + { "title" : "Mapping Entry Item (source or target)", + "description" : "Identifies a specific edge within a source or target that is the subject of a mapping.", + "$id" : "#assembly_oscal-mapping-common_mapping-item", + "type" : "object", + "properties" : + { "type" : + { "title" : "Subject Type", + "description" : "The semantic type of the subject.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "control", + "statement" ] } ] }, + "id-ref" : + { "title" : "Subject Identifier Reference", + "description" : "A reference to an identified subject that is of the specified type.", + "$ref" : "#/definitions/StringDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "type", + "id-ref" ], + "additionalProperties" : false }, + "oscal-complete-oscal-mapping-common:mapping-resource-reference" : + { "title" : "Mapped Resource Reference", + "description" : "A reference to a resource that is either the source or target of a mapping.", + "$id" : "#assembly_oscal-mapping-common_mapping-resource-reference", + "type" : "object", + "properties" : + { "type" : + { "title" : "Resource Type", + "description" : "The semantic type of the resource.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "catalog" ] } ] }, + "href" : + { "title" : "Catalog or Profile Reference", + "description" : "A resolvable URL reference to the base catalog or profile that this profile is tailoring.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "type", + "href" ], + "additionalProperties" : false }, + "oscal-complete-oscal-mapping:mapping-collection" : + { "title" : "Mapping Collection", + "description" : "A collection of relationship-based control and/or control statement mappings.", + "$id" : "#assembly_oscal-mapping_mapping-collection", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Mapping Collection Universally Unique Identifier", + "description" : "A globally unique identifier with cross-instance scope for this catalog instance. This UUID should be changed when this document is revised.", + "$ref" : "#/definitions/UUIDDatatype" }, + "metadata" : + { "$ref" : "#assembly_oscal-metadata_metadata" }, + "mappings" : + { "anyOf" : + [ + { "$ref" : "#assembly_oscal-mapping_mapping" }, + + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping_mapping" } } ] }, + "back-matter" : + { "$ref" : "#assembly_oscal-metadata_back-matter" } }, + "required" : + [ "uuid", + "metadata", + "mappings" ], + "additionalProperties" : false }, + "oscal-complete-oscal-mapping:mapping" : + { "title" : "Control Mapping", + "description" : "A mapping between two target resources.", + "$id" : "#assembly_oscal-mapping_mapping", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Mapping Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "source-resource" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-resource-reference" }, + "target-resource" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-resource-reference" }, + "maps" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping-common_map" } } }, + "required" : + [ "uuid", + "source-resource", + "target-resource", + "maps" ], + "additionalProperties" : false }, + "oscal-complete-oscal-profile:profile" : + { "title" : "Profile", + "description" : "Each OSCAL profile is defined by a profile element.", + "$id" : "#assembly_oscal-profile_profile", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Profile Universally Unique Identifier", + "description" : "Provides a globally unique means to identify a given profile instance.", + "$ref" : "#/definitions/UUIDDatatype" }, + "metadata" : + { "$ref" : "#assembly_oscal-metadata_metadata" }, + "imports" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-profile_import" } }, + "merge" : + { "$ref" : "#assembly_oscal-profile_merge" }, + "modify" : + { "$ref" : "#assembly_oscal-profile_modify" }, + "back-matter" : + { "$ref" : "#assembly_oscal-metadata_back-matter" } }, + "required" : + [ "uuid", + "metadata", + "imports" ], + "additionalProperties" : false }, + "oscal-complete-oscal-profile:import" : + { "title" : "Import Resource", + "description" : "Designates a referenced source catalog or profile that provides a source of control information for use in creating a new overlay or baseline.", + "$id" : "#assembly_oscal-profile_import", + "type" : "object", + "properties" : + { "href" : + { "title" : "Catalog or Profile Reference", + "description" : "A resolvable URL reference to the base catalog or profile that this profile is tailoring.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "include-all" : + { "$ref" : "#assembly_oscal-control-common_include-all" }, + "include-controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-profile_select-control-by-id" } }, + "exclude-controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-profile_select-control-by-id" } } }, + "required" : + [ "href" ], + "additionalProperties" : false }, + "oscal-complete-oscal-profile:merge" : + { "title" : "Merge Controls", + "description" : "Provides structuring directives that instruct how controls are organized after profile resolution.", + "$id" : "#assembly_oscal-profile_merge", + "type" : "object", + "properties" : + { "combine" : + { "title" : "Combination Rule", + "description" : "A Combine element defines how to resolve duplicate instances of the same control (e.g., controls with the same ID).", + "type" : "object", + "properties" : + { "method" : + { "title" : "Combination Method", + "description" : "Declare how clashing controls should be handled.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "use-first", + "merge", + "keep" ] } ] } }, + "additionalProperties" : false }, + "flat" : + { "title" : "Flat Without Grouping", + "description" : "Directs that controls appear without any grouping structure.", + "type" : "object", + "additionalProperties" : false }, + "as-is" : + { "title" : "Group As-Is", + "description" : "Indicates that the controls selected should retain their original grouping as defined in the import source.", + "$ref" : "#/definitions/BooleanDatatype" }, + "custom" : + { "title" : "Custom Grouping", + "description" : "Provides an alternate grouping structure that selected controls will be placed in.", + "type" : "object", + "properties" : + { "groups" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-profile_group" } }, + "insert-controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-profile_insert-controls" } } }, + "additionalProperties" : false } }, + "additionalProperties" : false }, + "oscal-complete-oscal-profile:group" : + { "title" : "Control Group", + "description" : "A group of (selected) controls or of groups of controls.", + "$id" : "#assembly_oscal-profile_group", + "type" : "object", + "properties" : + { "id" : + { "title" : "Group Identifier", + "description" : "Identifies the group.", + "$ref" : "#/definitions/TokenDatatype" }, + "class" : + { "title" : "Group Class", + "description" : "A textual label that provides a sub-type or characterization of the group.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Group Title", + "description" : "A name to be given to the group for use in display.", + "type" : "string" }, + "params" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_part" } }, + "groups" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-profile_group" } }, + "insert-controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-profile_insert-controls" } } }, + "required" : + [ "title" ], + "additionalProperties" : false }, + "oscal-complete-oscal-profile:modify" : + { "title" : "Modify Controls", + "description" : "Set parameters or amend controls in resolution.", + "$id" : "#assembly_oscal-profile_modify", + "type" : "object", + "properties" : + { "set-parameters" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Parameter Setting", + "description" : "A parameter setting, to be propagated to points of insertion.", + "type" : "object", + "properties" : + { "param-id" : + { "title" : "Parameter ID", + "description" : "An identifier for the parameter.", + "$ref" : "#/definitions/TokenDatatype" }, + "class" : + { "title" : "Parameter Class", + "description" : "A textual label that provides a characterization of the parameter.", + "$ref" : "#/definitions/TokenDatatype" }, + "depends-on" : + { "title" : "Depends On", + "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "label" : + { "title" : "Parameter Label", + "description" : "A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned.", + "type" : "string" }, + "usage" : + { "title" : "Parameter Usage Description", + "description" : "Describes the purpose and use of a parameter.", + "type" : "string" }, + "constraints" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, + "guidelines" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, + "values" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-control-common_parameter-value" } }, + "select" : + { "$ref" : "#assembly_oscal-control-common_parameter-selection" } }, + "required" : + [ "param-id" ], + "additionalProperties" : false } }, + "alters" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Alteration", + "description" : "Specifies changes to be made to an included control when a profile is resolved.", + "type" : "object", + "properties" : + { "control-id" : + { "title" : "Control Identifier Reference", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "$ref" : "#/definitions/TokenDatatype" }, + "removes" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Removal", + "description" : "Specifies objects to be removed from a control based on specific aspects of the object that must all match.", + "type" : "object", + "properties" : + { "by-name" : + { "title" : "Reference by (assigned) name", + "description" : "Identify items remove by matching their assigned name.", "$ref" : "#/definitions/TokenDatatype" }, - "class" : - { "title" : "Parameter Class", - "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", + "by-class" : + { "title" : "Reference by class", + "description" : "Identify items to remove by matching their class.", "$ref" : "#/definitions/TokenDatatype" }, - "depends-on" : - { "title" : "Depends on", - "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", + "by-id" : + { "title" : "Reference by ID", + "description" : "Identify items to remove indicated by their id.", "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "label" : - { "title" : "Parameter Label", - "description" : "A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned.", - "type" : "string" }, - "usage" : - { "title" : "Parameter Usage Description", - "description" : "Describes the purpose and use of a parameter.", - "type" : "string" }, - "constraints" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, - "guidelines" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, - "values" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-control-common_parameter-value" } }, - "select" : - { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id" ], - "additionalProperties" : false }, - "oscal-complete-oscal-control-common:parameter-constraint" : - { "title" : "Constraint", - "description" : "A formal or informal expression of a constraint or test.", - "$id" : "#assembly_oscal-control-common_parameter-constraint", - "type" : "object", - "properties" : - { "description" : - { "title" : "Constraint Description", - "description" : "A textual summary of the constraint to be applied.", - "type" : "string" }, - "tests" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Constraint Test", - "description" : "A test expression which is expected to be evaluated by a tool.", - "type" : "object", - "properties" : - { "expression" : - { "title" : "Constraint test", - "description" : "A formal (executable) expression of a constraint.", - "$ref" : "#/definitions/StringDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "expression" ], - "additionalProperties" : false } } }, - "additionalProperties" : false }, - "oscal-complete-oscal-control-common:parameter-guideline" : - { "title" : "Guideline", - "description" : "A prose statement that provides a recommendation for the use of a parameter.", - "$id" : "#assembly_oscal-control-common_parameter-guideline", - "type" : "object", - "properties" : - { "prose" : - { "title" : "Guideline Text", - "description" : "Prose permits multiple paragraphs, lists, tables etc.", - "type" : "string" } }, - "required" : - [ "prose" ], - "additionalProperties" : false }, - "oscal-complete-oscal-control-common:parameter-value" : - { "title" : "Parameter Value", - "description" : "A parameter value or set of values.", - "$id" : "#field_oscal-control-common_parameter-value", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-complete-oscal-control-common:parameter-selection" : - { "title" : "Selection", - "description" : "Presenting a choice among alternatives.", - "$id" : "#assembly_oscal-control-common_parameter-selection", - "type" : "object", - "properties" : - { "how-many" : - { "title" : "Parameter Cardinality", - "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", + "by-item-name" : + { "title" : "Item Name Reference", + "description" : "Identify items to remove by the name of the item's information object name, e.g. title or prop.", "allOf" : [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "one", - "one-or-more" ] } ] }, - "choice" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Choice", - "description" : "A value selection among several such options.", - "type" : "string" } } }, - "additionalProperties" : false }, - "oscal-complete-oscal-control-common:include-all" : - { "title" : "Include All", - "description" : "Include all controls from the imported catalog or profile resources.", - "$id" : "#assembly_oscal-control-common_include-all", - "type" : "object", - "additionalProperties" : false }, - "oscal-complete-oscal-metadata:metadata" : - { "title" : "Document Metadata", - "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", - "$id" : "#assembly_oscal-metadata_metadata", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "revisions" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Revision History Entry", - "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "version" ], - "additionalProperties" : false } }, - "document-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_document-id" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Role", - "description" : "Defines a function, which might be assigned to a party in a specific situation.", - "type" : "object", - "properties" : - { "id" : - { "title" : "Role Identifier", - "description" : "A unique identifier for the role.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Role Title", - "description" : "A name given to the role, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "Role Short Name", - "description" : "A short common name, abbreviation, or acronym for the role.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "Role Description", - "description" : "A summary of the role's purpose and associated responsibilities.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id", - "title" ], - "additionalProperties" : false } }, - "locations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location", - "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Location Universally Unique Identifier", - "description" : "A unique ID for the location, for reference.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Location Title", - "description" : "A name given to the location, which may be used by a tool for display and navigation.", - "type" : "string" }, - "address" : - { "$ref" : "#assembly_oscal-metadata_address" }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "urls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location URL", - "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", - "$ref" : "#/definitions/URIDatatype" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false } }, - "parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party", - "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Party Universally Unique Identifier", - "description" : "A unique identifier for the party.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Party Type", - "description" : "A category describing the kind of party the object describes.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "person", - "organization" ] } ] }, - "name" : - { "title" : "Party Name", - "description" : "The full name of the party. This is typically the legal name associated with the party.", - "$ref" : "#/definitions/StringDatatype" }, - "short-name" : - { "title" : "Party Short Name", - "description" : "A short common name, abbreviation, or acronym for the party.", - "$ref" : "#/definitions/StringDatatype" }, - "external-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party External Identifier", - "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "External Identifier Schema", - "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id", - "scheme" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_address" } }, - "location-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_location-uuid" } }, - "member-of-organizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Organizational Affiliation", - "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type" ], - "additionalProperties" : false } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "actions" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_action" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "title", - "last-modified", - "version", - "oscal-version" ], - "additionalProperties" : false }, - "oscal-complete-oscal-metadata:location-uuid" : - { "title" : "Location Universally Unique Identifier Reference", - "description" : "Reference to a location by UUID.", - "$id" : "#field_oscal-metadata_location-uuid", - "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-complete-oscal-metadata:party-uuid" : - { "title" : "Party Universally Unique Identifier Reference", - "description" : "Reference to a party by UUID.", - "$id" : "#field_oscal-metadata_party-uuid", - "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-complete-oscal-metadata:role-id" : - { "title" : "Role Identifier Reference", - "description" : "Reference to a role by UUID.", - "$id" : "#field_oscal-metadata_role-id", - "$ref" : "#/definitions/TokenDatatype" }, - "oscal-complete-oscal-metadata:back-matter" : - { "title" : "Back matter", - "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", - "$id" : "#assembly_oscal-metadata_back-matter", - "type" : "object", - "properties" : - { "resources" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Resource", - "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Resource Universally Unique Identifier", - "description" : "A unique identifier for a resource.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Resource Title", - "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", - "type" : "string" }, - "description" : - { "title" : "Resource Description", - "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "document-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_document-id" } }, - "citation" : - { "title" : "Citation", - "description" : "An optional citation consisting of end note text using structured markup.", - "type" : "object", - "properties" : - { "text" : - { "title" : "Citation Text", - "description" : "A line of citation text.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "text" ], - "additionalProperties" : false }, - "rlinks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Resource link", - "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", - "type" : "object", - "properties" : - { "href" : - { "title" : "Hypertext Reference", - "description" : "A resolvable URL pointing to the referenced resource.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "media-type" : - { "title" : "Media Type", - "description" : "A label that indicates the nature of a resource, as a data serialization or format.", - "$ref" : "#/definitions/StringDatatype" }, - "hashes" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_hash" } } }, - "required" : - [ "href" ], - "additionalProperties" : false } }, - "base64" : - { "title" : "Base64", - "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", - "type" : "object", - "properties" : - { "filename" : - { "title" : "File Name", - "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "$ref" : "#/definitions/TokenDatatype" }, - "media-type" : - { "title" : "Media Type", - "description" : "A label that indicates the nature of a resource, as a data serialization or format.", - "$ref" : "#/definitions/StringDatatype" }, - "value" : - { "type" : "string" } }, - "required" : - [ "value" ], - "additionalProperties" : false }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false } } }, - "additionalProperties" : false }, - "oscal-complete-oscal-metadata:property" : - { "title" : "Property", - "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", - "$id" : "#assembly_oscal-metadata_property", - "type" : "object", - "properties" : - { "name" : - { "title" : "Property Name", - "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "param", + "prop", + "link", + "part", + "mapping", + "map" ] } ] }, + "by-ns" : + { "title" : "Item Namespace Reference", + "description" : "Identify items to remove by the item's ns, which is the namespace associated with a part, or prop.", + "$ref" : "#/definitions/TokenDatatype" } }, + "additionalProperties" : false } }, + "adds" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Addition", + "description" : "Specifies contents to be added into controls, in resolution.", + "type" : "object", + "properties" : + { "position" : + { "title" : "Position", + "description" : "Where to add the new content with respect to the targeted element (beside it or inside it).", "allOf" : [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "marking" ] } ] }, - "uuid" : - { "title" : "Property Universally Unique Identifier", - "description" : "A unique identifier for a property.", - "$ref" : "#/definitions/UUIDDatatype" }, - "ns" : - { "title" : "Property Namespace", - "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", - "$ref" : "#/definitions/URIDatatype" }, - "value" : - { "title" : "Property Value", - "description" : "Indicates the value of the attribute, characteristic, or quality.", - "$ref" : "#/definitions/StringDatatype" }, - "class" : - { "title" : "Property Class", - "description" : "A textual label that provides a sub-type or characterization of the property's name.", - "$ref" : "#/definitions/TokenDatatype" }, - "group" : - { "title" : "Property Group", - "description" : "An identifier for relating distinct sets of properties.", - "$ref" : "#/definitions/TokenDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "name", - "value" ], - "additionalProperties" : false }, - "oscal-complete-oscal-metadata:link" : - { "title" : "Link", - "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", - "$id" : "#assembly_oscal-metadata_link", - "type" : "object", - "properties" : - { "href" : - { "title" : "Hypertext Reference", - "description" : "A resolvable URL reference to a resource.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "rel" : - { "title" : "Link Relation Type", - "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", - "$ref" : "#/definitions/TokenDatatype" }, - "media-type" : - { "title" : "Media Type", - "description" : "A label that indicates the nature of a resource, as a data serialization or format.", - "$ref" : "#/definitions/StringDatatype" }, - "resource-fragment" : - { "title" : "Resource Fragment", - "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", - "$ref" : "#/definitions/StringDatatype" }, - "text" : - { "title" : "Link Text", - "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", - "type" : "string" } }, - "required" : - [ "href" ], - "additionalProperties" : false }, - "oscal-complete-oscal-metadata:responsible-party" : - { "title" : "Responsible Party", - "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", - "$id" : "#assembly_oscal-metadata_responsible-party", - "type" : "object", - "properties" : - { "role-id" : - { "title" : "Responsible Role", - "description" : "A reference to a role performed by a party.", + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "before", + "after", + "starting", + "ending" ] } ] }, + "by-id" : + { "title" : "Reference by ID", + "description" : "Target location of the addition.", "$ref" : "#/definitions/TokenDatatype" }, - "party-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_party-uuid" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "role-id", - "party-uuids" ], - "additionalProperties" : false }, - "oscal-complete-oscal-metadata:action" : - { "title" : "Action", - "description" : "An action applied by a role within a given party to the content.", - "$id" : "#assembly_oscal-metadata_action", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Action Universally Unique Identifier", - "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "date" : - { "title" : "Action Occurrence Date", - "description" : "The date and time when the action occurred.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "type" : - { "title" : "Action Type", - "description" : "The type of action documented by the assembly, such as an approval.", - "$ref" : "#/definitions/TokenDatatype" }, - "system" : - { "title" : "Action Type System", - "description" : "Specifies the action type system used.", - "$ref" : "#/definitions/URIDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type", - "system" ], - "additionalProperties" : false }, - "oscal-complete-oscal-metadata:responsible-role" : - { "title" : "Responsible Role", - "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", - "$id" : "#assembly_oscal-metadata_responsible-role", - "type" : "object", - "properties" : - { "role-id" : - { "title" : "Responsible Role ID", - "description" : "A human-oriented identifier reference to a role performed.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "party-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_party-uuid" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "role-id" ], - "additionalProperties" : false }, - "oscal-complete-oscal-metadata:hash" : - { "title" : "Hash", - "description" : "A representation of a cryptographic digest generated over a resource using a specified hash algorithm.", - "$id" : "#field_oscal-metadata_hash", - "type" : "object", - "properties" : - { "algorithm" : - { "title" : "Hash algorithm", - "description" : "The digest method by which a hash is derived.", - "$ref" : "#/definitions/StringDatatype" }, - "value" : - { "type" : "string" } }, - "required" : - [ "value", - "algorithm" ], - "additionalProperties" : false }, - "oscal-complete-oscal-metadata:remarks" : - { "title" : "Remarks", - "description" : "Additional commentary about the containing object.", - "$id" : "#field_oscal-metadata_remarks", - "type" : "string" }, - "oscal-complete-oscal-metadata:published" : - { "title" : "Publication Timestamp", - "description" : "The date and time the document was last made available.", - "$id" : "#field_oscal-metadata_published", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "oscal-complete-oscal-metadata:last-modified" : - { "title" : "Last Modified Timestamp", - "description" : "The date and time the document was last stored for later retrieval.", - "$id" : "#field_oscal-metadata_last-modified", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "oscal-complete-oscal-metadata:version" : - { "title" : "Document Version", - "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", - "$id" : "#field_oscal-metadata_version", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-complete-oscal-metadata:oscal-version" : - { "title" : "OSCAL Version", - "description" : "The OSCAL model version the document was authored against and will conform to as valid.", - "$id" : "#field_oscal-metadata_oscal-version", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-complete-oscal-metadata:email-address" : - { "title" : "Email Address", - "description" : "An email address as defined by RFC 5322 Section 3.4.1.", - "$id" : "#field_oscal-metadata_email-address", - "$ref" : "#/definitions/EmailAddressDatatype" }, - "oscal-complete-oscal-metadata:telephone-number" : - { "title" : "Telephone Number", - "description" : "A telephone service number as defined by ITU-T E.164.", - "$id" : "#field_oscal-metadata_telephone-number", - "type" : "object", - "properties" : - { "type" : - { "title" : "type flag", - "description" : "Indicates the type of phone number.", - "$ref" : "#/definitions/StringDatatype" }, - "number" : - { "type" : "string" } }, - "required" : - [ "number" ], - "additionalProperties" : false }, - "oscal-complete-oscal-metadata:address" : - { "title" : "Address", - "description" : "A postal address for the location.", - "$id" : "#assembly_oscal-metadata_address", - "type" : "object", - "properties" : - { "type" : - { "title" : "Address Type", - "description" : "Indicates the type of address.", - "$ref" : "#/definitions/TokenDatatype" }, - "addr-lines" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_addr-line" } }, - "city" : - { "title" : "City", - "description" : "City, town or geographical region for the mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "state" : - { "title" : "State", - "description" : "State, province or analogous geographical region for a mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "postal-code" : - { "title" : "Postal Code", - "description" : "Postal or ZIP code for mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "country" : - { "title" : "Country Code", - "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", - "$ref" : "#/definitions/StringDatatype" } }, - "additionalProperties" : false }, - "oscal-complete-oscal-metadata:addr-line" : - { "title" : "Address line", - "description" : "A single line of an address.", - "$id" : "#field_oscal-metadata_addr-line", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-complete-oscal-metadata:document-id" : - { "title" : "Document Identifier", - "description" : "A document identifier qualified by an identifier scheme.", - "$id" : "#field_oscal-metadata_document-id", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "Document Identification Scheme", - "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "$ref" : "#/definitions/URIDatatype" }, - "identifier" : - { "type" : "string" } }, - "required" : - [ "identifier" ], - "additionalProperties" : false }, - "oscal-complete-oscal-mapping-common:map" : - { "title" : "Mapping Entry", - "description" : "A relationship-based mapping between a source and target set consisting of members (i.e., controls, control statements) from the respective source and target.", - "$id" : "#assembly_oscal-mapping-common_map", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Mapping Entry Identifier", - "description" : "The unique identifier for the mapping entry.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "relationship" : - { "title" : "Mapping Entry Relationship", - "description" : "The relationship type for the mapping entry, which describes the relationship between the effective requirements of the specified source and target sets.", - "type" : "object", - "properties" : - { "ns" : - { "title" : "Relationship Value Namespace", - "description" : "A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name.", - "$ref" : "#/definitions/URIDatatype" }, - "type" : - { "type" : "string" } }, - "required" : - [ "type" ], - "additionalProperties" : false, - "enum" : - [ "equivalent-to", - "equal-to", - "subset-of", - "superset-of", - "intersects-with" ] }, - "sources" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-mapping-common_mapping-item" } }, - "targets" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-mapping-common_mapping-item" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "relationship", - "sources", - "targets" ], - "additionalProperties" : false }, - "oscal-complete-oscal-mapping-common:mapping-item" : - { "title" : "Mapping Entry Item (source or target)", - "description" : "Identifies a specific edge within a source or target that is the subject of a mapping.", - "$id" : "#assembly_oscal-mapping-common_mapping-item", - "type" : "object", - "properties" : - { "type" : - { "title" : "Subject Type", - "description" : "The semantic type of the subject.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "control", - "statement" ] } ] }, - "id-ref" : - { "title" : "Subject Identifier Reference", - "description" : "A reference to an identified subject that is of the specified type.", - "$ref" : "#/definitions/StringDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "type", - "id-ref" ], - "additionalProperties" : false }, - "oscal-complete-oscal-mapping-common:mapping-resource-reference" : - { "title" : "Mapped Resource Reference", - "description" : "A reference to a resource that is either the source or target of a mapping.", - "$id" : "#assembly_oscal-mapping-common_mapping-resource-reference", - "type" : "object", - "properties" : - { "type" : - { "title" : "Resource Type", - "description" : "The semantic type of the resource.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "catalog" ] } ] }, - "href" : - { "title" : "Catalog or Profile Reference", - "description" : "A resolvable URL reference to the base catalog or profile that this profile is tailoring.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "type", - "href" ], - "additionalProperties" : false }, - "oscal-complete-oscal-mapping:mapping-collection" : - { "title" : "Mapping Collection", - "description" : "A collection of relationship-based control and/or control statement mappings.", - "$id" : "#assembly_oscal-mapping_mapping-collection", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Mapping Collection Universally Unique Identifier", - "description" : "A globally unique identifier with cross-instance scope for this catalog instance. This UUID should be changed when this document is revised.", - "$ref" : "#/definitions/UUIDDatatype" }, - "metadata" : - { "$ref" : "#assembly_oscal-metadata_metadata" }, - "mappings" : - { "anyOf" : - [ - { "$ref" : "#assembly_oscal-mapping_mapping" }, - - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-mapping_mapping" } } ] }, - "back-matter" : - { "$ref" : "#assembly_oscal-metadata_back-matter" } }, - "required" : - [ "uuid", - "metadata", - "mappings" ], - "additionalProperties" : false }, - "oscal-complete-oscal-mapping:mapping" : - { "title" : "Control Mapping", - "description" : "A mapping between two target resources.", - "$id" : "#assembly_oscal-mapping_mapping", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Mapping Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "source-resource" : - { "$ref" : "#assembly_oscal-mapping-common_mapping-resource-reference" }, - "target-resource" : - { "$ref" : "#assembly_oscal-mapping-common_mapping-resource-reference" }, - "maps" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-mapping-common_map" } } }, - "required" : - [ "uuid", - "source-resource", - "target-resource", - "maps" ], - "additionalProperties" : false }, - "oscal-complete-oscal-profile:profile" : - { "title" : "Profile", - "description" : "Each OSCAL profile is defined by a profile element.", - "$id" : "#assembly_oscal-profile_profile", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Profile Universally Unique Identifier", - "description" : "Provides a globally unique means to identify a given profile instance.", - "$ref" : "#/definitions/UUIDDatatype" }, - "metadata" : - { "$ref" : "#assembly_oscal-metadata_metadata" }, - "imports" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-profile_import" } }, - "merge" : - { "$ref" : "#assembly_oscal-profile_merge" }, - "modify" : - { "$ref" : "#assembly_oscal-profile_modify" }, - "back-matter" : - { "$ref" : "#assembly_oscal-metadata_back-matter" } }, - "required" : - [ "uuid", - "metadata", - "imports" ], - "additionalProperties" : false }, - "oscal-complete-oscal-profile:import" : - { "title" : "Import Resource", - "description" : "Designates a referenced source catalog or profile that provides a source of control information for use in creating a new overlay or baseline.", - "$id" : "#assembly_oscal-profile_import", - "type" : "object", - "properties" : - { "href" : - { "title" : "Catalog or Profile Reference", - "description" : "A resolvable URL reference to the base catalog or profile that this profile is tailoring.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "include-all" : - { "$ref" : "#assembly_oscal-control-common_include-all" }, - "include-controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-profile_select-control-by-id" } }, - "exclude-controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-profile_select-control-by-id" } } }, - "required" : - [ "href" ], - "additionalProperties" : false }, - "oscal-complete-oscal-profile:merge" : - { "title" : "Merge Controls", - "description" : "Provides structuring directives that instruct how controls are organized after profile resolution.", - "$id" : "#assembly_oscal-profile_merge", - "type" : "object", - "properties" : - { "combine" : - { "title" : "Combination Rule", - "description" : "A Combine element defines how to resolve duplicate instances of the same control (e.g., controls with the same ID).", - "type" : "object", - "properties" : - { "method" : - { "title" : "Combination Method", - "description" : "Declare how clashing controls should be handled.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "use-first", - "merge", - "keep" ] } ] } }, - "additionalProperties" : false }, - "flat" : - { "title" : "Flat Without Grouping", - "description" : "Directs that controls appear without any grouping structure.", - "type" : "object", - "additionalProperties" : false }, - "as-is" : - { "title" : "Group As-Is", - "description" : "Indicates that the controls selected should retain their original grouping as defined in the import source.", - "$ref" : "#/definitions/BooleanDatatype" }, - "custom" : - { "title" : "Custom Grouping", - "description" : "Provides an alternate grouping structure that selected controls will be placed in.", - "type" : "object", - "properties" : - { "groups" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-profile_group" } }, - "insert-controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-profile_insert-controls" } } }, - "additionalProperties" : false } }, - "additionalProperties" : false }, - "oscal-complete-oscal-profile:group" : - { "title" : "Control Group", - "description" : "A group of (selected) controls or of groups of controls.", - "$id" : "#assembly_oscal-profile_group", - "type" : "object", - "properties" : - { "id" : - { "title" : "Group Identifier", - "description" : "Identifies the group.", - "$ref" : "#/definitions/TokenDatatype" }, - "class" : - { "title" : "Group Class", - "description" : "A textual label that provides a sub-type or characterization of the group.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Group Title", - "description" : "A name to be given to the group for use in display.", - "type" : "string" }, - "params" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_part" } }, - "groups" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-profile_group" } }, - "insert-controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-profile_insert-controls" } } }, - "required" : - [ "title" ], - "additionalProperties" : false }, - "oscal-complete-oscal-profile:modify" : - { "title" : "Modify Controls", - "description" : "Set parameters or amend controls in resolution.", - "$id" : "#assembly_oscal-profile_modify", - "type" : "object", - "properties" : - { "set-parameters" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Parameter Setting", - "description" : "A parameter setting, to be propagated to points of insertion.", - "type" : "object", - "properties" : - { "param-id" : - { "title" : "Parameter ID", - "description" : "An identifier for the parameter.", - "$ref" : "#/definitions/TokenDatatype" }, - "class" : - { "title" : "Parameter Class", - "description" : "A textual label that provides a characterization of the parameter.", - "$ref" : "#/definitions/TokenDatatype" }, - "depends-on" : - { "title" : "Depends On", - "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "label" : - { "title" : "Parameter Label", - "description" : "A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned.", - "type" : "string" }, - "usage" : - { "title" : "Parameter Usage Description", - "description" : "Describes the purpose and use of a parameter.", - "type" : "string" }, - "constraints" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, - "guidelines" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, - "values" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-control-common_parameter-value" } }, - "select" : - { "$ref" : "#assembly_oscal-control-common_parameter-selection" } }, - "required" : - [ "param-id" ], - "additionalProperties" : false } }, - "alters" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Alteration", - "description" : "Specifies changes to be made to an included control when a profile is resolved.", - "type" : "object", - "properties" : - { "control-id" : - { "title" : "Control Identifier Reference", - "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "$ref" : "#/definitions/TokenDatatype" }, - "removes" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Removal", - "description" : "Specifies objects to be removed from a control based on specific aspects of the object that must all match.", - "type" : "object", - "properties" : - { "by-name" : - { "title" : "Reference by (assigned) name", - "description" : "Identify items remove by matching their assigned name.", - "$ref" : "#/definitions/TokenDatatype" }, - "by-class" : - { "title" : "Reference by class", - "description" : "Identify items to remove by matching their class.", - "$ref" : "#/definitions/TokenDatatype" }, - "by-id" : - { "title" : "Reference by ID", - "description" : "Identify items to remove indicated by their id.", - "$ref" : "#/definitions/TokenDatatype" }, - "by-item-name" : - { "title" : "Item Name Reference", - "description" : "Identify items to remove by the name of the item's information object name, e.g. title or prop.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "param", - "prop", - "link", - "part", - "mapping", - "map" ] } ] }, - "by-ns" : - { "title" : "Item Namespace Reference", - "description" : "Identify items to remove by the item's ns, which is the namespace associated with a part, or prop.", - "$ref" : "#/definitions/TokenDatatype" } }, - "additionalProperties" : false } }, - "adds" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Addition", - "description" : "Specifies contents to be added into controls, in resolution.", - "type" : "object", - "properties" : - { "position" : - { "title" : "Position", - "description" : "Where to add the new content with respect to the targeted element (beside it or inside it).", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "before", - "after", - "starting", - "ending" ] } ] }, - "by-id" : - { "title" : "Reference by ID", - "description" : "Target location of the addition.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Title Change", - "description" : "A name given to the control, which may be used by a tool for display and navigation.", - "type" : "string" }, - "params" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_part" } } }, - "additionalProperties" : false } } }, - "required" : - [ "control-id" ], - "additionalProperties" : false } } }, - "additionalProperties" : false }, - "oscal-complete-oscal-profile:insert-controls" : - { "title" : "Select Controls", - "description" : "Specifies which controls to use in the containing context.", - "$id" : "#assembly_oscal-profile_insert-controls", - "type" : "object", - "properties" : - { "order" : - { "title" : "Order", - "description" : "A designation of how a selection of controls in a profile is to be ordered.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "keep", - "ascending", - "descending" ] } ] }, - "include-all" : - { "$ref" : "#assembly_oscal-control-common_include-all" }, - "include-controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-profile_select-control-by-id" } }, - "exclude-controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-profile_select-control-by-id" } } }, - "additionalProperties" : false }, - "oscal-complete-oscal-profile:select-control-by-id" : - { "title" : "Select Control", - "description" : "Select a control or controls from an imported control set.", - "$id" : "#assembly_oscal-profile_select-control-by-id", - "type" : "object", - "properties" : - { "with-child-controls" : - { "title" : "Include Contained Controls with Control", - "description" : "When a control is included, whether its child (dependent) controls are also included.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "yes", - "no" ] } ] }, - "with-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Match Controls by Identifier", - "description" : "Selecting a control by its ID given as a literal.", - "$ref" : "#/definitions/TokenDatatype" } }, - "matching" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Match Controls by Pattern", - "description" : "Selecting a set of controls by matching their IDs with a wildcard pattern.", - "type" : "object", - "properties" : - { "pattern" : - { "title" : "Pattern", - "description" : "A glob expression matching the IDs of one or more controls to be selected.", - "$ref" : "#/definitions/StringDatatype" } }, - "additionalProperties" : false } } }, - "additionalProperties" : false }, - "oscal-complete-oscal-component-definition:component-definition" : - { "title" : "Component Definition", - "description" : "A collection of component descriptions, which may optionally be grouped by capability.", - "$id" : "#assembly_oscal-component-definition_component-definition", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Component Definition Universally Unique Identifier", - "description" : "Provides a globally unique means to identify a given component definition instance.", - "$ref" : "#/definitions/UUIDDatatype" }, - "metadata" : - { "$ref" : "#assembly_oscal-metadata_metadata" }, - "import-component-definitions" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-component-definition_import-component-definition" } }, - "components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-component-definition_defined-component" } }, - "capabilities" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-component-definition_capability" } }, - "back-matter" : - { "$ref" : "#assembly_oscal-metadata_back-matter" } }, - "required" : - [ "uuid", - "metadata" ], - "additionalProperties" : false }, - "oscal-complete-oscal-component-definition:import-component-definition" : - { "title" : "Import Component Definition", - "description" : "Loads a component definition from another resource.", - "$id" : "#assembly_oscal-component-definition_import-component-definition", - "type" : "object", - "properties" : - { "href" : - { "title" : "Hyperlink Reference", - "description" : "A link to a resource that defines a set of components and/or capabilities to import into this collection.", - "$ref" : "#/definitions/URIReferenceDatatype" } }, - "required" : - [ "href" ], - "additionalProperties" : false }, - "oscal-complete-oscal-component-definition:defined-component" : - { "title" : "Component", - "description" : "A defined component that can be part of an implemented system.", - "$id" : "#assembly_oscal-component-definition_defined-component", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Component Identifier", - "description" : "Provides a globally unique means to identify a given component.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Component Type", - "description" : "A category describing the purpose of the component.", - "$ref" : "#/definitions/StringDatatype" }, - "title" : - { "title" : "Component Title", - "description" : "A human readable name for the component.", - "type" : "string" }, - "description" : - { "title" : "Component Description", - "description" : "A description of the component, including information about its function.", - "type" : "string" }, - "purpose" : - { "title" : "Purpose", - "description" : "A summary of the technological or business purpose of the component.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "protocols" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_protocol" } }, - "control-implementations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-component-definition_control-implementation" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type", - "title", - "description" ], - "additionalProperties" : false }, - "oscal-complete-oscal-component-definition:capability" : - { "title" : "Capability", - "description" : "A grouping of other components and/or capabilities.", - "$id" : "#assembly_oscal-component-definition_capability", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Capability Identifier", - "description" : "Provides a globally unique means to identify a given capability.", - "$ref" : "#/definitions/UUIDDatatype" }, - "name" : - { "title" : "Capability Name", - "description" : "The capability's human-readable name.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "Capability Description", - "description" : "A summary of the capability.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "incorporates-components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-component-definition_incorporates-component" } }, - "control-implementations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-component-definition_control-implementation" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "name", - "description" ], - "additionalProperties" : false }, - "oscal-complete-oscal-component-definition:incorporates-component" : - { "title" : "Incorporates Component", - "description" : "The collection of components comprising this capability.", - "$id" : "#assembly_oscal-component-definition_incorporates-component", - "type" : "object", - "properties" : - { "component-uuid" : - { "title" : "Component Reference", - "description" : "A machine-oriented identifier reference to a component.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Component Description", - "description" : "A description of the component, including information about its function.", - "type" : "string" } }, - "required" : - [ "component-uuid", - "description" ], - "additionalProperties" : false }, - "oscal-complete-oscal-component-definition:control-implementation" : - { "title" : "Control Implementation Set", - "description" : "Defines how the component or capability supports a set of controls.", - "$id" : "#assembly_oscal-component-definition_control-implementation", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Control Implementation Set Identifier", - "description" : "Provides a means to identify a set of control implementations that are supported by a given component or capability.", - "$ref" : "#/definitions/UUIDDatatype" }, - "source" : - { "title" : "Source Resource Reference", - "description" : "A reference to an OSCAL catalog or profile providing the referenced control or subcontrol definition.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "description" : - { "title" : "Control Implementation Description", - "description" : "A description of how the specified set of controls are implemented for the containing component or capability.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "set-parameters" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_set-parameter" } }, - "implemented-requirements" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-component-definition_implemented-requirement" } } }, - "required" : - [ "uuid", - "source", - "description", - "implemented-requirements" ], - "additionalProperties" : false }, - "oscal-complete-oscal-component-definition:implemented-requirement" : - { "title" : "Control Implementation", - "description" : "Describes how the containing component or capability implements an individual control.", - "$id" : "#assembly_oscal-component-definition_implemented-requirement", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Control Implementation Identifier", - "description" : "Provides a globally unique means to identify a given control implementation by a component.", - "$ref" : "#/definitions/UUIDDatatype" }, - "control-id" : - { "title" : "Control Identifier Reference", - "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "$ref" : "#/definitions/TokenDatatype" }, - "description" : - { "title" : "Control Implementation Description", - "description" : "A suggestion from the supplier (e.g., component vendor or author) for how the specified control may be implemented if the containing component or capability is instantiated in a system security plan.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "set-parameters" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_set-parameter" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "statements" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-component-definition_statement" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "control-id", - "description" ], - "additionalProperties" : false }, - "oscal-complete-oscal-component-definition:statement" : - { "title" : "Control Statement Implementation", - "description" : "Identifies which statements within a control are addressed.", - "$id" : "#assembly_oscal-component-definition_statement", - "type" : "object", - "properties" : - { "statement-id" : - { "title" : "Control Statement Reference", - "description" : "A human-oriented identifier reference to a control statement.", - "$ref" : "#/definitions/TokenDatatype" }, - "uuid" : - { "title" : "Control Statement Reference Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Statement Implementation Description", - "description" : "A summary of how the containing control statement is implemented by the component or capability.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "statement-id", - "uuid", - "description" ], - "additionalProperties" : false }, - "oscal-complete-oscal-implementation-common:system-component" : - { "title" : "Component", - "description" : "A defined component that can be part of an implemented system.", - "$id" : "#assembly_oscal-implementation-common_system-component", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Component Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Component Type", - "description" : "A category describing the purpose of the component.", - "$ref" : "#/definitions/StringDatatype" }, - "title" : - { "title" : "Component Title", - "description" : "A human readable name for the system component.", - "type" : "string" }, - "description" : - { "title" : "Component Description", - "description" : "A description of the component, including information about its function.", - "type" : "string" }, - "purpose" : - { "title" : "Purpose", - "description" : "A summary of the technological or business purpose of the component.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "status" : - { "title" : "Status", - "description" : "Describes the operational status of the system component.", - "type" : "object", - "properties" : - { "state" : - { "title" : "State", - "description" : "The operational status.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "under-development", - "operational", - "disposition", - "other" ] } ] }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "state" ], - "additionalProperties" : false }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "protocols" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_protocol" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type", - "title", - "description", - "status" ], - "additionalProperties" : false }, - "oscal-complete-oscal-implementation-common:protocol" : - { "title" : "Service Protocol Information", - "description" : "Information about the protocol used to provide a service.", - "$id" : "#assembly_oscal-implementation-common_protocol", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Service Protocol Information Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "name" : - { "title" : "Protocol Name", - "description" : "The common name of the protocol, which should be the appropriate \"service name\" from the IANA Service Name and Transport Protocol Port Number Registry.", - "$ref" : "#/definitions/StringDatatype" }, - "title" : - { "title" : "Protocol Title", - "description" : "A human readable name for the protocol (e.g., Transport Layer Security).", - "type" : "string" }, - "port-ranges" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_port-range" } } }, - "required" : - [ "name" ], - "additionalProperties" : false }, - "oscal-complete-oscal-implementation-common:port-range" : - { "title" : "Port Range", - "description" : "Where applicable this is the IPv4 port range on which the service operates.", - "$id" : "#assembly_oscal-implementation-common_port-range", - "type" : "object", - "properties" : - { "start" : - { "title" : "Start", - "description" : "Indicates the starting port number in a port range", - "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, - "end" : - { "title" : "End", - "description" : "Indicates the ending port number in a port range", - "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, - "transport" : - { "title" : "Transport", - "description" : "Indicates the transport type.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "TCP", - "UDP" ] } ] } }, - "additionalProperties" : false }, - "oscal-complete-oscal-implementation-common:implementation-status" : - { "title" : "Implementation Status", - "description" : "Indicates the degree to which the a given control is implemented.", - "$id" : "#assembly_oscal-implementation-common_implementation-status", - "type" : "object", - "properties" : - { "state" : - { "title" : "Implementation State", - "description" : "Identifies the implementation status of the control or control objective.", - "$ref" : "#/definitions/TokenDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "state" ], - "additionalProperties" : false }, - "oscal-complete-oscal-implementation-common:system-user" : - { "title" : "System User", - "description" : "A type of user that interacts with the system based on an associated role.", - "$id" : "#assembly_oscal-implementation-common_system-user", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "User Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "User Title", - "description" : "A name given to the user, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "User Short Name", - "description" : "A short common name, abbreviation, or acronym for the user.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "User Description", - "description" : "A summary of the user's purpose within the system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "role-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_role-id" } }, - "authorized-privileges" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_authorized-privilege" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false }, - "oscal-complete-oscal-implementation-common:authorized-privilege" : - { "title" : "Privilege", - "description" : "Identifies a specific system privilege held by the user, along with an associated description and/or rationale for the privilege.", - "$id" : "#assembly_oscal-implementation-common_authorized-privilege", - "type" : "object", - "properties" : - { "title" : - { "title" : "Privilege Title", - "description" : "A human readable name for the privilege.", - "type" : "string" }, - "description" : - { "title" : "Privilege Description", - "description" : "A summary of the privilege's purpose within the system.", - "type" : "string" }, - "functions-performed" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-implementation-common_function-performed" } } }, - "required" : - [ "title", - "functions-performed" ], - "additionalProperties" : false }, - "oscal-complete-oscal-implementation-common:function-performed" : - { "title" : "Functions Performed", - "description" : "Describes a function performed for a given authorized privilege by this user class.", - "$id" : "#field_oscal-implementation-common_function-performed", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-complete-oscal-implementation-common:inventory-item" : - { "title" : "Inventory Item", - "description" : "A single managed inventory item within the system.", - "$id" : "#assembly_oscal-implementation-common_inventory-item", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Inventory Item Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Inventory Item Description", - "description" : "A summary of the inventory item stating its purpose within the system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "implemented-components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Implemented Component", - "description" : "The set of components that are implemented in a given system inventory item.", - "type" : "object", - "properties" : - { "component-uuid" : - { "title" : "Component Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "component-uuid" ], - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false }, - "oscal-complete-oscal-implementation-common:set-parameter" : - { "title" : "Set Parameter Value", - "description" : "Identifies the parameter that will be set by the enclosed value.", - "$id" : "#assembly_oscal-implementation-common_set-parameter", - "type" : "object", - "properties" : - { "param-id" : - { "title" : "Parameter ID", - "description" : "A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context.", - "$ref" : "#/definitions/TokenDatatype" }, - "values" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Parameter Value", - "description" : "A parameter value or set of values.", - "$ref" : "#/definitions/StringDatatype" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "param-id", - "values" ], - "additionalProperties" : false }, - "oscal-complete-oscal-implementation-common:system-id" : - { "title" : "System Identification", - "description" : "A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document.", - "$id" : "#field_oscal-implementation-common_system-id", - "type" : "object", - "properties" : - { "identifier-type" : - { "title" : "Identification System Type", - "description" : "Identifies the identification system from which the provided identifier was assigned.", - "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id" ], - "additionalProperties" : false }, - "oscal-complete-oscal-ssp:system-security-plan" : - { "title" : "System Security Plan (SSP)", - "description" : "A system security plan, such as those described in NIST SP 800-18.", - "$id" : "#assembly_oscal-ssp_system-security-plan", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "System Security Plan Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this system security plan (SSP) elsewhere in this or other OSCAL instances. The locally defined UUID of the SSP can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "metadata" : - { "$ref" : "#assembly_oscal-metadata_metadata" }, - "import-profile" : - { "$ref" : "#assembly_oscal-ssp_import-profile" }, - "system-characteristics" : - { "$ref" : "#assembly_oscal-ssp_system-characteristics" }, - "system-implementation" : - { "$ref" : "#assembly_oscal-ssp_system-implementation" }, - "control-implementation" : - { "$ref" : "#assembly_oscal-ssp_control-implementation" }, - "back-matter" : - { "$ref" : "#assembly_oscal-metadata_back-matter" } }, - "required" : - [ "uuid", - "metadata", - "import-profile", - "system-characteristics", - "system-implementation", - "control-implementation" ], - "additionalProperties" : false }, - "oscal-complete-oscal-ssp:import-profile" : - { "title" : "Import Profile", - "description" : "Used to import the OSCAL profile representing the system's control baseline.", - "$id" : "#assembly_oscal-ssp_import-profile", - "type" : "object", - "properties" : - { "href" : - { "title" : "Profile Reference", - "description" : "A resolvable URL reference to the profile or catalog to use as the system's control baseline.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "href" ], - "additionalProperties" : false }, - "oscal-complete-oscal-ssp:system-characteristics" : - { "title" : "System Characteristics", - "description" : "Contains the characteristics of the system, such as its name, purpose, and security impact level.", - "$id" : "#assembly_oscal-ssp_system-characteristics", - "type" : "object", - "properties" : - { "system-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-implementation-common_system-id" } }, - "system-name" : - { "title" : "System Name - Full", - "description" : "The full name of the system.", - "$ref" : "#/definitions/StringDatatype" }, - "system-name-short" : - { "title" : "System Name - Short", - "description" : "A short name for the system, such as an acronym, that is suitable for display in a data table or summary list.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "System Description", - "description" : "A summary of the system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "date-authorized" : - { "$ref" : "#field_oscal-ssp_date-authorized" }, - "security-sensitivity-level" : - { "title" : "Security Sensitivity Level", - "description" : "The overall information system sensitivity categorization, such as defined by FIPS-199.", - "$ref" : "#/definitions/StringDatatype" }, - "system-information" : - { "$ref" : "#assembly_oscal-ssp_system-information" }, - "security-impact-level" : - { "$ref" : "#assembly_oscal-ssp_security-impact-level" }, - "status" : - { "$ref" : "#assembly_oscal-ssp_status" }, - "authorization-boundary" : - { "$ref" : "#assembly_oscal-ssp_authorization-boundary" }, - "network-architecture" : - { "$ref" : "#assembly_oscal-ssp_network-architecture" }, - "data-flow" : - { "$ref" : "#assembly_oscal-ssp_data-flow" }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "system-ids", - "system-name", - "description", - "security-sensitivity-level", - "system-information", - "security-impact-level", - "status", - "authorization-boundary" ], - "additionalProperties" : false }, - "oscal-complete-oscal-ssp:system-information" : - { "title" : "System Information", - "description" : "Contains details about all information types that are stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60.", - "$id" : "#assembly_oscal-ssp_system-information", - "type" : "object", - "properties" : - { "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "information-types" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Information Type", - "description" : "Contains details about one information type that is stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Information Type Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this information type elsewhere in this or other OSCAL instances. The locally defined UUID of the information type can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "title field", - "description" : "A human readable name for the information type. This title should be meaningful within the context of the system.", - "type" : "string" }, - "description" : - { "title" : "Information Type Description", - "description" : "A summary of how this information type is used within the system.", - "type" : "string" }, - "categorizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Information Type Categorization", - "description" : "A set of information type identifiers qualified by the given identification system used, such as NIST SP 800-60.", - "type" : "object", - "properties" : - { "system" : - { "title" : "Information Type Identification System", - "description" : "Specifies the information type identification system used.", - "$ref" : "#/definitions/URIDatatype" }, - "information-type-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Information Type Systematized Identifier", - "description" : "A human-oriented, globally unique identifier qualified by the given identification system used, such as NIST SP 800-60. This identifier has cross-instance scope and can be used to reference this system elsewhere in this or other OSCAL instances. This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/StringDatatype" } } }, - "required" : - [ "system" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "confidentiality-impact" : - { "$ref" : "#assembly_oscal-ssp_impact" }, - "integrity-impact" : - { "$ref" : "#assembly_oscal-ssp_impact" }, - "availability-impact" : - { "$ref" : "#assembly_oscal-ssp_impact" } }, - "required" : - [ "title", - "description" ], - "additionalProperties" : false } } }, - "required" : - [ "information-types" ], - "additionalProperties" : false }, - "oscal-complete-oscal-ssp:impact" : - { "title" : "Impact Level", - "description" : "The expected level of impact resulting from the described information.", - "$id" : "#assembly_oscal-ssp_impact", - "type" : "object", - "properties" : - { "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "base" : - { "$ref" : "#field_oscal-ssp_base" }, - "selected" : - { "$ref" : "#field_oscal-ssp_selected" }, - "adjustment-justification" : - { "$ref" : "#field_oscal-ssp_adjustment-justification" } }, - "required" : - [ "base" ], - "additionalProperties" : false }, - "oscal-complete-oscal-ssp:base" : - { "title" : "Base Level (Confidentiality, Integrity, or Availability)", - "description" : "The prescribed base (Confidentiality, Integrity, or Availability) security impact level.", - "$id" : "#field_oscal-ssp_base", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-complete-oscal-ssp:selected" : - { "title" : "Selected Level (Confidentiality, Integrity, or Availability)", - "description" : "The selected (Confidentiality, Integrity, or Availability) security impact level.", - "$id" : "#field_oscal-ssp_selected", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-complete-oscal-ssp:adjustment-justification" : - { "title" : "Adjustment Justification", - "description" : "If the selected security level is different from the base security level, this contains the justification for the change.", - "$id" : "#field_oscal-ssp_adjustment-justification", - "type" : "string" }, - "oscal-complete-oscal-ssp:security-impact-level" : - { "title" : "Security Impact Level", - "description" : "The overall level of expected impact resulting from unauthorized disclosure, modification, or loss of access to information.", - "$id" : "#assembly_oscal-ssp_security-impact-level", - "type" : "object", - "properties" : - { "security-objective-confidentiality" : - { "title" : "Security Objective: Confidentiality", - "description" : "A target-level of confidentiality for the system, based on the sensitivity of information within the system.", - "$ref" : "#/definitions/StringDatatype" }, - "security-objective-integrity" : - { "title" : "Security Objective: Integrity", - "description" : "A target-level of integrity for the system, based on the sensitivity of information within the system.", - "$ref" : "#/definitions/StringDatatype" }, - "security-objective-availability" : - { "title" : "Security Objective: Availability", - "description" : "A target-level of availability for the system, based on the sensitivity of information within the system.", - "$ref" : "#/definitions/StringDatatype" } }, - "required" : - [ "security-objective-confidentiality", - "security-objective-integrity", - "security-objective-availability" ], - "additionalProperties" : false }, - "oscal-complete-oscal-ssp:status" : - { "title" : "Status", - "description" : "Describes the operational status of the system.", - "$id" : "#assembly_oscal-ssp_status", - "type" : "object", - "properties" : - { "state" : - { "title" : "State", - "description" : "The current operating status.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "operational", - "under-development", - "under-major-modification", - "disposition", - "other" ] } ] }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "state" ], - "additionalProperties" : false }, - "oscal-complete-oscal-ssp:date-authorized" : - { "title" : "System Authorization Date", - "description" : "The date the system received its authorization.", - "$id" : "#field_oscal-ssp_date-authorized", - "$ref" : "#/definitions/DateDatatype" }, - "oscal-complete-oscal-ssp:authorization-boundary" : - { "title" : "Authorization Boundary", - "description" : "A description of this system's authorization boundary, optionally supplemented by diagrams that illustrate the authorization boundary.", - "$id" : "#assembly_oscal-ssp_authorization-boundary", - "type" : "object", - "properties" : - { "description" : - { "title" : "Authorization Boundary Description", - "description" : "A summary of the system's authorization boundary.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "diagrams" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-ssp_diagram" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "description" ], - "additionalProperties" : false }, - "oscal-complete-oscal-ssp:diagram" : - { "title" : "Diagram", - "description" : "A graphic that provides a visual representation the system, or some aspect of it.", - "$id" : "#assembly_oscal-ssp_diagram", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Diagram ID", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this diagram elsewhere in this or other OSCAL instances. The locally defined UUID of the diagram can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Diagram Description", - "description" : "A summary of the diagram.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "caption" : - { "title" : "Caption", - "description" : "A brief caption to annotate the diagram.", - "type" : "string" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false }, - "oscal-complete-oscal-ssp:network-architecture" : - { "title" : "Network Architecture", - "description" : "A description of the system's network architecture, optionally supplemented by diagrams that illustrate the network architecture.", - "$id" : "#assembly_oscal-ssp_network-architecture", - "type" : "object", - "properties" : - { "description" : - { "title" : "Network Architecture Description", - "description" : "A summary of the system's network architecture.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "diagrams" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-ssp_diagram" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "description" ], - "additionalProperties" : false }, - "oscal-complete-oscal-ssp:data-flow" : - { "title" : "Data Flow", - "description" : "A description of the logical flow of information within the system and across its boundaries, optionally supplemented by diagrams that illustrate these flows.", - "$id" : "#assembly_oscal-ssp_data-flow", - "type" : "object", - "properties" : - { "description" : - { "title" : "Data Flow Description", - "description" : "A summary of the system's data flow.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "diagrams" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-ssp_diagram" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "description" ], - "additionalProperties" : false }, - "oscal-complete-oscal-ssp:system-implementation" : - { "title" : "System Implementation", - "description" : "Provides information as to how the system is implemented.", - "$id" : "#assembly_oscal-ssp_system-implementation", - "type" : "object", - "properties" : - { "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "leveraged-authorizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Leveraged Authorization", - "description" : "A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a common control provider.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Leveraged Authorization Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope and can be used to reference this leveraged authorization elsewhere in this or other OSCAL instances. The locally defined UUID of the leveraged authorization can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "title field", - "description" : "A human readable name for the leveraged authorization in the context of the system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "party-uuid" : - { "title" : "party-uuid field", - "description" : "A machine-oriented identifier reference to the party that manages the leveraged system.", - "$ref" : "#/definitions/UUIDDatatype" }, - "date-authorized" : - { "$ref" : "#field_oscal-ssp_date-authorized" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "title", - "party-uuid", - "date-authorized" ], - "additionalProperties" : false } }, - "users" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_system-user" } }, - "components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, - "inventory-items" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_inventory-item" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "users", - "components" ], - "additionalProperties" : false }, - "oscal-complete-oscal-ssp:control-implementation" : - { "title" : "Control Implementation", - "description" : "Describes how the system satisfies a set of controls.", - "$id" : "#assembly_oscal-ssp_control-implementation", - "type" : "object", - "properties" : - { "description" : - { "title" : "Control Implementation Description", - "description" : "A statement describing important things to know about how this set of control satisfaction documentation is approached.", - "type" : "string" }, - "set-parameters" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_set-parameter" } }, - "implemented-requirements" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-ssp_implemented-requirement" } } }, - "required" : - [ "description", - "implemented-requirements" ], - "additionalProperties" : false }, - "oscal-complete-oscal-ssp:implemented-requirement" : - { "title" : "Control-based Requirement", - "description" : "Describes how the system satisfies the requirements of an individual control.", - "$id" : "#assembly_oscal-ssp_implemented-requirement", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Control Requirement Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control requirement elsewhere in this or other OSCAL instances. The locally defined UUID of the control requirement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "control-id" : - { "title" : "Control Identifier Reference", - "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "set-parameters" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_set-parameter" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "statements" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-ssp_statement" } }, - "by-components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-ssp_by-component" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "control-id" ], - "additionalProperties" : false }, - "oscal-complete-oscal-ssp:statement" : - { "title" : "Specific Control Statement", - "description" : "Identifies which statements within a control are addressed.", - "$id" : "#assembly_oscal-ssp_statement", - "type" : "object", - "properties" : - { "statement-id" : - { "title" : "Control Statement Reference", - "description" : "A human-oriented identifier reference to a control statement.", - "$ref" : "#/definitions/TokenDatatype" }, - "uuid" : - { "title" : "Control Statement Reference Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "by-components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-ssp_by-component" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "statement-id", - "uuid" ], - "additionalProperties" : false }, - "oscal-complete-oscal-ssp:by-component" : - { "title" : "Component Control Implementation", - "description" : "Defines how the referenced component implements a set of controls.", - "$id" : "#assembly_oscal-ssp_by-component", - "type" : "object", - "properties" : - { "component-uuid" : - { "title" : "Component Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to the component that is implemeting a given control.", - "$ref" : "#/definitions/UUIDDatatype" }, - "uuid" : - { "title" : "By-Component Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this by-component entry elsewhere in this or other OSCAL instances. The locally defined UUID of the by-component entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Control Implementation Description", - "description" : "An implementation statement that describes how a control or a control statement is implemented within the referenced system component.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "set-parameters" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_set-parameter" } }, - "implementation-status" : - { "$ref" : "#assembly_oscal-implementation-common_implementation-status" }, - "export" : - { "title" : "Export", - "description" : "Identifies content intended for external consumption, such as with leveraged organizations.", - "type" : "object", - "properties" : - { "description" : - { "title" : "Control Implementation Export Description", - "description" : "An implementation statement that describes the aspects of the control or control statement implementation that can be available to another system leveraging this system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "provided" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Provided Control Implementation", - "description" : "Describes a capability which may be inherited by a leveraging system.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Provided Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this provided entry elsewhere in this or other OSCAL instances. The locally defined UUID of the provided entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Provided Control Implementation Description", - "description" : "An implementation statement that describes the aspects of the control or control statement implementation that can be provided to another system leveraging this system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false } }, - "responsibilities" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Control Implementation Responsibility", - "description" : "Describes a control implementation responsibility imposed on a leveraging system.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Responsibility Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this responsibility elsewhere in this or other OSCAL instances. The locally defined UUID of the responsibility can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "provided-uuid" : - { "title" : "Provided UUID", - "description" : "A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Control Implementation Responsibility Description", - "description" : "An implementation statement that describes the aspects of the control or control statement implementation that a leveraging system must implement to satisfy the control provided by a leveraged system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "additionalProperties" : false }, - "inherited" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Inherited Control Implementation", - "description" : "Describes a control implementation inherited by a leveraging system.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Inherited Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inherited entry elsewhere in this or other OSCAL instances. The locally defined UUID of the inherited control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "provided-uuid" : - { "title" : "Provided UUID", - "description" : "A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Inherited Control Implementation Description", - "description" : "An implementation statement that describes the aspects of a control or control statement implementation that a leveraging system is inheriting from a leveraged system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false } }, - "satisfied" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Satisfied Control Implementation Responsibility", - "description" : "Describes how this system satisfies a responsibility imposed by a leveraged system.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Satisfied Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this satisfied control implementation entry elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "responsibility-uuid" : - { "title" : "Responsibility UUID", - "description" : "A machine-oriented identifier reference to a control implementation that satisfies a responsibility imposed by a leveraged system.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Satisfied Control Implementation Responsibility Description", - "description" : "An implementation statement that describes the aspects of a control or control statement implementation that a leveraging system is implementing based on a requirement from a leveraged system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "component-uuid", - "uuid", - "description" ], - "additionalProperties" : false }, - "oscal-complete-oscal-ap:assessment-plan" : - { "title" : "Security Assessment Plan (SAP)", - "description" : "An assessment plan, such as those provided by a FedRAMP assessor.", - "$id" : "#assembly_oscal-ap_assessment-plan", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Assessment Plan Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment plan in this or other OSCAL instances. The locally defined UUID of the assessment plan can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "metadata" : - { "$ref" : "#assembly_oscal-metadata_metadata" }, - "import-ssp" : - { "$ref" : "#assembly_oscal-assessment-common_import-ssp" }, - "local-definitions" : - { "title" : "Local Definitions", - "description" : "Used to define data objects that are used in the assessment plan, that do not appear in the referenced SSP.", - "type" : "object", - "properties" : - { "components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, - "inventory-items" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_inventory-item" } }, - "users" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_system-user" } }, - "objectives-and-methods" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_local-objective" } }, - "activities" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_activity" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "additionalProperties" : false }, - "terms-and-conditions" : - { "title" : "Assessment Plan Terms and Conditions", - "description" : "Used to define various terms and conditions under which an assessment, described by the plan, can be performed. Each child part defines a different type of term or condition.", - "type" : "object", - "properties" : - { "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-part" } } }, - "additionalProperties" : false }, - "reviewed-controls" : - { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, - "assessment-subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, - "assessment-assets" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-assets" }, - "tasks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_task" } }, - "back-matter" : - { "$ref" : "#assembly_oscal-metadata_back-matter" } }, - "required" : - [ "uuid", - "metadata", - "import-ssp", - "reviewed-controls" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:import-ssp" : - { "title" : "Import System Security Plan", - "description" : "Used by the assessment plan and POA&M to import information about the system.", - "$id" : "#assembly_oscal-assessment-common_import-ssp", - "type" : "object", - "properties" : - { "href" : - { "title" : "System Security Plan Reference", - "description" : "A resolvable URL reference to the system security plan for the system being assessed.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "href" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:local-objective" : - { "title" : "Assessment-Specific Control Objective", - "description" : "A local definition of a control objective for this assessment. Uses catalog syntax for control objective and assessment actions.", - "$id" : "#assembly_oscal-assessment-common_local-objective", - "type" : "object", - "properties" : - { "control-id" : - { "title" : "Control Identifier Reference", - "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "$ref" : "#/definitions/TokenDatatype" }, - "description" : - { "title" : "Objective Description", - "description" : "A human-readable description of this control objective.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_part" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "control-id", - "parts" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:assessment-method" : - { "title" : "Assessment Method", - "description" : "A local definition of a control objective. Uses catalog syntax for control objective and assessment activities.", - "$id" : "#assembly_oscal-assessment-common_assessment-method", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Assessment Method Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Assessment Method Description", - "description" : "A human-readable description of this assessment method.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "part" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-part" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "part" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:activity" : - { "title" : "Activity", - "description" : "Identifies an assessment or related process that can be performed. In the assessment plan, this is an intended activity which may be associated with an assessment task. In the assessment results, this an activity that was actually performed as part of an assessment.", - "$id" : "#assembly_oscal-assessment-common_activity", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Assessment Activity Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Included Activity Title", - "description" : "The title for this included activity.", - "type" : "string" }, - "description" : - { "title" : "Included Activity Description", - "description" : "A human-readable description of this included activity.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "steps" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Step", - "description" : "Identifies an individual step in a series of steps related to an activity, such as an assessment test or examination procedure.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Step Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Step Title", - "description" : "The title for this step.", - "type" : "string" }, - "description" : - { "title" : "Step Description", - "description" : "A human-readable description of this step.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "reviewed-controls" : - { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false } }, - "related-controls" : - { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:task" : - { "title" : "Task", - "description" : "Represents a scheduled event or milestone, which may be associated with a series of assessment actions.", - "$id" : "#assembly_oscal-assessment-common_task", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Task Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Task Type", - "description" : "The type of task.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Task Title", - "description" : "The title for this task.", - "type" : "string" }, - "description" : - { "title" : "Task Description", - "description" : "A human-readable description of this task.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "timing" : - { "title" : "Event Timing", - "description" : "The timing under which the task is intended to occur.", - "type" : "object", - "properties" : - { "on-date" : - { "title" : "On Date Condition", - "description" : "The task is intended to occur on the specified date.", - "type" : "object", - "properties" : - { "date" : - { "title" : "On Date Condition", - "description" : "The task must occur on the specified date.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, - "required" : - [ "date" ], - "additionalProperties" : false }, - "within-date-range" : - { "title" : "On Date Range Condition", - "description" : "The task is intended to occur within the specified date range.", - "type" : "object", - "properties" : - { "start" : - { "title" : "Start Date Condition", - "description" : "The task must occur on or after the specified date.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "end" : - { "title" : "End Date Condition", - "description" : "The task must occur on or before the specified date.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, - "required" : - [ "start", - "end" ], - "additionalProperties" : false }, - "at-frequency" : - { "title" : "Frequency Condition", - "description" : "The task is intended to occur at the specified frequency.", - "type" : "object", - "properties" : - { "period" : - { "title" : "Period", - "description" : "The task must occur after the specified period has elapsed.", - "$ref" : "#/definitions/PositiveIntegerDatatype" }, - "unit" : - { "title" : "Time Unit", - "description" : "The unit of time for the period.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "seconds", - "minutes", - "hours", - "days", - "months", - "years" ] } ] } }, - "required" : - [ "period", - "unit" ], - "additionalProperties" : false } }, - "additionalProperties" : false }, - "dependencies" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Task Dependency", - "description" : "Used to indicate that a task is dependent on another task.", - "type" : "object", - "properties" : - { "task-uuid" : - { "title" : "Task Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a unique task.", - "$ref" : "#/definitions/UUIDDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "task-uuid" ], - "additionalProperties" : false } }, - "tasks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_task" } }, - "associated-activities" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Associated Activity", - "description" : "Identifies an individual activity to be performed as part of a task.", - "type" : "object", - "properties" : - { "activity-uuid" : - { "title" : "Activity Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to an activity defined in the list of activities.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "activity-uuid", - "subjects" ], - "additionalProperties" : false } }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type", - "title" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:reviewed-controls" : - { "title" : "Reviewed Controls and Control Objectives", - "description" : "Identifies the controls being assessed and their control objectives.", - "$id" : "#assembly_oscal-assessment-common_reviewed-controls", - "type" : "object", - "properties" : - { "description" : - { "title" : "Control Objective Description", - "description" : "A human-readable description of control objectives.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "control-selections" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Assessed Controls", - "description" : "Identifies the controls being assessed. In the assessment plan, these are the planned controls. In the assessment results, these are the actual controls, and reflects any changes from the plan.", - "type" : "object", - "properties" : - { "description" : - { "title" : "Assessed Controls Description", - "description" : "A human-readable description of in-scope controls specified for assessment.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "include-all" : - { "$ref" : "#assembly_oscal-control-common_include-all" }, - "include-controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-control-by-id" } }, - "exclude-controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-control-by-id" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "additionalProperties" : false } }, - "control-objective-selections" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Referenced Control Objectives", - "description" : "Identifies the control objectives of the assessment. In the assessment plan, these are the planned objectives. In the assessment results, these are the assessed objectives, and reflects any changes from the plan.", - "type" : "object", - "properties" : - { "description" : - { "title" : "Control Objectives Description", - "description" : "A human-readable description of this collection of control objectives.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "include-all" : - { "$ref" : "#assembly_oscal-control-common_include-all" }, - "include-objectives" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-objective-by-id" } }, - "exclude-objectives" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-objective-by-id" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "control-selections" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:select-control-by-id" : - { "title" : "Select Control", - "description" : "Used to select a control for inclusion/exclusion based on one or more control identifiers. A set of statement identifiers can be used to target the inclusion/exclusion to only specific control statements providing more granularity over the specific statements that are within the asessment scope.", - "$id" : "#assembly_oscal-assessment-common_select-control-by-id", - "type" : "object", - "properties" : - { "control-id" : - { "title" : "Control Identifier Reference", - "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "$ref" : "#/definitions/TokenDatatype" }, - "statement-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Include Specific Statements", - "description" : "Used to constrain the selection to only specificity identified statements.", - "$ref" : "#/definitions/TokenDatatype" } } }, - "required" : - [ "control-id" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:select-objective-by-id" : - { "title" : "Select Objective", - "description" : "Used to select a control objective for inclusion/exclusion based on the control objective's identifier.", - "$id" : "#assembly_oscal-assessment-common_select-objective-by-id", - "type" : "object", - "properties" : - { "objective-id" : - { "title" : "Objective ID", - "description" : "Points to an assessment objective.", - "$ref" : "#/definitions/TokenDatatype" } }, - "required" : - [ "objective-id" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:assessment-subject-placeholder" : - { "title" : "Assessment Subject Placeholder", - "description" : "Used when the assessment subjects will be determined as part of one or more other assessment activities. These assessment subjects will be recorded in the assessment results in the assessment log.", - "$id" : "#assembly_oscal-assessment-common_assessment-subject-placeholder", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Assessment Subject Placeholder Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Assessment Subject Placeholder Description", - "description" : "A human-readable description of intent of this assessment subject placeholder.", - "type" : "string" }, - "sources" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Assessment Subject Source", - "description" : "Assessment subjects will be identified while conducting the referenced activity-instance.", - "type" : "object", - "properties" : - { "task-uuid" : - { "title" : "Task Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "task-uuid" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "sources" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:assessment-subject" : - { "title" : "Subject of Assessment", - "description" : "Identifies system elements being assessed, such as components, inventory items, and locations. In the assessment plan, this identifies a planned assessment subject. In the assessment results this is an actual assessment subject, and reflects any changes from the plan. exactly what will be the focus of this assessment. Any subjects not identified in this way are out-of-scope.", - "$id" : "#assembly_oscal-assessment-common_assessment-subject", - "type" : "object", - "properties" : - { "type" : - { "title" : "Subject Type", - "description" : "Indicates the type of assessment subject, such as a component, inventory, item, location, or party represented by this selection statement.", - "$ref" : "#/definitions/TokenDatatype" }, - "description" : - { "title" : "Include Subjects Description", - "description" : "A human-readable description of the collection of subjects being included in this assessment.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "include-all" : - { "$ref" : "#assembly_oscal-control-common_include-all" }, - "include-subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-subject-by-id" } }, - "exclude-subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-subject-by-id" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "type" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:select-subject-by-id" : - { "title" : "Select Assessment Subject", - "description" : "Identifies a set of assessment subjects to include/exclude by UUID.", - "$id" : "#assembly_oscal-assessment-common_select-subject-by-id", - "type" : "object", - "properties" : - { "subject-uuid" : - { "title" : "Subject Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Subject Universally Unique Identifier Reference Type", - "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "subject-uuid", - "type" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:subject-reference" : - { "title" : "Identifies the Subject", - "description" : "A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else.", - "$id" : "#assembly_oscal-assessment-common_subject-reference", - "type" : "object", - "properties" : - { "subject-uuid" : - { "title" : "Subject Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Subject Universally Unique Identifier Reference Type", - "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Subject Reference Title", - "description" : "The title or name for the referenced subject.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "subject-uuid", - "type" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:assessment-assets" : - { "title" : "Assessment Assets", - "description" : "Identifies the assets used to perform this assessment, such as the assessment team, scanning tools, and assumptions.", - "$id" : "#assembly_oscal-assessment-common_assessment-assets", - "type" : "object", - "properties" : - { "components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, - "assessment-platforms" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Assessment Platform", - "description" : "Used to represent the toolset used to perform aspects of the assessment.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Assessment Platform Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Assessment Platform Title", - "description" : "The title or name for the assessment platform.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "uses-components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Uses Component", - "description" : "The set of components that are used by the assessment platform.", - "type" : "object", - "properties" : - { "component-uuid" : - { "title" : "Component Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "component-uuid" ], - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false } } }, - "required" : - [ "assessment-platforms" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:finding-target" : - { "title" : "Objective Status", - "description" : "Captures an assessor's conclusions regarding the degree to which an objective is satisfied.", - "$id" : "#assembly_oscal-assessment-common_finding-target", - "type" : "object", - "properties" : - { "type" : - { "title" : "Finding Target Type", - "description" : "Identifies the type of the target.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "statement-id", - "objective-id" ] } ] }, - "target-id" : - { "title" : "Finding Target Identifier Reference", - "description" : "A machine-oriented identifier reference for a specific target qualified by the type.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Objective Status Title", - "description" : "The title for this objective status.", - "type" : "string" }, - "description" : - { "title" : "Objective Status Description", - "description" : "A human-readable description of the assessor's conclusions regarding the degree to which an objective is satisfied.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "status" : - { "title" : "Objective Status", - "description" : "A determination of if the objective is satisfied or not within a given system.", - "type" : "object", - "properties" : - { "state" : - { "title" : "Objective Status State", - "description" : "An indication as to whether the objective is satisfied or not.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "satisfied", - "not-satisfied" ] } ] }, - "reason" : - { "title" : "Objective Status Reason", - "description" : "The reason the objective was given it's status.", - "$ref" : "#/definitions/TokenDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "state" ], - "additionalProperties" : false }, - "implementation-status" : - { "$ref" : "#assembly_oscal-implementation-common_implementation-status" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "type", - "target-id", - "status" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:finding" : - { "title" : "Finding", - "description" : "Describes an individual finding.", - "$id" : "#assembly_oscal-assessment-common_finding", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Finding Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Finding Title", - "description" : "The title for this finding.", - "type" : "string" }, - "description" : - { "title" : "Finding Description", - "description" : "A human-readable description of this finding.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "origins" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin" } }, - "target" : - { "$ref" : "#assembly_oscal-assessment-common_finding-target" }, - "implementation-statement-uuid" : - { "title" : "Implementation Statement UUID", - "description" : "A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related.", - "$ref" : "#/definitions/UUIDDatatype" }, - "related-observations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Related Observation", - "description" : "Relates the finding to a set of referenced observations that were used to determine the finding.", - "type" : "object", - "properties" : - { "observation-uuid" : - { "title" : "Observation Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "observation-uuid" ], - "additionalProperties" : false } }, - "related-risks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Associated Risk", - "description" : "Relates the finding to a set of referenced risks that were used to determine the finding.", - "type" : "object", - "properties" : - { "risk-uuid" : - { "title" : "Risk Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a risk defined in the list of risks.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "risk-uuid" ], - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "title", - "description", - "target" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:observation" : - { "title" : "Observation", - "description" : "Describes an individual observation.", - "$id" : "#assembly_oscal-assessment-common_observation", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Observation Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Observation Title", - "description" : "The title for this observation.", - "type" : "string" }, - "description" : - { "title" : "Observation Description", - "description" : "A human-readable description of this assessment observation.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "methods" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Observation Method", - "description" : "Identifies how the observation was made.", - "$ref" : "#/definitions/StringDatatype" } }, - "types" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Observation Type", - "description" : "Identifies the nature of the observation. More than one may be used to further qualify and enable filtering.", - "$ref" : "#/definitions/TokenDatatype" } }, - "origins" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin" } }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } }, - "relevant-evidence" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Relevant Evidence", - "description" : "Links this observation to relevant evidence.", - "type" : "object", - "properties" : - { "href" : - { "title" : "Relevant Evidence Reference", - "description" : "A resolvable URL reference to relevant evidence.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "description" : - { "title" : "Relevant Evidence Description", - "description" : "A human-readable description of this evidence.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "description" ], - "additionalProperties" : false } }, - "collected" : - { "title" : "Collected Field", - "description" : "Date/time stamp identifying when the finding information was collected.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "expires" : - { "title" : "Expires Field", - "description" : "Date/time identifying when the finding information is out-of-date and no longer valid. Typically used with continuous assessment scenarios.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description", - "methods", - "collected" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:origin" : - { "title" : "Origin", - "description" : "Identifies the source of the finding, such as a tool, interviewed person, or activity.", - "$id" : "#assembly_oscal-assessment-common_origin", - "type" : "object", - "properties" : - { "actors" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin-actor" } }, - "related-tasks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_related-task" } } }, - "required" : - [ "actors" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:origin-actor" : - { "title" : "Originating Actor", - "description" : "The actor that produces an observation, a finding, or a risk. One or more actor type can be used to specify a person that is using a tool.", - "$id" : "#assembly_oscal-assessment-common_origin-actor", - "type" : "object", - "properties" : - { "type" : - { "title" : "Actor Type", - "description" : "The kind of actor.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "tool", - "assessment-platform", - "party" ] } ] }, - "actor-uuid" : - { "title" : "Actor Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to the tool or person based on the associated type.", - "$ref" : "#/definitions/UUIDDatatype" }, - "role-id" : - { "title" : "Actor Role", - "description" : "For a party, this can optionally be used to specify the role the actor was performing.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "type", - "actor-uuid" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:related-task" : - { "title" : "Task Reference", - "description" : "Identifies an individual task for which the containing object is a consequence of.", - "$id" : "#assembly_oscal-assessment-common_related-task", - "type" : "object", - "properties" : - { "task-uuid" : - { "title" : "Task Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a unique task.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, - "identified-subject" : - { "title" : "Identified Subject", - "description" : "Used to detail assessment subjects that were identfied by this task.", - "type" : "object", - "properties" : - { "subject-placeholder-uuid" : - { "title" : "Assessment Subject Placeholder Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task.", - "$ref" : "#/definitions/UUIDDatatype" }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } } }, - "required" : - [ "subject-placeholder-uuid", - "subjects" ], - "additionalProperties" : false }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "task-uuid" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:threat-id" : - { "title" : "Threat ID", - "description" : "A pointer, by ID, to an externally-defined threat.", - "$id" : "#field_oscal-assessment-common_threat-id", - "type" : "object", - "properties" : - { "system" : - { "title" : "Threat Type Identification System", - "description" : "Specifies the source of the threat information.", - "$ref" : "#/definitions/URIDatatype" }, - "href" : - { "title" : "Threat Information Resource Reference", - "description" : "An optional location for the threat data, from which this ID originates.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id", - "system" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:risk" : - { "title" : "Identified Risk", - "description" : "An identified risk.", - "$id" : "#assembly_oscal-assessment-common_risk", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Risk Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Risk Title", - "description" : "The title for this risk.", - "type" : "string" }, - "description" : - { "title" : "Risk Description", - "description" : "A human-readable summary of the identified risk, to include a statement of how the risk impacts the system.", - "type" : "string" }, - "statement" : - { "title" : "Risk Statement", - "description" : "An summary of impact for how the risk affects the system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "status" : - { "$ref" : "#field_oscal-assessment-common_risk-status" }, - "origins" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin" } }, - "threat-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-assessment-common_threat-id" } }, - "characterizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_characterization" } }, - "mitigating-factors" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Mitigating Factor", - "description" : "Describes an existing mitigating factor that may affect the overall determination of the risk, with an optional link to an implementation statement in the SSP.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Mitigating Factor Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "implementation-uuid" : - { "title" : "Implementation UUID", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Mitigating Factor Description", - "description" : "A human-readable description of this mitigating factor.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false } }, - "deadline" : - { "title" : "Risk Resolution Deadline", - "description" : "The date/time by which the risk must be resolved.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "remediations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_response" } }, - "risk-log" : - { "title" : "Risk Log", - "description" : "A log of all risk-related tasks taken.", - "type" : "object", - "properties" : - { "entries" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Risk Log Entry", - "description" : "Identifies an individual risk response that occurred as part of managing an identified risk.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Risk Log Entry Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Title", - "description" : "The title for this risk log entry.", - "type" : "string" }, - "description" : - { "title" : "Risk Task Description", - "description" : "A human-readable description of what was done regarding the risk.", - "type" : "string" }, - "start" : - { "title" : "Start", - "description" : "Identifies the start date and time of the event.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "end" : - { "title" : "End", - "description" : "Identifies the end date and time of the event. If the event is a point in time, the start and end will be the same date and time.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "logged-by" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_logged-by" } }, - "status-change" : - { "$ref" : "#field_oscal-assessment-common_risk-status" }, - "related-responses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Risk Response Reference", - "description" : "Identifies an individual risk response that this log entry is for.", - "type" : "object", - "properties" : - { "response-uuid" : - { "title" : "Response Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a unique risk response.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "related-tasks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_related-task" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "response-uuid" ], - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "start" ], - "additionalProperties" : false } } }, - "required" : - [ "entries" ], - "additionalProperties" : false }, - "related-observations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Related Observation", - "description" : "Relates the finding to a set of referenced observations that were used to determine the finding.", - "type" : "object", - "properties" : - { "observation-uuid" : - { "title" : "Observation Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "observation-uuid" ], - "additionalProperties" : false } } }, - "required" : - [ "uuid", - "title", - "description", - "statement", - "status" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:logged-by" : - { "title" : "Logged By", - "description" : "Used to indicate who created a log entry in what role.", - "$id" : "#assembly_oscal-assessment-common_logged-by", - "type" : "object", - "properties" : - { "party-uuid" : - { "title" : "Party UUID Reference", - "description" : "A machine-oriented identifier reference to the party who is making the log entry.", - "$ref" : "#/definitions/UUIDDatatype" }, - "role-id" : - { "title" : "Actor Role", - "description" : "A point to the role-id of the role in which the party is making the log entry.", - "$ref" : "#/definitions/TokenDatatype" } }, - "required" : - [ "party-uuid" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:risk-status" : - { "title" : "Risk Status", - "description" : "Describes the status of the associated risk.", - "$id" : "#field_oscal-assessment-common_risk-status", - "$ref" : "#/definitions/TokenDatatype" }, - "oscal-complete-oscal-assessment-common:characterization" : - { "title" : "Characterization", - "description" : "A collection of descriptive data about the containing object from a specific origin.", - "$id" : "#assembly_oscal-assessment-common_characterization", - "type" : "object", - "properties" : - { "props" : - { "type" : "array", + "title" : + { "title" : "Title Change", + "description" : "A name given to the control, which may be used by a tool for display and navigation.", + "type" : "string" }, + "params" : + { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", + { "$ref" : "#assembly_oscal-control-common_parameter" } }, + "props" : + { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "origin" : - { "$ref" : "#assembly_oscal-assessment-common_origin" }, - "facets" : - { "type" : "array", + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", "minItems" : 1, "items" : - { "title" : "Facet", - "description" : "An individual characteristic that is part of a larger set produced by the same actor.", - "type" : "object", - "properties" : - { "name" : - { "title" : "Facet Name", - "description" : "The name of the risk metric within the specified system.", - "$ref" : "#/definitions/TokenDatatype" }, - "system" : - { "title" : "Naming System", - "description" : "Specifies the naming system under which this risk metric is organized, which allows for the same names to be used in different systems controlled by different parties. This avoids the potential of a name clash.", - "$ref" : "#/definitions/URIDatatype" }, - "value" : - { "title" : "Facet Value", - "description" : "Indicates the value of the facet.", - "$ref" : "#/definitions/StringDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "name", - "system", - "value" ], - "additionalProperties" : false } } }, - "required" : - [ "origin", - "facets" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:response" : - { "title" : "Risk Response", - "description" : "Describes either recommended or an actual plan for addressing the risk.", - "$id" : "#assembly_oscal-assessment-common_response", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Remediation Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "lifecycle" : - { "title" : "Remediation Intent", - "description" : "Identifies whether this is a recommendation, such as from an assessor or tool, or an actual plan accepted by the system owner.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Response Title", - "description" : "The title for this response activity.", - "type" : "string" }, + { "$ref" : "#assembly_oscal-metadata_link" } }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_part" } } }, + "additionalProperties" : false } } }, + "required" : + [ "control-id" ], + "additionalProperties" : false } } }, + "additionalProperties" : false }, + "oscal-complete-oscal-profile:insert-controls" : + { "title" : "Select Controls", + "description" : "Specifies which controls to use in the containing context.", + "$id" : "#assembly_oscal-profile_insert-controls", + "type" : "object", + "properties" : + { "order" : + { "title" : "Order", + "description" : "A designation of how a selection of controls in a profile is to be ordered.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "keep", + "ascending", + "descending" ] } ] }, + "include-all" : + { "$ref" : "#assembly_oscal-control-common_include-all" }, + "include-controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-profile_select-control-by-id" } }, + "exclude-controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-profile_select-control-by-id" } } }, + "additionalProperties" : false }, + "oscal-complete-oscal-profile:select-control-by-id" : + { "title" : "Select Control", + "description" : "Select a control or controls from an imported control set.", + "$id" : "#assembly_oscal-profile_select-control-by-id", + "type" : "object", + "properties" : + { "with-child-controls" : + { "title" : "Include Contained Controls with Control", + "description" : "When a control is included, whether its child (dependent) controls are also included.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "yes", + "no" ] } ] }, + "with-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Match Controls by Identifier", + "description" : "Selecting a control by its ID given as a literal.", + "$ref" : "#/definitions/TokenDatatype" } }, + "matching" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Match Controls by Pattern", + "description" : "Selecting a set of controls by matching their IDs with a wildcard pattern.", + "type" : "object", + "properties" : + { "pattern" : + { "title" : "Pattern", + "description" : "A glob expression matching the IDs of one or more controls to be selected.", + "$ref" : "#/definitions/StringDatatype" } }, + "additionalProperties" : false } } }, + "additionalProperties" : false }, + "oscal-complete-oscal-component-definition:component-definition" : + { "title" : "Component Definition", + "description" : "A collection of component descriptions, which may optionally be grouped by capability.", + "$id" : "#assembly_oscal-component-definition_component-definition", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Component Definition Universally Unique Identifier", + "description" : "Provides a globally unique means to identify a given component definition instance.", + "$ref" : "#/definitions/UUIDDatatype" }, + "metadata" : + { "$ref" : "#assembly_oscal-metadata_metadata" }, + "import-component-definitions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-component-definition_import-component-definition" } }, + "components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-component-definition_defined-component" } }, + "capabilities" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-component-definition_capability" } }, + "back-matter" : + { "$ref" : "#assembly_oscal-metadata_back-matter" } }, + "required" : + [ "uuid", + "metadata" ], + "additionalProperties" : false }, + "oscal-complete-oscal-component-definition:import-component-definition" : + { "title" : "Import Component Definition", + "description" : "Loads a component definition from another resource.", + "$id" : "#assembly_oscal-component-definition_import-component-definition", + "type" : "object", + "properties" : + { "href" : + { "title" : "Hyperlink Reference", + "description" : "A link to a resource that defines a set of components and/or capabilities to import into this collection.", + "$ref" : "#/definitions/URIReferenceDatatype" } }, + "required" : + [ "href" ], + "additionalProperties" : false }, + "oscal-complete-oscal-component-definition:defined-component" : + { "title" : "Component", + "description" : "A defined component that can be part of an implemented system.", + "$id" : "#assembly_oscal-component-definition_defined-component", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Component Identifier", + "description" : "Provides a globally unique means to identify a given component.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Component Type", + "description" : "A category describing the purpose of the component.", + "$ref" : "#/definitions/StringDatatype" }, + "title" : + { "title" : "Component Title", + "description" : "A human readable name for the component.", + "type" : "string" }, + "description" : + { "title" : "Component Description", + "description" : "A description of the component, including information about its function.", + "type" : "string" }, + "purpose" : + { "title" : "Purpose", + "description" : "A summary of the technological or business purpose of the component.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "protocols" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_protocol" } }, + "control-implementations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-component-definition_control-implementation" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "title", + "description" ], + "additionalProperties" : false }, + "oscal-complete-oscal-component-definition:capability" : + { "title" : "Capability", + "description" : "A grouping of other components and/or capabilities.", + "$id" : "#assembly_oscal-component-definition_capability", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Capability Identifier", + "description" : "Provides a globally unique means to identify a given capability.", + "$ref" : "#/definitions/UUIDDatatype" }, + "name" : + { "title" : "Capability Name", + "description" : "The capability's human-readable name.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "Capability Description", + "description" : "A summary of the capability.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "incorporates-components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-component-definition_incorporates-component" } }, + "control-implementations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-component-definition_control-implementation" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "name", + "description" ], + "additionalProperties" : false }, + "oscal-complete-oscal-component-definition:incorporates-component" : + { "title" : "Incorporates Component", + "description" : "The collection of components comprising this capability.", + "$id" : "#assembly_oscal-component-definition_incorporates-component", + "type" : "object", + "properties" : + { "component-uuid" : + { "title" : "Component Reference", + "description" : "A machine-oriented identifier reference to a component.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Component Description", + "description" : "A description of the component, including information about its function.", + "type" : "string" } }, + "required" : + [ "component-uuid", + "description" ], + "additionalProperties" : false }, + "oscal-complete-oscal-component-definition:control-implementation" : + { "title" : "Control Implementation Set", + "description" : "Defines how the component or capability supports a set of controls.", + "$id" : "#assembly_oscal-component-definition_control-implementation", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Control Implementation Set Identifier", + "description" : "Provides a means to identify a set of control implementations that are supported by a given component or capability.", + "$ref" : "#/definitions/UUIDDatatype" }, + "source" : + { "title" : "Source Resource Reference", + "description" : "A reference to an OSCAL catalog or profile providing the referenced control or subcontrol definition.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "description" : + { "title" : "Control Implementation Description", + "description" : "A description of how the specified set of controls are implemented for the containing component or capability.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "set-parameters" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_set-parameter" } }, + "implemented-requirements" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-component-definition_implemented-requirement" } } }, + "required" : + [ "uuid", + "source", + "description", + "implemented-requirements" ], + "additionalProperties" : false }, + "oscal-complete-oscal-component-definition:implemented-requirement" : + { "title" : "Control Implementation", + "description" : "Describes how the containing component or capability implements an individual control.", + "$id" : "#assembly_oscal-component-definition_implemented-requirement", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Control Implementation Identifier", + "description" : "Provides a globally unique means to identify a given control implementation by a component.", + "$ref" : "#/definitions/UUIDDatatype" }, + "control-id" : + { "title" : "Control Identifier Reference", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "$ref" : "#/definitions/TokenDatatype" }, + "description" : + { "title" : "Control Implementation Description", + "description" : "A suggestion from the supplier (e.g., component vendor or author) for how the specified control may be implemented if the containing component or capability is instantiated in a system security plan.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "set-parameters" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_set-parameter" } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "statements" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-component-definition_statement" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "control-id", + "description" ], + "additionalProperties" : false }, + "oscal-complete-oscal-component-definition:statement" : + { "title" : "Control Statement Implementation", + "description" : "Identifies which statements within a control are addressed.", + "$id" : "#assembly_oscal-component-definition_statement", + "type" : "object", + "properties" : + { "statement-id" : + { "title" : "Control Statement Reference", + "description" : "A human-oriented identifier reference to a control statement.", + "$ref" : "#/definitions/TokenDatatype" }, + "uuid" : + { "title" : "Control Statement Reference Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Statement Implementation Description", + "description" : "A summary of how the containing control statement is implemented by the component or capability.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "statement-id", + "uuid", + "description" ], + "additionalProperties" : false }, + "oscal-complete-oscal-implementation-common:system-component" : + { "title" : "Component", + "description" : "A defined component that can be part of an implemented system.", + "$id" : "#assembly_oscal-implementation-common_system-component", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Component Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Component Type", + "description" : "A category describing the purpose of the component.", + "$ref" : "#/definitions/StringDatatype" }, + "title" : + { "title" : "Component Title", + "description" : "A human readable name for the system component.", + "type" : "string" }, + "description" : + { "title" : "Component Description", + "description" : "A description of the component, including information about its function.", + "type" : "string" }, + "purpose" : + { "title" : "Purpose", + "description" : "A summary of the technological or business purpose of the component.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "status" : + { "title" : "Status", + "description" : "Describes the operational status of the system component.", + "type" : "object", + "properties" : + { "state" : + { "title" : "State", + "description" : "The operational status.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "under-development", + "operational", + "disposition", + "other" ] } ] }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "state" ], + "additionalProperties" : false }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "protocols" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_protocol" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "title", + "description", + "status" ], + "additionalProperties" : false }, + "oscal-complete-oscal-implementation-common:protocol" : + { "title" : "Service Protocol Information", + "description" : "Information about the protocol used to provide a service.", + "$id" : "#assembly_oscal-implementation-common_protocol", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Service Protocol Information Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "name" : + { "title" : "Protocol Name", + "description" : "The common name of the protocol, which should be the appropriate \"service name\" from the IANA Service Name and Transport Protocol Port Number Registry.", + "$ref" : "#/definitions/StringDatatype" }, + "title" : + { "title" : "Protocol Title", + "description" : "A human readable name for the protocol (e.g., Transport Layer Security).", + "type" : "string" }, + "port-ranges" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_port-range" } } }, + "required" : + [ "name" ], + "additionalProperties" : false }, + "oscal-complete-oscal-implementation-common:port-range" : + { "title" : "Port Range", + "description" : "Where applicable this is the IPv4 port range on which the service operates.", + "$id" : "#assembly_oscal-implementation-common_port-range", + "type" : "object", + "properties" : + { "start" : + { "title" : "Start", + "description" : "Indicates the starting port number in a port range", + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, + "end" : + { "title" : "End", + "description" : "Indicates the ending port number in a port range", + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, + "transport" : + { "title" : "Transport", + "description" : "Indicates the transport type.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "TCP", + "UDP" ] } ] } }, + "additionalProperties" : false }, + "oscal-complete-oscal-implementation-common:implementation-status" : + { "title" : "Implementation Status", + "description" : "Indicates the degree to which the a given control is implemented.", + "$id" : "#assembly_oscal-implementation-common_implementation-status", + "type" : "object", + "properties" : + { "state" : + { "title" : "Implementation State", + "description" : "Identifies the implementation status of the control or control objective.", + "$ref" : "#/definitions/TokenDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "state" ], + "additionalProperties" : false }, + "oscal-complete-oscal-implementation-common:system-user" : + { "title" : "System User", + "description" : "A type of user that interacts with the system based on an associated role.", + "$id" : "#assembly_oscal-implementation-common_system-user", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "User Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "User Title", + "description" : "A name given to the user, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "User Short Name", + "description" : "A short common name, abbreviation, or acronym for the user.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "User Description", + "description" : "A summary of the user's purpose within the system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "role-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_role-id" } }, + "authorized-privileges" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_authorized-privilege" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false }, + "oscal-complete-oscal-implementation-common:authorized-privilege" : + { "title" : "Privilege", + "description" : "Identifies a specific system privilege held by the user, along with an associated description and/or rationale for the privilege.", + "$id" : "#assembly_oscal-implementation-common_authorized-privilege", + "type" : "object", + "properties" : + { "title" : + { "title" : "Privilege Title", + "description" : "A human readable name for the privilege.", + "type" : "string" }, + "description" : + { "title" : "Privilege Description", + "description" : "A summary of the privilege's purpose within the system.", + "type" : "string" }, + "functions-performed" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-implementation-common_function-performed" } } }, + "required" : + [ "title", + "functions-performed" ], + "additionalProperties" : false }, + "oscal-complete-oscal-implementation-common:function-performed" : + { "title" : "Functions Performed", + "description" : "Describes a function performed for a given authorized privilege by this user class.", + "$id" : "#field_oscal-implementation-common_function-performed", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-complete-oscal-implementation-common:inventory-item" : + { "title" : "Inventory Item", + "description" : "A single managed inventory item within the system.", + "$id" : "#assembly_oscal-implementation-common_inventory-item", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Inventory Item Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Inventory Item Description", + "description" : "A summary of the inventory item stating its purpose within the system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "implemented-components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Implemented Component", + "description" : "The set of components that are implemented in a given system inventory item.", + "type" : "object", + "properties" : + { "component-uuid" : + { "title" : "Component Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", + "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "component-uuid" ], + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false }, + "oscal-complete-oscal-implementation-common:set-parameter" : + { "title" : "Set Parameter Value", + "description" : "Identifies the parameter that will be set by the enclosed value.", + "$id" : "#assembly_oscal-implementation-common_set-parameter", + "type" : "object", + "properties" : + { "param-id" : + { "title" : "Parameter ID", + "description" : "A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context.", + "$ref" : "#/definitions/TokenDatatype" }, + "values" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Parameter Value", + "description" : "A parameter value or set of values.", + "$ref" : "#/definitions/StringDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "param-id", + "values" ], + "additionalProperties" : false }, + "oscal-complete-oscal-implementation-common:system-id" : + { "title" : "System Identification", + "description" : "A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document.", + "$id" : "#field_oscal-implementation-common_system-id", + "type" : "object", + "properties" : + { "identifier-type" : + { "title" : "Identification System Type", + "description" : "Identifies the identification system from which the provided identifier was assigned.", + "$ref" : "#/definitions/URIDatatype" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id" ], + "additionalProperties" : false }, + "oscal-complete-oscal-ssp:system-security-plan" : + { "title" : "System Security Plan (SSP)", + "description" : "A system security plan, such as those described in NIST SP 800-18.", + "$id" : "#assembly_oscal-ssp_system-security-plan", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "System Security Plan Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this system security plan (SSP) elsewhere in this or other OSCAL instances. The locally defined UUID of the SSP can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "metadata" : + { "$ref" : "#assembly_oscal-metadata_metadata" }, + "import-profile" : + { "$ref" : "#assembly_oscal-ssp_import-profile" }, + "system-characteristics" : + { "$ref" : "#assembly_oscal-ssp_system-characteristics" }, + "system-implementation" : + { "$ref" : "#assembly_oscal-ssp_system-implementation" }, + "control-implementation" : + { "$ref" : "#assembly_oscal-ssp_control-implementation" }, + "back-matter" : + { "$ref" : "#assembly_oscal-metadata_back-matter" } }, + "required" : + [ "uuid", + "metadata", + "import-profile", + "system-characteristics", + "system-implementation", + "control-implementation" ], + "additionalProperties" : false }, + "oscal-complete-oscal-ssp:import-profile" : + { "title" : "Import Profile", + "description" : "Used to import the OSCAL profile representing the system's control baseline.", + "$id" : "#assembly_oscal-ssp_import-profile", + "type" : "object", + "properties" : + { "href" : + { "title" : "Profile Reference", + "description" : "A resolvable URL reference to the profile or catalog to use as the system's control baseline.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "href" ], + "additionalProperties" : false }, + "oscal-complete-oscal-ssp:system-characteristics" : + { "title" : "System Characteristics", + "description" : "Contains the characteristics of the system, such as its name, purpose, and security impact level.", + "$id" : "#assembly_oscal-ssp_system-characteristics", + "type" : "object", + "properties" : + { "system-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-implementation-common_system-id" } }, + "system-name" : + { "title" : "System Name - Full", + "description" : "The full name of the system.", + "$ref" : "#/definitions/StringDatatype" }, + "system-name-short" : + { "title" : "System Name - Short", + "description" : "A short name for the system, such as an acronym, that is suitable for display in a data table or summary list.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "System Description", + "description" : "A summary of the system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "date-authorized" : + { "$ref" : "#field_oscal-ssp_date-authorized" }, + "security-sensitivity-level" : + { "title" : "Security Sensitivity Level", + "description" : "The overall information system sensitivity categorization, such as defined by FIPS-199.", + "$ref" : "#/definitions/StringDatatype" }, + "system-information" : + { "$ref" : "#assembly_oscal-ssp_system-information" }, + "security-impact-level" : + { "$ref" : "#assembly_oscal-ssp_security-impact-level" }, + "status" : + { "$ref" : "#assembly_oscal-ssp_status" }, + "authorization-boundary" : + { "$ref" : "#assembly_oscal-ssp_authorization-boundary" }, + "network-architecture" : + { "$ref" : "#assembly_oscal-ssp_network-architecture" }, + "data-flow" : + { "$ref" : "#assembly_oscal-ssp_data-flow" }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "system-ids", + "system-name", + "description", + "security-sensitivity-level", + "system-information", + "security-impact-level", + "status", + "authorization-boundary" ], + "additionalProperties" : false }, + "oscal-complete-oscal-ssp:system-information" : + { "title" : "System Information", + "description" : "Contains details about all information types that are stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60.", + "$id" : "#assembly_oscal-ssp_system-information", + "type" : "object", + "properties" : + { "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "information-types" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Information Type", + "description" : "Contains details about one information type that is stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Information Type Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this information type elsewhere in this or other OSCAL instances. The locally defined UUID of the information type can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "title field", + "description" : "A human readable name for the information type. This title should be meaningful within the context of the system.", + "type" : "string" }, + "description" : + { "title" : "Information Type Description", + "description" : "A summary of how this information type is used within the system.", + "type" : "string" }, + "categorizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Information Type Categorization", + "description" : "A set of information type identifiers qualified by the given identification system used, such as NIST SP 800-60.", + "type" : "object", + "properties" : + { "system" : + { "title" : "Information Type Identification System", + "description" : "Specifies the information type identification system used.", + "$ref" : "#/definitions/URIDatatype" }, + "information-type-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Information Type Systematized Identifier", + "description" : "A human-oriented, globally unique identifier qualified by the given identification system used, such as NIST SP 800-60. This identifier has cross-instance scope and can be used to reference this system elsewhere in this or other OSCAL instances. This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/StringDatatype" } } }, + "required" : + [ "system" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "confidentiality-impact" : + { "$ref" : "#assembly_oscal-ssp_impact" }, + "integrity-impact" : + { "$ref" : "#assembly_oscal-ssp_impact" }, + "availability-impact" : + { "$ref" : "#assembly_oscal-ssp_impact" } }, + "required" : + [ "title", + "description" ], + "additionalProperties" : false } } }, + "required" : + [ "information-types" ], + "additionalProperties" : false }, + "oscal-complete-oscal-ssp:impact" : + { "title" : "Impact Level", + "description" : "The expected level of impact resulting from the described information.", + "$id" : "#assembly_oscal-ssp_impact", + "type" : "object", + "properties" : + { "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "base" : + { "$ref" : "#field_oscal-ssp_base" }, + "selected" : + { "$ref" : "#field_oscal-ssp_selected" }, + "adjustment-justification" : + { "$ref" : "#field_oscal-ssp_adjustment-justification" } }, + "required" : + [ "base" ], + "additionalProperties" : false }, + "oscal-complete-oscal-ssp:base" : + { "title" : "Base Level (Confidentiality, Integrity, or Availability)", + "description" : "The prescribed base (Confidentiality, Integrity, or Availability) security impact level.", + "$id" : "#field_oscal-ssp_base", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-complete-oscal-ssp:selected" : + { "title" : "Selected Level (Confidentiality, Integrity, or Availability)", + "description" : "The selected (Confidentiality, Integrity, or Availability) security impact level.", + "$id" : "#field_oscal-ssp_selected", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-complete-oscal-ssp:adjustment-justification" : + { "title" : "Adjustment Justification", + "description" : "If the selected security level is different from the base security level, this contains the justification for the change.", + "$id" : "#field_oscal-ssp_adjustment-justification", + "type" : "string" }, + "oscal-complete-oscal-ssp:security-impact-level" : + { "title" : "Security Impact Level", + "description" : "The overall level of expected impact resulting from unauthorized disclosure, modification, or loss of access to information.", + "$id" : "#assembly_oscal-ssp_security-impact-level", + "type" : "object", + "properties" : + { "security-objective-confidentiality" : + { "title" : "Security Objective: Confidentiality", + "description" : "A target-level of confidentiality for the system, based on the sensitivity of information within the system.", + "$ref" : "#/definitions/StringDatatype" }, + "security-objective-integrity" : + { "title" : "Security Objective: Integrity", + "description" : "A target-level of integrity for the system, based on the sensitivity of information within the system.", + "$ref" : "#/definitions/StringDatatype" }, + "security-objective-availability" : + { "title" : "Security Objective: Availability", + "description" : "A target-level of availability for the system, based on the sensitivity of information within the system.", + "$ref" : "#/definitions/StringDatatype" } }, + "required" : + [ "security-objective-confidentiality", + "security-objective-integrity", + "security-objective-availability" ], + "additionalProperties" : false }, + "oscal-complete-oscal-ssp:status" : + { "title" : "Status", + "description" : "Describes the operational status of the system.", + "$id" : "#assembly_oscal-ssp_status", + "type" : "object", + "properties" : + { "state" : + { "title" : "State", + "description" : "The current operating status.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "operational", + "under-development", + "under-major-modification", + "disposition", + "other" ] } ] }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "state" ], + "additionalProperties" : false }, + "oscal-complete-oscal-ssp:date-authorized" : + { "title" : "System Authorization Date", + "description" : "The date the system received its authorization.", + "$id" : "#field_oscal-ssp_date-authorized", + "$ref" : "#/definitions/DateDatatype" }, + "oscal-complete-oscal-ssp:authorization-boundary" : + { "title" : "Authorization Boundary", + "description" : "A description of this system's authorization boundary, optionally supplemented by diagrams that illustrate the authorization boundary.", + "$id" : "#assembly_oscal-ssp_authorization-boundary", + "type" : "object", + "properties" : + { "description" : + { "title" : "Authorization Boundary Description", + "description" : "A summary of the system's authorization boundary.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "diagrams" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-ssp_diagram" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "description" ], + "additionalProperties" : false }, + "oscal-complete-oscal-ssp:diagram" : + { "title" : "Diagram", + "description" : "A graphic that provides a visual representation the system, or some aspect of it.", + "$id" : "#assembly_oscal-ssp_diagram", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Diagram ID", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this diagram elsewhere in this or other OSCAL instances. The locally defined UUID of the diagram can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Diagram Description", + "description" : "A summary of the diagram.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "caption" : + { "title" : "Caption", + "description" : "A brief caption to annotate the diagram.", + "type" : "string" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false }, + "oscal-complete-oscal-ssp:network-architecture" : + { "title" : "Network Architecture", + "description" : "A description of the system's network architecture, optionally supplemented by diagrams that illustrate the network architecture.", + "$id" : "#assembly_oscal-ssp_network-architecture", + "type" : "object", + "properties" : + { "description" : + { "title" : "Network Architecture Description", + "description" : "A summary of the system's network architecture.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "diagrams" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-ssp_diagram" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "description" ], + "additionalProperties" : false }, + "oscal-complete-oscal-ssp:data-flow" : + { "title" : "Data Flow", + "description" : "A description of the logical flow of information within the system and across its boundaries, optionally supplemented by diagrams that illustrate these flows.", + "$id" : "#assembly_oscal-ssp_data-flow", + "type" : "object", + "properties" : + { "description" : + { "title" : "Data Flow Description", + "description" : "A summary of the system's data flow.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "diagrams" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-ssp_diagram" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "description" ], + "additionalProperties" : false }, + "oscal-complete-oscal-ssp:system-implementation" : + { "title" : "System Implementation", + "description" : "Provides information as to how the system is implemented.", + "$id" : "#assembly_oscal-ssp_system-implementation", + "type" : "object", + "properties" : + { "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "leveraged-authorizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Leveraged Authorization", + "description" : "A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a common control provider.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Leveraged Authorization Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope and can be used to reference this leveraged authorization elsewhere in this or other OSCAL instances. The locally defined UUID of the leveraged authorization can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "title field", + "description" : "A human readable name for the leveraged authorization in the context of the system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "party-uuid" : + { "title" : "party-uuid field", + "description" : "A machine-oriented identifier reference to the party that manages the leveraged system.", + "$ref" : "#/definitions/UUIDDatatype" }, + "date-authorized" : + { "$ref" : "#field_oscal-ssp_date-authorized" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "title", + "party-uuid", + "date-authorized" ], + "additionalProperties" : false } }, + "users" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_system-user" } }, + "components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, + "inventory-items" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_inventory-item" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "users", + "components" ], + "additionalProperties" : false }, + "oscal-complete-oscal-ssp:control-implementation" : + { "title" : "Control Implementation", + "description" : "Describes how the system satisfies a set of controls.", + "$id" : "#assembly_oscal-ssp_control-implementation", + "type" : "object", + "properties" : + { "description" : + { "title" : "Control Implementation Description", + "description" : "A statement describing important things to know about how this set of control satisfaction documentation is approached.", + "type" : "string" }, + "set-parameters" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_set-parameter" } }, + "implemented-requirements" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-ssp_implemented-requirement" } } }, + "required" : + [ "description", + "implemented-requirements" ], + "additionalProperties" : false }, + "oscal-complete-oscal-ssp:implemented-requirement" : + { "title" : "Control-based Requirement", + "description" : "Describes how the system satisfies the requirements of an individual control.", + "$id" : "#assembly_oscal-ssp_implemented-requirement", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Control Requirement Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control requirement elsewhere in this or other OSCAL instances. The locally defined UUID of the control requirement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "control-id" : + { "title" : "Control Identifier Reference", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "set-parameters" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_set-parameter" } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "statements" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-ssp_statement" } }, + "by-components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-ssp_by-component" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "control-id" ], + "additionalProperties" : false }, + "oscal-complete-oscal-ssp:statement" : + { "title" : "Specific Control Statement", + "description" : "Identifies which statements within a control are addressed.", + "$id" : "#assembly_oscal-ssp_statement", + "type" : "object", + "properties" : + { "statement-id" : + { "title" : "Control Statement Reference", + "description" : "A human-oriented identifier reference to a control statement.", + "$ref" : "#/definitions/TokenDatatype" }, + "uuid" : + { "title" : "Control Statement Reference Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "by-components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-ssp_by-component" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "statement-id", + "uuid" ], + "additionalProperties" : false }, + "oscal-complete-oscal-ssp:by-component" : + { "title" : "Component Control Implementation", + "description" : "Defines how the referenced component implements a set of controls.", + "$id" : "#assembly_oscal-ssp_by-component", + "type" : "object", + "properties" : + { "component-uuid" : + { "title" : "Component Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to the component that is implemeting a given control.", + "$ref" : "#/definitions/UUIDDatatype" }, + "uuid" : + { "title" : "By-Component Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this by-component entry elsewhere in this or other OSCAL instances. The locally defined UUID of the by-component entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Control Implementation Description", + "description" : "An implementation statement that describes how a control or a control statement is implemented within the referenced system component.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "set-parameters" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_set-parameter" } }, + "implementation-status" : + { "$ref" : "#assembly_oscal-implementation-common_implementation-status" }, + "export" : + { "title" : "Export", + "description" : "Identifies content intended for external consumption, such as with leveraged organizations.", + "type" : "object", + "properties" : + { "description" : + { "title" : "Control Implementation Export Description", + "description" : "An implementation statement that describes the aspects of the control or control statement implementation that can be available to another system leveraging this system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "provided" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Provided Control Implementation", + "description" : "Describes a capability which may be inherited by a leveraging system.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Provided Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this provided entry elsewhere in this or other OSCAL instances. The locally defined UUID of the provided entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, "description" : - { "title" : "Response Description", - "description" : "A human-readable description of this response plan.", - "type" : "string" }, + { "title" : "Provided Control Implementation Description", + "description" : "An implementation statement that describes the aspects of the control or control statement implementation that can be provided to another system leveraging this system.", + "type" : "string" }, "props" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, "links" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "origins" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin" } }, - "required-assets" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Required Asset", - "description" : "Identifies an asset required to achieve remediation.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Required Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } }, - "title" : - { "title" : "Title for Required Asset", - "description" : "The title for this required asset.", - "type" : "string" }, - "description" : - { "title" : "Description of Required Asset", - "description" : "A human-readable description of this required asset.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false } }, - "tasks" : + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-roles" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_task" } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "lifecycle", - "title", + "required" : + [ "uuid", "description" ], - "additionalProperties" : false }, - "oscal-complete-oscal-assessment-common:assessment-part" : - { "title" : "Assessment Part", - "description" : "A partition of an assessment plan or results or a child of another part.", - "$id" : "#assembly_oscal-assessment-common_assessment-part", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Part Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "name" : - { "title" : "Part Name", - "description" : "A textual label that uniquely identifies the part's semantic type.", - "$ref" : "#/definitions/TokenDatatype" }, - "ns" : - { "title" : "Part Namespace", - "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", - "$ref" : "#/definitions/URIDatatype" }, - "class" : - { "title" : "Part Class", - "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Part Title", - "description" : "A name given to the part, which may be used by a tool for display and navigation.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "prose" : - { "title" : "Part Text", - "description" : "Permits multiple paragraphs, lists, tables etc.", - "type" : "string" }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-part" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "name" ], - "additionalProperties" : false }, - "oscal-complete-oscal-ar:assessment-results" : - { "title" : "Security Assessment Results (SAR)", - "description" : "Security assessment results, such as those provided by a FedRAMP assessor in the FedRAMP Security Assessment Report.", - "$id" : "#assembly_oscal-ar_assessment-results", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Assessment Results Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment results instance in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "metadata" : - { "$ref" : "#assembly_oscal-metadata_metadata" }, - "import-ap" : - { "$ref" : "#assembly_oscal-ar_import-ap" }, - "local-definitions" : - { "title" : "Local Definitions", - "description" : "Used to define data objects that are used in the assessment plan, that do not appear in the referenced SSP.", - "type" : "object", - "properties" : - { "objectives-and-methods" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_local-objective" } }, - "activities" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_activity" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "additionalProperties" : false }, - "results" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-ar_result" } }, - "back-matter" : - { "$ref" : "#assembly_oscal-metadata_back-matter" } }, - "required" : - [ "uuid", - "metadata", - "import-ap", - "results" ], - "additionalProperties" : false }, - "oscal-complete-oscal-ar:result" : - { "title" : "Assessment Result", - "description" : "Used by the assessment results and POA&M. In the assessment results, this identifies all of the assessment observations and findings, initial and residual risks, deviations, and disposition. In the POA&M, this identifies initial and residual risks, deviations, and disposition.", - "$id" : "#assembly_oscal-ar_result", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Results Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this set of results in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Results Title", - "description" : "The title for this set of results.", - "type" : "string" }, + "additionalProperties" : false } }, + "responsibilities" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Control Implementation Responsibility", + "description" : "Describes a control implementation responsibility imposed on a leveraging system.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Responsibility Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this responsibility elsewhere in this or other OSCAL instances. The locally defined UUID of the responsibility can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "provided-uuid" : + { "title" : "Provided UUID", + "description" : "A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system.", + "$ref" : "#/definitions/UUIDDatatype" }, "description" : - { "title" : "Results Description", - "description" : "A human-readable description of this set of test results.", - "type" : "string" }, - "start" : - { "title" : "start field", - "description" : "Date/time stamp identifying the start of the evidence collection reflected in these results.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "end" : - { "title" : "end field", - "description" : "Date/time stamp identifying the end of the evidence collection reflected in these results. In a continuous motoring scenario, this may contain the same value as start if appropriate.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + { "title" : "Control Implementation Responsibility Description", + "description" : "An implementation statement that describes the aspects of the control or control statement implementation that a leveraging system must implement to satisfy the control provided by a leveraged system.", + "type" : "string" }, "props" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, "links" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "local-definitions" : - { "title" : "Local Definitions", - "description" : "Used to define data objects that are used in the assessment plan, that do not appear in the referenced SSP.", - "type" : "object", - "properties" : - { "components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, - "inventory-items" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_inventory-item" } }, - "users" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_system-user" } }, - "assessment-assets" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-assets" }, - "tasks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_task" } } }, - "additionalProperties" : false }, - "reviewed-controls" : - { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, - "attestations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Attestation Statements", - "description" : "A set of textual statements, typically written by the assessor.", - "type" : "object", - "properties" : - { "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-part" } } }, - "required" : - [ "parts" ], - "additionalProperties" : false } }, - "assessment-log" : - { "title" : "Assessment Log", - "description" : "A log of all assessment-related actions taken.", - "type" : "object", - "properties" : - { "entries" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Assessment Log Entry", - "description" : "Identifies the result of an action and/or task that occurred as part of executing an assessment plan or an assessment event that occurred in producing the assessment results.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Assessment Log Entry Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference an assessment event in this or other OSCAL instances. The locally defined UUID of the assessment log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Action Title", - "description" : "The title for this event.", - "type" : "string" }, - "description" : - { "title" : "Action Description", - "description" : "A human-readable description of this event.", - "type" : "string" }, - "start" : - { "title" : "Start", - "description" : "Identifies the start date and time of an event.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "end" : - { "title" : "End", - "description" : "Identifies the end date and time of an event. If the event is a point in time, the start and end will be the same date and time.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "logged-by" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_logged-by" } }, - "related-tasks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_related-task" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "start" ], - "additionalProperties" : false } } }, - "required" : - [ "entries" ], - "additionalProperties" : false }, - "observations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_observation" } }, - "risks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_risk" } }, - "findings" : + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-roles" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_finding" } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "additionalProperties" : false }, + "inherited" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Inherited Control Implementation", + "description" : "Describes a control implementation inherited by a leveraging system.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Inherited Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inherited entry elsewhere in this or other OSCAL instances. The locally defined UUID of the inherited control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "provided-uuid" : + { "title" : "Provided UUID", + "description" : "A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Inherited Control Implementation Description", + "description" : "An implementation statement that describes the aspects of a control or control statement implementation that a leveraging system is inheriting from a leveraged system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false } }, + "satisfied" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Satisfied Control Implementation Responsibility", + "description" : "Describes how this system satisfies a responsibility imposed by a leveraged system.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Satisfied Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this satisfied control implementation entry elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "responsibility-uuid" : + { "title" : "Responsibility UUID", + "description" : "A machine-oriented identifier reference to a control implementation that satisfies a responsibility imposed by a leveraged system.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Satisfied Control Implementation Responsibility Description", + "description" : "An implementation statement that describes the aspects of a control or control statement implementation that a leveraging system is implementing based on a requirement from a leveraged system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "component-uuid", + "uuid", + "description" ], + "additionalProperties" : false }, + "oscal-complete-oscal-ap:assessment-plan" : + { "title" : "Security Assessment Plan (SAP)", + "description" : "An assessment plan, such as those provided by a FedRAMP assessor.", + "$id" : "#assembly_oscal-ap_assessment-plan", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Assessment Plan Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment plan in this or other OSCAL instances. The locally defined UUID of the assessment plan can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "metadata" : + { "$ref" : "#assembly_oscal-metadata_metadata" }, + "import-ssp" : + { "$ref" : "#assembly_oscal-assessment-common_import-ssp" }, + "local-definitions" : + { "title" : "Local Definitions", + "description" : "Used to define data objects that are used in the assessment plan, that do not appear in the referenced SSP.", + "type" : "object", + "properties" : + { "components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, + "inventory-items" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_inventory-item" } }, + "users" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_system-user" } }, + "objectives-and-methods" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_local-objective" } }, + "activities" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_activity" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "additionalProperties" : false }, + "terms-and-conditions" : + { "title" : "Assessment Plan Terms and Conditions", + "description" : "Used to define various terms and conditions under which an assessment, described by the plan, can be performed. Each child part defines a different type of term or condition.", + "type" : "object", + "properties" : + { "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-part" } } }, + "additionalProperties" : false }, + "reviewed-controls" : + { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, + "assessment-subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, + "assessment-assets" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-assets" }, + "tasks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_task" } }, + "back-matter" : + { "$ref" : "#assembly_oscal-metadata_back-matter" } }, + "required" : + [ "uuid", + "metadata", + "import-ssp", + "reviewed-controls" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:import-ssp" : + { "title" : "Import System Security Plan", + "description" : "Used by the assessment plan and POA&M to import information about the system.", + "$id" : "#assembly_oscal-assessment-common_import-ssp", + "type" : "object", + "properties" : + { "href" : + { "title" : "System Security Plan Reference", + "description" : "A resolvable URL reference to the system security plan for the system being assessed.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "href" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:local-objective" : + { "title" : "Assessment-Specific Control Objective", + "description" : "A local definition of a control objective for this assessment. Uses catalog syntax for control objective and assessment actions.", + "$id" : "#assembly_oscal-assessment-common_local-objective", + "type" : "object", + "properties" : + { "control-id" : + { "title" : "Control Identifier Reference", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "$ref" : "#/definitions/TokenDatatype" }, + "description" : + { "title" : "Objective Description", + "description" : "A human-readable description of this control objective.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_part" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "control-id", + "parts" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:assessment-method" : + { "title" : "Assessment Method", + "description" : "A local definition of a control objective. Uses catalog syntax for control objective and assessment activities.", + "$id" : "#assembly_oscal-assessment-common_assessment-method", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Assessment Method Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Assessment Method Description", + "description" : "A human-readable description of this assessment method.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "part" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-part" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "part" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:activity" : + { "title" : "Activity", + "description" : "Identifies an assessment or related process that can be performed. In the assessment plan, this is an intended activity which may be associated with an assessment task. In the assessment results, this an activity that was actually performed as part of an assessment.", + "$id" : "#assembly_oscal-assessment-common_activity", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Assessment Activity Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Included Activity Title", + "description" : "The title for this included activity.", + "type" : "string" }, + "description" : + { "title" : "Included Activity Description", + "description" : "A human-readable description of this included activity.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "steps" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Step", + "description" : "Identifies an individual step in a series of steps related to an activity, such as an assessment test or examination procedure.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Step Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Step Title", + "description" : "The title for this step.", + "type" : "string" }, + "description" : + { "title" : "Step Description", + "description" : "A human-readable description of this step.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "reviewed-controls" : + { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false } }, + "related-controls" : + { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:task" : + { "title" : "Task", + "description" : "Represents a scheduled event or milestone, which may be associated with a series of assessment actions.", + "$id" : "#assembly_oscal-assessment-common_task", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Task Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Task Type", + "description" : "The type of task.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Task Title", + "description" : "The title for this task.", + "type" : "string" }, + "description" : + { "title" : "Task Description", + "description" : "A human-readable description of this task.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "timing" : + { "title" : "Event Timing", + "description" : "The timing under which the task is intended to occur.", + "type" : "object", + "properties" : + { "on-date" : + { "title" : "On Date Condition", + "description" : "The task is intended to occur on the specified date.", + "type" : "object", + "properties" : + { "date" : + { "title" : "On Date Condition", + "description" : "The task must occur on the specified date.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, "required" : - [ "uuid", - "title", - "description", - "start", - "reviewed-controls" ], + [ "date" ], "additionalProperties" : false }, - "oscal-complete-oscal-ar:import-ap" : - { "title" : "Import Assessment Plan", - "description" : "Used by assessment-results to import information about the original plan for assessing the system.", - "$id" : "#assembly_oscal-ar_import-ap", + "within-date-range" : + { "title" : "On Date Range Condition", + "description" : "The task is intended to occur within the specified date range.", "type" : "object", "properties" : - { "href" : - { "title" : "Assessment Plan Reference", - "description" : "A resolvable URL reference to the assessment plan governing the assessment activities.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, + { "start" : + { "title" : "Start Date Condition", + "description" : "The task must occur on or after the specified date.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "end" : + { "title" : "End Date Condition", + "description" : "The task must occur on or before the specified date.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, "required" : - [ "href" ], + [ "start", + "end" ], "additionalProperties" : false }, - "oscal-complete-oscal-poam:plan-of-action-and-milestones" : - { "title" : "Plan of Action and Milestones (POA&M)", - "description" : "A plan of action and milestones which identifies initial and residual risks, deviations, and disposition, such as those required by FedRAMP.", - "$id" : "#assembly_oscal-poam_plan-of-action-and-milestones", + "at-frequency" : + { "title" : "Frequency Condition", + "description" : "The task is intended to occur at the specified frequency.", "type" : "object", "properties" : - { "uuid" : - { "title" : "POA&M Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with instancescope that can be used to reference this POA&M instance in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + { "period" : + { "title" : "Period", + "description" : "The task must occur after the specified period has elapsed.", + "$ref" : "#/definitions/PositiveIntegerDatatype" }, + "unit" : + { "title" : "Time Unit", + "description" : "The unit of time for the period.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "seconds", + "minutes", + "hours", + "days", + "months", + "years" ] } ] } }, + "required" : + [ "period", + "unit" ], + "additionalProperties" : false } }, + "additionalProperties" : false }, + "dependencies" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Task Dependency", + "description" : "Used to indicate that a task is dependent on another task.", + "type" : "object", + "properties" : + { "task-uuid" : + { "title" : "Task Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a unique task.", + "$ref" : "#/definitions/UUIDDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "task-uuid" ], + "additionalProperties" : false } }, + "tasks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_task" } }, + "associated-activities" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Associated Activity", + "description" : "Identifies an individual activity to be performed as part of a task.", + "type" : "object", + "properties" : + { "activity-uuid" : + { "title" : "Activity Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to an activity defined in the list of activities.", + "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "activity-uuid", + "subjects" ], + "additionalProperties" : false } }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "title" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:reviewed-controls" : + { "title" : "Reviewed Controls and Control Objectives", + "description" : "Identifies the controls being assessed and their control objectives.", + "$id" : "#assembly_oscal-assessment-common_reviewed-controls", + "type" : "object", + "properties" : + { "description" : + { "title" : "Control Objective Description", + "description" : "A human-readable description of control objectives.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "control-selections" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Assessed Controls", + "description" : "Identifies the controls being assessed. In the assessment plan, these are the planned controls. In the assessment results, these are the actual controls, and reflects any changes from the plan.", + "type" : "object", + "properties" : + { "description" : + { "title" : "Assessed Controls Description", + "description" : "A human-readable description of in-scope controls specified for assessment.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "include-all" : + { "$ref" : "#assembly_oscal-control-common_include-all" }, + "include-controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-control-by-id" } }, + "exclude-controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-control-by-id" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "additionalProperties" : false } }, + "control-objective-selections" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Referenced Control Objectives", + "description" : "Identifies the control objectives of the assessment. In the assessment plan, these are the planned objectives. In the assessment results, these are the assessed objectives, and reflects any changes from the plan.", + "type" : "object", + "properties" : + { "description" : + { "title" : "Control Objectives Description", + "description" : "A human-readable description of this collection of control objectives.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "include-all" : + { "$ref" : "#assembly_oscal-control-common_include-all" }, + "include-objectives" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-objective-by-id" } }, + "exclude-objectives" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-objective-by-id" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "control-selections" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:select-control-by-id" : + { "title" : "Select Control", + "description" : "Used to select a control for inclusion/exclusion based on one or more control identifiers. A set of statement identifiers can be used to target the inclusion/exclusion to only specific control statements providing more granularity over the specific statements that are within the asessment scope.", + "$id" : "#assembly_oscal-assessment-common_select-control-by-id", + "type" : "object", + "properties" : + { "control-id" : + { "title" : "Control Identifier Reference", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "$ref" : "#/definitions/TokenDatatype" }, + "statement-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Include Specific Statements", + "description" : "Used to constrain the selection to only specificity identified statements.", + "$ref" : "#/definitions/TokenDatatype" } } }, + "required" : + [ "control-id" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:select-objective-by-id" : + { "title" : "Select Objective", + "description" : "Used to select a control objective for inclusion/exclusion based on the control objective's identifier.", + "$id" : "#assembly_oscal-assessment-common_select-objective-by-id", + "type" : "object", + "properties" : + { "objective-id" : + { "title" : "Objective ID", + "description" : "Points to an assessment objective.", + "$ref" : "#/definitions/TokenDatatype" } }, + "required" : + [ "objective-id" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:assessment-subject-placeholder" : + { "title" : "Assessment Subject Placeholder", + "description" : "Used when the assessment subjects will be determined as part of one or more other assessment activities. These assessment subjects will be recorded in the assessment results in the assessment log.", + "$id" : "#assembly_oscal-assessment-common_assessment-subject-placeholder", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Assessment Subject Placeholder Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Assessment Subject Placeholder Description", + "description" : "A human-readable description of intent of this assessment subject placeholder.", + "type" : "string" }, + "sources" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Assessment Subject Source", + "description" : "Assessment subjects will be identified while conducting the referenced activity-instance.", + "type" : "object", + "properties" : + { "task-uuid" : + { "title" : "Task Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "task-uuid" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "sources" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:assessment-subject" : + { "title" : "Subject of Assessment", + "description" : "Identifies system elements being assessed, such as components, inventory items, and locations. In the assessment plan, this identifies a planned assessment subject. In the assessment results this is an actual assessment subject, and reflects any changes from the plan. exactly what will be the focus of this assessment. Any subjects not identified in this way are out-of-scope.", + "$id" : "#assembly_oscal-assessment-common_assessment-subject", + "type" : "object", + "properties" : + { "type" : + { "title" : "Subject Type", + "description" : "Indicates the type of assessment subject, such as a component, inventory, item, location, or party represented by this selection statement.", + "$ref" : "#/definitions/TokenDatatype" }, + "description" : + { "title" : "Include Subjects Description", + "description" : "A human-readable description of the collection of subjects being included in this assessment.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "include-all" : + { "$ref" : "#assembly_oscal-control-common_include-all" }, + "include-subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-subject-by-id" } }, + "exclude-subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-subject-by-id" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "type" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:select-subject-by-id" : + { "title" : "Select Assessment Subject", + "description" : "Identifies a set of assessment subjects to include/exclude by UUID.", + "$id" : "#assembly_oscal-assessment-common_select-subject-by-id", + "type" : "object", + "properties" : + { "subject-uuid" : + { "title" : "Subject Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Subject Universally Unique Identifier Reference Type", + "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "subject-uuid", + "type" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:subject-reference" : + { "title" : "Identifies the Subject", + "description" : "A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else.", + "$id" : "#assembly_oscal-assessment-common_subject-reference", + "type" : "object", + "properties" : + { "subject-uuid" : + { "title" : "Subject Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Subject Universally Unique Identifier Reference Type", + "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Subject Reference Title", + "description" : "The title or name for the referenced subject.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "subject-uuid", + "type" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:assessment-assets" : + { "title" : "Assessment Assets", + "description" : "Identifies the assets used to perform this assessment, such as the assessment team, scanning tools, and assumptions.", + "$id" : "#assembly_oscal-assessment-common_assessment-assets", + "type" : "object", + "properties" : + { "components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, + "assessment-platforms" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Assessment Platform", + "description" : "Used to represent the toolset used to perform aspects of the assessment.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Assessment Platform Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Assessment Platform Title", + "description" : "The title or name for the assessment platform.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "uses-components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Uses Component", + "description" : "The set of components that are used by the assessment platform.", + "type" : "object", + "properties" : + { "component-uuid" : + { "title" : "Component Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", "$ref" : "#/definitions/UUIDDatatype" }, - "metadata" : - { "$ref" : "#assembly_oscal-metadata_metadata" }, - "import-ssp" : - { "$ref" : "#assembly_oscal-assessment-common_import-ssp" }, - "system-id" : - { "$ref" : "#field_oscal-implementation-common_system-id" }, - "local-definitions" : - { "$ref" : "#assembly_oscal-poam_local-definitions" }, - "observations" : - { "type" : "array", + "props" : + { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-assessment-common_observation" } }, - "risks" : - { "type" : "array", + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-assessment-common_risk" } }, - "findings" : - { "type" : "array", + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-assessment-common_finding" } }, - "poam-items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "component-uuid" ], + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } } }, + "required" : + [ "assessment-platforms" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:finding-target" : + { "title" : "Objective Status", + "description" : "Captures an assessor's conclusions regarding the degree to which an objective is satisfied.", + "$id" : "#assembly_oscal-assessment-common_finding-target", + "type" : "object", + "properties" : + { "type" : + { "title" : "Finding Target Type", + "description" : "Identifies the type of the target.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "statement-id", + "objective-id" ] } ] }, + "target-id" : + { "title" : "Finding Target Identifier Reference", + "description" : "A machine-oriented identifier reference for a specific target qualified by the type.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Objective Status Title", + "description" : "The title for this objective status.", + "type" : "string" }, + "description" : + { "title" : "Objective Status Description", + "description" : "A human-readable description of the assessor's conclusions regarding the degree to which an objective is satisfied.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "status" : + { "title" : "Objective Status", + "description" : "A determination of if the objective is satisfied or not within a given system.", + "type" : "object", + "properties" : + { "state" : + { "title" : "Objective Status State", + "description" : "An indication as to whether the objective is satisfied or not.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "satisfied", + "not-satisfied" ] } ] }, + "reason" : + { "title" : "Objective Status Reason", + "description" : "The reason the objective was given it's status.", + "$ref" : "#/definitions/TokenDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "state" ], + "additionalProperties" : false }, + "implementation-status" : + { "$ref" : "#assembly_oscal-implementation-common_implementation-status" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "type", + "target-id", + "status" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:finding" : + { "title" : "Finding", + "description" : "Describes an individual finding.", + "$id" : "#assembly_oscal-assessment-common_finding", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Finding Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Finding Title", + "description" : "The title for this finding.", + "type" : "string" }, + "description" : + { "title" : "Finding Description", + "description" : "A human-readable description of this finding.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "origins" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin" } }, + "target" : + { "$ref" : "#assembly_oscal-assessment-common_finding-target" }, + "implementation-statement-uuid" : + { "title" : "Implementation Statement UUID", + "description" : "A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related.", + "$ref" : "#/definitions/UUIDDatatype" }, + "related-observations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Related Observation", + "description" : "Relates the finding to a set of referenced observations that were used to determine the finding.", + "type" : "object", + "properties" : + { "observation-uuid" : + { "title" : "Observation Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "observation-uuid" ], + "additionalProperties" : false } }, + "related-risks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Associated Risk", + "description" : "Relates the finding to a set of referenced risks that were used to determine the finding.", + "type" : "object", + "properties" : + { "risk-uuid" : + { "title" : "Risk Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a risk defined in the list of risks.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "risk-uuid" ], + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "title", + "description", + "target" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:observation" : + { "title" : "Observation", + "description" : "Describes an individual observation.", + "$id" : "#assembly_oscal-assessment-common_observation", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Observation Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Observation Title", + "description" : "The title for this observation.", + "type" : "string" }, + "description" : + { "title" : "Observation Description", + "description" : "A human-readable description of this assessment observation.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "methods" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Observation Method", + "description" : "Identifies how the observation was made.", + "$ref" : "#/definitions/StringDatatype" } }, + "types" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Observation Type", + "description" : "Identifies the nature of the observation. More than one may be used to further qualify and enable filtering.", + "$ref" : "#/definitions/TokenDatatype" } }, + "origins" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin" } }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } }, + "relevant-evidence" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Relevant Evidence", + "description" : "Links this observation to relevant evidence.", + "type" : "object", + "properties" : + { "href" : + { "title" : "Relevant Evidence Reference", + "description" : "A resolvable URL reference to relevant evidence.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "description" : + { "title" : "Relevant Evidence Description", + "description" : "A human-readable description of this evidence.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "description" ], + "additionalProperties" : false } }, + "collected" : + { "title" : "Collected Field", + "description" : "Date/time stamp identifying when the finding information was collected.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "expires" : + { "title" : "Expires Field", + "description" : "Date/time identifying when the finding information is out-of-date and no longer valid. Typically used with continuous assessment scenarios.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description", + "methods", + "collected" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:origin" : + { "title" : "Origin", + "description" : "Identifies the source of the finding, such as a tool, interviewed person, or activity.", + "$id" : "#assembly_oscal-assessment-common_origin", + "type" : "object", + "properties" : + { "actors" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin-actor" } }, + "related-tasks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_related-task" } } }, + "required" : + [ "actors" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:origin-actor" : + { "title" : "Originating Actor", + "description" : "The actor that produces an observation, a finding, or a risk. One or more actor type can be used to specify a person that is using a tool.", + "$id" : "#assembly_oscal-assessment-common_origin-actor", + "type" : "object", + "properties" : + { "type" : + { "title" : "Actor Type", + "description" : "The kind of actor.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "tool", + "assessment-platform", + "party" ] } ] }, + "actor-uuid" : + { "title" : "Actor Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to the tool or person based on the associated type.", + "$ref" : "#/definitions/UUIDDatatype" }, + "role-id" : + { "title" : "Actor Role", + "description" : "For a party, this can optionally be used to specify the role the actor was performing.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "type", + "actor-uuid" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:related-task" : + { "title" : "Task Reference", + "description" : "Identifies an individual task for which the containing object is a consequence of.", + "$id" : "#assembly_oscal-assessment-common_related-task", + "type" : "object", + "properties" : + { "task-uuid" : + { "title" : "Task Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a unique task.", + "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, + "identified-subject" : + { "title" : "Identified Subject", + "description" : "Used to detail assessment subjects that were identfied by this task.", + "type" : "object", + "properties" : + { "subject-placeholder-uuid" : + { "title" : "Assessment Subject Placeholder Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task.", + "$ref" : "#/definitions/UUIDDatatype" }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } } }, + "required" : + [ "subject-placeholder-uuid", + "subjects" ], + "additionalProperties" : false }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "task-uuid" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:threat-id" : + { "title" : "Threat ID", + "description" : "A pointer, by ID, to an externally-defined threat.", + "$id" : "#field_oscal-assessment-common_threat-id", + "type" : "object", + "properties" : + { "system" : + { "title" : "Threat Type Identification System", + "description" : "Specifies the source of the threat information.", + "$ref" : "#/definitions/URIDatatype" }, + "href" : + { "title" : "Threat Information Resource Reference", + "description" : "An optional location for the threat data, from which this ID originates.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id", + "system" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:risk" : + { "title" : "Identified Risk", + "description" : "An identified risk.", + "$id" : "#assembly_oscal-assessment-common_risk", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Risk Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Risk Title", + "description" : "The title for this risk.", + "type" : "string" }, + "description" : + { "title" : "Risk Description", + "description" : "A human-readable summary of the identified risk, to include a statement of how the risk impacts the system.", + "type" : "string" }, + "statement" : + { "title" : "Risk Statement", + "description" : "An summary of impact for how the risk affects the system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "status" : + { "$ref" : "#field_oscal-assessment-common_risk-status" }, + "origins" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin" } }, + "threat-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-assessment-common_threat-id" } }, + "characterizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_characterization" } }, + "mitigating-factors" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Mitigating Factor", + "description" : "Describes an existing mitigating factor that may affect the overall determination of the risk, with an optional link to an implementation statement in the SSP.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Mitigating Factor Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "implementation-uuid" : + { "title" : "Implementation UUID", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Mitigating Factor Description", + "description" : "A human-readable description of this mitigating factor.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false } }, + "deadline" : + { "title" : "Risk Resolution Deadline", + "description" : "The date/time by which the risk must be resolved.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "remediations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_response" } }, + "risk-log" : + { "title" : "Risk Log", + "description" : "A log of all risk-related tasks taken.", + "type" : "object", + "properties" : + { "entries" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Risk Log Entry", + "description" : "Identifies an individual risk response that occurred as part of managing an identified risk.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Risk Log Entry Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Title", + "description" : "The title for this risk log entry.", + "type" : "string" }, + "description" : + { "title" : "Risk Task Description", + "description" : "A human-readable description of what was done regarding the risk.", + "type" : "string" }, + "start" : + { "title" : "Start", + "description" : "Identifies the start date and time of the event.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "end" : + { "title" : "End", + "description" : "Identifies the end date and time of the event. If the event is a point in time, the start and end will be the same date and time.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "props" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-poam_poam-item" } }, - "back-matter" : - { "$ref" : "#assembly_oscal-metadata_back-matter" } }, - "required" : - [ "uuid", - "metadata", - "poam-items" ], - "additionalProperties" : false }, - "oscal-complete-oscal-poam:local-definitions" : - { "title" : "Local Definitions", - "description" : "Allows components, and inventory-items to be defined within the POA&M for circumstances where no OSCAL-based SSP exists, or is not delivered with the POA&M.", - "$id" : "#assembly_oscal-poam_local-definitions", - "type" : "object", - "properties" : - { "components" : + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, - "inventory-items" : + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "logged-by" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_inventory-item" } }, - "assessment-assets" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-assets" }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_logged-by" } }, + "status-change" : + { "$ref" : "#field_oscal-assessment-common_risk-status" }, + "related-responses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Risk Response Reference", + "description" : "Identifies an individual risk response that this log entry is for.", + "type" : "object", + "properties" : + { "response-uuid" : + { "title" : "Response Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a unique risk response.", + "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "related-tasks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_related-task" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "response-uuid" ], + "additionalProperties" : false } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, - "additionalProperties" : false }, - "oscal-complete-oscal-poam:poam-item" : - { "title" : "POA&M Item", - "description" : "Describes an individual POA&M item.", - "$id" : "#assembly_oscal-poam_poam-item", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "POA&M Item Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with instance scope that can be used to reference this POA&M item entry in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, + "required" : + [ "uuid", + "start" ], + "additionalProperties" : false } } }, + "required" : + [ "entries" ], + "additionalProperties" : false }, + "related-observations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Related Observation", + "description" : "Relates the finding to a set of referenced observations that were used to determine the finding.", + "type" : "object", + "properties" : + { "observation-uuid" : + { "title" : "Observation Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "observation-uuid" ], + "additionalProperties" : false } } }, + "required" : + [ "uuid", + "title", + "description", + "statement", + "status" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:logged-by" : + { "title" : "Logged By", + "description" : "Used to indicate who created a log entry in what role.", + "$id" : "#assembly_oscal-assessment-common_logged-by", + "type" : "object", + "properties" : + { "party-uuid" : + { "title" : "Party UUID Reference", + "description" : "A machine-oriented identifier reference to the party who is making the log entry.", + "$ref" : "#/definitions/UUIDDatatype" }, + "role-id" : + { "title" : "Actor Role", + "description" : "A point to the role-id of the role in which the party is making the log entry.", + "$ref" : "#/definitions/TokenDatatype" } }, + "required" : + [ "party-uuid" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:risk-status" : + { "title" : "Risk Status", + "description" : "Describes the status of the associated risk.", + "$id" : "#field_oscal-assessment-common_risk-status", + "$ref" : "#/definitions/TokenDatatype" }, + "oscal-complete-oscal-assessment-common:characterization" : + { "title" : "Characterization", + "description" : "A collection of descriptive data about the containing object from a specific origin.", + "$id" : "#assembly_oscal-assessment-common_characterization", + "type" : "object", + "properties" : + { "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "origin" : + { "$ref" : "#assembly_oscal-assessment-common_origin" }, + "facets" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Facet", + "description" : "An individual characteristic that is part of a larger set produced by the same actor.", + "type" : "object", + "properties" : + { "name" : + { "title" : "Facet Name", + "description" : "The name of the risk metric within the specified system.", + "$ref" : "#/definitions/TokenDatatype" }, + "system" : + { "title" : "Naming System", + "description" : "Specifies the naming system under which this risk metric is organized, which allows for the same names to be used in different systems controlled by different parties. This avoids the potential of a name clash.", + "$ref" : "#/definitions/URIDatatype" }, + "value" : + { "title" : "Facet Value", + "description" : "Indicates the value of the facet.", + "$ref" : "#/definitions/StringDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "name", + "system", + "value" ], + "additionalProperties" : false } } }, + "required" : + [ "origin", + "facets" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:response" : + { "title" : "Risk Response", + "description" : "Describes either recommended or an actual plan for addressing the risk.", + "$id" : "#assembly_oscal-assessment-common_response", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Remediation Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "lifecycle" : + { "title" : "Remediation Intent", + "description" : "Identifies whether this is a recommendation, such as from an assessor or tool, or an actual plan accepted by the system owner.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Response Title", + "description" : "The title for this response activity.", + "type" : "string" }, + "description" : + { "title" : "Response Description", + "description" : "A human-readable description of this response plan.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "origins" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin" } }, + "required-assets" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Required Asset", + "description" : "Identifies an asset required to achieve remediation.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Required Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } }, + "title" : + { "title" : "Title for Required Asset", + "description" : "The title for this required asset.", + "type" : "string" }, + "description" : + { "title" : "Description of Required Asset", + "description" : "A human-readable description of this required asset.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false } }, + "tasks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_task" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "lifecycle", + "title", + "description" ], + "additionalProperties" : false }, + "oscal-complete-oscal-assessment-common:assessment-part" : + { "title" : "Assessment Part", + "description" : "A partition of an assessment plan or results or a child of another part.", + "$id" : "#assembly_oscal-assessment-common_assessment-part", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Part Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "name" : + { "title" : "Part Name", + "description" : "A textual label that uniquely identifies the part's semantic type.", + "$ref" : "#/definitions/TokenDatatype" }, + "ns" : + { "title" : "Part Namespace", + "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "class" : + { "title" : "Part Class", + "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Part Title", + "description" : "A name given to the part, which may be used by a tool for display and navigation.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "prose" : + { "title" : "Part Text", + "description" : "Permits multiple paragraphs, lists, tables etc.", + "type" : "string" }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-part" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "name" ], + "additionalProperties" : false }, + "oscal-complete-oscal-ar:assessment-results" : + { "title" : "Security Assessment Results (SAR)", + "description" : "Security assessment results, such as those provided by a FedRAMP assessor in the FedRAMP Security Assessment Report.", + "$id" : "#assembly_oscal-ar_assessment-results", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Assessment Results Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment results instance in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "metadata" : + { "$ref" : "#assembly_oscal-metadata_metadata" }, + "import-ap" : + { "$ref" : "#assembly_oscal-ar_import-ap" }, + "local-definitions" : + { "title" : "Local Definitions", + "description" : "Used to define data objects that are used in the assessment plan, that do not appear in the referenced SSP.", + "type" : "object", + "properties" : + { "objectives-and-methods" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_local-objective" } }, + "activities" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_activity" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "additionalProperties" : false }, + "results" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-ar_result" } }, + "back-matter" : + { "$ref" : "#assembly_oscal-metadata_back-matter" } }, + "required" : + [ "uuid", + "metadata", + "import-ap", + "results" ], + "additionalProperties" : false }, + "oscal-complete-oscal-ar:result" : + { "title" : "Assessment Result", + "description" : "Used by the assessment results and POA&M. In the assessment results, this identifies all of the assessment observations and findings, initial and residual risks, deviations, and disposition. In the POA&M, this identifies initial and residual risks, deviations, and disposition.", + "$id" : "#assembly_oscal-ar_result", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Results Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this set of results in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Results Title", + "description" : "The title for this set of results.", + "type" : "string" }, + "description" : + { "title" : "Results Description", + "description" : "A human-readable description of this set of test results.", + "type" : "string" }, + "start" : + { "title" : "start field", + "description" : "Date/time stamp identifying the start of the evidence collection reflected in these results.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "end" : + { "title" : "end field", + "description" : "Date/time stamp identifying the end of the evidence collection reflected in these results. In a continuous motoring scenario, this may contain the same value as start if appropriate.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "local-definitions" : + { "title" : "Local Definitions", + "description" : "Used to define data objects that are used in the assessment plan, that do not appear in the referenced SSP.", + "type" : "object", + "properties" : + { "components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, + "inventory-items" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_inventory-item" } }, + "users" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_system-user" } }, + "assessment-assets" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-assets" }, + "tasks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_task" } } }, + "additionalProperties" : false }, + "reviewed-controls" : + { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, + "attestations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Attestation Statements", + "description" : "A set of textual statements, typically written by the assessor.", + "type" : "object", + "properties" : + { "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-part" } } }, + "required" : + [ "parts" ], + "additionalProperties" : false } }, + "assessment-log" : + { "title" : "Assessment Log", + "description" : "A log of all assessment-related actions taken.", + "type" : "object", + "properties" : + { "entries" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Assessment Log Entry", + "description" : "Identifies the result of an action and/or task that occurred as part of executing an assessment plan or an assessment event that occurred in producing the assessment results.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Assessment Log Entry Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference an assessment event in this or other OSCAL instances. The locally defined UUID of the assessment log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, "title" : - { "title" : "POA&M Item Title", - "description" : "The title or name for this POA&M item .", - "type" : "string" }, + { "title" : "Action Title", + "description" : "The title for this event.", + "type" : "string" }, "description" : - { "title" : "POA&M Item Description", - "description" : "A human-readable description of POA&M item.", - "type" : "string" }, + { "title" : "Action Description", + "description" : "A human-readable description of this event.", + "type" : "string" }, + "start" : + { "title" : "Start", + "description" : "Identifies the start date and time of an event.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "end" : + { "title" : "End", + "description" : "Identifies the end date and time of an event. If the event is a point in time, the start and end will be the same date and time.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "props" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, "links" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "origins" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Origin", - "description" : "Identifies the source of the finding, such as a tool or person.", - "type" : "object", - "properties" : - { "actors" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin-actor" } } }, - "required" : - [ "actors" ], - "additionalProperties" : false } }, - "related-findings" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Related Finding", - "description" : "Relates the poam-item to referenced finding(s).", - "type" : "object", - "properties" : - { "finding-uuid" : - { "title" : "Finding Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a finding defined in the list of findings.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "finding-uuid" ], - "additionalProperties" : false } }, - "related-observations" : + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "logged-by" : { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Related Observation", - "description" : "Relates the poam-item to a set of referenced observations that were used to determine the finding.", - "type" : "object", - "properties" : - { "observation-uuid" : - { "title" : "Observation Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "observation-uuid" ], - "additionalProperties" : false } }, - "related-risks" : + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_logged-by" } }, + "related-tasks" : { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Associated Risk", - "description" : "Relates the finding to a set of referenced risks that were used to determine the finding.", - "type" : "object", - "properties" : - { "risk-uuid" : - { "title" : "Risk Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a risk defined in the list of risks.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "risk-uuid" ], - "additionalProperties" : false } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_related-task" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "title", - "description" ], - "additionalProperties" : false }, - "Base64Datatype" : - { "type" : "string", - "pattern" : "^[0-9A-Fa-f]+$", - "contentEncoding" : "base64" }, - "BooleanDatatype" : - { "type" : "boolean" }, - "DateDatatype" : - { "type" : "string", - "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))(Z|[+-][0-9]{2}:[0-9]{2})?$" }, - "DateTimeWithTimezoneDatatype" : - { "type" : "string", - "format" : "date-time", - "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, - "EmailAddressDatatype" : - { "type" : "string", - "format" : "email", - "pattern" : "^.+@.+$" }, - "IntegerDatatype" : - { "type" : "integer" }, - "NonNegativeIntegerDatatype" : - { "allOf" : - [ - { "$ref" : "#/definitions/IntegerDatatype" }, - - { "minimum" : 0, - "type" : "number" } ] }, - "PositiveIntegerDatatype" : - { "allOf" : - [ - { "$ref" : "#/definitions/IntegerDatatype" }, - - { "minimum" : 1, - "type" : "number" } ] }, - "StringDatatype" : - { "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, - "TokenDatatype" : - { "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, - "URIDatatype" : - { "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, - "URIReferenceDatatype" : - { "type" : "string", - "format" : "uri-reference" }, - "UUIDDatatype" : - { "type" : "string", - "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, - "oneOf" : + "required" : + [ "uuid", + "start" ], + "additionalProperties" : false } } }, + "required" : + [ "entries" ], + "additionalProperties" : false }, + "observations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_observation" } }, + "risks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_risk" } }, + "findings" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_finding" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "title", + "description", + "start", + "reviewed-controls" ], + "additionalProperties" : false }, + "oscal-complete-oscal-ar:import-ap" : + { "title" : "Import Assessment Plan", + "description" : "Used by assessment-results to import information about the original plan for assessing the system.", + "$id" : "#assembly_oscal-ar_import-ap", + "type" : "object", + "properties" : + { "href" : + { "title" : "Assessment Plan Reference", + "description" : "A resolvable URL reference to the assessment plan governing the assessment activities.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "href" ], + "additionalProperties" : false }, + "oscal-complete-oscal-poam:plan-of-action-and-milestones" : + { "title" : "Plan of Action and Milestones (POA&M)", + "description" : "A plan of action and milestones which identifies initial and residual risks, deviations, and disposition, such as those required by FedRAMP.", + "$id" : "#assembly_oscal-poam_plan-of-action-and-milestones", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "POA&M Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with instancescope that can be used to reference this POA&M instance in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "metadata" : + { "$ref" : "#assembly_oscal-metadata_metadata" }, + "import-ssp" : + { "$ref" : "#assembly_oscal-assessment-common_import-ssp" }, + "system-id" : + { "$ref" : "#field_oscal-implementation-common_system-id" }, + "local-definitions" : + { "$ref" : "#assembly_oscal-poam_local-definitions" }, + "observations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_observation" } }, + "risks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_risk" } }, + "findings" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_finding" } }, + "poam-items" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-poam_poam-item" } }, + "back-matter" : + { "$ref" : "#assembly_oscal-metadata_back-matter" } }, + "required" : + [ "uuid", + "metadata", + "poam-items" ], + "additionalProperties" : false }, + "oscal-complete-oscal-poam:local-definitions" : + { "title" : "Local Definitions", + "description" : "Allows components, and inventory-items to be defined within the POA&M for circumstances where no OSCAL-based SSP exists, or is not delivered with the POA&M.", + "$id" : "#assembly_oscal-poam_local-definitions", + "type" : "object", + "properties" : + { "components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, + "inventory-items" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_inventory-item" } }, + "assessment-assets" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-assets" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "additionalProperties" : false }, + "oscal-complete-oscal-poam:poam-item" : + { "title" : "POA&M Item", + "description" : "Describes an individual POA&M item.", + "$id" : "#assembly_oscal-poam_poam-item", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "POA&M Item Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with instance scope that can be used to reference this POA&M item entry in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "POA&M Item Title", + "description" : "The title or name for this POA&M item .", + "type" : "string" }, + "description" : + { "title" : "POA&M Item Description", + "description" : "A human-readable description of POA&M item.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "origins" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Origin", + "description" : "Identifies the source of the finding, such as a tool or person.", + "type" : "object", + "properties" : + { "actors" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin-actor" } } }, + "required" : + [ "actors" ], + "additionalProperties" : false } }, + "related-findings" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Related Finding", + "description" : "Relates the poam-item to referenced finding(s).", + "type" : "object", + "properties" : + { "finding-uuid" : + { "title" : "Finding Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a finding defined in the list of findings.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "finding-uuid" ], + "additionalProperties" : false } }, + "related-observations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Related Observation", + "description" : "Relates the poam-item to a set of referenced observations that were used to determine the finding.", + "type" : "object", + "properties" : + { "observation-uuid" : + { "title" : "Observation Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "observation-uuid" ], + "additionalProperties" : false } }, + "related-risks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Associated Risk", + "description" : "Relates the finding to a set of referenced risks that were used to determine the finding.", + "type" : "object", + "properties" : + { "risk-uuid" : + { "title" : "Risk Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a risk defined in the list of risks.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "risk-uuid" ], + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "title", + "description" ], + "additionalProperties" : false }, + "Base64Datatype" : + { "type" : "string", + "pattern" : "^[0-9A-Fa-f]+$", + "contentEncoding" : "base64" }, + "BooleanDatatype" : + { "type" : "boolean" }, + "DateDatatype" : + { "type" : "string", + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))(Z|[+-][0-9]{2}:[0-9]{2})?$" }, + "DateTimeWithTimezoneDatatype" : + { "type" : "string", + "format" : "date-time", + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, + "EmailAddressDatatype" : + { "type" : "string", + "format" : "email", + "pattern" : "^.+@.+$" }, + "IntegerDatatype" : + { "type" : "integer" }, + "NonNegativeIntegerDatatype" : + { "allOf" : [ - { "properties" : - { "catalog" : - { "$ref" : "#assembly_oscal-catalog_catalog" } }, - "required" : - [ "catalog" ], - "additionalProperties" : false, - "maxProperties" : 1 }, - - { "properties" : - { "mapping-collection" : - { "$ref" : "#assembly_oscal-mapping_mapping-collection" } }, - "required" : - [ "mapping-collection" ], - "additionalProperties" : false, - "maxProperties" : 1 }, - - { "properties" : - { "profile" : - { "$ref" : "#assembly_oscal-profile_profile" } }, - "required" : - [ "profile" ], - "additionalProperties" : false, - "maxProperties" : 1 }, - - { "properties" : - { "component-definition" : - { "$ref" : "#assembly_oscal-component-definition_component-definition" } }, - "required" : - [ "component-definition" ], - "additionalProperties" : false, - "maxProperties" : 1 }, - - { "properties" : - { "system-security-plan" : - { "$ref" : "#assembly_oscal-ssp_system-security-plan" } }, - "required" : - [ "system-security-plan" ], - "additionalProperties" : false, - "maxProperties" : 1 }, - - { "properties" : - { "assessment-plan" : - { "$ref" : "#assembly_oscal-ap_assessment-plan" } }, - "required" : - [ "assessment-plan" ], - "additionalProperties" : false, - "maxProperties" : 1 }, - - { "properties" : - { "assessment-results" : - { "$ref" : "#assembly_oscal-ar_assessment-results" } }, - "required" : - [ "assessment-results" ], - "additionalProperties" : false, - "maxProperties" : 1 }, - - { "properties" : - { "plan-of-action-and-milestones" : - { "$ref" : "#assembly_oscal-poam_plan-of-action-and-milestones" } }, - "required" : - [ "plan-of-action-and-milestones" ], - "additionalProperties" : false, - "maxProperties" : 1 } ] } \ No newline at end of file + { "$ref" : "#/definitions/IntegerDatatype" }, + + { "minimum" : 0, + "type" : "number" } ] }, + "PositiveIntegerDatatype" : + { "allOf" : + [ + { "$ref" : "#/definitions/IntegerDatatype" }, + + { "minimum" : 1, + "type" : "number" } ] }, + "StringDatatype" : + { "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "TokenDatatype" : + { "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "URIDatatype" : + { "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "URIReferenceDatatype" : + { "type" : "string", + "format" : "uri-reference" }, + "UUIDDatatype" : + { "type" : "string", + "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "oneOf" : + [ + { "properties" : + { "catalog" : + { "$ref" : "#assembly_oscal-catalog_catalog" } }, + "required" : + [ "catalog" ], + "additionalProperties" : false, + "maxProperties" : 1 }, + + { "properties" : + { "mapping-collection" : + { "$ref" : "#assembly_oscal-mapping_mapping-collection" } }, + "required" : + [ "mapping-collection" ], + "additionalProperties" : false, + "maxProperties" : 1 }, + + { "properties" : + { "profile" : + { "$ref" : "#assembly_oscal-profile_profile" } }, + "required" : + [ "profile" ], + "additionalProperties" : false, + "maxProperties" : 1 }, + + { "properties" : + { "component-definition" : + { "$ref" : "#assembly_oscal-component-definition_component-definition" } }, + "required" : + [ "component-definition" ], + "additionalProperties" : false, + "maxProperties" : 1 }, + + { "properties" : + { "system-security-plan" : + { "$ref" : "#assembly_oscal-ssp_system-security-plan" } }, + "required" : + [ "system-security-plan" ], + "additionalProperties" : false, + "maxProperties" : 1 }, + + { "properties" : + { "assessment-plan" : + { "$ref" : "#assembly_oscal-ap_assessment-plan" } }, + "required" : + [ "assessment-plan" ], + "additionalProperties" : false, + "maxProperties" : 1 }, + + { "properties" : + { "assessment-results" : + { "$ref" : "#assembly_oscal-ar_assessment-results" } }, + "required" : + [ "assessment-results" ], + "additionalProperties" : false, + "maxProperties" : 1 }, + + { "properties" : + { "plan-of-action-and-milestones" : + { "$ref" : "#assembly_oscal-poam_plan-of-action-and-milestones" } }, + "required" : + [ "plan-of-action-and-milestones" ], + "additionalProperties" : false, + "maxProperties" : 1 } ] } \ No newline at end of file diff --git a/json/schema/oscal_component_schema.json b/json/schema/oscal_component_schema.json index 7cb628a8b2..750ba9a7c9 100644 --- a/json/schema/oscal_component_schema.json +++ b/json/schema/oscal_component_schema.json @@ -1,1534 +1,1529 @@ - { "$schema" : "http://json-schema.org/draft-07/schema#", - "$id" : "http://csrc.nist.gov/ns/oscal/1.0.4/oscal-component-definition-schema.json", - "$comment" : "OSCAL Component Definition Model: JSON Schema", + { "$schema" : "http://json-schema.org/draft-07/schema#", + "$id" : "http://csrc.nist.gov/ns/oscal/1.0.4/oscal-component-definition-schema.json", + "$comment" : "OSCAL Component Definition Model: JSON Schema", + "type" : "object", + "definitions" : + { "oscal-component-definition-oscal-component-definition:component-definition" : + { "title" : "Component Definition", + "description" : "A collection of component descriptions, which may optionally be grouped by capability.", + "$id" : "#assembly_oscal-component-definition_component-definition", "type" : "object", - "definitions" : - { "oscal-component-definition-oscal-component-definition:component-definition" : - { "title" : "Component Definition", - "description" : "A collection of component descriptions, which may optionally be grouped by capability.", - "$id" : "#assembly_oscal-component-definition_component-definition", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Component Definition Universally Unique Identifier", - "description" : "Provides a globally unique means to identify a given component definition instance.", - "$ref" : "#/definitions/UUIDDatatype" }, - "metadata" : - { "$ref" : "#assembly_oscal-metadata_metadata" }, - "import-component-definitions" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-component-definition_import-component-definition" } }, - "components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-component-definition_defined-component" } }, - "capabilities" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-component-definition_capability" } }, - "back-matter" : - { "$ref" : "#assembly_oscal-metadata_back-matter" } }, - "required" : - [ "uuid", - "metadata" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-component-definition:import-component-definition" : - { "title" : "Import Component Definition", - "description" : "Loads a component definition from another resource.", - "$id" : "#assembly_oscal-component-definition_import-component-definition", - "type" : "object", - "properties" : - { "href" : - { "title" : "Hyperlink Reference", - "description" : "A link to a resource that defines a set of components and/or capabilities to import into this collection.", - "$ref" : "#/definitions/URIReferenceDatatype" } }, - "required" : - [ "href" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-component-definition:defined-component" : - { "title" : "Component", - "description" : "A defined component that can be part of an implemented system.", - "$id" : "#assembly_oscal-component-definition_defined-component", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Component Identifier", - "description" : "Provides a globally unique means to identify a given component.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Component Type", - "description" : "A category describing the purpose of the component.", - "$ref" : "#/definitions/StringDatatype" }, - "title" : - { "title" : "Component Title", - "description" : "A human readable name for the component.", - "type" : "string" }, - "description" : - { "title" : "Component Description", - "description" : "A description of the component, including information about its function.", - "type" : "string" }, - "purpose" : - { "title" : "Purpose", - "description" : "A summary of the technological or business purpose of the component.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "protocols" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_protocol" } }, - "control-implementations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-component-definition_control-implementation" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type", - "title", - "description" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-component-definition:capability" : - { "title" : "Capability", - "description" : "A grouping of other components and/or capabilities.", - "$id" : "#assembly_oscal-component-definition_capability", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Capability Identifier", - "description" : "Provides a globally unique means to identify a given capability.", - "$ref" : "#/definitions/UUIDDatatype" }, - "name" : - { "title" : "Capability Name", - "description" : "The capability's human-readable name.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "Capability Description", - "description" : "A summary of the capability.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "incorporates-components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-component-definition_incorporates-component" } }, - "control-implementations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-component-definition_control-implementation" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "name", - "description" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-component-definition:incorporates-component" : - { "title" : "Incorporates Component", - "description" : "The collection of components comprising this capability.", - "$id" : "#assembly_oscal-component-definition_incorporates-component", - "type" : "object", - "properties" : - { "component-uuid" : - { "title" : "Component Reference", - "description" : "A machine-oriented identifier reference to a component.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Component Description", - "description" : "A description of the component, including information about its function.", - "type" : "string" } }, - "required" : - [ "component-uuid", - "description" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-component-definition:control-implementation" : - { "title" : "Control Implementation Set", - "description" : "Defines how the component or capability supports a set of controls.", - "$id" : "#assembly_oscal-component-definition_control-implementation", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Control Implementation Set Identifier", - "description" : "Provides a means to identify a set of control implementations that are supported by a given component or capability.", - "$ref" : "#/definitions/UUIDDatatype" }, - "source" : - { "title" : "Source Resource Reference", - "description" : "A reference to an OSCAL catalog or profile providing the referenced control or subcontrol definition.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "description" : - { "title" : "Control Implementation Description", - "description" : "A description of how the specified set of controls are implemented for the containing component or capability.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "set-parameters" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_set-parameter" } }, - "implemented-requirements" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-component-definition_implemented-requirement" } } }, - "required" : - [ "uuid", - "source", - "description", - "implemented-requirements" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-component-definition:implemented-requirement" : - { "title" : "Control Implementation", - "description" : "Describes how the containing component or capability implements an individual control.", - "$id" : "#assembly_oscal-component-definition_implemented-requirement", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Control Implementation Identifier", - "description" : "Provides a globally unique means to identify a given control implementation by a component.", - "$ref" : "#/definitions/UUIDDatatype" }, - "control-id" : - { "title" : "Control Identifier Reference", - "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "$ref" : "#/definitions/TokenDatatype" }, - "description" : - { "title" : "Control Implementation Description", - "description" : "A suggestion from the supplier (e.g., component vendor or author) for how the specified control may be implemented if the containing component or capability is instantiated in a system security plan.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "set-parameters" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_set-parameter" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "statements" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-component-definition_statement" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "control-id", - "description" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-component-definition:statement" : - { "title" : "Control Statement Implementation", - "description" : "Identifies which statements within a control are addressed.", - "$id" : "#assembly_oscal-component-definition_statement", - "type" : "object", - "properties" : - { "statement-id" : - { "title" : "Control Statement Reference", - "description" : "A human-oriented identifier reference to a control statement.", - "$ref" : "#/definitions/TokenDatatype" }, - "uuid" : - { "title" : "Control Statement Reference Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Statement Implementation Description", - "description" : "A summary of how the containing control statement is implemented by the component or capability.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "statement-id", - "uuid", - "description" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-implementation-common:system-component" : - { "title" : "Component", - "description" : "A defined component that can be part of an implemented system.", - "$id" : "#assembly_oscal-implementation-common_system-component", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Component Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Component Type", - "description" : "A category describing the purpose of the component.", - "$ref" : "#/definitions/StringDatatype" }, - "title" : - { "title" : "Component Title", - "description" : "A human readable name for the system component.", - "type" : "string" }, - "description" : - { "title" : "Component Description", - "description" : "A description of the component, including information about its function.", - "type" : "string" }, - "purpose" : - { "title" : "Purpose", - "description" : "A summary of the technological or business purpose of the component.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "status" : - { "title" : "Status", - "description" : "Describes the operational status of the system component.", - "type" : "object", - "properties" : - { "state" : - { "title" : "State", - "description" : "The operational status.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "under-development", - "operational", - "disposition", - "other" ] } ] }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "state" ], - "additionalProperties" : false }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "protocols" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_protocol" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type", - "title", - "description", - "status" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-implementation-common:protocol" : - { "title" : "Service Protocol Information", - "description" : "Information about the protocol used to provide a service.", - "$id" : "#assembly_oscal-implementation-common_protocol", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Service Protocol Information Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "name" : - { "title" : "Protocol Name", - "description" : "The common name of the protocol, which should be the appropriate \"service name\" from the IANA Service Name and Transport Protocol Port Number Registry.", - "$ref" : "#/definitions/StringDatatype" }, - "title" : - { "title" : "Protocol Title", - "description" : "A human readable name for the protocol (e.g., Transport Layer Security).", - "type" : "string" }, - "port-ranges" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_port-range" } } }, - "required" : - [ "name" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-implementation-common:port-range" : - { "title" : "Port Range", - "description" : "Where applicable this is the IPv4 port range on which the service operates.", - "$id" : "#assembly_oscal-implementation-common_port-range", - "type" : "object", - "properties" : - { "start" : - { "title" : "Start", - "description" : "Indicates the starting port number in a port range", - "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, - "end" : - { "title" : "End", - "description" : "Indicates the ending port number in a port range", - "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, - "transport" : - { "title" : "Transport", - "description" : "Indicates the transport type.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "TCP", - "UDP" ] } ] } }, - "additionalProperties" : false }, - "oscal-component-definition-oscal-implementation-common:implementation-status" : - { "title" : "Implementation Status", - "description" : "Indicates the degree to which the a given control is implemented.", - "$id" : "#assembly_oscal-implementation-common_implementation-status", - "type" : "object", - "properties" : - { "state" : - { "title" : "Implementation State", - "description" : "Identifies the implementation status of the control or control objective.", - "$ref" : "#/definitions/TokenDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "state" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-implementation-common:system-user" : - { "title" : "System User", - "description" : "A type of user that interacts with the system based on an associated role.", - "$id" : "#assembly_oscal-implementation-common_system-user", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "User Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "User Title", - "description" : "A name given to the user, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "User Short Name", - "description" : "A short common name, abbreviation, or acronym for the user.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "User Description", - "description" : "A summary of the user's purpose within the system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "role-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_role-id" } }, - "authorized-privileges" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_authorized-privilege" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-implementation-common:authorized-privilege" : - { "title" : "Privilege", - "description" : "Identifies a specific system privilege held by the user, along with an associated description and/or rationale for the privilege.", - "$id" : "#assembly_oscal-implementation-common_authorized-privilege", - "type" : "object", - "properties" : - { "title" : - { "title" : "Privilege Title", - "description" : "A human readable name for the privilege.", - "type" : "string" }, - "description" : - { "title" : "Privilege Description", - "description" : "A summary of the privilege's purpose within the system.", - "type" : "string" }, - "functions-performed" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-implementation-common_function-performed" } } }, - "required" : - [ "title", - "functions-performed" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-implementation-common:function-performed" : - { "title" : "Functions Performed", - "description" : "Describes a function performed for a given authorized privilege by this user class.", - "$id" : "#field_oscal-implementation-common_function-performed", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-component-definition-oscal-implementation-common:inventory-item" : - { "title" : "Inventory Item", - "description" : "A single managed inventory item within the system.", - "$id" : "#assembly_oscal-implementation-common_inventory-item", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Inventory Item Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Inventory Item Description", - "description" : "A summary of the inventory item stating its purpose within the system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "implemented-components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Implemented Component", - "description" : "The set of components that are implemented in a given system inventory item.", - "type" : "object", - "properties" : - { "component-uuid" : - { "title" : "Component Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "component-uuid" ], - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-implementation-common:set-parameter" : - { "title" : "Set Parameter Value", - "description" : "Identifies the parameter that will be set by the enclosed value.", - "$id" : "#assembly_oscal-implementation-common_set-parameter", - "type" : "object", - "properties" : - { "param-id" : - { "title" : "Parameter ID", - "description" : "A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context.", - "$ref" : "#/definitions/TokenDatatype" }, - "values" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Parameter Value", - "description" : "A parameter value or set of values.", - "$ref" : "#/definitions/StringDatatype" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "param-id", - "values" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-implementation-common:system-id" : - { "title" : "System Identification", - "description" : "A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document.", - "$id" : "#field_oscal-implementation-common_system-id", - "type" : "object", - "properties" : - { "identifier-type" : - { "title" : "Identification System Type", - "description" : "Identifies the identification system from which the provided identifier was assigned.", + "properties" : + { "uuid" : + { "title" : "Component Definition Universally Unique Identifier", + "description" : "Provides a globally unique means to identify a given component definition instance.", + "$ref" : "#/definitions/UUIDDatatype" }, + "metadata" : + { "$ref" : "#assembly_oscal-metadata_metadata" }, + "import-component-definitions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-component-definition_import-component-definition" } }, + "components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-component-definition_defined-component" } }, + "capabilities" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-component-definition_capability" } }, + "back-matter" : + { "$ref" : "#assembly_oscal-metadata_back-matter" } }, + "required" : + [ "uuid", + "metadata" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-component-definition:import-component-definition" : + { "title" : "Import Component Definition", + "description" : "Loads a component definition from another resource.", + "$id" : "#assembly_oscal-component-definition_import-component-definition", + "type" : "object", + "properties" : + { "href" : + { "title" : "Hyperlink Reference", + "description" : "A link to a resource that defines a set of components and/or capabilities to import into this collection.", + "$ref" : "#/definitions/URIReferenceDatatype" } }, + "required" : + [ "href" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-component-definition:defined-component" : + { "title" : "Component", + "description" : "A defined component that can be part of an implemented system.", + "$id" : "#assembly_oscal-component-definition_defined-component", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Component Identifier", + "description" : "Provides a globally unique means to identify a given component.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Component Type", + "description" : "A category describing the purpose of the component.", + "$ref" : "#/definitions/StringDatatype" }, + "title" : + { "title" : "Component Title", + "description" : "A human readable name for the component.", + "type" : "string" }, + "description" : + { "title" : "Component Description", + "description" : "A description of the component, including information about its function.", + "type" : "string" }, + "purpose" : + { "title" : "Purpose", + "description" : "A summary of the technological or business purpose of the component.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "protocols" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_protocol" } }, + "control-implementations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-component-definition_control-implementation" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "title", + "description" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-component-definition:capability" : + { "title" : "Capability", + "description" : "A grouping of other components and/or capabilities.", + "$id" : "#assembly_oscal-component-definition_capability", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Capability Identifier", + "description" : "Provides a globally unique means to identify a given capability.", + "$ref" : "#/definitions/UUIDDatatype" }, + "name" : + { "title" : "Capability Name", + "description" : "The capability's human-readable name.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "Capability Description", + "description" : "A summary of the capability.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "incorporates-components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-component-definition_incorporates-component" } }, + "control-implementations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-component-definition_control-implementation" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "name", + "description" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-component-definition:incorporates-component" : + { "title" : "Incorporates Component", + "description" : "The collection of components comprising this capability.", + "$id" : "#assembly_oscal-component-definition_incorporates-component", + "type" : "object", + "properties" : + { "component-uuid" : + { "title" : "Component Reference", + "description" : "A machine-oriented identifier reference to a component.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Component Description", + "description" : "A description of the component, including information about its function.", + "type" : "string" } }, + "required" : + [ "component-uuid", + "description" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-component-definition:control-implementation" : + { "title" : "Control Implementation Set", + "description" : "Defines how the component or capability supports a set of controls.", + "$id" : "#assembly_oscal-component-definition_control-implementation", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Control Implementation Set Identifier", + "description" : "Provides a means to identify a set of control implementations that are supported by a given component or capability.", + "$ref" : "#/definitions/UUIDDatatype" }, + "source" : + { "title" : "Source Resource Reference", + "description" : "A reference to an OSCAL catalog or profile providing the referenced control or subcontrol definition.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "description" : + { "title" : "Control Implementation Description", + "description" : "A description of how the specified set of controls are implemented for the containing component or capability.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "set-parameters" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_set-parameter" } }, + "implemented-requirements" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-component-definition_implemented-requirement" } } }, + "required" : + [ "uuid", + "source", + "description", + "implemented-requirements" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-component-definition:implemented-requirement" : + { "title" : "Control Implementation", + "description" : "Describes how the containing component or capability implements an individual control.", + "$id" : "#assembly_oscal-component-definition_implemented-requirement", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Control Implementation Identifier", + "description" : "Provides a globally unique means to identify a given control implementation by a component.", + "$ref" : "#/definitions/UUIDDatatype" }, + "control-id" : + { "title" : "Control Identifier Reference", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "$ref" : "#/definitions/TokenDatatype" }, + "description" : + { "title" : "Control Implementation Description", + "description" : "A suggestion from the supplier (e.g., component vendor or author) for how the specified control may be implemented if the containing component or capability is instantiated in a system security plan.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "set-parameters" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_set-parameter" } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "statements" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-component-definition_statement" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "control-id", + "description" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-component-definition:statement" : + { "title" : "Control Statement Implementation", + "description" : "Identifies which statements within a control are addressed.", + "$id" : "#assembly_oscal-component-definition_statement", + "type" : "object", + "properties" : + { "statement-id" : + { "title" : "Control Statement Reference", + "description" : "A human-oriented identifier reference to a control statement.", + "$ref" : "#/definitions/TokenDatatype" }, + "uuid" : + { "title" : "Control Statement Reference Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Statement Implementation Description", + "description" : "A summary of how the containing control statement is implemented by the component or capability.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "statement-id", + "uuid", + "description" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-implementation-common:system-component" : + { "title" : "Component", + "description" : "A defined component that can be part of an implemented system.", + "$id" : "#assembly_oscal-implementation-common_system-component", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Component Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Component Type", + "description" : "A category describing the purpose of the component.", + "$ref" : "#/definitions/StringDatatype" }, + "title" : + { "title" : "Component Title", + "description" : "A human readable name for the system component.", + "type" : "string" }, + "description" : + { "title" : "Component Description", + "description" : "A description of the component, including information about its function.", + "type" : "string" }, + "purpose" : + { "title" : "Purpose", + "description" : "A summary of the technological or business purpose of the component.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "status" : + { "title" : "Status", + "description" : "Describes the operational status of the system component.", + "type" : "object", + "properties" : + { "state" : + { "title" : "State", + "description" : "The operational status.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "under-development", + "operational", + "disposition", + "other" ] } ] }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "state" ], + "additionalProperties" : false }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "protocols" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_protocol" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "title", + "description", + "status" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-implementation-common:protocol" : + { "title" : "Service Protocol Information", + "description" : "Information about the protocol used to provide a service.", + "$id" : "#assembly_oscal-implementation-common_protocol", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Service Protocol Information Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "name" : + { "title" : "Protocol Name", + "description" : "The common name of the protocol, which should be the appropriate \"service name\" from the IANA Service Name and Transport Protocol Port Number Registry.", + "$ref" : "#/definitions/StringDatatype" }, + "title" : + { "title" : "Protocol Title", + "description" : "A human readable name for the protocol (e.g., Transport Layer Security).", + "type" : "string" }, + "port-ranges" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_port-range" } } }, + "required" : + [ "name" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-implementation-common:port-range" : + { "title" : "Port Range", + "description" : "Where applicable this is the IPv4 port range on which the service operates.", + "$id" : "#assembly_oscal-implementation-common_port-range", + "type" : "object", + "properties" : + { "start" : + { "title" : "Start", + "description" : "Indicates the starting port number in a port range", + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, + "end" : + { "title" : "End", + "description" : "Indicates the ending port number in a port range", + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, + "transport" : + { "title" : "Transport", + "description" : "Indicates the transport type.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "TCP", + "UDP" ] } ] } }, + "additionalProperties" : false }, + "oscal-component-definition-oscal-implementation-common:implementation-status" : + { "title" : "Implementation Status", + "description" : "Indicates the degree to which the a given control is implemented.", + "$id" : "#assembly_oscal-implementation-common_implementation-status", + "type" : "object", + "properties" : + { "state" : + { "title" : "Implementation State", + "description" : "Identifies the implementation status of the control or control objective.", + "$ref" : "#/definitions/TokenDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "state" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-implementation-common:system-user" : + { "title" : "System User", + "description" : "A type of user that interacts with the system based on an associated role.", + "$id" : "#assembly_oscal-implementation-common_system-user", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "User Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "User Title", + "description" : "A name given to the user, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "User Short Name", + "description" : "A short common name, abbreviation, or acronym for the user.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "User Description", + "description" : "A summary of the user's purpose within the system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "role-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_role-id" } }, + "authorized-privileges" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_authorized-privilege" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-implementation-common:authorized-privilege" : + { "title" : "Privilege", + "description" : "Identifies a specific system privilege held by the user, along with an associated description and/or rationale for the privilege.", + "$id" : "#assembly_oscal-implementation-common_authorized-privilege", + "type" : "object", + "properties" : + { "title" : + { "title" : "Privilege Title", + "description" : "A human readable name for the privilege.", + "type" : "string" }, + "description" : + { "title" : "Privilege Description", + "description" : "A summary of the privilege's purpose within the system.", + "type" : "string" }, + "functions-performed" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-implementation-common_function-performed" } } }, + "required" : + [ "title", + "functions-performed" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-implementation-common:function-performed" : + { "title" : "Functions Performed", + "description" : "Describes a function performed for a given authorized privilege by this user class.", + "$id" : "#field_oscal-implementation-common_function-performed", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-component-definition-oscal-implementation-common:inventory-item" : + { "title" : "Inventory Item", + "description" : "A single managed inventory item within the system.", + "$id" : "#assembly_oscal-implementation-common_inventory-item", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Inventory Item Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Inventory Item Description", + "description" : "A summary of the inventory item stating its purpose within the system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "implemented-components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Implemented Component", + "description" : "The set of components that are implemented in a given system inventory item.", + "type" : "object", + "properties" : + { "component-uuid" : + { "title" : "Component Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", + "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "component-uuid" ], + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-implementation-common:set-parameter" : + { "title" : "Set Parameter Value", + "description" : "Identifies the parameter that will be set by the enclosed value.", + "$id" : "#assembly_oscal-implementation-common_set-parameter", + "type" : "object", + "properties" : + { "param-id" : + { "title" : "Parameter ID", + "description" : "A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context.", + "$ref" : "#/definitions/TokenDatatype" }, + "values" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Parameter Value", + "description" : "A parameter value or set of values.", + "$ref" : "#/definitions/StringDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "param-id", + "values" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-implementation-common:system-id" : + { "title" : "System Identification", + "description" : "A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document.", + "$id" : "#field_oscal-implementation-common_system-id", + "type" : "object", + "properties" : + { "identifier-type" : + { "title" : "Identification System Type", + "description" : "Identifies the identification system from which the provided identifier was assigned.", + "$ref" : "#/definitions/URIDatatype" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-metadata:metadata" : + { "title" : "Document Metadata", + "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", + "$id" : "#assembly_oscal-metadata_metadata", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "revisions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Revision History Entry", + "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "version" ], + "additionalProperties" : false } }, + "document-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_document-id" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Role", + "description" : "Defines a function, which might be assigned to a party in a specific situation.", + "type" : "object", + "properties" : + { "id" : + { "title" : "Role Identifier", + "description" : "A unique identifier for the role.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Role Title", + "description" : "A name given to the role, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "Role Short Name", + "description" : "A short common name, abbreviation, or acronym for the role.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "Role Description", + "description" : "A summary of the role's purpose and associated responsibilities.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id", + "title" ], + "additionalProperties" : false } }, + "locations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location", + "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Location Universally Unique Identifier", + "description" : "A unique ID for the location, for reference.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Location Title", + "description" : "A name given to the location, which may be used by a tool for display and navigation.", + "type" : "string" }, + "address" : + { "$ref" : "#assembly_oscal-metadata_address" }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "urls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location URL", + "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", + "$ref" : "#/definitions/URIDatatype" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } }, + "parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party", + "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Party Universally Unique Identifier", + "description" : "A unique identifier for the party.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Party Type", + "description" : "A category describing the kind of party the object describes.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, + "name" : + { "title" : "Party Name", + "description" : "The full name of the party. This is typically the legal name associated with the party.", + "$ref" : "#/definitions/StringDatatype" }, + "short-name" : + { "title" : "Party Short Name", + "description" : "A short common name, abbreviation, or acronym for the party.", + "$ref" : "#/definitions/StringDatatype" }, + "external-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party External Identifier", + "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "External Identifier Schema", + "description" : "Indicates the type of external identifier.", "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-metadata:metadata" : - { "title" : "Document Metadata", - "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", - "$id" : "#assembly_oscal-metadata_metadata", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "revisions" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Revision History Entry", - "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "version" ], - "additionalProperties" : false } }, - "document-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_document-id" } }, + "id" : + { "type" : "string" } }, + "required" : + [ "id", + "scheme" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_address" } }, + "location-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_location-uuid" } }, + "member-of-organizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Organizational Affiliation", + "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type" ], + "additionalProperties" : false } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "actions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_action" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "title", + "last-modified", + "version", + "oscal-version" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-metadata:location-uuid" : + { "title" : "Location Universally Unique Identifier Reference", + "description" : "Reference to a location by UUID.", + "$id" : "#field_oscal-metadata_location-uuid", + "$ref" : "#/definitions/UUIDDatatype" }, + "oscal-component-definition-oscal-metadata:party-uuid" : + { "title" : "Party Universally Unique Identifier Reference", + "description" : "Reference to a party by UUID.", + "$id" : "#field_oscal-metadata_party-uuid", + "$ref" : "#/definitions/UUIDDatatype" }, + "oscal-component-definition-oscal-metadata:role-id" : + { "title" : "Role Identifier Reference", + "description" : "Reference to a role by UUID.", + "$id" : "#field_oscal-metadata_role-id", + "$ref" : "#/definitions/TokenDatatype" }, + "oscal-component-definition-oscal-metadata:back-matter" : + { "title" : "Back matter", + "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", + "$id" : "#assembly_oscal-metadata_back-matter", + "type" : "object", + "properties" : + { "resources" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Resource", + "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Resource Universally Unique Identifier", + "description" : "A unique identifier for a resource.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Resource Title", + "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", + "type" : "string" }, + "description" : + { "title" : "Resource Description", + "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "document-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_document-id" } }, + "citation" : + { "title" : "Citation", + "description" : "An optional citation consisting of end note text using structured markup.", + "type" : "object", + "properties" : + { "text" : + { "title" : "Citation Text", + "description" : "A line of citation text.", + "type" : "string" }, "props" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, "links" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Role", - "description" : "Defines a function, which might be assigned to a party in a specific situation.", - "type" : "object", - "properties" : - { "id" : - { "title" : "Role Identifier", - "description" : "A unique identifier for the role.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Role Title", - "description" : "A name given to the role, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "Role Short Name", - "description" : "A short common name, abbreviation, or acronym for the role.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "Role Description", - "description" : "A summary of the role's purpose and associated responsibilities.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id", - "title" ], - "additionalProperties" : false } }, - "locations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location", - "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Location Universally Unique Identifier", - "description" : "A unique ID for the location, for reference.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Location Title", - "description" : "A name given to the location, which may be used by a tool for display and navigation.", - "type" : "string" }, - "address" : - { "$ref" : "#assembly_oscal-metadata_address" }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "urls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location URL", - "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", - "$ref" : "#/definitions/URIDatatype" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false } }, - "parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party", - "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Party Universally Unique Identifier", - "description" : "A unique identifier for the party.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Party Type", - "description" : "A category describing the kind of party the object describes.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "person", - "organization" ] } ] }, - "name" : - { "title" : "Party Name", - "description" : "The full name of the party. This is typically the legal name associated with the party.", - "$ref" : "#/definitions/StringDatatype" }, - "short-name" : - { "title" : "Party Short Name", - "description" : "A short common name, abbreviation, or acronym for the party.", - "$ref" : "#/definitions/StringDatatype" }, - "external-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party External Identifier", - "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "External Identifier Schema", - "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id", - "scheme" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_address" } }, - "location-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_location-uuid" } }, - "member-of-organizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Organizational Affiliation", - "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type" ], - "additionalProperties" : false } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "actions" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_action" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "title", - "last-modified", - "version", - "oscal-version" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-metadata:location-uuid" : - { "title" : "Location Universally Unique Identifier Reference", - "description" : "Reference to a location by UUID.", - "$id" : "#field_oscal-metadata_location-uuid", - "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-component-definition-oscal-metadata:party-uuid" : - { "title" : "Party Universally Unique Identifier Reference", - "description" : "Reference to a party by UUID.", - "$id" : "#field_oscal-metadata_party-uuid", - "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-component-definition-oscal-metadata:role-id" : - { "title" : "Role Identifier Reference", - "description" : "Reference to a role by UUID.", - "$id" : "#field_oscal-metadata_role-id", - "$ref" : "#/definitions/TokenDatatype" }, - "oscal-component-definition-oscal-metadata:back-matter" : - { "title" : "Back matter", - "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", - "$id" : "#assembly_oscal-metadata_back-matter", - "type" : "object", - "properties" : - { "resources" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Resource", - "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Resource Universally Unique Identifier", - "description" : "A unique identifier for a resource.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Resource Title", - "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", - "type" : "string" }, - "description" : - { "title" : "Resource Description", - "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "document-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_document-id" } }, - "citation" : - { "title" : "Citation", - "description" : "An optional citation consisting of end note text using structured markup.", - "type" : "object", - "properties" : - { "text" : - { "title" : "Citation Text", - "description" : "A line of citation text.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "text" ], - "additionalProperties" : false }, - "rlinks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Resource link", - "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", - "type" : "object", - "properties" : - { "href" : - { "title" : "Hypertext Reference", - "description" : "A resolvable URL pointing to the referenced resource.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "media-type" : - { "title" : "Media Type", - "description" : "A label that indicates the nature of a resource, as a data serialization or format.", - "$ref" : "#/definitions/StringDatatype" }, - "hashes" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_hash" } } }, - "required" : - [ "href" ], - "additionalProperties" : false } }, - "base64" : - { "title" : "Base64", - "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", - "type" : "object", - "properties" : - { "filename" : - { "title" : "File Name", - "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "$ref" : "#/definitions/TokenDatatype" }, - "media-type" : - { "title" : "Media Type", - "description" : "A label that indicates the nature of a resource, as a data serialization or format.", - "$ref" : "#/definitions/StringDatatype" }, - "value" : - { "type" : "string" } }, - "required" : - [ "value" ], - "additionalProperties" : false }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false } } }, - "additionalProperties" : false }, - "oscal-component-definition-oscal-metadata:property" : - { "title" : "Property", - "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", - "$id" : "#assembly_oscal-metadata_property", - "type" : "object", - "properties" : - { "name" : - { "title" : "Property Name", - "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "marking" ] } ] }, - "uuid" : - { "title" : "Property Universally Unique Identifier", - "description" : "A unique identifier for a property.", - "$ref" : "#/definitions/UUIDDatatype" }, - "ns" : - { "title" : "Property Namespace", - "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", - "$ref" : "#/definitions/URIDatatype" }, - "value" : - { "title" : "Property Value", - "description" : "Indicates the value of the attribute, characteristic, or quality.", - "$ref" : "#/definitions/StringDatatype" }, - "class" : - { "title" : "Property Class", - "description" : "A textual label that provides a sub-type or characterization of the property's name.", - "$ref" : "#/definitions/TokenDatatype" }, - "group" : - { "title" : "Property Group", - "description" : "An identifier for relating distinct sets of properties.", - "$ref" : "#/definitions/TokenDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "name", - "value" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-metadata:link" : - { "title" : "Link", - "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", - "$id" : "#assembly_oscal-metadata_link", - "type" : "object", - "properties" : - { "href" : - { "title" : "Hypertext Reference", - "description" : "A resolvable URL reference to a resource.", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "text" ], + "additionalProperties" : false }, + "rlinks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Resource link", + "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", + "type" : "object", + "properties" : + { "href" : + { "title" : "Hypertext Reference", + "description" : "A resolvable URL pointing to the referenced resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, - "rel" : - { "title" : "Link Relation Type", - "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", - "$ref" : "#/definitions/TokenDatatype" }, - "media-type" : - { "title" : "Media Type", + "media-type" : + { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, - "resource-fragment" : - { "title" : "Resource Fragment", - "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", - "$ref" : "#/definitions/StringDatatype" }, - "text" : - { "title" : "Link Text", - "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", - "type" : "string" } }, - "required" : - [ "href" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-metadata:responsible-party" : - { "title" : "Responsible Party", - "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", - "$id" : "#assembly_oscal-metadata_responsible-party", - "type" : "object", - "properties" : - { "role-id" : - { "title" : "Responsible Role", - "description" : "A reference to a role performed by a party.", - "$ref" : "#/definitions/TokenDatatype" }, - "party-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_party-uuid" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "role-id", - "party-uuids" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-metadata:action" : - { "title" : "Action", - "description" : "An action applied by a role within a given party to the content.", - "$id" : "#assembly_oscal-metadata_action", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Action Universally Unique Identifier", - "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "date" : - { "title" : "Action Occurrence Date", - "description" : "The date and time when the action occurred.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "type" : - { "title" : "Action Type", - "description" : "The type of action documented by the assembly, such as an approval.", - "$ref" : "#/definitions/TokenDatatype" }, - "system" : - { "title" : "Action Type System", - "description" : "Specifies the action type system used.", - "$ref" : "#/definitions/URIDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type", - "system" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-metadata:responsible-role" : - { "title" : "Responsible Role", - "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", - "$id" : "#assembly_oscal-metadata_responsible-role", - "type" : "object", - "properties" : - { "role-id" : - { "title" : "Responsible Role ID", - "description" : "A human-oriented identifier reference to a role performed.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "party-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_party-uuid" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "role-id" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-metadata:hash" : - { "title" : "Hash", - "description" : "A representation of a cryptographic digest generated over a resource using a specified hash algorithm.", - "$id" : "#field_oscal-metadata_hash", - "type" : "object", - "properties" : - { "algorithm" : - { "title" : "Hash algorithm", - "description" : "The digest method by which a hash is derived.", - "$ref" : "#/definitions/StringDatatype" }, + "hashes" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_hash" } } }, + "required" : + [ "href" ], + "additionalProperties" : false } }, + "base64" : + { "title" : "Base64", + "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", + "type" : "object", + "properties" : + { "filename" : + { "title" : "File Name", + "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", + "$ref" : "#/definitions/TokenDatatype" }, + "media-type" : + { "title" : "Media Type", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", + "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, - "required" : - [ "value", - "algorithm" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-metadata:remarks" : - { "title" : "Remarks", - "description" : "Additional commentary about the containing object.", - "$id" : "#field_oscal-metadata_remarks", - "type" : "string" }, - "oscal-component-definition-oscal-metadata:published" : - { "title" : "Publication Timestamp", - "description" : "The date and time the document was last made available.", - "$id" : "#field_oscal-metadata_published", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "oscal-component-definition-oscal-metadata:last-modified" : - { "title" : "Last Modified Timestamp", - "description" : "The date and time the document was last stored for later retrieval.", - "$id" : "#field_oscal-metadata_last-modified", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "oscal-component-definition-oscal-metadata:version" : - { "title" : "Document Version", - "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", - "$id" : "#field_oscal-metadata_version", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-component-definition-oscal-metadata:oscal-version" : - { "title" : "OSCAL Version", - "description" : "The OSCAL model version the document was authored against and will conform to as valid.", - "$id" : "#field_oscal-metadata_oscal-version", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-component-definition-oscal-metadata:email-address" : - { "title" : "Email Address", - "description" : "An email address as defined by RFC 5322 Section 3.4.1.", - "$id" : "#field_oscal-metadata_email-address", - "$ref" : "#/definitions/EmailAddressDatatype" }, - "oscal-component-definition-oscal-metadata:telephone-number" : - { "title" : "Telephone Number", - "description" : "A telephone service number as defined by ITU-T E.164.", - "$id" : "#field_oscal-metadata_telephone-number", - "type" : "object", - "properties" : - { "type" : - { "title" : "type flag", - "description" : "Indicates the type of phone number.", - "$ref" : "#/definitions/StringDatatype" }, - "number" : - { "type" : "string" } }, - "required" : - [ "number" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-metadata:address" : - { "title" : "Address", - "description" : "A postal address for the location.", - "$id" : "#assembly_oscal-metadata_address", - "type" : "object", - "properties" : - { "type" : - { "title" : "Address Type", - "description" : "Indicates the type of address.", - "$ref" : "#/definitions/TokenDatatype" }, - "addr-lines" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_addr-line" } }, - "city" : - { "title" : "City", - "description" : "City, town or geographical region for the mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "state" : - { "title" : "State", - "description" : "State, province or analogous geographical region for a mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "postal-code" : - { "title" : "Postal Code", - "description" : "Postal or ZIP code for mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "country" : - { "title" : "Country Code", - "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", - "$ref" : "#/definitions/StringDatatype" } }, - "additionalProperties" : false }, - "oscal-component-definition-oscal-metadata:addr-line" : - { "title" : "Address line", - "description" : "A single line of an address.", - "$id" : "#field_oscal-metadata_addr-line", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-component-definition-oscal-metadata:document-id" : - { "title" : "Document Identifier", - "description" : "A document identifier qualified by an identifier scheme.", - "$id" : "#field_oscal-metadata_document-id", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "Document Identification Scheme", - "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "$ref" : "#/definitions/URIDatatype" }, - "identifier" : - { "type" : "string" } }, - "required" : - [ "identifier" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-control-common:part" : - { "title" : "Part", - "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", - "$id" : "#assembly_oscal-control-common_part", - "type" : "object", - "properties" : - { "id" : - { "title" : "Part Identifier", - "description" : "A unique identifier for the part.", - "$ref" : "#/definitions/TokenDatatype" }, - "name" : - { "title" : "Part Name", - "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", - "$ref" : "#/definitions/TokenDatatype" }, - "ns" : - { "title" : "Part Namespace", - "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", - "$ref" : "#/definitions/URIDatatype" }, - "class" : - { "title" : "Part Class", - "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Part Title", - "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "prose" : - { "title" : "Part Text", - "description" : "Permits multiple paragraphs, lists, tables etc.", - "type" : "string" }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_part" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "name" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-control-common:parameter" : - { "title" : "Parameter", - "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", - "$id" : "#assembly_oscal-control-common_parameter", - "type" : "object", - "properties" : - { "id" : - { "title" : "Parameter Identifier", - "description" : "A unique identifier for the parameter.", - "$ref" : "#/definitions/TokenDatatype" }, - "class" : - { "title" : "Parameter Class", - "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", - "$ref" : "#/definitions/TokenDatatype" }, - "depends-on" : - { "title" : "Depends on", - "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "label" : - { "title" : "Parameter Label", - "description" : "A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned.", - "type" : "string" }, - "usage" : - { "title" : "Parameter Usage Description", - "description" : "Describes the purpose and use of a parameter.", - "type" : "string" }, - "constraints" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, - "guidelines" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, - "values" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-control-common_parameter-value" } }, - "select" : - { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-control-common:parameter-constraint" : - { "title" : "Constraint", - "description" : "A formal or informal expression of a constraint or test.", - "$id" : "#assembly_oscal-control-common_parameter-constraint", - "type" : "object", - "properties" : - { "description" : - { "title" : "Constraint Description", - "description" : "A textual summary of the constraint to be applied.", - "type" : "string" }, - "tests" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Constraint Test", - "description" : "A test expression which is expected to be evaluated by a tool.", - "type" : "object", - "properties" : - { "expression" : - { "title" : "Constraint test", - "description" : "A formal (executable) expression of a constraint.", - "$ref" : "#/definitions/StringDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "expression" ], - "additionalProperties" : false } } }, - "additionalProperties" : false }, - "oscal-component-definition-oscal-control-common:parameter-guideline" : - { "title" : "Guideline", - "description" : "A prose statement that provides a recommendation for the use of a parameter.", - "$id" : "#assembly_oscal-control-common_parameter-guideline", - "type" : "object", - "properties" : - { "prose" : - { "title" : "Guideline Text", - "description" : "Prose permits multiple paragraphs, lists, tables etc.", - "type" : "string" } }, - "required" : - [ "prose" ], - "additionalProperties" : false }, - "oscal-component-definition-oscal-control-common:parameter-value" : - { "title" : "Parameter Value", - "description" : "A parameter value or set of values.", - "$id" : "#field_oscal-control-common_parameter-value", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-component-definition-oscal-control-common:parameter-selection" : - { "title" : "Selection", - "description" : "Presenting a choice among alternatives.", - "$id" : "#assembly_oscal-control-common_parameter-selection", - "type" : "object", - "properties" : - { "how-many" : - { "title" : "Parameter Cardinality", - "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "one", - "one-or-more" ] } ] }, - "choice" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Choice", - "description" : "A value selection among several such options.", - "type" : "string" } } }, - "additionalProperties" : false }, - "oscal-component-definition-oscal-control-common:include-all" : - { "title" : "Include All", - "description" : "Include all controls from the imported catalog or profile resources.", - "$id" : "#assembly_oscal-control-common_include-all", - "type" : "object", - "additionalProperties" : false }, - "Base64Datatype" : - { "type" : "string", - "pattern" : "^[0-9A-Fa-f]+$", - "contentEncoding" : "base64" }, - "DateTimeWithTimezoneDatatype" : - { "type" : "string", - "format" : "date-time", - "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, - "EmailAddressDatatype" : - { "type" : "string", - "format" : "email", - "pattern" : "^.+@.+$" }, - "IntegerDatatype" : - { "type" : "integer" }, - "NonNegativeIntegerDatatype" : - { "allOf" : - [ - { "$ref" : "#/definitions/IntegerDatatype" }, - - { "minimum" : 0, - "type" : "number" } ] }, - "StringDatatype" : - { "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, - "TokenDatatype" : - { "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, - "URIDatatype" : - { "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, - "URIReferenceDatatype" : - { "type" : "string", - "format" : "uri-reference" }, - "UUIDDatatype" : - { "type" : "string", - "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "required" : + [ "value" ], + "additionalProperties" : false }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } } }, + "additionalProperties" : false }, + "oscal-component-definition-oscal-metadata:property" : + { "title" : "Property", + "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", + "$id" : "#assembly_oscal-metadata_property", + "type" : "object", + "properties" : + { "name" : + { "title" : "Property Name", + "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", + "$ref" : "#/definitions/TokenDatatype" }, + "uuid" : + { "title" : "Property Universally Unique Identifier", + "description" : "A unique identifier for a property.", + "$ref" : "#/definitions/UUIDDatatype" }, + "ns" : + { "title" : "Property Namespace", + "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "value" : + { "title" : "Property Value", + "description" : "Indicates the value of the attribute, characteristic, or quality.", + "$ref" : "#/definitions/StringDatatype" }, + "class" : + { "title" : "Property Class", + "description" : "A textual label that provides a sub-type or characterization of the property's name.", + "$ref" : "#/definitions/TokenDatatype" }, + "group" : + { "title" : "Property Group", + "description" : "An identifier for relating distinct sets of properties.", + "$ref" : "#/definitions/TokenDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "name", + "value" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-metadata:link" : + { "title" : "Link", + "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", + "$id" : "#assembly_oscal-metadata_link", + "type" : "object", + "properties" : + { "href" : + { "title" : "Hypertext Reference", + "description" : "A resolvable URL reference to a resource.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "rel" : + { "title" : "Link Relation Type", + "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", + "$ref" : "#/definitions/TokenDatatype" }, + "media-type" : + { "title" : "Media Type", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", + "$ref" : "#/definitions/StringDatatype" }, + "resource-fragment" : + { "title" : "Resource Fragment", + "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", + "$ref" : "#/definitions/StringDatatype" }, + "text" : + { "title" : "Link Text", + "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", + "type" : "string" } }, + "required" : + [ "href" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-metadata:responsible-party" : + { "title" : "Responsible Party", + "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", + "$id" : "#assembly_oscal-metadata_responsible-party", + "type" : "object", + "properties" : + { "role-id" : + { "title" : "Responsible Role", + "description" : "A reference to a role performed by a party.", + "$ref" : "#/definitions/TokenDatatype" }, + "party-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_party-uuid" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "role-id", + "party-uuids" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-metadata:action" : + { "title" : "Action", + "description" : "An action applied by a role within a given party to the content.", + "$id" : "#assembly_oscal-metadata_action", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Action Universally Unique Identifier", + "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "date" : + { "title" : "Action Occurrence Date", + "description" : "The date and time when the action occurred.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "type" : + { "title" : "Action Type", + "description" : "The type of action documented by the assembly, such as an approval.", + "$ref" : "#/definitions/TokenDatatype" }, + "system" : + { "title" : "Action Type System", + "description" : "Specifies the action type system used.", + "$ref" : "#/definitions/URIDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "system" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-metadata:responsible-role" : + { "title" : "Responsible Role", + "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", + "$id" : "#assembly_oscal-metadata_responsible-role", + "type" : "object", + "properties" : + { "role-id" : + { "title" : "Responsible Role ID", + "description" : "A human-oriented identifier reference to a role performed.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "party-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_party-uuid" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "role-id" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-metadata:hash" : + { "title" : "Hash", + "description" : "A representation of a cryptographic digest generated over a resource using a specified hash algorithm.", + "$id" : "#field_oscal-metadata_hash", + "type" : "object", "properties" : - { "component-definition" : - { "$ref" : "#assembly_oscal-component-definition_component-definition" } }, + { "algorithm" : + { "title" : "Hash algorithm", + "description" : "The digest method by which a hash is derived.", + "$ref" : "#/definitions/StringDatatype" }, + "value" : + { "type" : "string" } }, "required" : - [ "component-definition" ], - "additionalProperties" : false, - "maxProperties" : 1 } \ No newline at end of file + [ "value", + "algorithm" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-metadata:remarks" : + { "title" : "Remarks", + "description" : "Additional commentary about the containing object.", + "$id" : "#field_oscal-metadata_remarks", + "type" : "string" }, + "oscal-component-definition-oscal-metadata:published" : + { "title" : "Publication Timestamp", + "description" : "The date and time the document was last made available.", + "$id" : "#field_oscal-metadata_published", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "oscal-component-definition-oscal-metadata:last-modified" : + { "title" : "Last Modified Timestamp", + "description" : "The date and time the document was last stored for later retrieval.", + "$id" : "#field_oscal-metadata_last-modified", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "oscal-component-definition-oscal-metadata:version" : + { "title" : "Document Version", + "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", + "$id" : "#field_oscal-metadata_version", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-component-definition-oscal-metadata:oscal-version" : + { "title" : "OSCAL Version", + "description" : "The OSCAL model version the document was authored against and will conform to as valid.", + "$id" : "#field_oscal-metadata_oscal-version", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-component-definition-oscal-metadata:email-address" : + { "title" : "Email Address", + "description" : "An email address as defined by RFC 5322 Section 3.4.1.", + "$id" : "#field_oscal-metadata_email-address", + "$ref" : "#/definitions/EmailAddressDatatype" }, + "oscal-component-definition-oscal-metadata:telephone-number" : + { "title" : "Telephone Number", + "description" : "A telephone service number as defined by ITU-T E.164.", + "$id" : "#field_oscal-metadata_telephone-number", + "type" : "object", + "properties" : + { "type" : + { "title" : "type flag", + "description" : "Indicates the type of phone number.", + "$ref" : "#/definitions/StringDatatype" }, + "number" : + { "type" : "string" } }, + "required" : + [ "number" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-metadata:address" : + { "title" : "Address", + "description" : "A postal address for the location.", + "$id" : "#assembly_oscal-metadata_address", + "type" : "object", + "properties" : + { "type" : + { "title" : "Address Type", + "description" : "Indicates the type of address.", + "$ref" : "#/definitions/TokenDatatype" }, + "addr-lines" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_addr-line" } }, + "city" : + { "title" : "City", + "description" : "City, town or geographical region for the mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "state" : + { "title" : "State", + "description" : "State, province or analogous geographical region for a mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "postal-code" : + { "title" : "Postal Code", + "description" : "Postal or ZIP code for mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "country" : + { "title" : "Country Code", + "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", + "$ref" : "#/definitions/StringDatatype" } }, + "additionalProperties" : false }, + "oscal-component-definition-oscal-metadata:addr-line" : + { "title" : "Address line", + "description" : "A single line of an address.", + "$id" : "#field_oscal-metadata_addr-line", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-component-definition-oscal-metadata:document-id" : + { "title" : "Document Identifier", + "description" : "A document identifier qualified by an identifier scheme.", + "$id" : "#field_oscal-metadata_document-id", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "Document Identification Scheme", + "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", + "$ref" : "#/definitions/URIDatatype" }, + "identifier" : + { "type" : "string" } }, + "required" : + [ "identifier" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-control-common:part" : + { "title" : "Part", + "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", + "$id" : "#assembly_oscal-control-common_part", + "type" : "object", + "properties" : + { "id" : + { "title" : "Part Identifier", + "description" : "A unique identifier for the part.", + "$ref" : "#/definitions/TokenDatatype" }, + "name" : + { "title" : "Part Name", + "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", + "$ref" : "#/definitions/TokenDatatype" }, + "ns" : + { "title" : "Part Namespace", + "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "class" : + { "title" : "Part Class", + "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Part Title", + "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "prose" : + { "title" : "Part Text", + "description" : "Permits multiple paragraphs, lists, tables etc.", + "type" : "string" }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_part" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "name" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-control-common:parameter" : + { "title" : "Parameter", + "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", + "$id" : "#assembly_oscal-control-common_parameter", + "type" : "object", + "properties" : + { "id" : + { "title" : "Parameter Identifier", + "description" : "A unique identifier for the parameter.", + "$ref" : "#/definitions/TokenDatatype" }, + "class" : + { "title" : "Parameter Class", + "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", + "$ref" : "#/definitions/TokenDatatype" }, + "depends-on" : + { "title" : "Depends on", + "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "label" : + { "title" : "Parameter Label", + "description" : "A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned.", + "type" : "string" }, + "usage" : + { "title" : "Parameter Usage Description", + "description" : "Describes the purpose and use of a parameter.", + "type" : "string" }, + "constraints" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, + "guidelines" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, + "values" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-control-common_parameter-value" } }, + "select" : + { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-control-common:parameter-constraint" : + { "title" : "Constraint", + "description" : "A formal or informal expression of a constraint or test.", + "$id" : "#assembly_oscal-control-common_parameter-constraint", + "type" : "object", + "properties" : + { "description" : + { "title" : "Constraint Description", + "description" : "A textual summary of the constraint to be applied.", + "type" : "string" }, + "tests" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Constraint Test", + "description" : "A test expression which is expected to be evaluated by a tool.", + "type" : "object", + "properties" : + { "expression" : + { "title" : "Constraint test", + "description" : "A formal (executable) expression of a constraint.", + "$ref" : "#/definitions/StringDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "expression" ], + "additionalProperties" : false } } }, + "additionalProperties" : false }, + "oscal-component-definition-oscal-control-common:parameter-guideline" : + { "title" : "Guideline", + "description" : "A prose statement that provides a recommendation for the use of a parameter.", + "$id" : "#assembly_oscal-control-common_parameter-guideline", + "type" : "object", + "properties" : + { "prose" : + { "title" : "Guideline Text", + "description" : "Prose permits multiple paragraphs, lists, tables etc.", + "type" : "string" } }, + "required" : + [ "prose" ], + "additionalProperties" : false }, + "oscal-component-definition-oscal-control-common:parameter-value" : + { "title" : "Parameter Value", + "description" : "A parameter value or set of values.", + "$id" : "#field_oscal-control-common_parameter-value", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-component-definition-oscal-control-common:parameter-selection" : + { "title" : "Selection", + "description" : "Presenting a choice among alternatives.", + "$id" : "#assembly_oscal-control-common_parameter-selection", + "type" : "object", + "properties" : + { "how-many" : + { "title" : "Parameter Cardinality", + "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "one", + "one-or-more" ] } ] }, + "choice" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Choice", + "description" : "A value selection among several such options.", + "type" : "string" } } }, + "additionalProperties" : false }, + "oscal-component-definition-oscal-control-common:include-all" : + { "title" : "Include All", + "description" : "Include all controls from the imported catalog or profile resources.", + "$id" : "#assembly_oscal-control-common_include-all", + "type" : "object", + "additionalProperties" : false }, + "Base64Datatype" : + { "type" : "string", + "pattern" : "^[0-9A-Fa-f]+$", + "contentEncoding" : "base64" }, + "DateTimeWithTimezoneDatatype" : + { "type" : "string", + "format" : "date-time", + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, + "EmailAddressDatatype" : + { "type" : "string", + "format" : "email", + "pattern" : "^.+@.+$" }, + "IntegerDatatype" : + { "type" : "integer" }, + "NonNegativeIntegerDatatype" : + { "allOf" : + [ + { "$ref" : "#/definitions/IntegerDatatype" }, + + { "minimum" : 0, + "type" : "number" } ] }, + "StringDatatype" : + { "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "TokenDatatype" : + { "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "URIDatatype" : + { "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "URIReferenceDatatype" : + { "type" : "string", + "format" : "uri-reference" }, + "UUIDDatatype" : + { "type" : "string", + "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "properties" : + { "component-definition" : + { "$ref" : "#assembly_oscal-component-definition_component-definition" } }, + "required" : + [ "component-definition" ], + "additionalProperties" : false, + "maxProperties" : 1 } \ No newline at end of file diff --git a/json/schema/oscal_mapping_schema.json b/json/schema/oscal_mapping_schema.json index f51f56c2f4..4590384c80 100644 --- a/json/schema/oscal_mapping_schema.json +++ b/json/schema/oscal_mapping_schema.json @@ -1,900 +1,895 @@ - { "$schema" : "http://json-schema.org/draft-07/schema#", - "$id" : "http://csrc.nist.gov/ns/oscal/1.0.3/oscal-mapping-schema.json", - "$comment" : "OSCAL Control Mapping Model: JSON Schema", + { "$schema" : "http://json-schema.org/draft-07/schema#", + "$id" : "http://csrc.nist.gov/ns/oscal/1.0.3/oscal-mapping-schema.json", + "$comment" : "OSCAL Control Mapping Model: JSON Schema", + "type" : "object", + "definitions" : + { "oscal-mapping-oscal-mapping:mapping-collection" : + { "title" : "Mapping Collection", + "description" : "A collection of relationship-based control and/or control statement mappings.", + "$id" : "#assembly_oscal-mapping_mapping-collection", "type" : "object", - "definitions" : - { "oscal-mapping-oscal-mapping:mapping-collection" : - { "title" : "Mapping Collection", - "description" : "A collection of relationship-based control and/or control statement mappings.", - "$id" : "#assembly_oscal-mapping_mapping-collection", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Mapping Collection Universally Unique Identifier", - "description" : "A globally unique identifier with cross-instance scope for this catalog instance. This UUID should be changed when this document is revised.", - "$ref" : "#/definitions/UUIDDatatype" }, - "metadata" : - { "$ref" : "#assembly_oscal-metadata_metadata" }, - "mappings" : - { "anyOf" : - [ - { "$ref" : "#assembly_oscal-mapping_mapping" }, - - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-mapping_mapping" } } ] }, - "back-matter" : - { "$ref" : "#assembly_oscal-metadata_back-matter" } }, - "required" : - [ "uuid", - "metadata", - "mappings" ], - "additionalProperties" : false }, - "oscal-mapping-oscal-mapping:mapping" : - { "title" : "Control Mapping", - "description" : "A mapping between two target resources.", - "$id" : "#assembly_oscal-mapping_mapping", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Mapping Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "source-resource" : - { "$ref" : "#assembly_oscal-mapping-common_mapping-resource-reference" }, - "target-resource" : - { "$ref" : "#assembly_oscal-mapping-common_mapping-resource-reference" }, - "maps" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-mapping-common_map" } } }, - "required" : - [ "uuid", - "source-resource", - "target-resource", - "maps" ], - "additionalProperties" : false }, - "oscal-mapping-oscal-metadata:metadata" : - { "title" : "Document Metadata", - "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", - "$id" : "#assembly_oscal-metadata_metadata", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "revisions" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Revision History Entry", - "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "version" ], - "additionalProperties" : false } }, - "document-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_document-id" } }, + "properties" : + { "uuid" : + { "title" : "Mapping Collection Universally Unique Identifier", + "description" : "A globally unique identifier with cross-instance scope for this catalog instance. This UUID should be changed when this document is revised.", + "$ref" : "#/definitions/UUIDDatatype" }, + "metadata" : + { "$ref" : "#assembly_oscal-metadata_metadata" }, + "mappings" : + { "anyOf" : + [ + { "$ref" : "#assembly_oscal-mapping_mapping" }, + + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping_mapping" } } ] }, + "back-matter" : + { "$ref" : "#assembly_oscal-metadata_back-matter" } }, + "required" : + [ "uuid", + "metadata", + "mappings" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-mapping:mapping" : + { "title" : "Control Mapping", + "description" : "A mapping between two target resources.", + "$id" : "#assembly_oscal-mapping_mapping", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Mapping Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "source-resource" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-resource-reference" }, + "target-resource" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-resource-reference" }, + "maps" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping-common_map" } } }, + "required" : + [ "uuid", + "source-resource", + "target-resource", + "maps" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:metadata" : + { "title" : "Document Metadata", + "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", + "$id" : "#assembly_oscal-metadata_metadata", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "revisions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Revision History Entry", + "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "version" ], + "additionalProperties" : false } }, + "document-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_document-id" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Role", + "description" : "Defines a function, which might be assigned to a party in a specific situation.", + "type" : "object", + "properties" : + { "id" : + { "title" : "Role Identifier", + "description" : "A unique identifier for the role.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Role Title", + "description" : "A name given to the role, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "Role Short Name", + "description" : "A short common name, abbreviation, or acronym for the role.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "Role Description", + "description" : "A summary of the role's purpose and associated responsibilities.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id", + "title" ], + "additionalProperties" : false } }, + "locations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location", + "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Location Universally Unique Identifier", + "description" : "A unique ID for the location, for reference.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Location Title", + "description" : "A name given to the location, which may be used by a tool for display and navigation.", + "type" : "string" }, + "address" : + { "$ref" : "#assembly_oscal-metadata_address" }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "urls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location URL", + "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", + "$ref" : "#/definitions/URIDatatype" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } }, + "parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party", + "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Party Universally Unique Identifier", + "description" : "A unique identifier for the party.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Party Type", + "description" : "A category describing the kind of party the object describes.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, + "name" : + { "title" : "Party Name", + "description" : "The full name of the party. This is typically the legal name associated with the party.", + "$ref" : "#/definitions/StringDatatype" }, + "short-name" : + { "title" : "Party Short Name", + "description" : "A short common name, abbreviation, or acronym for the party.", + "$ref" : "#/definitions/StringDatatype" }, + "external-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party External Identifier", + "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "External Identifier Schema", + "description" : "Indicates the type of external identifier.", + "$ref" : "#/definitions/URIDatatype" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id", + "scheme" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_address" } }, + "location-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_location-uuid" } }, + "member-of-organizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Organizational Affiliation", + "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type" ], + "additionalProperties" : false } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "actions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_action" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "title", + "last-modified", + "version", + "oscal-version" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:location-uuid" : + { "title" : "Location Universally Unique Identifier Reference", + "description" : "Reference to a location by UUID.", + "$id" : "#field_oscal-metadata_location-uuid", + "$ref" : "#/definitions/UUIDDatatype" }, + "oscal-mapping-oscal-metadata:party-uuid" : + { "title" : "Party Universally Unique Identifier Reference", + "description" : "Reference to a party by UUID.", + "$id" : "#field_oscal-metadata_party-uuid", + "$ref" : "#/definitions/UUIDDatatype" }, + "oscal-mapping-oscal-metadata:role-id" : + { "title" : "Role Identifier Reference", + "description" : "Reference to a role by UUID.", + "$id" : "#field_oscal-metadata_role-id", + "$ref" : "#/definitions/TokenDatatype" }, + "oscal-mapping-oscal-metadata:back-matter" : + { "title" : "Back matter", + "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", + "$id" : "#assembly_oscal-metadata_back-matter", + "type" : "object", + "properties" : + { "resources" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Resource", + "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Resource Universally Unique Identifier", + "description" : "A unique identifier for a resource.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Resource Title", + "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", + "type" : "string" }, + "description" : + { "title" : "Resource Description", + "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "document-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_document-id" } }, + "citation" : + { "title" : "Citation", + "description" : "An optional citation consisting of end note text using structured markup.", + "type" : "object", + "properties" : + { "text" : + { "title" : "Citation Text", + "description" : "A line of citation text.", + "type" : "string" }, "props" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, "links" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Role", - "description" : "Defines a function, which might be assigned to a party in a specific situation.", - "type" : "object", - "properties" : - { "id" : - { "title" : "Role Identifier", - "description" : "A unique identifier for the role.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Role Title", - "description" : "A name given to the role, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "Role Short Name", - "description" : "A short common name, abbreviation, or acronym for the role.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "Role Description", - "description" : "A summary of the role's purpose and associated responsibilities.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id", - "title" ], - "additionalProperties" : false } }, - "locations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location", - "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Location Universally Unique Identifier", - "description" : "A unique ID for the location, for reference.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Location Title", - "description" : "A name given to the location, which may be used by a tool for display and navigation.", - "type" : "string" }, - "address" : - { "$ref" : "#assembly_oscal-metadata_address" }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "urls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location URL", - "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", - "$ref" : "#/definitions/URIDatatype" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false } }, - "parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party", - "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Party Universally Unique Identifier", - "description" : "A unique identifier for the party.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Party Type", - "description" : "A category describing the kind of party the object describes.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "person", - "organization" ] } ] }, - "name" : - { "title" : "Party Name", - "description" : "The full name of the party. This is typically the legal name associated with the party.", - "$ref" : "#/definitions/StringDatatype" }, - "short-name" : - { "title" : "Party Short Name", - "description" : "A short common name, abbreviation, or acronym for the party.", - "$ref" : "#/definitions/StringDatatype" }, - "external-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party External Identifier", - "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "External Identifier Schema", - "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id", - "scheme" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_address" } }, - "location-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_location-uuid" } }, - "member-of-organizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Organizational Affiliation", - "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type" ], - "additionalProperties" : false } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "actions" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_action" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "title", - "last-modified", - "version", - "oscal-version" ], - "additionalProperties" : false }, - "oscal-mapping-oscal-metadata:location-uuid" : - { "title" : "Location Universally Unique Identifier Reference", - "description" : "Reference to a location by UUID.", - "$id" : "#field_oscal-metadata_location-uuid", - "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-mapping-oscal-metadata:party-uuid" : - { "title" : "Party Universally Unique Identifier Reference", - "description" : "Reference to a party by UUID.", - "$id" : "#field_oscal-metadata_party-uuid", - "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-mapping-oscal-metadata:role-id" : - { "title" : "Role Identifier Reference", - "description" : "Reference to a role by UUID.", - "$id" : "#field_oscal-metadata_role-id", - "$ref" : "#/definitions/TokenDatatype" }, - "oscal-mapping-oscal-metadata:back-matter" : - { "title" : "Back matter", - "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", - "$id" : "#assembly_oscal-metadata_back-matter", - "type" : "object", - "properties" : - { "resources" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Resource", - "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Resource Universally Unique Identifier", - "description" : "A unique identifier for a resource.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Resource Title", - "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", - "type" : "string" }, - "description" : - { "title" : "Resource Description", - "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "document-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_document-id" } }, - "citation" : - { "title" : "Citation", - "description" : "An optional citation consisting of end note text using structured markup.", - "type" : "object", - "properties" : - { "text" : - { "title" : "Citation Text", - "description" : "A line of citation text.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "text" ], - "additionalProperties" : false }, - "rlinks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Resource link", - "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", - "type" : "object", - "properties" : - { "href" : - { "title" : "Hypertext Reference", - "description" : "A resolvable URL pointing to the referenced resource.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "media-type" : - { "title" : "Media Type", - "description" : "A label that indicates the nature of a resource, as a data serialization or format.", - "$ref" : "#/definitions/StringDatatype" }, - "hashes" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_hash" } } }, - "required" : - [ "href" ], - "additionalProperties" : false } }, - "base64" : - { "title" : "Base64", - "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", - "type" : "object", - "properties" : - { "filename" : - { "title" : "File Name", - "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "$ref" : "#/definitions/TokenDatatype" }, - "media-type" : - { "title" : "Media Type", - "description" : "A label that indicates the nature of a resource, as a data serialization or format.", - "$ref" : "#/definitions/StringDatatype" }, - "value" : - { "type" : "string" } }, - "required" : - [ "value" ], - "additionalProperties" : false }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false } } }, - "additionalProperties" : false }, - "oscal-mapping-oscal-metadata:property" : - { "title" : "Property", - "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", - "$id" : "#assembly_oscal-metadata_property", - "type" : "object", - "properties" : - { "name" : - { "title" : "Property Name", - "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "marking" ] } ] }, - "uuid" : - { "title" : "Property Universally Unique Identifier", - "description" : "A unique identifier for a property.", - "$ref" : "#/definitions/UUIDDatatype" }, - "ns" : - { "title" : "Property Namespace", - "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", - "$ref" : "#/definitions/URIDatatype" }, - "value" : - { "title" : "Property Value", - "description" : "Indicates the value of the attribute, characteristic, or quality.", - "$ref" : "#/definitions/StringDatatype" }, - "class" : - { "title" : "Property Class", - "description" : "A textual label that provides a sub-type or characterization of the property's name.", - "$ref" : "#/definitions/TokenDatatype" }, - "group" : - { "title" : "Property Group", - "description" : "An identifier for relating distinct sets of properties.", - "$ref" : "#/definitions/TokenDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "name", - "value" ], - "additionalProperties" : false }, - "oscal-mapping-oscal-metadata:link" : - { "title" : "Link", - "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", - "$id" : "#assembly_oscal-metadata_link", - "type" : "object", - "properties" : - { "href" : - { "title" : "Hypertext Reference", - "description" : "A resolvable URL reference to a resource.", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "text" ], + "additionalProperties" : false }, + "rlinks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Resource link", + "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", + "type" : "object", + "properties" : + { "href" : + { "title" : "Hypertext Reference", + "description" : "A resolvable URL pointing to the referenced resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, - "rel" : - { "title" : "Link Relation Type", - "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", - "$ref" : "#/definitions/TokenDatatype" }, - "media-type" : - { "title" : "Media Type", + "media-type" : + { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, - "resource-fragment" : - { "title" : "Resource Fragment", - "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", - "$ref" : "#/definitions/StringDatatype" }, - "text" : - { "title" : "Link Text", - "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", - "type" : "string" } }, - "required" : - [ "href" ], - "additionalProperties" : false }, - "oscal-mapping-oscal-metadata:responsible-party" : - { "title" : "Responsible Party", - "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", - "$id" : "#assembly_oscal-metadata_responsible-party", - "type" : "object", - "properties" : - { "role-id" : - { "title" : "Responsible Role", - "description" : "A reference to a role performed by a party.", - "$ref" : "#/definitions/TokenDatatype" }, - "party-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_party-uuid" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "role-id", - "party-uuids" ], - "additionalProperties" : false }, - "oscal-mapping-oscal-metadata:action" : - { "title" : "Action", - "description" : "An action applied by a role within a given party to the content.", - "$id" : "#assembly_oscal-metadata_action", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Action Universally Unique Identifier", - "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "date" : - { "title" : "Action Occurrence Date", - "description" : "The date and time when the action occurred.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "type" : - { "title" : "Action Type", - "description" : "The type of action documented by the assembly, such as an approval.", - "$ref" : "#/definitions/TokenDatatype" }, - "system" : - { "title" : "Action Type System", - "description" : "Specifies the action type system used.", - "$ref" : "#/definitions/URIDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type", - "system" ], - "additionalProperties" : false }, - "oscal-mapping-oscal-metadata:responsible-role" : - { "title" : "Responsible Role", - "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", - "$id" : "#assembly_oscal-metadata_responsible-role", - "type" : "object", - "properties" : - { "role-id" : - { "title" : "Responsible Role ID", - "description" : "A human-oriented identifier reference to a role performed.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "party-uuids" : - { "type" : "array", + "hashes" : + { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#field_oscal-metadata_party-uuid" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "role-id" ], - "additionalProperties" : false }, - "oscal-mapping-oscal-metadata:hash" : - { "title" : "Hash", - "description" : "A representation of a cryptographic digest generated over a resource using a specified hash algorithm.", - "$id" : "#field_oscal-metadata_hash", - "type" : "object", - "properties" : - { "algorithm" : - { "title" : "Hash algorithm", - "description" : "The digest method by which a hash is derived.", - "$ref" : "#/definitions/StringDatatype" }, + { "$ref" : "#field_oscal-metadata_hash" } } }, + "required" : + [ "href" ], + "additionalProperties" : false } }, + "base64" : + { "title" : "Base64", + "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", + "type" : "object", + "properties" : + { "filename" : + { "title" : "File Name", + "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", + "$ref" : "#/definitions/TokenDatatype" }, + "media-type" : + { "title" : "Media Type", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", + "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, - "required" : - [ "value", - "algorithm" ], - "additionalProperties" : false }, - "oscal-mapping-oscal-metadata:remarks" : - { "title" : "Remarks", - "description" : "Additional commentary about the containing object.", - "$id" : "#field_oscal-metadata_remarks", - "type" : "string" }, - "oscal-mapping-oscal-metadata:published" : - { "title" : "Publication Timestamp", - "description" : "The date and time the document was last made available.", - "$id" : "#field_oscal-metadata_published", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "oscal-mapping-oscal-metadata:last-modified" : - { "title" : "Last Modified Timestamp", - "description" : "The date and time the document was last stored for later retrieval.", - "$id" : "#field_oscal-metadata_last-modified", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "oscal-mapping-oscal-metadata:version" : - { "title" : "Document Version", - "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", - "$id" : "#field_oscal-metadata_version", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-mapping-oscal-metadata:oscal-version" : - { "title" : "OSCAL Version", - "description" : "The OSCAL model version the document was authored against and will conform to as valid.", - "$id" : "#field_oscal-metadata_oscal-version", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-mapping-oscal-metadata:email-address" : - { "title" : "Email Address", - "description" : "An email address as defined by RFC 5322 Section 3.4.1.", - "$id" : "#field_oscal-metadata_email-address", - "$ref" : "#/definitions/EmailAddressDatatype" }, - "oscal-mapping-oscal-metadata:telephone-number" : - { "title" : "Telephone Number", - "description" : "A telephone service number as defined by ITU-T E.164.", - "$id" : "#field_oscal-metadata_telephone-number", - "type" : "object", - "properties" : - { "type" : - { "title" : "type flag", - "description" : "Indicates the type of phone number.", - "$ref" : "#/definitions/StringDatatype" }, - "number" : - { "type" : "string" } }, - "required" : - [ "number" ], - "additionalProperties" : false }, - "oscal-mapping-oscal-metadata:address" : - { "title" : "Address", - "description" : "A postal address for the location.", - "$id" : "#assembly_oscal-metadata_address", - "type" : "object", - "properties" : - { "type" : - { "title" : "Address Type", - "description" : "Indicates the type of address.", - "$ref" : "#/definitions/TokenDatatype" }, - "addr-lines" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_addr-line" } }, - "city" : - { "title" : "City", - "description" : "City, town or geographical region for the mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "state" : - { "title" : "State", - "description" : "State, province or analogous geographical region for a mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "postal-code" : - { "title" : "Postal Code", - "description" : "Postal or ZIP code for mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "country" : - { "title" : "Country Code", - "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", - "$ref" : "#/definitions/StringDatatype" } }, - "additionalProperties" : false }, - "oscal-mapping-oscal-metadata:addr-line" : - { "title" : "Address line", - "description" : "A single line of an address.", - "$id" : "#field_oscal-metadata_addr-line", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-mapping-oscal-metadata:document-id" : - { "title" : "Document Identifier", - "description" : "A document identifier qualified by an identifier scheme.", - "$id" : "#field_oscal-metadata_document-id", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "Document Identification Scheme", - "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "$ref" : "#/definitions/URIDatatype" }, - "identifier" : - { "type" : "string" } }, - "required" : - [ "identifier" ], - "additionalProperties" : false }, - "oscal-mapping-oscal-mapping-common:map" : - { "title" : "Mapping Entry", - "description" : "A relationship-based mapping between a source and target set consisting of members (i.e., controls, control statements) from the respective source and target.", - "$id" : "#assembly_oscal-mapping-common_map", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Mapping Entry Identifier", - "description" : "The unique identifier for the mapping entry.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "relationship" : - { "title" : "Mapping Entry Relationship", - "description" : "The relationship type for the mapping entry, which describes the relationship between the effective requirements of the specified source and target sets.", - "type" : "object", - "properties" : - { "ns" : - { "title" : "Relationship Value Namespace", - "description" : "A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name.", - "$ref" : "#/definitions/URIDatatype" }, - "type" : - { "type" : "string" } }, - "required" : - [ "type" ], - "additionalProperties" : false, - "enum" : - [ "equivalent-to", - "equal-to", - "subset-of", - "superset-of", - "intersects-with" ] }, - "sources" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-mapping-common_mapping-item" } }, - "targets" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-mapping-common_mapping-item" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "relationship", - "sources", - "targets" ], - "additionalProperties" : false }, - "oscal-mapping-oscal-mapping-common:mapping-item" : - { "title" : "Mapping Entry Item (source or target)", - "description" : "Identifies a specific edge within a source or target that is the subject of a mapping.", - "$id" : "#assembly_oscal-mapping-common_mapping-item", - "type" : "object", - "properties" : - { "type" : - { "title" : "Subject Type", - "description" : "The semantic type of the subject.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "control", - "statement" ] } ] }, - "id-ref" : - { "title" : "Subject Identifier Reference", - "description" : "A reference to an identified subject that is of the specified type.", - "$ref" : "#/definitions/StringDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "type", - "id-ref" ], - "additionalProperties" : false }, - "oscal-mapping-oscal-mapping-common:mapping-resource-reference" : - { "title" : "Mapped Resource Reference", - "description" : "A reference to a resource that is either the source or target of a mapping.", - "$id" : "#assembly_oscal-mapping-common_mapping-resource-reference", - "type" : "object", - "properties" : - { "type" : - { "title" : "Resource Type", - "description" : "The semantic type of the resource.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "catalog" ] } ] }, - "href" : - { "title" : "Catalog or Profile Reference", - "description" : "A resolvable URL reference to the base catalog or profile that this profile is tailoring.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "type", - "href" ], - "additionalProperties" : false }, - "Base64Datatype" : - { "type" : "string", - "pattern" : "^[0-9A-Fa-f]+$", - "contentEncoding" : "base64" }, - "DateTimeWithTimezoneDatatype" : - { "type" : "string", - "format" : "date-time", - "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, - "EmailAddressDatatype" : - { "type" : "string", - "format" : "email", - "pattern" : "^.+@.+$" }, - "StringDatatype" : - { "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, - "TokenDatatype" : - { "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, - "URIDatatype" : - { "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, - "URIReferenceDatatype" : - { "type" : "string", - "format" : "uri-reference" }, - "UUIDDatatype" : - { "type" : "string", - "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "required" : + [ "value" ], + "additionalProperties" : false }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } } }, + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:property" : + { "title" : "Property", + "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", + "$id" : "#assembly_oscal-metadata_property", + "type" : "object", + "properties" : + { "name" : + { "title" : "Property Name", + "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", + "$ref" : "#/definitions/TokenDatatype" }, + "uuid" : + { "title" : "Property Universally Unique Identifier", + "description" : "A unique identifier for a property.", + "$ref" : "#/definitions/UUIDDatatype" }, + "ns" : + { "title" : "Property Namespace", + "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "value" : + { "title" : "Property Value", + "description" : "Indicates the value of the attribute, characteristic, or quality.", + "$ref" : "#/definitions/StringDatatype" }, + "class" : + { "title" : "Property Class", + "description" : "A textual label that provides a sub-type or characterization of the property's name.", + "$ref" : "#/definitions/TokenDatatype" }, + "group" : + { "title" : "Property Group", + "description" : "An identifier for relating distinct sets of properties.", + "$ref" : "#/definitions/TokenDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "name", + "value" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:link" : + { "title" : "Link", + "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", + "$id" : "#assembly_oscal-metadata_link", + "type" : "object", + "properties" : + { "href" : + { "title" : "Hypertext Reference", + "description" : "A resolvable URL reference to a resource.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "rel" : + { "title" : "Link Relation Type", + "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", + "$ref" : "#/definitions/TokenDatatype" }, + "media-type" : + { "title" : "Media Type", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", + "$ref" : "#/definitions/StringDatatype" }, + "resource-fragment" : + { "title" : "Resource Fragment", + "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", + "$ref" : "#/definitions/StringDatatype" }, + "text" : + { "title" : "Link Text", + "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", + "type" : "string" } }, + "required" : + [ "href" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:responsible-party" : + { "title" : "Responsible Party", + "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", + "$id" : "#assembly_oscal-metadata_responsible-party", + "type" : "object", + "properties" : + { "role-id" : + { "title" : "Responsible Role", + "description" : "A reference to a role performed by a party.", + "$ref" : "#/definitions/TokenDatatype" }, + "party-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_party-uuid" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "role-id", + "party-uuids" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:action" : + { "title" : "Action", + "description" : "An action applied by a role within a given party to the content.", + "$id" : "#assembly_oscal-metadata_action", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Action Universally Unique Identifier", + "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "date" : + { "title" : "Action Occurrence Date", + "description" : "The date and time when the action occurred.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "type" : + { "title" : "Action Type", + "description" : "The type of action documented by the assembly, such as an approval.", + "$ref" : "#/definitions/TokenDatatype" }, + "system" : + { "title" : "Action Type System", + "description" : "Specifies the action type system used.", + "$ref" : "#/definitions/URIDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "system" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:responsible-role" : + { "title" : "Responsible Role", + "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", + "$id" : "#assembly_oscal-metadata_responsible-role", + "type" : "object", + "properties" : + { "role-id" : + { "title" : "Responsible Role ID", + "description" : "A human-oriented identifier reference to a role performed.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "party-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_party-uuid" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "role-id" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:hash" : + { "title" : "Hash", + "description" : "A representation of a cryptographic digest generated over a resource using a specified hash algorithm.", + "$id" : "#field_oscal-metadata_hash", + "type" : "object", + "properties" : + { "algorithm" : + { "title" : "Hash algorithm", + "description" : "The digest method by which a hash is derived.", + "$ref" : "#/definitions/StringDatatype" }, + "value" : + { "type" : "string" } }, + "required" : + [ "value", + "algorithm" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:remarks" : + { "title" : "Remarks", + "description" : "Additional commentary about the containing object.", + "$id" : "#field_oscal-metadata_remarks", + "type" : "string" }, + "oscal-mapping-oscal-metadata:published" : + { "title" : "Publication Timestamp", + "description" : "The date and time the document was last made available.", + "$id" : "#field_oscal-metadata_published", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "oscal-mapping-oscal-metadata:last-modified" : + { "title" : "Last Modified Timestamp", + "description" : "The date and time the document was last stored for later retrieval.", + "$id" : "#field_oscal-metadata_last-modified", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "oscal-mapping-oscal-metadata:version" : + { "title" : "Document Version", + "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", + "$id" : "#field_oscal-metadata_version", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-mapping-oscal-metadata:oscal-version" : + { "title" : "OSCAL Version", + "description" : "The OSCAL model version the document was authored against and will conform to as valid.", + "$id" : "#field_oscal-metadata_oscal-version", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-mapping-oscal-metadata:email-address" : + { "title" : "Email Address", + "description" : "An email address as defined by RFC 5322 Section 3.4.1.", + "$id" : "#field_oscal-metadata_email-address", + "$ref" : "#/definitions/EmailAddressDatatype" }, + "oscal-mapping-oscal-metadata:telephone-number" : + { "title" : "Telephone Number", + "description" : "A telephone service number as defined by ITU-T E.164.", + "$id" : "#field_oscal-metadata_telephone-number", + "type" : "object", + "properties" : + { "type" : + { "title" : "type flag", + "description" : "Indicates the type of phone number.", + "$ref" : "#/definitions/StringDatatype" }, + "number" : + { "type" : "string" } }, + "required" : + [ "number" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:address" : + { "title" : "Address", + "description" : "A postal address for the location.", + "$id" : "#assembly_oscal-metadata_address", + "type" : "object", + "properties" : + { "type" : + { "title" : "Address Type", + "description" : "Indicates the type of address.", + "$ref" : "#/definitions/TokenDatatype" }, + "addr-lines" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_addr-line" } }, + "city" : + { "title" : "City", + "description" : "City, town or geographical region for the mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "state" : + { "title" : "State", + "description" : "State, province or analogous geographical region for a mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "postal-code" : + { "title" : "Postal Code", + "description" : "Postal or ZIP code for mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "country" : + { "title" : "Country Code", + "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", + "$ref" : "#/definitions/StringDatatype" } }, + "additionalProperties" : false }, + "oscal-mapping-oscal-metadata:addr-line" : + { "title" : "Address line", + "description" : "A single line of an address.", + "$id" : "#field_oscal-metadata_addr-line", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-mapping-oscal-metadata:document-id" : + { "title" : "Document Identifier", + "description" : "A document identifier qualified by an identifier scheme.", + "$id" : "#field_oscal-metadata_document-id", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "Document Identification Scheme", + "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", + "$ref" : "#/definitions/URIDatatype" }, + "identifier" : + { "type" : "string" } }, + "required" : + [ "identifier" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-mapping-common:map" : + { "title" : "Mapping Entry", + "description" : "A relationship-based mapping between a source and target set consisting of members (i.e., controls, control statements) from the respective source and target.", + "$id" : "#assembly_oscal-mapping-common_map", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Mapping Entry Identifier", + "description" : "The unique identifier for the mapping entry.", + "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "relationship" : + { "title" : "Mapping Entry Relationship", + "description" : "The relationship type for the mapping entry, which describes the relationship between the effective requirements of the specified source and target sets.", + "type" : "object", + "properties" : + { "ns" : + { "title" : "Relationship Value Namespace", + "description" : "A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "type" : + { "type" : "string" } }, + "required" : + [ "type" ], + "additionalProperties" : false, + "enum" : + [ "equivalent-to", + "equal-to", + "subset-of", + "superset-of", + "intersects-with" ] }, + "sources" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-item" } }, + "targets" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-mapping-common_mapping-item" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "relationship", + "sources", + "targets" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-mapping-common:mapping-item" : + { "title" : "Mapping Entry Item (source or target)", + "description" : "Identifies a specific edge within a source or target that is the subject of a mapping.", + "$id" : "#assembly_oscal-mapping-common_mapping-item", + "type" : "object", + "properties" : + { "type" : + { "title" : "Subject Type", + "description" : "The semantic type of the subject.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "control", + "statement" ] } ] }, + "id-ref" : + { "title" : "Subject Identifier Reference", + "description" : "A reference to an identified subject that is of the specified type.", + "$ref" : "#/definitions/StringDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "type", + "id-ref" ], + "additionalProperties" : false }, + "oscal-mapping-oscal-mapping-common:mapping-resource-reference" : + { "title" : "Mapped Resource Reference", + "description" : "A reference to a resource that is either the source or target of a mapping.", + "$id" : "#assembly_oscal-mapping-common_mapping-resource-reference", + "type" : "object", "properties" : - { "mapping-collection" : - { "$ref" : "#assembly_oscal-mapping_mapping-collection" } }, + { "type" : + { "title" : "Resource Type", + "description" : "The semantic type of the resource.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "catalog" ] } ] }, + "href" : + { "title" : "Catalog or Profile Reference", + "description" : "A resolvable URL reference to the base catalog or profile that this profile is tailoring.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : - [ "mapping-collection" ], - "additionalProperties" : false, - "maxProperties" : 1 } \ No newline at end of file + [ "type", + "href" ], + "additionalProperties" : false }, + "Base64Datatype" : + { "type" : "string", + "pattern" : "^[0-9A-Fa-f]+$", + "contentEncoding" : "base64" }, + "DateTimeWithTimezoneDatatype" : + { "type" : "string", + "format" : "date-time", + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, + "EmailAddressDatatype" : + { "type" : "string", + "format" : "email", + "pattern" : "^.+@.+$" }, + "StringDatatype" : + { "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "TokenDatatype" : + { "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "URIDatatype" : + { "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "URIReferenceDatatype" : + { "type" : "string", + "format" : "uri-reference" }, + "UUIDDatatype" : + { "type" : "string", + "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "properties" : + { "mapping-collection" : + { "$ref" : "#assembly_oscal-mapping_mapping-collection" } }, + "required" : + [ "mapping-collection" ], + "additionalProperties" : false, + "maxProperties" : 1 } \ No newline at end of file diff --git a/json/schema/oscal_poam_schema.json b/json/schema/oscal_poam_schema.json index 7398ac6908..1f3c9d6060 100644 --- a/json/schema/oscal_poam_schema.json +++ b/json/schema/oscal_poam_schema.json @@ -1,2904 +1,2899 @@ - { "$schema" : "http://json-schema.org/draft-07/schema#", - "$id" : "http://csrc.nist.gov/ns/oscal/1.0.4/oscal-poam-schema.json", - "$comment" : "OSCAL Plan of Action and Milestones (POA&M) Model: JSON Schema", + { "$schema" : "http://json-schema.org/draft-07/schema#", + "$id" : "http://csrc.nist.gov/ns/oscal/1.0.4/oscal-poam-schema.json", + "$comment" : "OSCAL Plan of Action and Milestones (POA&M) Model: JSON Schema", + "type" : "object", + "definitions" : + { "oscal-poam-oscal-poam:plan-of-action-and-milestones" : + { "title" : "Plan of Action and Milestones (POA&M)", + "description" : "A plan of action and milestones which identifies initial and residual risks, deviations, and disposition, such as those required by FedRAMP.", + "$id" : "#assembly_oscal-poam_plan-of-action-and-milestones", "type" : "object", - "definitions" : - { "oscal-poam-oscal-poam:plan-of-action-and-milestones" : - { "title" : "Plan of Action and Milestones (POA&M)", - "description" : "A plan of action and milestones which identifies initial and residual risks, deviations, and disposition, such as those required by FedRAMP.", - "$id" : "#assembly_oscal-poam_plan-of-action-and-milestones", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "POA&M Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with instancescope that can be used to reference this POA&M instance in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "metadata" : - { "$ref" : "#assembly_oscal-metadata_metadata" }, - "import-ssp" : - { "$ref" : "#assembly_oscal-assessment-common_import-ssp" }, - "system-id" : - { "$ref" : "#field_oscal-implementation-common_system-id" }, - "local-definitions" : - { "$ref" : "#assembly_oscal-poam_local-definitions" }, - "observations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_observation" } }, - "risks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_risk" } }, - "findings" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_finding" } }, - "poam-items" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-poam_poam-item" } }, - "back-matter" : - { "$ref" : "#assembly_oscal-metadata_back-matter" } }, - "required" : - [ "uuid", - "metadata", - "poam-items" ], - "additionalProperties" : false }, - "oscal-poam-oscal-poam:local-definitions" : - { "title" : "Local Definitions", - "description" : "Allows components, and inventory-items to be defined within the POA&M for circumstances where no OSCAL-based SSP exists, or is not delivered with the POA&M.", - "$id" : "#assembly_oscal-poam_local-definitions", - "type" : "object", - "properties" : - { "components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, - "inventory-items" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_inventory-item" } }, - "assessment-assets" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-assets" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "additionalProperties" : false }, - "oscal-poam-oscal-poam:poam-item" : - { "title" : "POA&M Item", - "description" : "Describes an individual POA&M item.", - "$id" : "#assembly_oscal-poam_poam-item", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "POA&M Item Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with instance scope that can be used to reference this POA&M item entry in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "POA&M Item Title", - "description" : "The title or name for this POA&M item .", - "type" : "string" }, - "description" : - { "title" : "POA&M Item Description", - "description" : "A human-readable description of POA&M item.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "origins" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Origin", - "description" : "Identifies the source of the finding, such as a tool or person.", - "type" : "object", - "properties" : - { "actors" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin-actor" } } }, - "required" : - [ "actors" ], - "additionalProperties" : false } }, - "related-findings" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Related Finding", - "description" : "Relates the poam-item to referenced finding(s).", - "type" : "object", - "properties" : - { "finding-uuid" : - { "title" : "Finding Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a finding defined in the list of findings.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "finding-uuid" ], - "additionalProperties" : false } }, - "related-observations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Related Observation", - "description" : "Relates the poam-item to a set of referenced observations that were used to determine the finding.", - "type" : "object", - "properties" : - { "observation-uuid" : - { "title" : "Observation Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "observation-uuid" ], - "additionalProperties" : false } }, - "related-risks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Associated Risk", - "description" : "Relates the finding to a set of referenced risks that were used to determine the finding.", - "type" : "object", - "properties" : - { "risk-uuid" : - { "title" : "Risk Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a risk defined in the list of risks.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "risk-uuid" ], - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "title", - "description" ], - "additionalProperties" : false }, - "oscal-poam-oscal-metadata:metadata" : - { "title" : "Document Metadata", - "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", - "$id" : "#assembly_oscal-metadata_metadata", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "revisions" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Revision History Entry", - "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "version" ], - "additionalProperties" : false } }, - "document-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_document-id" } }, + "properties" : + { "uuid" : + { "title" : "POA&M Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with instancescope that can be used to reference this POA&M instance in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "metadata" : + { "$ref" : "#assembly_oscal-metadata_metadata" }, + "import-ssp" : + { "$ref" : "#assembly_oscal-assessment-common_import-ssp" }, + "system-id" : + { "$ref" : "#field_oscal-implementation-common_system-id" }, + "local-definitions" : + { "$ref" : "#assembly_oscal-poam_local-definitions" }, + "observations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_observation" } }, + "risks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_risk" } }, + "findings" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_finding" } }, + "poam-items" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-poam_poam-item" } }, + "back-matter" : + { "$ref" : "#assembly_oscal-metadata_back-matter" } }, + "required" : + [ "uuid", + "metadata", + "poam-items" ], + "additionalProperties" : false }, + "oscal-poam-oscal-poam:local-definitions" : + { "title" : "Local Definitions", + "description" : "Allows components, and inventory-items to be defined within the POA&M for circumstances where no OSCAL-based SSP exists, or is not delivered with the POA&M.", + "$id" : "#assembly_oscal-poam_local-definitions", + "type" : "object", + "properties" : + { "components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, + "inventory-items" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_inventory-item" } }, + "assessment-assets" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-assets" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "additionalProperties" : false }, + "oscal-poam-oscal-poam:poam-item" : + { "title" : "POA&M Item", + "description" : "Describes an individual POA&M item.", + "$id" : "#assembly_oscal-poam_poam-item", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "POA&M Item Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with instance scope that can be used to reference this POA&M item entry in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "POA&M Item Title", + "description" : "The title or name for this POA&M item .", + "type" : "string" }, + "description" : + { "title" : "POA&M Item Description", + "description" : "A human-readable description of POA&M item.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "origins" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Origin", + "description" : "Identifies the source of the finding, such as a tool or person.", + "type" : "object", + "properties" : + { "actors" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin-actor" } } }, + "required" : + [ "actors" ], + "additionalProperties" : false } }, + "related-findings" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Related Finding", + "description" : "Relates the poam-item to referenced finding(s).", + "type" : "object", + "properties" : + { "finding-uuid" : + { "title" : "Finding Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a finding defined in the list of findings.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "finding-uuid" ], + "additionalProperties" : false } }, + "related-observations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Related Observation", + "description" : "Relates the poam-item to a set of referenced observations that were used to determine the finding.", + "type" : "object", + "properties" : + { "observation-uuid" : + { "title" : "Observation Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "observation-uuid" ], + "additionalProperties" : false } }, + "related-risks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Associated Risk", + "description" : "Relates the finding to a set of referenced risks that were used to determine the finding.", + "type" : "object", + "properties" : + { "risk-uuid" : + { "title" : "Risk Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a risk defined in the list of risks.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "risk-uuid" ], + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "title", + "description" ], + "additionalProperties" : false }, + "oscal-poam-oscal-metadata:metadata" : + { "title" : "Document Metadata", + "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", + "$id" : "#assembly_oscal-metadata_metadata", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "revisions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Revision History Entry", + "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "version" ], + "additionalProperties" : false } }, + "document-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_document-id" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Role", + "description" : "Defines a function, which might be assigned to a party in a specific situation.", + "type" : "object", + "properties" : + { "id" : + { "title" : "Role Identifier", + "description" : "A unique identifier for the role.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Role Title", + "description" : "A name given to the role, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "Role Short Name", + "description" : "A short common name, abbreviation, or acronym for the role.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "Role Description", + "description" : "A summary of the role's purpose and associated responsibilities.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id", + "title" ], + "additionalProperties" : false } }, + "locations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location", + "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Location Universally Unique Identifier", + "description" : "A unique ID for the location, for reference.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Location Title", + "description" : "A name given to the location, which may be used by a tool for display and navigation.", + "type" : "string" }, + "address" : + { "$ref" : "#assembly_oscal-metadata_address" }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "urls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location URL", + "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", + "$ref" : "#/definitions/URIDatatype" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } }, + "parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party", + "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Party Universally Unique Identifier", + "description" : "A unique identifier for the party.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Party Type", + "description" : "A category describing the kind of party the object describes.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, + "name" : + { "title" : "Party Name", + "description" : "The full name of the party. This is typically the legal name associated with the party.", + "$ref" : "#/definitions/StringDatatype" }, + "short-name" : + { "title" : "Party Short Name", + "description" : "A short common name, abbreviation, or acronym for the party.", + "$ref" : "#/definitions/StringDatatype" }, + "external-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party External Identifier", + "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "External Identifier Schema", + "description" : "Indicates the type of external identifier.", + "$ref" : "#/definitions/URIDatatype" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id", + "scheme" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_address" } }, + "location-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_location-uuid" } }, + "member-of-organizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Organizational Affiliation", + "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type" ], + "additionalProperties" : false } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "actions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_action" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "title", + "last-modified", + "version", + "oscal-version" ], + "additionalProperties" : false }, + "oscal-poam-oscal-metadata:location-uuid" : + { "title" : "Location Universally Unique Identifier Reference", + "description" : "Reference to a location by UUID.", + "$id" : "#field_oscal-metadata_location-uuid", + "$ref" : "#/definitions/UUIDDatatype" }, + "oscal-poam-oscal-metadata:party-uuid" : + { "title" : "Party Universally Unique Identifier Reference", + "description" : "Reference to a party by UUID.", + "$id" : "#field_oscal-metadata_party-uuid", + "$ref" : "#/definitions/UUIDDatatype" }, + "oscal-poam-oscal-metadata:role-id" : + { "title" : "Role Identifier Reference", + "description" : "Reference to a role by UUID.", + "$id" : "#field_oscal-metadata_role-id", + "$ref" : "#/definitions/TokenDatatype" }, + "oscal-poam-oscal-metadata:back-matter" : + { "title" : "Back matter", + "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", + "$id" : "#assembly_oscal-metadata_back-matter", + "type" : "object", + "properties" : + { "resources" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Resource", + "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Resource Universally Unique Identifier", + "description" : "A unique identifier for a resource.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Resource Title", + "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", + "type" : "string" }, + "description" : + { "title" : "Resource Description", + "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "document-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_document-id" } }, + "citation" : + { "title" : "Citation", + "description" : "An optional citation consisting of end note text using structured markup.", + "type" : "object", + "properties" : + { "text" : + { "title" : "Citation Text", + "description" : "A line of citation text.", + "type" : "string" }, "props" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, "links" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Role", - "description" : "Defines a function, which might be assigned to a party in a specific situation.", - "type" : "object", - "properties" : - { "id" : - { "title" : "Role Identifier", - "description" : "A unique identifier for the role.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Role Title", - "description" : "A name given to the role, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "Role Short Name", - "description" : "A short common name, abbreviation, or acronym for the role.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "Role Description", - "description" : "A summary of the role's purpose and associated responsibilities.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id", - "title" ], - "additionalProperties" : false } }, - "locations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location", - "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Location Universally Unique Identifier", - "description" : "A unique ID for the location, for reference.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Location Title", - "description" : "A name given to the location, which may be used by a tool for display and navigation.", - "type" : "string" }, - "address" : - { "$ref" : "#assembly_oscal-metadata_address" }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "urls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location URL", - "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", - "$ref" : "#/definitions/URIDatatype" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false } }, - "parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party", - "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Party Universally Unique Identifier", - "description" : "A unique identifier for the party.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Party Type", - "description" : "A category describing the kind of party the object describes.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "person", - "organization" ] } ] }, - "name" : - { "title" : "Party Name", - "description" : "The full name of the party. This is typically the legal name associated with the party.", - "$ref" : "#/definitions/StringDatatype" }, - "short-name" : - { "title" : "Party Short Name", - "description" : "A short common name, abbreviation, or acronym for the party.", - "$ref" : "#/definitions/StringDatatype" }, - "external-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party External Identifier", - "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "External Identifier Schema", - "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id", - "scheme" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_address" } }, - "location-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_location-uuid" } }, - "member-of-organizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Organizational Affiliation", - "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type" ], - "additionalProperties" : false } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "actions" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_action" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "title", - "last-modified", - "version", - "oscal-version" ], - "additionalProperties" : false }, - "oscal-poam-oscal-metadata:location-uuid" : - { "title" : "Location Universally Unique Identifier Reference", - "description" : "Reference to a location by UUID.", - "$id" : "#field_oscal-metadata_location-uuid", - "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-poam-oscal-metadata:party-uuid" : - { "title" : "Party Universally Unique Identifier Reference", - "description" : "Reference to a party by UUID.", - "$id" : "#field_oscal-metadata_party-uuid", - "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-poam-oscal-metadata:role-id" : - { "title" : "Role Identifier Reference", - "description" : "Reference to a role by UUID.", - "$id" : "#field_oscal-metadata_role-id", - "$ref" : "#/definitions/TokenDatatype" }, - "oscal-poam-oscal-metadata:back-matter" : - { "title" : "Back matter", - "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", - "$id" : "#assembly_oscal-metadata_back-matter", - "type" : "object", - "properties" : - { "resources" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Resource", - "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Resource Universally Unique Identifier", - "description" : "A unique identifier for a resource.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Resource Title", - "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", - "type" : "string" }, - "description" : - { "title" : "Resource Description", - "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "document-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_document-id" } }, - "citation" : - { "title" : "Citation", - "description" : "An optional citation consisting of end note text using structured markup.", - "type" : "object", - "properties" : - { "text" : - { "title" : "Citation Text", - "description" : "A line of citation text.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "text" ], - "additionalProperties" : false }, - "rlinks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Resource link", - "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", - "type" : "object", - "properties" : - { "href" : - { "title" : "Hypertext Reference", - "description" : "A resolvable URL pointing to the referenced resource.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "media-type" : - { "title" : "Media Type", - "description" : "A label that indicates the nature of a resource, as a data serialization or format.", - "$ref" : "#/definitions/StringDatatype" }, - "hashes" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_hash" } } }, - "required" : - [ "href" ], - "additionalProperties" : false } }, - "base64" : - { "title" : "Base64", - "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", - "type" : "object", - "properties" : - { "filename" : - { "title" : "File Name", - "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "$ref" : "#/definitions/TokenDatatype" }, - "media-type" : - { "title" : "Media Type", - "description" : "A label that indicates the nature of a resource, as a data serialization or format.", - "$ref" : "#/definitions/StringDatatype" }, - "value" : - { "type" : "string" } }, - "required" : - [ "value" ], - "additionalProperties" : false }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false } } }, - "additionalProperties" : false }, - "oscal-poam-oscal-metadata:property" : - { "title" : "Property", - "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", - "$id" : "#assembly_oscal-metadata_property", - "type" : "object", - "properties" : - { "name" : - { "title" : "Property Name", - "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "marking" ] } ] }, - "uuid" : - { "title" : "Property Universally Unique Identifier", - "description" : "A unique identifier for a property.", - "$ref" : "#/definitions/UUIDDatatype" }, - "ns" : - { "title" : "Property Namespace", - "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", - "$ref" : "#/definitions/URIDatatype" }, - "value" : - { "title" : "Property Value", - "description" : "Indicates the value of the attribute, characteristic, or quality.", - "$ref" : "#/definitions/StringDatatype" }, - "class" : - { "title" : "Property Class", - "description" : "A textual label that provides a sub-type or characterization of the property's name.", - "$ref" : "#/definitions/TokenDatatype" }, - "group" : - { "title" : "Property Group", - "description" : "An identifier for relating distinct sets of properties.", - "$ref" : "#/definitions/TokenDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "name", - "value" ], - "additionalProperties" : false }, - "oscal-poam-oscal-metadata:link" : - { "title" : "Link", - "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", - "$id" : "#assembly_oscal-metadata_link", - "type" : "object", - "properties" : - { "href" : - { "title" : "Hypertext Reference", - "description" : "A resolvable URL reference to a resource.", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "text" ], + "additionalProperties" : false }, + "rlinks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Resource link", + "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", + "type" : "object", + "properties" : + { "href" : + { "title" : "Hypertext Reference", + "description" : "A resolvable URL pointing to the referenced resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, - "rel" : - { "title" : "Link Relation Type", - "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", - "$ref" : "#/definitions/TokenDatatype" }, - "media-type" : - { "title" : "Media Type", + "media-type" : + { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, - "resource-fragment" : - { "title" : "Resource Fragment", - "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", - "$ref" : "#/definitions/StringDatatype" }, - "text" : - { "title" : "Link Text", - "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", - "type" : "string" } }, - "required" : - [ "href" ], - "additionalProperties" : false }, - "oscal-poam-oscal-metadata:responsible-party" : - { "title" : "Responsible Party", - "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", - "$id" : "#assembly_oscal-metadata_responsible-party", - "type" : "object", - "properties" : - { "role-id" : - { "title" : "Responsible Role", - "description" : "A reference to a role performed by a party.", - "$ref" : "#/definitions/TokenDatatype" }, - "party-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_party-uuid" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "role-id", - "party-uuids" ], - "additionalProperties" : false }, - "oscal-poam-oscal-metadata:action" : - { "title" : "Action", - "description" : "An action applied by a role within a given party to the content.", - "$id" : "#assembly_oscal-metadata_action", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Action Universally Unique Identifier", - "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "date" : - { "title" : "Action Occurrence Date", - "description" : "The date and time when the action occurred.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "type" : - { "title" : "Action Type", - "description" : "The type of action documented by the assembly, such as an approval.", - "$ref" : "#/definitions/TokenDatatype" }, - "system" : - { "title" : "Action Type System", - "description" : "Specifies the action type system used.", - "$ref" : "#/definitions/URIDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type", - "system" ], - "additionalProperties" : false }, - "oscal-poam-oscal-metadata:responsible-role" : - { "title" : "Responsible Role", - "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", - "$id" : "#assembly_oscal-metadata_responsible-role", - "type" : "object", - "properties" : - { "role-id" : - { "title" : "Responsible Role ID", - "description" : "A human-oriented identifier reference to a role performed.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "party-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_party-uuid" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "role-id" ], - "additionalProperties" : false }, - "oscal-poam-oscal-metadata:hash" : - { "title" : "Hash", - "description" : "A representation of a cryptographic digest generated over a resource using a specified hash algorithm.", - "$id" : "#field_oscal-metadata_hash", - "type" : "object", - "properties" : - { "algorithm" : - { "title" : "Hash algorithm", - "description" : "The digest method by which a hash is derived.", - "$ref" : "#/definitions/StringDatatype" }, + "hashes" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_hash" } } }, + "required" : + [ "href" ], + "additionalProperties" : false } }, + "base64" : + { "title" : "Base64", + "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", + "type" : "object", + "properties" : + { "filename" : + { "title" : "File Name", + "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", + "$ref" : "#/definitions/TokenDatatype" }, + "media-type" : + { "title" : "Media Type", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", + "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, - "required" : - [ "value", - "algorithm" ], - "additionalProperties" : false }, - "oscal-poam-oscal-metadata:remarks" : - { "title" : "Remarks", - "description" : "Additional commentary about the containing object.", - "$id" : "#field_oscal-metadata_remarks", - "type" : "string" }, - "oscal-poam-oscal-metadata:published" : - { "title" : "Publication Timestamp", - "description" : "The date and time the document was last made available.", - "$id" : "#field_oscal-metadata_published", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "oscal-poam-oscal-metadata:last-modified" : - { "title" : "Last Modified Timestamp", - "description" : "The date and time the document was last stored for later retrieval.", - "$id" : "#field_oscal-metadata_last-modified", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "oscal-poam-oscal-metadata:version" : - { "title" : "Document Version", - "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", - "$id" : "#field_oscal-metadata_version", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-poam-oscal-metadata:oscal-version" : - { "title" : "OSCAL Version", - "description" : "The OSCAL model version the document was authored against and will conform to as valid.", - "$id" : "#field_oscal-metadata_oscal-version", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-poam-oscal-metadata:email-address" : - { "title" : "Email Address", - "description" : "An email address as defined by RFC 5322 Section 3.4.1.", - "$id" : "#field_oscal-metadata_email-address", - "$ref" : "#/definitions/EmailAddressDatatype" }, - "oscal-poam-oscal-metadata:telephone-number" : - { "title" : "Telephone Number", - "description" : "A telephone service number as defined by ITU-T E.164.", - "$id" : "#field_oscal-metadata_telephone-number", - "type" : "object", - "properties" : - { "type" : - { "title" : "type flag", - "description" : "Indicates the type of phone number.", - "$ref" : "#/definitions/StringDatatype" }, - "number" : - { "type" : "string" } }, - "required" : - [ "number" ], - "additionalProperties" : false }, - "oscal-poam-oscal-metadata:address" : - { "title" : "Address", - "description" : "A postal address for the location.", - "$id" : "#assembly_oscal-metadata_address", - "type" : "object", - "properties" : - { "type" : - { "title" : "Address Type", - "description" : "Indicates the type of address.", - "$ref" : "#/definitions/TokenDatatype" }, - "addr-lines" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_addr-line" } }, - "city" : - { "title" : "City", - "description" : "City, town or geographical region for the mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "state" : - { "title" : "State", - "description" : "State, province or analogous geographical region for a mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "postal-code" : - { "title" : "Postal Code", - "description" : "Postal or ZIP code for mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "country" : - { "title" : "Country Code", - "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", - "$ref" : "#/definitions/StringDatatype" } }, - "additionalProperties" : false }, - "oscal-poam-oscal-metadata:addr-line" : - { "title" : "Address line", - "description" : "A single line of an address.", - "$id" : "#field_oscal-metadata_addr-line", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-poam-oscal-metadata:document-id" : - { "title" : "Document Identifier", - "description" : "A document identifier qualified by an identifier scheme.", - "$id" : "#field_oscal-metadata_document-id", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "Document Identification Scheme", - "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "$ref" : "#/definitions/URIDatatype" }, - "identifier" : - { "type" : "string" } }, - "required" : - [ "identifier" ], - "additionalProperties" : false }, - "oscal-poam-oscal-implementation-common:system-component" : - { "title" : "Component", - "description" : "A defined component that can be part of an implemented system.", - "$id" : "#assembly_oscal-implementation-common_system-component", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Component Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Component Type", - "description" : "A category describing the purpose of the component.", - "$ref" : "#/definitions/StringDatatype" }, - "title" : - { "title" : "Component Title", - "description" : "A human readable name for the system component.", - "type" : "string" }, - "description" : - { "title" : "Component Description", - "description" : "A description of the component, including information about its function.", - "type" : "string" }, - "purpose" : - { "title" : "Purpose", - "description" : "A summary of the technological or business purpose of the component.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "status" : - { "title" : "Status", - "description" : "Describes the operational status of the system component.", - "type" : "object", - "properties" : - { "state" : - { "title" : "State", - "description" : "The operational status.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "under-development", - "operational", - "disposition", - "other" ] } ] }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "state" ], - "additionalProperties" : false }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "protocols" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_protocol" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type", - "title", - "description", - "status" ], - "additionalProperties" : false }, - "oscal-poam-oscal-implementation-common:protocol" : - { "title" : "Service Protocol Information", - "description" : "Information about the protocol used to provide a service.", - "$id" : "#assembly_oscal-implementation-common_protocol", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Service Protocol Information Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "name" : - { "title" : "Protocol Name", - "description" : "The common name of the protocol, which should be the appropriate \"service name\" from the IANA Service Name and Transport Protocol Port Number Registry.", - "$ref" : "#/definitions/StringDatatype" }, - "title" : - { "title" : "Protocol Title", - "description" : "A human readable name for the protocol (e.g., Transport Layer Security).", - "type" : "string" }, - "port-ranges" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_port-range" } } }, - "required" : - [ "name" ], - "additionalProperties" : false }, - "oscal-poam-oscal-implementation-common:port-range" : - { "title" : "Port Range", - "description" : "Where applicable this is the IPv4 port range on which the service operates.", - "$id" : "#assembly_oscal-implementation-common_port-range", - "type" : "object", - "properties" : - { "start" : - { "title" : "Start", - "description" : "Indicates the starting port number in a port range", - "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, - "end" : - { "title" : "End", - "description" : "Indicates the ending port number in a port range", - "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, - "transport" : - { "title" : "Transport", - "description" : "Indicates the transport type.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "TCP", - "UDP" ] } ] } }, - "additionalProperties" : false }, - "oscal-poam-oscal-implementation-common:implementation-status" : - { "title" : "Implementation Status", - "description" : "Indicates the degree to which the a given control is implemented.", - "$id" : "#assembly_oscal-implementation-common_implementation-status", - "type" : "object", - "properties" : - { "state" : - { "title" : "Implementation State", - "description" : "Identifies the implementation status of the control or control objective.", - "$ref" : "#/definitions/TokenDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "state" ], - "additionalProperties" : false }, - "oscal-poam-oscal-implementation-common:system-user" : - { "title" : "System User", - "description" : "A type of user that interacts with the system based on an associated role.", - "$id" : "#assembly_oscal-implementation-common_system-user", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "User Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "User Title", - "description" : "A name given to the user, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "User Short Name", - "description" : "A short common name, abbreviation, or acronym for the user.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "User Description", - "description" : "A summary of the user's purpose within the system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "role-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_role-id" } }, - "authorized-privileges" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_authorized-privilege" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false }, - "oscal-poam-oscal-implementation-common:authorized-privilege" : - { "title" : "Privilege", - "description" : "Identifies a specific system privilege held by the user, along with an associated description and/or rationale for the privilege.", - "$id" : "#assembly_oscal-implementation-common_authorized-privilege", - "type" : "object", - "properties" : - { "title" : - { "title" : "Privilege Title", - "description" : "A human readable name for the privilege.", - "type" : "string" }, - "description" : - { "title" : "Privilege Description", - "description" : "A summary of the privilege's purpose within the system.", - "type" : "string" }, - "functions-performed" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-implementation-common_function-performed" } } }, - "required" : - [ "title", - "functions-performed" ], - "additionalProperties" : false }, - "oscal-poam-oscal-implementation-common:function-performed" : - { "title" : "Functions Performed", - "description" : "Describes a function performed for a given authorized privilege by this user class.", - "$id" : "#field_oscal-implementation-common_function-performed", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-poam-oscal-implementation-common:inventory-item" : - { "title" : "Inventory Item", - "description" : "A single managed inventory item within the system.", - "$id" : "#assembly_oscal-implementation-common_inventory-item", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Inventory Item Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Inventory Item Description", - "description" : "A summary of the inventory item stating its purpose within the system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "implemented-components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Implemented Component", - "description" : "The set of components that are implemented in a given system inventory item.", - "type" : "object", - "properties" : - { "component-uuid" : - { "title" : "Component Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "component-uuid" ], - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false }, - "oscal-poam-oscal-implementation-common:set-parameter" : - { "title" : "Set Parameter Value", - "description" : "Identifies the parameter that will be set by the enclosed value.", - "$id" : "#assembly_oscal-implementation-common_set-parameter", - "type" : "object", - "properties" : - { "param-id" : - { "title" : "Parameter ID", - "description" : "A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context.", - "$ref" : "#/definitions/TokenDatatype" }, - "values" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Parameter Value", - "description" : "A parameter value or set of values.", - "$ref" : "#/definitions/StringDatatype" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "param-id", - "values" ], - "additionalProperties" : false }, - "oscal-poam-oscal-implementation-common:system-id" : - { "title" : "System Identification", - "description" : "A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document.", - "$id" : "#field_oscal-implementation-common_system-id", - "type" : "object", - "properties" : - { "identifier-type" : - { "title" : "Identification System Type", - "description" : "Identifies the identification system from which the provided identifier was assigned.", - "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id" ], - "additionalProperties" : false }, - "oscal-poam-oscal-control-common:part" : - { "title" : "Part", - "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", - "$id" : "#assembly_oscal-control-common_part", - "type" : "object", - "properties" : - { "id" : - { "title" : "Part Identifier", - "description" : "A unique identifier for the part.", - "$ref" : "#/definitions/TokenDatatype" }, - "name" : - { "title" : "Part Name", - "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", - "$ref" : "#/definitions/TokenDatatype" }, - "ns" : - { "title" : "Part Namespace", - "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", - "$ref" : "#/definitions/URIDatatype" }, - "class" : - { "title" : "Part Class", - "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Part Title", - "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "prose" : - { "title" : "Part Text", - "description" : "Permits multiple paragraphs, lists, tables etc.", - "type" : "string" }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_part" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "name" ], - "additionalProperties" : false }, - "oscal-poam-oscal-control-common:parameter" : - { "title" : "Parameter", - "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", - "$id" : "#assembly_oscal-control-common_parameter", - "type" : "object", - "properties" : - { "id" : - { "title" : "Parameter Identifier", - "description" : "A unique identifier for the parameter.", - "$ref" : "#/definitions/TokenDatatype" }, - "class" : - { "title" : "Parameter Class", - "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", - "$ref" : "#/definitions/TokenDatatype" }, - "depends-on" : - { "title" : "Depends on", - "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "label" : - { "title" : "Parameter Label", - "description" : "A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned.", - "type" : "string" }, - "usage" : - { "title" : "Parameter Usage Description", - "description" : "Describes the purpose and use of a parameter.", - "type" : "string" }, - "constraints" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, - "guidelines" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, - "values" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-control-common_parameter-value" } }, - "select" : - { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id" ], - "additionalProperties" : false }, - "oscal-poam-oscal-control-common:parameter-constraint" : - { "title" : "Constraint", - "description" : "A formal or informal expression of a constraint or test.", - "$id" : "#assembly_oscal-control-common_parameter-constraint", - "type" : "object", - "properties" : - { "description" : - { "title" : "Constraint Description", - "description" : "A textual summary of the constraint to be applied.", - "type" : "string" }, - "tests" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Constraint Test", - "description" : "A test expression which is expected to be evaluated by a tool.", - "type" : "object", - "properties" : - { "expression" : - { "title" : "Constraint test", - "description" : "A formal (executable) expression of a constraint.", - "$ref" : "#/definitions/StringDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "expression" ], - "additionalProperties" : false } } }, - "additionalProperties" : false }, - "oscal-poam-oscal-control-common:parameter-guideline" : - { "title" : "Guideline", - "description" : "A prose statement that provides a recommendation for the use of a parameter.", - "$id" : "#assembly_oscal-control-common_parameter-guideline", - "type" : "object", - "properties" : - { "prose" : - { "title" : "Guideline Text", - "description" : "Prose permits multiple paragraphs, lists, tables etc.", - "type" : "string" } }, - "required" : - [ "prose" ], - "additionalProperties" : false }, - "oscal-poam-oscal-control-common:parameter-value" : + "required" : + [ "value" ], + "additionalProperties" : false }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } } }, + "additionalProperties" : false }, + "oscal-poam-oscal-metadata:property" : + { "title" : "Property", + "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", + "$id" : "#assembly_oscal-metadata_property", + "type" : "object", + "properties" : + { "name" : + { "title" : "Property Name", + "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", + "$ref" : "#/definitions/TokenDatatype" }, + "uuid" : + { "title" : "Property Universally Unique Identifier", + "description" : "A unique identifier for a property.", + "$ref" : "#/definitions/UUIDDatatype" }, + "ns" : + { "title" : "Property Namespace", + "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "value" : + { "title" : "Property Value", + "description" : "Indicates the value of the attribute, characteristic, or quality.", + "$ref" : "#/definitions/StringDatatype" }, + "class" : + { "title" : "Property Class", + "description" : "A textual label that provides a sub-type or characterization of the property's name.", + "$ref" : "#/definitions/TokenDatatype" }, + "group" : + { "title" : "Property Group", + "description" : "An identifier for relating distinct sets of properties.", + "$ref" : "#/definitions/TokenDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "name", + "value" ], + "additionalProperties" : false }, + "oscal-poam-oscal-metadata:link" : + { "title" : "Link", + "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", + "$id" : "#assembly_oscal-metadata_link", + "type" : "object", + "properties" : + { "href" : + { "title" : "Hypertext Reference", + "description" : "A resolvable URL reference to a resource.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "rel" : + { "title" : "Link Relation Type", + "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", + "$ref" : "#/definitions/TokenDatatype" }, + "media-type" : + { "title" : "Media Type", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", + "$ref" : "#/definitions/StringDatatype" }, + "resource-fragment" : + { "title" : "Resource Fragment", + "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", + "$ref" : "#/definitions/StringDatatype" }, + "text" : + { "title" : "Link Text", + "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", + "type" : "string" } }, + "required" : + [ "href" ], + "additionalProperties" : false }, + "oscal-poam-oscal-metadata:responsible-party" : + { "title" : "Responsible Party", + "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", + "$id" : "#assembly_oscal-metadata_responsible-party", + "type" : "object", + "properties" : + { "role-id" : + { "title" : "Responsible Role", + "description" : "A reference to a role performed by a party.", + "$ref" : "#/definitions/TokenDatatype" }, + "party-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_party-uuid" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "role-id", + "party-uuids" ], + "additionalProperties" : false }, + "oscal-poam-oscal-metadata:action" : + { "title" : "Action", + "description" : "An action applied by a role within a given party to the content.", + "$id" : "#assembly_oscal-metadata_action", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Action Universally Unique Identifier", + "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "date" : + { "title" : "Action Occurrence Date", + "description" : "The date and time when the action occurred.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "type" : + { "title" : "Action Type", + "description" : "The type of action documented by the assembly, such as an approval.", + "$ref" : "#/definitions/TokenDatatype" }, + "system" : + { "title" : "Action Type System", + "description" : "Specifies the action type system used.", + "$ref" : "#/definitions/URIDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "system" ], + "additionalProperties" : false }, + "oscal-poam-oscal-metadata:responsible-role" : + { "title" : "Responsible Role", + "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", + "$id" : "#assembly_oscal-metadata_responsible-role", + "type" : "object", + "properties" : + { "role-id" : + { "title" : "Responsible Role ID", + "description" : "A human-oriented identifier reference to a role performed.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "party-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_party-uuid" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "role-id" ], + "additionalProperties" : false }, + "oscal-poam-oscal-metadata:hash" : + { "title" : "Hash", + "description" : "A representation of a cryptographic digest generated over a resource using a specified hash algorithm.", + "$id" : "#field_oscal-metadata_hash", + "type" : "object", + "properties" : + { "algorithm" : + { "title" : "Hash algorithm", + "description" : "The digest method by which a hash is derived.", + "$ref" : "#/definitions/StringDatatype" }, + "value" : + { "type" : "string" } }, + "required" : + [ "value", + "algorithm" ], + "additionalProperties" : false }, + "oscal-poam-oscal-metadata:remarks" : + { "title" : "Remarks", + "description" : "Additional commentary about the containing object.", + "$id" : "#field_oscal-metadata_remarks", + "type" : "string" }, + "oscal-poam-oscal-metadata:published" : + { "title" : "Publication Timestamp", + "description" : "The date and time the document was last made available.", + "$id" : "#field_oscal-metadata_published", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "oscal-poam-oscal-metadata:last-modified" : + { "title" : "Last Modified Timestamp", + "description" : "The date and time the document was last stored for later retrieval.", + "$id" : "#field_oscal-metadata_last-modified", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "oscal-poam-oscal-metadata:version" : + { "title" : "Document Version", + "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", + "$id" : "#field_oscal-metadata_version", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-poam-oscal-metadata:oscal-version" : + { "title" : "OSCAL Version", + "description" : "The OSCAL model version the document was authored against and will conform to as valid.", + "$id" : "#field_oscal-metadata_oscal-version", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-poam-oscal-metadata:email-address" : + { "title" : "Email Address", + "description" : "An email address as defined by RFC 5322 Section 3.4.1.", + "$id" : "#field_oscal-metadata_email-address", + "$ref" : "#/definitions/EmailAddressDatatype" }, + "oscal-poam-oscal-metadata:telephone-number" : + { "title" : "Telephone Number", + "description" : "A telephone service number as defined by ITU-T E.164.", + "$id" : "#field_oscal-metadata_telephone-number", + "type" : "object", + "properties" : + { "type" : + { "title" : "type flag", + "description" : "Indicates the type of phone number.", + "$ref" : "#/definitions/StringDatatype" }, + "number" : + { "type" : "string" } }, + "required" : + [ "number" ], + "additionalProperties" : false }, + "oscal-poam-oscal-metadata:address" : + { "title" : "Address", + "description" : "A postal address for the location.", + "$id" : "#assembly_oscal-metadata_address", + "type" : "object", + "properties" : + { "type" : + { "title" : "Address Type", + "description" : "Indicates the type of address.", + "$ref" : "#/definitions/TokenDatatype" }, + "addr-lines" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_addr-line" } }, + "city" : + { "title" : "City", + "description" : "City, town or geographical region for the mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "state" : + { "title" : "State", + "description" : "State, province or analogous geographical region for a mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "postal-code" : + { "title" : "Postal Code", + "description" : "Postal or ZIP code for mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "country" : + { "title" : "Country Code", + "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", + "$ref" : "#/definitions/StringDatatype" } }, + "additionalProperties" : false }, + "oscal-poam-oscal-metadata:addr-line" : + { "title" : "Address line", + "description" : "A single line of an address.", + "$id" : "#field_oscal-metadata_addr-line", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-poam-oscal-metadata:document-id" : + { "title" : "Document Identifier", + "description" : "A document identifier qualified by an identifier scheme.", + "$id" : "#field_oscal-metadata_document-id", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "Document Identification Scheme", + "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", + "$ref" : "#/definitions/URIDatatype" }, + "identifier" : + { "type" : "string" } }, + "required" : + [ "identifier" ], + "additionalProperties" : false }, + "oscal-poam-oscal-implementation-common:system-component" : + { "title" : "Component", + "description" : "A defined component that can be part of an implemented system.", + "$id" : "#assembly_oscal-implementation-common_system-component", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Component Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Component Type", + "description" : "A category describing the purpose of the component.", + "$ref" : "#/definitions/StringDatatype" }, + "title" : + { "title" : "Component Title", + "description" : "A human readable name for the system component.", + "type" : "string" }, + "description" : + { "title" : "Component Description", + "description" : "A description of the component, including information about its function.", + "type" : "string" }, + "purpose" : + { "title" : "Purpose", + "description" : "A summary of the technological or business purpose of the component.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "status" : + { "title" : "Status", + "description" : "Describes the operational status of the system component.", + "type" : "object", + "properties" : + { "state" : + { "title" : "State", + "description" : "The operational status.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "under-development", + "operational", + "disposition", + "other" ] } ] }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "state" ], + "additionalProperties" : false }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "protocols" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_protocol" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "title", + "description", + "status" ], + "additionalProperties" : false }, + "oscal-poam-oscal-implementation-common:protocol" : + { "title" : "Service Protocol Information", + "description" : "Information about the protocol used to provide a service.", + "$id" : "#assembly_oscal-implementation-common_protocol", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Service Protocol Information Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "name" : + { "title" : "Protocol Name", + "description" : "The common name of the protocol, which should be the appropriate \"service name\" from the IANA Service Name and Transport Protocol Port Number Registry.", + "$ref" : "#/definitions/StringDatatype" }, + "title" : + { "title" : "Protocol Title", + "description" : "A human readable name for the protocol (e.g., Transport Layer Security).", + "type" : "string" }, + "port-ranges" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_port-range" } } }, + "required" : + [ "name" ], + "additionalProperties" : false }, + "oscal-poam-oscal-implementation-common:port-range" : + { "title" : "Port Range", + "description" : "Where applicable this is the IPv4 port range on which the service operates.", + "$id" : "#assembly_oscal-implementation-common_port-range", + "type" : "object", + "properties" : + { "start" : + { "title" : "Start", + "description" : "Indicates the starting port number in a port range", + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, + "end" : + { "title" : "End", + "description" : "Indicates the ending port number in a port range", + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, + "transport" : + { "title" : "Transport", + "description" : "Indicates the transport type.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "TCP", + "UDP" ] } ] } }, + "additionalProperties" : false }, + "oscal-poam-oscal-implementation-common:implementation-status" : + { "title" : "Implementation Status", + "description" : "Indicates the degree to which the a given control is implemented.", + "$id" : "#assembly_oscal-implementation-common_implementation-status", + "type" : "object", + "properties" : + { "state" : + { "title" : "Implementation State", + "description" : "Identifies the implementation status of the control or control objective.", + "$ref" : "#/definitions/TokenDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "state" ], + "additionalProperties" : false }, + "oscal-poam-oscal-implementation-common:system-user" : + { "title" : "System User", + "description" : "A type of user that interacts with the system based on an associated role.", + "$id" : "#assembly_oscal-implementation-common_system-user", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "User Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "User Title", + "description" : "A name given to the user, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "User Short Name", + "description" : "A short common name, abbreviation, or acronym for the user.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "User Description", + "description" : "A summary of the user's purpose within the system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "role-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_role-id" } }, + "authorized-privileges" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_authorized-privilege" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false }, + "oscal-poam-oscal-implementation-common:authorized-privilege" : + { "title" : "Privilege", + "description" : "Identifies a specific system privilege held by the user, along with an associated description and/or rationale for the privilege.", + "$id" : "#assembly_oscal-implementation-common_authorized-privilege", + "type" : "object", + "properties" : + { "title" : + { "title" : "Privilege Title", + "description" : "A human readable name for the privilege.", + "type" : "string" }, + "description" : + { "title" : "Privilege Description", + "description" : "A summary of the privilege's purpose within the system.", + "type" : "string" }, + "functions-performed" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-implementation-common_function-performed" } } }, + "required" : + [ "title", + "functions-performed" ], + "additionalProperties" : false }, + "oscal-poam-oscal-implementation-common:function-performed" : + { "title" : "Functions Performed", + "description" : "Describes a function performed for a given authorized privilege by this user class.", + "$id" : "#field_oscal-implementation-common_function-performed", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-poam-oscal-implementation-common:inventory-item" : + { "title" : "Inventory Item", + "description" : "A single managed inventory item within the system.", + "$id" : "#assembly_oscal-implementation-common_inventory-item", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Inventory Item Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Inventory Item Description", + "description" : "A summary of the inventory item stating its purpose within the system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "implemented-components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Implemented Component", + "description" : "The set of components that are implemented in a given system inventory item.", + "type" : "object", + "properties" : + { "component-uuid" : + { "title" : "Component Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", + "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "component-uuid" ], + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false }, + "oscal-poam-oscal-implementation-common:set-parameter" : + { "title" : "Set Parameter Value", + "description" : "Identifies the parameter that will be set by the enclosed value.", + "$id" : "#assembly_oscal-implementation-common_set-parameter", + "type" : "object", + "properties" : + { "param-id" : + { "title" : "Parameter ID", + "description" : "A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context.", + "$ref" : "#/definitions/TokenDatatype" }, + "values" : + { "type" : "array", + "minItems" : 1, + "items" : { "title" : "Parameter Value", - "description" : "A parameter value or set of values.", - "$id" : "#field_oscal-control-common_parameter-value", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-poam-oscal-control-common:parameter-selection" : - { "title" : "Selection", - "description" : "Presenting a choice among alternatives.", - "$id" : "#assembly_oscal-control-common_parameter-selection", - "type" : "object", - "properties" : - { "how-many" : - { "title" : "Parameter Cardinality", - "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "one", - "one-or-more" ] } ] }, - "choice" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Choice", - "description" : "A value selection among several such options.", - "type" : "string" } } }, - "additionalProperties" : false }, - "oscal-poam-oscal-control-common:include-all" : - { "title" : "Include All", - "description" : "Include all controls from the imported catalog or profile resources.", - "$id" : "#assembly_oscal-control-common_include-all", - "type" : "object", - "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:import-ssp" : - { "title" : "Import System Security Plan", - "description" : "Used by the assessment plan and POA&M to import information about the system.", - "$id" : "#assembly_oscal-assessment-common_import-ssp", - "type" : "object", - "properties" : - { "href" : - { "title" : "System Security Plan Reference", - "description" : "A resolvable URL reference to the system security plan for the system being assessed.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "href" ], - "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:local-objective" : - { "title" : "Assessment-Specific Control Objective", - "description" : "A local definition of a control objective for this assessment. Uses catalog syntax for control objective and assessment actions.", - "$id" : "#assembly_oscal-assessment-common_local-objective", - "type" : "object", - "properties" : - { "control-id" : - { "title" : "Control Identifier Reference", - "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "$ref" : "#/definitions/TokenDatatype" }, - "description" : - { "title" : "Objective Description", - "description" : "A human-readable description of this control objective.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_part" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "control-id", - "parts" ], - "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:assessment-method" : - { "title" : "Assessment Method", - "description" : "A local definition of a control objective. Uses catalog syntax for control objective and assessment activities.", - "$id" : "#assembly_oscal-assessment-common_assessment-method", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Assessment Method Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Assessment Method Description", - "description" : "A human-readable description of this assessment method.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "part" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-part" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "part" ], - "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:activity" : - { "title" : "Activity", - "description" : "Identifies an assessment or related process that can be performed. In the assessment plan, this is an intended activity which may be associated with an assessment task. In the assessment results, this an activity that was actually performed as part of an assessment.", - "$id" : "#assembly_oscal-assessment-common_activity", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Assessment Activity Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Included Activity Title", - "description" : "The title for this included activity.", - "type" : "string" }, - "description" : - { "title" : "Included Activity Description", - "description" : "A human-readable description of this included activity.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "steps" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Step", - "description" : "Identifies an individual step in a series of steps related to an activity, such as an assessment test or examination procedure.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Step Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Step Title", - "description" : "The title for this step.", - "type" : "string" }, - "description" : - { "title" : "Step Description", - "description" : "A human-readable description of this step.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "reviewed-controls" : - { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false } }, - "related-controls" : - { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:task" : - { "title" : "Task", - "description" : "Represents a scheduled event or milestone, which may be associated with a series of assessment actions.", - "$id" : "#assembly_oscal-assessment-common_task", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Task Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Task Type", - "description" : "The type of task.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Task Title", - "description" : "The title for this task.", - "type" : "string" }, - "description" : - { "title" : "Task Description", - "description" : "A human-readable description of this task.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "timing" : - { "title" : "Event Timing", - "description" : "The timing under which the task is intended to occur.", - "type" : "object", - "properties" : - { "on-date" : - { "title" : "On Date Condition", - "description" : "The task is intended to occur on the specified date.", - "type" : "object", - "properties" : - { "date" : - { "title" : "On Date Condition", - "description" : "The task must occur on the specified date.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, - "required" : - [ "date" ], - "additionalProperties" : false }, - "within-date-range" : - { "title" : "On Date Range Condition", - "description" : "The task is intended to occur within the specified date range.", - "type" : "object", - "properties" : - { "start" : - { "title" : "Start Date Condition", - "description" : "The task must occur on or after the specified date.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "end" : - { "title" : "End Date Condition", - "description" : "The task must occur on or before the specified date.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, - "required" : - [ "start", - "end" ], - "additionalProperties" : false }, - "at-frequency" : - { "title" : "Frequency Condition", - "description" : "The task is intended to occur at the specified frequency.", - "type" : "object", - "properties" : - { "period" : - { "title" : "Period", - "description" : "The task must occur after the specified period has elapsed.", - "$ref" : "#/definitions/PositiveIntegerDatatype" }, - "unit" : - { "title" : "Time Unit", - "description" : "The unit of time for the period.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "seconds", - "minutes", - "hours", - "days", - "months", - "years" ] } ] } }, - "required" : - [ "period", - "unit" ], - "additionalProperties" : false } }, - "additionalProperties" : false }, - "dependencies" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Task Dependency", - "description" : "Used to indicate that a task is dependent on another task.", - "type" : "object", - "properties" : - { "task-uuid" : - { "title" : "Task Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a unique task.", - "$ref" : "#/definitions/UUIDDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "task-uuid" ], - "additionalProperties" : false } }, - "tasks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_task" } }, - "associated-activities" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Associated Activity", - "description" : "Identifies an individual activity to be performed as part of a task.", - "type" : "object", - "properties" : - { "activity-uuid" : - { "title" : "Activity Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to an activity defined in the list of activities.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "activity-uuid", - "subjects" ], - "additionalProperties" : false } }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type", - "title" ], - "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:reviewed-controls" : - { "title" : "Reviewed Controls and Control Objectives", - "description" : "Identifies the controls being assessed and their control objectives.", - "$id" : "#assembly_oscal-assessment-common_reviewed-controls", - "type" : "object", - "properties" : - { "description" : - { "title" : "Control Objective Description", - "description" : "A human-readable description of control objectives.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "control-selections" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Assessed Controls", - "description" : "Identifies the controls being assessed. In the assessment plan, these are the planned controls. In the assessment results, these are the actual controls, and reflects any changes from the plan.", - "type" : "object", - "properties" : - { "description" : - { "title" : "Assessed Controls Description", - "description" : "A human-readable description of in-scope controls specified for assessment.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "include-all" : - { "$ref" : "#assembly_oscal-control-common_include-all" }, - "include-controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-control-by-id" } }, - "exclude-controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-control-by-id" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "additionalProperties" : false } }, - "control-objective-selections" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Referenced Control Objectives", - "description" : "Identifies the control objectives of the assessment. In the assessment plan, these are the planned objectives. In the assessment results, these are the assessed objectives, and reflects any changes from the plan.", - "type" : "object", - "properties" : - { "description" : - { "title" : "Control Objectives Description", - "description" : "A human-readable description of this collection of control objectives.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "include-all" : - { "$ref" : "#assembly_oscal-control-common_include-all" }, - "include-objectives" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-objective-by-id" } }, - "exclude-objectives" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-objective-by-id" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "control-selections" ], - "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:select-control-by-id" : - { "title" : "Select Control", - "description" : "Used to select a control for inclusion/exclusion based on one or more control identifiers. A set of statement identifiers can be used to target the inclusion/exclusion to only specific control statements providing more granularity over the specific statements that are within the asessment scope.", - "$id" : "#assembly_oscal-assessment-common_select-control-by-id", - "type" : "object", - "properties" : - { "control-id" : - { "title" : "Control Identifier Reference", - "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "$ref" : "#/definitions/TokenDatatype" }, - "statement-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Include Specific Statements", - "description" : "Used to constrain the selection to only specificity identified statements.", - "$ref" : "#/definitions/TokenDatatype" } } }, - "required" : - [ "control-id" ], - "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:select-objective-by-id" : - { "title" : "Select Objective", - "description" : "Used to select a control objective for inclusion/exclusion based on the control objective's identifier.", - "$id" : "#assembly_oscal-assessment-common_select-objective-by-id", - "type" : "object", - "properties" : - { "objective-id" : - { "title" : "Objective ID", - "description" : "Points to an assessment objective.", - "$ref" : "#/definitions/TokenDatatype" } }, - "required" : - [ "objective-id" ], - "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:assessment-subject-placeholder" : - { "title" : "Assessment Subject Placeholder", - "description" : "Used when the assessment subjects will be determined as part of one or more other assessment activities. These assessment subjects will be recorded in the assessment results in the assessment log.", - "$id" : "#assembly_oscal-assessment-common_assessment-subject-placeholder", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Assessment Subject Placeholder Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Assessment Subject Placeholder Description", - "description" : "A human-readable description of intent of this assessment subject placeholder.", - "type" : "string" }, - "sources" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Assessment Subject Source", - "description" : "Assessment subjects will be identified while conducting the referenced activity-instance.", - "type" : "object", - "properties" : - { "task-uuid" : - { "title" : "Task Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "task-uuid" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "sources" ], - "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:assessment-subject" : - { "title" : "Subject of Assessment", - "description" : "Identifies system elements being assessed, such as components, inventory items, and locations. In the assessment plan, this identifies a planned assessment subject. In the assessment results this is an actual assessment subject, and reflects any changes from the plan. exactly what will be the focus of this assessment. Any subjects not identified in this way are out-of-scope.", - "$id" : "#assembly_oscal-assessment-common_assessment-subject", - "type" : "object", - "properties" : - { "type" : - { "title" : "Subject Type", - "description" : "Indicates the type of assessment subject, such as a component, inventory, item, location, or party represented by this selection statement.", - "$ref" : "#/definitions/TokenDatatype" }, - "description" : - { "title" : "Include Subjects Description", - "description" : "A human-readable description of the collection of subjects being included in this assessment.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "include-all" : - { "$ref" : "#assembly_oscal-control-common_include-all" }, - "include-subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-subject-by-id" } }, - "exclude-subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_select-subject-by-id" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "type" ], - "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:select-subject-by-id" : - { "title" : "Select Assessment Subject", - "description" : "Identifies a set of assessment subjects to include/exclude by UUID.", - "$id" : "#assembly_oscal-assessment-common_select-subject-by-id", - "type" : "object", - "properties" : - { "subject-uuid" : - { "title" : "Subject Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Subject Universally Unique Identifier Reference Type", - "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "subject-uuid", - "type" ], - "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:subject-reference" : - { "title" : "Identifies the Subject", - "description" : "A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else.", - "$id" : "#assembly_oscal-assessment-common_subject-reference", - "type" : "object", - "properties" : - { "subject-uuid" : - { "title" : "Subject Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Subject Universally Unique Identifier Reference Type", - "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Subject Reference Title", - "description" : "The title or name for the referenced subject.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "subject-uuid", - "type" ], - "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:assessment-assets" : - { "title" : "Assessment Assets", - "description" : "Identifies the assets used to perform this assessment, such as the assessment team, scanning tools, and assumptions.", - "$id" : "#assembly_oscal-assessment-common_assessment-assets", - "type" : "object", - "properties" : - { "components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, - "assessment-platforms" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Assessment Platform", - "description" : "Used to represent the toolset used to perform aspects of the assessment.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Assessment Platform Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Assessment Platform Title", - "description" : "The title or name for the assessment platform.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "uses-components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Uses Component", - "description" : "The set of components that are used by the assessment platform.", - "type" : "object", - "properties" : - { "component-uuid" : - { "title" : "Component Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "component-uuid" ], - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false } } }, - "required" : - [ "assessment-platforms" ], - "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:finding-target" : - { "title" : "Objective Status", - "description" : "Captures an assessor's conclusions regarding the degree to which an objective is satisfied.", - "$id" : "#assembly_oscal-assessment-common_finding-target", - "type" : "object", - "properties" : - { "type" : - { "title" : "Finding Target Type", - "description" : "Identifies the type of the target.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "statement-id", - "objective-id" ] } ] }, - "target-id" : - { "title" : "Finding Target Identifier Reference", - "description" : "A machine-oriented identifier reference for a specific target qualified by the type.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Objective Status Title", - "description" : "The title for this objective status.", - "type" : "string" }, - "description" : - { "title" : "Objective Status Description", - "description" : "A human-readable description of the assessor's conclusions regarding the degree to which an objective is satisfied.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "status" : - { "title" : "Objective Status", - "description" : "A determination of if the objective is satisfied or not within a given system.", - "type" : "object", - "properties" : - { "state" : - { "title" : "Objective Status State", - "description" : "An indication as to whether the objective is satisfied or not.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "satisfied", - "not-satisfied" ] } ] }, - "reason" : - { "title" : "Objective Status Reason", - "description" : "The reason the objective was given it's status.", - "$ref" : "#/definitions/TokenDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "state" ], - "additionalProperties" : false }, - "implementation-status" : - { "$ref" : "#assembly_oscal-implementation-common_implementation-status" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "type", - "target-id", - "status" ], - "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:finding" : - { "title" : "Finding", - "description" : "Describes an individual finding.", - "$id" : "#assembly_oscal-assessment-common_finding", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Finding Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Finding Title", - "description" : "The title for this finding.", - "type" : "string" }, - "description" : - { "title" : "Finding Description", - "description" : "A human-readable description of this finding.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "origins" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin" } }, - "target" : - { "$ref" : "#assembly_oscal-assessment-common_finding-target" }, - "implementation-statement-uuid" : - { "title" : "Implementation Statement UUID", - "description" : "A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related.", - "$ref" : "#/definitions/UUIDDatatype" }, - "related-observations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Related Observation", - "description" : "Relates the finding to a set of referenced observations that were used to determine the finding.", - "type" : "object", - "properties" : - { "observation-uuid" : - { "title" : "Observation Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "observation-uuid" ], - "additionalProperties" : false } }, - "related-risks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Associated Risk", - "description" : "Relates the finding to a set of referenced risks that were used to determine the finding.", - "type" : "object", - "properties" : - { "risk-uuid" : - { "title" : "Risk Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a risk defined in the list of risks.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "risk-uuid" ], - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "title", - "description", - "target" ], - "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:observation" : - { "title" : "Observation", - "description" : "Describes an individual observation.", - "$id" : "#assembly_oscal-assessment-common_observation", + "description" : "A parameter value or set of values.", + "$ref" : "#/definitions/StringDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "param-id", + "values" ], + "additionalProperties" : false }, + "oscal-poam-oscal-implementation-common:system-id" : + { "title" : "System Identification", + "description" : "A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document.", + "$id" : "#field_oscal-implementation-common_system-id", + "type" : "object", + "properties" : + { "identifier-type" : + { "title" : "Identification System Type", + "description" : "Identifies the identification system from which the provided identifier was assigned.", + "$ref" : "#/definitions/URIDatatype" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id" ], + "additionalProperties" : false }, + "oscal-poam-oscal-control-common:part" : + { "title" : "Part", + "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", + "$id" : "#assembly_oscal-control-common_part", + "type" : "object", + "properties" : + { "id" : + { "title" : "Part Identifier", + "description" : "A unique identifier for the part.", + "$ref" : "#/definitions/TokenDatatype" }, + "name" : + { "title" : "Part Name", + "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", + "$ref" : "#/definitions/TokenDatatype" }, + "ns" : + { "title" : "Part Namespace", + "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "class" : + { "title" : "Part Class", + "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Part Title", + "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "prose" : + { "title" : "Part Text", + "description" : "Permits multiple paragraphs, lists, tables etc.", + "type" : "string" }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_part" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "name" ], + "additionalProperties" : false }, + "oscal-poam-oscal-control-common:parameter" : + { "title" : "Parameter", + "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", + "$id" : "#assembly_oscal-control-common_parameter", + "type" : "object", + "properties" : + { "id" : + { "title" : "Parameter Identifier", + "description" : "A unique identifier for the parameter.", + "$ref" : "#/definitions/TokenDatatype" }, + "class" : + { "title" : "Parameter Class", + "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", + "$ref" : "#/definitions/TokenDatatype" }, + "depends-on" : + { "title" : "Depends on", + "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "label" : + { "title" : "Parameter Label", + "description" : "A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned.", + "type" : "string" }, + "usage" : + { "title" : "Parameter Usage Description", + "description" : "Describes the purpose and use of a parameter.", + "type" : "string" }, + "constraints" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, + "guidelines" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, + "values" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-control-common_parameter-value" } }, + "select" : + { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id" ], + "additionalProperties" : false }, + "oscal-poam-oscal-control-common:parameter-constraint" : + { "title" : "Constraint", + "description" : "A formal or informal expression of a constraint or test.", + "$id" : "#assembly_oscal-control-common_parameter-constraint", + "type" : "object", + "properties" : + { "description" : + { "title" : "Constraint Description", + "description" : "A textual summary of the constraint to be applied.", + "type" : "string" }, + "tests" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Constraint Test", + "description" : "A test expression which is expected to be evaluated by a tool.", + "type" : "object", + "properties" : + { "expression" : + { "title" : "Constraint test", + "description" : "A formal (executable) expression of a constraint.", + "$ref" : "#/definitions/StringDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "expression" ], + "additionalProperties" : false } } }, + "additionalProperties" : false }, + "oscal-poam-oscal-control-common:parameter-guideline" : + { "title" : "Guideline", + "description" : "A prose statement that provides a recommendation for the use of a parameter.", + "$id" : "#assembly_oscal-control-common_parameter-guideline", + "type" : "object", + "properties" : + { "prose" : + { "title" : "Guideline Text", + "description" : "Prose permits multiple paragraphs, lists, tables etc.", + "type" : "string" } }, + "required" : + [ "prose" ], + "additionalProperties" : false }, + "oscal-poam-oscal-control-common:parameter-value" : + { "title" : "Parameter Value", + "description" : "A parameter value or set of values.", + "$id" : "#field_oscal-control-common_parameter-value", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-poam-oscal-control-common:parameter-selection" : + { "title" : "Selection", + "description" : "Presenting a choice among alternatives.", + "$id" : "#assembly_oscal-control-common_parameter-selection", + "type" : "object", + "properties" : + { "how-many" : + { "title" : "Parameter Cardinality", + "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "one", + "one-or-more" ] } ] }, + "choice" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Choice", + "description" : "A value selection among several such options.", + "type" : "string" } } }, + "additionalProperties" : false }, + "oscal-poam-oscal-control-common:include-all" : + { "title" : "Include All", + "description" : "Include all controls from the imported catalog or profile resources.", + "$id" : "#assembly_oscal-control-common_include-all", + "type" : "object", + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:import-ssp" : + { "title" : "Import System Security Plan", + "description" : "Used by the assessment plan and POA&M to import information about the system.", + "$id" : "#assembly_oscal-assessment-common_import-ssp", + "type" : "object", + "properties" : + { "href" : + { "title" : "System Security Plan Reference", + "description" : "A resolvable URL reference to the system security plan for the system being assessed.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "href" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:local-objective" : + { "title" : "Assessment-Specific Control Objective", + "description" : "A local definition of a control objective for this assessment. Uses catalog syntax for control objective and assessment actions.", + "$id" : "#assembly_oscal-assessment-common_local-objective", + "type" : "object", + "properties" : + { "control-id" : + { "title" : "Control Identifier Reference", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "$ref" : "#/definitions/TokenDatatype" }, + "description" : + { "title" : "Objective Description", + "description" : "A human-readable description of this control objective.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_part" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "control-id", + "parts" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:assessment-method" : + { "title" : "Assessment Method", + "description" : "A local definition of a control objective. Uses catalog syntax for control objective and assessment activities.", + "$id" : "#assembly_oscal-assessment-common_assessment-method", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Assessment Method Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment method elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment method can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Assessment Method Description", + "description" : "A human-readable description of this assessment method.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "part" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-part" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "part" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:activity" : + { "title" : "Activity", + "description" : "Identifies an assessment or related process that can be performed. In the assessment plan, this is an intended activity which may be associated with an assessment task. In the assessment results, this an activity that was actually performed as part of an assessment.", + "$id" : "#assembly_oscal-assessment-common_activity", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Assessment Activity Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment activity elsewhere in this or other OSCAL instances. The locally defined UUID of the activity can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Included Activity Title", + "description" : "The title for this included activity.", + "type" : "string" }, + "description" : + { "title" : "Included Activity Description", + "description" : "A human-readable description of this included activity.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "steps" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Step", + "description" : "Identifies an individual step in a series of steps related to an activity, such as an assessment test or examination procedure.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Step Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this step elsewhere in this or other OSCAL instances. The locally defined UUID of the step (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Step Title", + "description" : "The title for this step.", + "type" : "string" }, + "description" : + { "title" : "Step Description", + "description" : "A human-readable description of this step.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "reviewed-controls" : + { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false } }, + "related-controls" : + { "$ref" : "#assembly_oscal-assessment-common_reviewed-controls" }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:task" : + { "title" : "Task", + "description" : "Represents a scheduled event or milestone, which may be associated with a series of assessment actions.", + "$id" : "#assembly_oscal-assessment-common_task", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Task Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this task elsewhere in this or other OSCAL instances. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Task Type", + "description" : "The type of task.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Task Title", + "description" : "The title for this task.", + "type" : "string" }, + "description" : + { "title" : "Task Description", + "description" : "A human-readable description of this task.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "timing" : + { "title" : "Event Timing", + "description" : "The timing under which the task is intended to occur.", + "type" : "object", + "properties" : + { "on-date" : + { "title" : "On Date Condition", + "description" : "The task is intended to occur on the specified date.", "type" : "object", "properties" : - { "uuid" : - { "title" : "Observation Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Observation Title", - "description" : "The title for this observation.", - "type" : "string" }, - "description" : - { "title" : "Observation Description", - "description" : "A human-readable description of this assessment observation.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "methods" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Observation Method", - "description" : "Identifies how the observation was made.", - "$ref" : "#/definitions/StringDatatype" } }, - "types" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Observation Type", - "description" : "Identifies the nature of the observation. More than one may be used to further qualify and enable filtering.", - "$ref" : "#/definitions/TokenDatatype" } }, - "origins" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin" } }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } }, - "relevant-evidence" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Relevant Evidence", - "description" : "Links this observation to relevant evidence.", - "type" : "object", - "properties" : - { "href" : - { "title" : "Relevant Evidence Reference", - "description" : "A resolvable URL reference to relevant evidence.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "description" : - { "title" : "Relevant Evidence Description", - "description" : "A human-readable description of this evidence.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "description" ], - "additionalProperties" : false } }, - "collected" : - { "title" : "Collected Field", - "description" : "Date/time stamp identifying when the finding information was collected.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "expires" : - { "title" : "Expires Field", - "description" : "Date/time identifying when the finding information is out-of-date and no longer valid. Typically used with continuous assessment scenarios.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, + { "date" : + { "title" : "On Date Condition", + "description" : "The task must occur on the specified date.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, "required" : - [ "uuid", - "description", - "methods", - "collected" ], + [ "date" ], "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:origin" : - { "title" : "Origin", - "description" : "Identifies the source of the finding, such as a tool, interviewed person, or activity.", - "$id" : "#assembly_oscal-assessment-common_origin", + "within-date-range" : + { "title" : "On Date Range Condition", + "description" : "The task is intended to occur within the specified date range.", "type" : "object", "properties" : - { "actors" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin-actor" } }, - "related-tasks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_related-task" } } }, + { "start" : + { "title" : "Start Date Condition", + "description" : "The task must occur on or after the specified date.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "end" : + { "title" : "End Date Condition", + "description" : "The task must occur on or before the specified date.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" } }, "required" : - [ "actors" ], + [ "start", + "end" ], "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:origin-actor" : - { "title" : "Originating Actor", - "description" : "The actor that produces an observation, a finding, or a risk. One or more actor type can be used to specify a person that is using a tool.", - "$id" : "#assembly_oscal-assessment-common_origin-actor", + "at-frequency" : + { "title" : "Frequency Condition", + "description" : "The task is intended to occur at the specified frequency.", "type" : "object", "properties" : - { "type" : - { "title" : "Actor Type", - "description" : "The kind of actor.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "tool", - "assessment-platform", - "party" ] } ] }, - "actor-uuid" : - { "title" : "Actor Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to the tool or person based on the associated type.", - "$ref" : "#/definitions/UUIDDatatype" }, - "role-id" : - { "title" : "Actor Role", - "description" : "For a party, this can optionally be used to specify the role the actor was performing.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, + { "period" : + { "title" : "Period", + "description" : "The task must occur after the specified period has elapsed.", + "$ref" : "#/definitions/PositiveIntegerDatatype" }, + "unit" : + { "title" : "Time Unit", + "description" : "The unit of time for the period.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "seconds", + "minutes", + "hours", + "days", + "months", + "years" ] } ] } }, "required" : - [ "type", - "actor-uuid" ], - "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:related-task" : - { "title" : "Task Reference", - "description" : "Identifies an individual task for which the containing object is a consequence of.", - "$id" : "#assembly_oscal-assessment-common_related-task", - "type" : "object", - "properties" : - { "task-uuid" : - { "title" : "Task Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a unique task.", + [ "period", + "unit" ], + "additionalProperties" : false } }, + "additionalProperties" : false }, + "dependencies" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Task Dependency", + "description" : "Used to indicate that a task is dependent on another task.", + "type" : "object", + "properties" : + { "task-uuid" : + { "title" : "Task Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a unique task.", + "$ref" : "#/definitions/UUIDDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "task-uuid" ], + "additionalProperties" : false } }, + "tasks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_task" } }, + "associated-activities" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Associated Activity", + "description" : "Identifies an individual activity to be performed as part of a task.", + "type" : "object", + "properties" : + { "activity-uuid" : + { "title" : "Activity Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to an activity defined in the list of activities.", + "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "activity-uuid", + "subjects" ], + "additionalProperties" : false } }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "title" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:reviewed-controls" : + { "title" : "Reviewed Controls and Control Objectives", + "description" : "Identifies the controls being assessed and their control objectives.", + "$id" : "#assembly_oscal-assessment-common_reviewed-controls", + "type" : "object", + "properties" : + { "description" : + { "title" : "Control Objective Description", + "description" : "A human-readable description of control objectives.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "control-selections" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Assessed Controls", + "description" : "Identifies the controls being assessed. In the assessment plan, these are the planned controls. In the assessment results, these are the actual controls, and reflects any changes from the plan.", + "type" : "object", + "properties" : + { "description" : + { "title" : "Assessed Controls Description", + "description" : "A human-readable description of in-scope controls specified for assessment.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "include-all" : + { "$ref" : "#assembly_oscal-control-common_include-all" }, + "include-controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-control-by-id" } }, + "exclude-controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-control-by-id" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "additionalProperties" : false } }, + "control-objective-selections" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Referenced Control Objectives", + "description" : "Identifies the control objectives of the assessment. In the assessment plan, these are the planned objectives. In the assessment results, these are the assessed objectives, and reflects any changes from the plan.", + "type" : "object", + "properties" : + { "description" : + { "title" : "Control Objectives Description", + "description" : "A human-readable description of this collection of control objectives.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "include-all" : + { "$ref" : "#assembly_oscal-control-common_include-all" }, + "include-objectives" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-objective-by-id" } }, + "exclude-objectives" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-objective-by-id" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "control-selections" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:select-control-by-id" : + { "title" : "Select Control", + "description" : "Used to select a control for inclusion/exclusion based on one or more control identifiers. A set of statement identifiers can be used to target the inclusion/exclusion to only specific control statements providing more granularity over the specific statements that are within the asessment scope.", + "$id" : "#assembly_oscal-assessment-common_select-control-by-id", + "type" : "object", + "properties" : + { "control-id" : + { "title" : "Control Identifier Reference", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "$ref" : "#/definitions/TokenDatatype" }, + "statement-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Include Specific Statements", + "description" : "Used to constrain the selection to only specificity identified statements.", + "$ref" : "#/definitions/TokenDatatype" } } }, + "required" : + [ "control-id" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:select-objective-by-id" : + { "title" : "Select Objective", + "description" : "Used to select a control objective for inclusion/exclusion based on the control objective's identifier.", + "$id" : "#assembly_oscal-assessment-common_select-objective-by-id", + "type" : "object", + "properties" : + { "objective-id" : + { "title" : "Objective ID", + "description" : "Points to an assessment objective.", + "$ref" : "#/definitions/TokenDatatype" } }, + "required" : + [ "objective-id" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:assessment-subject-placeholder" : + { "title" : "Assessment Subject Placeholder", + "description" : "Used when the assessment subjects will be determined as part of one or more other assessment activities. These assessment subjects will be recorded in the assessment results in the assessment log.", + "$id" : "#assembly_oscal-assessment-common_assessment-subject-placeholder", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Assessment Subject Placeholder Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier for a set of assessment subjects that will be identified by a task or an activity that is part of a task. The locally defined UUID of the assessment subject placeholder can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Assessment Subject Placeholder Description", + "description" : "A human-readable description of intent of this assessment subject placeholder.", + "type" : "string" }, + "sources" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Assessment Subject Source", + "description" : "Assessment subjects will be identified while conducting the referenced activity-instance.", + "type" : "object", + "properties" : + { "task-uuid" : + { "title" : "Task Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference (in this or other OSCAL instances) an assessment activity to be performed as part of the event. The locally defined UUID of the task can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "task-uuid" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "sources" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:assessment-subject" : + { "title" : "Subject of Assessment", + "description" : "Identifies system elements being assessed, such as components, inventory items, and locations. In the assessment plan, this identifies a planned assessment subject. In the assessment results this is an actual assessment subject, and reflects any changes from the plan. exactly what will be the focus of this assessment. Any subjects not identified in this way are out-of-scope.", + "$id" : "#assembly_oscal-assessment-common_assessment-subject", + "type" : "object", + "properties" : + { "type" : + { "title" : "Subject Type", + "description" : "Indicates the type of assessment subject, such as a component, inventory, item, location, or party represented by this selection statement.", + "$ref" : "#/definitions/TokenDatatype" }, + "description" : + { "title" : "Include Subjects Description", + "description" : "A human-readable description of the collection of subjects being included in this assessment.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "include-all" : + { "$ref" : "#assembly_oscal-control-common_include-all" }, + "include-subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-subject-by-id" } }, + "exclude-subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_select-subject-by-id" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "type" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:select-subject-by-id" : + { "title" : "Select Assessment Subject", + "description" : "Identifies a set of assessment subjects to include/exclude by UUID.", + "$id" : "#assembly_oscal-assessment-common_select-subject-by-id", + "type" : "object", + "properties" : + { "subject-uuid" : + { "title" : "Subject Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Subject Universally Unique Identifier Reference Type", + "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "subject-uuid", + "type" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:subject-reference" : + { "title" : "Identifies the Subject", + "description" : "A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else.", + "$id" : "#assembly_oscal-assessment-common_subject-reference", + "type" : "object", + "properties" : + { "subject-uuid" : + { "title" : "Subject Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Subject Universally Unique Identifier Reference Type", + "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Subject Reference Title", + "description" : "The title or name for the referenced subject.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "subject-uuid", + "type" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:assessment-assets" : + { "title" : "Assessment Assets", + "description" : "Identifies the assets used to perform this assessment, such as the assessment team, scanning tools, and assumptions.", + "$id" : "#assembly_oscal-assessment-common_assessment-assets", + "type" : "object", + "properties" : + { "components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, + "assessment-platforms" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Assessment Platform", + "description" : "Used to represent the toolset used to perform aspects of the assessment.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Assessment Platform Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined UUID of the assessment platform can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Assessment Platform Title", + "description" : "The title or name for the assessment platform.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "uses-components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Uses Component", + "description" : "The set of components that are used by the assessment platform.", + "type" : "object", + "properties" : + { "component-uuid" : + { "title" : "Component Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", + "props" : + { "type" : "array", "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", + "links" : + { "type" : "array", "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", + "responsible-parties" : + { "type" : "array", "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, - "identified-subject" : - { "title" : "Identified Subject", - "description" : "Used to detail assessment subjects that were identfied by this task.", - "type" : "object", - "properties" : - { "subject-placeholder-uuid" : - { "title" : "Assessment Subject Placeholder Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task.", - "$ref" : "#/definitions/UUIDDatatype" }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } } }, - "required" : - [ "subject-placeholder-uuid", - "subjects" ], - "additionalProperties" : false }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "task-uuid" ], - "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:threat-id" : - { "title" : "Threat ID", - "description" : "A pointer, by ID, to an externally-defined threat.", - "$id" : "#field_oscal-assessment-common_threat-id", - "type" : "object", - "properties" : - { "system" : - { "title" : "Threat Type Identification System", - "description" : "Specifies the source of the threat information.", - "$ref" : "#/definitions/URIDatatype" }, - "href" : - { "title" : "Threat Information Resource Reference", - "description" : "An optional location for the threat data, from which this ID originates.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id", - "system" ], - "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:risk" : - { "title" : "Identified Risk", - "description" : "An identified risk.", - "$id" : "#assembly_oscal-assessment-common_risk", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Risk Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "component-uuid" ], + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } } }, + "required" : + [ "assessment-platforms" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:finding-target" : + { "title" : "Objective Status", + "description" : "Captures an assessor's conclusions regarding the degree to which an objective is satisfied.", + "$id" : "#assembly_oscal-assessment-common_finding-target", + "type" : "object", + "properties" : + { "type" : + { "title" : "Finding Target Type", + "description" : "Identifies the type of the target.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "statement-id", + "objective-id" ] } ] }, + "target-id" : + { "title" : "Finding Target Identifier Reference", + "description" : "A machine-oriented identifier reference for a specific target qualified by the type.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Objective Status Title", + "description" : "The title for this objective status.", + "type" : "string" }, + "description" : + { "title" : "Objective Status Description", + "description" : "A human-readable description of the assessor's conclusions regarding the degree to which an objective is satisfied.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "status" : + { "title" : "Objective Status", + "description" : "A determination of if the objective is satisfied or not within a given system.", + "type" : "object", + "properties" : + { "state" : + { "title" : "Objective Status State", + "description" : "An indication as to whether the objective is satisfied or not.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "satisfied", + "not-satisfied" ] } ] }, + "reason" : + { "title" : "Objective Status Reason", + "description" : "The reason the objective was given it's status.", + "$ref" : "#/definitions/TokenDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "state" ], + "additionalProperties" : false }, + "implementation-status" : + { "$ref" : "#assembly_oscal-implementation-common_implementation-status" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "type", + "target-id", + "status" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:finding" : + { "title" : "Finding", + "description" : "Describes an individual finding.", + "$id" : "#assembly_oscal-assessment-common_finding", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Finding Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this finding in this or other OSCAL instances. The locally defined UUID of the finding can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Finding Title", + "description" : "The title for this finding.", + "type" : "string" }, + "description" : + { "title" : "Finding Description", + "description" : "A human-readable description of this finding.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "origins" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin" } }, + "target" : + { "$ref" : "#assembly_oscal-assessment-common_finding-target" }, + "implementation-statement-uuid" : + { "title" : "Implementation Statement UUID", + "description" : "A machine-oriented identifier reference to the implementation statement in the SSP to which this finding is related.", + "$ref" : "#/definitions/UUIDDatatype" }, + "related-observations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Related Observation", + "description" : "Relates the finding to a set of referenced observations that were used to determine the finding.", + "type" : "object", + "properties" : + { "observation-uuid" : + { "title" : "Observation Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "observation-uuid" ], + "additionalProperties" : false } }, + "related-risks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Associated Risk", + "description" : "Relates the finding to a set of referenced risks that were used to determine the finding.", + "type" : "object", + "properties" : + { "risk-uuid" : + { "title" : "Risk Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a risk defined in the list of risks.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "risk-uuid" ], + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "title", + "description", + "target" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:observation" : + { "title" : "Observation", + "description" : "Describes an individual observation.", + "$id" : "#assembly_oscal-assessment-common_observation", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Observation Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this observation elsewhere in this or other OSCAL instances. The locally defined UUID of the observation can be used to reference the data item locally or globally (e.g., in an imorted OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Observation Title", + "description" : "The title for this observation.", + "type" : "string" }, + "description" : + { "title" : "Observation Description", + "description" : "A human-readable description of this assessment observation.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "methods" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Observation Method", + "description" : "Identifies how the observation was made.", + "$ref" : "#/definitions/StringDatatype" } }, + "types" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Observation Type", + "description" : "Identifies the nature of the observation. More than one may be used to further qualify and enable filtering.", + "$ref" : "#/definitions/TokenDatatype" } }, + "origins" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin" } }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } }, + "relevant-evidence" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Relevant Evidence", + "description" : "Links this observation to relevant evidence.", + "type" : "object", + "properties" : + { "href" : + { "title" : "Relevant Evidence Reference", + "description" : "A resolvable URL reference to relevant evidence.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "description" : + { "title" : "Relevant Evidence Description", + "description" : "A human-readable description of this evidence.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "description" ], + "additionalProperties" : false } }, + "collected" : + { "title" : "Collected Field", + "description" : "Date/time stamp identifying when the finding information was collected.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "expires" : + { "title" : "Expires Field", + "description" : "Date/time identifying when the finding information is out-of-date and no longer valid. Typically used with continuous assessment scenarios.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description", + "methods", + "collected" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:origin" : + { "title" : "Origin", + "description" : "Identifies the source of the finding, such as a tool, interviewed person, or activity.", + "$id" : "#assembly_oscal-assessment-common_origin", + "type" : "object", + "properties" : + { "actors" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin-actor" } }, + "related-tasks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_related-task" } } }, + "required" : + [ "actors" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:origin-actor" : + { "title" : "Originating Actor", + "description" : "The actor that produces an observation, a finding, or a risk. One or more actor type can be used to specify a person that is using a tool.", + "$id" : "#assembly_oscal-assessment-common_origin-actor", + "type" : "object", + "properties" : + { "type" : + { "title" : "Actor Type", + "description" : "The kind of actor.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "tool", + "assessment-platform", + "party" ] } ] }, + "actor-uuid" : + { "title" : "Actor Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to the tool or person based on the associated type.", + "$ref" : "#/definitions/UUIDDatatype" }, + "role-id" : + { "title" : "Actor Role", + "description" : "For a party, this can optionally be used to specify the role the actor was performing.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "type", + "actor-uuid" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:related-task" : + { "title" : "Task Reference", + "description" : "Identifies an individual task for which the containing object is a consequence of.", + "$id" : "#assembly_oscal-assessment-common_related-task", + "type" : "object", + "properties" : + { "task-uuid" : + { "title" : "Task Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a unique task.", + "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } }, + "identified-subject" : + { "title" : "Identified Subject", + "description" : "Used to detail assessment subjects that were identfied by this task.", + "type" : "object", + "properties" : + { "subject-placeholder-uuid" : + { "title" : "Assessment Subject Placeholder Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a unique assessment subject placeholder defined by this task.", + "$ref" : "#/definitions/UUIDDatatype" }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-subject" } } }, + "required" : + [ "subject-placeholder-uuid", + "subjects" ], + "additionalProperties" : false }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "task-uuid" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:threat-id" : + { "title" : "Threat ID", + "description" : "A pointer, by ID, to an externally-defined threat.", + "$id" : "#field_oscal-assessment-common_threat-id", + "type" : "object", + "properties" : + { "system" : + { "title" : "Threat Type Identification System", + "description" : "Specifies the source of the threat information.", + "$ref" : "#/definitions/URIDatatype" }, + "href" : + { "title" : "Threat Information Resource Reference", + "description" : "An optional location for the threat data, from which this ID originates.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id", + "system" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:risk" : + { "title" : "Identified Risk", + "description" : "An identified risk.", + "$id" : "#assembly_oscal-assessment-common_risk", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Risk Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk elsewhere in this or other OSCAL instances. The locally defined UUID of the risk can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Risk Title", + "description" : "The title for this risk.", + "type" : "string" }, + "description" : + { "title" : "Risk Description", + "description" : "A human-readable summary of the identified risk, to include a statement of how the risk impacts the system.", + "type" : "string" }, + "statement" : + { "title" : "Risk Statement", + "description" : "An summary of impact for how the risk affects the system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "status" : + { "$ref" : "#field_oscal-assessment-common_risk-status" }, + "origins" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin" } }, + "threat-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-assessment-common_threat-id" } }, + "characterizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_characterization" } }, + "mitigating-factors" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Mitigating Factor", + "description" : "Describes an existing mitigating factor that may affect the overall determination of the risk, with an optional link to an implementation statement in the SSP.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Mitigating Factor Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "implementation-uuid" : + { "title" : "Implementation UUID", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Mitigating Factor Description", + "description" : "A human-readable description of this mitigating factor.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false } }, + "deadline" : + { "title" : "Risk Resolution Deadline", + "description" : "The date/time by which the risk must be resolved.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "remediations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_response" } }, + "risk-log" : + { "title" : "Risk Log", + "description" : "A log of all risk-related tasks taken.", + "type" : "object", + "properties" : + { "entries" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Risk Log Entry", + "description" : "Identifies an individual risk response that occurred as part of managing an identified risk.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Risk Log Entry Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, "title" : - { "title" : "Risk Title", - "description" : "The title for this risk.", - "type" : "string" }, + { "title" : "Title", + "description" : "The title for this risk log entry.", + "type" : "string" }, "description" : - { "title" : "Risk Description", - "description" : "A human-readable summary of the identified risk, to include a statement of how the risk impacts the system.", - "type" : "string" }, - "statement" : - { "title" : "Risk Statement", - "description" : "An summary of impact for how the risk affects the system.", - "type" : "string" }, + { "title" : "Risk Task Description", + "description" : "A human-readable description of what was done regarding the risk.", + "type" : "string" }, + "start" : + { "title" : "Start", + "description" : "Identifies the start date and time of the event.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "end" : + { "title" : "End", + "description" : "Identifies the end date and time of the event. If the event is a point in time, the start and end will be the same date and time.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, "props" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, "links" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "status" : - { "$ref" : "#field_oscal-assessment-common_risk-status" }, - "origins" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin" } }, - "threat-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-assessment-common_threat-id" } }, - "characterizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_characterization" } }, - "mitigating-factors" : + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "logged-by" : { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Mitigating Factor", - "description" : "Describes an existing mitigating factor that may affect the overall determination of the risk, with an optional link to an implementation statement in the SSP.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Mitigating Factor Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mitigating factor elsewhere in this or other OSCAL instances. The locally defined UUID of the mitigating factor can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "implementation-uuid" : - { "title" : "Implementation UUID", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this implementation statement elsewhere in this or other OSCAL instancess. The locally defined UUID of the implementation statement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Mitigating Factor Description", - "description" : "A human-readable description of this mitigating factor.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false } }, - "deadline" : - { "title" : "Risk Resolution Deadline", - "description" : "The date/time by which the risk must be resolved.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "remediations" : + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_logged-by" } }, + "status-change" : + { "$ref" : "#field_oscal-assessment-common_risk-status" }, + "related-responses" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_response" } }, - "risk-log" : - { "title" : "Risk Log", - "description" : "A log of all risk-related tasks taken.", + "minItems" : 1, + "items" : + { "title" : "Risk Response Reference", + "description" : "Identifies an individual risk response that this log entry is for.", "type" : "object", "properties" : - { "entries" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Risk Log Entry", - "description" : "Identifies an individual risk response that occurred as part of managing an identified risk.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Risk Log Entry Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this risk log entry elsewhere in this or other OSCAL instances. The locally defined UUID of the risk log entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Title", - "description" : "The title for this risk log entry.", - "type" : "string" }, - "description" : - { "title" : "Risk Task Description", - "description" : "A human-readable description of what was done regarding the risk.", - "type" : "string" }, - "start" : - { "title" : "Start", - "description" : "Identifies the start date and time of the event.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "end" : - { "title" : "End", - "description" : "Identifies the end date and time of the event. If the event is a point in time, the start and end will be the same date and time.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "logged-by" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_logged-by" } }, - "status-change" : - { "$ref" : "#field_oscal-assessment-common_risk-status" }, - "related-responses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Risk Response Reference", - "description" : "Identifies an individual risk response that this log entry is for.", - "type" : "object", - "properties" : - { "response-uuid" : - { "title" : "Response Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a unique risk response.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "related-tasks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_related-task" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "response-uuid" ], - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "start" ], - "additionalProperties" : false } } }, + { "response-uuid" : + { "title" : "Response Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a unique risk response.", + "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "related-tasks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_related-task" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : - [ "entries" ], - "additionalProperties" : false }, - "related-observations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Related Observation", - "description" : "Relates the finding to a set of referenced observations that were used to determine the finding.", - "type" : "object", - "properties" : - { "observation-uuid" : - { "title" : "Observation Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "required" : - [ "observation-uuid" ], - "additionalProperties" : false } } }, - "required" : - [ "uuid", - "title", - "description", - "statement", - "status" ], - "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:logged-by" : - { "title" : "Logged By", - "description" : "Used to indicate who created a log entry in what role.", - "$id" : "#assembly_oscal-assessment-common_logged-by", - "type" : "object", - "properties" : - { "party-uuid" : - { "title" : "Party UUID Reference", - "description" : "A machine-oriented identifier reference to the party who is making the log entry.", - "$ref" : "#/definitions/UUIDDatatype" }, - "role-id" : - { "title" : "Actor Role", - "description" : "A point to the role-id of the role in which the party is making the log entry.", - "$ref" : "#/definitions/TokenDatatype" } }, - "required" : - [ "party-uuid" ], - "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:risk-status" : - { "title" : "Risk Status", - "description" : "Describes the status of the associated risk.", - "$id" : "#field_oscal-assessment-common_risk-status", - "$ref" : "#/definitions/TokenDatatype" }, - "oscal-poam-oscal-assessment-common:characterization" : - { "title" : "Characterization", - "description" : "A collection of descriptive data about the containing object from a specific origin.", - "$id" : "#assembly_oscal-assessment-common_characterization", - "type" : "object", - "properties" : - { "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "origin" : - { "$ref" : "#assembly_oscal-assessment-common_origin" }, - "facets" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Facet", - "description" : "An individual characteristic that is part of a larger set produced by the same actor.", - "type" : "object", - "properties" : - { "name" : - { "title" : "Facet Name", - "description" : "The name of the risk metric within the specified system.", - "$ref" : "#/definitions/TokenDatatype" }, - "system" : - { "title" : "Naming System", - "description" : "Specifies the naming system under which this risk metric is organized, which allows for the same names to be used in different systems controlled by different parties. This avoids the potential of a name clash.", - "$ref" : "#/definitions/URIDatatype" }, - "value" : - { "title" : "Facet Value", - "description" : "Indicates the value of the facet.", - "$ref" : "#/definitions/StringDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "name", - "system", - "value" ], - "additionalProperties" : false } } }, - "required" : - [ "origin", - "facets" ], - "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:response" : - { "title" : "Risk Response", - "description" : "Describes either recommended or an actual plan for addressing the risk.", - "$id" : "#assembly_oscal-assessment-common_response", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Remediation Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "lifecycle" : - { "title" : "Remediation Intent", - "description" : "Identifies whether this is a recommendation, such as from an assessor or tool, or an actual plan accepted by the system owner.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Response Title", - "description" : "The title for this response activity.", - "type" : "string" }, - "description" : - { "title" : "Response Description", - "description" : "A human-readable description of this response plan.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "origins" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_origin" } }, - "required-assets" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Required Asset", - "description" : "Identifies an asset required to achieve remediation.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Required Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "subjects" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } }, - "title" : - { "title" : "Title for Required Asset", - "description" : "The title for this required asset.", - "type" : "string" }, - "description" : - { "title" : "Description of Required Asset", - "description" : "A human-readable description of this required asset.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false } }, - "tasks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_task" } }, + [ "response-uuid" ], + "additionalProperties" : false } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "lifecycle", - "title", - "description" ], - "additionalProperties" : false }, - "oscal-poam-oscal-assessment-common:assessment-part" : - { "title" : "Assessment Part", - "description" : "A partition of an assessment plan or results or a child of another part.", - "$id" : "#assembly_oscal-assessment-common_assessment-part", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Part Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "name" : - { "title" : "Part Name", - "description" : "A textual label that uniquely identifies the part's semantic type.", - "$ref" : "#/definitions/TokenDatatype" }, - "ns" : - { "title" : "Part Namespace", - "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", - "$ref" : "#/definitions/URIDatatype" }, - "class" : - { "title" : "Part Class", - "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Part Title", - "description" : "A name given to the part, which may be used by a tool for display and navigation.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "prose" : - { "title" : "Part Text", - "description" : "Permits multiple paragraphs, lists, tables etc.", - "type" : "string" }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-assessment-common_assessment-part" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "name" ], - "additionalProperties" : false }, - "Base64Datatype" : - { "type" : "string", - "pattern" : "^[0-9A-Fa-f]+$", - "contentEncoding" : "base64" }, - "DateTimeWithTimezoneDatatype" : - { "type" : "string", - "format" : "date-time", - "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, - "EmailAddressDatatype" : - { "type" : "string", - "format" : "email", - "pattern" : "^.+@.+$" }, - "IntegerDatatype" : - { "type" : "integer" }, - "NonNegativeIntegerDatatype" : - { "allOf" : - [ - { "$ref" : "#/definitions/IntegerDatatype" }, - - { "minimum" : 0, - "type" : "number" } ] }, - "PositiveIntegerDatatype" : - { "allOf" : - [ - { "$ref" : "#/definitions/IntegerDatatype" }, - - { "minimum" : 1, - "type" : "number" } ] }, - "StringDatatype" : - { "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, - "TokenDatatype" : - { "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, - "URIDatatype" : - { "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, - "URIReferenceDatatype" : - { "type" : "string", - "format" : "uri-reference" }, - "UUIDDatatype" : - { "type" : "string", - "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "required" : + [ "uuid", + "start" ], + "additionalProperties" : false } } }, + "required" : + [ "entries" ], + "additionalProperties" : false }, + "related-observations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Related Observation", + "description" : "Relates the finding to a set of referenced observations that were used to determine the finding.", + "type" : "object", + "properties" : + { "observation-uuid" : + { "title" : "Observation Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to an observation defined in the list of observations.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "required" : + [ "observation-uuid" ], + "additionalProperties" : false } } }, + "required" : + [ "uuid", + "title", + "description", + "statement", + "status" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:logged-by" : + { "title" : "Logged By", + "description" : "Used to indicate who created a log entry in what role.", + "$id" : "#assembly_oscal-assessment-common_logged-by", + "type" : "object", + "properties" : + { "party-uuid" : + { "title" : "Party UUID Reference", + "description" : "A machine-oriented identifier reference to the party who is making the log entry.", + "$ref" : "#/definitions/UUIDDatatype" }, + "role-id" : + { "title" : "Actor Role", + "description" : "A point to the role-id of the role in which the party is making the log entry.", + "$ref" : "#/definitions/TokenDatatype" } }, + "required" : + [ "party-uuid" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:risk-status" : + { "title" : "Risk Status", + "description" : "Describes the status of the associated risk.", + "$id" : "#field_oscal-assessment-common_risk-status", + "$ref" : "#/definitions/TokenDatatype" }, + "oscal-poam-oscal-assessment-common:characterization" : + { "title" : "Characterization", + "description" : "A collection of descriptive data about the containing object from a specific origin.", + "$id" : "#assembly_oscal-assessment-common_characterization", + "type" : "object", + "properties" : + { "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "origin" : + { "$ref" : "#assembly_oscal-assessment-common_origin" }, + "facets" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Facet", + "description" : "An individual characteristic that is part of a larger set produced by the same actor.", + "type" : "object", + "properties" : + { "name" : + { "title" : "Facet Name", + "description" : "The name of the risk metric within the specified system.", + "$ref" : "#/definitions/TokenDatatype" }, + "system" : + { "title" : "Naming System", + "description" : "Specifies the naming system under which this risk metric is organized, which allows for the same names to be used in different systems controlled by different parties. This avoids the potential of a name clash.", + "$ref" : "#/definitions/URIDatatype" }, + "value" : + { "title" : "Facet Value", + "description" : "Indicates the value of the facet.", + "$ref" : "#/definitions/StringDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "name", + "system", + "value" ], + "additionalProperties" : false } } }, + "required" : + [ "origin", + "facets" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:response" : + { "title" : "Risk Response", + "description" : "Describes either recommended or an actual plan for addressing the risk.", + "$id" : "#assembly_oscal-assessment-common_response", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Remediation Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this remediation elsewhere in this or other OSCAL instances. The locally defined UUID of the risk response can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "lifecycle" : + { "title" : "Remediation Intent", + "description" : "Identifies whether this is a recommendation, such as from an assessor or tool, or an actual plan accepted by the system owner.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Response Title", + "description" : "The title for this response activity.", + "type" : "string" }, + "description" : + { "title" : "Response Description", + "description" : "A human-readable description of this response plan.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "origins" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_origin" } }, + "required-assets" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Required Asset", + "description" : "Identifies an asset required to achieve remediation.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Required Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this required asset elsewhere in this or other OSCAL instances. The locally defined UUID of the asset can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "subjects" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_subject-reference" } }, + "title" : + { "title" : "Title for Required Asset", + "description" : "The title for this required asset.", + "type" : "string" }, + "description" : + { "title" : "Description of Required Asset", + "description" : "A human-readable description of this required asset.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false } }, + "tasks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_task" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "lifecycle", + "title", + "description" ], + "additionalProperties" : false }, + "oscal-poam-oscal-assessment-common:assessment-part" : + { "title" : "Assessment Part", + "description" : "A partition of an assessment plan or results or a child of another part.", + "$id" : "#assembly_oscal-assessment-common_assessment-part", + "type" : "object", "properties" : - { "plan-of-action-and-milestones" : - { "$ref" : "#assembly_oscal-poam_plan-of-action-and-milestones" } }, + { "uuid" : + { "title" : "Part Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this part elsewhere in this or other OSCAL instances. The locally defined UUID of the part can be used to reference the data item locally or globally (e.g., in an ported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "name" : + { "title" : "Part Name", + "description" : "A textual label that uniquely identifies the part's semantic type.", + "$ref" : "#/definitions/TokenDatatype" }, + "ns" : + { "title" : "Part Namespace", + "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "class" : + { "title" : "Part Class", + "description" : "A textual label that provides a sub-type or characterization of the part's name. This can be used to further distinguish or discriminate between the semantics of multiple parts of the same control with the same name and ns.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Part Title", + "description" : "A name given to the part, which may be used by a tool for display and navigation.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "prose" : + { "title" : "Part Text", + "description" : "Permits multiple paragraphs, lists, tables etc.", + "type" : "string" }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-assessment-common_assessment-part" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, "required" : - [ "plan-of-action-and-milestones" ], - "additionalProperties" : false, - "maxProperties" : 1 } \ No newline at end of file + [ "name" ], + "additionalProperties" : false }, + "Base64Datatype" : + { "type" : "string", + "pattern" : "^[0-9A-Fa-f]+$", + "contentEncoding" : "base64" }, + "DateTimeWithTimezoneDatatype" : + { "type" : "string", + "format" : "date-time", + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, + "EmailAddressDatatype" : + { "type" : "string", + "format" : "email", + "pattern" : "^.+@.+$" }, + "IntegerDatatype" : + { "type" : "integer" }, + "NonNegativeIntegerDatatype" : + { "allOf" : + [ + { "$ref" : "#/definitions/IntegerDatatype" }, + + { "minimum" : 0, + "type" : "number" } ] }, + "PositiveIntegerDatatype" : + { "allOf" : + [ + { "$ref" : "#/definitions/IntegerDatatype" }, + + { "minimum" : 1, + "type" : "number" } ] }, + "StringDatatype" : + { "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "TokenDatatype" : + { "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "URIDatatype" : + { "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "URIReferenceDatatype" : + { "type" : "string", + "format" : "uri-reference" }, + "UUIDDatatype" : + { "type" : "string", + "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "properties" : + { "plan-of-action-and-milestones" : + { "$ref" : "#assembly_oscal-poam_plan-of-action-and-milestones" } }, + "required" : + [ "plan-of-action-and-milestones" ], + "additionalProperties" : false, + "maxProperties" : 1 } \ No newline at end of file diff --git a/json/schema/oscal_profile_schema.json b/json/schema/oscal_profile_schema.json index 0ebefb294e..f41ef0b3fa 100644 --- a/json/schema/oscal_profile_schema.json +++ b/json/schema/oscal_profile_schema.json @@ -1,1290 +1,1285 @@ - { "$schema" : "http://json-schema.org/draft-07/schema#", - "$id" : "http://csrc.nist.gov/ns/oscal/1.0.4/oscal-profile-schema.json", - "$comment" : "OSCAL Profile Model: JSON Schema", + { "$schema" : "http://json-schema.org/draft-07/schema#", + "$id" : "http://csrc.nist.gov/ns/oscal/1.0.4/oscal-profile-schema.json", + "$comment" : "OSCAL Profile Model: JSON Schema", + "type" : "object", + "definitions" : + { "oscal-profile-oscal-profile:profile" : + { "title" : "Profile", + "description" : "Each OSCAL profile is defined by a profile element.", + "$id" : "#assembly_oscal-profile_profile", "type" : "object", - "definitions" : - { "oscal-profile-oscal-profile:profile" : - { "title" : "Profile", - "description" : "Each OSCAL profile is defined by a profile element.", - "$id" : "#assembly_oscal-profile_profile", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Profile Universally Unique Identifier", - "description" : "Provides a globally unique means to identify a given profile instance.", - "$ref" : "#/definitions/UUIDDatatype" }, - "metadata" : - { "$ref" : "#assembly_oscal-metadata_metadata" }, - "imports" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-profile_import" } }, - "merge" : - { "$ref" : "#assembly_oscal-profile_merge" }, - "modify" : - { "$ref" : "#assembly_oscal-profile_modify" }, - "back-matter" : - { "$ref" : "#assembly_oscal-metadata_back-matter" } }, - "required" : - [ "uuid", - "metadata", - "imports" ], - "additionalProperties" : false }, - "oscal-profile-oscal-profile:import" : - { "title" : "Import Resource", - "description" : "Designates a referenced source catalog or profile that provides a source of control information for use in creating a new overlay or baseline.", - "$id" : "#assembly_oscal-profile_import", - "type" : "object", - "properties" : - { "href" : - { "title" : "Catalog or Profile Reference", - "description" : "A resolvable URL reference to the base catalog or profile that this profile is tailoring.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "include-all" : - { "$ref" : "#assembly_oscal-control-common_include-all" }, - "include-controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-profile_select-control-by-id" } }, - "exclude-controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-profile_select-control-by-id" } } }, - "required" : - [ "href" ], - "additionalProperties" : false }, - "oscal-profile-oscal-profile:merge" : - { "title" : "Merge Controls", - "description" : "Provides structuring directives that instruct how controls are organized after profile resolution.", - "$id" : "#assembly_oscal-profile_merge", - "type" : "object", - "properties" : - { "combine" : - { "title" : "Combination Rule", - "description" : "A Combine element defines how to resolve duplicate instances of the same control (e.g., controls with the same ID).", - "type" : "object", - "properties" : - { "method" : - { "title" : "Combination Method", - "description" : "Declare how clashing controls should be handled.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "use-first", - "merge", - "keep" ] } ] } }, - "additionalProperties" : false }, - "flat" : - { "title" : "Flat Without Grouping", - "description" : "Directs that controls appear without any grouping structure.", - "type" : "object", - "additionalProperties" : false }, - "as-is" : - { "title" : "Group As-Is", - "description" : "Indicates that the controls selected should retain their original grouping as defined in the import source.", - "$ref" : "#/definitions/BooleanDatatype" }, - "custom" : - { "title" : "Custom Grouping", - "description" : "Provides an alternate grouping structure that selected controls will be placed in.", - "type" : "object", - "properties" : - { "groups" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-profile_group" } }, - "insert-controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-profile_insert-controls" } } }, - "additionalProperties" : false } }, - "additionalProperties" : false }, - "oscal-profile-oscal-profile:group" : - { "title" : "Control Group", - "description" : "A group of (selected) controls or of groups of controls.", - "$id" : "#assembly_oscal-profile_group", - "type" : "object", - "properties" : - { "id" : - { "title" : "Group Identifier", - "description" : "Identifies the group.", + "properties" : + { "uuid" : + { "title" : "Profile Universally Unique Identifier", + "description" : "Provides a globally unique means to identify a given profile instance.", + "$ref" : "#/definitions/UUIDDatatype" }, + "metadata" : + { "$ref" : "#assembly_oscal-metadata_metadata" }, + "imports" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-profile_import" } }, + "merge" : + { "$ref" : "#assembly_oscal-profile_merge" }, + "modify" : + { "$ref" : "#assembly_oscal-profile_modify" }, + "back-matter" : + { "$ref" : "#assembly_oscal-metadata_back-matter" } }, + "required" : + [ "uuid", + "metadata", + "imports" ], + "additionalProperties" : false }, + "oscal-profile-oscal-profile:import" : + { "title" : "Import Resource", + "description" : "Designates a referenced source catalog or profile that provides a source of control information for use in creating a new overlay or baseline.", + "$id" : "#assembly_oscal-profile_import", + "type" : "object", + "properties" : + { "href" : + { "title" : "Catalog or Profile Reference", + "description" : "A resolvable URL reference to the base catalog or profile that this profile is tailoring.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "include-all" : + { "$ref" : "#assembly_oscal-control-common_include-all" }, + "include-controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-profile_select-control-by-id" } }, + "exclude-controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-profile_select-control-by-id" } } }, + "required" : + [ "href" ], + "additionalProperties" : false }, + "oscal-profile-oscal-profile:merge" : + { "title" : "Merge Controls", + "description" : "Provides structuring directives that instruct how controls are organized after profile resolution.", + "$id" : "#assembly_oscal-profile_merge", + "type" : "object", + "properties" : + { "combine" : + { "title" : "Combination Rule", + "description" : "A Combine element defines how to resolve duplicate instances of the same control (e.g., controls with the same ID).", + "type" : "object", + "properties" : + { "method" : + { "title" : "Combination Method", + "description" : "Declare how clashing controls should be handled.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "use-first", + "merge", + "keep" ] } ] } }, + "additionalProperties" : false }, + "flat" : + { "title" : "Flat Without Grouping", + "description" : "Directs that controls appear without any grouping structure.", + "type" : "object", + "additionalProperties" : false }, + "as-is" : + { "title" : "Group As-Is", + "description" : "Indicates that the controls selected should retain their original grouping as defined in the import source.", + "$ref" : "#/definitions/BooleanDatatype" }, + "custom" : + { "title" : "Custom Grouping", + "description" : "Provides an alternate grouping structure that selected controls will be placed in.", + "type" : "object", + "properties" : + { "groups" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-profile_group" } }, + "insert-controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-profile_insert-controls" } } }, + "additionalProperties" : false } }, + "additionalProperties" : false }, + "oscal-profile-oscal-profile:group" : + { "title" : "Control Group", + "description" : "A group of (selected) controls or of groups of controls.", + "$id" : "#assembly_oscal-profile_group", + "type" : "object", + "properties" : + { "id" : + { "title" : "Group Identifier", + "description" : "Identifies the group.", + "$ref" : "#/definitions/TokenDatatype" }, + "class" : + { "title" : "Group Class", + "description" : "A textual label that provides a sub-type or characterization of the group.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Group Title", + "description" : "A name to be given to the group for use in display.", + "type" : "string" }, + "params" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_part" } }, + "groups" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-profile_group" } }, + "insert-controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-profile_insert-controls" } } }, + "required" : + [ "title" ], + "additionalProperties" : false }, + "oscal-profile-oscal-profile:modify" : + { "title" : "Modify Controls", + "description" : "Set parameters or amend controls in resolution.", + "$id" : "#assembly_oscal-profile_modify", + "type" : "object", + "properties" : + { "set-parameters" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Parameter Setting", + "description" : "A parameter setting, to be propagated to points of insertion.", + "type" : "object", + "properties" : + { "param-id" : + { "title" : "Parameter ID", + "description" : "An identifier for the parameter.", + "$ref" : "#/definitions/TokenDatatype" }, + "class" : + { "title" : "Parameter Class", + "description" : "A textual label that provides a characterization of the parameter.", + "$ref" : "#/definitions/TokenDatatype" }, + "depends-on" : + { "title" : "Depends On", + "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "label" : + { "title" : "Parameter Label", + "description" : "A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned.", + "type" : "string" }, + "usage" : + { "title" : "Parameter Usage Description", + "description" : "Describes the purpose and use of a parameter.", + "type" : "string" }, + "constraints" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, + "guidelines" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, + "values" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-control-common_parameter-value" } }, + "select" : + { "$ref" : "#assembly_oscal-control-common_parameter-selection" } }, + "required" : + [ "param-id" ], + "additionalProperties" : false } }, + "alters" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Alteration", + "description" : "Specifies changes to be made to an included control when a profile is resolved.", + "type" : "object", + "properties" : + { "control-id" : + { "title" : "Control Identifier Reference", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "$ref" : "#/definitions/TokenDatatype" }, + "removes" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Removal", + "description" : "Specifies objects to be removed from a control based on specific aspects of the object that must all match.", + "type" : "object", + "properties" : + { "by-name" : + { "title" : "Reference by (assigned) name", + "description" : "Identify items remove by matching their assigned name.", "$ref" : "#/definitions/TokenDatatype" }, - "class" : - { "title" : "Group Class", - "description" : "A textual label that provides a sub-type or characterization of the group.", + "by-class" : + { "title" : "Reference by class", + "description" : "Identify items to remove by matching their class.", "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Group Title", - "description" : "A name to be given to the group for use in display.", - "type" : "string" }, - "params" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_part" } }, - "groups" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-profile_group" } }, - "insert-controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-profile_insert-controls" } } }, - "required" : - [ "title" ], - "additionalProperties" : false }, - "oscal-profile-oscal-profile:modify" : - { "title" : "Modify Controls", - "description" : "Set parameters or amend controls in resolution.", - "$id" : "#assembly_oscal-profile_modify", - "type" : "object", - "properties" : - { "set-parameters" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Parameter Setting", - "description" : "A parameter setting, to be propagated to points of insertion.", - "type" : "object", - "properties" : - { "param-id" : - { "title" : "Parameter ID", - "description" : "An identifier for the parameter.", - "$ref" : "#/definitions/TokenDatatype" }, - "class" : - { "title" : "Parameter Class", - "description" : "A textual label that provides a characterization of the parameter.", - "$ref" : "#/definitions/TokenDatatype" }, - "depends-on" : - { "title" : "Depends On", - "description" : "**(deprecated)** Another parameter invoking this one. This construct has been deprecated and should not be used.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "label" : - { "title" : "Parameter Label", - "description" : "A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned.", - "type" : "string" }, - "usage" : - { "title" : "Parameter Usage Description", - "description" : "Describes the purpose and use of a parameter.", - "type" : "string" }, - "constraints" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, - "guidelines" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, - "values" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-control-common_parameter-value" } }, - "select" : - { "$ref" : "#assembly_oscal-control-common_parameter-selection" } }, - "required" : - [ "param-id" ], - "additionalProperties" : false } }, - "alters" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Alteration", - "description" : "Specifies changes to be made to an included control when a profile is resolved.", - "type" : "object", - "properties" : - { "control-id" : - { "title" : "Control Identifier Reference", - "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "$ref" : "#/definitions/TokenDatatype" }, - "removes" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Removal", - "description" : "Specifies objects to be removed from a control based on specific aspects of the object that must all match.", - "type" : "object", - "properties" : - { "by-name" : - { "title" : "Reference by (assigned) name", - "description" : "Identify items remove by matching their assigned name.", - "$ref" : "#/definitions/TokenDatatype" }, - "by-class" : - { "title" : "Reference by class", - "description" : "Identify items to remove by matching their class.", - "$ref" : "#/definitions/TokenDatatype" }, - "by-id" : - { "title" : "Reference by ID", - "description" : "Identify items to remove indicated by their id.", - "$ref" : "#/definitions/TokenDatatype" }, - "by-item-name" : - { "title" : "Item Name Reference", - "description" : "Identify items to remove by the name of the item's information object name, e.g. title or prop.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "param", - "prop", - "link", - "part", - "mapping", - "map" ] } ] }, - "by-ns" : - { "title" : "Item Namespace Reference", - "description" : "Identify items to remove by the item's ns, which is the namespace associated with a part, or prop.", - "$ref" : "#/definitions/TokenDatatype" } }, - "additionalProperties" : false } }, - "adds" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Addition", - "description" : "Specifies contents to be added into controls, in resolution.", - "type" : "object", - "properties" : - { "position" : - { "title" : "Position", - "description" : "Where to add the new content with respect to the targeted element (beside it or inside it).", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "before", - "after", - "starting", - "ending" ] } ] }, - "by-id" : - { "title" : "Reference by ID", - "description" : "Target location of the addition.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Title Change", - "description" : "A name given to the control, which may be used by a tool for display and navigation.", - "type" : "string" }, - "params" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_part" } } }, - "additionalProperties" : false } } }, - "required" : - [ "control-id" ], - "additionalProperties" : false } } }, - "additionalProperties" : false }, - "oscal-profile-oscal-profile:insert-controls" : - { "title" : "Select Controls", - "description" : "Specifies which controls to use in the containing context.", - "$id" : "#assembly_oscal-profile_insert-controls", - "type" : "object", - "properties" : - { "order" : - { "title" : "Order", - "description" : "A designation of how a selection of controls in a profile is to be ordered.", + "by-id" : + { "title" : "Reference by ID", + "description" : "Identify items to remove indicated by their id.", + "$ref" : "#/definitions/TokenDatatype" }, + "by-item-name" : + { "title" : "Item Name Reference", + "description" : "Identify items to remove by the name of the item's information object name, e.g. title or prop.", "allOf" : [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "keep", - "ascending", - "descending" ] } ] }, - "include-all" : - { "$ref" : "#assembly_oscal-control-common_include-all" }, - "include-controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-profile_select-control-by-id" } }, - "exclude-controls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-profile_select-control-by-id" } } }, - "additionalProperties" : false }, - "oscal-profile-oscal-profile:select-control-by-id" : - { "title" : "Select Control", - "description" : "Select a control or controls from an imported control set.", - "$id" : "#assembly_oscal-profile_select-control-by-id", - "type" : "object", - "properties" : - { "with-child-controls" : - { "title" : "Include Contained Controls with Control", - "description" : "When a control is included, whether its child (dependent) controls are also included.", + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "param", + "prop", + "link", + "part", + "mapping", + "map" ] } ] }, + "by-ns" : + { "title" : "Item Namespace Reference", + "description" : "Identify items to remove by the item's ns, which is the namespace associated with a part, or prop.", + "$ref" : "#/definitions/TokenDatatype" } }, + "additionalProperties" : false } }, + "adds" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Addition", + "description" : "Specifies contents to be added into controls, in resolution.", + "type" : "object", + "properties" : + { "position" : + { "title" : "Position", + "description" : "Where to add the new content with respect to the targeted element (beside it or inside it).", "allOf" : [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "yes", - "no" ] } ] }, - "with-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Match Controls by Identifier", - "description" : "Selecting a control by its ID given as a literal.", - "$ref" : "#/definitions/TokenDatatype" } }, - "matching" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Match Controls by Pattern", - "description" : "Selecting a set of controls by matching their IDs with a wildcard pattern.", - "type" : "object", - "properties" : - { "pattern" : - { "title" : "Pattern", - "description" : "A glob expression matching the IDs of one or more controls to be selected.", - "$ref" : "#/definitions/StringDatatype" } }, - "additionalProperties" : false } } }, - "additionalProperties" : false }, - "oscal-profile-oscal-metadata:metadata" : - { "title" : "Document Metadata", - "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", - "$id" : "#assembly_oscal-metadata_metadata", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document, which may be used by a tool for display and navigation.", + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "before", + "after", + "starting", + "ending" ] } ] }, + "by-id" : + { "title" : "Reference by ID", + "description" : "Target location of the addition.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Title Change", + "description" : "A name given to the control, which may be used by a tool for display and navigation.", "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "revisions" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Revision History Entry", - "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "version" ], - "additionalProperties" : false } }, - "document-ids" : - { "type" : "array", + "params" : + { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#field_oscal-metadata_document-id" } }, - "props" : - { "type" : "array", + { "$ref" : "#assembly_oscal-control-common_parameter" } }, + "props" : + { "type" : "array", "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", + "links" : + { "type" : "array", "minItems" : 1, "items" : { "$ref" : "#assembly_oscal-metadata_link" } }, - "roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Role", - "description" : "Defines a function, which might be assigned to a party in a specific situation.", - "type" : "object", - "properties" : - { "id" : - { "title" : "Role Identifier", - "description" : "A unique identifier for the role.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Role Title", - "description" : "A name given to the role, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "Role Short Name", - "description" : "A short common name, abbreviation, or acronym for the role.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "Role Description", - "description" : "A summary of the role's purpose and associated responsibilities.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id", - "title" ], - "additionalProperties" : false } }, - "locations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location", - "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Location Universally Unique Identifier", - "description" : "A unique ID for the location, for reference.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Location Title", - "description" : "A name given to the location, which may be used by a tool for display and navigation.", - "type" : "string" }, - "address" : - { "$ref" : "#assembly_oscal-metadata_address" }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "urls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location URL", - "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", - "$ref" : "#/definitions/URIDatatype" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false } }, - "parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party", - "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Party Universally Unique Identifier", - "description" : "A unique identifier for the party.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Party Type", - "description" : "A category describing the kind of party the object describes.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "person", - "organization" ] } ] }, - "name" : - { "title" : "Party Name", - "description" : "The full name of the party. This is typically the legal name associated with the party.", - "$ref" : "#/definitions/StringDatatype" }, - "short-name" : - { "title" : "Party Short Name", - "description" : "A short common name, abbreviation, or acronym for the party.", - "$ref" : "#/definitions/StringDatatype" }, - "external-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party External Identifier", - "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "External Identifier Schema", - "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id", - "scheme" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_address" } }, - "location-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_location-uuid" } }, - "member-of-organizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Organizational Affiliation", - "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type" ], - "additionalProperties" : false } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "actions" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_action" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "title", - "last-modified", - "version", - "oscal-version" ], - "additionalProperties" : false }, - "oscal-profile-oscal-metadata:location-uuid" : - { "title" : "Location Universally Unique Identifier Reference", - "description" : "Reference to a location by UUID.", - "$id" : "#field_oscal-metadata_location-uuid", - "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-profile-oscal-metadata:party-uuid" : - { "title" : "Party Universally Unique Identifier Reference", - "description" : "Reference to a party by UUID.", - "$id" : "#field_oscal-metadata_party-uuid", - "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-profile-oscal-metadata:role-id" : - { "title" : "Role Identifier Reference", - "description" : "Reference to a role by UUID.", - "$id" : "#field_oscal-metadata_role-id", - "$ref" : "#/definitions/TokenDatatype" }, - "oscal-profile-oscal-metadata:back-matter" : - { "title" : "Back matter", - "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", - "$id" : "#assembly_oscal-metadata_back-matter", - "type" : "object", - "properties" : - { "resources" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Resource", - "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Resource Universally Unique Identifier", - "description" : "A unique identifier for a resource.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Resource Title", - "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", - "type" : "string" }, - "description" : - { "title" : "Resource Description", - "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "document-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_document-id" } }, - "citation" : - { "title" : "Citation", - "description" : "An optional citation consisting of end note text using structured markup.", - "type" : "object", - "properties" : - { "text" : - { "title" : "Citation Text", - "description" : "A line of citation text.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "text" ], - "additionalProperties" : false }, - "rlinks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Resource link", - "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", - "type" : "object", - "properties" : - { "href" : - { "title" : "Hypertext Reference", - "description" : "A resolvable URL pointing to the referenced resource.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "media-type" : - { "title" : "Media Type", - "description" : "A label that indicates the nature of a resource, as a data serialization or format.", - "$ref" : "#/definitions/StringDatatype" }, - "hashes" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_hash" } } }, - "required" : - [ "href" ], - "additionalProperties" : false } }, - "base64" : - { "title" : "Base64", - "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", - "type" : "object", - "properties" : - { "filename" : - { "title" : "File Name", - "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "$ref" : "#/definitions/TokenDatatype" }, - "media-type" : - { "title" : "Media Type", - "description" : "A label that indicates the nature of a resource, as a data serialization or format.", - "$ref" : "#/definitions/StringDatatype" }, - "value" : - { "type" : "string" } }, - "required" : - [ "value" ], - "additionalProperties" : false }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false } } }, - "additionalProperties" : false }, - "oscal-profile-oscal-metadata:property" : - { "title" : "Property", - "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", - "$id" : "#assembly_oscal-metadata_property", - "type" : "object", - "properties" : - { "name" : - { "title" : "Property Name", - "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "marking" ] } ] }, - "uuid" : - { "title" : "Property Universally Unique Identifier", - "description" : "A unique identifier for a property.", - "$ref" : "#/definitions/UUIDDatatype" }, - "ns" : - { "title" : "Property Namespace", - "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", - "$ref" : "#/definitions/URIDatatype" }, - "value" : - { "title" : "Property Value", - "description" : "Indicates the value of the attribute, characteristic, or quality.", - "$ref" : "#/definitions/StringDatatype" }, - "class" : - { "title" : "Property Class", - "description" : "A textual label that provides a sub-type or characterization of the property's name.", - "$ref" : "#/definitions/TokenDatatype" }, - "group" : - { "title" : "Property Group", - "description" : "An identifier for relating distinct sets of properties.", - "$ref" : "#/definitions/TokenDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "name", - "value" ], - "additionalProperties" : false }, - "oscal-profile-oscal-metadata:link" : - { "title" : "Link", - "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", - "$id" : "#assembly_oscal-metadata_link", - "type" : "object", - "properties" : - { "href" : - { "title" : "Hypertext Reference", - "description" : "A resolvable URL reference to a resource.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "rel" : - { "title" : "Link Relation Type", - "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", - "$ref" : "#/definitions/TokenDatatype" }, - "media-type" : - { "title" : "Media Type", - "description" : "A label that indicates the nature of a resource, as a data serialization or format.", - "$ref" : "#/definitions/StringDatatype" }, - "resource-fragment" : - { "title" : "Resource Fragment", - "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", - "$ref" : "#/definitions/StringDatatype" }, - "text" : - { "title" : "Link Text", - "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", - "type" : "string" } }, - "required" : - [ "href" ], - "additionalProperties" : false }, - "oscal-profile-oscal-metadata:responsible-party" : - { "title" : "Responsible Party", - "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", - "$id" : "#assembly_oscal-metadata_responsible-party", - "type" : "object", - "properties" : - { "role-id" : - { "title" : "Responsible Role", - "description" : "A reference to a role performed by a party.", - "$ref" : "#/definitions/TokenDatatype" }, - "party-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_party-uuid" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", + "parts" : + { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "role-id", - "party-uuids" ], - "additionalProperties" : false }, - "oscal-profile-oscal-metadata:action" : - { "title" : "Action", - "description" : "An action applied by a role within a given party to the content.", - "$id" : "#assembly_oscal-metadata_action", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Action Universally Unique Identifier", - "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "date" : - { "title" : "Action Occurrence Date", - "description" : "The date and time when the action occurred.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "type" : - { "title" : "Action Type", - "description" : "The type of action documented by the assembly, such as an approval.", - "$ref" : "#/definitions/TokenDatatype" }, - "system" : - { "title" : "Action Type System", - "description" : "Specifies the action type system used.", + { "$ref" : "#assembly_oscal-control-common_part" } } }, + "additionalProperties" : false } } }, + "required" : + [ "control-id" ], + "additionalProperties" : false } } }, + "additionalProperties" : false }, + "oscal-profile-oscal-profile:insert-controls" : + { "title" : "Select Controls", + "description" : "Specifies which controls to use in the containing context.", + "$id" : "#assembly_oscal-profile_insert-controls", + "type" : "object", + "properties" : + { "order" : + { "title" : "Order", + "description" : "A designation of how a selection of controls in a profile is to be ordered.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "keep", + "ascending", + "descending" ] } ] }, + "include-all" : + { "$ref" : "#assembly_oscal-control-common_include-all" }, + "include-controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-profile_select-control-by-id" } }, + "exclude-controls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-profile_select-control-by-id" } } }, + "additionalProperties" : false }, + "oscal-profile-oscal-profile:select-control-by-id" : + { "title" : "Select Control", + "description" : "Select a control or controls from an imported control set.", + "$id" : "#assembly_oscal-profile_select-control-by-id", + "type" : "object", + "properties" : + { "with-child-controls" : + { "title" : "Include Contained Controls with Control", + "description" : "When a control is included, whether its child (dependent) controls are also included.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "yes", + "no" ] } ] }, + "with-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Match Controls by Identifier", + "description" : "Selecting a control by its ID given as a literal.", + "$ref" : "#/definitions/TokenDatatype" } }, + "matching" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Match Controls by Pattern", + "description" : "Selecting a set of controls by matching their IDs with a wildcard pattern.", + "type" : "object", + "properties" : + { "pattern" : + { "title" : "Pattern", + "description" : "A glob expression matching the IDs of one or more controls to be selected.", + "$ref" : "#/definitions/StringDatatype" } }, + "additionalProperties" : false } } }, + "additionalProperties" : false }, + "oscal-profile-oscal-metadata:metadata" : + { "title" : "Document Metadata", + "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", + "$id" : "#assembly_oscal-metadata_metadata", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "revisions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Revision History Entry", + "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "version" ], + "additionalProperties" : false } }, + "document-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_document-id" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Role", + "description" : "Defines a function, which might be assigned to a party in a specific situation.", + "type" : "object", + "properties" : + { "id" : + { "title" : "Role Identifier", + "description" : "A unique identifier for the role.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Role Title", + "description" : "A name given to the role, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "Role Short Name", + "description" : "A short common name, abbreviation, or acronym for the role.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "Role Description", + "description" : "A summary of the role's purpose and associated responsibilities.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id", + "title" ], + "additionalProperties" : false } }, + "locations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location", + "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Location Universally Unique Identifier", + "description" : "A unique ID for the location, for reference.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Location Title", + "description" : "A name given to the location, which may be used by a tool for display and navigation.", + "type" : "string" }, + "address" : + { "$ref" : "#assembly_oscal-metadata_address" }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "urls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location URL", + "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", + "$ref" : "#/definitions/URIDatatype" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } }, + "parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party", + "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Party Universally Unique Identifier", + "description" : "A unique identifier for the party.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Party Type", + "description" : "A category describing the kind of party the object describes.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, + "name" : + { "title" : "Party Name", + "description" : "The full name of the party. This is typically the legal name associated with the party.", + "$ref" : "#/definitions/StringDatatype" }, + "short-name" : + { "title" : "Party Short Name", + "description" : "A short common name, abbreviation, or acronym for the party.", + "$ref" : "#/definitions/StringDatatype" }, + "external-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party External Identifier", + "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "External Identifier Schema", + "description" : "Indicates the type of external identifier.", "$ref" : "#/definitions/URIDatatype" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id", + "scheme" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_address" } }, + "location-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_location-uuid" } }, + "member-of-organizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Organizational Affiliation", + "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type" ], + "additionalProperties" : false } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "actions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_action" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "title", + "last-modified", + "version", + "oscal-version" ], + "additionalProperties" : false }, + "oscal-profile-oscal-metadata:location-uuid" : + { "title" : "Location Universally Unique Identifier Reference", + "description" : "Reference to a location by UUID.", + "$id" : "#field_oscal-metadata_location-uuid", + "$ref" : "#/definitions/UUIDDatatype" }, + "oscal-profile-oscal-metadata:party-uuid" : + { "title" : "Party Universally Unique Identifier Reference", + "description" : "Reference to a party by UUID.", + "$id" : "#field_oscal-metadata_party-uuid", + "$ref" : "#/definitions/UUIDDatatype" }, + "oscal-profile-oscal-metadata:role-id" : + { "title" : "Role Identifier Reference", + "description" : "Reference to a role by UUID.", + "$id" : "#field_oscal-metadata_role-id", + "$ref" : "#/definitions/TokenDatatype" }, + "oscal-profile-oscal-metadata:back-matter" : + { "title" : "Back matter", + "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", + "$id" : "#assembly_oscal-metadata_back-matter", + "type" : "object", + "properties" : + { "resources" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Resource", + "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Resource Universally Unique Identifier", + "description" : "A unique identifier for a resource.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Resource Title", + "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", + "type" : "string" }, + "description" : + { "title" : "Resource Description", + "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "document-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_document-id" } }, + "citation" : + { "title" : "Citation", + "description" : "An optional citation consisting of end note text using structured markup.", + "type" : "object", + "properties" : + { "text" : + { "title" : "Citation Text", + "description" : "A line of citation text.", + "type" : "string" }, "props" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type", - "system" ], - "additionalProperties" : false }, - "oscal-profile-oscal-metadata:responsible-role" : - { "title" : "Responsible Role", - "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", - "$id" : "#assembly_oscal-metadata_responsible-role", - "type" : "object", - "properties" : - { "role-id" : - { "title" : "Responsible Role ID", - "description" : "A human-oriented identifier reference to a role performed.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, "links" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "party-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_party-uuid" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "role-id" ], - "additionalProperties" : false }, - "oscal-profile-oscal-metadata:hash" : - { "title" : "Hash", - "description" : "A representation of a cryptographic digest generated over a resource using a specified hash algorithm.", - "$id" : "#field_oscal-metadata_hash", - "type" : "object", - "properties" : - { "algorithm" : - { "title" : "Hash algorithm", - "description" : "The digest method by which a hash is derived.", - "$ref" : "#/definitions/StringDatatype" }, - "value" : - { "type" : "string" } }, - "required" : - [ "value", - "algorithm" ], - "additionalProperties" : false }, - "oscal-profile-oscal-metadata:remarks" : - { "title" : "Remarks", - "description" : "Additional commentary about the containing object.", - "$id" : "#field_oscal-metadata_remarks", - "type" : "string" }, - "oscal-profile-oscal-metadata:published" : - { "title" : "Publication Timestamp", - "description" : "The date and time the document was last made available.", - "$id" : "#field_oscal-metadata_published", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "oscal-profile-oscal-metadata:last-modified" : - { "title" : "Last Modified Timestamp", - "description" : "The date and time the document was last stored for later retrieval.", - "$id" : "#field_oscal-metadata_last-modified", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "oscal-profile-oscal-metadata:version" : - { "title" : "Document Version", - "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", - "$id" : "#field_oscal-metadata_version", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-profile-oscal-metadata:oscal-version" : - { "title" : "OSCAL Version", - "description" : "The OSCAL model version the document was authored against and will conform to as valid.", - "$id" : "#field_oscal-metadata_oscal-version", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-profile-oscal-metadata:email-address" : - { "title" : "Email Address", - "description" : "An email address as defined by RFC 5322 Section 3.4.1.", - "$id" : "#field_oscal-metadata_email-address", - "$ref" : "#/definitions/EmailAddressDatatype" }, - "oscal-profile-oscal-metadata:telephone-number" : - { "title" : "Telephone Number", - "description" : "A telephone service number as defined by ITU-T E.164.", - "$id" : "#field_oscal-metadata_telephone-number", - "type" : "object", - "properties" : - { "type" : - { "title" : "type flag", - "description" : "Indicates the type of phone number.", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "text" ], + "additionalProperties" : false }, + "rlinks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Resource link", + "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", + "type" : "object", + "properties" : + { "href" : + { "title" : "Hypertext Reference", + "description" : "A resolvable URL pointing to the referenced resource.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "media-type" : + { "title" : "Media Type", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, - "number" : - { "type" : "string" } }, - "required" : - [ "number" ], - "additionalProperties" : false }, - "oscal-profile-oscal-metadata:address" : - { "title" : "Address", - "description" : "A postal address for the location.", - "$id" : "#assembly_oscal-metadata_address", - "type" : "object", - "properties" : - { "type" : - { "title" : "Address Type", - "description" : "Indicates the type of address.", - "$ref" : "#/definitions/TokenDatatype" }, - "addr-lines" : - { "type" : "array", + "hashes" : + { "type" : "array", "minItems" : 1, "items" : - { "$ref" : "#field_oscal-metadata_addr-line" } }, - "city" : - { "title" : "City", - "description" : "City, town or geographical region for the mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "state" : - { "title" : "State", - "description" : "State, province or analogous geographical region for a mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "postal-code" : - { "title" : "Postal Code", - "description" : "Postal or ZIP code for mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "country" : - { "title" : "Country Code", - "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", - "$ref" : "#/definitions/StringDatatype" } }, - "additionalProperties" : false }, - "oscal-profile-oscal-metadata:addr-line" : - { "title" : "Address line", - "description" : "A single line of an address.", - "$id" : "#field_oscal-metadata_addr-line", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-profile-oscal-metadata:document-id" : - { "title" : "Document Identifier", - "description" : "A document identifier qualified by an identifier scheme.", - "$id" : "#field_oscal-metadata_document-id", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "Document Identification Scheme", - "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "$ref" : "#/definitions/URIDatatype" }, - "identifier" : + { "$ref" : "#field_oscal-metadata_hash" } } }, + "required" : + [ "href" ], + "additionalProperties" : false } }, + "base64" : + { "title" : "Base64", + "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", + "type" : "object", + "properties" : + { "filename" : + { "title" : "File Name", + "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", + "$ref" : "#/definitions/TokenDatatype" }, + "media-type" : + { "title" : "Media Type", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", + "$ref" : "#/definitions/StringDatatype" }, + "value" : { "type" : "string" } }, - "required" : - [ "identifier" ], - "additionalProperties" : false }, - "oscal-profile-oscal-control-common:part" : - { "title" : "Part", - "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", - "$id" : "#assembly_oscal-control-common_part", - "type" : "object", - "properties" : - { "id" : - { "title" : "Part Identifier", - "description" : "A unique identifier for the part.", - "$ref" : "#/definitions/TokenDatatype" }, - "name" : - { "title" : "Part Name", - "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", - "$ref" : "#/definitions/TokenDatatype" }, - "ns" : - { "title" : "Part Namespace", - "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", - "$ref" : "#/definitions/URIDatatype" }, - "class" : - { "title" : "Part Class", - "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Part Title", - "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "prose" : - { "title" : "Part Text", - "description" : "Permits multiple paragraphs, lists, tables etc.", - "type" : "string" }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_part" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "name" ], - "additionalProperties" : false }, - "oscal-profile-oscal-control-common:parameter" : - { "title" : "Parameter", - "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", - "$id" : "#assembly_oscal-control-common_parameter", - "type" : "object", - "properties" : - { "id" : - { "title" : "Parameter Identifier", - "description" : "A unique identifier for the parameter.", - "$ref" : "#/definitions/TokenDatatype" }, - "class" : - { "title" : "Parameter Class", - "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", - "$ref" : "#/definitions/TokenDatatype" }, - "depends-on" : - { "title" : "Depends on", - "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "label" : - { "title" : "Parameter Label", - "description" : "A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned.", - "type" : "string" }, - "usage" : - { "title" : "Parameter Usage Description", - "description" : "Describes the purpose and use of a parameter.", - "type" : "string" }, - "constraints" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, - "guidelines" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, - "values" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-control-common_parameter-value" } }, - "select" : - { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id" ], - "additionalProperties" : false }, - "oscal-profile-oscal-control-common:parameter-constraint" : - { "title" : "Constraint", - "description" : "A formal or informal expression of a constraint or test.", - "$id" : "#assembly_oscal-control-common_parameter-constraint", - "type" : "object", - "properties" : - { "description" : - { "title" : "Constraint Description", - "description" : "A textual summary of the constraint to be applied.", - "type" : "string" }, - "tests" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Constraint Test", - "description" : "A test expression which is expected to be evaluated by a tool.", - "type" : "object", - "properties" : - { "expression" : - { "title" : "Constraint test", - "description" : "A formal (executable) expression of a constraint.", - "$ref" : "#/definitions/StringDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "expression" ], - "additionalProperties" : false } } }, - "additionalProperties" : false }, - "oscal-profile-oscal-control-common:parameter-guideline" : - { "title" : "Guideline", - "description" : "A prose statement that provides a recommendation for the use of a parameter.", - "$id" : "#assembly_oscal-control-common_parameter-guideline", - "type" : "object", - "properties" : - { "prose" : - { "title" : "Guideline Text", - "description" : "Prose permits multiple paragraphs, lists, tables etc.", - "type" : "string" } }, - "required" : - [ "prose" ], - "additionalProperties" : false }, - "oscal-profile-oscal-control-common:parameter-value" : - { "title" : "Parameter Value", - "description" : "A parameter value or set of values.", - "$id" : "#field_oscal-control-common_parameter-value", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-profile-oscal-control-common:parameter-selection" : - { "title" : "Selection", - "description" : "Presenting a choice among alternatives.", - "$id" : "#assembly_oscal-control-common_parameter-selection", - "type" : "object", - "properties" : - { "how-many" : - { "title" : "Parameter Cardinality", - "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "one", - "one-or-more" ] } ] }, - "choice" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Choice", - "description" : "A value selection among several such options.", - "type" : "string" } } }, - "additionalProperties" : false }, - "oscal-profile-oscal-control-common:include-all" : - { "title" : "Include All", - "description" : "Include all controls from the imported catalog or profile resources.", - "$id" : "#assembly_oscal-control-common_include-all", - "type" : "object", - "additionalProperties" : false }, - "Base64Datatype" : - { "type" : "string", - "pattern" : "^[0-9A-Fa-f]+$", - "contentEncoding" : "base64" }, - "BooleanDatatype" : - { "type" : "boolean" }, - "DateTimeWithTimezoneDatatype" : - { "type" : "string", - "format" : "date-time", - "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, - "EmailAddressDatatype" : - { "type" : "string", - "format" : "email", - "pattern" : "^.+@.+$" }, - "StringDatatype" : - { "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, - "TokenDatatype" : - { "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, - "URIDatatype" : - { "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, - "URIReferenceDatatype" : - { "type" : "string", - "format" : "uri-reference" }, - "UUIDDatatype" : - { "type" : "string", - "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "required" : + [ "value" ], + "additionalProperties" : false }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } } }, + "additionalProperties" : false }, + "oscal-profile-oscal-metadata:property" : + { "title" : "Property", + "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", + "$id" : "#assembly_oscal-metadata_property", + "type" : "object", + "properties" : + { "name" : + { "title" : "Property Name", + "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", + "$ref" : "#/definitions/TokenDatatype" }, + "uuid" : + { "title" : "Property Universally Unique Identifier", + "description" : "A unique identifier for a property.", + "$ref" : "#/definitions/UUIDDatatype" }, + "ns" : + { "title" : "Property Namespace", + "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "value" : + { "title" : "Property Value", + "description" : "Indicates the value of the attribute, characteristic, or quality.", + "$ref" : "#/definitions/StringDatatype" }, + "class" : + { "title" : "Property Class", + "description" : "A textual label that provides a sub-type or characterization of the property's name.", + "$ref" : "#/definitions/TokenDatatype" }, + "group" : + { "title" : "Property Group", + "description" : "An identifier for relating distinct sets of properties.", + "$ref" : "#/definitions/TokenDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "name", + "value" ], + "additionalProperties" : false }, + "oscal-profile-oscal-metadata:link" : + { "title" : "Link", + "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", + "$id" : "#assembly_oscal-metadata_link", + "type" : "object", + "properties" : + { "href" : + { "title" : "Hypertext Reference", + "description" : "A resolvable URL reference to a resource.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "rel" : + { "title" : "Link Relation Type", + "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", + "$ref" : "#/definitions/TokenDatatype" }, + "media-type" : + { "title" : "Media Type", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", + "$ref" : "#/definitions/StringDatatype" }, + "resource-fragment" : + { "title" : "Resource Fragment", + "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", + "$ref" : "#/definitions/StringDatatype" }, + "text" : + { "title" : "Link Text", + "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", + "type" : "string" } }, + "required" : + [ "href" ], + "additionalProperties" : false }, + "oscal-profile-oscal-metadata:responsible-party" : + { "title" : "Responsible Party", + "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", + "$id" : "#assembly_oscal-metadata_responsible-party", + "type" : "object", + "properties" : + { "role-id" : + { "title" : "Responsible Role", + "description" : "A reference to a role performed by a party.", + "$ref" : "#/definitions/TokenDatatype" }, + "party-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_party-uuid" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "role-id", + "party-uuids" ], + "additionalProperties" : false }, + "oscal-profile-oscal-metadata:action" : + { "title" : "Action", + "description" : "An action applied by a role within a given party to the content.", + "$id" : "#assembly_oscal-metadata_action", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Action Universally Unique Identifier", + "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "date" : + { "title" : "Action Occurrence Date", + "description" : "The date and time when the action occurred.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "type" : + { "title" : "Action Type", + "description" : "The type of action documented by the assembly, such as an approval.", + "$ref" : "#/definitions/TokenDatatype" }, + "system" : + { "title" : "Action Type System", + "description" : "Specifies the action type system used.", + "$ref" : "#/definitions/URIDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "system" ], + "additionalProperties" : false }, + "oscal-profile-oscal-metadata:responsible-role" : + { "title" : "Responsible Role", + "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", + "$id" : "#assembly_oscal-metadata_responsible-role", + "type" : "object", + "properties" : + { "role-id" : + { "title" : "Responsible Role ID", + "description" : "A human-oriented identifier reference to a role performed.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "party-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_party-uuid" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "role-id" ], + "additionalProperties" : false }, + "oscal-profile-oscal-metadata:hash" : + { "title" : "Hash", + "description" : "A representation of a cryptographic digest generated over a resource using a specified hash algorithm.", + "$id" : "#field_oscal-metadata_hash", + "type" : "object", + "properties" : + { "algorithm" : + { "title" : "Hash algorithm", + "description" : "The digest method by which a hash is derived.", + "$ref" : "#/definitions/StringDatatype" }, + "value" : + { "type" : "string" } }, + "required" : + [ "value", + "algorithm" ], + "additionalProperties" : false }, + "oscal-profile-oscal-metadata:remarks" : + { "title" : "Remarks", + "description" : "Additional commentary about the containing object.", + "$id" : "#field_oscal-metadata_remarks", + "type" : "string" }, + "oscal-profile-oscal-metadata:published" : + { "title" : "Publication Timestamp", + "description" : "The date and time the document was last made available.", + "$id" : "#field_oscal-metadata_published", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "oscal-profile-oscal-metadata:last-modified" : + { "title" : "Last Modified Timestamp", + "description" : "The date and time the document was last stored for later retrieval.", + "$id" : "#field_oscal-metadata_last-modified", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "oscal-profile-oscal-metadata:version" : + { "title" : "Document Version", + "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", + "$id" : "#field_oscal-metadata_version", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-profile-oscal-metadata:oscal-version" : + { "title" : "OSCAL Version", + "description" : "The OSCAL model version the document was authored against and will conform to as valid.", + "$id" : "#field_oscal-metadata_oscal-version", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-profile-oscal-metadata:email-address" : + { "title" : "Email Address", + "description" : "An email address as defined by RFC 5322 Section 3.4.1.", + "$id" : "#field_oscal-metadata_email-address", + "$ref" : "#/definitions/EmailAddressDatatype" }, + "oscal-profile-oscal-metadata:telephone-number" : + { "title" : "Telephone Number", + "description" : "A telephone service number as defined by ITU-T E.164.", + "$id" : "#field_oscal-metadata_telephone-number", + "type" : "object", + "properties" : + { "type" : + { "title" : "type flag", + "description" : "Indicates the type of phone number.", + "$ref" : "#/definitions/StringDatatype" }, + "number" : + { "type" : "string" } }, + "required" : + [ "number" ], + "additionalProperties" : false }, + "oscal-profile-oscal-metadata:address" : + { "title" : "Address", + "description" : "A postal address for the location.", + "$id" : "#assembly_oscal-metadata_address", + "type" : "object", "properties" : - { "profile" : - { "$ref" : "#assembly_oscal-profile_profile" } }, + { "type" : + { "title" : "Address Type", + "description" : "Indicates the type of address.", + "$ref" : "#/definitions/TokenDatatype" }, + "addr-lines" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_addr-line" } }, + "city" : + { "title" : "City", + "description" : "City, town or geographical region for the mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "state" : + { "title" : "State", + "description" : "State, province or analogous geographical region for a mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "postal-code" : + { "title" : "Postal Code", + "description" : "Postal or ZIP code for mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "country" : + { "title" : "Country Code", + "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", + "$ref" : "#/definitions/StringDatatype" } }, + "additionalProperties" : false }, + "oscal-profile-oscal-metadata:addr-line" : + { "title" : "Address line", + "description" : "A single line of an address.", + "$id" : "#field_oscal-metadata_addr-line", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-profile-oscal-metadata:document-id" : + { "title" : "Document Identifier", + "description" : "A document identifier qualified by an identifier scheme.", + "$id" : "#field_oscal-metadata_document-id", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "Document Identification Scheme", + "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", + "$ref" : "#/definitions/URIDatatype" }, + "identifier" : + { "type" : "string" } }, + "required" : + [ "identifier" ], + "additionalProperties" : false }, + "oscal-profile-oscal-control-common:part" : + { "title" : "Part", + "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", + "$id" : "#assembly_oscal-control-common_part", + "type" : "object", + "properties" : + { "id" : + { "title" : "Part Identifier", + "description" : "A unique identifier for the part.", + "$ref" : "#/definitions/TokenDatatype" }, + "name" : + { "title" : "Part Name", + "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", + "$ref" : "#/definitions/TokenDatatype" }, + "ns" : + { "title" : "Part Namespace", + "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "class" : + { "title" : "Part Class", + "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Part Title", + "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "prose" : + { "title" : "Part Text", + "description" : "Permits multiple paragraphs, lists, tables etc.", + "type" : "string" }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_part" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "name" ], + "additionalProperties" : false }, + "oscal-profile-oscal-control-common:parameter" : + { "title" : "Parameter", + "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", + "$id" : "#assembly_oscal-control-common_parameter", + "type" : "object", + "properties" : + { "id" : + { "title" : "Parameter Identifier", + "description" : "A unique identifier for the parameter.", + "$ref" : "#/definitions/TokenDatatype" }, + "class" : + { "title" : "Parameter Class", + "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", + "$ref" : "#/definitions/TokenDatatype" }, + "depends-on" : + { "title" : "Depends on", + "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "label" : + { "title" : "Parameter Label", + "description" : "A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned.", + "type" : "string" }, + "usage" : + { "title" : "Parameter Usage Description", + "description" : "Describes the purpose and use of a parameter.", + "type" : "string" }, + "constraints" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, + "guidelines" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, + "values" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-control-common_parameter-value" } }, + "select" : + { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : - [ "profile" ], - "additionalProperties" : false, - "maxProperties" : 1 } \ No newline at end of file + [ "id" ], + "additionalProperties" : false }, + "oscal-profile-oscal-control-common:parameter-constraint" : + { "title" : "Constraint", + "description" : "A formal or informal expression of a constraint or test.", + "$id" : "#assembly_oscal-control-common_parameter-constraint", + "type" : "object", + "properties" : + { "description" : + { "title" : "Constraint Description", + "description" : "A textual summary of the constraint to be applied.", + "type" : "string" }, + "tests" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Constraint Test", + "description" : "A test expression which is expected to be evaluated by a tool.", + "type" : "object", + "properties" : + { "expression" : + { "title" : "Constraint test", + "description" : "A formal (executable) expression of a constraint.", + "$ref" : "#/definitions/StringDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "expression" ], + "additionalProperties" : false } } }, + "additionalProperties" : false }, + "oscal-profile-oscal-control-common:parameter-guideline" : + { "title" : "Guideline", + "description" : "A prose statement that provides a recommendation for the use of a parameter.", + "$id" : "#assembly_oscal-control-common_parameter-guideline", + "type" : "object", + "properties" : + { "prose" : + { "title" : "Guideline Text", + "description" : "Prose permits multiple paragraphs, lists, tables etc.", + "type" : "string" } }, + "required" : + [ "prose" ], + "additionalProperties" : false }, + "oscal-profile-oscal-control-common:parameter-value" : + { "title" : "Parameter Value", + "description" : "A parameter value or set of values.", + "$id" : "#field_oscal-control-common_parameter-value", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-profile-oscal-control-common:parameter-selection" : + { "title" : "Selection", + "description" : "Presenting a choice among alternatives.", + "$id" : "#assembly_oscal-control-common_parameter-selection", + "type" : "object", + "properties" : + { "how-many" : + { "title" : "Parameter Cardinality", + "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "one", + "one-or-more" ] } ] }, + "choice" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Choice", + "description" : "A value selection among several such options.", + "type" : "string" } } }, + "additionalProperties" : false }, + "oscal-profile-oscal-control-common:include-all" : + { "title" : "Include All", + "description" : "Include all controls from the imported catalog or profile resources.", + "$id" : "#assembly_oscal-control-common_include-all", + "type" : "object", + "additionalProperties" : false }, + "Base64Datatype" : + { "type" : "string", + "pattern" : "^[0-9A-Fa-f]+$", + "contentEncoding" : "base64" }, + "BooleanDatatype" : + { "type" : "boolean" }, + "DateTimeWithTimezoneDatatype" : + { "type" : "string", + "format" : "date-time", + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, + "EmailAddressDatatype" : + { "type" : "string", + "format" : "email", + "pattern" : "^.+@.+$" }, + "StringDatatype" : + { "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "TokenDatatype" : + { "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "URIDatatype" : + { "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "URIReferenceDatatype" : + { "type" : "string", + "format" : "uri-reference" }, + "UUIDDatatype" : + { "type" : "string", + "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "properties" : + { "profile" : + { "$ref" : "#assembly_oscal-profile_profile" } }, + "required" : + [ "profile" ], + "additionalProperties" : false, + "maxProperties" : 1 } \ No newline at end of file diff --git a/json/schema/oscal_ssp_schema.json b/json/schema/oscal_ssp_schema.json index 2024ee90c7..af59b9a632 100644 --- a/json/schema/oscal_ssp_schema.json +++ b/json/schema/oscal_ssp_schema.json @@ -1,2062 +1,2057 @@ - { "$schema" : "http://json-schema.org/draft-07/schema#", - "$id" : "http://csrc.nist.gov/ns/oscal/1.0.4/oscal-ssp-schema.json", - "$comment" : "OSCAL System Security Plan (SSP) Model: JSON Schema", + { "$schema" : "http://json-schema.org/draft-07/schema#", + "$id" : "http://csrc.nist.gov/ns/oscal/1.0.4/oscal-ssp-schema.json", + "$comment" : "OSCAL System Security Plan (SSP) Model: JSON Schema", + "type" : "object", + "definitions" : + { "oscal-ssp-oscal-ssp:system-security-plan" : + { "title" : "System Security Plan (SSP)", + "description" : "A system security plan, such as those described in NIST SP 800-18.", + "$id" : "#assembly_oscal-ssp_system-security-plan", "type" : "object", - "definitions" : - { "oscal-ssp-oscal-ssp:system-security-plan" : - { "title" : "System Security Plan (SSP)", - "description" : "A system security plan, such as those described in NIST SP 800-18.", - "$id" : "#assembly_oscal-ssp_system-security-plan", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "System Security Plan Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this system security plan (SSP) elsewhere in this or other OSCAL instances. The locally defined UUID of the SSP can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "metadata" : - { "$ref" : "#assembly_oscal-metadata_metadata" }, - "import-profile" : - { "$ref" : "#assembly_oscal-ssp_import-profile" }, - "system-characteristics" : - { "$ref" : "#assembly_oscal-ssp_system-characteristics" }, - "system-implementation" : - { "$ref" : "#assembly_oscal-ssp_system-implementation" }, - "control-implementation" : - { "$ref" : "#assembly_oscal-ssp_control-implementation" }, - "back-matter" : - { "$ref" : "#assembly_oscal-metadata_back-matter" } }, - "required" : - [ "uuid", - "metadata", - "import-profile", - "system-characteristics", - "system-implementation", - "control-implementation" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-ssp:import-profile" : - { "title" : "Import Profile", - "description" : "Used to import the OSCAL profile representing the system's control baseline.", - "$id" : "#assembly_oscal-ssp_import-profile", - "type" : "object", - "properties" : - { "href" : - { "title" : "Profile Reference", - "description" : "A resolvable URL reference to the profile or catalog to use as the system's control baseline.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "href" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-ssp:system-characteristics" : - { "title" : "System Characteristics", - "description" : "Contains the characteristics of the system, such as its name, purpose, and security impact level.", - "$id" : "#assembly_oscal-ssp_system-characteristics", - "type" : "object", - "properties" : - { "system-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-implementation-common_system-id" } }, - "system-name" : - { "title" : "System Name - Full", - "description" : "The full name of the system.", - "$ref" : "#/definitions/StringDatatype" }, - "system-name-short" : - { "title" : "System Name - Short", - "description" : "A short name for the system, such as an acronym, that is suitable for display in a data table or summary list.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "System Description", - "description" : "A summary of the system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "date-authorized" : - { "$ref" : "#field_oscal-ssp_date-authorized" }, - "security-sensitivity-level" : - { "title" : "Security Sensitivity Level", - "description" : "The overall information system sensitivity categorization, such as defined by FIPS-199.", - "$ref" : "#/definitions/StringDatatype" }, - "system-information" : - { "$ref" : "#assembly_oscal-ssp_system-information" }, - "security-impact-level" : - { "$ref" : "#assembly_oscal-ssp_security-impact-level" }, - "status" : - { "$ref" : "#assembly_oscal-ssp_status" }, - "authorization-boundary" : - { "$ref" : "#assembly_oscal-ssp_authorization-boundary" }, - "network-architecture" : - { "$ref" : "#assembly_oscal-ssp_network-architecture" }, - "data-flow" : - { "$ref" : "#assembly_oscal-ssp_data-flow" }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "system-ids", - "system-name", - "description", - "security-sensitivity-level", - "system-information", - "security-impact-level", - "status", - "authorization-boundary" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-ssp:system-information" : - { "title" : "System Information", - "description" : "Contains details about all information types that are stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60.", - "$id" : "#assembly_oscal-ssp_system-information", - "type" : "object", - "properties" : - { "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "information-types" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Information Type", - "description" : "Contains details about one information type that is stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Information Type Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this information type elsewhere in this or other OSCAL instances. The locally defined UUID of the information type can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "title field", - "description" : "A human readable name for the information type. This title should be meaningful within the context of the system.", - "type" : "string" }, - "description" : - { "title" : "Information Type Description", - "description" : "A summary of how this information type is used within the system.", - "type" : "string" }, - "categorizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Information Type Categorization", - "description" : "A set of information type identifiers qualified by the given identification system used, such as NIST SP 800-60.", - "type" : "object", - "properties" : - { "system" : - { "title" : "Information Type Identification System", - "description" : "Specifies the information type identification system used.", - "$ref" : "#/definitions/URIDatatype" }, - "information-type-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Information Type Systematized Identifier", - "description" : "A human-oriented, globally unique identifier qualified by the given identification system used, such as NIST SP 800-60. This identifier has cross-instance scope and can be used to reference this system elsewhere in this or other OSCAL instances. This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/StringDatatype" } } }, - "required" : - [ "system" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "confidentiality-impact" : - { "$ref" : "#assembly_oscal-ssp_impact" }, - "integrity-impact" : - { "$ref" : "#assembly_oscal-ssp_impact" }, - "availability-impact" : - { "$ref" : "#assembly_oscal-ssp_impact" } }, - "required" : - [ "title", - "description" ], - "additionalProperties" : false } } }, - "required" : - [ "information-types" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-ssp:impact" : - { "title" : "Impact Level", - "description" : "The expected level of impact resulting from the described information.", - "$id" : "#assembly_oscal-ssp_impact", - "type" : "object", - "properties" : - { "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "base" : - { "$ref" : "#field_oscal-ssp_base" }, - "selected" : - { "$ref" : "#field_oscal-ssp_selected" }, - "adjustment-justification" : - { "$ref" : "#field_oscal-ssp_adjustment-justification" } }, - "required" : - [ "base" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-ssp:base" : - { "title" : "Base Level (Confidentiality, Integrity, or Availability)", - "description" : "The prescribed base (Confidentiality, Integrity, or Availability) security impact level.", - "$id" : "#field_oscal-ssp_base", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-ssp-oscal-ssp:selected" : - { "title" : "Selected Level (Confidentiality, Integrity, or Availability)", - "description" : "The selected (Confidentiality, Integrity, or Availability) security impact level.", - "$id" : "#field_oscal-ssp_selected", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-ssp-oscal-ssp:adjustment-justification" : - { "title" : "Adjustment Justification", - "description" : "If the selected security level is different from the base security level, this contains the justification for the change.", - "$id" : "#field_oscal-ssp_adjustment-justification", + "properties" : + { "uuid" : + { "title" : "System Security Plan Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this system security plan (SSP) elsewhere in this or other OSCAL instances. The locally defined UUID of the SSP can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "metadata" : + { "$ref" : "#assembly_oscal-metadata_metadata" }, + "import-profile" : + { "$ref" : "#assembly_oscal-ssp_import-profile" }, + "system-characteristics" : + { "$ref" : "#assembly_oscal-ssp_system-characteristics" }, + "system-implementation" : + { "$ref" : "#assembly_oscal-ssp_system-implementation" }, + "control-implementation" : + { "$ref" : "#assembly_oscal-ssp_control-implementation" }, + "back-matter" : + { "$ref" : "#assembly_oscal-metadata_back-matter" } }, + "required" : + [ "uuid", + "metadata", + "import-profile", + "system-characteristics", + "system-implementation", + "control-implementation" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-ssp:import-profile" : + { "title" : "Import Profile", + "description" : "Used to import the OSCAL profile representing the system's control baseline.", + "$id" : "#assembly_oscal-ssp_import-profile", + "type" : "object", + "properties" : + { "href" : + { "title" : "Profile Reference", + "description" : "A resolvable URL reference to the profile or catalog to use as the system's control baseline.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "href" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-ssp:system-characteristics" : + { "title" : "System Characteristics", + "description" : "Contains the characteristics of the system, such as its name, purpose, and security impact level.", + "$id" : "#assembly_oscal-ssp_system-characteristics", + "type" : "object", + "properties" : + { "system-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-implementation-common_system-id" } }, + "system-name" : + { "title" : "System Name - Full", + "description" : "The full name of the system.", + "$ref" : "#/definitions/StringDatatype" }, + "system-name-short" : + { "title" : "System Name - Short", + "description" : "A short name for the system, such as an acronym, that is suitable for display in a data table or summary list.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "System Description", + "description" : "A summary of the system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "date-authorized" : + { "$ref" : "#field_oscal-ssp_date-authorized" }, + "security-sensitivity-level" : + { "title" : "Security Sensitivity Level", + "description" : "The overall information system sensitivity categorization, such as defined by FIPS-199.", + "$ref" : "#/definitions/StringDatatype" }, + "system-information" : + { "$ref" : "#assembly_oscal-ssp_system-information" }, + "security-impact-level" : + { "$ref" : "#assembly_oscal-ssp_security-impact-level" }, + "status" : + { "$ref" : "#assembly_oscal-ssp_status" }, + "authorization-boundary" : + { "$ref" : "#assembly_oscal-ssp_authorization-boundary" }, + "network-architecture" : + { "$ref" : "#assembly_oscal-ssp_network-architecture" }, + "data-flow" : + { "$ref" : "#assembly_oscal-ssp_data-flow" }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "system-ids", + "system-name", + "description", + "security-sensitivity-level", + "system-information", + "security-impact-level", + "status", + "authorization-boundary" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-ssp:system-information" : + { "title" : "System Information", + "description" : "Contains details about all information types that are stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60.", + "$id" : "#assembly_oscal-ssp_system-information", + "type" : "object", + "properties" : + { "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "information-types" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Information Type", + "description" : "Contains details about one information type that is stored, processed, or transmitted by the system, such as privacy information, and those defined in NIST SP 800-60.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Information Type Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this information type elsewhere in this or other OSCAL instances. The locally defined UUID of the information type can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "title field", + "description" : "A human readable name for the information type. This title should be meaningful within the context of the system.", + "type" : "string" }, + "description" : + { "title" : "Information Type Description", + "description" : "A summary of how this information type is used within the system.", + "type" : "string" }, + "categorizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Information Type Categorization", + "description" : "A set of information type identifiers qualified by the given identification system used, such as NIST SP 800-60.", + "type" : "object", + "properties" : + { "system" : + { "title" : "Information Type Identification System", + "description" : "Specifies the information type identification system used.", + "$ref" : "#/definitions/URIDatatype" }, + "information-type-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Information Type Systematized Identifier", + "description" : "A human-oriented, globally unique identifier qualified by the given identification system used, such as NIST SP 800-60. This identifier has cross-instance scope and can be used to reference this system elsewhere in this or other OSCAL instances. This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/StringDatatype" } } }, + "required" : + [ "system" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "confidentiality-impact" : + { "$ref" : "#assembly_oscal-ssp_impact" }, + "integrity-impact" : + { "$ref" : "#assembly_oscal-ssp_impact" }, + "availability-impact" : + { "$ref" : "#assembly_oscal-ssp_impact" } }, + "required" : + [ "title", + "description" ], + "additionalProperties" : false } } }, + "required" : + [ "information-types" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-ssp:impact" : + { "title" : "Impact Level", + "description" : "The expected level of impact resulting from the described information.", + "$id" : "#assembly_oscal-ssp_impact", + "type" : "object", + "properties" : + { "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "base" : + { "$ref" : "#field_oscal-ssp_base" }, + "selected" : + { "$ref" : "#field_oscal-ssp_selected" }, + "adjustment-justification" : + { "$ref" : "#field_oscal-ssp_adjustment-justification" } }, + "required" : + [ "base" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-ssp:base" : + { "title" : "Base Level (Confidentiality, Integrity, or Availability)", + "description" : "The prescribed base (Confidentiality, Integrity, or Availability) security impact level.", + "$id" : "#field_oscal-ssp_base", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-ssp-oscal-ssp:selected" : + { "title" : "Selected Level (Confidentiality, Integrity, or Availability)", + "description" : "The selected (Confidentiality, Integrity, or Availability) security impact level.", + "$id" : "#field_oscal-ssp_selected", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-ssp-oscal-ssp:adjustment-justification" : + { "title" : "Adjustment Justification", + "description" : "If the selected security level is different from the base security level, this contains the justification for the change.", + "$id" : "#field_oscal-ssp_adjustment-justification", + "type" : "string" }, + "oscal-ssp-oscal-ssp:security-impact-level" : + { "title" : "Security Impact Level", + "description" : "The overall level of expected impact resulting from unauthorized disclosure, modification, or loss of access to information.", + "$id" : "#assembly_oscal-ssp_security-impact-level", + "type" : "object", + "properties" : + { "security-objective-confidentiality" : + { "title" : "Security Objective: Confidentiality", + "description" : "A target-level of confidentiality for the system, based on the sensitivity of information within the system.", + "$ref" : "#/definitions/StringDatatype" }, + "security-objective-integrity" : + { "title" : "Security Objective: Integrity", + "description" : "A target-level of integrity for the system, based on the sensitivity of information within the system.", + "$ref" : "#/definitions/StringDatatype" }, + "security-objective-availability" : + { "title" : "Security Objective: Availability", + "description" : "A target-level of availability for the system, based on the sensitivity of information within the system.", + "$ref" : "#/definitions/StringDatatype" } }, + "required" : + [ "security-objective-confidentiality", + "security-objective-integrity", + "security-objective-availability" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-ssp:status" : + { "title" : "Status", + "description" : "Describes the operational status of the system.", + "$id" : "#assembly_oscal-ssp_status", + "type" : "object", + "properties" : + { "state" : + { "title" : "State", + "description" : "The current operating status.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "operational", + "under-development", + "under-major-modification", + "disposition", + "other" ] } ] }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "state" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-ssp:date-authorized" : + { "title" : "System Authorization Date", + "description" : "The date the system received its authorization.", + "$id" : "#field_oscal-ssp_date-authorized", + "$ref" : "#/definitions/DateDatatype" }, + "oscal-ssp-oscal-ssp:authorization-boundary" : + { "title" : "Authorization Boundary", + "description" : "A description of this system's authorization boundary, optionally supplemented by diagrams that illustrate the authorization boundary.", + "$id" : "#assembly_oscal-ssp_authorization-boundary", + "type" : "object", + "properties" : + { "description" : + { "title" : "Authorization Boundary Description", + "description" : "A summary of the system's authorization boundary.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "diagrams" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-ssp_diagram" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "description" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-ssp:diagram" : + { "title" : "Diagram", + "description" : "A graphic that provides a visual representation the system, or some aspect of it.", + "$id" : "#assembly_oscal-ssp_diagram", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Diagram ID", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this diagram elsewhere in this or other OSCAL instances. The locally defined UUID of the diagram can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Diagram Description", + "description" : "A summary of the diagram.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "caption" : + { "title" : "Caption", + "description" : "A brief caption to annotate the diagram.", + "type" : "string" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-ssp:network-architecture" : + { "title" : "Network Architecture", + "description" : "A description of the system's network architecture, optionally supplemented by diagrams that illustrate the network architecture.", + "$id" : "#assembly_oscal-ssp_network-architecture", + "type" : "object", + "properties" : + { "description" : + { "title" : "Network Architecture Description", + "description" : "A summary of the system's network architecture.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "diagrams" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-ssp_diagram" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "description" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-ssp:data-flow" : + { "title" : "Data Flow", + "description" : "A description of the logical flow of information within the system and across its boundaries, optionally supplemented by diagrams that illustrate these flows.", + "$id" : "#assembly_oscal-ssp_data-flow", + "type" : "object", + "properties" : + { "description" : + { "title" : "Data Flow Description", + "description" : "A summary of the system's data flow.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "diagrams" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-ssp_diagram" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "description" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-ssp:system-implementation" : + { "title" : "System Implementation", + "description" : "Provides information as to how the system is implemented.", + "$id" : "#assembly_oscal-ssp_system-implementation", + "type" : "object", + "properties" : + { "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "leveraged-authorizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Leveraged Authorization", + "description" : "A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a common control provider.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Leveraged Authorization Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope and can be used to reference this leveraged authorization elsewhere in this or other OSCAL instances. The locally defined UUID of the leveraged authorization can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "title field", + "description" : "A human readable name for the leveraged authorization in the context of the system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "party-uuid" : + { "title" : "party-uuid field", + "description" : "A machine-oriented identifier reference to the party that manages the leveraged system.", + "$ref" : "#/definitions/UUIDDatatype" }, + "date-authorized" : + { "$ref" : "#field_oscal-ssp_date-authorized" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "title", + "party-uuid", + "date-authorized" ], + "additionalProperties" : false } }, + "users" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_system-user" } }, + "components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, + "inventory-items" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_inventory-item" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "users", + "components" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-ssp:control-implementation" : + { "title" : "Control Implementation", + "description" : "Describes how the system satisfies a set of controls.", + "$id" : "#assembly_oscal-ssp_control-implementation", + "type" : "object", + "properties" : + { "description" : + { "title" : "Control Implementation Description", + "description" : "A statement describing important things to know about how this set of control satisfaction documentation is approached.", + "type" : "string" }, + "set-parameters" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_set-parameter" } }, + "implemented-requirements" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-ssp_implemented-requirement" } } }, + "required" : + [ "description", + "implemented-requirements" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-ssp:implemented-requirement" : + { "title" : "Control-based Requirement", + "description" : "Describes how the system satisfies the requirements of an individual control.", + "$id" : "#assembly_oscal-ssp_implemented-requirement", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Control Requirement Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control requirement elsewhere in this or other OSCAL instances. The locally defined UUID of the control requirement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "control-id" : + { "title" : "Control Identifier Reference", + "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "set-parameters" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_set-parameter" } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "statements" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-ssp_statement" } }, + "by-components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-ssp_by-component" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "control-id" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-ssp:statement" : + { "title" : "Specific Control Statement", + "description" : "Identifies which statements within a control are addressed.", + "$id" : "#assembly_oscal-ssp_statement", + "type" : "object", + "properties" : + { "statement-id" : + { "title" : "Control Statement Reference", + "description" : "A human-oriented identifier reference to a control statement.", + "$ref" : "#/definitions/TokenDatatype" }, + "uuid" : + { "title" : "Control Statement Reference Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", + "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "by-components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-ssp_by-component" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "statement-id", + "uuid" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-ssp:by-component" : + { "title" : "Component Control Implementation", + "description" : "Defines how the referenced component implements a set of controls.", + "$id" : "#assembly_oscal-ssp_by-component", + "type" : "object", + "properties" : + { "component-uuid" : + { "title" : "Component Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to the component that is implemeting a given control.", + "$ref" : "#/definitions/UUIDDatatype" }, + "uuid" : + { "title" : "By-Component Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this by-component entry elsewhere in this or other OSCAL instances. The locally defined UUID of the by-component entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Control Implementation Description", + "description" : "An implementation statement that describes how a control or a control statement is implemented within the referenced system component.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "set-parameters" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_set-parameter" } }, + "implementation-status" : + { "$ref" : "#assembly_oscal-implementation-common_implementation-status" }, + "export" : + { "title" : "Export", + "description" : "Identifies content intended for external consumption, such as with leveraged organizations.", + "type" : "object", + "properties" : + { "description" : + { "title" : "Control Implementation Export Description", + "description" : "An implementation statement that describes the aspects of the control or control statement implementation that can be available to another system leveraging this system.", "type" : "string" }, - "oscal-ssp-oscal-ssp:security-impact-level" : - { "title" : "Security Impact Level", - "description" : "The overall level of expected impact resulting from unauthorized disclosure, modification, or loss of access to information.", - "$id" : "#assembly_oscal-ssp_security-impact-level", - "type" : "object", - "properties" : - { "security-objective-confidentiality" : - { "title" : "Security Objective: Confidentiality", - "description" : "A target-level of confidentiality for the system, based on the sensitivity of information within the system.", - "$ref" : "#/definitions/StringDatatype" }, - "security-objective-integrity" : - { "title" : "Security Objective: Integrity", - "description" : "A target-level of integrity for the system, based on the sensitivity of information within the system.", - "$ref" : "#/definitions/StringDatatype" }, - "security-objective-availability" : - { "title" : "Security Objective: Availability", - "description" : "A target-level of availability for the system, based on the sensitivity of information within the system.", - "$ref" : "#/definitions/StringDatatype" } }, - "required" : - [ "security-objective-confidentiality", - "security-objective-integrity", - "security-objective-availability" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-ssp:status" : - { "title" : "Status", - "description" : "Describes the operational status of the system.", - "$id" : "#assembly_oscal-ssp_status", - "type" : "object", - "properties" : - { "state" : - { "title" : "State", - "description" : "The current operating status.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "operational", - "under-development", - "under-major-modification", - "disposition", - "other" ] } ] }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "state" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-ssp:date-authorized" : - { "title" : "System Authorization Date", - "description" : "The date the system received its authorization.", - "$id" : "#field_oscal-ssp_date-authorized", - "$ref" : "#/definitions/DateDatatype" }, - "oscal-ssp-oscal-ssp:authorization-boundary" : - { "title" : "Authorization Boundary", - "description" : "A description of this system's authorization boundary, optionally supplemented by diagrams that illustrate the authorization boundary.", - "$id" : "#assembly_oscal-ssp_authorization-boundary", - "type" : "object", - "properties" : - { "description" : - { "title" : "Authorization Boundary Description", - "description" : "A summary of the system's authorization boundary.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "diagrams" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-ssp_diagram" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "description" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-ssp:diagram" : - { "title" : "Diagram", - "description" : "A graphic that provides a visual representation the system, or some aspect of it.", - "$id" : "#assembly_oscal-ssp_diagram", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Diagram ID", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this diagram elsewhere in this or other OSCAL instances. The locally defined UUID of the diagram can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "provided" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Provided Control Implementation", + "description" : "Describes a capability which may be inherited by a leveraging system.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Provided Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this provided entry elsewhere in this or other OSCAL instances. The locally defined UUID of the provided entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, "description" : - { "title" : "Diagram Description", - "description" : "A summary of the diagram.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "caption" : - { "title" : "Caption", - "description" : "A brief caption to annotate the diagram.", - "type" : "string" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-ssp:network-architecture" : - { "title" : "Network Architecture", - "description" : "A description of the system's network architecture, optionally supplemented by diagrams that illustrate the network architecture.", - "$id" : "#assembly_oscal-ssp_network-architecture", - "type" : "object", - "properties" : - { "description" : - { "title" : "Network Architecture Description", - "description" : "A summary of the system's network architecture.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "diagrams" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-ssp_diagram" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "description" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-ssp:data-flow" : - { "title" : "Data Flow", - "description" : "A description of the logical flow of information within the system and across its boundaries, optionally supplemented by diagrams that illustrate these flows.", - "$id" : "#assembly_oscal-ssp_data-flow", - "type" : "object", - "properties" : - { "description" : - { "title" : "Data Flow Description", - "description" : "A summary of the system's data flow.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "diagrams" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-ssp_diagram" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "description" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-ssp:system-implementation" : - { "title" : "System Implementation", - "description" : "Provides information as to how the system is implemented.", - "$id" : "#assembly_oscal-ssp_system-implementation", - "type" : "object", - "properties" : - { "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "leveraged-authorizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Leveraged Authorization", - "description" : "A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a common control provider.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Leveraged Authorization Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope and can be used to reference this leveraged authorization elsewhere in this or other OSCAL instances. The locally defined UUID of the leveraged authorization can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "title field", - "description" : "A human readable name for the leveraged authorization in the context of the system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "party-uuid" : - { "title" : "party-uuid field", - "description" : "A machine-oriented identifier reference to the party that manages the leveraged system.", - "$ref" : "#/definitions/UUIDDatatype" }, - "date-authorized" : - { "$ref" : "#field_oscal-ssp_date-authorized" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "title", - "party-uuid", - "date-authorized" ], - "additionalProperties" : false } }, - "users" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_system-user" } }, - "components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_system-component" } }, - "inventory-items" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_inventory-item" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "users", - "components" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-ssp:control-implementation" : - { "title" : "Control Implementation", - "description" : "Describes how the system satisfies a set of controls.", - "$id" : "#assembly_oscal-ssp_control-implementation", - "type" : "object", - "properties" : - { "description" : - { "title" : "Control Implementation Description", - "description" : "A statement describing important things to know about how this set of control satisfaction documentation is approached.", - "type" : "string" }, - "set-parameters" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_set-parameter" } }, - "implemented-requirements" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-ssp_implemented-requirement" } } }, - "required" : - [ "description", - "implemented-requirements" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-ssp:implemented-requirement" : - { "title" : "Control-based Requirement", - "description" : "Describes how the system satisfies the requirements of an individual control.", - "$id" : "#assembly_oscal-ssp_implemented-requirement", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Control Requirement Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control requirement elsewhere in this or other OSCAL instances. The locally defined UUID of the control requirement can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "control-id" : - { "title" : "Control Identifier Reference", - "description" : "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).", - "$ref" : "#/definitions/TokenDatatype" }, + { "title" : "Provided Control Implementation Description", + "description" : "An implementation statement that describes the aspects of the control or control statement implementation that can be provided to another system leveraging this system.", + "type" : "string" }, "props" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, "links" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "set-parameters" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_set-parameter" } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, "responsible-roles" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "statements" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-ssp_statement" } }, - "by-components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-ssp_by-component" } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "control-id" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-ssp:statement" : - { "title" : "Specific Control Statement", - "description" : "Identifies which statements within a control are addressed.", - "$id" : "#assembly_oscal-ssp_statement", - "type" : "object", - "properties" : - { "statement-id" : - { "title" : "Control Statement Reference", - "description" : "A human-oriented identifier reference to a control statement.", - "$ref" : "#/definitions/TokenDatatype" }, - "uuid" : - { "title" : "Control Statement Reference Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this control statement elsewhere in this or other OSCAL instances. The UUID of the control statement in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance).", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "by-components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-ssp_by-component" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "statement-id", - "uuid" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-ssp:by-component" : - { "title" : "Component Control Implementation", - "description" : "Defines how the referenced component implements a set of controls.", - "$id" : "#assembly_oscal-ssp_by-component", - "type" : "object", - "properties" : - { "component-uuid" : - { "title" : "Component Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to the component that is implemeting a given control.", - "$ref" : "#/definitions/UUIDDatatype" }, - "uuid" : - { "title" : "By-Component Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this by-component entry elsewhere in this or other OSCAL instances. The locally defined UUID of the by-component entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false } }, + "responsibilities" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Control Implementation Responsibility", + "description" : "Describes a control implementation responsibility imposed on a leveraging system.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Responsibility Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this responsibility elsewhere in this or other OSCAL instances. The locally defined UUID of the responsibility can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "provided-uuid" : + { "title" : "Provided UUID", + "description" : "A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system.", + "$ref" : "#/definitions/UUIDDatatype" }, "description" : - { "title" : "Control Implementation Description", - "description" : "An implementation statement that describes how a control or a control statement is implemented within the referenced system component.", - "type" : "string" }, + { "title" : "Control Implementation Responsibility Description", + "description" : "An implementation statement that describes the aspects of the control or control statement implementation that a leveraging system must implement to satisfy the control provided by a leveraged system.", + "type" : "string" }, "props" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, "links" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "set-parameters" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_set-parameter" } }, - "implementation-status" : - { "$ref" : "#assembly_oscal-implementation-common_implementation-status" }, - "export" : - { "title" : "Export", - "description" : "Identifies content intended for external consumption, such as with leveraged organizations.", - "type" : "object", - "properties" : - { "description" : - { "title" : "Control Implementation Export Description", - "description" : "An implementation statement that describes the aspects of the control or control statement implementation that can be available to another system leveraging this system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "provided" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Provided Control Implementation", - "description" : "Describes a capability which may be inherited by a leveraging system.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Provided Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this provided entry elsewhere in this or other OSCAL instances. The locally defined UUID of the provided entry can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Provided Control Implementation Description", - "description" : "An implementation statement that describes the aspects of the control or control statement implementation that can be provided to another system leveraging this system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false } }, - "responsibilities" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Control Implementation Responsibility", - "description" : "Describes a control implementation responsibility imposed on a leveraging system.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Responsibility Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this responsibility elsewhere in this or other OSCAL instances. The locally defined UUID of the responsibility can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "provided-uuid" : - { "title" : "Provided UUID", - "description" : "A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Control Implementation Responsibility Description", - "description" : "An implementation statement that describes the aspects of the control or control statement implementation that a leveraging system must implement to satisfy the control provided by a leveraged system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "additionalProperties" : false }, - "inherited" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Inherited Control Implementation", - "description" : "Describes a control implementation inherited by a leveraging system.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Inherited Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inherited entry elsewhere in this or other OSCAL instances. The locally defined UUID of the inherited control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "provided-uuid" : - { "title" : "Provided UUID", - "description" : "A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Inherited Control Implementation Description", - "description" : "An implementation statement that describes the aspects of a control or control statement implementation that a leveraging system is inheriting from a leveraged system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false } }, - "satisfied" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Satisfied Control Implementation Responsibility", - "description" : "Describes how this system satisfies a responsibility imposed by a leveraged system.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Satisfied Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this satisfied control implementation entry elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "responsibility-uuid" : - { "title" : "Responsibility UUID", - "description" : "A machine-oriented identifier reference to a control implementation that satisfies a responsibility imposed by a leveraged system.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Satisfied Control Implementation Responsibility Description", - "description" : "An implementation statement that describes the aspects of a control or control statement implementation that a leveraging system is implementing based on a requirement from a leveraged system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, "responsible-roles" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "component-uuid", - "uuid", + "required" : + [ "uuid", "description" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-metadata:metadata" : - { "title" : "Document Metadata", - "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", - "$id" : "#assembly_oscal-metadata_metadata", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "revisions" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Revision History Entry", - "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", - "type" : "object", - "properties" : - { "title" : - { "title" : "Document Title", - "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", - "type" : "string" }, - "published" : - { "$ref" : "#field_oscal-metadata_published" }, - "last-modified" : - { "$ref" : "#field_oscal-metadata_last-modified" }, - "version" : - { "$ref" : "#field_oscal-metadata_version" }, - "oscal-version" : - { "$ref" : "#field_oscal-metadata_oscal-version" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "version" ], - "additionalProperties" : false } }, - "document-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_document-id" } }, + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "additionalProperties" : false }, + "inherited" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Inherited Control Implementation", + "description" : "Describes a control implementation inherited by a leveraging system.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Inherited Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inherited entry elsewhere in this or other OSCAL instances. The locally defined UUID of the inherited control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "provided-uuid" : + { "title" : "Provided UUID", + "description" : "A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Inherited Control Implementation Description", + "description" : "An implementation statement that describes the aspects of a control or control statement implementation that a leveraging system is inheriting from a leveraged system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false } }, + "satisfied" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Satisfied Control Implementation Responsibility", + "description" : "Describes how this system satisfies a responsibility imposed by a leveraged system.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Satisfied Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this satisfied control implementation entry elsewhere in this or other OSCAL instances. The locally defined UUID of the control implementation can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "responsibility-uuid" : + { "title" : "Responsibility UUID", + "description" : "A machine-oriented identifier reference to a control implementation that satisfies a responsibility imposed by a leveraged system.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Satisfied Control Implementation Responsibility Description", + "description" : "An implementation statement that describes the aspects of a control or control statement implementation that a leveraging system is implementing based on a requirement from a leveraged system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false } }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "component-uuid", + "uuid", + "description" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-metadata:metadata" : + { "title" : "Document Metadata", + "description" : "Provides information about the containing document, and defines concepts that are shared across the document.", + "$id" : "#assembly_oscal-metadata_metadata", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "revisions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Revision History Entry", + "description" : "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).", + "type" : "object", + "properties" : + { "title" : + { "title" : "Document Title", + "description" : "A name given to the document revision, which may be used by a tool for display and navigation.", + "type" : "string" }, + "published" : + { "$ref" : "#field_oscal-metadata_published" }, + "last-modified" : + { "$ref" : "#field_oscal-metadata_last-modified" }, + "version" : + { "$ref" : "#field_oscal-metadata_version" }, + "oscal-version" : + { "$ref" : "#field_oscal-metadata_oscal-version" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "version" ], + "additionalProperties" : false } }, + "document-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_document-id" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Role", + "description" : "Defines a function, which might be assigned to a party in a specific situation.", + "type" : "object", + "properties" : + { "id" : + { "title" : "Role Identifier", + "description" : "A unique identifier for the role.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Role Title", + "description" : "A name given to the role, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "Role Short Name", + "description" : "A short common name, abbreviation, or acronym for the role.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "Role Description", + "description" : "A summary of the role's purpose and associated responsibilities.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id", + "title" ], + "additionalProperties" : false } }, + "locations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location", + "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Location Universally Unique Identifier", + "description" : "A unique ID for the location, for reference.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Location Title", + "description" : "A name given to the location, which may be used by a tool for display and navigation.", + "type" : "string" }, + "address" : + { "$ref" : "#assembly_oscal-metadata_address" }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "urls" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Location URL", + "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", + "$ref" : "#/definitions/URIDatatype" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } }, + "parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party", + "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Party Universally Unique Identifier", + "description" : "A unique identifier for the party.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Party Type", + "description" : "A category describing the kind of party the object describes.", + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "person", + "organization" ] } ] }, + "name" : + { "title" : "Party Name", + "description" : "The full name of the party. This is typically the legal name associated with the party.", + "$ref" : "#/definitions/StringDatatype" }, + "short-name" : + { "title" : "Party Short Name", + "description" : "A short common name, abbreviation, or acronym for the party.", + "$ref" : "#/definitions/StringDatatype" }, + "external-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Party External Identifier", + "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "External Identifier Schema", + "description" : "Indicates the type of external identifier.", + "$ref" : "#/definitions/URIDatatype" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id", + "scheme" ], + "additionalProperties" : false } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "email-addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_email-address" } }, + "telephone-numbers" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_telephone-number" } }, + "addresses" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_address" } }, + "location-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_location-uuid" } }, + "member-of-organizations" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Organizational Affiliation", + "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", + "$ref" : "#/definitions/UUIDDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type" ], + "additionalProperties" : false } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "actions" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_action" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "title", + "last-modified", + "version", + "oscal-version" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-metadata:location-uuid" : + { "title" : "Location Universally Unique Identifier Reference", + "description" : "Reference to a location by UUID.", + "$id" : "#field_oscal-metadata_location-uuid", + "$ref" : "#/definitions/UUIDDatatype" }, + "oscal-ssp-oscal-metadata:party-uuid" : + { "title" : "Party Universally Unique Identifier Reference", + "description" : "Reference to a party by UUID.", + "$id" : "#field_oscal-metadata_party-uuid", + "$ref" : "#/definitions/UUIDDatatype" }, + "oscal-ssp-oscal-metadata:role-id" : + { "title" : "Role Identifier Reference", + "description" : "Reference to a role by UUID.", + "$id" : "#field_oscal-metadata_role-id", + "$ref" : "#/definitions/TokenDatatype" }, + "oscal-ssp-oscal-metadata:back-matter" : + { "title" : "Back matter", + "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", + "$id" : "#assembly_oscal-metadata_back-matter", + "type" : "object", + "properties" : + { "resources" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Resource", + "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Resource Universally Unique Identifier", + "description" : "A unique identifier for a resource.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "Resource Title", + "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", + "type" : "string" }, + "description" : + { "title" : "Resource Description", + "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "document-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_document-id" } }, + "citation" : + { "title" : "Citation", + "description" : "An optional citation consisting of end note text using structured markup.", + "type" : "object", + "properties" : + { "text" : + { "title" : "Citation Text", + "description" : "A line of citation text.", + "type" : "string" }, "props" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, "links" : { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Role", - "description" : "Defines a function, which might be assigned to a party in a specific situation.", - "type" : "object", - "properties" : - { "id" : - { "title" : "Role Identifier", - "description" : "A unique identifier for the role.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Role Title", - "description" : "A name given to the role, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "Role Short Name", - "description" : "A short common name, abbreviation, or acronym for the role.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "Role Description", - "description" : "A summary of the role's purpose and associated responsibilities.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id", - "title" ], - "additionalProperties" : false } }, - "locations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location", - "description" : "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Location Universally Unique Identifier", - "description" : "A unique ID for the location, for reference.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Location Title", - "description" : "A name given to the location, which may be used by a tool for display and navigation.", - "type" : "string" }, - "address" : - { "$ref" : "#assembly_oscal-metadata_address" }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "urls" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Location URL", - "description" : "The uniform resource locator (URL) for a web site or other resource associated with the location.", - "$ref" : "#/definitions/URIDatatype" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false } }, - "parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party", - "description" : "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Party Universally Unique Identifier", - "description" : "A unique identifier for the party.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Party Type", - "description" : "A category describing the kind of party the object describes.", - "allOf" : - [ - { "$ref" : "#/definitions/StringDatatype" }, - - { "enum" : - [ "person", - "organization" ] } ] }, - "name" : - { "title" : "Party Name", - "description" : "The full name of the party. This is typically the legal name associated with the party.", - "$ref" : "#/definitions/StringDatatype" }, - "short-name" : - { "title" : "Party Short Name", - "description" : "A short common name, abbreviation, or acronym for the party.", - "$ref" : "#/definitions/StringDatatype" }, - "external-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Party External Identifier", - "description" : "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "External Identifier Schema", - "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id", - "scheme" ], - "additionalProperties" : false } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "email-addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_email-address" } }, - "telephone-numbers" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_telephone-number" } }, - "addresses" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_address" } }, - "location-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_location-uuid" } }, - "member-of-organizations" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Organizational Affiliation", - "description" : "A reference to another party by UUID, typically an organization, that this subject is associated with.", - "$ref" : "#/definitions/UUIDDatatype" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type" ], - "additionalProperties" : false } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "actions" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_action" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "title", - "last-modified", - "version", - "oscal-version" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-metadata:location-uuid" : - { "title" : "Location Universally Unique Identifier Reference", - "description" : "Reference to a location by UUID.", - "$id" : "#field_oscal-metadata_location-uuid", - "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-ssp-oscal-metadata:party-uuid" : - { "title" : "Party Universally Unique Identifier Reference", - "description" : "Reference to a party by UUID.", - "$id" : "#field_oscal-metadata_party-uuid", - "$ref" : "#/definitions/UUIDDatatype" }, - "oscal-ssp-oscal-metadata:role-id" : - { "title" : "Role Identifier Reference", - "description" : "Reference to a role by UUID.", - "$id" : "#field_oscal-metadata_role-id", - "$ref" : "#/definitions/TokenDatatype" }, - "oscal-ssp-oscal-metadata:back-matter" : - { "title" : "Back matter", - "description" : "A collection of resources that may be referenced from within the OSCAL document instance.", - "$id" : "#assembly_oscal-metadata_back-matter", - "type" : "object", - "properties" : - { "resources" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Resource", - "description" : "A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Resource Universally Unique Identifier", - "description" : "A unique identifier for a resource.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "Resource Title", - "description" : "An optional name given to the resource, which may be used by a tool for display and navigation.", - "type" : "string" }, - "description" : - { "title" : "Resource Description", - "description" : "An optional short summary of the resource used to indicate the purpose of the resource.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "document-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_document-id" } }, - "citation" : - { "title" : "Citation", - "description" : "An optional citation consisting of end note text using structured markup.", - "type" : "object", - "properties" : - { "text" : - { "title" : "Citation Text", - "description" : "A line of citation text.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "text" ], - "additionalProperties" : false }, - "rlinks" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Resource link", - "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", - "type" : "object", - "properties" : - { "href" : - { "title" : "Hypertext Reference", - "description" : "A resolvable URL pointing to the referenced resource.", - "$ref" : "#/definitions/URIReferenceDatatype" }, - "media-type" : - { "title" : "Media Type", - "description" : "A label that indicates the nature of a resource, as a data serialization or format.", - "$ref" : "#/definitions/StringDatatype" }, - "hashes" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_hash" } } }, - "required" : - [ "href" ], - "additionalProperties" : false } }, - "base64" : - { "title" : "Base64", - "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", - "type" : "object", - "properties" : - { "filename" : - { "title" : "File Name", - "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", - "$ref" : "#/definitions/TokenDatatype" }, - "media-type" : - { "title" : "Media Type", - "description" : "A label that indicates the nature of a resource, as a data serialization or format.", - "$ref" : "#/definitions/StringDatatype" }, - "value" : - { "type" : "string" } }, - "required" : - [ "value" ], - "additionalProperties" : false }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false } } }, - "additionalProperties" : false }, - "oscal-ssp-oscal-metadata:property" : - { "title" : "Property", - "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", - "$id" : "#assembly_oscal-metadata_property", - "type" : "object", - "properties" : - { "name" : - { "title" : "Property Name", - "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "marking" ] } ] }, - "uuid" : - { "title" : "Property Universally Unique Identifier", - "description" : "A unique identifier for a property.", - "$ref" : "#/definitions/UUIDDatatype" }, - "ns" : - { "title" : "Property Namespace", - "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", - "$ref" : "#/definitions/URIDatatype" }, - "value" : - { "title" : "Property Value", - "description" : "Indicates the value of the attribute, characteristic, or quality.", - "$ref" : "#/definitions/StringDatatype" }, - "class" : - { "title" : "Property Class", - "description" : "A textual label that provides a sub-type or characterization of the property's name.", - "$ref" : "#/definitions/TokenDatatype" }, - "group" : - { "title" : "Property Group", - "description" : "An identifier for relating distinct sets of properties.", - "$ref" : "#/definitions/TokenDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "name", - "value" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-metadata:link" : - { "title" : "Link", - "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", - "$id" : "#assembly_oscal-metadata_link", - "type" : "object", - "properties" : - { "href" : - { "title" : "Hypertext Reference", - "description" : "A resolvable URL reference to a resource.", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "text" ], + "additionalProperties" : false }, + "rlinks" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Resource link", + "description" : "A URL-based pointer to an external resource with an optional hash for verification and change detection.", + "type" : "object", + "properties" : + { "href" : + { "title" : "Hypertext Reference", + "description" : "A resolvable URL pointing to the referenced resource.", "$ref" : "#/definitions/URIReferenceDatatype" }, - "rel" : - { "title" : "Link Relation Type", - "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", - "$ref" : "#/definitions/TokenDatatype" }, - "media-type" : - { "title" : "Media Type", + "media-type" : + { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, - "resource-fragment" : - { "title" : "Resource Fragment", - "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", - "$ref" : "#/definitions/StringDatatype" }, - "text" : - { "title" : "Link Text", - "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", - "type" : "string" } }, - "required" : - [ "href" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-metadata:responsible-party" : - { "title" : "Responsible Party", - "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", - "$id" : "#assembly_oscal-metadata_responsible-party", - "type" : "object", - "properties" : - { "role-id" : - { "title" : "Responsible Role", - "description" : "A reference to a role performed by a party.", - "$ref" : "#/definitions/TokenDatatype" }, - "party-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_party-uuid" } }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "role-id", - "party-uuids" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-metadata:action" : - { "title" : "Action", - "description" : "An action applied by a role within a given party to the content.", - "$id" : "#assembly_oscal-metadata_action", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Action Universally Unique Identifier", - "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "date" : - { "title" : "Action Occurrence Date", - "description" : "The date and time when the action occurred.", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "type" : - { "title" : "Action Type", - "description" : "The type of action documented by the assembly, such as an approval.", - "$ref" : "#/definitions/TokenDatatype" }, - "system" : - { "title" : "Action Type System", - "description" : "Specifies the action type system used.", - "$ref" : "#/definitions/URIDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type", - "system" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-metadata:responsible-role" : - { "title" : "Responsible Role", - "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", - "$id" : "#assembly_oscal-metadata_responsible-role", - "type" : "object", - "properties" : - { "role-id" : - { "title" : "Responsible Role ID", - "description" : "A human-oriented identifier reference to a role performed.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "party-uuids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_party-uuid" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "role-id" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-metadata:hash" : - { "title" : "Hash", - "description" : "A representation of a cryptographic digest generated over a resource using a specified hash algorithm.", - "$id" : "#field_oscal-metadata_hash", - "type" : "object", - "properties" : - { "algorithm" : - { "title" : "Hash algorithm", - "description" : "The digest method by which a hash is derived.", - "$ref" : "#/definitions/StringDatatype" }, + "hashes" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_hash" } } }, + "required" : + [ "href" ], + "additionalProperties" : false } }, + "base64" : + { "title" : "Base64", + "description" : "A resource encoded using the Base64 alphabet defined by RFC 2045.", + "type" : "object", + "properties" : + { "filename" : + { "title" : "File Name", + "description" : "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.", + "$ref" : "#/definitions/TokenDatatype" }, + "media-type" : + { "title" : "Media Type", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", + "$ref" : "#/definitions/StringDatatype" }, "value" : { "type" : "string" } }, - "required" : - [ "value", - "algorithm" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-metadata:remarks" : - { "title" : "Remarks", - "description" : "Additional commentary about the containing object.", - "$id" : "#field_oscal-metadata_remarks", - "type" : "string" }, - "oscal-ssp-oscal-metadata:published" : - { "title" : "Publication Timestamp", - "description" : "The date and time the document was last made available.", - "$id" : "#field_oscal-metadata_published", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "oscal-ssp-oscal-metadata:last-modified" : - { "title" : "Last Modified Timestamp", - "description" : "The date and time the document was last stored for later retrieval.", - "$id" : "#field_oscal-metadata_last-modified", - "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, - "oscal-ssp-oscal-metadata:version" : - { "title" : "Document Version", - "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", - "$id" : "#field_oscal-metadata_version", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-ssp-oscal-metadata:oscal-version" : - { "title" : "OSCAL Version", - "description" : "The OSCAL model version the document was authored against and will conform to as valid.", - "$id" : "#field_oscal-metadata_oscal-version", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-ssp-oscal-metadata:email-address" : - { "title" : "Email Address", - "description" : "An email address as defined by RFC 5322 Section 3.4.1.", - "$id" : "#field_oscal-metadata_email-address", - "$ref" : "#/definitions/EmailAddressDatatype" }, - "oscal-ssp-oscal-metadata:telephone-number" : - { "title" : "Telephone Number", - "description" : "A telephone service number as defined by ITU-T E.164.", - "$id" : "#field_oscal-metadata_telephone-number", - "type" : "object", - "properties" : - { "type" : - { "title" : "type flag", - "description" : "Indicates the type of phone number.", - "$ref" : "#/definitions/StringDatatype" }, - "number" : - { "type" : "string" } }, - "required" : - [ "number" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-metadata:address" : - { "title" : "Address", - "description" : "A postal address for the location.", - "$id" : "#assembly_oscal-metadata_address", - "type" : "object", - "properties" : - { "type" : - { "title" : "Address Type", - "description" : "Indicates the type of address.", - "$ref" : "#/definitions/TokenDatatype" }, - "addr-lines" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_addr-line" } }, - "city" : - { "title" : "City", - "description" : "City, town or geographical region for the mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "state" : - { "title" : "State", - "description" : "State, province or analogous geographical region for a mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "postal-code" : - { "title" : "Postal Code", - "description" : "Postal or ZIP code for mailing address.", - "$ref" : "#/definitions/StringDatatype" }, - "country" : - { "title" : "Country Code", - "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", - "$ref" : "#/definitions/StringDatatype" } }, - "additionalProperties" : false }, - "oscal-ssp-oscal-metadata:addr-line" : - { "title" : "Address line", - "description" : "A single line of an address.", - "$id" : "#field_oscal-metadata_addr-line", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-ssp-oscal-metadata:document-id" : - { "title" : "Document Identifier", - "description" : "A document identifier qualified by an identifier scheme.", - "$id" : "#field_oscal-metadata_document-id", - "type" : "object", - "properties" : - { "scheme" : - { "title" : "Document Identification Scheme", - "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "$ref" : "#/definitions/URIDatatype" }, - "identifier" : - { "type" : "string" } }, - "required" : - [ "identifier" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-implementation-common:system-component" : - { "title" : "Component", - "description" : "A defined component that can be part of an implemented system.", - "$id" : "#assembly_oscal-implementation-common_system-component", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Component Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "type" : - { "title" : "Component Type", - "description" : "A category describing the purpose of the component.", - "$ref" : "#/definitions/StringDatatype" }, - "title" : - { "title" : "Component Title", - "description" : "A human readable name for the system component.", - "type" : "string" }, - "description" : - { "title" : "Component Description", - "description" : "A description of the component, including information about its function.", - "type" : "string" }, - "purpose" : - { "title" : "Purpose", - "description" : "A summary of the technological or business purpose of the component.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "status" : - { "title" : "Status", - "description" : "Describes the operational status of the system component.", - "type" : "object", - "properties" : - { "state" : - { "title" : "State", - "description" : "The operational status.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "under-development", - "operational", - "disposition", - "other" ] } ] }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "state" ], - "additionalProperties" : false }, - "responsible-roles" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, - "protocols" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_protocol" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "type", - "title", - "description", - "status" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-implementation-common:protocol" : - { "title" : "Service Protocol Information", - "description" : "Information about the protocol used to provide a service.", - "$id" : "#assembly_oscal-implementation-common_protocol", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Service Protocol Information Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "name" : - { "title" : "Protocol Name", - "description" : "The common name of the protocol, which should be the appropriate \"service name\" from the IANA Service Name and Transport Protocol Port Number Registry.", - "$ref" : "#/definitions/StringDatatype" }, - "title" : - { "title" : "Protocol Title", - "description" : "A human readable name for the protocol (e.g., Transport Layer Security).", - "type" : "string" }, - "port-ranges" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_port-range" } } }, - "required" : - [ "name" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-implementation-common:port-range" : - { "title" : "Port Range", - "description" : "Where applicable this is the IPv4 port range on which the service operates.", - "$id" : "#assembly_oscal-implementation-common_port-range", - "type" : "object", - "properties" : - { "start" : - { "title" : "Start", - "description" : "Indicates the starting port number in a port range", - "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, - "end" : - { "title" : "End", - "description" : "Indicates the ending port number in a port range", - "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, - "transport" : - { "title" : "Transport", - "description" : "Indicates the transport type.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "TCP", - "UDP" ] } ] } }, - "additionalProperties" : false }, - "oscal-ssp-oscal-implementation-common:implementation-status" : - { "title" : "Implementation Status", - "description" : "Indicates the degree to which the a given control is implemented.", - "$id" : "#assembly_oscal-implementation-common_implementation-status", - "type" : "object", - "properties" : - { "state" : - { "title" : "Implementation State", - "description" : "Identifies the implementation status of the control or control objective.", - "$ref" : "#/definitions/TokenDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "state" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-implementation-common:system-user" : - { "title" : "System User", - "description" : "A type of user that interacts with the system based on an associated role.", - "$id" : "#assembly_oscal-implementation-common_system-user", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "User Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "title" : - { "title" : "User Title", - "description" : "A name given to the user, which may be used by a tool for display and navigation.", - "type" : "string" }, - "short-name" : - { "title" : "User Short Name", - "description" : "A short common name, abbreviation, or acronym for the user.", - "$ref" : "#/definitions/StringDatatype" }, - "description" : - { "title" : "User Description", - "description" : "A summary of the user's purpose within the system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "role-ids" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-metadata_role-id" } }, - "authorized-privileges" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-implementation-common_authorized-privilege" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-implementation-common:authorized-privilege" : - { "title" : "Privilege", - "description" : "Identifies a specific system privilege held by the user, along with an associated description and/or rationale for the privilege.", - "$id" : "#assembly_oscal-implementation-common_authorized-privilege", - "type" : "object", - "properties" : - { "title" : - { "title" : "Privilege Title", - "description" : "A human readable name for the privilege.", - "type" : "string" }, - "description" : - { "title" : "Privilege Description", - "description" : "A summary of the privilege's purpose within the system.", - "type" : "string" }, - "functions-performed" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-implementation-common_function-performed" } } }, - "required" : - [ "title", - "functions-performed" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-implementation-common:function-performed" : - { "title" : "Functions Performed", - "description" : "Describes a function performed for a given authorized privilege by this user class.", - "$id" : "#field_oscal-implementation-common_function-performed", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-ssp-oscal-implementation-common:inventory-item" : - { "title" : "Inventory Item", - "description" : "A single managed inventory item within the system.", - "$id" : "#assembly_oscal-implementation-common_inventory-item", - "type" : "object", - "properties" : - { "uuid" : - { "title" : "Inventory Item Universally Unique Identifier", - "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", - "$ref" : "#/definitions/UUIDDatatype" }, - "description" : - { "title" : "Inventory Item Description", - "description" : "A summary of the inventory item stating its purpose within the system.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "implemented-components" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Implemented Component", - "description" : "The set of components that are implemented in a given system inventory item.", - "type" : "object", - "properties" : - { "component-uuid" : - { "title" : "Component Universally Unique Identifier Reference", - "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", - "$ref" : "#/definitions/UUIDDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "responsible-parties" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "component-uuid" ], - "additionalProperties" : false } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "uuid", - "description" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-implementation-common:set-parameter" : - { "title" : "Set Parameter Value", - "description" : "Identifies the parameter that will be set by the enclosed value.", - "$id" : "#assembly_oscal-implementation-common_set-parameter", - "type" : "object", - "properties" : - { "param-id" : - { "title" : "Parameter ID", - "description" : "A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context.", - "$ref" : "#/definitions/TokenDatatype" }, - "values" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Parameter Value", - "description" : "A parameter value or set of values.", - "$ref" : "#/definitions/StringDatatype" } }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "param-id", - "values" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-implementation-common:system-id" : - { "title" : "System Identification", - "description" : "A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document.", - "$id" : "#field_oscal-implementation-common_system-id", - "type" : "object", - "properties" : - { "identifier-type" : - { "title" : "Identification System Type", - "description" : "Identifies the identification system from which the provided identifier was assigned.", - "$ref" : "#/definitions/URIDatatype" }, - "id" : - { "type" : "string" } }, - "required" : - [ "id" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-control-common:part" : - { "title" : "Part", - "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", - "$id" : "#assembly_oscal-control-common_part", - "type" : "object", - "properties" : - { "id" : - { "title" : "Part Identifier", - "description" : "A unique identifier for the part.", - "$ref" : "#/definitions/TokenDatatype" }, - "name" : - { "title" : "Part Name", - "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", - "$ref" : "#/definitions/TokenDatatype" }, - "ns" : - { "title" : "Part Namespace", - "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", - "$ref" : "#/definitions/URIDatatype" }, - "class" : - { "title" : "Part Class", - "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", - "$ref" : "#/definitions/TokenDatatype" }, - "title" : - { "title" : "Part Title", - "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", - "type" : "string" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "prose" : - { "title" : "Part Text", - "description" : "Permits multiple paragraphs, lists, tables etc.", - "type" : "string" }, - "parts" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_part" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } } }, - "required" : - [ "name" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-control-common:parameter" : - { "title" : "Parameter", - "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", - "$id" : "#assembly_oscal-control-common_parameter", - "type" : "object", - "properties" : - { "id" : - { "title" : "Parameter Identifier", - "description" : "A unique identifier for the parameter.", - "$ref" : "#/definitions/TokenDatatype" }, - "class" : - { "title" : "Parameter Class", - "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", - "$ref" : "#/definitions/TokenDatatype" }, - "depends-on" : - { "title" : "Depends on", - "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", - "$ref" : "#/definitions/TokenDatatype" }, - "props" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_property" } }, - "links" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-metadata_link" } }, - "label" : - { "title" : "Parameter Label", - "description" : "A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned.", - "type" : "string" }, - "usage" : - { "title" : "Parameter Usage Description", - "description" : "Describes the purpose and use of a parameter.", - "type" : "string" }, - "constraints" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, - "guidelines" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, - "values" : - { "type" : "array", - "minItems" : 1, - "items" : - { "$ref" : "#field_oscal-control-common_parameter-value" } }, - "select" : - { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "id" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-control-common:parameter-constraint" : - { "title" : "Constraint", - "description" : "A formal or informal expression of a constraint or test.", - "$id" : "#assembly_oscal-control-common_parameter-constraint", - "type" : "object", - "properties" : - { "description" : - { "title" : "Constraint Description", - "description" : "A textual summary of the constraint to be applied.", - "type" : "string" }, - "tests" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Constraint Test", - "description" : "A test expression which is expected to be evaluated by a tool.", - "type" : "object", - "properties" : - { "expression" : - { "title" : "Constraint test", - "description" : "A formal (executable) expression of a constraint.", - "$ref" : "#/definitions/StringDatatype" }, - "remarks" : - { "$ref" : "#field_oscal-metadata_remarks" } }, - "required" : - [ "expression" ], - "additionalProperties" : false } } }, - "additionalProperties" : false }, - "oscal-ssp-oscal-control-common:parameter-guideline" : - { "title" : "Guideline", - "description" : "A prose statement that provides a recommendation for the use of a parameter.", - "$id" : "#assembly_oscal-control-common_parameter-guideline", - "type" : "object", - "properties" : - { "prose" : - { "title" : "Guideline Text", - "description" : "Prose permits multiple paragraphs, lists, tables etc.", - "type" : "string" } }, - "required" : - [ "prose" ], - "additionalProperties" : false }, - "oscal-ssp-oscal-control-common:parameter-value" : - { "title" : "Parameter Value", - "description" : "A parameter value or set of values.", - "$id" : "#field_oscal-control-common_parameter-value", - "$ref" : "#/definitions/StringDatatype" }, - "oscal-ssp-oscal-control-common:parameter-selection" : - { "title" : "Selection", - "description" : "Presenting a choice among alternatives.", - "$id" : "#assembly_oscal-control-common_parameter-selection", - "type" : "object", - "properties" : - { "how-many" : - { "title" : "Parameter Cardinality", - "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", - "allOf" : - [ - { "$ref" : "#/definitions/TokenDatatype" }, - - { "enum" : - [ "one", - "one-or-more" ] } ] }, - "choice" : - { "type" : "array", - "minItems" : 1, - "items" : - { "title" : "Choice", - "description" : "A value selection among several such options.", - "type" : "string" } } }, - "additionalProperties" : false }, - "oscal-ssp-oscal-control-common:include-all" : - { "title" : "Include All", - "description" : "Include all controls from the imported catalog or profile resources.", - "$id" : "#assembly_oscal-control-common_include-all", - "type" : "object", - "additionalProperties" : false }, - "Base64Datatype" : - { "type" : "string", - "pattern" : "^[0-9A-Fa-f]+$", - "contentEncoding" : "base64" }, - "DateDatatype" : - { "type" : "string", - "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))(Z|[+-][0-9]{2}:[0-9]{2})?$" }, - "DateTimeWithTimezoneDatatype" : - { "type" : "string", - "format" : "date-time", - "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, - "EmailAddressDatatype" : - { "type" : "string", - "format" : "email", - "pattern" : "^.+@.+$" }, - "IntegerDatatype" : - { "type" : "integer" }, - "NonNegativeIntegerDatatype" : - { "allOf" : + "required" : + [ "value" ], + "additionalProperties" : false }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false } } }, + "additionalProperties" : false }, + "oscal-ssp-oscal-metadata:property" : + { "title" : "Property", + "description" : "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", + "$id" : "#assembly_oscal-metadata_property", + "type" : "object", + "properties" : + { "name" : + { "title" : "Property Name", + "description" : "A textual label, within a namespace, that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.", + "$ref" : "#/definitions/TokenDatatype" }, + "uuid" : + { "title" : "Property Universally Unique Identifier", + "description" : "A unique identifier for a property.", + "$ref" : "#/definitions/UUIDDatatype" }, + "ns" : + { "title" : "Property Namespace", + "description" : "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "value" : + { "title" : "Property Value", + "description" : "Indicates the value of the attribute, characteristic, or quality.", + "$ref" : "#/definitions/StringDatatype" }, + "class" : + { "title" : "Property Class", + "description" : "A textual label that provides a sub-type or characterization of the property's name.", + "$ref" : "#/definitions/TokenDatatype" }, + "group" : + { "title" : "Property Group", + "description" : "An identifier for relating distinct sets of properties.", + "$ref" : "#/definitions/TokenDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "name", + "value" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-metadata:link" : + { "title" : "Link", + "description" : "A reference to a local or remote resource, that has a specific relation to the containing object.", + "$id" : "#assembly_oscal-metadata_link", + "type" : "object", + "properties" : + { "href" : + { "title" : "Hypertext Reference", + "description" : "A resolvable URL reference to a resource.", + "$ref" : "#/definitions/URIReferenceDatatype" }, + "rel" : + { "title" : "Link Relation Type", + "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", + "$ref" : "#/definitions/TokenDatatype" }, + "media-type" : + { "title" : "Media Type", + "description" : "A label that indicates the nature of a resource, as a data serialization or format.", + "$ref" : "#/definitions/StringDatatype" }, + "resource-fragment" : + { "title" : "Resource Fragment", + "description" : "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.", + "$ref" : "#/definitions/StringDatatype" }, + "text" : + { "title" : "Link Text", + "description" : "A textual label to associate with the link, which may be used for presentation in a tool.", + "type" : "string" } }, + "required" : + [ "href" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-metadata:responsible-party" : + { "title" : "Responsible Party", + "description" : "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", + "$id" : "#assembly_oscal-metadata_responsible-party", + "type" : "object", + "properties" : + { "role-id" : + { "title" : "Responsible Role", + "description" : "A reference to a role performed by a party.", + "$ref" : "#/definitions/TokenDatatype" }, + "party-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_party-uuid" } }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "role-id", + "party-uuids" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-metadata:action" : + { "title" : "Action", + "description" : "An action applied by a role within a given party to the content.", + "$id" : "#assembly_oscal-metadata_action", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Action Universally Unique Identifier", + "description" : "A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "date" : + { "title" : "Action Occurrence Date", + "description" : "The date and time when the action occurred.", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "type" : + { "title" : "Action Type", + "description" : "The type of action documented by the assembly, such as an approval.", + "$ref" : "#/definitions/TokenDatatype" }, + "system" : + { "title" : "Action Type System", + "description" : "Specifies the action type system used.", + "$ref" : "#/definitions/URIDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "system" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-metadata:responsible-role" : + { "title" : "Responsible Role", + "description" : "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", + "$id" : "#assembly_oscal-metadata_responsible-role", + "type" : "object", + "properties" : + { "role-id" : + { "title" : "Responsible Role ID", + "description" : "A human-oriented identifier reference to a role performed.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "party-uuids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_party-uuid" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "role-id" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-metadata:hash" : + { "title" : "Hash", + "description" : "A representation of a cryptographic digest generated over a resource using a specified hash algorithm.", + "$id" : "#field_oscal-metadata_hash", + "type" : "object", + "properties" : + { "algorithm" : + { "title" : "Hash algorithm", + "description" : "The digest method by which a hash is derived.", + "$ref" : "#/definitions/StringDatatype" }, + "value" : + { "type" : "string" } }, + "required" : + [ "value", + "algorithm" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-metadata:remarks" : + { "title" : "Remarks", + "description" : "Additional commentary about the containing object.", + "$id" : "#field_oscal-metadata_remarks", + "type" : "string" }, + "oscal-ssp-oscal-metadata:published" : + { "title" : "Publication Timestamp", + "description" : "The date and time the document was last made available.", + "$id" : "#field_oscal-metadata_published", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "oscal-ssp-oscal-metadata:last-modified" : + { "title" : "Last Modified Timestamp", + "description" : "The date and time the document was last stored for later retrieval.", + "$id" : "#field_oscal-metadata_last-modified", + "$ref" : "#/definitions/DateTimeWithTimezoneDatatype" }, + "oscal-ssp-oscal-metadata:version" : + { "title" : "Document Version", + "description" : "Used to distinguish a specific revision of an OSCAL document from other previous and future versions.", + "$id" : "#field_oscal-metadata_version", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-ssp-oscal-metadata:oscal-version" : + { "title" : "OSCAL Version", + "description" : "The OSCAL model version the document was authored against and will conform to as valid.", + "$id" : "#field_oscal-metadata_oscal-version", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-ssp-oscal-metadata:email-address" : + { "title" : "Email Address", + "description" : "An email address as defined by RFC 5322 Section 3.4.1.", + "$id" : "#field_oscal-metadata_email-address", + "$ref" : "#/definitions/EmailAddressDatatype" }, + "oscal-ssp-oscal-metadata:telephone-number" : + { "title" : "Telephone Number", + "description" : "A telephone service number as defined by ITU-T E.164.", + "$id" : "#field_oscal-metadata_telephone-number", + "type" : "object", + "properties" : + { "type" : + { "title" : "type flag", + "description" : "Indicates the type of phone number.", + "$ref" : "#/definitions/StringDatatype" }, + "number" : + { "type" : "string" } }, + "required" : + [ "number" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-metadata:address" : + { "title" : "Address", + "description" : "A postal address for the location.", + "$id" : "#assembly_oscal-metadata_address", + "type" : "object", + "properties" : + { "type" : + { "title" : "Address Type", + "description" : "Indicates the type of address.", + "$ref" : "#/definitions/TokenDatatype" }, + "addr-lines" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_addr-line" } }, + "city" : + { "title" : "City", + "description" : "City, town or geographical region for the mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "state" : + { "title" : "State", + "description" : "State, province or analogous geographical region for a mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "postal-code" : + { "title" : "Postal Code", + "description" : "Postal or ZIP code for mailing address.", + "$ref" : "#/definitions/StringDatatype" }, + "country" : + { "title" : "Country Code", + "description" : "The ISO 3166-1 alpha-2 country code for the mailing address.", + "$ref" : "#/definitions/StringDatatype" } }, + "additionalProperties" : false }, + "oscal-ssp-oscal-metadata:addr-line" : + { "title" : "Address line", + "description" : "A single line of an address.", + "$id" : "#field_oscal-metadata_addr-line", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-ssp-oscal-metadata:document-id" : + { "title" : "Document Identifier", + "description" : "A document identifier qualified by an identifier scheme.", + "$id" : "#field_oscal-metadata_document-id", + "type" : "object", + "properties" : + { "scheme" : + { "title" : "Document Identification Scheme", + "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", + "$ref" : "#/definitions/URIDatatype" }, + "identifier" : + { "type" : "string" } }, + "required" : + [ "identifier" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-implementation-common:system-component" : + { "title" : "Component", + "description" : "A defined component that can be part of an implemented system.", + "$id" : "#assembly_oscal-implementation-common_system-component", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Component Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this component elsewhere in this or other OSCAL instances. The locally defined UUID of the component can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "type" : + { "title" : "Component Type", + "description" : "A category describing the purpose of the component.", + "$ref" : "#/definitions/StringDatatype" }, + "title" : + { "title" : "Component Title", + "description" : "A human readable name for the system component.", + "type" : "string" }, + "description" : + { "title" : "Component Description", + "description" : "A description of the component, including information about its function.", + "type" : "string" }, + "purpose" : + { "title" : "Purpose", + "description" : "A summary of the technological or business purpose of the component.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "status" : + { "title" : "Status", + "description" : "Describes the operational status of the system component.", + "type" : "object", + "properties" : + { "state" : + { "title" : "State", + "description" : "The operational status.", + "allOf" : [ - { "$ref" : "#/definitions/IntegerDatatype" }, - - { "minimum" : 0, - "type" : "number" } ] }, - "StringDatatype" : - { "type" : "string", - "pattern" : "^\\S(.*\\S)?$" }, - "TokenDatatype" : - { "type" : "string", - "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, - "URIDatatype" : - { "type" : "string", - "format" : "uri", - "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, - "URIReferenceDatatype" : - { "type" : "string", - "format" : "uri-reference" }, - "UUIDDatatype" : - { "type" : "string", - "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", - "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "under-development", + "operational", + "disposition", + "other" ] } ] }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "state" ], + "additionalProperties" : false }, + "responsible-roles" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-role" } }, + "protocols" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_protocol" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "type", + "title", + "description", + "status" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-implementation-common:protocol" : + { "title" : "Service Protocol Information", + "description" : "Information about the protocol used to provide a service.", + "$id" : "#assembly_oscal-implementation-common_protocol", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Service Protocol Information Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this service protocol information elsewhere in this or other OSCAL instances. The locally defined UUID of the service protocol can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "name" : + { "title" : "Protocol Name", + "description" : "The common name of the protocol, which should be the appropriate \"service name\" from the IANA Service Name and Transport Protocol Port Number Registry.", + "$ref" : "#/definitions/StringDatatype" }, + "title" : + { "title" : "Protocol Title", + "description" : "A human readable name for the protocol (e.g., Transport Layer Security).", + "type" : "string" }, + "port-ranges" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_port-range" } } }, + "required" : + [ "name" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-implementation-common:port-range" : + { "title" : "Port Range", + "description" : "Where applicable this is the IPv4 port range on which the service operates.", + "$id" : "#assembly_oscal-implementation-common_port-range", + "type" : "object", + "properties" : + { "start" : + { "title" : "Start", + "description" : "Indicates the starting port number in a port range", + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, + "end" : + { "title" : "End", + "description" : "Indicates the ending port number in a port range", + "$ref" : "#/definitions/NonNegativeIntegerDatatype" }, + "transport" : + { "title" : "Transport", + "description" : "Indicates the transport type.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "TCP", + "UDP" ] } ] } }, + "additionalProperties" : false }, + "oscal-ssp-oscal-implementation-common:implementation-status" : + { "title" : "Implementation Status", + "description" : "Indicates the degree to which the a given control is implemented.", + "$id" : "#assembly_oscal-implementation-common_implementation-status", + "type" : "object", "properties" : - { "system-security-plan" : - { "$ref" : "#assembly_oscal-ssp_system-security-plan" } }, + { "state" : + { "title" : "Implementation State", + "description" : "Identifies the implementation status of the control or control objective.", + "$ref" : "#/definitions/TokenDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : - [ "system-security-plan" ], - "additionalProperties" : false, - "maxProperties" : 1 } \ No newline at end of file + [ "state" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-implementation-common:system-user" : + { "title" : "System User", + "description" : "A type of user that interacts with the system based on an associated role.", + "$id" : "#assembly_oscal-implementation-common_system-user", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "User Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this user class elsewhere in this or other OSCAL instances. The locally defined UUID of the system user can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "title" : + { "title" : "User Title", + "description" : "A name given to the user, which may be used by a tool for display and navigation.", + "type" : "string" }, + "short-name" : + { "title" : "User Short Name", + "description" : "A short common name, abbreviation, or acronym for the user.", + "$ref" : "#/definitions/StringDatatype" }, + "description" : + { "title" : "User Description", + "description" : "A summary of the user's purpose within the system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "role-ids" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-metadata_role-id" } }, + "authorized-privileges" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-implementation-common_authorized-privilege" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-implementation-common:authorized-privilege" : + { "title" : "Privilege", + "description" : "Identifies a specific system privilege held by the user, along with an associated description and/or rationale for the privilege.", + "$id" : "#assembly_oscal-implementation-common_authorized-privilege", + "type" : "object", + "properties" : + { "title" : + { "title" : "Privilege Title", + "description" : "A human readable name for the privilege.", + "type" : "string" }, + "description" : + { "title" : "Privilege Description", + "description" : "A summary of the privilege's purpose within the system.", + "type" : "string" }, + "functions-performed" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-implementation-common_function-performed" } } }, + "required" : + [ "title", + "functions-performed" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-implementation-common:function-performed" : + { "title" : "Functions Performed", + "description" : "Describes a function performed for a given authorized privilege by this user class.", + "$id" : "#field_oscal-implementation-common_function-performed", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-ssp-oscal-implementation-common:inventory-item" : + { "title" : "Inventory Item", + "description" : "A single managed inventory item within the system.", + "$id" : "#assembly_oscal-implementation-common_inventory-item", + "type" : "object", + "properties" : + { "uuid" : + { "title" : "Inventory Item Universally Unique Identifier", + "description" : "A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this inventory item elsewhere in this or other OSCAL instances. The locally defined UUID of the inventory item can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.", + "$ref" : "#/definitions/UUIDDatatype" }, + "description" : + { "title" : "Inventory Item Description", + "description" : "A summary of the inventory item stating its purpose within the system.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "implemented-components" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Implemented Component", + "description" : "The set of components that are implemented in a given system inventory item.", + "type" : "object", + "properties" : + { "component-uuid" : + { "title" : "Component Universally Unique Identifier Reference", + "description" : "A machine-oriented identifier reference to a component that is implemented as part of an inventory item.", + "$ref" : "#/definitions/UUIDDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "responsible-parties" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_responsible-party" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "component-uuid" ], + "additionalProperties" : false } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "uuid", + "description" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-implementation-common:set-parameter" : + { "title" : "Set Parameter Value", + "description" : "Identifies the parameter that will be set by the enclosed value.", + "$id" : "#assembly_oscal-implementation-common_set-parameter", + "type" : "object", + "properties" : + { "param-id" : + { "title" : "Parameter ID", + "description" : "A human-oriented reference to a parameter within a control, who's catalog has been imported into the current implementation context.", + "$ref" : "#/definitions/TokenDatatype" }, + "values" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Parameter Value", + "description" : "A parameter value or set of values.", + "$ref" : "#/definitions/StringDatatype" } }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "param-id", + "values" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-implementation-common:system-id" : + { "title" : "System Identification", + "description" : "A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document.", + "$id" : "#field_oscal-implementation-common_system-id", + "type" : "object", + "properties" : + { "identifier-type" : + { "title" : "Identification System Type", + "description" : "Identifies the identification system from which the provided identifier was assigned.", + "$ref" : "#/definitions/URIDatatype" }, + "id" : + { "type" : "string" } }, + "required" : + [ "id" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-control-common:part" : + { "title" : "Part", + "description" : "An annotated, markup-based textual element of a control's or catalog group's definition, or a child of another part.", + "$id" : "#assembly_oscal-control-common_part", + "type" : "object", + "properties" : + { "id" : + { "title" : "Part Identifier", + "description" : "A unique identifier for the part.", + "$ref" : "#/definitions/TokenDatatype" }, + "name" : + { "title" : "Part Name", + "description" : "A textual label that uniquely identifies the part's semantic type, which exists in a value space qualified by the ns.", + "$ref" : "#/definitions/TokenDatatype" }, + "ns" : + { "title" : "Part Namespace", + "description" : "An optional namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", + "$ref" : "#/definitions/URIDatatype" }, + "class" : + { "title" : "Part Class", + "description" : "An optional textual providing a sub-type or characterization of the part's name, or a category to which the part belongs.", + "$ref" : "#/definitions/TokenDatatype" }, + "title" : + { "title" : "Part Title", + "description" : "An optional name given to the part, which may be used by a tool for display and navigation.", + "type" : "string" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "prose" : + { "title" : "Part Text", + "description" : "Permits multiple paragraphs, lists, tables etc.", + "type" : "string" }, + "parts" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_part" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } } }, + "required" : + [ "name" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-control-common:parameter" : + { "title" : "Parameter", + "description" : "Parameters provide a mechanism for the dynamic assignment of value(s) in a control.", + "$id" : "#assembly_oscal-control-common_parameter", + "type" : "object", + "properties" : + { "id" : + { "title" : "Parameter Identifier", + "description" : "A unique identifier for the parameter.", + "$ref" : "#/definitions/TokenDatatype" }, + "class" : + { "title" : "Parameter Class", + "description" : "A textual label that provides a characterization of the type, purpose, use or scope of the parameter.", + "$ref" : "#/definitions/TokenDatatype" }, + "depends-on" : + { "title" : "Depends on", + "description" : "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.", + "$ref" : "#/definitions/TokenDatatype" }, + "props" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_property" } }, + "links" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-metadata_link" } }, + "label" : + { "title" : "Parameter Label", + "description" : "A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned.", + "type" : "string" }, + "usage" : + { "title" : "Parameter Usage Description", + "description" : "Describes the purpose and use of a parameter.", + "type" : "string" }, + "constraints" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter-constraint" } }, + "guidelines" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#assembly_oscal-control-common_parameter-guideline" } }, + "values" : + { "type" : "array", + "minItems" : 1, + "items" : + { "$ref" : "#field_oscal-control-common_parameter-value" } }, + "select" : + { "$ref" : "#assembly_oscal-control-common_parameter-selection" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "id" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-control-common:parameter-constraint" : + { "title" : "Constraint", + "description" : "A formal or informal expression of a constraint or test.", + "$id" : "#assembly_oscal-control-common_parameter-constraint", + "type" : "object", + "properties" : + { "description" : + { "title" : "Constraint Description", + "description" : "A textual summary of the constraint to be applied.", + "type" : "string" }, + "tests" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Constraint Test", + "description" : "A test expression which is expected to be evaluated by a tool.", + "type" : "object", + "properties" : + { "expression" : + { "title" : "Constraint test", + "description" : "A formal (executable) expression of a constraint.", + "$ref" : "#/definitions/StringDatatype" }, + "remarks" : + { "$ref" : "#field_oscal-metadata_remarks" } }, + "required" : + [ "expression" ], + "additionalProperties" : false } } }, + "additionalProperties" : false }, + "oscal-ssp-oscal-control-common:parameter-guideline" : + { "title" : "Guideline", + "description" : "A prose statement that provides a recommendation for the use of a parameter.", + "$id" : "#assembly_oscal-control-common_parameter-guideline", + "type" : "object", + "properties" : + { "prose" : + { "title" : "Guideline Text", + "description" : "Prose permits multiple paragraphs, lists, tables etc.", + "type" : "string" } }, + "required" : + [ "prose" ], + "additionalProperties" : false }, + "oscal-ssp-oscal-control-common:parameter-value" : + { "title" : "Parameter Value", + "description" : "A parameter value or set of values.", + "$id" : "#field_oscal-control-common_parameter-value", + "$ref" : "#/definitions/StringDatatype" }, + "oscal-ssp-oscal-control-common:parameter-selection" : + { "title" : "Selection", + "description" : "Presenting a choice among alternatives.", + "$id" : "#assembly_oscal-control-common_parameter-selection", + "type" : "object", + "properties" : + { "how-many" : + { "title" : "Parameter Cardinality", + "description" : "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.", + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "one", + "one-or-more" ] } ] }, + "choice" : + { "type" : "array", + "minItems" : 1, + "items" : + { "title" : "Choice", + "description" : "A value selection among several such options.", + "type" : "string" } } }, + "additionalProperties" : false }, + "oscal-ssp-oscal-control-common:include-all" : + { "title" : "Include All", + "description" : "Include all controls from the imported catalog or profile resources.", + "$id" : "#assembly_oscal-control-common_include-all", + "type" : "object", + "additionalProperties" : false }, + "Base64Datatype" : + { "type" : "string", + "pattern" : "^[0-9A-Fa-f]+$", + "contentEncoding" : "base64" }, + "DateDatatype" : + { "type" : "string", + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))(Z|[+-][0-9]{2}:[0-9]{2})?$" }, + "DateTimeWithTimezoneDatatype" : + { "type" : "string", + "format" : "date-time", + "pattern" : "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]*[1-9])?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$" }, + "EmailAddressDatatype" : + { "type" : "string", + "format" : "email", + "pattern" : "^.+@.+$" }, + "IntegerDatatype" : + { "type" : "integer" }, + "NonNegativeIntegerDatatype" : + { "allOf" : + [ + { "$ref" : "#/definitions/IntegerDatatype" }, + + { "minimum" : 0, + "type" : "number" } ] }, + "StringDatatype" : + { "type" : "string", + "pattern" : "^\\S(.*\\S)?$" }, + "TokenDatatype" : + { "type" : "string", + "pattern" : "^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$" }, + "URIDatatype" : + { "type" : "string", + "format" : "uri", + "pattern" : "^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$" }, + "URIReferenceDatatype" : + { "type" : "string", + "format" : "uri-reference" }, + "UUIDDatatype" : + { "type" : "string", + "description" : "A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.", + "pattern" : "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" } }, + "properties" : + { "system-security-plan" : + { "$ref" : "#assembly_oscal-ssp_system-security-plan" } }, + "required" : + [ "system-security-plan" ], + "additionalProperties" : false, + "maxProperties" : 1 } \ No newline at end of file diff --git a/xml/convert/oscal_assessment-plan_json-to-xml-converter.xsl b/xml/convert/oscal_assessment-plan_json-to-xml-converter.xsl index 1739107d70..2de90331fa 100644 --- a/xml/convert/oscal_assessment-plan_json-to-xml-converter.xsl +++ b/xml/convert/oscal_assessment-plan_json-to-xml-converter.xsl @@ -1,12 +1,12 @@ + xmlns:j="http://www.w3.org/2005/xpath-functions" + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsl="http://www.w3.org/1999/XSL/Transform" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + version="3.0" + exclude-result-prefixes="#all"> @@ -31,7 +31,7 @@ + select="unparsed-text($file) ! json-to-xml(.)"> {{ $err:description }} @@ -339,8 +339,8 @@ + key="reviewed-controls" + gi="reviewed-controls"> reviewed-controls @@ -356,9 +356,9 @@ + name="include-all" + key="include-all" + gi="include-all"> include-all @@ -368,8 +368,8 @@ + name="select-objective-by-id" + gi="include-objective"> @@ -377,8 +377,8 @@ + name="select-objective-by-id" + gi="exclude-objective"> @@ -386,8 +386,8 @@ + key="related-controls" + gi="related-controls"> related-controls @@ -439,8 +439,8 @@ + key="assessment-assets" + gi="assessment-assets"> assessment-assets @@ -495,12 +495,12 @@ + collapsible="no" + as-type="markup-multiline" + name="remarks" + key="remarks" + gi="remarks" + in-json="SCALAR"> remarks @@ -508,8 +508,8 @@ + mode="get-value-property" + priority="8"> @@ -518,16 +518,16 @@ + as-type="uuid" + name="location-uuid" + gi="location-uuid" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> @@ -536,16 +536,16 @@ + as-type="uuid" + name="party-uuid" + gi="party-uuid" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> @@ -554,16 +554,16 @@ + as-type="token" + name="role-id" + gi="role-id" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> @@ -572,16 +572,16 @@ + as-type="string" + name="function-performed" + gi="function-performed" + in-json="SCALAR"> + mode="get-value-property" + priority="9"> @@ -601,890 +601,890 @@ + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="3"> + as-type="token" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="8"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="value" + key="value" + gi="value"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="group" + key="group" + gi="group"> + mode="keep-value-property" + priority="8"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="rel" + key="rel" + gi="rel"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="string" + name="resource-fragment" + key="resource-fragment" + gi="resource-fragment"> + mode="keep-value-property" + priority="8"> + priority="6"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + mode="keep-value-property" + priority="6"> + priority="6"> + mode="keep-value-property" + priority="6"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + as-type="token" + name="location-type" + key="type" + gi="type"> + mode="keep-value-property" + priority="7"> + priority="8"> + as-type="string" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="8"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="6"> + as-type="string" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uri" + name="system" + key="system" + gi="system"> + mode="keep-value-property" + priority="6"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="4"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + as-type="string" + name="system-component-type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + priority="7"> + as-type="token" + name="state" + key="state" + gi="state"> + mode="keep-value-property" + priority="7"> + priority="1"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="string" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="nonNegativeInteger" + name="start" + key="start" + gi="start"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="nonNegativeInteger" + name="end" + key="end" + gi="end"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="token" + name="transport" + key="transport" + gi="transport"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + mode="keep-value-property" + priority="8"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + mode="keep-value-property" + priority="6"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="8"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + mode="keep-value-property" + priority="14"> + as-type="token" + name="objective-id" + key="objective-id" + gi="objective-id"> + mode="keep-value-property" + priority="14"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + as-type="token" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="6"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + mode="keep-value-property" + priority="6"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="5"> + as-type="uuid" + name="subject-uuid" + key="subject-uuid" + gi="subject-uuid"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="subject-type" + key="type" + gi="type"> + mode="keep-value-property" + priority="8"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + mode="keep-value-property" + priority="8"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="5"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="5"> + priority="8"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + mode="keep-value-property" + priority="8"> + priority="8"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start"> + mode="keep-value-property" + priority="8"> + priority="8"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end"> + mode="keep-value-property" + priority="8"> + priority="8"> + as-type="positiveInteger" + name="period" + key="period" + gi="period"> + mode="keep-value-property" + priority="8"> + priority="8"> + as-type="string" + name="unit" + key="unit" + gi="unit"> + mode="keep-value-property" + priority="8"> + priority="7"> + as-type="uuid" + name="task-uuid" + key="task-uuid" + gi="task-uuid"> + mode="keep-value-property" + priority="7"> + priority="7"> + as-type="uuid" + name="activity-uuid" + key="activity-uuid" + gi="activity-uuid"> + mode="keep-value-property" + priority="7"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="8"> + priority="3"> + as-type="string" + name="algorithm" + key="algorithm" + gi="algorithm"> + mode="keep-value-property" + priority="10"> + priority="7"> + as-type="token" + name="filename" + key="filename" + gi="filename"> + mode="keep-value-property" + priority="7"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="7"> + priority="4"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1492,22 +1492,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -1515,22 +1515,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -1538,22 +1538,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -1561,22 +1561,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -1584,14 +1584,14 @@ + mode="get-value-property" + priority="4"> + priority="5"> @@ -1606,14 +1606,14 @@ + priority="4"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -1621,15 +1621,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1637,22 +1637,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -1660,22 +1660,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -1683,22 +1683,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -1706,22 +1706,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -1729,22 +1729,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1752,41 +1752,41 @@ + mode="get-value-property" + priority="8"> + priority="5"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1794,14 +1794,14 @@ + mode="get-value-property" + priority="6"> + priority="5"> @@ -1815,15 +1815,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1831,22 +1831,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -1854,23 +1854,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -1878,22 +1878,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1901,14 +1901,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -1924,15 +1924,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1940,14 +1940,14 @@ + mode="get-value-property" + priority="6"> + priority="6"> @@ -1963,34 +1963,34 @@ + priority="8"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="7"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -1998,22 +1998,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -2021,22 +2021,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -2044,22 +2044,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -2067,80 +2067,80 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="7"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2148,14 +2148,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -2175,15 +2175,15 @@ + priority="6"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -2191,22 +2191,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -2214,41 +2214,41 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="external-id" + gi="external-id"> + mode="get-value-property"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2256,52 +2256,52 @@ + mode="get-value-property" + priority="8"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="8"> @@ -2314,34 +2314,34 @@ + priority="10"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="9"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -2349,22 +2349,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -2372,22 +2372,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -2395,22 +2395,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -2418,41 +2418,41 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2460,22 +2460,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2483,22 +2483,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2506,19 +2506,19 @@ + mode="get-value-property" + priority="10"> + priority="3"> + key="local-definitions" + gi="local-definitions"> local-definitions @@ -2531,15 +2531,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2547,23 +2547,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2571,22 +2571,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -2594,22 +2594,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2617,14 +2617,14 @@ + mode="get-value-property" + priority="8"> + priority="6"> @@ -2636,15 +2636,15 @@ + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2652,22 +2652,22 @@ + mode="get-value-property" + priority="10"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2675,23 +2675,23 @@ + mode="get-value-property" + priority="8"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2699,22 +2699,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2722,22 +2722,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2745,14 +2745,14 @@ + mode="get-value-property" + priority="10"> + priority="7"> @@ -2764,15 +2764,15 @@ + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2780,22 +2780,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2803,22 +2803,22 @@ + mode="get-value-property" + priority="12"> + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2826,22 +2826,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -2849,23 +2849,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2873,22 +2873,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2896,22 +2896,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2919,23 +2919,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2943,23 +2943,23 @@ + mode="get-value-property" + priority="8"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2967,22 +2967,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2990,22 +2990,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3013,46 +3013,46 @@ + mode="get-value-property" + priority="8"> + match="j:map[@key='assessment-plan']/j:map[@key='local-definitions']/j:array[@key='objectives-and-methods']/j:map//j:array[@key='parts']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/part/prose" + _metaschema-json-id="/assembly/oscal-control-common/part/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE" + in-json="string"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3060,22 +3060,22 @@ + mode="get-value-property" + priority="10"> + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3083,23 +3083,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3107,22 +3107,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3130,14 +3130,14 @@ + mode="get-value-property" + priority="8"> + priority="7"> @@ -3152,15 +3152,15 @@ + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3168,23 +3168,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3192,22 +3192,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3215,23 +3215,23 @@ + mode="get-value-property" + priority="10"> + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3239,22 +3239,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3262,14 +3262,14 @@ + mode="get-value-property" + priority="11"> + priority="10"> @@ -3283,16 +3283,16 @@ + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3300,22 +3300,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3323,14 +3323,14 @@ + mode="get-value-property" + priority="13"> + priority="13"> @@ -3339,26 +3339,26 @@ + priority="15"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="15"> + priority="12"> @@ -3367,26 +3367,26 @@ + priority="14"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="14"> + priority="10"> @@ -3400,16 +3400,16 @@ + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3417,22 +3417,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3440,22 +3440,22 @@ + mode="get-value-property" + priority="13"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3463,23 +3463,23 @@ + mode="get-value-property" + priority="12"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3487,22 +3487,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3510,14 +3510,14 @@ + mode="get-value-property" + priority="9"> + priority="8"> @@ -3531,16 +3531,16 @@ + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3548,22 +3548,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3571,14 +3571,14 @@ + mode="get-value-property" + priority="11"> + priority="11"> @@ -3587,26 +3587,26 @@ + priority="13"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="13"> + priority="10"> @@ -3615,26 +3615,26 @@ + priority="12"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="12"> + priority="8"> @@ -3648,16 +3648,16 @@ + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3665,22 +3665,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3688,22 +3688,22 @@ + mode="get-value-property" + priority="11"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3711,19 +3711,19 @@ + mode="get-value-property" + priority="10"> + priority="3"> + key="terms-and-conditions" + gi="terms-and-conditions"> terms-and-conditions @@ -3731,15 +3731,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3747,46 +3747,46 @@ + mode="get-value-property" + priority="6"> + match="j:map[@key='assessment-plan']/j:map[@key='terms-and-conditions']//j:array[@key='parts']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-assessment-common/assessment-part/prose" + _metaschema-json-id="/assembly/oscal-assessment-common/assessment-part/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-assessment-common/assessment-part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-assessment-common/assessment-part/prose/PROSE" + in-json="string"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3794,23 +3794,23 @@ + mode="get-value-property" + priority="8"> + priority="4"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3818,22 +3818,22 @@ + mode="get-value-property" + priority="4"> + priority="6"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3841,14 +3841,14 @@ + mode="get-value-property" + priority="6"> + priority="5"> @@ -3862,16 +3862,16 @@ + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3879,22 +3879,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3902,14 +3902,14 @@ + mode="get-value-property" + priority="8"> + priority="8"> @@ -3918,26 +3918,26 @@ + priority="10"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="7"> @@ -3946,26 +3946,26 @@ + priority="9"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="9"> + priority="5"> @@ -3979,16 +3979,16 @@ + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3996,22 +3996,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4019,23 +4019,23 @@ + mode="get-value-property" + priority="8"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4043,22 +4043,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4066,22 +4066,22 @@ + mode="get-value-property" + priority="7"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4089,22 +4089,22 @@ + mode="get-value-property" + priority="10"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4112,22 +4112,22 @@ + mode="get-value-property" + priority="9"> + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4135,23 +4135,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4159,22 +4159,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -4182,22 +4182,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4205,14 +4205,14 @@ + mode="get-value-property" + priority="8"> + priority="6"> @@ -4224,15 +4224,15 @@ + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4240,22 +4240,22 @@ + mode="get-value-property" + priority="10"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4263,14 +4263,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -4283,15 +4283,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4299,22 +4299,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4322,14 +4322,14 @@ + mode="get-value-property" + priority="8"> + priority="7"> @@ -4341,15 +4341,15 @@ + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4357,22 +4357,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4380,22 +4380,22 @@ + mode="get-value-property" + priority="12"> + priority="5"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4403,23 +4403,23 @@ + mode="get-value-property" + priority="5"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4427,22 +4427,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4450,14 +4450,14 @@ + mode="get-value-property" + priority="7"> + priority="5"> @@ -4470,7 +4470,7 @@ + priority="7"> @@ -4481,13 +4481,13 @@ + priority="7"> + name="within-date-range" + key="within-date-range" + gi="within-date-range"> within-date-range @@ -4496,13 +4496,13 @@ + priority="7"> + name="at-frequency" + key="at-frequency" + gi="at-frequency"> at-frequency @@ -4511,7 +4511,7 @@ + priority="6"> @@ -4520,7 +4520,7 @@ + priority="6"> @@ -4533,15 +4533,15 @@ + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4549,22 +4549,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4572,23 +4572,23 @@ + mode="get-value-property" + priority="11"> + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4596,22 +4596,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4619,22 +4619,22 @@ + mode="get-value-property" + priority="11"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4642,22 +4642,22 @@ + mode="get-value-property" + priority="14"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4665,23 +4665,23 @@ + mode="get-value-property" + priority="13"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4689,22 +4689,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4712,22 +4712,22 @@ + mode="get-value-property" + priority="9"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4735,22 +4735,22 @@ + mode="get-value-property" + priority="12"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4758,22 +4758,22 @@ + mode="get-value-property" + priority="11"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4781,14 +4781,14 @@ + mode="get-value-property" + priority="9"> + priority="5"> @@ -4804,15 +4804,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4820,23 +4820,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4844,33 +4844,33 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> @@ -4883,15 +4883,15 @@ + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4899,22 +4899,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4922,14 +4922,14 @@ + mode="get-value-property" + priority="9"> + priority="7"> @@ -4939,14 +4939,14 @@ + priority="6"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -4957,7 +4957,7 @@ + mode="get-value-property"> @@ -4971,8 +4971,8 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + match="value[@as-type=('markup-line')]"> @@ -4982,8 +4982,8 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + match="value[@as-type=('markup-multiline')]"> @@ -5012,15 +5012,15 @@ + group-starting-with=".[matches(., '^```')]"> + select="not((position() mod 2) + number($starts-with-code))"/>

    + expand-text="true" + select="(replace(.,'^```','') ! normalize-space(.))[matches(.,'\S')]"/> @@ -5051,9 +5051,9 @@ + priority="1" + match="p[exists(@code)]" + expand-text="true">

              
                 language-{.}
    @@ -5091,8 +5091,8 @@
           
        
        
    +                  priority="5"
    +                  mode="make-row"/>
        
           
              
    @@ -5103,7 +5103,7 @@
           
        
        
    +                  mode="make-row">
           
              
                 
    @@ -5122,9 +5122,9 @@
        
           
              
    +                              select="tokenize(., '\n')">
                 
  • + type="{ if (matches(.,'\s*\d')) then 'ol' else 'ul' }">
    @@ -5138,7 +5138,7 @@ + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -5152,9 +5152,9 @@ + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + group-starting-with="li[(@level = $level) or not(@type = preceding-sibling::*[1]/@type)]">
  • @@ -5333,40 +5333,40 @@ { insertion } + elements="s:*"/> + elements="s:flag s:value"/> + name="write-xml"/> + match="s:*[exists(@gi)]" + mode="write-xml"> + match="s:value[@as-type=('markup-line','markup-multiline')]" + mode="write-xml"> + match="p | ul | ol | pre | h1 | h2 | h3 | h4 | h5 | h6 | table" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + priority="2" + match="s:flag" + mode="write-xml"> + match="*" + mode="cast-prose"> diff --git a/xml/convert/oscal_assessment-results_json-to-xml-converter.xsl b/xml/convert/oscal_assessment-results_json-to-xml-converter.xsl index b520958015..e680ab39b4 100644 --- a/xml/convert/oscal_assessment-results_json-to-xml-converter.xsl +++ b/xml/convert/oscal_assessment-results_json-to-xml-converter.xsl @@ -1,12 +1,12 @@ + xmlns:j="http://www.w3.org/2005/xpath-functions" + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsl="http://www.w3.org/1999/XSL/Transform" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + version="3.0" + exclude-result-prefixes="#all"> @@ -31,7 +31,7 @@ + select="unparsed-text($file) ! json-to-xml(.)"> {{ $err:description }} @@ -92,8 +92,8 @@ + key="assessment-results" + gi="assessment-results"> assessment-results @@ -253,8 +253,8 @@ + key="reviewed-controls" + gi="reviewed-controls"> reviewed-controls @@ -270,9 +270,9 @@ + name="include-all" + key="include-all" + gi="include-all"> include-all @@ -282,8 +282,8 @@ + name="select-objective-by-id" + gi="include-objective"> @@ -291,8 +291,8 @@ + name="select-objective-by-id" + gi="exclude-objective"> @@ -311,8 +311,8 @@ + key="related-controls" + gi="related-controls"> related-controls @@ -422,8 +422,8 @@ + key="assessment-assets" + gi="assessment-assets"> assessment-assets @@ -639,8 +639,8 @@ + key="implementation-status" + gi="implementation-status"> implementation-status @@ -662,12 +662,12 @@ + collapsible="no" + as-type="markup-multiline" + name="remarks" + key="remarks" + gi="remarks" + in-json="SCALAR"> remarks @@ -675,8 +675,8 @@ + mode="get-value-property" + priority="8"> @@ -685,16 +685,16 @@ + as-type="uuid" + name="location-uuid" + gi="location-uuid" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> @@ -703,16 +703,16 @@ + as-type="uuid" + name="party-uuid" + gi="party-uuid" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> @@ -721,16 +721,16 @@ + as-type="token" + name="role-id" + gi="role-id" + in-json="SCALAR"> + mode="get-value-property" + priority="9"> @@ -739,16 +739,16 @@ + as-type="string" + name="function-performed" + gi="function-performed" + in-json="SCALAR"> + mode="get-value-property" + priority="11"> @@ -757,11 +757,11 @@ + as-type="token" + name="risk-status" + key="status" + gi="status" + in-json="SCALAR"> status @@ -769,8 +769,8 @@ + mode="get-value-property" + priority="7"> @@ -794,11 +794,11 @@ + as-type="token" + name="risk-status" + key="status-change" + gi="status-change" + in-json="SCALAR"> status-change @@ -806,8 +806,8 @@ + mode="get-value-property" + priority="10"> @@ -827,1341 +827,1341 @@ + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="3"> + as-type="token" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="8"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="value" + key="value" + gi="value"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="group" + key="group" + gi="group"> + mode="keep-value-property" + priority="8"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="rel" + key="rel" + gi="rel"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="string" + name="resource-fragment" + key="resource-fragment" + gi="resource-fragment"> + mode="keep-value-property" + priority="8"> + priority="6"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + mode="keep-value-property" + priority="6"> + priority="6"> + mode="keep-value-property" + priority="6"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + as-type="token" + name="location-type" + key="type" + gi="type"> + mode="keep-value-property" + priority="7"> + priority="8"> + as-type="string" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="8"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="6"> + as-type="string" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uri" + name="system" + key="system" + gi="system"> + mode="keep-value-property" + priority="6"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="4"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + mode="keep-value-property" + priority="6"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="8"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + mode="keep-value-property" + priority="14"> + as-type="token" + name="objective-id" + key="objective-id" + gi="objective-id"> + mode="keep-value-property" + priority="14"> + priority="1"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="5"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="system-component-type" + key="type" + gi="type"> + mode="keep-value-property" + priority="8"> + priority="9"> + as-type="token" + name="state" + key="state" + gi="state"> + mode="keep-value-property" + priority="9"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="string" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="nonNegativeInteger" + name="start" + key="start" + gi="start"> + mode="keep-value-property" + priority="12"> + priority="1"> + as-type="nonNegativeInteger" + name="end" + key="end" + gi="end"> + mode="keep-value-property" + priority="12"> + priority="1"> + as-type="token" + name="transport" + key="transport" + gi="transport"> + mode="keep-value-property" + priority="12"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + priority="10"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + mode="keep-value-property" + priority="10"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + priority="9"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="9"> + priority="11"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + mode="keep-value-property" + priority="11"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="8"> + priority="11"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + mode="keep-value-property" + priority="11"> + priority="11"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start"> + mode="keep-value-property" + priority="11"> + priority="11"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end"> + mode="keep-value-property" + priority="11"> + priority="11"> + as-type="positiveInteger" + name="period" + key="period" + gi="period"> + mode="keep-value-property" + priority="11"> + priority="11"> + as-type="string" + name="unit" + key="unit" + gi="unit"> + mode="keep-value-property" + priority="11"> + priority="10"> + as-type="uuid" + name="task-uuid" + key="task-uuid" + gi="task-uuid"> + mode="keep-value-property" + priority="10"> + priority="10"> + as-type="uuid" + name="activity-uuid" + key="activity-uuid" + gi="activity-uuid"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="12"> + as-type="uuid" + name="subject-uuid" + key="subject-uuid" + gi="subject-uuid"> + mode="keep-value-property" + priority="15"> + as-type="token" + name="subject-type" + key="type" + gi="type"> + mode="keep-value-property" + priority="15"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="9"> + as-type="token" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="9"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + mode="keep-value-property" + priority="9"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="9"> + priority="8"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="uuid" + name="party-uuid" + key="party-uuid" + gi="party-uuid"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="uuid" + name="task-uuid" + key="task-uuid" + gi="task-uuid"> + mode="keep-value-property" + priority="10"> + priority="11"> + as-type="uuid" + name="subject-placeholder-uuid" + key="subject-placeholder-uuid" + gi="subject-placeholder-uuid"> + mode="keep-value-property" + priority="11"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="7"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="11"> + priority="1"> + as-type="uuid" + name="actor-uuid" + key="actor-uuid" + gi="actor-uuid"> + mode="keep-value-property" + priority="11"> + priority="1"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + mode="keep-value-property" + priority="11"> + as-type="uuid" + name="subject-uuid" + key="subject-uuid" + gi="subject-uuid"> + mode="keep-value-property" + priority="9"> + as-type="token" + name="subject-type" + key="type" + gi="type"> + mode="keep-value-property" + priority="9"> + priority="9"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="9"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="7"> + priority="1"> + as-type="uri" + name="system" + key="system" + gi="system"> + mode="keep-value-property" + priority="9"> + priority="1"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="9"> + priority="11"> + as-type="token" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="11"> + priority="11"> + as-type="uri" + name="system" + key="system" + gi="system"> + mode="keep-value-property" + priority="11"> + priority="11"> + as-type="string" + name="value" + key="value" + gi="value"> + mode="keep-value-property" + priority="11"> + priority="9"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="9"> + priority="9"> + as-type="uuid" + name="implementation-uuid" + key="implementation-uuid" + gi="implementation-uuid"> + mode="keep-value-property" + priority="9"> + priority="9"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="9"> + priority="9"> + as-type="token" + name="lifecycle" + key="lifecycle" + gi="lifecycle"> + mode="keep-value-property" + priority="9"> + priority="11"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="11"> + priority="10"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="10"> + priority="12"> + as-type="uuid" + name="response-uuid" + key="response-uuid" + gi="response-uuid"> + mode="keep-value-property" + priority="12"> + priority="9"> + as-type="uuid" + name="observation-uuid" + key="observation-uuid" + gi="observation-uuid"> + mode="keep-value-property" + priority="9"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="7"> + as-type="string" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="target-id" + key="target-id" + gi="target-id"> + mode="keep-value-property" + priority="8"> + priority="9"> + as-type="token" + name="state" + key="state" + gi="state"> + mode="keep-value-property" + priority="9"> + priority="9"> + as-type="token" + name="reason" + key="reason" + gi="reason"> + mode="keep-value-property" + priority="9"> + priority="1"> + as-type="token" + name="state" + key="state" + gi="state"> + mode="keep-value-property" + priority="9"> + priority="9"> + as-type="uuid" + name="observation-uuid" + key="observation-uuid" + gi="observation-uuid"> + mode="keep-value-property" + priority="9"> + priority="9"> + as-type="uuid" + name="risk-uuid" + key="risk-uuid" + gi="risk-uuid"> + mode="keep-value-property" + priority="9"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="8"> + priority="3"> + as-type="string" + name="algorithm" + key="algorithm" + gi="algorithm"> + mode="keep-value-property" + priority="10"> + priority="7"> + as-type="token" + name="filename" + key="filename" + gi="filename"> + mode="keep-value-property" + priority="7"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="7"> + priority="4"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2169,22 +2169,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -2192,22 +2192,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -2215,22 +2215,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -2238,22 +2238,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -2261,14 +2261,14 @@ + mode="get-value-property" + priority="4"> + priority="5"> @@ -2283,14 +2283,14 @@ + priority="4"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -2298,15 +2298,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2314,22 +2314,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -2337,22 +2337,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -2360,22 +2360,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -2383,22 +2383,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -2406,22 +2406,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2429,41 +2429,41 @@ + mode="get-value-property" + priority="8"> + priority="5"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2471,14 +2471,14 @@ + mode="get-value-property" + priority="6"> + priority="5"> @@ -2492,15 +2492,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2508,22 +2508,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -2531,23 +2531,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2555,22 +2555,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2578,14 +2578,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -2601,15 +2601,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2617,14 +2617,14 @@ + mode="get-value-property" + priority="6"> + priority="6"> @@ -2640,34 +2640,34 @@ + priority="8"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="7"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -2675,22 +2675,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -2698,22 +2698,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -2721,22 +2721,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -2744,80 +2744,80 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="7"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2825,14 +2825,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -2852,15 +2852,15 @@ + priority="6"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -2868,22 +2868,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -2891,41 +2891,41 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="external-id" + gi="external-id"> + mode="get-value-property"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2933,52 +2933,52 @@ + mode="get-value-property" + priority="8"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="8"> @@ -2991,34 +2991,34 @@ + priority="10"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="9"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -3026,22 +3026,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -3049,22 +3049,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -3072,22 +3072,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -3095,41 +3095,41 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3137,22 +3137,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3160,22 +3160,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3183,19 +3183,19 @@ + mode="get-value-property" + priority="10"> + priority="3"> + key="local-definitions" + gi="local-definitions"> local-definitions @@ -3205,16 +3205,16 @@ + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3222,22 +3222,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3245,22 +3245,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3268,46 +3268,46 @@ + mode="get-value-property" + priority="8"> + match="j:map[@key='assessment-results']/j:map[@key='local-definitions']/j:array[@key='objectives-and-methods']/j:map//j:array[@key='parts']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/part/prose" + _metaschema-json-id="/assembly/oscal-control-common/part/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE" + in-json="string"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3315,22 +3315,22 @@ + mode="get-value-property" + priority="10"> + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3338,23 +3338,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3362,22 +3362,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3385,14 +3385,14 @@ + mode="get-value-property" + priority="8"> + priority="7"> @@ -3407,15 +3407,15 @@ + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3423,23 +3423,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3447,22 +3447,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3470,23 +3470,23 @@ + mode="get-value-property" + priority="10"> + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3494,22 +3494,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3517,14 +3517,14 @@ + mode="get-value-property" + priority="11"> + priority="10"> @@ -3538,16 +3538,16 @@ + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3555,22 +3555,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3578,14 +3578,14 @@ + mode="get-value-property" + priority="13"> + priority="13"> @@ -3594,26 +3594,26 @@ + priority="15"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="15"> + priority="12"> @@ -3622,26 +3622,26 @@ + priority="14"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="14"> + priority="10"> @@ -3655,16 +3655,16 @@ + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3672,22 +3672,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3695,22 +3695,22 @@ + mode="get-value-property" + priority="13"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3718,23 +3718,23 @@ + mode="get-value-property" + priority="12"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3742,22 +3742,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3765,14 +3765,14 @@ + mode="get-value-property" + priority="9"> + priority="8"> @@ -3786,16 +3786,16 @@ + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3803,22 +3803,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3826,14 +3826,14 @@ + mode="get-value-property" + priority="11"> + priority="11"> @@ -3842,26 +3842,26 @@ + priority="13"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="13"> + priority="10"> @@ -3870,26 +3870,26 @@ + priority="12"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="12"> + priority="8"> @@ -3903,16 +3903,16 @@ + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3920,22 +3920,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3943,22 +3943,22 @@ + mode="get-value-property" + priority="11"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3966,22 +3966,22 @@ + mode="get-value-property" + priority="10"> + priority="5"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3989,23 +3989,23 @@ + mode="get-value-property" + priority="5"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4013,22 +4013,22 @@ + mode="get-value-property" + priority="5"> + priority="5"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start" + in-json="SCALAR"> start @@ -4036,22 +4036,22 @@ + mode="get-value-property" + priority="5"> + priority="5"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end" + in-json="SCALAR"> end @@ -4059,22 +4059,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4082,19 +4082,19 @@ + mode="get-value-property" + priority="7"> + priority="5"> + key="local-definitions" + gi="local-definitions"> local-definitions @@ -4106,15 +4106,15 @@ + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4122,23 +4122,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4146,22 +4146,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -4169,22 +4169,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4192,14 +4192,14 @@ + mode="get-value-property" + priority="10"> + priority="8"> @@ -4211,15 +4211,15 @@ + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4227,22 +4227,22 @@ + mode="get-value-property" + priority="12"> + priority="10"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4250,23 +4250,23 @@ + mode="get-value-property" + priority="10"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4274,22 +4274,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4297,22 +4297,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4320,14 +4320,14 @@ + mode="get-value-property" + priority="12"> + priority="9"> @@ -4339,15 +4339,15 @@ + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4355,22 +4355,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4378,22 +4378,22 @@ + mode="get-value-property" + priority="14"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4401,22 +4401,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -4424,23 +4424,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4448,22 +4448,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4471,22 +4471,22 @@ + mode="get-value-property" + priority="10"> + priority="10"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4494,23 +4494,23 @@ + mode="get-value-property" + priority="10"> + priority="10"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4518,22 +4518,22 @@ + mode="get-value-property" + priority="10"> + priority="9"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4541,23 +4541,23 @@ + mode="get-value-property" + priority="9"> + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4565,22 +4565,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -4588,22 +4588,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4611,14 +4611,14 @@ + mode="get-value-property" + priority="11"> + priority="9"> @@ -4630,15 +4630,15 @@ + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4646,22 +4646,22 @@ + mode="get-value-property" + priority="13"> + priority="11"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4669,14 +4669,14 @@ + mode="get-value-property" + priority="11"> + priority="8"> @@ -4689,15 +4689,15 @@ + priority="9"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4705,22 +4705,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4728,14 +4728,14 @@ + mode="get-value-property" + priority="11"> + priority="10"> @@ -4747,15 +4747,15 @@ + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4763,22 +4763,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4786,22 +4786,22 @@ + mode="get-value-property" + priority="15"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4809,23 +4809,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4833,22 +4833,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4856,14 +4856,14 @@ + mode="get-value-property" + priority="10"> + priority="8"> @@ -4876,7 +4876,7 @@ + priority="10"> @@ -4887,13 +4887,13 @@ + priority="10"> + name="within-date-range" + key="within-date-range" + gi="within-date-range"> within-date-range @@ -4902,13 +4902,13 @@ + priority="10"> + name="at-frequency" + key="at-frequency" + gi="at-frequency"> at-frequency @@ -4917,7 +4917,7 @@ + priority="9"> @@ -4926,7 +4926,7 @@ + priority="9"> @@ -4939,15 +4939,15 @@ + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4955,22 +4955,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4978,23 +4978,23 @@ + mode="get-value-property" + priority="14"> + priority="12"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -5002,22 +5002,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5025,22 +5025,22 @@ + mode="get-value-property" + priority="14"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5048,22 +5048,22 @@ + mode="get-value-property" + priority="17"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5071,23 +5071,23 @@ + mode="get-value-property" + priority="16"> + priority="10"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -5095,22 +5095,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5118,22 +5118,22 @@ + mode="get-value-property" + priority="12"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5141,22 +5141,22 @@ + mode="get-value-property" + priority="15"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5164,22 +5164,22 @@ + mode="get-value-property" + priority="14"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5187,23 +5187,23 @@ + mode="get-value-property" + priority="12"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -5211,22 +5211,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5234,14 +5234,14 @@ + mode="get-value-property" + priority="8"> + priority="7"> @@ -5255,16 +5255,16 @@ + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -5272,22 +5272,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5295,14 +5295,14 @@ + mode="get-value-property" + priority="10"> + priority="10"> @@ -5311,26 +5311,26 @@ + priority="12"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="12"> + priority="9"> @@ -5339,26 +5339,26 @@ + priority="11"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="11"> + priority="7"> @@ -5372,16 +5372,16 @@ + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -5389,22 +5389,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5412,14 +5412,14 @@ + mode="get-value-property" + priority="10"> + priority="6"> @@ -5428,15 +5428,15 @@ + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5444,22 +5444,22 @@ + mode="get-value-property" + priority="11"> + priority="9"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5467,46 +5467,46 @@ + mode="get-value-property" + priority="9"> + match="j:map[@key='assessment-results']/j:array[@key='results']/j:map/j:array[@key='attestations']/j:map//j:array[@key='parts']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-assessment-common/assessment-part/prose" + _metaschema-json-id="/assembly/oscal-assessment-common/assessment-part/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-assessment-common/assessment-part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-assessment-common/assessment-part/prose/PROSE" + in-json="string"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5514,14 +5514,14 @@ + mode="get-value-property" + priority="11"> + priority="5"> @@ -5532,7 +5532,7 @@ + priority="7"> @@ -5549,15 +5549,15 @@ + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5565,23 +5565,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -5589,22 +5589,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start" + in-json="SCALAR"> start @@ -5612,22 +5612,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end" + in-json="SCALAR"> end @@ -5635,22 +5635,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5658,22 +5658,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5681,22 +5681,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5704,23 +5704,23 @@ + mode="get-value-property" + priority="14"> + priority="12"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -5728,22 +5728,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5751,22 +5751,22 @@ + mode="get-value-property" + priority="14"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5774,22 +5774,22 @@ + mode="get-value-property" + priority="17"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5797,19 +5797,19 @@ + mode="get-value-property" + priority="16"> + priority="10"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -5818,16 +5818,16 @@ + priority="13"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -5835,22 +5835,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5858,22 +5858,22 @@ + mode="get-value-property" + priority="15"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5881,22 +5881,22 @@ + mode="get-value-property" + priority="18"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5904,22 +5904,22 @@ + mode="get-value-property" + priority="17"> + priority="7"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5927,23 +5927,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -5951,22 +5951,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5974,60 +5974,60 @@ + mode="get-value-property" + priority="9"> + priority="8"> + as-type="string" + name="method" + gi="method" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="8"> + as-type="token" + name="type" + gi="type" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6035,22 +6035,22 @@ + mode="get-value-property" + priority="13"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6058,22 +6058,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6081,23 +6081,23 @@ + mode="get-value-property" + priority="15"> + priority="13"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -6105,22 +6105,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6128,22 +6128,22 @@ + mode="get-value-property" + priority="15"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6151,22 +6151,22 @@ + mode="get-value-property" + priority="18"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6174,19 +6174,19 @@ + mode="get-value-property" + priority="17"> + priority="11"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -6195,16 +6195,16 @@ + priority="14"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -6212,22 +6212,22 @@ + mode="get-value-property" + priority="14"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6235,22 +6235,22 @@ + mode="get-value-property" + priority="16"> + priority="19"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6258,22 +6258,22 @@ + mode="get-value-property" + priority="19"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6281,14 +6281,14 @@ + mode="get-value-property" + priority="18"> + priority="8"> @@ -6301,15 +6301,15 @@ + priority="9"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6317,22 +6317,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6340,14 +6340,14 @@ + mode="get-value-property" + priority="11"> + priority="8"> @@ -6359,16 +6359,16 @@ + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -6376,22 +6376,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6399,22 +6399,22 @@ + mode="get-value-property" + priority="11"> + priority="7"> + as-type="dateTime-with-timezone" + name="collected" + key="collected" + gi="collected" + in-json="SCALAR"> collected @@ -6422,22 +6422,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="dateTime-with-timezone" + name="expires" + key="expires" + gi="expires" + in-json="SCALAR"> expires @@ -6445,22 +6445,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6468,23 +6468,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -6492,23 +6492,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="statement" + key="statement" + gi="statement" + in-json="SCALAR"> statement @@ -6516,22 +6516,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6539,22 +6539,22 @@ + mode="get-value-property" + priority="9"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6562,22 +6562,22 @@ + mode="get-value-property" + priority="13"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6585,22 +6585,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6608,23 +6608,23 @@ + mode="get-value-property" + priority="15"> + priority="13"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -6632,22 +6632,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6655,22 +6655,22 @@ + mode="get-value-property" + priority="15"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6678,22 +6678,22 @@ + mode="get-value-property" + priority="18"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6701,19 +6701,19 @@ + mode="get-value-property" + priority="17"> + priority="11"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -6722,16 +6722,16 @@ + priority="14"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -6739,22 +6739,22 @@ + mode="get-value-property" + priority="14"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6762,22 +6762,22 @@ + mode="get-value-property" + priority="16"> + priority="19"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6785,22 +6785,22 @@ + mode="get-value-property" + priority="19"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6808,22 +6808,22 @@ + mode="get-value-property" + priority="18"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6831,22 +6831,22 @@ + mode="get-value-property" + priority="11"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6854,22 +6854,22 @@ + mode="get-value-property" + priority="14"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6877,22 +6877,22 @@ + mode="get-value-property" + priority="14"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6900,23 +6900,23 @@ + mode="get-value-property" + priority="16"> + priority="14"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -6924,22 +6924,22 @@ + mode="get-value-property" + priority="14"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6947,22 +6947,22 @@ + mode="get-value-property" + priority="16"> + priority="19"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6970,22 +6970,22 @@ + mode="get-value-property" + priority="19"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6993,19 +6993,19 @@ + mode="get-value-property" + priority="18"> + priority="12"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -7014,16 +7014,16 @@ + priority="15"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -7031,22 +7031,22 @@ + mode="get-value-property" + priority="15"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7054,22 +7054,22 @@ + mode="get-value-property" + priority="17"> + priority="20"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7077,22 +7077,22 @@ + mode="get-value-property" + priority="20"> + priority="19"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7100,14 +7100,14 @@ + mode="get-value-property" + priority="19"> + priority="10"> @@ -7120,15 +7120,15 @@ + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7136,14 +7136,14 @@ + mode="get-value-property" + priority="13"> + priority="8"> @@ -7156,16 +7156,16 @@ + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -7173,22 +7173,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7196,14 +7196,14 @@ + mode="get-value-property" + priority="11"> + priority="10"> @@ -7216,15 +7216,15 @@ + priority="11"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -7232,22 +7232,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7255,22 +7255,22 @@ + mode="get-value-property" + priority="13"> + priority="7"> + as-type="dateTime-with-timezone" + name="deadline" + key="deadline" + gi="deadline" + in-json="SCALAR"> deadline @@ -7278,14 +7278,14 @@ + mode="get-value-property" + priority="7"> + priority="8"> @@ -7302,15 +7302,15 @@ + priority="9"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -7318,23 +7318,23 @@ + mode="get-value-property" + priority="9"> + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -7342,22 +7342,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7365,22 +7365,22 @@ + mode="get-value-property" + priority="11"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7388,22 +7388,22 @@ + mode="get-value-property" + priority="15"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7411,22 +7411,22 @@ + mode="get-value-property" + priority="15"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7434,23 +7434,23 @@ + mode="get-value-property" + priority="17"> + priority="15"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -7458,22 +7458,22 @@ + mode="get-value-property" + priority="15"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7481,22 +7481,22 @@ + mode="get-value-property" + priority="17"> + priority="20"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7504,22 +7504,22 @@ + mode="get-value-property" + priority="20"> + priority="19"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7527,19 +7527,19 @@ + mode="get-value-property" + priority="19"> + priority="13"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -7548,16 +7548,16 @@ + priority="16"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -7565,22 +7565,22 @@ + mode="get-value-property" + priority="16"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7588,22 +7588,22 @@ + mode="get-value-property" + priority="18"> + priority="21"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7611,22 +7611,22 @@ + mode="get-value-property" + priority="21"> + priority="20"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7634,14 +7634,14 @@ + mode="get-value-property" + priority="20"> + priority="10"> @@ -7655,7 +7655,7 @@ + priority="12"> @@ -7668,15 +7668,15 @@ + priority="13"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -7684,22 +7684,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7707,22 +7707,22 @@ + mode="get-value-property" + priority="15"> + priority="11"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -7730,23 +7730,23 @@ + mode="get-value-property" + priority="11"> + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -7754,22 +7754,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7777,22 +7777,22 @@ + mode="get-value-property" + priority="13"> + priority="11"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -7800,23 +7800,23 @@ + mode="get-value-property" + priority="11"> + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -7824,22 +7824,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7847,14 +7847,14 @@ + mode="get-value-property" + priority="13"> + priority="11"> @@ -7867,7 +7867,7 @@ + priority="13"> @@ -7878,13 +7878,13 @@ + priority="13"> + name="within-date-range" + key="within-date-range" + gi="within-date-range"> within-date-range @@ -7893,13 +7893,13 @@ + priority="13"> + name="at-frequency" + key="at-frequency" + gi="at-frequency"> at-frequency @@ -7908,7 +7908,7 @@ + priority="12"> @@ -7917,7 +7917,7 @@ + priority="12"> @@ -7930,15 +7930,15 @@ + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7946,22 +7946,22 @@ + mode="get-value-property" + priority="15"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7969,23 +7969,23 @@ + mode="get-value-property" + priority="17"> + priority="15"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -7993,22 +7993,22 @@ + mode="get-value-property" + priority="15"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8016,22 +8016,22 @@ + mode="get-value-property" + priority="17"> + priority="20"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8039,22 +8039,22 @@ + mode="get-value-property" + priority="20"> + priority="19"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8062,23 +8062,23 @@ + mode="get-value-property" + priority="19"> + priority="13"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -8086,22 +8086,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8109,22 +8109,22 @@ + mode="get-value-property" + priority="15"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8132,22 +8132,22 @@ + mode="get-value-property" + priority="18"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8155,22 +8155,22 @@ + mode="get-value-property" + priority="17"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8178,14 +8178,14 @@ + mode="get-value-property" + priority="15"> + priority="7"> @@ -8196,7 +8196,7 @@ + priority="9"> @@ -8214,15 +8214,15 @@ + priority="10"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -8230,23 +8230,23 @@ + mode="get-value-property" + priority="10"> + priority="10"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -8254,22 +8254,22 @@ + mode="get-value-property" + priority="10"> + priority="10"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start" + in-json="SCALAR"> start @@ -8277,22 +8277,22 @@ + mode="get-value-property" + priority="10"> + priority="10"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end" + in-json="SCALAR"> end @@ -8300,22 +8300,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8323,14 +8323,14 @@ + mode="get-value-property" + priority="12"> + priority="11"> @@ -8342,15 +8342,15 @@ + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8358,22 +8358,22 @@ + mode="get-value-property" + priority="14"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8381,22 +8381,22 @@ + mode="get-value-property" + priority="16"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8404,23 +8404,23 @@ + mode="get-value-property" + priority="18"> + priority="16"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -8428,22 +8428,22 @@ + mode="get-value-property" + priority="16"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8451,22 +8451,22 @@ + mode="get-value-property" + priority="18"> + priority="21"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8474,22 +8474,22 @@ + mode="get-value-property" + priority="21"> + priority="20"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8497,19 +8497,19 @@ + mode="get-value-property" + priority="20"> + priority="14"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -8518,16 +8518,16 @@ + priority="17"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -8535,22 +8535,22 @@ + mode="get-value-property" + priority="17"> + priority="19"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8558,22 +8558,22 @@ + mode="get-value-property" + priority="19"> + priority="22"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8581,22 +8581,22 @@ + mode="get-value-property" + priority="22"> + priority="21"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8604,14 +8604,14 @@ + mode="get-value-property" + priority="21"> + priority="8"> @@ -8619,15 +8619,15 @@ + priority="7"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -8635,23 +8635,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -8659,22 +8659,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8682,22 +8682,22 @@ + mode="get-value-property" + priority="9"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8705,22 +8705,22 @@ + mode="get-value-property" + priority="13"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8728,22 +8728,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8751,23 +8751,23 @@ + mode="get-value-property" + priority="15"> + priority="13"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -8775,22 +8775,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8798,22 +8798,22 @@ + mode="get-value-property" + priority="15"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8821,22 +8821,22 @@ + mode="get-value-property" + priority="18"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8844,19 +8844,19 @@ + mode="get-value-property" + priority="17"> + priority="11"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -8865,16 +8865,16 @@ + priority="14"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -8882,22 +8882,22 @@ + mode="get-value-property" + priority="14"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8905,22 +8905,22 @@ + mode="get-value-property" + priority="16"> + priority="19"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8928,22 +8928,22 @@ + mode="get-value-property" + priority="19"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8951,22 +8951,22 @@ + mode="get-value-property" + priority="18"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -8974,23 +8974,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -8998,22 +8998,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -9021,14 +9021,14 @@ + mode="get-value-property" + priority="10"> + priority="8"> @@ -9041,15 +9041,15 @@ + priority="7"> + as-type="uuid" + name="implementation-statement-uuid" + key="implementation-statement-uuid" + gi="implementation-statement-uuid" + in-json="SCALAR"> implementation-statement-uuid @@ -9057,14 +9057,14 @@ + mode="get-value-property" + priority="7"> + priority="8"> @@ -9072,7 +9072,7 @@ + priority="8"> @@ -9080,7 +9080,7 @@ + priority="5"> @@ -9096,15 +9096,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -9112,23 +9112,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -9136,33 +9136,33 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> @@ -9175,15 +9175,15 @@ + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -9191,22 +9191,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -9214,14 +9214,14 @@ + mode="get-value-property" + priority="9"> + priority="7"> @@ -9231,14 +9231,14 @@ + priority="6"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -9249,7 +9249,7 @@ + mode="get-value-property"> @@ -9263,8 +9263,8 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + match="value[@as-type=('markup-line')]"> @@ -9274,8 +9274,8 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + match="value[@as-type=('markup-multiline')]"> @@ -9304,15 +9304,15 @@ + group-starting-with=".[matches(., '^```')]"> + select="not((position() mod 2) + number($starts-with-code))"/>

    + expand-text="true" + select="(replace(.,'^```','') ! normalize-space(.))[matches(.,'\S')]"/> @@ -9343,9 +9343,9 @@ + priority="1" + match="p[exists(@code)]" + expand-text="true">

              
                 language-{.}
    @@ -9383,8 +9383,8 @@
           
        
        
    +                  priority="5"
    +                  mode="make-row"/>
        
           
              
    @@ -9395,7 +9395,7 @@
           
        
        
    +                  mode="make-row">
           
              
                 
    @@ -9414,9 +9414,9 @@
        
           
              
    +                              select="tokenize(., '\n')">
                 
  • + type="{ if (matches(.,'\s*\d')) then 'ol' else 'ul' }">
    @@ -9430,7 +9430,7 @@ + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -9444,9 +9444,9 @@ + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + group-starting-with="li[(@level = $level) or not(@type = preceding-sibling::*[1]/@type)]">
  • @@ -9625,40 +9625,40 @@ { insertion } + elements="s:*"/> + elements="s:flag s:value"/> + name="write-xml"/> + match="s:*[exists(@gi)]" + mode="write-xml"> + match="s:value[@as-type=('markup-line','markup-multiline')]" + mode="write-xml"> + match="p | ul | ol | pre | h1 | h2 | h3 | h4 | h5 | h6 | table" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + priority="2" + match="s:flag" + mode="write-xml"> + match="*" + mode="cast-prose"> diff --git a/xml/convert/oscal_catalog_json-to-xml-converter.xsl b/xml/convert/oscal_catalog_json-to-xml-converter.xsl index 40898b7c45..cfc8270896 100644 --- a/xml/convert/oscal_catalog_json-to-xml-converter.xsl +++ b/xml/convert/oscal_catalog_json-to-xml-converter.xsl @@ -1,12 +1,12 @@ + xmlns:j="http://www.w3.org/2005/xpath-functions" + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsl="http://www.w3.org/1999/XSL/Transform" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + version="3.0" + exclude-result-prefixes="#all"> @@ -31,7 +31,7 @@ + select="unparsed-text($file) ! json-to-xml(.)"> {{ $err:description }} @@ -257,8 +257,8 @@ + key="target-resource" + gi="target-resource"> target-resource @@ -333,12 +333,12 @@ + collapsible="no" + as-type="markup-multiline" + name="remarks" + key="remarks" + gi="remarks" + in-json="SCALAR"> remarks @@ -346,8 +346,8 @@ + mode="get-value-property" + priority="8"> @@ -356,16 +356,16 @@ + as-type="uuid" + name="location-uuid" + gi="location-uuid" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> @@ -374,16 +374,16 @@ + as-type="uuid" + name="party-uuid" + gi="party-uuid" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> @@ -392,16 +392,16 @@ + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> @@ -422,613 +422,613 @@ + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="3"> + as-type="token" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="8"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="value" + key="value" + gi="value"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="group" + key="group" + gi="group"> + mode="keep-value-property" + priority="8"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="rel" + key="rel" + gi="rel"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="string" + name="resource-fragment" + key="resource-fragment" + gi="resource-fragment"> + mode="keep-value-property" + priority="8"> + priority="6"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + mode="keep-value-property" + priority="6"> + priority="6"> + mode="keep-value-property" + priority="6"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + as-type="token" + name="location-type" + key="type" + gi="type"> + mode="keep-value-property" + priority="7"> + priority="8"> + as-type="string" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="8"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="6"> + as-type="string" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uri" + name="system" + key="system" + gi="system"> + mode="keep-value-property" + priority="6"> + mode="keep-value-property" + priority="5"> + priority="1"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="5"> + priority="1"> + as-type="token" + name="depends-on" + key="depends-on" + deprecated="1.0.1" + gi="depends-on"> + mode="keep-value-property" + priority="5"> + as-type="token" + name="how-many" + key="how-many" + gi="how-many"> + mode="keep-value-property" + priority="7"> + mode="keep-value-property" + priority="5"> + priority="1"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="5"> + mode="keep-value-property" + priority="7"> + as-type="token" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="7"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + mode="keep-value-property" + priority="7"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="7"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="7"> + priority="1"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="7"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + priority="9"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + mode="keep-value-property" + priority="9"> + priority="1"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="string" + name="id-ref" + key="id-ref" + gi="id-ref"> + mode="keep-value-property" + priority="10"> + mode="keep-value-property" + priority="5"> + priority="1"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="5"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="8"> + priority="3"> + as-type="string" + name="algorithm" + key="algorithm" + gi="algorithm"> + mode="keep-value-property" + priority="10"> + priority="7"> + as-type="token" + name="filename" + key="filename" + gi="filename"> + mode="keep-value-property" + priority="7"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="7"> + priority="4"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1036,22 +1036,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -1059,22 +1059,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -1082,22 +1082,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -1105,22 +1105,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -1128,14 +1128,14 @@ + mode="get-value-property" + priority="4"> + priority="5"> @@ -1150,14 +1150,14 @@ + priority="4"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -1165,15 +1165,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1181,22 +1181,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -1204,22 +1204,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -1227,22 +1227,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -1250,22 +1250,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -1273,22 +1273,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1296,41 +1296,41 @@ + mode="get-value-property" + priority="8"> + priority="5"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1338,14 +1338,14 @@ + mode="get-value-property" + priority="6"> + priority="5"> @@ -1359,15 +1359,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1375,22 +1375,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -1398,23 +1398,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -1422,22 +1422,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1445,14 +1445,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -1468,15 +1468,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1484,14 +1484,14 @@ + mode="get-value-property" + priority="6"> + priority="6"> @@ -1507,34 +1507,34 @@ + priority="8"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="7"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -1542,22 +1542,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -1565,22 +1565,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -1588,22 +1588,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -1611,80 +1611,80 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="7"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1692,14 +1692,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -1719,15 +1719,15 @@ + priority="6"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -1735,22 +1735,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -1758,41 +1758,41 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="external-id" + gi="external-id"> + mode="get-value-property"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1800,52 +1800,52 @@ + mode="get-value-property" + priority="8"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="8"> @@ -1858,34 +1858,34 @@ + priority="10"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="9"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -1893,22 +1893,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -1916,22 +1916,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -1939,22 +1939,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -1962,41 +1962,41 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2004,22 +2004,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2027,22 +2027,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2050,22 +2050,22 @@ + mode="get-value-property" + priority="10"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2073,22 +2073,22 @@ + mode="get-value-property" + priority="7"> + priority="5"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -2096,23 +2096,23 @@ + mode="get-value-property" + priority="5"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage @@ -2120,23 +2120,23 @@ + mode="get-value-property" + priority="5"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2144,14 +2144,14 @@ + mode="get-value-property" + priority="7"> + priority="8"> @@ -2160,15 +2160,15 @@ + priority="9"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -2176,65 +2176,65 @@ + mode="get-value-property" + priority="9"> + match="j:map[@key='catalog']/j:array[@key='params']/j:map/j:array[@key='guidelines']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + in-json="string"> + priority="8"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="5"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2242,22 +2242,22 @@ + mode="get-value-property" + priority="5"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2265,22 +2265,22 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -2288,23 +2288,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage @@ -2312,23 +2312,23 @@ + mode="get-value-property" + priority="7"> + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2336,14 +2336,14 @@ + mode="get-value-property" + priority="9"> + priority="10"> @@ -2352,15 +2352,15 @@ + priority="11"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -2368,65 +2368,65 @@ + mode="get-value-property" + priority="11"> + match="j:map[@key='catalog']//j:array[@key='controls']/j:map/j:array[@key='params']/j:map/j:array[@key='guidelines']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + in-json="string"> + priority="10"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2434,22 +2434,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2457,46 +2457,46 @@ + mode="get-value-property" + priority="7"> + match="j:map[@key='catalog']//j:array[@key='controls']/j:map//j:array[@key='parts']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/part/prose" + _metaschema-json-id="/assembly/oscal-control-common/part/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE" + in-json="string"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2504,14 +2504,14 @@ + mode="get-value-property" + priority="9"> + priority="5"> @@ -2524,15 +2524,15 @@ + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2540,22 +2540,22 @@ + mode="get-value-property" + priority="9"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2563,21 +2563,21 @@ + mode="get-value-property" + priority="10"> + priority="8"> + as-type="token" + name="relationship" + key="relationship" + gi="relationship"> relationship @@ -2587,21 +2587,21 @@ + mode="get-value-property"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2609,22 +2609,22 @@ + mode="get-value-property" + priority="12"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2632,22 +2632,22 @@ + mode="get-value-property" + priority="12"> + priority="5"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2655,22 +2655,22 @@ + mode="get-value-property" + priority="5"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2678,22 +2678,22 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -2701,23 +2701,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage @@ -2725,23 +2725,23 @@ + mode="get-value-property" + priority="7"> + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2749,14 +2749,14 @@ + mode="get-value-property" + priority="9"> + priority="10"> @@ -2765,15 +2765,15 @@ + priority="11"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -2781,65 +2781,65 @@ + mode="get-value-property" + priority="11"> + match="j:map[@key='catalog']//j:array[@key='groups']/j:map/j:array[@key='params']/j:map/j:array[@key='guidelines']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + in-json="string"> + priority="10"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2847,22 +2847,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2870,46 +2870,46 @@ + mode="get-value-property" + priority="7"> + match="j:map[@key='catalog']//j:array[@key='groups']/j:map//j:array[@key='parts']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/part/prose" + _metaschema-json-id="/assembly/oscal-control-common/part/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE" + in-json="string"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2917,22 +2917,22 @@ + mode="get-value-property" + priority="9"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2940,22 +2940,22 @@ + mode="get-value-property" + priority="8"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2963,22 +2963,22 @@ + mode="get-value-property" + priority="12"> + priority="10"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -2986,23 +2986,23 @@ + mode="get-value-property" + priority="10"> + priority="10"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage @@ -3010,23 +3010,23 @@ + mode="get-value-property" + priority="10"> + priority="12"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3034,14 +3034,14 @@ + mode="get-value-property" + priority="12"> + priority="13"> @@ -3050,15 +3050,15 @@ + priority="14"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -3066,65 +3066,65 @@ + mode="get-value-property" + priority="14"> + match="j:map[@key='catalog']//j:array[@key='groups']/j:map//j:array[@key='controls']/j:map/j:array[@key='params']/j:map/j:array[@key='guidelines']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + in-json="string"> + priority="13"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + mode="get-value-property" + priority="13"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3132,22 +3132,22 @@ + mode="get-value-property" + priority="10"> + priority="10"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3155,46 +3155,46 @@ + mode="get-value-property" + priority="10"> + match="j:map[@key='catalog']//j:array[@key='groups']/j:map//j:array[@key='controls']/j:map//j:array[@key='parts']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/part/prose" + _metaschema-json-id="/assembly/oscal-control-common/part/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE" + in-json="string"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3202,14 +3202,14 @@ + mode="get-value-property" + priority="12"> + priority="8"> @@ -3222,15 +3222,15 @@ + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3238,22 +3238,22 @@ + mode="get-value-property" + priority="12"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3261,21 +3261,21 @@ + mode="get-value-property" + priority="13"> + priority="11"> + as-type="token" + name="relationship" + key="relationship" + gi="relationship"> relationship @@ -3285,21 +3285,21 @@ + mode="get-value-property"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3307,22 +3307,22 @@ + mode="get-value-property" + priority="15"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3330,14 +3330,14 @@ + mode="get-value-property" + priority="15"> + priority="5"> @@ -3353,15 +3353,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3369,23 +3369,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3393,33 +3393,33 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> @@ -3432,15 +3432,15 @@ + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3448,22 +3448,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3471,14 +3471,14 @@ + mode="get-value-property" + priority="9"> + priority="7"> @@ -3488,14 +3488,14 @@ + priority="6"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -3506,7 +3506,7 @@ + mode="get-value-property"> @@ -3520,8 +3520,8 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + match="value[@as-type=('markup-line')]"> @@ -3531,8 +3531,8 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + match="value[@as-type=('markup-multiline')]"> @@ -3561,15 +3561,15 @@ + group-starting-with=".[matches(., '^```')]"> + select="not((position() mod 2) + number($starts-with-code))"/>

    + expand-text="true" + select="(replace(.,'^```','') ! normalize-space(.))[matches(.,'\S')]"/> @@ -3600,9 +3600,9 @@ + priority="1" + match="p[exists(@code)]" + expand-text="true">

              
                 language-{.}
    @@ -3640,8 +3640,8 @@
           
        
        
    +                  priority="5"
    +                  mode="make-row"/>
        
           
              
    @@ -3652,7 +3652,7 @@
           
        
        
    +                  mode="make-row">
           
              
                 
    @@ -3671,9 +3671,9 @@
        
           
              
    +                              select="tokenize(., '\n')">
                 
  • + type="{ if (matches(.,'\s*\d')) then 'ol' else 'ul' }">
    @@ -3687,7 +3687,7 @@ + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3701,9 +3701,9 @@ + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + group-starting-with="li[(@level = $level) or not(@type = preceding-sibling::*[1]/@type)]">
  • @@ -3882,40 +3882,40 @@ { insertion } + elements="s:*"/> + elements="s:flag s:value"/> + name="write-xml"/> + match="s:*[exists(@gi)]" + mode="write-xml"> + match="s:value[@as-type=('markup-line','markup-multiline')]" + mode="write-xml"> + match="p | ul | ol | pre | h1 | h2 | h3 | h4 | h5 | h6 | table" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + priority="2" + match="s:flag" + mode="write-xml"> + match="*" + mode="cast-prose"> diff --git a/xml/convert/oscal_complete_json-to-xml-converter.xsl b/xml/convert/oscal_complete_json-to-xml-converter.xsl index e06da6432e..b012c6b05e 100644 --- a/xml/convert/oscal_complete_json-to-xml-converter.xsl +++ b/xml/convert/oscal_complete_json-to-xml-converter.xsl @@ -1,12 +1,12 @@ + xmlns:j="http://www.w3.org/2005/xpath-functions" + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsl="http://www.w3.org/1999/XSL/Transform" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + version="3.0" + exclude-result-prefixes="#all"> @@ -31,7 +31,7 @@ + select="unparsed-text($file) ! json-to-xml(.)"> {{ $err:description }} @@ -272,8 +272,8 @@ + key="target-resource" + gi="target-resource"> target-resource @@ -381,8 +381,8 @@ + key="mapping-collection" + gi="mapping-collection"> mapping-collection @@ -412,8 +412,8 @@ + key="source-resource" + gi="source-resource"> source-resource @@ -456,9 +456,9 @@ + name="include-all" + key="include-all" + gi="include-all"> include-all @@ -502,8 +502,8 @@ + key="component-definition" + gi="component-definition"> component-definition @@ -522,8 +522,8 @@ + name="import-component-definition" + gi="import-component-definition"> @@ -626,8 +626,8 @@ + key="system-security-plan" + gi="system-security-plan"> system-security-plan @@ -658,8 +658,8 @@ + key="system-characteristics" + gi="system-characteristics"> system-characteristics @@ -685,8 +685,8 @@ + key="system-information" + gi="system-information"> system-information @@ -699,8 +699,8 @@ + key="confidentiality-impact" + gi="confidentiality-impact"> confidentiality-impact @@ -743,8 +743,8 @@ + key="security-impact-level" + gi="security-impact-level"> security-impact-level @@ -757,8 +757,8 @@ + key="authorization-boundary" + gi="authorization-boundary"> authorization-boundary @@ -785,8 +785,8 @@ + key="network-architecture" + gi="network-architecture"> network-architecture @@ -815,8 +815,8 @@ + key="system-implementation" + gi="system-implementation"> system-implementation @@ -888,8 +888,8 @@ + key="implementation-status" + gi="implementation-status"> implementation-status @@ -961,8 +961,8 @@ + key="reviewed-controls" + gi="reviewed-controls"> reviewed-controls @@ -978,8 +978,8 @@ + name="select-objective-by-id" + gi="include-objective"> @@ -987,8 +987,8 @@ + name="select-objective-by-id" + gi="exclude-objective"> @@ -996,8 +996,8 @@ + key="related-controls" + gi="related-controls"> related-controls @@ -1049,8 +1049,8 @@ + key="assessment-assets" + gi="assessment-assets"> assessment-assets @@ -1095,8 +1095,8 @@ + key="assessment-results" + gi="assessment-results"> assessment-results @@ -1276,8 +1276,8 @@ + key="plan-of-action-and-milestones" + gi="plan-of-action-and-milestones"> plan-of-action-and-milestones @@ -1300,8 +1300,8 @@ + key="local-definitions" + gi="local-definitions"> local-definitions @@ -1331,12 +1331,12 @@ + collapsible="no" + as-type="markup-multiline" + name="remarks" + key="remarks" + gi="remarks" + in-json="SCALAR"> remarks @@ -1344,8 +1344,8 @@ + mode="get-value-property" + priority="8"> @@ -1354,16 +1354,16 @@ + as-type="uuid" + name="location-uuid" + gi="location-uuid" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> @@ -1372,16 +1372,16 @@ + as-type="uuid" + name="party-uuid" + gi="party-uuid" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> @@ -1390,16 +1390,16 @@ + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> @@ -1422,9 +1422,9 @@ + as-type="string" + name="system-id" + gi="system-id"> system-id @@ -1434,7 +1434,7 @@ + mode="get-value-property"> @@ -1443,16 +1443,16 @@ + as-type="token" + name="role-id" + gi="role-id" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> @@ -1461,16 +1461,16 @@ + as-type="string" + name="function-performed" + gi="function-performed" + in-json="SCALAR"> + mode="get-value-property" + priority="9"> @@ -1479,11 +1479,11 @@ + as-type="token" + name="risk-status" + key="status" + gi="status" + in-json="SCALAR"> status @@ -1491,8 +1491,8 @@ + mode="get-value-property" + priority="7"> @@ -1516,11 +1516,11 @@ + as-type="token" + name="risk-status" + key="status-change" + gi="status-change" + in-json="SCALAR"> status-change @@ -1528,2343 +1528,2343 @@ + mode="get-value-property" + priority="10"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="3"> + as-type="token" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="8"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="value" + key="value" + gi="value"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="group" + key="group" + gi="group"> + mode="keep-value-property" + priority="8"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="rel" + key="rel" + gi="rel"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="string" + name="resource-fragment" + key="resource-fragment" + gi="resource-fragment"> + mode="keep-value-property" + priority="8"> + priority="6"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + mode="keep-value-property" + priority="6"> + priority="6"> + mode="keep-value-property" + priority="6"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + as-type="token" + name="location-type" + key="type" + gi="type"> + mode="keep-value-property" + priority="7"> + priority="8"> + as-type="string" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="8"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="6"> + as-type="string" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uri" + name="system" + key="system" + gi="system"> + mode="keep-value-property" + priority="6"> + mode="keep-value-property" + priority="5"> + priority="1"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="5"> + priority="1"> + as-type="token" + name="depends-on" + key="depends-on" + deprecated="1.0.1" + gi="depends-on"> + mode="keep-value-property" + priority="5"> + as-type="token" + name="how-many" + key="how-many" + gi="how-many"> + mode="keep-value-property" + priority="7"> + mode="keep-value-property" + priority="5"> + priority="1"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="5"> + mode="keep-value-property" + priority="7"> + as-type="token" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="7"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + mode="keep-value-property" + priority="7"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="7"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="7"> + priority="1"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="7"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + priority="9"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + mode="keep-value-property" + priority="9"> + priority="1"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="string" + name="id-ref" + key="id-ref" + gi="id-ref"> + mode="keep-value-property" + priority="10"> + mode="keep-value-property" + priority="5"> + priority="1"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="5"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="8"> + priority="3"> + as-type="string" + name="algorithm" + key="algorithm" + gi="algorithm"> + mode="keep-value-property" + priority="10"> + priority="7"> + as-type="token" + name="filename" + key="filename" + gi="filename"> + mode="keep-value-property" + priority="7"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="7"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="3"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="5"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="3"> + priority="1"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="5"> + as-type="token" + name="with-child-controls" + key="with-child-controls" + gi="with-child-controls"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="pattern" + key="pattern" + gi="pattern"> + mode="keep-value-property" + priority="10"> + priority="5"> + as-type="string" + name="method" + key="method" + gi="method"> + mode="keep-value-property" + priority="5"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="token" + name="order" + key="order" + gi="order"> + mode="keep-value-property" + priority="11"> + priority="6"> + as-type="token" + name="param-id" + key="param-id" + gi="param-id"> + mode="keep-value-property" + priority="6"> + priority="6"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="6"> + priority="6"> + as-type="token" + name="depends-on" + key="depends-on" + deprecated="1.0.1" + gi="depends-on"> + mode="keep-value-property" + priority="6"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="token" + name="by-name" + key="by-name" + gi="by-name"> + mode="keep-value-property" + priority="8"> + priority="8"> + as-type="token" + name="by-class" + key="by-class" + gi="by-class"> + mode="keep-value-property" + priority="8"> + priority="8"> + as-type="token" + name="by-id" + key="by-id" + gi="by-id"> + mode="keep-value-property" + priority="8"> + priority="8"> + as-type="token" + name="by-item-name" + key="by-item-name" + gi="by-item-name"> + mode="keep-value-property" + priority="8"> + priority="8"> + as-type="token" + name="by-ns" + key="by-ns" + gi="by-ns"> + mode="keep-value-property" + priority="8"> + priority="8"> + as-type="token" + name="position" + key="position" + default="ending" + gi="position"> + mode="keep-value-property" + priority="8"> + priority="8"> + as-type="token" + name="by-id" + key="by-id" + gi="by-id"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="3"> + priority="1"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="5"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="5"> + as-type="string" + name="defined-component-type" + key="type" + gi="type"> + mode="keep-value-property" + priority="5"> + priority="1"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + mode="keep-value-property" + priority="7"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="7"> + priority="1"> + as-type="string" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="7"> + priority="1"> + as-type="nonNegativeInteger" + name="start" + key="start" + gi="start"> + mode="keep-value-property" + priority="9"> + priority="1"> + as-type="nonNegativeInteger" + name="end" + key="end" + gi="end"> + mode="keep-value-property" + priority="9"> + priority="1"> + as-type="token" + name="transport" + key="transport" + gi="transport"> + mode="keep-value-property" + priority="9"> + priority="7"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="7"> + priority="7"> + as-type="uri-reference" + name="source" + key="source" + gi="source"> + mode="keep-value-property" + priority="7"> + as-type="token" + name="param-id" + key="param-id" + gi="param-id"> + mode="keep-value-property" + priority="9"> + priority="9"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="9"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + mode="keep-value-property" + priority="9"> + as-type="token" + name="statement-id" + key="statement-id" + gi="statement-id"> + mode="keep-value-property" + priority="11"> + priority="11"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="11"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="5"> + priority="1"> + as-type="string" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="5"> + priority="1"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + mode="keep-value-property" + priority="7"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="3"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="4"> + priority="1"> + as-type="uri" + name="identifier-type" + key="identifier-type" + gi="identifier-type"> + mode="keep-value-property" + priority="6"> + priority="7"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="7"> + priority="9"> + as-type="uri" + name="system" + key="system" + gi="system"> + mode="keep-value-property" + priority="9"> + priority="5"> + as-type="string" + name="state" + key="state" + gi="state"> + mode="keep-value-property" + priority="5"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="7"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + as-type="string" + name="system-component-type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + priority="7"> + as-type="token" + name="state" + key="state" + gi="state"> + mode="keep-value-property" + priority="7"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + mode="keep-value-property" + priority="8"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + mode="keep-value-property" + priority="6"> + as-type="token" + name="statement-id" + key="statement-id" + gi="statement-id"> + mode="keep-value-property" + priority="8"> + priority="8"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="token" + name="state" + key="state" + gi="state"> + mode="keep-value-property" + priority="11"> + priority="13"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="13"> + priority="13"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="13"> + as-type="uuid" + name="provided-uuid" + key="provided-uuid" + gi="provided-uuid"> + mode="keep-value-property" + priority="13"> + priority="12"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="12"> + as-type="uuid" + name="provided-uuid" + key="provided-uuid" + gi="provided-uuid"> + mode="keep-value-property" + priority="12"> + priority="12"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="12"> + as-type="uuid" + name="responsibility-uuid" + key="responsibility-uuid" + gi="responsibility-uuid"> + mode="keep-value-property" + priority="12"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="3"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="4"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + mode="keep-value-property" + priority="14"> + as-type="token" + name="objective-id" + key="objective-id" + gi="objective-id"> + mode="keep-value-property" + priority="14"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + as-type="token" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="6"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + mode="keep-value-property" + priority="6"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="5"> + as-type="uuid" + name="subject-uuid" + key="subject-uuid" + gi="subject-uuid"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="subject-type" + key="type" + gi="type"> + mode="keep-value-property" + priority="8"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="5"> + priority="1"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="5"> + priority="8"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + mode="keep-value-property" + priority="8"> + priority="8"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start"> + mode="keep-value-property" + priority="8"> + priority="8"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end"> + mode="keep-value-property" + priority="8"> + priority="8"> + as-type="positiveInteger" + name="period" + key="period" + gi="period"> + mode="keep-value-property" + priority="8"> + priority="8"> + as-type="string" + name="unit" + key="unit" + gi="unit"> + mode="keep-value-property" + priority="8"> + priority="7"> + as-type="uuid" + name="task-uuid" + key="task-uuid" + gi="task-uuid"> + mode="keep-value-property" + priority="7"> + priority="7"> + as-type="uuid" + name="activity-uuid" + key="activity-uuid" + gi="activity-uuid"> + mode="keep-value-property" + priority="7"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="3"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="4"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="5"> + priority="8"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="uuid" + name="party-uuid" + key="party-uuid" + gi="party-uuid"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="uuid" + name="task-uuid" + key="task-uuid" + gi="task-uuid"> + mode="keep-value-property" + priority="10"> + priority="11"> + as-type="uuid" + name="subject-placeholder-uuid" + key="subject-placeholder-uuid" + gi="subject-placeholder-uuid"> + mode="keep-value-property" + priority="11"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="7"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="11"> + priority="1"> + as-type="uuid" + name="actor-uuid" + key="actor-uuid" + gi="actor-uuid"> + mode="keep-value-property" + priority="11"> + priority="1"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + mode="keep-value-property" + priority="11"> + as-type="uuid" + name="subject-uuid" + key="subject-uuid" + gi="subject-uuid"> + mode="keep-value-property" + priority="9"> + as-type="token" + name="subject-type" + key="type" + gi="type"> + mode="keep-value-property" + priority="9"> + priority="9"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="9"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="7"> + priority="1"> + as-type="uri" + name="system" + key="system" + gi="system"> + mode="keep-value-property" + priority="9"> + priority="1"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="9"> + priority="11"> + as-type="token" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="11"> + priority="11"> + as-type="uri" + name="system" + key="system" + gi="system"> + mode="keep-value-property" + priority="11"> + priority="11"> + as-type="string" + name="value" + key="value" + gi="value"> + mode="keep-value-property" + priority="11"> + priority="9"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="9"> + priority="9"> + as-type="uuid" + name="implementation-uuid" + key="implementation-uuid" + gi="implementation-uuid"> + mode="keep-value-property" + priority="9"> + priority="9"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="9"> + priority="9"> + as-type="token" + name="lifecycle" + key="lifecycle" + gi="lifecycle"> + mode="keep-value-property" + priority="9"> + priority="11"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="11"> + priority="10"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="10"> + priority="12"> + as-type="uuid" + name="response-uuid" + key="response-uuid" + gi="response-uuid"> + mode="keep-value-property" + priority="12"> + priority="9"> + as-type="uuid" + name="observation-uuid" + key="observation-uuid" + gi="observation-uuid"> + mode="keep-value-property" + priority="9"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="7"> + priority="1"> + as-type="string" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="token" + name="target-id" + key="target-id" + gi="target-id"> + mode="keep-value-property" + priority="8"> + priority="9"> + as-type="token" + name="state" + key="state" + gi="state"> + mode="keep-value-property" + priority="9"> + priority="9"> + as-type="token" + name="reason" + key="reason" + gi="reason"> + mode="keep-value-property" + priority="9"> + priority="9"> + as-type="uuid" + name="observation-uuid" + key="observation-uuid" + gi="observation-uuid"> + mode="keep-value-property" + priority="9"> + priority="9"> + as-type="uuid" + name="risk-uuid" + key="risk-uuid" + gi="risk-uuid"> + mode="keep-value-property" + priority="9"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="3"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="5"> + priority="7"> + as-type="uuid" + name="finding-uuid" + key="finding-uuid" + gi="finding-uuid"> + mode="keep-value-property" + priority="7"> + priority="7"> + as-type="uuid" + name="observation-uuid" + key="observation-uuid" + gi="observation-uuid"> + mode="keep-value-property" + priority="7"> + priority="7"> + as-type="uuid" + name="risk-uuid" + key="risk-uuid" + gi="risk-uuid"> + mode="keep-value-property" + priority="7"> + priority="4"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3872,22 +3872,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -3895,22 +3895,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -3918,22 +3918,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -3941,22 +3941,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -3964,14 +3964,14 @@ + mode="get-value-property" + priority="4"> + priority="5"> @@ -3986,14 +3986,14 @@ + priority="4"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -4001,15 +4001,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4017,22 +4017,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -4040,22 +4040,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -4063,22 +4063,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -4086,22 +4086,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -4109,22 +4109,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4132,41 +4132,41 @@ + mode="get-value-property" + priority="8"> + priority="5"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4174,14 +4174,14 @@ + mode="get-value-property" + priority="6"> + priority="5"> @@ -4195,15 +4195,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4211,22 +4211,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -4234,23 +4234,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4258,22 +4258,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4281,14 +4281,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -4304,15 +4304,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4320,14 +4320,14 @@ + mode="get-value-property" + priority="6"> + priority="6"> @@ -4343,34 +4343,34 @@ + priority="8"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="7"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -4378,22 +4378,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -4401,22 +4401,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -4424,22 +4424,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -4447,80 +4447,80 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="7"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4528,14 +4528,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -4555,15 +4555,15 @@ + priority="6"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -4571,22 +4571,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -4594,41 +4594,41 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="external-id" + gi="external-id"> + mode="get-value-property"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4636,52 +4636,52 @@ + mode="get-value-property" + priority="8"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="8"> @@ -4694,34 +4694,34 @@ + priority="10"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="9"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -4729,22 +4729,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -4752,22 +4752,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -4775,22 +4775,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -4798,41 +4798,41 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4840,22 +4840,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4863,22 +4863,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4886,22 +4886,22 @@ + mode="get-value-property" + priority="10"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4909,22 +4909,22 @@ + mode="get-value-property" + priority="7"> + priority="5"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -4932,23 +4932,23 @@ + mode="get-value-property" + priority="5"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage @@ -4956,23 +4956,23 @@ + mode="get-value-property" + priority="5"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4980,14 +4980,14 @@ + mode="get-value-property" + priority="7"> + priority="8"> @@ -4996,15 +4996,15 @@ + priority="9"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -5012,65 +5012,65 @@ + mode="get-value-property" + priority="9"> + match="j:map[@key='catalog']/j:array[@key='params']/j:map/j:array[@key='guidelines']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + in-json="string"> + priority="8"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="5"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5078,22 +5078,22 @@ + mode="get-value-property" + priority="5"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5101,22 +5101,22 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -5124,23 +5124,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage @@ -5148,23 +5148,23 @@ + mode="get-value-property" + priority="7"> + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -5172,14 +5172,14 @@ + mode="get-value-property" + priority="9"> + priority="10"> @@ -5188,15 +5188,15 @@ + priority="11"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -5204,65 +5204,65 @@ + mode="get-value-property" + priority="11"> + match="j:map[@key='catalog']//j:array[@key='controls']/j:map/j:array[@key='params']/j:map/j:array[@key='guidelines']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + in-json="string"> + priority="10"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5270,22 +5270,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5293,46 +5293,46 @@ + mode="get-value-property" + priority="7"> + match="j:map[@key='catalog']//j:array[@key='controls']/j:map//j:array[@key='parts']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/part/prose" + _metaschema-json-id="/assembly/oscal-control-common/part/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE" + in-json="string"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5340,14 +5340,14 @@ + mode="get-value-property" + priority="9"> + priority="5"> @@ -5360,15 +5360,15 @@ + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5376,22 +5376,22 @@ + mode="get-value-property" + priority="9"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5399,21 +5399,21 @@ + mode="get-value-property" + priority="10"> + priority="8"> + as-type="token" + name="relationship" + key="relationship" + gi="relationship"> relationship @@ -5423,21 +5423,21 @@ + mode="get-value-property"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5445,22 +5445,22 @@ + mode="get-value-property" + priority="12"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5468,22 +5468,22 @@ + mode="get-value-property" + priority="12"> + priority="5"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5491,22 +5491,22 @@ + mode="get-value-property" + priority="5"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5514,22 +5514,22 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -5537,23 +5537,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage @@ -5561,23 +5561,23 @@ + mode="get-value-property" + priority="7"> + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -5585,14 +5585,14 @@ + mode="get-value-property" + priority="9"> + priority="10"> @@ -5601,15 +5601,15 @@ + priority="11"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -5617,65 +5617,65 @@ + mode="get-value-property" + priority="11"> + match="j:map[@key='catalog']//j:array[@key='groups']/j:map/j:array[@key='params']/j:map/j:array[@key='guidelines']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + in-json="string"> + priority="10"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5683,22 +5683,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5706,46 +5706,46 @@ + mode="get-value-property" + priority="7"> + match="j:map[@key='catalog']//j:array[@key='groups']/j:map//j:array[@key='parts']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/part/prose" + _metaschema-json-id="/assembly/oscal-control-common/part/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE" + in-json="string"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5753,22 +5753,22 @@ + mode="get-value-property" + priority="9"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5776,22 +5776,22 @@ + mode="get-value-property" + priority="8"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5799,22 +5799,22 @@ + mode="get-value-property" + priority="12"> + priority="10"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -5822,23 +5822,23 @@ + mode="get-value-property" + priority="10"> + priority="10"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage @@ -5846,23 +5846,23 @@ + mode="get-value-property" + priority="10"> + priority="12"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -5870,14 +5870,14 @@ + mode="get-value-property" + priority="12"> + priority="13"> @@ -5886,15 +5886,15 @@ + priority="14"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -5902,65 +5902,65 @@ + mode="get-value-property" + priority="14"> + match="j:map[@key='catalog']//j:array[@key='groups']/j:map//j:array[@key='controls']/j:map/j:array[@key='params']/j:map/j:array[@key='guidelines']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + in-json="string"> + priority="13"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + mode="get-value-property" + priority="13"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5968,22 +5968,22 @@ + mode="get-value-property" + priority="10"> + priority="10"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5991,46 +5991,46 @@ + mode="get-value-property" + priority="10"> + match="j:map[@key='catalog']//j:array[@key='groups']/j:map//j:array[@key='controls']/j:map//j:array[@key='parts']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/part/prose" + _metaschema-json-id="/assembly/oscal-control-common/part/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE" + in-json="string"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6038,14 +6038,14 @@ + mode="get-value-property" + priority="12"> + priority="8"> @@ -6058,15 +6058,15 @@ + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6074,22 +6074,22 @@ + mode="get-value-property" + priority="12"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6097,21 +6097,21 @@ + mode="get-value-property" + priority="13"> + priority="11"> + as-type="token" + name="relationship" + key="relationship" + gi="relationship"> relationship @@ -6121,21 +6121,21 @@ + mode="get-value-property"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6143,22 +6143,22 @@ + mode="get-value-property" + priority="15"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6166,14 +6166,14 @@ + mode="get-value-property" + priority="15"> + priority="5"> @@ -6189,15 +6189,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6205,23 +6205,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -6229,33 +6229,33 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> @@ -6268,15 +6268,15 @@ + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6284,22 +6284,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6307,14 +6307,14 @@ + mode="get-value-property" + priority="9"> + priority="7"> @@ -6324,14 +6324,14 @@ + priority="6"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -6342,21 +6342,21 @@ + mode="get-value-property"> + priority="4"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6364,22 +6364,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -6387,22 +6387,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -6410,22 +6410,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -6433,22 +6433,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -6456,14 +6456,14 @@ + mode="get-value-property" + priority="4"> + priority="5"> @@ -6478,14 +6478,14 @@ + priority="4"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -6493,15 +6493,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6509,22 +6509,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -6532,22 +6532,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -6555,22 +6555,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -6578,22 +6578,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -6601,22 +6601,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6624,41 +6624,41 @@ + mode="get-value-property" + priority="8"> + priority="5"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6666,14 +6666,14 @@ + mode="get-value-property" + priority="6"> + priority="5"> @@ -6687,15 +6687,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6703,22 +6703,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -6726,23 +6726,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -6750,22 +6750,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6773,14 +6773,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -6796,15 +6796,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6812,14 +6812,14 @@ + mode="get-value-property" + priority="6"> + priority="6"> @@ -6835,34 +6835,34 @@ + priority="8"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="7"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -6870,22 +6870,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -6893,22 +6893,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -6916,22 +6916,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -6939,80 +6939,80 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="7"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7020,14 +7020,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -7047,15 +7047,15 @@ + priority="6"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -7063,22 +7063,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -7086,41 +7086,41 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="external-id" + gi="external-id"> + mode="get-value-property"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7128,52 +7128,52 @@ + mode="get-value-property" + priority="8"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="8"> @@ -7186,34 +7186,34 @@ + priority="10"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="9"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -7221,22 +7221,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -7244,22 +7244,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -7267,22 +7267,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -7290,41 +7290,41 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7332,22 +7332,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7355,22 +7355,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7378,22 +7378,22 @@ + mode="get-value-property" + priority="10"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7401,22 +7401,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7424,22 +7424,22 @@ + mode="get-value-property" + priority="8"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7447,21 +7447,21 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="token" + name="relationship" + key="relationship" + gi="relationship"> relationship @@ -7471,21 +7471,21 @@ + mode="get-value-property"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7493,22 +7493,22 @@ + mode="get-value-property" + priority="11"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7516,14 +7516,14 @@ + mode="get-value-property" + priority="11"> + priority="5"> @@ -7539,15 +7539,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -7555,23 +7555,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -7579,33 +7579,33 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> @@ -7618,15 +7618,15 @@ + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7634,22 +7634,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7657,14 +7657,14 @@ + mode="get-value-property" + priority="9"> + priority="7"> @@ -7674,14 +7674,14 @@ + priority="6"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -7692,21 +7692,21 @@ + mode="get-value-property"> + priority="4"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -7714,22 +7714,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -7737,22 +7737,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -7760,22 +7760,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -7783,22 +7783,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -7806,14 +7806,14 @@ + mode="get-value-property" + priority="4"> + priority="5"> @@ -7828,14 +7828,14 @@ + priority="4"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -7843,15 +7843,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -7859,22 +7859,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -7882,22 +7882,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -7905,22 +7905,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -7928,22 +7928,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -7951,22 +7951,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -7974,41 +7974,41 @@ + mode="get-value-property" + priority="8"> + priority="5"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8016,14 +8016,14 @@ + mode="get-value-property" + priority="6"> + priority="5"> @@ -8037,15 +8037,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -8053,22 +8053,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -8076,23 +8076,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -8100,22 +8100,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8123,14 +8123,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -8146,15 +8146,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -8162,14 +8162,14 @@ + mode="get-value-property" + priority="6"> + priority="6"> @@ -8185,34 +8185,34 @@ + priority="8"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="7"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -8220,22 +8220,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -8243,22 +8243,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -8266,22 +8266,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -8289,80 +8289,80 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="7"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8370,14 +8370,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -8397,15 +8397,15 @@ + priority="6"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -8413,22 +8413,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -8436,41 +8436,41 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="external-id" + gi="external-id"> + mode="get-value-property"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8478,52 +8478,52 @@ + mode="get-value-property" + priority="8"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="8"> @@ -8536,34 +8536,34 @@ + priority="10"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="9"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -8571,22 +8571,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -8594,22 +8594,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -8617,22 +8617,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -8640,41 +8640,41 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8682,22 +8682,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8705,22 +8705,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8728,14 +8728,14 @@ + mode="get-value-property" + priority="10"> + priority="7"> @@ -8745,26 +8745,26 @@ + priority="9"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + mode="get-value-property" + priority="9"> + priority="9"> @@ -8772,7 +8772,7 @@ + priority="6"> @@ -8782,26 +8782,26 @@ + priority="8"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="8"> @@ -8809,7 +8809,7 @@ + priority="4"> @@ -8820,7 +8820,7 @@ + priority="5"> @@ -8830,15 +8830,15 @@ + priority="5"> + as-type="boolean" + name="as-is" + key="as-is" + gi="as-is" + in-json="SCALAR"> as-is @@ -8846,14 +8846,14 @@ + mode="get-value-property" + priority="5"> + priority="5"> @@ -8865,15 +8865,15 @@ + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -8881,22 +8881,22 @@ + mode="get-value-property" + priority="8"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -8904,22 +8904,22 @@ + mode="get-value-property" + priority="12"> + priority="10"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -8927,23 +8927,23 @@ + mode="get-value-property" + priority="10"> + priority="10"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage @@ -8951,23 +8951,23 @@ + mode="get-value-property" + priority="10"> + priority="12"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -8975,14 +8975,14 @@ + mode="get-value-property" + priority="12"> + priority="13"> @@ -8991,15 +8991,15 @@ + priority="14"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -9007,65 +9007,65 @@ + mode="get-value-property" + priority="14"> + match="j:map[@key='profile']/j:map[@key='merge']/j:map[@key='custom']//j:array[@key='groups']/j:map/j:array[@key='params']/j:map/j:array[@key='guidelines']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + in-json="string"> + priority="13"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + mode="get-value-property" + priority="13"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -9073,22 +9073,22 @@ + mode="get-value-property" + priority="10"> + priority="10"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -9096,46 +9096,46 @@ + mode="get-value-property" + priority="10"> + match="j:map[@key='profile']/j:map[@key='merge']/j:map[@key='custom']//j:array[@key='groups']/j:map//j:array[@key='parts']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/part/prose" + _metaschema-json-id="/assembly/oscal-control-common/part/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE" + in-json="string"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -9143,14 +9143,14 @@ + mode="get-value-property" + priority="12"> + priority="13"> @@ -9160,26 +9160,26 @@ + priority="15"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + mode="get-value-property" + priority="15"> + priority="15"> @@ -9187,7 +9187,7 @@ + priority="12"> @@ -9197,26 +9197,26 @@ + priority="14"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + mode="get-value-property" + priority="14"> + priority="14"> @@ -9224,7 +9224,7 @@ + priority="10"> @@ -9234,26 +9234,26 @@ + priority="12"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + mode="get-value-property" + priority="12"> + priority="12"> @@ -9261,7 +9261,7 @@ + priority="9"> @@ -9271,26 +9271,26 @@ + priority="11"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + mode="get-value-property" + priority="11"> + priority="11"> @@ -9298,7 +9298,7 @@ + priority="5"> @@ -9316,15 +9316,15 @@ + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -9332,22 +9332,22 @@ + mode="get-value-property" + priority="8"> + priority="6"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -9355,23 +9355,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage @@ -9379,23 +9379,23 @@ + mode="get-value-property" + priority="6"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -9403,14 +9403,14 @@ + mode="get-value-property" + priority="8"> + priority="9"> @@ -9419,15 +9419,15 @@ + priority="10"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -9435,57 +9435,57 @@ + mode="get-value-property" + priority="10"> + match="j:map[@key='profile']/j:map[@key='modify']/j:array[@key='set-parameters']/j:map/j:array[@key='guidelines']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + in-json="string"> + priority="9"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + mode="get-value-property" + priority="9"> + priority="5"> @@ -9495,7 +9495,7 @@ + priority="7"> @@ -9507,7 +9507,7 @@ + priority="7"> @@ -9521,15 +9521,15 @@ + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -9537,22 +9537,22 @@ + mode="get-value-property" + priority="8"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -9560,22 +9560,22 @@ + mode="get-value-property" + priority="12"> + priority="10"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -9583,23 +9583,23 @@ + mode="get-value-property" + priority="10"> + priority="10"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage @@ -9607,23 +9607,23 @@ + mode="get-value-property" + priority="10"> + priority="12"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -9631,14 +9631,14 @@ + mode="get-value-property" + priority="12"> + priority="13"> @@ -9647,15 +9647,15 @@ + priority="14"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -9663,65 +9663,65 @@ + mode="get-value-property" + priority="14"> + match="j:map[@key='profile']/j:map[@key='modify']/j:array[@key='alters']/j:map/j:array[@key='adds']/j:map/j:array[@key='params']/j:map/j:array[@key='guidelines']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + in-json="string"> + priority="13"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + mode="get-value-property" + priority="13"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -9729,22 +9729,22 @@ + mode="get-value-property" + priority="10"> + priority="10"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -9752,46 +9752,46 @@ + mode="get-value-property" + priority="10"> + match="j:map[@key='profile']/j:map[@key='modify']/j:array[@key='alters']/j:map/j:array[@key='adds']/j:map//j:array[@key='parts']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/part/prose" + _metaschema-json-id="/assembly/oscal-control-common/part/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE" + in-json="string"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -9799,14 +9799,14 @@ + mode="get-value-property" + priority="12"> + priority="5"> @@ -9822,15 +9822,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -9838,23 +9838,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -9862,33 +9862,33 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> @@ -9901,15 +9901,15 @@ + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -9917,22 +9917,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -9940,14 +9940,14 @@ + mode="get-value-property" + priority="9"> + priority="7"> @@ -9957,14 +9957,14 @@ + priority="6"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -9975,21 +9975,21 @@ + mode="get-value-property"> + priority="4"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -9997,22 +9997,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -10020,22 +10020,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -10043,22 +10043,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -10066,22 +10066,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -10089,14 +10089,14 @@ + mode="get-value-property" + priority="4"> + priority="5"> @@ -10111,14 +10111,14 @@ + priority="4"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -10126,15 +10126,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -10142,22 +10142,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -10165,22 +10165,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -10188,22 +10188,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -10211,22 +10211,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -10234,22 +10234,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -10257,41 +10257,41 @@ + mode="get-value-property" + priority="8"> + priority="5"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -10299,14 +10299,14 @@ + mode="get-value-property" + priority="6"> + priority="5"> @@ -10320,15 +10320,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -10336,22 +10336,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -10359,23 +10359,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -10383,22 +10383,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -10406,14 +10406,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -10429,15 +10429,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -10445,14 +10445,14 @@ + mode="get-value-property" + priority="6"> + priority="6"> @@ -10468,34 +10468,34 @@ + priority="8"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="7"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -10503,22 +10503,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -10526,22 +10526,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -10549,22 +10549,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -10572,80 +10572,80 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="7"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -10653,14 +10653,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -10680,15 +10680,15 @@ + priority="6"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -10696,22 +10696,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -10719,41 +10719,41 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="external-id" + gi="external-id"> + mode="get-value-property"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -10761,52 +10761,52 @@ + mode="get-value-property" + priority="8"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="8"> @@ -10819,34 +10819,34 @@ + priority="10"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="9"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -10854,22 +10854,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -10877,22 +10877,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -10900,22 +10900,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -10923,41 +10923,41 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -10965,22 +10965,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -10988,22 +10988,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11011,22 +11011,22 @@ + mode="get-value-property" + priority="10"> + priority="5"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -11034,23 +11034,23 @@ + mode="get-value-property" + priority="5"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -11058,22 +11058,22 @@ + mode="get-value-property" + priority="5"> + priority="5"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -11081,22 +11081,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11104,22 +11104,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11127,22 +11127,22 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -11150,14 +11150,14 @@ + mode="get-value-property" + priority="7"> + priority="6"> @@ -11171,16 +11171,16 @@ + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -11188,22 +11188,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11211,33 +11211,33 @@ + mode="get-value-property" + priority="9"> + priority="10"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="8"> @@ -11253,16 +11253,16 @@ + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -11270,22 +11270,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11293,41 +11293,41 @@ + mode="get-value-property" + priority="11"> + priority="12"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + mode="get-value-property" + priority="12"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11335,14 +11335,14 @@ + mode="get-value-property" + priority="13"> + priority="10"> @@ -11356,16 +11356,16 @@ + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -11373,22 +11373,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11396,22 +11396,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11419,23 +11419,23 @@ + mode="get-value-property" + priority="15"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -11443,22 +11443,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11466,23 +11466,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -11490,14 +11490,14 @@ + mode="get-value-property" + priority="7"> + priority="6"> @@ -11511,16 +11511,16 @@ + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -11528,22 +11528,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11551,33 +11551,33 @@ + mode="get-value-property" + priority="9"> + priority="10"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="8"> @@ -11593,16 +11593,16 @@ + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -11610,22 +11610,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11633,41 +11633,41 @@ + mode="get-value-property" + priority="11"> + priority="12"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + mode="get-value-property" + priority="12"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11675,14 +11675,14 @@ + mode="get-value-property" + priority="13"> + priority="10"> @@ -11696,16 +11696,16 @@ + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -11713,22 +11713,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11736,22 +11736,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11759,14 +11759,14 @@ + mode="get-value-property" + priority="15"> + priority="5"> @@ -11782,15 +11782,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -11798,23 +11798,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -11822,33 +11822,33 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> @@ -11861,15 +11861,15 @@ + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11877,22 +11877,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -11900,14 +11900,14 @@ + mode="get-value-property" + priority="9"> + priority="7"> @@ -11917,14 +11917,14 @@ + priority="6"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -11935,21 +11935,21 @@ + mode="get-value-property"> + priority="4"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -11957,22 +11957,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -11980,22 +11980,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -12003,22 +12003,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -12026,22 +12026,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -12049,14 +12049,14 @@ + mode="get-value-property" + priority="4"> + priority="5"> @@ -12071,14 +12071,14 @@ + priority="4"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -12086,15 +12086,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -12102,22 +12102,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -12125,22 +12125,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -12148,22 +12148,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -12171,22 +12171,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -12194,22 +12194,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -12217,41 +12217,41 @@ + mode="get-value-property" + priority="8"> + priority="5"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -12259,14 +12259,14 @@ + mode="get-value-property" + priority="6"> + priority="5"> @@ -12280,15 +12280,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -12296,22 +12296,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -12319,23 +12319,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -12343,22 +12343,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -12366,14 +12366,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -12389,15 +12389,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -12405,14 +12405,14 @@ + mode="get-value-property" + priority="6"> + priority="6"> @@ -12428,34 +12428,34 @@ + priority="8"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="7"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -12463,22 +12463,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -12486,22 +12486,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -12509,22 +12509,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -12532,80 +12532,80 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="7"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -12613,14 +12613,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -12640,15 +12640,15 @@ + priority="6"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -12656,22 +12656,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -12679,41 +12679,41 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="external-id" + gi="external-id"> + mode="get-value-property"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -12721,52 +12721,52 @@ + mode="get-value-property" + priority="8"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="8"> @@ -12779,34 +12779,34 @@ + priority="10"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="9"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -12814,22 +12814,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -12837,22 +12837,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -12860,22 +12860,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -12883,41 +12883,41 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -12925,22 +12925,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -12948,22 +12948,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -12971,22 +12971,22 @@ + mode="get-value-property" + priority="10"> + priority="4"> + as-type="string" + name="system-name" + key="system-name" + gi="system-name" + in-json="SCALAR"> system-name @@ -12994,22 +12994,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="system-name-short" + key="system-name-short" + gi="system-name-short" + in-json="SCALAR"> system-name-short @@ -13017,23 +13017,23 @@ + mode="get-value-property" + priority="4"> + priority="4"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -13041,22 +13041,22 @@ + mode="get-value-property" + priority="4"> + priority="6"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13064,22 +13064,22 @@ + mode="get-value-property" + priority="6"> + priority="4"> + as-type="date" + name="date-authorized" + key="date-authorized" + gi="date-authorized" + in-json="SCALAR"> date-authorized @@ -13087,22 +13087,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="security-sensitivity-level" + key="security-sensitivity-level" + gi="security-sensitivity-level" + in-json="SCALAR"> security-sensitivity-level @@ -13110,22 +13110,22 @@ + mode="get-value-property" + priority="4"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13133,14 +13133,14 @@ + mode="get-value-property" + priority="7"> + priority="6"> @@ -13156,15 +13156,15 @@ + priority="7"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -13172,23 +13172,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -13196,14 +13196,14 @@ + mode="get-value-property" + priority="7"> + priority="8"> @@ -13212,34 +13212,34 @@ + priority="10"> + as-type="string" + name="information-type-id" + gi="information-type-id" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13247,22 +13247,22 @@ + mode="get-value-property" + priority="9"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13270,22 +13270,22 @@ + mode="get-value-property" + priority="10"> + priority="8"> + as-type="string" + name="base" + key="base" + gi="base" + in-json="SCALAR"> base @@ -13293,22 +13293,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="string" + name="selected" + key="selected" + gi="selected" + in-json="SCALAR"> selected @@ -13316,23 +13316,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="adjustment-justification" + key="adjustment-justification" + gi="adjustment-justification" + in-json="SCALAR"> adjustment-justification @@ -13340,22 +13340,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13363,22 +13363,22 @@ + mode="get-value-property" + priority="10"> + priority="8"> + as-type="string" + name="base" + key="base" + gi="base" + in-json="SCALAR"> base @@ -13386,22 +13386,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="string" + name="selected" + key="selected" + gi="selected" + in-json="SCALAR"> selected @@ -13409,23 +13409,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="adjustment-justification" + key="adjustment-justification" + gi="adjustment-justification" + in-json="SCALAR"> adjustment-justification @@ -13433,22 +13433,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13456,22 +13456,22 @@ + mode="get-value-property" + priority="10"> + priority="8"> + as-type="string" + name="base" + key="base" + gi="base" + in-json="SCALAR"> base @@ -13479,22 +13479,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="string" + name="selected" + key="selected" + gi="selected" + in-json="SCALAR"> selected @@ -13502,23 +13502,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="adjustment-justification" + key="adjustment-justification" + gi="adjustment-justification" + in-json="SCALAR"> adjustment-justification @@ -13526,22 +13526,22 @@ + mode="get-value-property" + priority="8"> + priority="5"> + as-type="string" + name="security-objective-confidentiality" + key="security-objective-confidentiality" + gi="security-objective-confidentiality" + in-json="SCALAR"> security-objective-confidentiality @@ -13549,22 +13549,22 @@ + mode="get-value-property" + priority="5"> + priority="5"> + as-type="string" + name="security-objective-integrity" + key="security-objective-integrity" + gi="security-objective-integrity" + in-json="SCALAR"> security-objective-integrity @@ -13572,22 +13572,22 @@ + mode="get-value-property" + priority="5"> + priority="5"> + as-type="string" + name="security-objective-availability" + key="security-objective-availability" + gi="security-objective-availability" + in-json="SCALAR"> security-objective-availability @@ -13595,14 +13595,14 @@ + mode="get-value-property" + priority="5"> + priority="4"> @@ -13614,16 +13614,16 @@ + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -13631,22 +13631,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13654,23 +13654,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -13678,22 +13678,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13701,22 +13701,22 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="markup-line" + name="caption" + key="caption" + gi="caption" + in-json="SCALAR"> caption @@ -13724,23 +13724,23 @@ + mode="get-value-property" + priority="7"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -13748,22 +13748,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13771,23 +13771,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -13795,22 +13795,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13818,22 +13818,22 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="markup-line" + name="caption" + key="caption" + gi="caption" + in-json="SCALAR"> caption @@ -13841,23 +13841,23 @@ + mode="get-value-property" + priority="7"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -13865,22 +13865,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13888,23 +13888,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -13912,22 +13912,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13935,22 +13935,22 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="markup-line" + name="caption" + key="caption" + gi="caption" + in-json="SCALAR"> caption @@ -13958,22 +13958,22 @@ + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -13981,22 +13981,22 @@ + mode="get-value-property" + priority="8"> + priority="6"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14004,14 +14004,14 @@ + mode="get-value-property" + priority="6"> + priority="5"> @@ -14025,15 +14025,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -14041,22 +14041,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14064,22 +14064,22 @@ + mode="get-value-property" + priority="8"> + priority="6"> + as-type="uuid" + name="party-uuid" + key="party-uuid" + gi="party-uuid" + in-json="SCALAR"> party-uuid @@ -14087,22 +14087,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="date" + name="date-authorized" + key="date-authorized" + gi="date-authorized" + in-json="SCALAR"> date-authorized @@ -14110,22 +14110,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -14133,22 +14133,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -14156,23 +14156,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -14180,22 +14180,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14203,22 +14203,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -14226,23 +14226,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -14250,22 +14250,22 @@ + mode="get-value-property" + priority="8"> + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -14273,23 +14273,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -14297,22 +14297,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -14320,22 +14320,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14343,14 +14343,14 @@ + mode="get-value-property" + priority="8"> + priority="6"> @@ -14362,15 +14362,15 @@ + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14378,22 +14378,22 @@ + mode="get-value-property" + priority="10"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -14401,23 +14401,23 @@ + mode="get-value-property" + priority="8"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -14425,22 +14425,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14448,22 +14448,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14471,14 +14471,14 @@ + mode="get-value-property" + priority="10"> + priority="7"> @@ -14490,15 +14490,15 @@ + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14506,22 +14506,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14529,19 +14529,19 @@ + mode="get-value-property" + priority="12"> + priority="3"> + key="control-implementation" + gi="control-implementation"> control-implementation @@ -14551,16 +14551,16 @@ + priority="4"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -14568,33 +14568,33 @@ + mode="get-value-property" + priority="4"> + priority="7"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="5"> @@ -14610,15 +14610,15 @@ + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14626,41 +14626,41 @@ + mode="get-value-property" + priority="8"> + priority="9"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + mode="get-value-property" + priority="9"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14668,14 +14668,14 @@ + mode="get-value-property" + priority="10"> + priority="7"> @@ -14689,15 +14689,15 @@ + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14705,22 +14705,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14728,23 +14728,23 @@ + mode="get-value-property" + priority="12"> + priority="10"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -14752,22 +14752,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14775,33 +14775,33 @@ + mode="get-value-property" + priority="12"> + priority="13"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + mode="get-value-property" + priority="13"> + priority="10"> @@ -14817,16 +14817,16 @@ + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -14834,22 +14834,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14857,14 +14857,14 @@ + mode="get-value-property" + priority="13"> + priority="12"> @@ -14877,16 +14877,16 @@ + priority="13"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -14894,22 +14894,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14917,22 +14917,22 @@ + mode="get-value-property" + priority="15"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -14940,14 +14940,14 @@ + mode="get-value-property" + priority="17"> + priority="12"> @@ -14961,16 +14961,16 @@ + priority="13"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -14978,22 +14978,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15001,22 +15001,22 @@ + mode="get-value-property" + priority="15"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15024,14 +15024,14 @@ + mode="get-value-property" + priority="17"> + priority="11"> @@ -15044,16 +15044,16 @@ + priority="12"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -15061,22 +15061,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15084,22 +15084,22 @@ + mode="get-value-property" + priority="14"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15107,14 +15107,14 @@ + mode="get-value-property" + priority="16"> + priority="11"> @@ -15128,16 +15128,16 @@ + priority="12"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -15145,22 +15145,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15168,22 +15168,22 @@ + mode="get-value-property" + priority="14"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15191,22 +15191,22 @@ + mode="get-value-property" + priority="16"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15214,23 +15214,23 @@ + mode="get-value-property" + priority="14"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -15238,22 +15238,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15261,33 +15261,33 @@ + mode="get-value-property" + priority="10"> + priority="11"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + mode="get-value-property" + priority="11"> + priority="8"> @@ -15303,16 +15303,16 @@ + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -15320,22 +15320,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15343,14 +15343,14 @@ + mode="get-value-property" + priority="11"> + priority="10"> @@ -15363,16 +15363,16 @@ + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -15380,22 +15380,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15403,22 +15403,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15426,14 +15426,14 @@ + mode="get-value-property" + priority="15"> + priority="10"> @@ -15447,16 +15447,16 @@ + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -15464,22 +15464,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15487,22 +15487,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15510,14 +15510,14 @@ + mode="get-value-property" + priority="15"> + priority="9"> @@ -15530,16 +15530,16 @@ + priority="10"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -15547,22 +15547,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15570,22 +15570,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15593,14 +15593,14 @@ + mode="get-value-property" + priority="14"> + priority="9"> @@ -15614,16 +15614,16 @@ + priority="10"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -15631,22 +15631,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15654,22 +15654,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15677,22 +15677,22 @@ + mode="get-value-property" + priority="14"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15700,14 +15700,14 @@ + mode="get-value-property" + priority="12"> + priority="5"> @@ -15723,15 +15723,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -15739,23 +15739,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -15763,33 +15763,33 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> @@ -15802,15 +15802,15 @@ + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15818,22 +15818,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -15841,14 +15841,14 @@ + mode="get-value-property" + priority="9"> + priority="7"> @@ -15858,14 +15858,14 @@ + priority="6"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -15876,21 +15876,21 @@ + mode="get-value-property"> + priority="4"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -15898,22 +15898,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -15921,22 +15921,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -15944,22 +15944,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -15967,22 +15967,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -15990,14 +15990,14 @@ + mode="get-value-property" + priority="4"> + priority="5"> @@ -16012,14 +16012,14 @@ + priority="4"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -16027,15 +16027,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -16043,22 +16043,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -16066,22 +16066,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -16089,22 +16089,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -16112,22 +16112,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -16135,22 +16135,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -16158,41 +16158,41 @@ + mode="get-value-property" + priority="8"> + priority="5"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -16200,14 +16200,14 @@ + mode="get-value-property" + priority="6"> + priority="5"> @@ -16221,15 +16221,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -16237,22 +16237,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -16260,23 +16260,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -16284,22 +16284,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -16307,14 +16307,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -16330,15 +16330,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -16346,14 +16346,14 @@ + mode="get-value-property" + priority="6"> + priority="6"> @@ -16369,34 +16369,34 @@ + priority="8"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="7"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -16404,22 +16404,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -16427,22 +16427,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -16450,22 +16450,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -16473,80 +16473,80 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="7"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -16554,14 +16554,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -16581,15 +16581,15 @@ + priority="6"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -16597,22 +16597,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -16620,41 +16620,41 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="external-id" + gi="external-id"> + mode="get-value-property"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -16662,52 +16662,52 @@ + mode="get-value-property" + priority="8"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="8"> @@ -16720,34 +16720,34 @@ + priority="10"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="9"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -16755,22 +16755,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -16778,22 +16778,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -16801,22 +16801,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -16824,41 +16824,41 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -16866,22 +16866,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -16889,22 +16889,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -16912,19 +16912,19 @@ + mode="get-value-property" + priority="10"> + priority="3"> + key="local-definitions" + gi="local-definitions"> local-definitions @@ -16937,15 +16937,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -16953,23 +16953,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -16977,22 +16977,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -17000,22 +17000,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17023,14 +17023,14 @@ + mode="get-value-property" + priority="8"> + priority="6"> @@ -17042,15 +17042,15 @@ + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17058,22 +17058,22 @@ + mode="get-value-property" + priority="10"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -17081,23 +17081,23 @@ + mode="get-value-property" + priority="8"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -17105,22 +17105,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17128,22 +17128,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17151,14 +17151,14 @@ + mode="get-value-property" + priority="10"> + priority="7"> @@ -17170,15 +17170,15 @@ + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17186,22 +17186,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17209,22 +17209,22 @@ + mode="get-value-property" + priority="12"> + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -17232,22 +17232,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -17255,23 +17255,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -17279,22 +17279,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17302,22 +17302,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -17325,23 +17325,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -17349,23 +17349,23 @@ + mode="get-value-property" + priority="8"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -17373,22 +17373,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17396,22 +17396,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -17419,46 +17419,46 @@ + mode="get-value-property" + priority="8"> + match="j:map[@key='assessment-plan']/j:map[@key='local-definitions']/j:array[@key='objectives-and-methods']/j:map//j:array[@key='parts']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/part/prose" + _metaschema-json-id="/assembly/oscal-control-common/part/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE" + in-json="string"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17466,22 +17466,22 @@ + mode="get-value-property" + priority="10"> + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -17489,23 +17489,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -17513,22 +17513,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17536,14 +17536,14 @@ + mode="get-value-property" + priority="8"> + priority="7"> @@ -17558,15 +17558,15 @@ + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -17574,23 +17574,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -17598,22 +17598,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17621,23 +17621,23 @@ + mode="get-value-property" + priority="10"> + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -17645,22 +17645,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17668,14 +17668,14 @@ + mode="get-value-property" + priority="11"> + priority="10"> @@ -17689,16 +17689,16 @@ + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -17706,22 +17706,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17729,14 +17729,14 @@ + mode="get-value-property" + priority="13"> + priority="13"> @@ -17745,26 +17745,26 @@ + priority="15"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="15"> + priority="12"> @@ -17773,26 +17773,26 @@ + priority="14"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="14"> + priority="10"> @@ -17806,16 +17806,16 @@ + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -17823,22 +17823,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17846,22 +17846,22 @@ + mode="get-value-property" + priority="13"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17869,23 +17869,23 @@ + mode="get-value-property" + priority="12"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -17893,22 +17893,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17916,14 +17916,14 @@ + mode="get-value-property" + priority="9"> + priority="8"> @@ -17937,16 +17937,16 @@ + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -17954,22 +17954,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -17977,14 +17977,14 @@ + mode="get-value-property" + priority="11"> + priority="11"> @@ -17993,26 +17993,26 @@ + priority="13"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="13"> + priority="10"> @@ -18021,26 +18021,26 @@ + priority="12"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="12"> + priority="8"> @@ -18054,16 +18054,16 @@ + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -18071,22 +18071,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18094,22 +18094,22 @@ + mode="get-value-property" + priority="11"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18117,19 +18117,19 @@ + mode="get-value-property" + priority="10"> + priority="3"> + key="terms-and-conditions" + gi="terms-and-conditions"> terms-and-conditions @@ -18137,15 +18137,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -18153,46 +18153,46 @@ + mode="get-value-property" + priority="6"> + match="j:map[@key='assessment-plan']/j:map[@key='terms-and-conditions']//j:array[@key='parts']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-assessment-common/assessment-part/prose" + _metaschema-json-id="/assembly/oscal-assessment-common/assessment-part/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-assessment-common/assessment-part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-assessment-common/assessment-part/prose/PROSE" + in-json="string"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18200,23 +18200,23 @@ + mode="get-value-property" + priority="8"> + priority="4"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -18224,22 +18224,22 @@ + mode="get-value-property" + priority="4"> + priority="6"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18247,14 +18247,14 @@ + mode="get-value-property" + priority="6"> + priority="5"> @@ -18268,16 +18268,16 @@ + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -18285,22 +18285,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18308,14 +18308,14 @@ + mode="get-value-property" + priority="8"> + priority="8"> @@ -18324,26 +18324,26 @@ + priority="10"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="7"> @@ -18352,26 +18352,26 @@ + priority="9"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="9"> + priority="5"> @@ -18385,16 +18385,16 @@ + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -18402,22 +18402,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18425,23 +18425,23 @@ + mode="get-value-property" + priority="8"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -18449,22 +18449,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18472,22 +18472,22 @@ + mode="get-value-property" + priority="7"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18495,22 +18495,22 @@ + mode="get-value-property" + priority="10"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18518,22 +18518,22 @@ + mode="get-value-property" + priority="9"> + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -18541,23 +18541,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -18565,22 +18565,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -18588,22 +18588,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18611,14 +18611,14 @@ + mode="get-value-property" + priority="8"> + priority="6"> @@ -18630,15 +18630,15 @@ + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18646,22 +18646,22 @@ + mode="get-value-property" + priority="10"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -18669,14 +18669,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -18689,15 +18689,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -18705,22 +18705,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18728,14 +18728,14 @@ + mode="get-value-property" + priority="8"> + priority="7"> @@ -18747,15 +18747,15 @@ + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18763,22 +18763,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18786,22 +18786,22 @@ + mode="get-value-property" + priority="12"> + priority="5"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -18809,23 +18809,23 @@ + mode="get-value-property" + priority="5"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -18833,22 +18833,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18856,14 +18856,14 @@ + mode="get-value-property" + priority="7"> + priority="5"> @@ -18876,7 +18876,7 @@ + priority="7"> @@ -18887,13 +18887,13 @@ + priority="7"> + name="within-date-range" + key="within-date-range" + gi="within-date-range"> within-date-range @@ -18902,13 +18902,13 @@ + priority="7"> + name="at-frequency" + key="at-frequency" + gi="at-frequency"> at-frequency @@ -18917,7 +18917,7 @@ + priority="6"> @@ -18926,7 +18926,7 @@ + priority="6"> @@ -18939,15 +18939,15 @@ + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18955,22 +18955,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -18978,23 +18978,23 @@ + mode="get-value-property" + priority="11"> + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -19002,22 +19002,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -19025,22 +19025,22 @@ + mode="get-value-property" + priority="11"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -19048,22 +19048,22 @@ + mode="get-value-property" + priority="14"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -19071,23 +19071,23 @@ + mode="get-value-property" + priority="13"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -19095,22 +19095,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -19118,22 +19118,22 @@ + mode="get-value-property" + priority="9"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -19141,22 +19141,22 @@ + mode="get-value-property" + priority="12"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -19164,22 +19164,22 @@ + mode="get-value-property" + priority="11"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -19187,14 +19187,14 @@ + mode="get-value-property" + priority="9"> + priority="5"> @@ -19210,15 +19210,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -19226,23 +19226,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -19250,33 +19250,33 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> @@ -19289,15 +19289,15 @@ + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -19305,22 +19305,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -19328,14 +19328,14 @@ + mode="get-value-property" + priority="9"> + priority="7"> @@ -19345,14 +19345,14 @@ + priority="6"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -19363,21 +19363,21 @@ + mode="get-value-property"> + priority="4"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -19385,22 +19385,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -19408,22 +19408,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -19431,22 +19431,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -19454,22 +19454,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -19477,14 +19477,14 @@ + mode="get-value-property" + priority="4"> + priority="5"> @@ -19499,14 +19499,14 @@ + priority="4"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -19514,15 +19514,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -19530,22 +19530,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -19553,22 +19553,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -19576,22 +19576,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -19599,22 +19599,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -19622,22 +19622,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -19645,41 +19645,41 @@ + mode="get-value-property" + priority="8"> + priority="5"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -19687,14 +19687,14 @@ + mode="get-value-property" + priority="6"> + priority="5"> @@ -19708,15 +19708,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -19724,22 +19724,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -19747,23 +19747,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -19771,22 +19771,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -19794,14 +19794,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -19817,15 +19817,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -19833,14 +19833,14 @@ + mode="get-value-property" + priority="6"> + priority="6"> @@ -19856,34 +19856,34 @@ + priority="8"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="7"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -19891,22 +19891,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -19914,22 +19914,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -19937,22 +19937,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -19960,80 +19960,80 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="7"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20041,14 +20041,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -20068,15 +20068,15 @@ + priority="6"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -20084,22 +20084,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -20107,41 +20107,41 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="external-id" + gi="external-id"> + mode="get-value-property"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20149,52 +20149,52 @@ + mode="get-value-property" + priority="8"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="8"> @@ -20207,34 +20207,34 @@ + priority="10"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="9"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -20242,22 +20242,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -20265,22 +20265,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -20288,22 +20288,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -20311,41 +20311,41 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20353,22 +20353,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20376,22 +20376,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20399,19 +20399,19 @@ + mode="get-value-property" + priority="10"> + priority="3"> + key="local-definitions" + gi="local-definitions"> local-definitions @@ -20421,16 +20421,16 @@ + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -20438,22 +20438,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20461,22 +20461,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -20484,46 +20484,46 @@ + mode="get-value-property" + priority="8"> + match="j:map[@key='assessment-results']/j:map[@key='local-definitions']/j:array[@key='objectives-and-methods']/j:map//j:array[@key='parts']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/part/prose" + _metaschema-json-id="/assembly/oscal-control-common/part/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE" + in-json="string"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20531,22 +20531,22 @@ + mode="get-value-property" + priority="10"> + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -20554,23 +20554,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -20578,22 +20578,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20601,14 +20601,14 @@ + mode="get-value-property" + priority="8"> + priority="7"> @@ -20623,15 +20623,15 @@ + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -20639,23 +20639,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -20663,22 +20663,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20686,23 +20686,23 @@ + mode="get-value-property" + priority="10"> + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -20710,22 +20710,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20733,14 +20733,14 @@ + mode="get-value-property" + priority="11"> + priority="10"> @@ -20754,16 +20754,16 @@ + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -20771,22 +20771,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20794,14 +20794,14 @@ + mode="get-value-property" + priority="13"> + priority="13"> @@ -20810,26 +20810,26 @@ + priority="15"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="15"> + priority="12"> @@ -20838,26 +20838,26 @@ + priority="14"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="14"> + priority="10"> @@ -20871,16 +20871,16 @@ + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -20888,22 +20888,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20911,22 +20911,22 @@ + mode="get-value-property" + priority="13"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20934,23 +20934,23 @@ + mode="get-value-property" + priority="12"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -20958,22 +20958,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -20981,14 +20981,14 @@ + mode="get-value-property" + priority="9"> + priority="8"> @@ -21002,16 +21002,16 @@ + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -21019,22 +21019,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21042,14 +21042,14 @@ + mode="get-value-property" + priority="11"> + priority="11"> @@ -21058,26 +21058,26 @@ + priority="13"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="13"> + priority="10"> @@ -21086,26 +21086,26 @@ + priority="12"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="12"> + priority="8"> @@ -21119,16 +21119,16 @@ + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -21136,22 +21136,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21159,22 +21159,22 @@ + mode="get-value-property" + priority="11"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21182,22 +21182,22 @@ + mode="get-value-property" + priority="10"> + priority="5"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -21205,23 +21205,23 @@ + mode="get-value-property" + priority="5"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -21229,22 +21229,22 @@ + mode="get-value-property" + priority="5"> + priority="5"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start" + in-json="SCALAR"> start @@ -21252,22 +21252,22 @@ + mode="get-value-property" + priority="5"> + priority="5"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end" + in-json="SCALAR"> end @@ -21275,22 +21275,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21298,19 +21298,19 @@ + mode="get-value-property" + priority="7"> + priority="5"> + key="local-definitions" + gi="local-definitions"> local-definitions @@ -21322,15 +21322,15 @@ + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -21338,23 +21338,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -21362,22 +21362,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -21385,22 +21385,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21408,14 +21408,14 @@ + mode="get-value-property" + priority="10"> + priority="8"> @@ -21427,15 +21427,15 @@ + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21443,22 +21443,22 @@ + mode="get-value-property" + priority="12"> + priority="10"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -21466,23 +21466,23 @@ + mode="get-value-property" + priority="10"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -21490,22 +21490,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21513,22 +21513,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21536,14 +21536,14 @@ + mode="get-value-property" + priority="12"> + priority="9"> @@ -21555,15 +21555,15 @@ + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21571,22 +21571,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21594,22 +21594,22 @@ + mode="get-value-property" + priority="14"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -21617,22 +21617,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -21640,23 +21640,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -21664,22 +21664,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21687,22 +21687,22 @@ + mode="get-value-property" + priority="10"> + priority="10"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -21710,23 +21710,23 @@ + mode="get-value-property" + priority="10"> + priority="10"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -21734,22 +21734,22 @@ + mode="get-value-property" + priority="10"> + priority="9"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -21757,23 +21757,23 @@ + mode="get-value-property" + priority="9"> + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -21781,22 +21781,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -21804,22 +21804,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21827,14 +21827,14 @@ + mode="get-value-property" + priority="11"> + priority="9"> @@ -21846,15 +21846,15 @@ + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21862,22 +21862,22 @@ + mode="get-value-property" + priority="13"> + priority="11"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -21885,14 +21885,14 @@ + mode="get-value-property" + priority="11"> + priority="8"> @@ -21905,15 +21905,15 @@ + priority="9"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -21921,22 +21921,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21944,14 +21944,14 @@ + mode="get-value-property" + priority="11"> + priority="10"> @@ -21963,15 +21963,15 @@ + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -21979,22 +21979,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22002,22 +22002,22 @@ + mode="get-value-property" + priority="15"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -22025,23 +22025,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -22049,22 +22049,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22072,14 +22072,14 @@ + mode="get-value-property" + priority="10"> + priority="8"> @@ -22092,7 +22092,7 @@ + priority="10"> @@ -22103,13 +22103,13 @@ + priority="10"> + name="within-date-range" + key="within-date-range" + gi="within-date-range"> within-date-range @@ -22118,13 +22118,13 @@ + priority="10"> + name="at-frequency" + key="at-frequency" + gi="at-frequency"> at-frequency @@ -22133,7 +22133,7 @@ + priority="9"> @@ -22142,7 +22142,7 @@ + priority="9"> @@ -22155,15 +22155,15 @@ + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22171,22 +22171,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22194,23 +22194,23 @@ + mode="get-value-property" + priority="14"> + priority="12"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -22218,22 +22218,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22241,22 +22241,22 @@ + mode="get-value-property" + priority="14"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22264,22 +22264,22 @@ + mode="get-value-property" + priority="17"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22287,23 +22287,23 @@ + mode="get-value-property" + priority="16"> + priority="10"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -22311,22 +22311,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22334,22 +22334,22 @@ + mode="get-value-property" + priority="12"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22357,22 +22357,22 @@ + mode="get-value-property" + priority="15"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22380,22 +22380,22 @@ + mode="get-value-property" + priority="14"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22403,23 +22403,23 @@ + mode="get-value-property" + priority="12"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -22427,22 +22427,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22450,14 +22450,14 @@ + mode="get-value-property" + priority="8"> + priority="7"> @@ -22471,16 +22471,16 @@ + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -22488,22 +22488,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22511,14 +22511,14 @@ + mode="get-value-property" + priority="10"> + priority="10"> @@ -22527,26 +22527,26 @@ + priority="12"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="12"> + priority="9"> @@ -22555,26 +22555,26 @@ + priority="11"> + as-type="token" + name="statement-id" + gi="statement-id" + in-json="SCALAR"> + mode="get-value-property" + priority="11"> + priority="7"> @@ -22588,16 +22588,16 @@ + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -22605,22 +22605,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22628,14 +22628,14 @@ + mode="get-value-property" + priority="10"> + priority="6"> @@ -22644,15 +22644,15 @@ + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22660,22 +22660,22 @@ + mode="get-value-property" + priority="11"> + priority="9"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -22683,46 +22683,46 @@ + mode="get-value-property" + priority="9"> + match="j:map[@key='assessment-results']/j:array[@key='results']/j:map/j:array[@key='attestations']/j:map//j:array[@key='parts']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-assessment-common/assessment-part/prose" + _metaschema-json-id="/assembly/oscal-assessment-common/assessment-part/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-assessment-common/assessment-part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-assessment-common/assessment-part/prose/PROSE" + in-json="string"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22730,14 +22730,14 @@ + mode="get-value-property" + priority="11"> + priority="5"> @@ -22748,7 +22748,7 @@ + priority="7"> @@ -22765,15 +22765,15 @@ + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -22781,23 +22781,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -22805,22 +22805,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start" + in-json="SCALAR"> start @@ -22828,22 +22828,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end" + in-json="SCALAR"> end @@ -22851,22 +22851,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22874,22 +22874,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22897,22 +22897,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22920,23 +22920,23 @@ + mode="get-value-property" + priority="14"> + priority="12"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -22944,22 +22944,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22967,22 +22967,22 @@ + mode="get-value-property" + priority="14"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -22990,22 +22990,22 @@ + mode="get-value-property" + priority="17"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23013,19 +23013,19 @@ + mode="get-value-property" + priority="16"> + priority="10"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -23034,16 +23034,16 @@ + priority="13"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -23051,22 +23051,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23074,22 +23074,22 @@ + mode="get-value-property" + priority="15"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23097,22 +23097,22 @@ + mode="get-value-property" + priority="18"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23120,22 +23120,22 @@ + mode="get-value-property" + priority="17"> + priority="7"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -23143,23 +23143,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -23167,22 +23167,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23190,60 +23190,60 @@ + mode="get-value-property" + priority="9"> + priority="8"> + as-type="string" + name="method" + gi="method" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="8"> + as-type="token" + name="type" + gi="type" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23251,22 +23251,22 @@ + mode="get-value-property" + priority="13"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23274,22 +23274,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23297,23 +23297,23 @@ + mode="get-value-property" + priority="15"> + priority="13"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -23321,22 +23321,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23344,22 +23344,22 @@ + mode="get-value-property" + priority="15"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23367,22 +23367,22 @@ + mode="get-value-property" + priority="18"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23390,19 +23390,19 @@ + mode="get-value-property" + priority="17"> + priority="11"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -23411,16 +23411,16 @@ + priority="14"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -23428,22 +23428,22 @@ + mode="get-value-property" + priority="14"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23451,22 +23451,22 @@ + mode="get-value-property" + priority="16"> + priority="19"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23474,22 +23474,22 @@ + mode="get-value-property" + priority="19"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23497,14 +23497,14 @@ + mode="get-value-property" + priority="18"> + priority="8"> @@ -23517,15 +23517,15 @@ + priority="9"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -23533,22 +23533,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23556,14 +23556,14 @@ + mode="get-value-property" + priority="11"> + priority="8"> @@ -23575,16 +23575,16 @@ + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -23592,22 +23592,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23615,22 +23615,22 @@ + mode="get-value-property" + priority="11"> + priority="7"> + as-type="dateTime-with-timezone" + name="collected" + key="collected" + gi="collected" + in-json="SCALAR"> collected @@ -23638,22 +23638,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="dateTime-with-timezone" + name="expires" + key="expires" + gi="expires" + in-json="SCALAR"> expires @@ -23661,22 +23661,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -23684,23 +23684,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -23708,23 +23708,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="statement" + key="statement" + gi="statement" + in-json="SCALAR"> statement @@ -23732,22 +23732,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23755,22 +23755,22 @@ + mode="get-value-property" + priority="9"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23778,22 +23778,22 @@ + mode="get-value-property" + priority="13"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23801,22 +23801,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23824,23 +23824,23 @@ + mode="get-value-property" + priority="15"> + priority="13"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -23848,22 +23848,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23871,22 +23871,22 @@ + mode="get-value-property" + priority="15"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23894,22 +23894,22 @@ + mode="get-value-property" + priority="18"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23917,19 +23917,19 @@ + mode="get-value-property" + priority="17"> + priority="11"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -23938,16 +23938,16 @@ + priority="14"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -23955,22 +23955,22 @@ + mode="get-value-property" + priority="14"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -23978,22 +23978,22 @@ + mode="get-value-property" + priority="16"> + priority="19"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24001,22 +24001,22 @@ + mode="get-value-property" + priority="19"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24024,22 +24024,22 @@ + mode="get-value-property" + priority="18"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24047,22 +24047,22 @@ + mode="get-value-property" + priority="11"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24070,22 +24070,22 @@ + mode="get-value-property" + priority="14"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24093,22 +24093,22 @@ + mode="get-value-property" + priority="14"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24116,23 +24116,23 @@ + mode="get-value-property" + priority="16"> + priority="14"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -24140,22 +24140,22 @@ + mode="get-value-property" + priority="14"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24163,22 +24163,22 @@ + mode="get-value-property" + priority="16"> + priority="19"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24186,22 +24186,22 @@ + mode="get-value-property" + priority="19"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24209,19 +24209,19 @@ + mode="get-value-property" + priority="18"> + priority="12"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -24230,16 +24230,16 @@ + priority="15"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -24247,22 +24247,22 @@ + mode="get-value-property" + priority="15"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24270,22 +24270,22 @@ + mode="get-value-property" + priority="17"> + priority="20"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24293,22 +24293,22 @@ + mode="get-value-property" + priority="20"> + priority="19"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24316,14 +24316,14 @@ + mode="get-value-property" + priority="19"> + priority="10"> @@ -24336,15 +24336,15 @@ + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24352,14 +24352,14 @@ + mode="get-value-property" + priority="13"> + priority="8"> @@ -24372,16 +24372,16 @@ + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -24389,22 +24389,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24412,14 +24412,14 @@ + mode="get-value-property" + priority="11"> + priority="10"> @@ -24432,15 +24432,15 @@ + priority="11"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -24448,22 +24448,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24471,22 +24471,22 @@ + mode="get-value-property" + priority="13"> + priority="7"> + as-type="dateTime-with-timezone" + name="deadline" + key="deadline" + gi="deadline" + in-json="SCALAR"> deadline @@ -24494,14 +24494,14 @@ + mode="get-value-property" + priority="7"> + priority="8"> @@ -24518,15 +24518,15 @@ + priority="9"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -24534,23 +24534,23 @@ + mode="get-value-property" + priority="9"> + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -24558,22 +24558,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24581,22 +24581,22 @@ + mode="get-value-property" + priority="11"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24604,22 +24604,22 @@ + mode="get-value-property" + priority="15"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24627,22 +24627,22 @@ + mode="get-value-property" + priority="15"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24650,23 +24650,23 @@ + mode="get-value-property" + priority="17"> + priority="15"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -24674,22 +24674,22 @@ + mode="get-value-property" + priority="15"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24697,22 +24697,22 @@ + mode="get-value-property" + priority="17"> + priority="20"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24720,22 +24720,22 @@ + mode="get-value-property" + priority="20"> + priority="19"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24743,19 +24743,19 @@ + mode="get-value-property" + priority="19"> + priority="13"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -24764,16 +24764,16 @@ + priority="16"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -24781,22 +24781,22 @@ + mode="get-value-property" + priority="16"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24804,22 +24804,22 @@ + mode="get-value-property" + priority="18"> + priority="21"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24827,22 +24827,22 @@ + mode="get-value-property" + priority="21"> + priority="20"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24850,14 +24850,14 @@ + mode="get-value-property" + priority="20"> + priority="10"> @@ -24871,7 +24871,7 @@ + priority="12"> @@ -24884,15 +24884,15 @@ + priority="13"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -24900,22 +24900,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24923,22 +24923,22 @@ + mode="get-value-property" + priority="15"> + priority="11"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -24946,23 +24946,23 @@ + mode="get-value-property" + priority="11"> + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -24970,22 +24970,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -24993,22 +24993,22 @@ + mode="get-value-property" + priority="13"> + priority="11"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -25016,23 +25016,23 @@ + mode="get-value-property" + priority="11"> + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -25040,22 +25040,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25063,14 +25063,14 @@ + mode="get-value-property" + priority="13"> + priority="11"> @@ -25083,7 +25083,7 @@ + priority="13"> @@ -25094,13 +25094,13 @@ + priority="13"> + name="within-date-range" + key="within-date-range" + gi="within-date-range"> within-date-range @@ -25109,13 +25109,13 @@ + priority="13"> + name="at-frequency" + key="at-frequency" + gi="at-frequency"> at-frequency @@ -25124,7 +25124,7 @@ + priority="12"> @@ -25133,7 +25133,7 @@ + priority="12"> @@ -25146,15 +25146,15 @@ + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25162,22 +25162,22 @@ + mode="get-value-property" + priority="15"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25185,23 +25185,23 @@ + mode="get-value-property" + priority="17"> + priority="15"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -25209,22 +25209,22 @@ + mode="get-value-property" + priority="15"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25232,22 +25232,22 @@ + mode="get-value-property" + priority="17"> + priority="20"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25255,22 +25255,22 @@ + mode="get-value-property" + priority="20"> + priority="19"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25278,23 +25278,23 @@ + mode="get-value-property" + priority="19"> + priority="13"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -25302,22 +25302,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25325,22 +25325,22 @@ + mode="get-value-property" + priority="15"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25348,22 +25348,22 @@ + mode="get-value-property" + priority="18"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25371,22 +25371,22 @@ + mode="get-value-property" + priority="17"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25394,14 +25394,14 @@ + mode="get-value-property" + priority="15"> + priority="7"> @@ -25412,7 +25412,7 @@ + priority="9"> @@ -25430,15 +25430,15 @@ + priority="10"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -25446,23 +25446,23 @@ + mode="get-value-property" + priority="10"> + priority="10"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -25470,22 +25470,22 @@ + mode="get-value-property" + priority="10"> + priority="10"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start" + in-json="SCALAR"> start @@ -25493,22 +25493,22 @@ + mode="get-value-property" + priority="10"> + priority="10"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end" + in-json="SCALAR"> end @@ -25516,22 +25516,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25539,14 +25539,14 @@ + mode="get-value-property" + priority="12"> + priority="11"> @@ -25558,15 +25558,15 @@ + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25574,22 +25574,22 @@ + mode="get-value-property" + priority="14"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25597,22 +25597,22 @@ + mode="get-value-property" + priority="16"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25620,23 +25620,23 @@ + mode="get-value-property" + priority="18"> + priority="16"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -25644,22 +25644,22 @@ + mode="get-value-property" + priority="16"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25667,22 +25667,22 @@ + mode="get-value-property" + priority="18"> + priority="21"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25690,22 +25690,22 @@ + mode="get-value-property" + priority="21"> + priority="20"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25713,19 +25713,19 @@ + mode="get-value-property" + priority="20"> + priority="14"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -25734,16 +25734,16 @@ + priority="17"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -25751,22 +25751,22 @@ + mode="get-value-property" + priority="17"> + priority="19"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25774,22 +25774,22 @@ + mode="get-value-property" + priority="19"> + priority="22"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25797,22 +25797,22 @@ + mode="get-value-property" + priority="22"> + priority="21"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25820,14 +25820,14 @@ + mode="get-value-property" + priority="21"> + priority="8"> @@ -25835,15 +25835,15 @@ + priority="7"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -25851,23 +25851,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -25875,22 +25875,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25898,22 +25898,22 @@ + mode="get-value-property" + priority="9"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25921,22 +25921,22 @@ + mode="get-value-property" + priority="13"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25944,22 +25944,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -25967,23 +25967,23 @@ + mode="get-value-property" + priority="15"> + priority="13"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -25991,22 +25991,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26014,22 +26014,22 @@ + mode="get-value-property" + priority="15"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26037,22 +26037,22 @@ + mode="get-value-property" + priority="18"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26060,19 +26060,19 @@ + mode="get-value-property" + priority="17"> + priority="11"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -26081,16 +26081,16 @@ + priority="14"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -26098,22 +26098,22 @@ + mode="get-value-property" + priority="14"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26121,22 +26121,22 @@ + mode="get-value-property" + priority="16"> + priority="19"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26144,22 +26144,22 @@ + mode="get-value-property" + priority="19"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26167,22 +26167,22 @@ + mode="get-value-property" + priority="18"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -26190,23 +26190,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -26214,22 +26214,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26237,14 +26237,14 @@ + mode="get-value-property" + priority="10"> + priority="8"> @@ -26257,15 +26257,15 @@ + priority="7"> + as-type="uuid" + name="implementation-statement-uuid" + key="implementation-statement-uuid" + gi="implementation-statement-uuid" + in-json="SCALAR"> implementation-statement-uuid @@ -26273,14 +26273,14 @@ + mode="get-value-property" + priority="7"> + priority="8"> @@ -26288,7 +26288,7 @@ + priority="8"> @@ -26296,7 +26296,7 @@ + priority="5"> @@ -26312,15 +26312,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -26328,23 +26328,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -26352,33 +26352,33 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> @@ -26391,15 +26391,15 @@ + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26407,22 +26407,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26430,14 +26430,14 @@ + mode="get-value-property" + priority="9"> + priority="7"> @@ -26447,14 +26447,14 @@ + priority="6"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -26465,21 +26465,21 @@ + mode="get-value-property"> + priority="4"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -26487,22 +26487,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -26510,22 +26510,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -26533,22 +26533,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -26556,22 +26556,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -26579,14 +26579,14 @@ + mode="get-value-property" + priority="4"> + priority="5"> @@ -26601,14 +26601,14 @@ + priority="4"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -26616,15 +26616,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -26632,22 +26632,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -26655,22 +26655,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -26678,22 +26678,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -26701,22 +26701,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -26724,22 +26724,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26747,41 +26747,41 @@ + mode="get-value-property" + priority="8"> + priority="5"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26789,14 +26789,14 @@ + mode="get-value-property" + priority="6"> + priority="5"> @@ -26810,15 +26810,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -26826,22 +26826,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -26849,23 +26849,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -26873,22 +26873,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -26896,14 +26896,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -26919,15 +26919,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -26935,14 +26935,14 @@ + mode="get-value-property" + priority="6"> + priority="6"> @@ -26958,34 +26958,34 @@ + priority="8"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="7"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -26993,22 +26993,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -27016,22 +27016,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -27039,22 +27039,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -27062,80 +27062,80 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="7"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27143,14 +27143,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -27170,15 +27170,15 @@ + priority="6"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -27186,22 +27186,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -27209,41 +27209,41 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="external-id" + gi="external-id"> + mode="get-value-property"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27251,52 +27251,52 @@ + mode="get-value-property" + priority="8"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="8"> @@ -27309,34 +27309,34 @@ + priority="10"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="9"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -27344,22 +27344,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -27367,22 +27367,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -27390,22 +27390,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -27413,41 +27413,41 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27455,22 +27455,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27478,22 +27478,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27501,22 +27501,22 @@ + mode="get-value-property" + priority="10"> + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -27524,23 +27524,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -27548,22 +27548,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -27571,22 +27571,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27594,14 +27594,14 @@ + mode="get-value-property" + priority="8"> + priority="6"> @@ -27613,15 +27613,15 @@ + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27629,22 +27629,22 @@ + mode="get-value-property" + priority="10"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -27652,23 +27652,23 @@ + mode="get-value-property" + priority="8"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -27676,22 +27676,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27699,22 +27699,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27722,14 +27722,14 @@ + mode="get-value-property" + priority="10"> + priority="7"> @@ -27741,15 +27741,15 @@ + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27757,22 +27757,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27780,22 +27780,22 @@ + mode="get-value-property" + priority="12"> + priority="7"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -27803,23 +27803,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -27827,22 +27827,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -27850,22 +27850,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27873,14 +27873,14 @@ + mode="get-value-property" + priority="9"> + priority="7"> @@ -27892,15 +27892,15 @@ + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27908,22 +27908,22 @@ + mode="get-value-property" + priority="11"> + priority="9"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -27931,14 +27931,14 @@ + mode="get-value-property" + priority="9"> + priority="6"> @@ -27951,15 +27951,15 @@ + priority="7"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -27967,22 +27967,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -27990,14 +27990,14 @@ + mode="get-value-property" + priority="9"> + priority="8"> @@ -28009,15 +28009,15 @@ + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28025,22 +28025,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28048,22 +28048,22 @@ + mode="get-value-property" + priority="13"> + priority="5"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -28071,23 +28071,23 @@ + mode="get-value-property" + priority="5"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -28095,22 +28095,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28118,60 +28118,60 @@ + mode="get-value-property" + priority="7"> + priority="6"> + as-type="string" + name="method" + gi="method" + in-json="SCALAR"> + mode="get-value-property" + priority="6"> + priority="6"> + as-type="token" + name="type" + gi="type" + in-json="SCALAR"> + mode="get-value-property" + priority="6"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28179,22 +28179,22 @@ + mode="get-value-property" + priority="11"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28202,22 +28202,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28225,23 +28225,23 @@ + mode="get-value-property" + priority="13"> + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -28249,22 +28249,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28272,22 +28272,22 @@ + mode="get-value-property" + priority="13"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28295,22 +28295,22 @@ + mode="get-value-property" + priority="16"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28318,19 +28318,19 @@ + mode="get-value-property" + priority="15"> + priority="9"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -28339,16 +28339,16 @@ + priority="12"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -28356,22 +28356,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28379,22 +28379,22 @@ + mode="get-value-property" + priority="14"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28402,22 +28402,22 @@ + mode="get-value-property" + priority="17"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28425,14 +28425,14 @@ + mode="get-value-property" + priority="16"> + priority="6"> @@ -28445,15 +28445,15 @@ + priority="7"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -28461,22 +28461,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28484,14 +28484,14 @@ + mode="get-value-property" + priority="9"> + priority="6"> @@ -28503,16 +28503,16 @@ + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -28520,22 +28520,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28543,22 +28543,22 @@ + mode="get-value-property" + priority="9"> + priority="5"> + as-type="dateTime-with-timezone" + name="collected" + key="collected" + gi="collected" + in-json="SCALAR"> collected @@ -28566,22 +28566,22 @@ + mode="get-value-property" + priority="5"> + priority="5"> + as-type="dateTime-with-timezone" + name="expires" + key="expires" + gi="expires" + in-json="SCALAR"> expires @@ -28589,22 +28589,22 @@ + mode="get-value-property" + priority="5"> + priority="5"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -28612,23 +28612,23 @@ + mode="get-value-property" + priority="5"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -28636,23 +28636,23 @@ + mode="get-value-property" + priority="5"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="statement" + key="statement" + gi="statement" + in-json="SCALAR"> statement @@ -28660,22 +28660,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28683,22 +28683,22 @@ + mode="get-value-property" + priority="7"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28706,22 +28706,22 @@ + mode="get-value-property" + priority="11"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28729,22 +28729,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28752,23 +28752,23 @@ + mode="get-value-property" + priority="13"> + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -28776,22 +28776,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28799,22 +28799,22 @@ + mode="get-value-property" + priority="13"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28822,22 +28822,22 @@ + mode="get-value-property" + priority="16"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28845,19 +28845,19 @@ + mode="get-value-property" + priority="15"> + priority="9"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -28866,16 +28866,16 @@ + priority="12"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -28883,22 +28883,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28906,22 +28906,22 @@ + mode="get-value-property" + priority="14"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28929,22 +28929,22 @@ + mode="get-value-property" + priority="17"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28952,22 +28952,22 @@ + mode="get-value-property" + priority="16"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28975,22 +28975,22 @@ + mode="get-value-property" + priority="9"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -28998,22 +28998,22 @@ + mode="get-value-property" + priority="12"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29021,22 +29021,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29044,23 +29044,23 @@ + mode="get-value-property" + priority="14"> + priority="12"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -29068,22 +29068,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29091,22 +29091,22 @@ + mode="get-value-property" + priority="14"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29114,22 +29114,22 @@ + mode="get-value-property" + priority="17"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29137,19 +29137,19 @@ + mode="get-value-property" + priority="16"> + priority="10"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -29158,16 +29158,16 @@ + priority="13"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -29175,22 +29175,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29198,22 +29198,22 @@ + mode="get-value-property" + priority="15"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29221,22 +29221,22 @@ + mode="get-value-property" + priority="18"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29244,14 +29244,14 @@ + mode="get-value-property" + priority="17"> + priority="8"> @@ -29264,15 +29264,15 @@ + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29280,14 +29280,14 @@ + mode="get-value-property" + priority="11"> + priority="6"> @@ -29300,16 +29300,16 @@ + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -29317,22 +29317,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29340,14 +29340,14 @@ + mode="get-value-property" + priority="9"> + priority="8"> @@ -29360,15 +29360,15 @@ + priority="9"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -29376,22 +29376,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29399,22 +29399,22 @@ + mode="get-value-property" + priority="11"> + priority="5"> + as-type="dateTime-with-timezone" + name="deadline" + key="deadline" + gi="deadline" + in-json="SCALAR"> deadline @@ -29422,14 +29422,14 @@ + mode="get-value-property" + priority="5"> + priority="6"> @@ -29446,15 +29446,15 @@ + priority="7"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -29462,23 +29462,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -29486,22 +29486,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29509,22 +29509,22 @@ + mode="get-value-property" + priority="9"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29532,22 +29532,22 @@ + mode="get-value-property" + priority="13"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29555,22 +29555,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29578,23 +29578,23 @@ + mode="get-value-property" + priority="15"> + priority="13"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -29602,22 +29602,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29625,22 +29625,22 @@ + mode="get-value-property" + priority="15"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29648,22 +29648,22 @@ + mode="get-value-property" + priority="18"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29671,19 +29671,19 @@ + mode="get-value-property" + priority="17"> + priority="11"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -29692,16 +29692,16 @@ + priority="14"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -29709,22 +29709,22 @@ + mode="get-value-property" + priority="14"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29732,22 +29732,22 @@ + mode="get-value-property" + priority="16"> + priority="19"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29755,22 +29755,22 @@ + mode="get-value-property" + priority="19"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29778,14 +29778,14 @@ + mode="get-value-property" + priority="18"> + priority="8"> @@ -29799,7 +29799,7 @@ + priority="10"> @@ -29812,15 +29812,15 @@ + priority="11"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -29828,22 +29828,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29851,22 +29851,22 @@ + mode="get-value-property" + priority="13"> + priority="9"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -29874,23 +29874,23 @@ + mode="get-value-property" + priority="9"> + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -29898,22 +29898,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29921,22 +29921,22 @@ + mode="get-value-property" + priority="11"> + priority="9"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -29944,23 +29944,23 @@ + mode="get-value-property" + priority="9"> + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -29968,22 +29968,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -29991,14 +29991,14 @@ + mode="get-value-property" + priority="11"> + priority="9"> @@ -30011,7 +30011,7 @@ + priority="11"> @@ -30022,13 +30022,13 @@ + priority="11"> + name="within-date-range" + key="within-date-range" + gi="within-date-range"> within-date-range @@ -30037,13 +30037,13 @@ + priority="11"> + name="at-frequency" + key="at-frequency" + gi="at-frequency"> at-frequency @@ -30052,7 +30052,7 @@ + priority="10"> @@ -30061,7 +30061,7 @@ + priority="10"> @@ -30074,15 +30074,15 @@ + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30090,22 +30090,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30113,23 +30113,23 @@ + mode="get-value-property" + priority="15"> + priority="13"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -30137,22 +30137,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30160,22 +30160,22 @@ + mode="get-value-property" + priority="15"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30183,22 +30183,22 @@ + mode="get-value-property" + priority="18"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30206,23 +30206,23 @@ + mode="get-value-property" + priority="17"> + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -30230,22 +30230,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30253,22 +30253,22 @@ + mode="get-value-property" + priority="13"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30276,22 +30276,22 @@ + mode="get-value-property" + priority="16"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30299,22 +30299,22 @@ + mode="get-value-property" + priority="15"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30322,14 +30322,14 @@ + mode="get-value-property" + priority="13"> + priority="5"> @@ -30340,7 +30340,7 @@ + priority="7"> @@ -30358,15 +30358,15 @@ + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -30374,23 +30374,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -30398,22 +30398,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start" + in-json="SCALAR"> start @@ -30421,22 +30421,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end" + in-json="SCALAR"> end @@ -30444,22 +30444,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30467,14 +30467,14 @@ + mode="get-value-property" + priority="10"> + priority="9"> @@ -30486,15 +30486,15 @@ + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30502,22 +30502,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30525,22 +30525,22 @@ + mode="get-value-property" + priority="14"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30548,23 +30548,23 @@ + mode="get-value-property" + priority="16"> + priority="14"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -30572,22 +30572,22 @@ + mode="get-value-property" + priority="14"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30595,22 +30595,22 @@ + mode="get-value-property" + priority="16"> + priority="19"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30618,22 +30618,22 @@ + mode="get-value-property" + priority="19"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30641,19 +30641,19 @@ + mode="get-value-property" + priority="18"> + priority="12"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -30662,16 +30662,16 @@ + priority="15"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -30679,22 +30679,22 @@ + mode="get-value-property" + priority="15"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30702,22 +30702,22 @@ + mode="get-value-property" + priority="17"> + priority="20"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30725,22 +30725,22 @@ + mode="get-value-property" + priority="20"> + priority="19"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30748,14 +30748,14 @@ + mode="get-value-property" + priority="19"> + priority="6"> @@ -30763,15 +30763,15 @@ + priority="5"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -30779,23 +30779,23 @@ + mode="get-value-property" + priority="5"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -30803,22 +30803,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30826,22 +30826,22 @@ + mode="get-value-property" + priority="7"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30849,22 +30849,22 @@ + mode="get-value-property" + priority="11"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30872,22 +30872,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30895,23 +30895,23 @@ + mode="get-value-property" + priority="13"> + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -30919,22 +30919,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30942,22 +30942,22 @@ + mode="get-value-property" + priority="13"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30965,22 +30965,22 @@ + mode="get-value-property" + priority="16"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -30988,19 +30988,19 @@ + mode="get-value-property" + priority="15"> + priority="9"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -31009,16 +31009,16 @@ + priority="12"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -31026,22 +31026,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -31049,22 +31049,22 @@ + mode="get-value-property" + priority="14"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -31072,22 +31072,22 @@ + mode="get-value-property" + priority="17"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -31095,22 +31095,22 @@ + mode="get-value-property" + priority="16"> + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -31118,23 +31118,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -31142,22 +31142,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -31165,14 +31165,14 @@ + mode="get-value-property" + priority="8"> + priority="6"> @@ -31185,15 +31185,15 @@ + priority="5"> + as-type="uuid" + name="implementation-statement-uuid" + key="implementation-statement-uuid" + gi="implementation-statement-uuid" + in-json="SCALAR"> implementation-statement-uuid @@ -31201,14 +31201,14 @@ + mode="get-value-property" + priority="5"> + priority="6"> @@ -31216,7 +31216,7 @@ + priority="6"> @@ -31224,15 +31224,15 @@ + priority="5"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -31240,23 +31240,23 @@ + mode="get-value-property" + priority="5"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -31264,22 +31264,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -31287,14 +31287,14 @@ + mode="get-value-property" + priority="7"> + priority="6"> @@ -31302,15 +31302,15 @@ + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -31318,14 +31318,14 @@ + mode="get-value-property" + priority="11"> + priority="6"> @@ -31333,7 +31333,7 @@ + priority="6"> @@ -31341,7 +31341,7 @@ + priority="6"> @@ -31349,7 +31349,7 @@ + priority="5"> @@ -31365,15 +31365,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -31381,23 +31381,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -31405,33 +31405,33 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> @@ -31444,15 +31444,15 @@ + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -31460,22 +31460,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -31483,14 +31483,14 @@ + mode="get-value-property" + priority="9"> + priority="7"> @@ -31500,14 +31500,14 @@ + priority="6"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -31518,7 +31518,7 @@ + mode="get-value-property"> @@ -31532,8 +31532,8 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + match="value[@as-type=('markup-line')]"> @@ -31543,8 +31543,8 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + match="value[@as-type=('markup-multiline')]"> @@ -31573,15 +31573,15 @@ + group-starting-with=".[matches(., '^```')]"> + select="not((position() mod 2) + number($starts-with-code))"/>

    + expand-text="true" + select="(replace(.,'^```','') ! normalize-space(.))[matches(.,'\S')]"/> @@ -31612,9 +31612,9 @@ + priority="1" + match="p[exists(@code)]" + expand-text="true">

              
                 language-{.}
    @@ -31652,8 +31652,8 @@
           
        
        
    +                  priority="5"
    +                  mode="make-row"/>
        
           
              
    @@ -31664,7 +31664,7 @@
           
        
        
    +                  mode="make-row">
           
              
                 
    @@ -31683,9 +31683,9 @@
        
           
              
    +                              select="tokenize(., '\n')">
                 
  • + type="{ if (matches(.,'\s*\d')) then 'ol' else 'ul' }">
    @@ -31699,7 +31699,7 @@ + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -31713,9 +31713,9 @@ + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + group-starting-with="li[(@level = $level) or not(@type = preceding-sibling::*[1]/@type)]">
  • @@ -31894,40 +31894,40 @@ { insertion } + elements="s:*"/> + elements="s:flag s:value"/> + name="write-xml"/> + match="s:*[exists(@gi)]" + mode="write-xml"> + match="s:value[@as-type=('markup-line','markup-multiline')]" + mode="write-xml"> + match="p | ul | ol | pre | h1 | h2 | h3 | h4 | h5 | h6 | table" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + priority="2" + match="s:flag" + mode="write-xml"> + match="*" + mode="cast-prose"> diff --git a/xml/convert/oscal_component_json-to-xml-converter.xsl b/xml/convert/oscal_component_json-to-xml-converter.xsl index 8072828ba8..9765020b7f 100644 --- a/xml/convert/oscal_component_json-to-xml-converter.xsl +++ b/xml/convert/oscal_component_json-to-xml-converter.xsl @@ -1,12 +1,12 @@ + xmlns:j="http://www.w3.org/2005/xpath-functions" + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsl="http://www.w3.org/1999/XSL/Transform" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + version="3.0" + exclude-result-prefixes="#all"> @@ -31,7 +31,7 @@ + select="unparsed-text($file) ! json-to-xml(.)"> {{ $err:description }} @@ -92,8 +92,8 @@ + key="component-definition" + gi="component-definition"> component-definition @@ -185,8 +185,8 @@ + name="import-component-definition" + gi="import-component-definition"> @@ -282,12 +282,12 @@ + collapsible="no" + as-type="markup-multiline" + name="remarks" + key="remarks" + gi="remarks" + in-json="SCALAR"> remarks @@ -295,8 +295,8 @@ + mode="get-value-property" + priority="8"> @@ -305,16 +305,16 @@ + as-type="uuid" + name="location-uuid" + gi="location-uuid" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> @@ -323,16 +323,16 @@ + as-type="uuid" + name="party-uuid" + gi="party-uuid" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> @@ -352,633 +352,633 @@ + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="3"> + as-type="token" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="8"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="value" + key="value" + gi="value"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="group" + key="group" + gi="group"> + mode="keep-value-property" + priority="8"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="rel" + key="rel" + gi="rel"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="string" + name="resource-fragment" + key="resource-fragment" + gi="resource-fragment"> + mode="keep-value-property" + priority="8"> + priority="6"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + mode="keep-value-property" + priority="6"> + priority="6"> + mode="keep-value-property" + priority="6"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + as-type="token" + name="location-type" + key="type" + gi="type"> + mode="keep-value-property" + priority="7"> + priority="8"> + as-type="string" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="8"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="6"> + as-type="string" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uri" + name="system" + key="system" + gi="system"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="5"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="5"> + as-type="string" + name="defined-component-type" + key="type" + gi="type"> + mode="keep-value-property" + priority="5"> + priority="1"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + mode="keep-value-property" + priority="7"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="7"> + priority="1"> + as-type="string" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="7"> + priority="1"> + as-type="nonNegativeInteger" + name="start" + key="start" + gi="start"> + mode="keep-value-property" + priority="9"> + priority="1"> + as-type="nonNegativeInteger" + name="end" + key="end" + gi="end"> + mode="keep-value-property" + priority="9"> + priority="1"> + as-type="token" + name="transport" + key="transport" + gi="transport"> + mode="keep-value-property" + priority="9"> + priority="7"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="7"> + priority="7"> + as-type="uri-reference" + name="source" + key="source" + gi="source"> + mode="keep-value-property" + priority="7"> + as-type="token" + name="param-id" + key="param-id" + gi="param-id"> + mode="keep-value-property" + priority="9"> + priority="9"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="9"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + mode="keep-value-property" + priority="9"> + as-type="token" + name="statement-id" + key="statement-id" + gi="statement-id"> + mode="keep-value-property" + priority="11"> + priority="11"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="11"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="5"> + priority="1"> + as-type="string" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="5"> + priority="1"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + mode="keep-value-property" + priority="7"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="8"> + priority="3"> + as-type="string" + name="algorithm" + key="algorithm" + gi="algorithm"> + mode="keep-value-property" + priority="10"> + priority="7"> + as-type="token" + name="filename" + key="filename" + gi="filename"> + mode="keep-value-property" + priority="7"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="7"> + priority="4"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -986,22 +986,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -1009,22 +1009,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -1032,22 +1032,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -1055,22 +1055,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -1078,14 +1078,14 @@ + mode="get-value-property" + priority="4"> + priority="5"> @@ -1100,14 +1100,14 @@ + priority="4"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -1115,15 +1115,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1131,22 +1131,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -1154,22 +1154,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -1177,22 +1177,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -1200,22 +1200,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -1223,22 +1223,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1246,41 +1246,41 @@ + mode="get-value-property" + priority="8"> + priority="5"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1288,14 +1288,14 @@ + mode="get-value-property" + priority="6"> + priority="5"> @@ -1309,15 +1309,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1325,22 +1325,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -1348,23 +1348,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -1372,22 +1372,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1395,14 +1395,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -1418,15 +1418,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1434,14 +1434,14 @@ + mode="get-value-property" + priority="6"> + priority="6"> @@ -1457,34 +1457,34 @@ + priority="8"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="7"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -1492,22 +1492,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -1515,22 +1515,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -1538,22 +1538,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -1561,80 +1561,80 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="7"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1642,14 +1642,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -1669,15 +1669,15 @@ + priority="6"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -1685,22 +1685,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -1708,41 +1708,41 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="external-id" + gi="external-id"> + mode="get-value-property"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1750,52 +1750,52 @@ + mode="get-value-property" + priority="8"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="8"> @@ -1808,34 +1808,34 @@ + priority="10"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="9"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -1843,22 +1843,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -1866,22 +1866,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -1889,22 +1889,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -1912,41 +1912,41 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1954,22 +1954,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1977,22 +1977,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2000,22 +2000,22 @@ + mode="get-value-property" + priority="10"> + priority="5"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2023,23 +2023,23 @@ + mode="get-value-property" + priority="5"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2047,22 +2047,22 @@ + mode="get-value-property" + priority="5"> + priority="5"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -2070,22 +2070,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2093,22 +2093,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2116,22 +2116,22 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2139,14 +2139,14 @@ + mode="get-value-property" + priority="7"> + priority="6"> @@ -2160,16 +2160,16 @@ + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2177,22 +2177,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2200,33 +2200,33 @@ + mode="get-value-property" + priority="9"> + priority="10"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="8"> @@ -2242,16 +2242,16 @@ + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2259,22 +2259,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2282,41 +2282,41 @@ + mode="get-value-property" + priority="11"> + priority="12"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + mode="get-value-property" + priority="12"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2324,14 +2324,14 @@ + mode="get-value-property" + priority="13"> + priority="10"> @@ -2345,16 +2345,16 @@ + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2362,22 +2362,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2385,22 +2385,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2408,23 +2408,23 @@ + mode="get-value-property" + priority="15"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2432,22 +2432,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2455,23 +2455,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2479,14 +2479,14 @@ + mode="get-value-property" + priority="7"> + priority="6"> @@ -2500,16 +2500,16 @@ + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2517,22 +2517,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2540,33 +2540,33 @@ + mode="get-value-property" + priority="9"> + priority="10"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="8"> @@ -2582,16 +2582,16 @@ + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2599,22 +2599,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2622,41 +2622,41 @@ + mode="get-value-property" + priority="11"> + priority="12"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + mode="get-value-property" + priority="12"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2664,14 +2664,14 @@ + mode="get-value-property" + priority="13"> + priority="10"> @@ -2685,16 +2685,16 @@ + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2702,22 +2702,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2725,22 +2725,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2748,14 +2748,14 @@ + mode="get-value-property" + priority="15"> + priority="5"> @@ -2771,15 +2771,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2787,23 +2787,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2811,33 +2811,33 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> @@ -2850,15 +2850,15 @@ + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2866,22 +2866,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2889,14 +2889,14 @@ + mode="get-value-property" + priority="9"> + priority="7"> @@ -2906,14 +2906,14 @@ + priority="6"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -2924,7 +2924,7 @@ + mode="get-value-property"> @@ -2938,8 +2938,8 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + match="value[@as-type=('markup-line')]"> @@ -2949,8 +2949,8 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + match="value[@as-type=('markup-multiline')]"> @@ -2979,15 +2979,15 @@ + group-starting-with=".[matches(., '^```')]"> + select="not((position() mod 2) + number($starts-with-code))"/>

    + expand-text="true" + select="(replace(.,'^```','') ! normalize-space(.))[matches(.,'\S')]"/> @@ -3018,9 +3018,9 @@ + priority="1" + match="p[exists(@code)]" + expand-text="true">

              
                 language-{.}
    @@ -3058,8 +3058,8 @@
           
        
        
    +                  priority="5"
    +                  mode="make-row"/>
        
           
              
    @@ -3070,7 +3070,7 @@
           
        
        
    +                  mode="make-row">
           
              
                 
    @@ -3089,9 +3089,9 @@
        
           
              
    +                              select="tokenize(., '\n')">
                 
  • + type="{ if (matches(.,'\s*\d')) then 'ol' else 'ul' }">
    @@ -3105,7 +3105,7 @@ + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3119,9 +3119,9 @@ + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + group-starting-with="li[(@level = $level) or not(@type = preceding-sibling::*[1]/@type)]">
  • @@ -3300,40 +3300,40 @@ { insertion } + elements="s:*"/> + elements="s:flag s:value"/> + name="write-xml"/> + match="s:*[exists(@gi)]" + mode="write-xml"> + match="s:value[@as-type=('markup-line','markup-multiline')]" + mode="write-xml"> + match="p | ul | ol | pre | h1 | h2 | h3 | h4 | h5 | h6 | table" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + priority="2" + match="s:flag" + mode="write-xml"> + match="*" + mode="cast-prose"> diff --git a/xml/convert/oscal_mapping_json-to-xml-converter.xsl b/xml/convert/oscal_mapping_json-to-xml-converter.xsl index 0ac085e4be..31b0fa7fb5 100644 --- a/xml/convert/oscal_mapping_json-to-xml-converter.xsl +++ b/xml/convert/oscal_mapping_json-to-xml-converter.xsl @@ -1,12 +1,12 @@ + xmlns:j="http://www.w3.org/2005/xpath-functions" + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsl="http://www.w3.org/1999/XSL/Transform" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + version="3.0" + exclude-result-prefixes="#all"> @@ -31,7 +31,7 @@ + select="unparsed-text($file) ! json-to-xml(.)"> {{ $err:description }} @@ -92,8 +92,8 @@ + key="mapping-collection" + gi="mapping-collection"> mapping-collection @@ -196,8 +196,8 @@ + key="source-resource" + gi="source-resource"> source-resource @@ -212,8 +212,8 @@ + key="target-resource" + gi="target-resource"> target-resource @@ -273,12 +273,12 @@ + collapsible="no" + as-type="markup-multiline" + name="remarks" + key="remarks" + gi="remarks" + in-json="SCALAR"> remarks @@ -286,8 +286,8 @@ + mode="get-value-property" + priority="8"> @@ -296,16 +296,16 @@ + as-type="uuid" + name="location-uuid" + gi="location-uuid" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> @@ -314,16 +314,16 @@ + as-type="uuid" + name="party-uuid" + gi="party-uuid" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> @@ -343,481 +343,481 @@ + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="3"> + as-type="token" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="8"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="value" + key="value" + gi="value"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="group" + key="group" + gi="group"> + mode="keep-value-property" + priority="8"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="rel" + key="rel" + gi="rel"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="string" + name="resource-fragment" + key="resource-fragment" + gi="resource-fragment"> + mode="keep-value-property" + priority="8"> + priority="6"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + mode="keep-value-property" + priority="6"> + priority="6"> + mode="keep-value-property" + priority="6"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + as-type="token" + name="location-type" + key="type" + gi="type"> + mode="keep-value-property" + priority="7"> + priority="8"> + as-type="string" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="8"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="6"> + as-type="string" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uri" + name="system" + key="system" + gi="system"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="5"> + priority="1"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="7"> + priority="8"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="9"> + priority="1"> + as-type="string" + name="id-ref" + key="id-ref" + gi="id-ref"> + mode="keep-value-property" + priority="9"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="8"> + priority="3"> + as-type="string" + name="algorithm" + key="algorithm" + gi="algorithm"> + mode="keep-value-property" + priority="10"> + priority="7"> + as-type="token" + name="filename" + key="filename" + gi="filename"> + mode="keep-value-property" + priority="7"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="7"> + priority="4"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -825,22 +825,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -848,22 +848,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -871,22 +871,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -894,22 +894,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -917,14 +917,14 @@ + mode="get-value-property" + priority="4"> + priority="5"> @@ -939,14 +939,14 @@ + priority="4"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -954,15 +954,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -970,22 +970,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -993,22 +993,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -1016,22 +1016,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -1039,22 +1039,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -1062,22 +1062,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1085,41 +1085,41 @@ + mode="get-value-property" + priority="8"> + priority="5"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1127,14 +1127,14 @@ + mode="get-value-property" + priority="6"> + priority="5"> @@ -1148,15 +1148,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1164,22 +1164,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -1187,23 +1187,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -1211,22 +1211,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1234,14 +1234,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -1257,15 +1257,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1273,14 +1273,14 @@ + mode="get-value-property" + priority="6"> + priority="6"> @@ -1296,34 +1296,34 @@ + priority="8"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="7"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -1331,22 +1331,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -1354,22 +1354,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -1377,22 +1377,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -1400,80 +1400,80 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="7"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1481,14 +1481,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -1508,15 +1508,15 @@ + priority="6"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -1524,22 +1524,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -1547,41 +1547,41 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="external-id" + gi="external-id"> + mode="get-value-property"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1589,52 +1589,52 @@ + mode="get-value-property" + priority="8"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="8"> @@ -1647,34 +1647,34 @@ + priority="10"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="9"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -1682,22 +1682,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -1705,22 +1705,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -1728,22 +1728,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -1751,41 +1751,41 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1793,22 +1793,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1816,22 +1816,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1839,22 +1839,22 @@ + mode="get-value-property" + priority="10"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1862,22 +1862,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1885,22 +1885,22 @@ + mode="get-value-property" + priority="8"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1908,21 +1908,21 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="token" + name="relationship" + key="relationship" + gi="relationship"> relationship @@ -1932,21 +1932,21 @@ + mode="get-value-property"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1954,22 +1954,22 @@ + mode="get-value-property" + priority="11"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1977,14 +1977,14 @@ + mode="get-value-property" + priority="11"> + priority="5"> @@ -2000,15 +2000,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2016,23 +2016,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2040,33 +2040,33 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> @@ -2079,15 +2079,15 @@ + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2095,22 +2095,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2118,14 +2118,14 @@ + mode="get-value-property" + priority="9"> + priority="7"> @@ -2135,14 +2135,14 @@ + priority="6"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -2153,7 +2153,7 @@ + mode="get-value-property"> @@ -2167,8 +2167,8 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + match="value[@as-type=('markup-line')]"> @@ -2178,8 +2178,8 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + match="value[@as-type=('markup-multiline')]"> @@ -2208,15 +2208,15 @@ + group-starting-with=".[matches(., '^```')]"> + select="not((position() mod 2) + number($starts-with-code))"/>

    + expand-text="true" + select="(replace(.,'^```','') ! normalize-space(.))[matches(.,'\S')]"/> @@ -2247,9 +2247,9 @@ + priority="1" + match="p[exists(@code)]" + expand-text="true">

              
                 language-{.}
    @@ -2287,8 +2287,8 @@
           
        
        
    +                  priority="5"
    +                  mode="make-row"/>
        
           
              
    @@ -2299,7 +2299,7 @@
           
        
        
    +                  mode="make-row">
           
              
                 
    @@ -2318,9 +2318,9 @@
        
           
              
    +                              select="tokenize(., '\n')">
                 
  • + type="{ if (matches(.,'\s*\d')) then 'ol' else 'ul' }">
    @@ -2334,7 +2334,7 @@ + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -2348,9 +2348,9 @@ + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + group-starting-with="li[(@level = $level) or not(@type = preceding-sibling::*[1]/@type)]">
  • @@ -2529,40 +2529,40 @@ { insertion } + elements="s:*"/> + elements="s:flag s:value"/> + name="write-xml"/> + match="s:*[exists(@gi)]" + mode="write-xml"> + match="s:value[@as-type=('markup-line','markup-multiline')]" + mode="write-xml"> + match="p | ul | ol | pre | h1 | h2 | h3 | h4 | h5 | h6 | table" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + priority="2" + match="s:flag" + mode="write-xml"> + match="*" + mode="cast-prose"> diff --git a/xml/convert/oscal_poam_json-to-xml-converter.xsl b/xml/convert/oscal_poam_json-to-xml-converter.xsl index 93fd17c303..cbeecc1af7 100644 --- a/xml/convert/oscal_poam_json-to-xml-converter.xsl +++ b/xml/convert/oscal_poam_json-to-xml-converter.xsl @@ -1,12 +1,12 @@ + xmlns:j="http://www.w3.org/2005/xpath-functions" + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsl="http://www.w3.org/1999/XSL/Transform" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + version="3.0" + exclude-result-prefixes="#all"> @@ -31,7 +31,7 @@ + select="unparsed-text($file) ! json-to-xml(.)"> {{ $err:description }} @@ -92,8 +92,8 @@ + key="plan-of-action-and-milestones" + gi="plan-of-action-and-milestones"> plan-of-action-and-milestones @@ -200,8 +200,8 @@ + key="local-definitions" + gi="local-definitions"> local-definitions @@ -275,8 +275,8 @@ + key="assessment-assets" + gi="assessment-assets"> assessment-assets @@ -356,9 +356,9 @@ + name="include-all" + key="include-all" + gi="include-all"> include-all @@ -483,8 +483,8 @@ + key="implementation-status" + gi="implementation-status"> implementation-status @@ -522,12 +522,12 @@ + collapsible="no" + as-type="markup-multiline" + name="remarks" + key="remarks" + gi="remarks" + in-json="SCALAR"> remarks @@ -535,8 +535,8 @@ + mode="get-value-property" + priority="8"> @@ -545,16 +545,16 @@ + as-type="uuid" + name="location-uuid" + gi="location-uuid" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> @@ -563,16 +563,16 @@ + as-type="uuid" + name="party-uuid" + gi="party-uuid" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> @@ -581,10 +581,10 @@ + as-type="string" + name="system-id" + key="system-id" + gi="system-id"> system-id @@ -602,11 +602,11 @@ + as-type="token" + name="risk-status" + key="status" + gi="status" + in-json="SCALAR"> status @@ -614,8 +614,8 @@ + mode="get-value-property" + priority="5"> @@ -639,11 +639,11 @@ + as-type="token" + name="risk-status" + key="status-change" + gi="status-change" + in-json="SCALAR"> status-change @@ -651,8 +651,8 @@ + mode="get-value-property" + priority="8"> @@ -672,1210 +672,1210 @@ + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="3"> + as-type="token" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="8"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="value" + key="value" + gi="value"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="group" + key="group" + gi="group"> + mode="keep-value-property" + priority="8"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="rel" + key="rel" + gi="rel"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="string" + name="resource-fragment" + key="resource-fragment" + gi="resource-fragment"> + mode="keep-value-property" + priority="8"> + priority="6"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + mode="keep-value-property" + priority="6"> + priority="6"> + mode="keep-value-property" + priority="6"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + as-type="token" + name="location-type" + key="type" + gi="type"> + mode="keep-value-property" + priority="7"> + priority="8"> + as-type="string" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="8"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="6"> + as-type="string" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uri" + name="system" + key="system" + gi="system"> + mode="keep-value-property" + priority="6"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="4"> + priority="1"> + as-type="uri" + name="identifier-type" + key="identifier-type" + gi="identifier-type"> + mode="keep-value-property" + priority="4"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + as-type="string" + name="system-component-type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + priority="7"> + as-type="token" + name="state" + key="state" + gi="state"> + mode="keep-value-property" + priority="7"> + priority="1"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="string" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="nonNegativeInteger" + name="start" + key="start" + gi="start"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="nonNegativeInteger" + name="end" + key="end" + gi="end"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="token" + name="transport" + key="transport" + gi="transport"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + mode="keep-value-property" + priority="8"> + priority="7"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="7"> + priority="9"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + mode="keep-value-property" + priority="9"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="5"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="9"> + priority="1"> + as-type="uuid" + name="actor-uuid" + key="actor-uuid" + gi="actor-uuid"> + mode="keep-value-property" + priority="9"> + priority="1"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + mode="keep-value-property" + priority="9"> + priority="1"> + as-type="uuid" + name="task-uuid" + key="task-uuid" + gi="task-uuid"> + mode="keep-value-property" + priority="9"> + priority="1"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="11"> + as-type="uuid" + name="subject-uuid" + key="subject-uuid" + gi="subject-uuid"> + mode="keep-value-property" + priority="14"> + as-type="token" + name="subject-type" + key="type" + gi="type"> + mode="keep-value-property" + priority="14"> + priority="10"> + as-type="uuid" + name="subject-placeholder-uuid" + key="subject-placeholder-uuid" + gi="subject-placeholder-uuid"> + mode="keep-value-property" + priority="10"> + as-type="uuid" + name="subject-uuid" + key="subject-uuid" + gi="subject-uuid"> + mode="keep-value-property" + priority="7"> + as-type="token" + name="subject-type" + key="type" + gi="type"> + mode="keep-value-property" + priority="7"> + priority="7"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="7"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="5"> + priority="1"> + as-type="uri" + name="system" + key="system" + gi="system"> + mode="keep-value-property" + priority="7"> + priority="1"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="7"> + priority="9"> + as-type="token" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="9"> + priority="9"> + as-type="uri" + name="system" + key="system" + gi="system"> + mode="keep-value-property" + priority="9"> + priority="9"> + as-type="string" + name="value" + key="value" + gi="value"> + mode="keep-value-property" + priority="9"> + priority="7"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="7"> + priority="7"> + as-type="uuid" + name="implementation-uuid" + key="implementation-uuid" + gi="implementation-uuid"> + mode="keep-value-property" + priority="7"> + priority="7"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="7"> + priority="7"> + as-type="token" + name="lifecycle" + key="lifecycle" + gi="lifecycle"> + mode="keep-value-property" + priority="7"> + priority="9"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="9"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="9"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="9"> + priority="12"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + mode="keep-value-property" + priority="12"> + priority="12"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start"> + mode="keep-value-property" + priority="12"> + priority="12"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end"> + mode="keep-value-property" + priority="12"> + priority="12"> + as-type="positiveInteger" + name="period" + key="period" + gi="period"> + mode="keep-value-property" + priority="12"> + priority="12"> + as-type="string" + name="unit" + key="unit" + gi="unit"> + mode="keep-value-property" + priority="12"> + priority="11"> + as-type="uuid" + name="task-uuid" + key="task-uuid" + gi="task-uuid"> + mode="keep-value-property" + priority="11"> + priority="11"> + as-type="uuid" + name="activity-uuid" + key="activity-uuid" + gi="activity-uuid"> + mode="keep-value-property" + priority="11"> + priority="8"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="uuid" + name="party-uuid" + key="party-uuid" + gi="party-uuid"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + mode="keep-value-property" + priority="10"> + priority="10"> + as-type="uuid" + name="response-uuid" + key="response-uuid" + gi="response-uuid"> + mode="keep-value-property" + priority="10"> + priority="7"> + as-type="uuid" + name="observation-uuid" + key="observation-uuid" + gi="observation-uuid"> + mode="keep-value-property" + priority="7"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="5"> + as-type="string" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + as-type="token" + name="target-id" + key="target-id" + gi="target-id"> + mode="keep-value-property" + priority="6"> + priority="7"> + as-type="token" + name="state" + key="state" + gi="state"> + mode="keep-value-property" + priority="7"> + priority="7"> + as-type="token" + name="reason" + key="reason" + gi="reason"> + mode="keep-value-property" + priority="7"> + priority="1"> + as-type="token" + name="state" + key="state" + gi="state"> + mode="keep-value-property" + priority="7"> + priority="7"> + as-type="uuid" + name="observation-uuid" + key="observation-uuid" + gi="observation-uuid"> + mode="keep-value-property" + priority="7"> + priority="7"> + as-type="uuid" + name="risk-uuid" + key="risk-uuid" + gi="risk-uuid"> + mode="keep-value-property" + priority="7"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="5"> + priority="7"> + as-type="uuid" + name="finding-uuid" + key="finding-uuid" + gi="finding-uuid"> + mode="keep-value-property" + priority="7"> + priority="7"> + as-type="uuid" + name="observation-uuid" + key="observation-uuid" + gi="observation-uuid"> + mode="keep-value-property" + priority="7"> + priority="7"> + as-type="uuid" + name="risk-uuid" + key="risk-uuid" + gi="risk-uuid"> + mode="keep-value-property" + priority="7"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="8"> + priority="3"> + as-type="string" + name="algorithm" + key="algorithm" + gi="algorithm"> + mode="keep-value-property" + priority="10"> + priority="7"> + as-type="token" + name="filename" + key="filename" + gi="filename"> + mode="keep-value-property" + priority="7"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="7"> + priority="4"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1883,22 +1883,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -1906,22 +1906,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -1929,22 +1929,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -1952,22 +1952,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -1975,14 +1975,14 @@ + mode="get-value-property" + priority="4"> + priority="5"> @@ -1997,14 +1997,14 @@ + priority="4"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -2012,15 +2012,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2028,22 +2028,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -2051,22 +2051,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -2074,22 +2074,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -2097,22 +2097,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -2120,22 +2120,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2143,41 +2143,41 @@ + mode="get-value-property" + priority="8"> + priority="5"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2185,14 +2185,14 @@ + mode="get-value-property" + priority="6"> + priority="5"> @@ -2206,15 +2206,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2222,22 +2222,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -2245,23 +2245,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2269,22 +2269,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2292,14 +2292,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -2315,15 +2315,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2331,14 +2331,14 @@ + mode="get-value-property" + priority="6"> + priority="6"> @@ -2354,34 +2354,34 @@ + priority="8"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="7"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -2389,22 +2389,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -2412,22 +2412,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -2435,22 +2435,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -2458,80 +2458,80 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="7"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2539,14 +2539,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -2566,15 +2566,15 @@ + priority="6"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -2582,22 +2582,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -2605,41 +2605,41 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="external-id" + gi="external-id"> + mode="get-value-property"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2647,52 +2647,52 @@ + mode="get-value-property" + priority="8"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="8"> @@ -2705,34 +2705,34 @@ + priority="10"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="9"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -2740,22 +2740,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -2763,22 +2763,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -2786,22 +2786,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -2809,41 +2809,41 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2851,22 +2851,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2874,22 +2874,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2897,22 +2897,22 @@ + mode="get-value-property" + priority="10"> + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2920,23 +2920,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2944,22 +2944,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -2967,22 +2967,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2990,14 +2990,14 @@ + mode="get-value-property" + priority="8"> + priority="6"> @@ -3009,15 +3009,15 @@ + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3025,22 +3025,22 @@ + mode="get-value-property" + priority="10"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3048,23 +3048,23 @@ + mode="get-value-property" + priority="8"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3072,22 +3072,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3095,22 +3095,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3118,14 +3118,14 @@ + mode="get-value-property" + priority="10"> + priority="7"> @@ -3137,15 +3137,15 @@ + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3153,22 +3153,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3176,22 +3176,22 @@ + mode="get-value-property" + priority="12"> + priority="7"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3199,23 +3199,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3223,22 +3223,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -3246,22 +3246,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3269,14 +3269,14 @@ + mode="get-value-property" + priority="9"> + priority="7"> @@ -3288,15 +3288,15 @@ + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3304,22 +3304,22 @@ + mode="get-value-property" + priority="11"> + priority="9"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3327,14 +3327,14 @@ + mode="get-value-property" + priority="9"> + priority="6"> @@ -3347,15 +3347,15 @@ + priority="7"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3363,22 +3363,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3386,14 +3386,14 @@ + mode="get-value-property" + priority="9"> + priority="8"> @@ -3405,15 +3405,15 @@ + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3421,22 +3421,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3444,22 +3444,22 @@ + mode="get-value-property" + priority="13"> + priority="5"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3467,23 +3467,23 @@ + mode="get-value-property" + priority="5"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3491,22 +3491,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3514,60 +3514,60 @@ + mode="get-value-property" + priority="7"> + priority="6"> + as-type="string" + name="method" + gi="method" + in-json="SCALAR"> + mode="get-value-property" + priority="6"> + priority="6"> + as-type="token" + name="type" + gi="type" + in-json="SCALAR"> + mode="get-value-property" + priority="6"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3575,22 +3575,22 @@ + mode="get-value-property" + priority="11"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3598,22 +3598,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3621,23 +3621,23 @@ + mode="get-value-property" + priority="13"> + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3645,22 +3645,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3668,22 +3668,22 @@ + mode="get-value-property" + priority="13"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3691,22 +3691,22 @@ + mode="get-value-property" + priority="16"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3714,19 +3714,19 @@ + mode="get-value-property" + priority="15"> + priority="9"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -3735,16 +3735,16 @@ + priority="12"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3752,22 +3752,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3775,22 +3775,22 @@ + mode="get-value-property" + priority="14"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3798,22 +3798,22 @@ + mode="get-value-property" + priority="17"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3821,14 +3821,14 @@ + mode="get-value-property" + priority="16"> + priority="6"> @@ -3841,15 +3841,15 @@ + priority="7"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3857,22 +3857,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3880,14 +3880,14 @@ + mode="get-value-property" + priority="9"> + priority="6"> @@ -3899,16 +3899,16 @@ + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3916,22 +3916,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3939,22 +3939,22 @@ + mode="get-value-property" + priority="9"> + priority="5"> + as-type="dateTime-with-timezone" + name="collected" + key="collected" + gi="collected" + in-json="SCALAR"> collected @@ -3962,22 +3962,22 @@ + mode="get-value-property" + priority="5"> + priority="5"> + as-type="dateTime-with-timezone" + name="expires" + key="expires" + gi="expires" + in-json="SCALAR"> expires @@ -3985,22 +3985,22 @@ + mode="get-value-property" + priority="5"> + priority="5"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4008,23 +4008,23 @@ + mode="get-value-property" + priority="5"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4032,23 +4032,23 @@ + mode="get-value-property" + priority="5"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="statement" + key="statement" + gi="statement" + in-json="SCALAR"> statement @@ -4056,22 +4056,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4079,22 +4079,22 @@ + mode="get-value-property" + priority="7"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4102,22 +4102,22 @@ + mode="get-value-property" + priority="11"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4125,22 +4125,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4148,23 +4148,23 @@ + mode="get-value-property" + priority="13"> + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4172,22 +4172,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4195,22 +4195,22 @@ + mode="get-value-property" + priority="13"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4218,22 +4218,22 @@ + mode="get-value-property" + priority="16"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4241,19 +4241,19 @@ + mode="get-value-property" + priority="15"> + priority="9"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -4262,16 +4262,16 @@ + priority="12"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4279,22 +4279,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4302,22 +4302,22 @@ + mode="get-value-property" + priority="14"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4325,22 +4325,22 @@ + mode="get-value-property" + priority="17"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4348,22 +4348,22 @@ + mode="get-value-property" + priority="16"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4371,22 +4371,22 @@ + mode="get-value-property" + priority="9"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4394,22 +4394,22 @@ + mode="get-value-property" + priority="12"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4417,22 +4417,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4440,23 +4440,23 @@ + mode="get-value-property" + priority="14"> + priority="12"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4464,22 +4464,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4487,22 +4487,22 @@ + mode="get-value-property" + priority="14"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4510,22 +4510,22 @@ + mode="get-value-property" + priority="17"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4533,19 +4533,19 @@ + mode="get-value-property" + priority="16"> + priority="10"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -4554,16 +4554,16 @@ + priority="13"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4571,22 +4571,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4594,22 +4594,22 @@ + mode="get-value-property" + priority="15"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4617,22 +4617,22 @@ + mode="get-value-property" + priority="18"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4640,14 +4640,14 @@ + mode="get-value-property" + priority="17"> + priority="8"> @@ -4660,15 +4660,15 @@ + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4676,14 +4676,14 @@ + mode="get-value-property" + priority="11"> + priority="6"> @@ -4696,16 +4696,16 @@ + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4713,22 +4713,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4736,14 +4736,14 @@ + mode="get-value-property" + priority="9"> + priority="8"> @@ -4756,15 +4756,15 @@ + priority="9"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4772,22 +4772,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4795,22 +4795,22 @@ + mode="get-value-property" + priority="11"> + priority="5"> + as-type="dateTime-with-timezone" + name="deadline" + key="deadline" + gi="deadline" + in-json="SCALAR"> deadline @@ -4818,14 +4818,14 @@ + mode="get-value-property" + priority="5"> + priority="6"> @@ -4842,15 +4842,15 @@ + priority="7"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -4858,23 +4858,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4882,22 +4882,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4905,22 +4905,22 @@ + mode="get-value-property" + priority="9"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4928,22 +4928,22 @@ + mode="get-value-property" + priority="13"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4951,22 +4951,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4974,23 +4974,23 @@ + mode="get-value-property" + priority="15"> + priority="13"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4998,22 +4998,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5021,22 +5021,22 @@ + mode="get-value-property" + priority="15"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5044,22 +5044,22 @@ + mode="get-value-property" + priority="18"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5067,19 +5067,19 @@ + mode="get-value-property" + priority="17"> + priority="11"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -5088,16 +5088,16 @@ + priority="14"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -5105,22 +5105,22 @@ + mode="get-value-property" + priority="14"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5128,22 +5128,22 @@ + mode="get-value-property" + priority="16"> + priority="19"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5151,22 +5151,22 @@ + mode="get-value-property" + priority="19"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5174,14 +5174,14 @@ + mode="get-value-property" + priority="18"> + priority="8"> @@ -5195,7 +5195,7 @@ + priority="10"> @@ -5208,15 +5208,15 @@ + priority="11"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5224,22 +5224,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5247,22 +5247,22 @@ + mode="get-value-property" + priority="13"> + priority="9"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5270,23 +5270,23 @@ + mode="get-value-property" + priority="9"> + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -5294,22 +5294,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5317,22 +5317,22 @@ + mode="get-value-property" + priority="11"> + priority="9"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5340,23 +5340,23 @@ + mode="get-value-property" + priority="9"> + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -5364,22 +5364,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5387,14 +5387,14 @@ + mode="get-value-property" + priority="11"> + priority="9"> @@ -5407,7 +5407,7 @@ + priority="11"> @@ -5418,13 +5418,13 @@ + priority="11"> + name="within-date-range" + key="within-date-range" + gi="within-date-range"> within-date-range @@ -5433,13 +5433,13 @@ + priority="11"> + name="at-frequency" + key="at-frequency" + gi="at-frequency"> at-frequency @@ -5448,7 +5448,7 @@ + priority="10"> @@ -5457,7 +5457,7 @@ + priority="10"> @@ -5470,15 +5470,15 @@ + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5486,22 +5486,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5509,23 +5509,23 @@ + mode="get-value-property" + priority="15"> + priority="13"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -5533,22 +5533,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5556,22 +5556,22 @@ + mode="get-value-property" + priority="15"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5579,22 +5579,22 @@ + mode="get-value-property" + priority="18"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5602,23 +5602,23 @@ + mode="get-value-property" + priority="17"> + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -5626,22 +5626,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5649,22 +5649,22 @@ + mode="get-value-property" + priority="13"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5672,22 +5672,22 @@ + mode="get-value-property" + priority="16"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5695,22 +5695,22 @@ + mode="get-value-property" + priority="15"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5718,14 +5718,14 @@ + mode="get-value-property" + priority="13"> + priority="5"> @@ -5736,7 +5736,7 @@ + priority="7"> @@ -5754,15 +5754,15 @@ + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5770,23 +5770,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -5794,22 +5794,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="dateTime-with-timezone" + name="start" + key="start" + gi="start" + in-json="SCALAR"> start @@ -5817,22 +5817,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="dateTime-with-timezone" + name="end" + key="end" + gi="end" + in-json="SCALAR"> end @@ -5840,22 +5840,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5863,14 +5863,14 @@ + mode="get-value-property" + priority="10"> + priority="9"> @@ -5882,15 +5882,15 @@ + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5898,22 +5898,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5921,22 +5921,22 @@ + mode="get-value-property" + priority="14"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5944,23 +5944,23 @@ + mode="get-value-property" + priority="16"> + priority="14"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -5968,22 +5968,22 @@ + mode="get-value-property" + priority="14"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5991,22 +5991,22 @@ + mode="get-value-property" + priority="16"> + priority="19"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6014,22 +6014,22 @@ + mode="get-value-property" + priority="19"> + priority="18"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6037,19 +6037,19 @@ + mode="get-value-property" + priority="18"> + priority="12"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -6058,16 +6058,16 @@ + priority="15"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -6075,22 +6075,22 @@ + mode="get-value-property" + priority="15"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6098,22 +6098,22 @@ + mode="get-value-property" + priority="17"> + priority="20"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6121,22 +6121,22 @@ + mode="get-value-property" + priority="20"> + priority="19"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6144,14 +6144,14 @@ + mode="get-value-property" + priority="19"> + priority="6"> @@ -6159,15 +6159,15 @@ + priority="5"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6175,23 +6175,23 @@ + mode="get-value-property" + priority="5"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -6199,22 +6199,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6222,22 +6222,22 @@ + mode="get-value-property" + priority="7"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6245,22 +6245,22 @@ + mode="get-value-property" + priority="11"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6268,22 +6268,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6291,23 +6291,23 @@ + mode="get-value-property" + priority="13"> + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -6315,22 +6315,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6338,22 +6338,22 @@ + mode="get-value-property" + priority="13"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6361,22 +6361,22 @@ + mode="get-value-property" + priority="16"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6384,19 +6384,19 @@ + mode="get-value-property" + priority="15"> + priority="9"> + key="identified-subject" + gi="identified-subject"> identified-subject @@ -6405,16 +6405,16 @@ + priority="12"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -6422,22 +6422,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6445,22 +6445,22 @@ + mode="get-value-property" + priority="14"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6468,22 +6468,22 @@ + mode="get-value-property" + priority="17"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6491,22 +6491,22 @@ + mode="get-value-property" + priority="16"> + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6514,23 +6514,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -6538,22 +6538,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6561,14 +6561,14 @@ + mode="get-value-property" + priority="8"> + priority="6"> @@ -6581,15 +6581,15 @@ + priority="5"> + as-type="uuid" + name="implementation-statement-uuid" + key="implementation-statement-uuid" + gi="implementation-statement-uuid" + in-json="SCALAR"> implementation-statement-uuid @@ -6597,14 +6597,14 @@ + mode="get-value-property" + priority="5"> + priority="6"> @@ -6612,7 +6612,7 @@ + priority="6"> @@ -6620,15 +6620,15 @@ + priority="5"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6636,23 +6636,23 @@ + mode="get-value-property" + priority="5"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -6660,22 +6660,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6683,14 +6683,14 @@ + mode="get-value-property" + priority="7"> + priority="6"> @@ -6698,15 +6698,15 @@ + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6714,14 +6714,14 @@ + mode="get-value-property" + priority="11"> + priority="6"> @@ -6729,7 +6729,7 @@ + priority="6"> @@ -6737,7 +6737,7 @@ + priority="6"> @@ -6745,7 +6745,7 @@ + priority="5"> @@ -6761,15 +6761,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -6777,23 +6777,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -6801,33 +6801,33 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> @@ -6840,15 +6840,15 @@ + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6856,22 +6856,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -6879,14 +6879,14 @@ + mode="get-value-property" + priority="9"> + priority="7"> @@ -6896,14 +6896,14 @@ + priority="6"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -6914,7 +6914,7 @@ + mode="get-value-property"> @@ -6928,8 +6928,8 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + match="value[@as-type=('markup-line')]"> @@ -6939,8 +6939,8 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + match="value[@as-type=('markup-multiline')]"> @@ -6969,15 +6969,15 @@ + group-starting-with=".[matches(., '^```')]"> + select="not((position() mod 2) + number($starts-with-code))"/>

    + expand-text="true" + select="(replace(.,'^```','') ! normalize-space(.))[matches(.,'\S')]"/> @@ -7008,9 +7008,9 @@ + priority="1" + match="p[exists(@code)]" + expand-text="true">

              
                 language-{.}
    @@ -7048,8 +7048,8 @@
           
        
        
    +                  priority="5"
    +                  mode="make-row"/>
        
           
              
    @@ -7060,7 +7060,7 @@
           
        
        
    +                  mode="make-row">
           
              
                 
    @@ -7079,9 +7079,9 @@
        
           
              
    +                              select="tokenize(., '\n')">
                 
  • + type="{ if (matches(.,'\s*\d')) then 'ol' else 'ul' }">
    @@ -7095,7 +7095,7 @@ + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -7109,9 +7109,9 @@ + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + group-starting-with="li[(@level = $level) or not(@type = preceding-sibling::*[1]/@type)]">
  • @@ -7290,40 +7290,40 @@ { insertion } + elements="s:*"/> + elements="s:flag s:value"/> + name="write-xml"/> + match="s:*[exists(@gi)]" + mode="write-xml"> + match="s:value[@as-type=('markup-line','markup-multiline')]" + mode="write-xml"> + match="p | ul | ol | pre | h1 | h2 | h3 | h4 | h5 | h6 | table" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + priority="2" + match="s:flag" + mode="write-xml"> + match="*" + mode="cast-prose"> diff --git a/xml/convert/oscal_profile_json-to-xml-converter.xsl b/xml/convert/oscal_profile_json-to-xml-converter.xsl index 5bef8f2efa..ee852500d4 100644 --- a/xml/convert/oscal_profile_json-to-xml-converter.xsl +++ b/xml/convert/oscal_profile_json-to-xml-converter.xsl @@ -1,12 +1,12 @@ + xmlns:j="http://www.w3.org/2005/xpath-functions" + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsl="http://www.w3.org/1999/XSL/Transform" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + version="3.0" + exclude-result-prefixes="#all"> @@ -31,7 +31,7 @@ + select="unparsed-text($file) ! json-to-xml(.)"> {{ $err:description }} @@ -193,9 +193,9 @@ + name="include-all" + key="include-all" + gi="include-all"> include-all @@ -323,12 +323,12 @@ + collapsible="no" + as-type="markup-multiline" + name="remarks" + key="remarks" + gi="remarks" + in-json="SCALAR"> remarks @@ -336,8 +336,8 @@ + mode="get-value-property" + priority="8"> @@ -346,16 +346,16 @@ + as-type="uuid" + name="location-uuid" + gi="location-uuid" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> @@ -364,16 +364,16 @@ + as-type="uuid" + name="party-uuid" + gi="party-uuid" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> @@ -382,16 +382,16 @@ + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + mode="get-value-property" + priority="12"> @@ -412,708 +412,708 @@ + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="3"> + as-type="token" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="8"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="value" + key="value" + gi="value"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="group" + key="group" + gi="group"> + mode="keep-value-property" + priority="8"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="rel" + key="rel" + gi="rel"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="string" + name="resource-fragment" + key="resource-fragment" + gi="resource-fragment"> + mode="keep-value-property" + priority="8"> + priority="6"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + mode="keep-value-property" + priority="6"> + priority="6"> + mode="keep-value-property" + priority="6"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + as-type="token" + name="location-type" + key="type" + gi="type"> + mode="keep-value-property" + priority="7"> + priority="8"> + as-type="string" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="8"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="6"> + as-type="string" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uri" + name="system" + key="system" + gi="system"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="5"> + as-type="token" + name="with-child-controls" + key="with-child-controls" + gi="with-child-controls"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="pattern" + key="pattern" + gi="pattern"> + mode="keep-value-property" + priority="10"> + priority="5"> + as-type="string" + name="method" + key="method" + gi="method"> + mode="keep-value-property" + priority="5"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="8"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="token" + name="depends-on" + key="depends-on" + deprecated="1.0.1" + gi="depends-on"> + mode="keep-value-property" + priority="10"> + as-type="token" + name="how-many" + key="how-many" + gi="how-many"> + mode="keep-value-property" + priority="12"> + mode="keep-value-property" + priority="10"> + as-type="token" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="10"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + mode="keep-value-property" + priority="10"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="token" + name="order" + key="order" + gi="order"> + mode="keep-value-property" + priority="11"> + priority="6"> + as-type="token" + name="param-id" + key="param-id" + gi="param-id"> + mode="keep-value-property" + priority="6"> + priority="6"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="6"> + priority="6"> + as-type="token" + name="depends-on" + key="depends-on" + deprecated="1.0.1" + gi="depends-on"> + mode="keep-value-property" + priority="6"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="token" + name="by-name" + key="by-name" + gi="by-name"> + mode="keep-value-property" + priority="8"> + priority="8"> + as-type="token" + name="by-class" + key="by-class" + gi="by-class"> + mode="keep-value-property" + priority="8"> + priority="8"> + as-type="token" + name="by-id" + key="by-id" + gi="by-id"> + mode="keep-value-property" + priority="8"> + priority="8"> + as-type="token" + name="by-item-name" + key="by-item-name" + gi="by-item-name"> + mode="keep-value-property" + priority="8"> + priority="8"> + as-type="token" + name="by-ns" + key="by-ns" + gi="by-ns"> + mode="keep-value-property" + priority="8"> + priority="8"> + as-type="token" + name="position" + key="position" + default="ending" + gi="position"> + mode="keep-value-property" + priority="8"> + priority="8"> + as-type="token" + name="by-id" + key="by-id" + gi="by-id"> + mode="keep-value-property" + priority="8"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="8"> + priority="3"> + as-type="string" + name="algorithm" + key="algorithm" + gi="algorithm"> + mode="keep-value-property" + priority="10"> + priority="7"> + as-type="token" + name="filename" + key="filename" + gi="filename"> + mode="keep-value-property" + priority="7"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="7"> + priority="4"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1121,22 +1121,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -1144,22 +1144,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -1167,22 +1167,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -1190,22 +1190,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -1213,14 +1213,14 @@ + mode="get-value-property" + priority="4"> + priority="5"> @@ -1235,14 +1235,14 @@ + priority="4"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -1250,15 +1250,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1266,22 +1266,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -1289,22 +1289,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -1312,22 +1312,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -1335,22 +1335,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -1358,22 +1358,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1381,41 +1381,41 @@ + mode="get-value-property" + priority="8"> + priority="5"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1423,14 +1423,14 @@ + mode="get-value-property" + priority="6"> + priority="5"> @@ -1444,15 +1444,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1460,22 +1460,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -1483,23 +1483,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -1507,22 +1507,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1530,14 +1530,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -1553,15 +1553,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1569,14 +1569,14 @@ + mode="get-value-property" + priority="6"> + priority="6"> @@ -1592,34 +1592,34 @@ + priority="8"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="7"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -1627,22 +1627,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -1650,22 +1650,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -1673,22 +1673,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -1696,80 +1696,80 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="7"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1777,14 +1777,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -1804,15 +1804,15 @@ + priority="6"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -1820,22 +1820,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -1843,41 +1843,41 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="external-id" + gi="external-id"> + mode="get-value-property"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1885,52 +1885,52 @@ + mode="get-value-property" + priority="8"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="8"> @@ -1943,34 +1943,34 @@ + priority="10"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="9"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -1978,22 +1978,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -2001,22 +2001,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -2024,22 +2024,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -2047,41 +2047,41 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2089,22 +2089,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2112,22 +2112,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2135,14 +2135,14 @@ + mode="get-value-property" + priority="10"> + priority="7"> @@ -2152,26 +2152,26 @@ + priority="9"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + mode="get-value-property" + priority="9"> + priority="9"> @@ -2179,7 +2179,7 @@ + priority="6"> @@ -2189,26 +2189,26 @@ + priority="8"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="8"> @@ -2216,7 +2216,7 @@ + priority="4"> @@ -2227,7 +2227,7 @@ + priority="5"> @@ -2237,15 +2237,15 @@ + priority="5"> + as-type="boolean" + name="as-is" + key="as-is" + gi="as-is" + in-json="SCALAR"> as-is @@ -2253,14 +2253,14 @@ + mode="get-value-property" + priority="5"> + priority="5"> @@ -2272,15 +2272,15 @@ + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2288,22 +2288,22 @@ + mode="get-value-property" + priority="8"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2311,22 +2311,22 @@ + mode="get-value-property" + priority="12"> + priority="10"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -2334,23 +2334,23 @@ + mode="get-value-property" + priority="10"> + priority="10"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage @@ -2358,23 +2358,23 @@ + mode="get-value-property" + priority="10"> + priority="12"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2382,14 +2382,14 @@ + mode="get-value-property" + priority="12"> + priority="13"> @@ -2398,15 +2398,15 @@ + priority="14"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -2414,65 +2414,65 @@ + mode="get-value-property" + priority="14"> + match="j:map[@key='profile']/j:map[@key='merge']/j:map[@key='custom']//j:array[@key='groups']/j:map/j:array[@key='params']/j:map/j:array[@key='guidelines']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + in-json="string"> + priority="13"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + mode="get-value-property" + priority="13"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2480,22 +2480,22 @@ + mode="get-value-property" + priority="10"> + priority="10"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2503,46 +2503,46 @@ + mode="get-value-property" + priority="10"> + match="j:map[@key='profile']/j:map[@key='merge']/j:map[@key='custom']//j:array[@key='groups']/j:map//j:array[@key='parts']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/part/prose" + _metaschema-json-id="/assembly/oscal-control-common/part/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE" + in-json="string"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2550,14 +2550,14 @@ + mode="get-value-property" + priority="12"> + priority="13"> @@ -2567,26 +2567,26 @@ + priority="15"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + mode="get-value-property" + priority="15"> + priority="15"> @@ -2594,7 +2594,7 @@ + priority="12"> @@ -2604,26 +2604,26 @@ + priority="14"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + mode="get-value-property" + priority="14"> + priority="14"> @@ -2631,7 +2631,7 @@ + priority="10"> @@ -2641,26 +2641,26 @@ + priority="12"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + mode="get-value-property" + priority="12"> + priority="12"> @@ -2668,7 +2668,7 @@ + priority="9"> @@ -2678,26 +2678,26 @@ + priority="11"> + as-type="token" + name="with-id" + gi="with-id" + in-json="SCALAR"> + mode="get-value-property" + priority="11"> + priority="11"> @@ -2705,7 +2705,7 @@ + priority="5"> @@ -2723,15 +2723,15 @@ + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2739,22 +2739,22 @@ + mode="get-value-property" + priority="8"> + priority="6"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -2762,23 +2762,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage @@ -2786,23 +2786,23 @@ + mode="get-value-property" + priority="6"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2810,14 +2810,14 @@ + mode="get-value-property" + priority="8"> + priority="9"> @@ -2826,15 +2826,15 @@ + priority="10"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -2842,57 +2842,57 @@ + mode="get-value-property" + priority="10"> + match="j:map[@key='profile']/j:map[@key='modify']/j:array[@key='set-parameters']/j:map/j:array[@key='guidelines']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + in-json="string"> + priority="9"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + mode="get-value-property" + priority="9"> + priority="5"> @@ -2902,7 +2902,7 @@ + priority="7"> @@ -2914,7 +2914,7 @@ + priority="7"> @@ -2928,15 +2928,15 @@ + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2944,22 +2944,22 @@ + mode="get-value-property" + priority="8"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2967,22 +2967,22 @@ + mode="get-value-property" + priority="12"> + priority="10"> + as-type="markup-line" + name="label" + key="label" + gi="label" + in-json="SCALAR"> label @@ -2990,23 +2990,23 @@ + mode="get-value-property" + priority="10"> + priority="10"> + collapsible="no" + as-type="markup-multiline" + name="usage" + key="usage" + gi="usage" + in-json="SCALAR"> usage @@ -3014,23 +3014,23 @@ + mode="get-value-property" + priority="10"> + priority="12"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3038,14 +3038,14 @@ + mode="get-value-property" + priority="12"> + priority="13"> @@ -3054,15 +3054,15 @@ + priority="14"> + as-type="string" + name="expression" + key="expression" + gi="expression" + in-json="SCALAR"> expression @@ -3070,65 +3070,65 @@ + mode="get-value-property" + priority="14"> + match="j:map[@key='profile']/j:map[@key='modify']/j:array[@key='alters']/j:map/j:array[@key='adds']/j:map/j:array[@key='params']/j:map/j:array[@key='guidelines']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/parameter-guideline/prose/PROSE" + in-json="string"> + priority="13"> + as-type="markup-line" + name="parameter-choice" + gi="choice" + in-json="SCALAR"> + mode="get-value-property" + priority="13"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3136,22 +3136,22 @@ + mode="get-value-property" + priority="10"> + priority="10"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3159,46 +3159,46 @@ + mode="get-value-property" + priority="10"> + match="j:map[@key='profile']/j:map[@key='modify']/j:array[@key='alters']/j:map/j:array[@key='adds']/j:map//j:array[@key='parts']/j:map/j:string[@key='prose']"> + _step="prose" + _key="prose" + _metaschema-xml-id="/assembly/oscal-control-common/part/prose" + _metaschema-json-id="/assembly/oscal-control-common/part/prose" + in-xml="UNWRAPPED" + collapsible="no" + as-type="markup-multiline" + name="prose" + key="prose" + _using-name="prose" + _in-xml-name="p ul ol pre table h1 h2 h3 h4 h5 h6" + _in-json-name="prose"> + _metaschema-xml-id="/assembly/oscal-control-common/part/prose/PROSE" + _metaschema-json-id="/assembly/oscal-control-common/part/prose/PROSE" + in-json="string"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3206,14 +3206,14 @@ + mode="get-value-property" + priority="12"> + priority="5"> @@ -3229,15 +3229,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3245,23 +3245,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3269,33 +3269,33 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> @@ -3308,15 +3308,15 @@ + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3324,22 +3324,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3347,14 +3347,14 @@ + mode="get-value-property" + priority="9"> + priority="7"> @@ -3364,14 +3364,14 @@ + priority="6"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -3382,7 +3382,7 @@ + mode="get-value-property"> @@ -3396,8 +3396,8 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + match="value[@as-type=('markup-line')]"> @@ -3407,8 +3407,8 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + match="value[@as-type=('markup-multiline')]"> @@ -3437,15 +3437,15 @@ + group-starting-with=".[matches(., '^```')]"> + select="not((position() mod 2) + number($starts-with-code))"/>

    + expand-text="true" + select="(replace(.,'^```','') ! normalize-space(.))[matches(.,'\S')]"/> @@ -3476,9 +3476,9 @@ + priority="1" + match="p[exists(@code)]" + expand-text="true">

              
                 language-{.}
    @@ -3516,8 +3516,8 @@
           
        
        
    +                  priority="5"
    +                  mode="make-row"/>
        
           
              
    @@ -3528,7 +3528,7 @@
           
        
        
    +                  mode="make-row">
           
              
                 
    @@ -3547,9 +3547,9 @@
        
           
              
    +                              select="tokenize(., '\n')">
                 
  • + type="{ if (matches(.,'\s*\d')) then 'ol' else 'ul' }">
    @@ -3563,7 +3563,7 @@ + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -3577,9 +3577,9 @@ + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + group-starting-with="li[(@level = $level) or not(@type = preceding-sibling::*[1]/@type)]">
  • @@ -3758,40 +3758,40 @@ { insertion } + elements="s:*"/> + elements="s:flag s:value"/> + name="write-xml"/> + match="s:*[exists(@gi)]" + mode="write-xml"> + match="s:value[@as-type=('markup-line','markup-multiline')]" + mode="write-xml"> + match="p | ul | ol | pre | h1 | h2 | h3 | h4 | h5 | h6 | table" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + priority="2" + match="s:flag" + mode="write-xml"> + match="*" + mode="cast-prose"> diff --git a/xml/convert/oscal_ssp_json-to-xml-converter.xsl b/xml/convert/oscal_ssp_json-to-xml-converter.xsl index 8b2f1df39a..3eb88a7eb1 100644 --- a/xml/convert/oscal_ssp_json-to-xml-converter.xsl +++ b/xml/convert/oscal_ssp_json-to-xml-converter.xsl @@ -1,12 +1,12 @@ + xmlns:j="http://www.w3.org/2005/xpath-functions" + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsl="http://www.w3.org/1999/XSL/Transform" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + version="3.0" + exclude-result-prefixes="#all"> @@ -31,7 +31,7 @@ + select="unparsed-text($file) ! json-to-xml(.)"> {{ $err:description }} @@ -92,8 +92,8 @@ + key="system-security-plan" + gi="system-security-plan"> system-security-plan @@ -197,8 +197,8 @@ + key="system-characteristics" + gi="system-characteristics"> system-characteristics @@ -224,8 +224,8 @@ + key="system-information" + gi="system-information"> system-information @@ -238,8 +238,8 @@ + key="confidentiality-impact" + gi="confidentiality-impact"> confidentiality-impact @@ -282,8 +282,8 @@ + key="security-impact-level" + gi="security-impact-level"> security-impact-level @@ -296,8 +296,8 @@ + key="authorization-boundary" + gi="authorization-boundary"> authorization-boundary @@ -324,8 +324,8 @@ + key="network-architecture" + gi="network-architecture"> network-architecture @@ -354,8 +354,8 @@ + key="system-implementation" + gi="system-implementation"> system-implementation @@ -483,8 +483,8 @@ + key="implementation-status" + gi="implementation-status"> implementation-status @@ -506,12 +506,12 @@ + collapsible="no" + as-type="markup-multiline" + name="remarks" + key="remarks" + gi="remarks" + in-json="SCALAR"> remarks @@ -519,8 +519,8 @@ + mode="get-value-property" + priority="8"> @@ -529,16 +529,16 @@ + as-type="uuid" + name="location-uuid" + gi="location-uuid" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> @@ -547,16 +547,16 @@ + as-type="uuid" + name="party-uuid" + gi="party-uuid" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> @@ -565,9 +565,9 @@ + as-type="string" + name="system-id" + gi="system-id"> @@ -582,16 +582,16 @@ + as-type="token" + name="role-id" + gi="role-id" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> @@ -600,16 +600,16 @@ + as-type="string" + name="function-performed" + gi="function-performed" + in-json="SCALAR"> + mode="get-value-property" + priority="9"> @@ -629,823 +629,823 @@ + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="3"> + as-type="token" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="8"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + as-type="uri" + name="ns" + key="ns" + default="http://csrc.nist.gov/ns/oscal" + gi="ns"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="value" + key="value" + gi="value"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="class" + key="class" + gi="class"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="group" + key="group" + gi="group"> + mode="keep-value-property" + priority="8"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="rel" + key="rel" + gi="rel"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="string" + name="resource-fragment" + key="resource-fragment" + gi="resource-fragment"> + mode="keep-value-property" + priority="8"> + priority="6"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + mode="keep-value-property" + priority="6"> + priority="6"> + mode="keep-value-property" + priority="6"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + as-type="token" + name="location-type" + key="type" + gi="type"> + mode="keep-value-property" + priority="7"> + priority="8"> + as-type="string" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="8"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="6"> + as-type="string" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uri" + name="scheme" + key="scheme" + gi="scheme"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="dateTime-with-timezone" + name="date" + key="date" + gi="date"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="token" + name="type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uri" + name="system" + key="system" + gi="system"> + mode="keep-value-property" + priority="6"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="4"> + priority="1"> + as-type="uri" + name="identifier-type" + key="identifier-type" + gi="identifier-type"> + mode="keep-value-property" + priority="6"> + priority="7"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="7"> + priority="9"> + as-type="uri" + name="system" + key="system" + gi="system"> + mode="keep-value-property" + priority="9"> + priority="5"> + as-type="string" + name="state" + key="state" + gi="state"> + mode="keep-value-property" + priority="5"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="7"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + as-type="string" + name="system-component-type" + key="type" + gi="type"> + mode="keep-value-property" + priority="6"> + priority="7"> + as-type="token" + name="state" + key="state" + gi="state"> + mode="keep-value-property" + priority="7"> + priority="1"> + as-type="token" + name="role-id" + key="role-id" + gi="role-id"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="string" + name="name" + key="name" + gi="name"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="nonNegativeInteger" + name="start" + key="start" + gi="start"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="nonNegativeInteger" + name="end" + key="end" + gi="end"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="token" + name="transport" + key="transport" + gi="transport"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + mode="keep-value-property" + priority="8"> + as-type="token" + name="param-id" + key="param-id" + gi="param-id"> + mode="keep-value-property" + priority="6"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + as-type="token" + name="control-id" + key="control-id" + gi="control-id"> + mode="keep-value-property" + priority="6"> + as-type="token" + name="statement-id" + key="statement-id" + gi="statement-id"> + mode="keep-value-property" + priority="8"> + priority="8"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="8"> + priority="1"> + as-type="uuid" + name="component-uuid" + key="component-uuid" + gi="component-uuid"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="10"> + priority="1"> + as-type="token" + name="state" + key="state" + gi="state"> + mode="keep-value-property" + priority="11"> + priority="13"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="13"> + priority="13"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="13"> + as-type="uuid" + name="provided-uuid" + key="provided-uuid" + gi="provided-uuid"> + mode="keep-value-property" + priority="13"> + priority="12"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="12"> + as-type="uuid" + name="provided-uuid" + key="provided-uuid" + gi="provided-uuid"> + mode="keep-value-property" + priority="12"> + priority="12"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="12"> + as-type="uuid" + name="responsibility-uuid" + key="responsibility-uuid" + gi="responsibility-uuid"> + mode="keep-value-property" + priority="12"> + priority="6"> + as-type="uuid" + name="uuid" + key="uuid" + gi="uuid"> + mode="keep-value-property" + priority="6"> + priority="8"> + as-type="uri-reference" + name="href" + key="href" + gi="href"> + mode="keep-value-property" + priority="8"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="8"> + priority="3"> + as-type="string" + name="algorithm" + key="algorithm" + gi="algorithm"> + mode="keep-value-property" + priority="10"> + priority="7"> + as-type="token" + name="filename" + key="filename" + gi="filename"> + mode="keep-value-property" + priority="7"> + as-type="string" + name="media-type" + key="media-type" + gi="media-type"> + mode="keep-value-property" + priority="7"> + priority="4"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1453,22 +1453,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -1476,22 +1476,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -1499,22 +1499,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -1522,22 +1522,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -1545,14 +1545,14 @@ + mode="get-value-property" + priority="4"> + priority="5"> @@ -1567,14 +1567,14 @@ + priority="4"> + gi="revisions" + group-json="ARRAY" + name="revision" + key="revisions"> revisions @@ -1582,15 +1582,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1598,22 +1598,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="published" + key="published" + gi="published" + in-json="SCALAR"> published @@ -1621,22 +1621,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="dateTime-with-timezone" + name="last-modified" + key="last-modified" + gi="last-modified" + in-json="SCALAR"> last-modified @@ -1644,22 +1644,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="version" + key="version" + gi="version" + in-json="SCALAR"> version @@ -1667,22 +1667,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="oscal-version" + key="oscal-version" + gi="oscal-version" + in-json="SCALAR"> oscal-version @@ -1690,22 +1690,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1713,41 +1713,41 @@ + mode="get-value-property" + priority="8"> + priority="5"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1755,14 +1755,14 @@ + mode="get-value-property" + priority="6"> + priority="5"> @@ -1776,15 +1776,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1792,22 +1792,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -1815,23 +1815,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -1839,22 +1839,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -1862,14 +1862,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -1885,15 +1885,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -1901,14 +1901,14 @@ + mode="get-value-property" + priority="6"> + priority="6"> @@ -1924,34 +1924,34 @@ + priority="8"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="8"> + priority="7"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -1959,22 +1959,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -1982,22 +1982,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -2005,22 +2005,22 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -2028,80 +2028,80 @@ + mode="get-value-property" + priority="7"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="7"> + as-type="uri" + name="url" + deprecated="1.1.0" + gi="url" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2109,14 +2109,14 @@ + mode="get-value-property" + priority="8"> + priority="5"> @@ -2136,15 +2136,15 @@ + priority="6"> + as-type="string" + name="name" + key="name" + gi="name" + in-json="SCALAR"> name @@ -2152,22 +2152,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -2175,41 +2175,41 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="external-id" + gi="external-id"> + mode="get-value-property"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2217,52 +2217,52 @@ + mode="get-value-property" + priority="8"> + priority="7"> + as-type="email" + name="email-address" + gi="email-address" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="7"> + as-type="string" + name="telephone-number" + gi="telephone-number"> + mode="get-value-property"> + priority="8"> @@ -2275,34 +2275,34 @@ + priority="10"> + as-type="string" + name="addr-line" + gi="addr-line" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="9"> + as-type="string" + name="city" + key="city" + gi="city" + in-json="SCALAR"> city @@ -2310,22 +2310,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="state" + key="state" + gi="state" + in-json="SCALAR"> state @@ -2333,22 +2333,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="postal-code" + key="postal-code" + gi="postal-code" + in-json="SCALAR"> postal-code @@ -2356,22 +2356,22 @@ + mode="get-value-property" + priority="9"> + priority="9"> + as-type="string" + name="country" + key="country" + gi="country" + in-json="SCALAR"> country @@ -2379,41 +2379,41 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="uuid" + name="member-of-organization" + gi="member-of-organization" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2421,22 +2421,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2444,22 +2444,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2467,22 +2467,22 @@ + mode="get-value-property" + priority="10"> + priority="4"> + as-type="string" + name="system-name" + key="system-name" + gi="system-name" + in-json="SCALAR"> system-name @@ -2490,22 +2490,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="system-name-short" + key="system-name-short" + gi="system-name-short" + in-json="SCALAR"> system-name-short @@ -2513,23 +2513,23 @@ + mode="get-value-property" + priority="4"> + priority="4"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2537,22 +2537,22 @@ + mode="get-value-property" + priority="4"> + priority="6"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2560,22 +2560,22 @@ + mode="get-value-property" + priority="6"> + priority="4"> + as-type="date" + name="date-authorized" + key="date-authorized" + gi="date-authorized" + in-json="SCALAR"> date-authorized @@ -2583,22 +2583,22 @@ + mode="get-value-property" + priority="4"> + priority="4"> + as-type="string" + name="security-sensitivity-level" + key="security-sensitivity-level" + gi="security-sensitivity-level" + in-json="SCALAR"> security-sensitivity-level @@ -2606,22 +2606,22 @@ + mode="get-value-property" + priority="4"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2629,14 +2629,14 @@ + mode="get-value-property" + priority="7"> + priority="6"> @@ -2652,15 +2652,15 @@ + priority="7"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -2668,23 +2668,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -2692,14 +2692,14 @@ + mode="get-value-property" + priority="7"> + priority="8"> @@ -2708,34 +2708,34 @@ + priority="10"> + as-type="string" + name="information-type-id" + gi="information-type-id" + in-json="SCALAR"> + mode="get-value-property" + priority="10"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2743,22 +2743,22 @@ + mode="get-value-property" + priority="9"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2766,22 +2766,22 @@ + mode="get-value-property" + priority="10"> + priority="8"> + as-type="string" + name="base" + key="base" + gi="base" + in-json="SCALAR"> base @@ -2789,22 +2789,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="string" + name="selected" + key="selected" + gi="selected" + in-json="SCALAR"> selected @@ -2812,23 +2812,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="adjustment-justification" + key="adjustment-justification" + gi="adjustment-justification" + in-json="SCALAR"> adjustment-justification @@ -2836,22 +2836,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2859,22 +2859,22 @@ + mode="get-value-property" + priority="10"> + priority="8"> + as-type="string" + name="base" + key="base" + gi="base" + in-json="SCALAR"> base @@ -2882,22 +2882,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="string" + name="selected" + key="selected" + gi="selected" + in-json="SCALAR"> selected @@ -2905,23 +2905,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="adjustment-justification" + key="adjustment-justification" + gi="adjustment-justification" + in-json="SCALAR"> adjustment-justification @@ -2929,22 +2929,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -2952,22 +2952,22 @@ + mode="get-value-property" + priority="10"> + priority="8"> + as-type="string" + name="base" + key="base" + gi="base" + in-json="SCALAR"> base @@ -2975,22 +2975,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="string" + name="selected" + key="selected" + gi="selected" + in-json="SCALAR"> selected @@ -2998,23 +2998,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="adjustment-justification" + key="adjustment-justification" + gi="adjustment-justification" + in-json="SCALAR"> adjustment-justification @@ -3022,22 +3022,22 @@ + mode="get-value-property" + priority="8"> + priority="5"> + as-type="string" + name="security-objective-confidentiality" + key="security-objective-confidentiality" + gi="security-objective-confidentiality" + in-json="SCALAR"> security-objective-confidentiality @@ -3045,22 +3045,22 @@ + mode="get-value-property" + priority="5"> + priority="5"> + as-type="string" + name="security-objective-integrity" + key="security-objective-integrity" + gi="security-objective-integrity" + in-json="SCALAR"> security-objective-integrity @@ -3068,22 +3068,22 @@ + mode="get-value-property" + priority="5"> + priority="5"> + as-type="string" + name="security-objective-availability" + key="security-objective-availability" + gi="security-objective-availability" + in-json="SCALAR"> security-objective-availability @@ -3091,14 +3091,14 @@ + mode="get-value-property" + priority="5"> + priority="4"> @@ -3110,16 +3110,16 @@ + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3127,22 +3127,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3150,23 +3150,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3174,22 +3174,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3197,22 +3197,22 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="markup-line" + name="caption" + key="caption" + gi="caption" + in-json="SCALAR"> caption @@ -3220,23 +3220,23 @@ + mode="get-value-property" + priority="7"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3244,22 +3244,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3267,23 +3267,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3291,22 +3291,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3314,22 +3314,22 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="markup-line" + name="caption" + key="caption" + gi="caption" + in-json="SCALAR"> caption @@ -3337,23 +3337,23 @@ + mode="get-value-property" + priority="7"> + priority="5"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3361,22 +3361,22 @@ + mode="get-value-property" + priority="5"> + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3384,23 +3384,23 @@ + mode="get-value-property" + priority="7"> + priority="7"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3408,22 +3408,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3431,22 +3431,22 @@ + mode="get-value-property" + priority="9"> + priority="7"> + as-type="markup-line" + name="caption" + key="caption" + gi="caption" + in-json="SCALAR"> caption @@ -3454,22 +3454,22 @@ + mode="get-value-property" + priority="7"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3477,22 +3477,22 @@ + mode="get-value-property" + priority="8"> + priority="6"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3500,14 +3500,14 @@ + mode="get-value-property" + priority="6"> + priority="5"> @@ -3521,15 +3521,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3537,22 +3537,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3560,22 +3560,22 @@ + mode="get-value-property" + priority="8"> + priority="6"> + as-type="uuid" + name="party-uuid" + key="party-uuid" + gi="party-uuid" + in-json="SCALAR"> party-uuid @@ -3583,22 +3583,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="date" + name="date-authorized" + key="date-authorized" + gi="date-authorized" + in-json="SCALAR"> date-authorized @@ -3606,22 +3606,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3629,22 +3629,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="string" + name="short-name" + key="short-name" + gi="short-name" + in-json="SCALAR"> short-name @@ -3652,23 +3652,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3676,22 +3676,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3699,22 +3699,22 @@ + mode="get-value-property" + priority="8"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3722,23 +3722,23 @@ + mode="get-value-property" + priority="8"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3746,22 +3746,22 @@ + mode="get-value-property" + priority="8"> + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3769,23 +3769,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3793,22 +3793,22 @@ + mode="get-value-property" + priority="6"> + priority="6"> + as-type="markup-line" + name="purpose" + key="purpose" + gi="purpose" + in-json="SCALAR"> purpose @@ -3816,22 +3816,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3839,14 +3839,14 @@ + mode="get-value-property" + priority="8"> + priority="6"> @@ -3858,15 +3858,15 @@ + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3874,22 +3874,22 @@ + mode="get-value-property" + priority="10"> + priority="8"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -3897,23 +3897,23 @@ + mode="get-value-property" + priority="8"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -3921,22 +3921,22 @@ + mode="get-value-property" + priority="6"> + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3944,22 +3944,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -3967,14 +3967,14 @@ + mode="get-value-property" + priority="10"> + priority="7"> @@ -3986,15 +3986,15 @@ + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4002,22 +4002,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4025,19 +4025,19 @@ + mode="get-value-property" + priority="12"> + priority="3"> + key="control-implementation" + gi="control-implementation"> control-implementation @@ -4047,16 +4047,16 @@ + priority="4"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4064,33 +4064,33 @@ + mode="get-value-property" + priority="4"> + priority="7"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + mode="get-value-property" + priority="7"> + priority="5"> @@ -4106,15 +4106,15 @@ + priority="8"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4122,41 +4122,41 @@ + mode="get-value-property" + priority="8"> + priority="9"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + mode="get-value-property" + priority="9"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4164,14 +4164,14 @@ + mode="get-value-property" + priority="10"> + priority="7"> @@ -4185,15 +4185,15 @@ + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4201,22 +4201,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4224,23 +4224,23 @@ + mode="get-value-property" + priority="12"> + priority="10"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4248,22 +4248,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4271,33 +4271,33 @@ + mode="get-value-property" + priority="12"> + priority="13"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + mode="get-value-property" + priority="13"> + priority="10"> @@ -4313,16 +4313,16 @@ + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4330,22 +4330,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4353,14 +4353,14 @@ + mode="get-value-property" + priority="13"> + priority="12"> @@ -4373,16 +4373,16 @@ + priority="13"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4390,22 +4390,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4413,22 +4413,22 @@ + mode="get-value-property" + priority="15"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4436,14 +4436,14 @@ + mode="get-value-property" + priority="17"> + priority="12"> @@ -4457,16 +4457,16 @@ + priority="13"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4474,22 +4474,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4497,22 +4497,22 @@ + mode="get-value-property" + priority="15"> + priority="17"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4520,14 +4520,14 @@ + mode="get-value-property" + priority="17"> + priority="11"> @@ -4540,16 +4540,16 @@ + priority="12"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4557,22 +4557,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4580,22 +4580,22 @@ + mode="get-value-property" + priority="14"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4603,14 +4603,14 @@ + mode="get-value-property" + priority="16"> + priority="11"> @@ -4624,16 +4624,16 @@ + priority="12"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4641,22 +4641,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4664,22 +4664,22 @@ + mode="get-value-property" + priority="14"> + priority="16"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4687,22 +4687,22 @@ + mode="get-value-property" + priority="16"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4710,23 +4710,23 @@ + mode="get-value-property" + priority="14"> + priority="8"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4734,22 +4734,22 @@ + mode="get-value-property" + priority="8"> + priority="10"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4757,33 +4757,33 @@ + mode="get-value-property" + priority="10"> + priority="11"> + as-type="string" + name="parameter-value" + gi="value" + in-json="SCALAR"> + mode="get-value-property" + priority="11"> + priority="8"> @@ -4799,16 +4799,16 @@ + priority="9"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4816,22 +4816,22 @@ + mode="get-value-property" + priority="9"> + priority="11"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4839,14 +4839,14 @@ + mode="get-value-property" + priority="11"> + priority="10"> @@ -4859,16 +4859,16 @@ + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4876,22 +4876,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4899,22 +4899,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4922,14 +4922,14 @@ + mode="get-value-property" + priority="15"> + priority="10"> @@ -4943,16 +4943,16 @@ + priority="11"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -4960,22 +4960,22 @@ + mode="get-value-property" + priority="11"> + priority="13"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -4983,22 +4983,22 @@ + mode="get-value-property" + priority="13"> + priority="15"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5006,14 +5006,14 @@ + mode="get-value-property" + priority="15"> + priority="9"> @@ -5026,16 +5026,16 @@ + priority="10"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -5043,22 +5043,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5066,22 +5066,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5089,14 +5089,14 @@ + mode="get-value-property" + priority="14"> + priority="9"> @@ -5110,16 +5110,16 @@ + priority="10"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -5127,22 +5127,22 @@ + mode="get-value-property" + priority="10"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5150,22 +5150,22 @@ + mode="get-value-property" + priority="12"> + priority="14"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5173,22 +5173,22 @@ + mode="get-value-property" + priority="14"> + priority="12"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5196,14 +5196,14 @@ + mode="get-value-property" + priority="12"> + priority="5"> @@ -5219,15 +5219,15 @@ + priority="6"> + as-type="markup-line" + name="title" + key="title" + gi="title" + in-json="SCALAR"> title @@ -5235,23 +5235,23 @@ + mode="get-value-property" + priority="6"> + priority="6"> + collapsible="no" + as-type="markup-multiline" + name="description" + key="description" + gi="description" + in-json="SCALAR"> description @@ -5259,33 +5259,33 @@ + mode="get-value-property" + priority="6"> + priority="7"> + as-type="string" + name="document-id" + gi="document-id"> + mode="get-value-property"> + priority="6"> @@ -5298,15 +5298,15 @@ + priority="7"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5314,22 +5314,22 @@ + mode="get-value-property" + priority="7"> + priority="9"> + as-type="markup-line" + name="text" + key="text" + gi="text" + in-json="SCALAR"> text @@ -5337,14 +5337,14 @@ + mode="get-value-property" + priority="9"> + priority="7"> @@ -5354,14 +5354,14 @@ + priority="6"> + as-type="base64Binary" + name="base64" + key="base64" + gi="base64"> base64 @@ -5372,7 +5372,7 @@ + mode="get-value-property"> @@ -5386,8 +5386,8 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + match="value[@as-type=('markup-line')]"> @@ -5397,8 +5397,8 @@ + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel" + match="value[@as-type=('markup-multiline')]"> @@ -5427,15 +5427,15 @@ + group-starting-with=".[matches(., '^```')]"> + select="not((position() mod 2) + number($starts-with-code))"/>

    + expand-text="true" + select="(replace(.,'^```','') ! normalize-space(.))[matches(.,'\S')]"/> @@ -5466,9 +5466,9 @@ + priority="1" + match="p[exists(@code)]" + expand-text="true">

              
                 language-{.}
    @@ -5506,8 +5506,8 @@
           
        
        
    +                  priority="5"
    +                  mode="make-row"/>
        
           
              
    @@ -5518,7 +5518,7 @@
           
        
        
    +                  mode="make-row">
           
              
                 
    @@ -5537,9 +5537,9 @@
        
           
              
    +                              select="tokenize(., '\n')">
                 
  • + type="{ if (matches(.,'\s*\d')) then 'ol' else 'ul' }">
    @@ -5553,7 +5553,7 @@ + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> @@ -5567,9 +5567,9 @@ + namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + group-starting-with="li[(@level = $level) or not(@type = preceding-sibling::*[1]/@type)]">
  • @@ -5748,40 +5748,40 @@ { insertion } + elements="s:*"/> + elements="s:flag s:value"/> + name="write-xml"/> + match="s:*[exists(@gi)]" + mode="write-xml"> + match="s:value[@as-type=('markup-line','markup-multiline')]" + mode="write-xml"> + match="p | ul | ol | pre | h1 | h2 | h3 | h4 | h5 | h6 | table" + xpath-default-namespace="http://csrc.nist.gov/ns/oscal/metaschema/1.0/supermodel"> + priority="2" + match="s:flag" + mode="write-xml"> + match="*" + mode="cast-prose"> diff --git a/xml/schema/oscal_assessment-plan_schema.xsd b/xml/schema/oscal_assessment-plan_schema.xsd index 584e0e5df8..b4a7b8cdd4 100644 --- a/xml/schema/oscal_assessment-plan_schema.xsd +++ b/xml/schema/oscal_assessment-plan_schema.xsd @@ -1,11 +1,11 @@ + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + elementFormDefault="qualified" + targetNamespace="http://csrc.nist.gov/ns/oscal/1.0" + version="1.0.4"> OSCAL Assessment Plan Model @@ -30,13 +30,13 @@ + type="oscal-metadata-metadata-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-assessment-common-import-ssp-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> @@ -49,25 +49,25 @@ + type="oscal-implementation-common-system-component-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-inventory-item-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-system-user-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-local-objective-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-activity-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -96,32 +96,32 @@ + type="oscal-assessment-common-assessment-part-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-reviewed-controls-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-assessment-common-assessment-subject-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-assets-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-assessment-common-task-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-back-matter-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -160,21 +160,21 @@ + type="oscal-metadata-published-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-last-modified-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-version-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-oscal-version-FIELD" + minOccurs="1" + maxOccurs="1"/> @@ -213,29 +213,29 @@ + type="oscal-metadata-published-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-last-modified-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-version-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-oscal-version-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -256,17 +256,17 @@ + type="oscal-metadata-document-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -322,13 +322,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -382,17 +382,17 @@ + type="oscal-metadata-address-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-email-address-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-telephone-number-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -407,13 +407,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -504,30 +504,30 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-email-address-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-telephone-number-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-address-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-location-uuid-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -579,13 +579,13 @@ + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-action-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -686,13 +686,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-document-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -720,13 +720,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -742,9 +742,9 @@ + type="oscal-metadata-hash-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -995,17 +995,17 @@ + type="oscal-metadata-party-uuid-FIELD" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1042,17 +1042,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1119,17 +1119,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-party-uuid-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1282,9 +1282,9 @@ + type="oscal-metadata-addr-line-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1445,17 +1445,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-part-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -1507,17 +1507,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-part-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> @@ -1584,13 +1584,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1633,21 +1633,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-reviewed-controls-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1675,13 +1675,13 @@ + type="oscal-assessment-common-reviewed-controls-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1748,13 +1748,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1895,9 +1895,9 @@ + type="oscal-assessment-common-task-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1910,21 +1910,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-subject-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -1952,13 +1952,13 @@ + type="oscal-assessment-common-assessment-subject-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2020,13 +2020,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2054,27 +2054,27 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-include-all-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-assessment-common-select-control-by-id-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-assessment-common-select-control-by-id-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2092,8 +2092,8 @@ + minOccurs="0" + maxOccurs="unbounded"> @@ -2120,27 +2120,27 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-include-all-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-assessment-common-select-objective-by-id-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-assessment-common-select-objective-by-id-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2275,13 +2275,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2333,27 +2333,27 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-include-all-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-assessment-common-select-subject-by-id-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-assessment-common-select-subject-by-id-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2390,13 +2390,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2458,13 +2458,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2511,9 +2511,9 @@ + type="oscal-implementation-common-system-component-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2541,13 +2541,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2560,17 +2560,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2666,13 +2666,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2721,9 +2721,9 @@ + type="oscal-implementation-common-implementation-status-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -2800,21 +2800,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-origin-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-finding-target-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> @@ -2938,13 +2938,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2972,13 +2972,13 @@ + type="oscal-assessment-common-origin-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-subject-reference-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3006,13 +3006,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3101,13 +3101,13 @@ + type="oscal-assessment-common-origin-actor-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-assessment-common-related-task-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3121,13 +3121,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3171,21 +3171,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-subject-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3198,9 +3198,9 @@ + type="oscal-assessment-common-assessment-subject-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -3329,29 +3329,29 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-risk-status-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-assessment-common-origin-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-threat-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-characterization-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3379,17 +3379,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-subject-reference-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3427,9 +3427,9 @@ + type="oscal-assessment-common-response-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3509,21 +3509,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-logged-by-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-risk-status-FIELD" + minOccurs="0" + maxOccurs="1"/> @@ -3536,17 +3536,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-related-task-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3688,17 +3688,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-origin-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> @@ -3711,13 +3711,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3807,17 +3807,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-origin-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3830,9 +3830,9 @@ + type="oscal-assessment-common-subject-reference-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3864,13 +3864,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3898,9 +3898,9 @@ + type="oscal-assessment-common-task-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3962,18 +3962,18 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-part-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4042,18 +4042,18 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-part-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4107,13 +4107,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4145,22 +4145,22 @@ + type="oscal-control-common-parameter-constraint-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-guideline-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-value-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-selection-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -4402,13 +4402,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4447,13 +4447,13 @@ + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-protocol-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4515,9 +4515,9 @@ + type="oscal-implementation-common-port-range-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4669,21 +4669,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-role-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-authorized-privilege-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4750,9 +4750,9 @@ + type="oscal-implementation-common-function-performed-FIELD" + minOccurs="1" + maxOccurs="unbounded"/> @@ -4792,17 +4792,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4815,17 +4815,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4984,9 +4984,9 @@ + type="listItemType" + minOccurs="1" + maxOccurs="unbounded"/> diff --git a/xml/schema/oscal_assessment-results_schema.xsd b/xml/schema/oscal_assessment-results_schema.xsd index b7394751b6..a55a734fda 100644 --- a/xml/schema/oscal_assessment-results_schema.xsd +++ b/xml/schema/oscal_assessment-results_schema.xsd @@ -1,11 +1,11 @@ + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + elementFormDefault="qualified" + targetNamespace="http://csrc.nist.gov/ns/oscal/1.0" + version="1.0.4"> OSCAL Assessment Results Model @@ -30,13 +30,13 @@ + type="oscal-metadata-metadata-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-ar-import-ap-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> @@ -49,13 +49,13 @@ + type="oscal-assessment-common-local-objective-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-activity-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -73,13 +73,13 @@ + type="oscal-ar-result-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-metadata-back-matter-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -159,13 +159,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -178,32 +178,32 @@ + type="oscal-implementation-common-system-component-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-inventory-item-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-system-user-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-assets-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-assessment-common-task-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-reviewed-controls-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> @@ -216,13 +216,13 @@ + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-part-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -305,21 +305,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-logged-by-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-related-task-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -350,17 +350,17 @@ + type="oscal-assessment-common-observation-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-risk-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-finding-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -447,21 +447,21 @@ + type="oscal-metadata-published-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-last-modified-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-version-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-oscal-version-FIELD" + minOccurs="1" + maxOccurs="1"/> @@ -500,29 +500,29 @@ + type="oscal-metadata-published-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-last-modified-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-version-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-oscal-version-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -543,17 +543,17 @@ + type="oscal-metadata-document-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -609,13 +609,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -669,17 +669,17 @@ + type="oscal-metadata-address-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-email-address-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-telephone-number-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -694,13 +694,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -791,30 +791,30 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-email-address-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-telephone-number-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-address-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-location-uuid-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -866,13 +866,13 @@ + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-action-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -973,13 +973,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-document-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1007,13 +1007,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1029,9 +1029,9 @@ + type="oscal-metadata-hash-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1282,17 +1282,17 @@ + type="oscal-metadata-party-uuid-FIELD" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1329,17 +1329,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1406,17 +1406,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-party-uuid-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1569,9 +1569,9 @@ + type="oscal-metadata-addr-line-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1732,17 +1732,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-part-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -1794,17 +1794,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-part-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> @@ -1871,13 +1871,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1920,21 +1920,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-reviewed-controls-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1962,13 +1962,13 @@ + type="oscal-assessment-common-reviewed-controls-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2035,13 +2035,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2182,9 +2182,9 @@ + type="oscal-assessment-common-task-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2197,21 +2197,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-subject-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -2239,13 +2239,13 @@ + type="oscal-assessment-common-assessment-subject-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2307,13 +2307,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2341,27 +2341,27 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-include-all-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-assessment-common-select-control-by-id-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-assessment-common-select-control-by-id-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2379,8 +2379,8 @@ + minOccurs="0" + maxOccurs="unbounded"> @@ -2407,27 +2407,27 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-include-all-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-assessment-common-select-objective-by-id-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-assessment-common-select-objective-by-id-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2562,13 +2562,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2620,27 +2620,27 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-include-all-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-assessment-common-select-subject-by-id-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-assessment-common-select-subject-by-id-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2677,13 +2677,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2745,13 +2745,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2798,9 +2798,9 @@ + type="oscal-implementation-common-system-component-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2828,13 +2828,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2847,17 +2847,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2953,13 +2953,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3008,9 +3008,9 @@ + type="oscal-implementation-common-implementation-status-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -3087,21 +3087,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-origin-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-finding-target-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> @@ -3225,13 +3225,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3259,13 +3259,13 @@ + type="oscal-assessment-common-origin-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-subject-reference-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3293,13 +3293,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3388,13 +3388,13 @@ + type="oscal-assessment-common-origin-actor-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-assessment-common-related-task-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3408,13 +3408,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3458,21 +3458,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-subject-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3485,9 +3485,9 @@ + type="oscal-assessment-common-assessment-subject-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -3616,29 +3616,29 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-risk-status-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-assessment-common-origin-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-threat-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-characterization-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3666,17 +3666,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-subject-reference-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3714,9 +3714,9 @@ + type="oscal-assessment-common-response-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3796,21 +3796,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-logged-by-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-risk-status-FIELD" + minOccurs="0" + maxOccurs="1"/> @@ -3823,17 +3823,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-related-task-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3975,17 +3975,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-origin-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> @@ -3998,13 +3998,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4094,17 +4094,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-origin-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4117,9 +4117,9 @@ + type="oscal-assessment-common-subject-reference-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4151,13 +4151,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4185,9 +4185,9 @@ + type="oscal-assessment-common-task-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4249,18 +4249,18 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-part-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4329,18 +4329,18 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-part-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4394,13 +4394,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4432,22 +4432,22 @@ + type="oscal-control-common-parameter-constraint-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-guideline-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-value-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-selection-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -4689,13 +4689,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4734,13 +4734,13 @@ + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-protocol-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4802,9 +4802,9 @@ + type="oscal-implementation-common-port-range-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4956,21 +4956,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-role-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-authorized-privilege-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -5037,9 +5037,9 @@ + type="oscal-implementation-common-function-performed-FIELD" + minOccurs="1" + maxOccurs="unbounded"/> @@ -5079,17 +5079,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -5102,17 +5102,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -5271,9 +5271,9 @@ + type="listItemType" + minOccurs="1" + maxOccurs="unbounded"/> diff --git a/xml/schema/oscal_catalog_schema.xsd b/xml/schema/oscal_catalog_schema.xsd index 2b3be75443..4b4d5c7384 100644 --- a/xml/schema/oscal_catalog_schema.xsd +++ b/xml/schema/oscal_catalog_schema.xsd @@ -1,11 +1,11 @@ + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + elementFormDefault="qualified" + targetNamespace="http://csrc.nist.gov/ns/oscal/1.0" + version="1.0.4"> OSCAL Control Catalog Model @@ -29,25 +29,25 @@ + type="oscal-metadata-metadata-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-control-common-parameter-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-catalog-control-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-catalog-group-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-back-matter-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -86,30 +86,30 @@ + type="oscal-control-common-parameter-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-part-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-catalog-group-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-catalog-control-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -159,21 +159,21 @@ + type="oscal-control-common-parameter-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-part-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -186,13 +186,13 @@ + type="oscal-mapping-common-mapping-resource-reference-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-mapping-common-map-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -207,9 +207,9 @@ + type="oscal-catalog-control-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -258,18 +258,18 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-part-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -323,13 +323,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -361,22 +361,22 @@ + type="oscal-control-common-parameter-constraint-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-guideline-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-value-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-selection-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -588,21 +588,21 @@ + type="oscal-metadata-published-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-last-modified-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-version-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-oscal-version-FIELD" + minOccurs="1" + maxOccurs="1"/> @@ -641,29 +641,29 @@ + type="oscal-metadata-published-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-last-modified-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-version-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-oscal-version-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -684,17 +684,17 @@ + type="oscal-metadata-document-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -750,13 +750,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -810,17 +810,17 @@ + type="oscal-metadata-address-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-email-address-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-telephone-number-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -835,13 +835,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -932,30 +932,30 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-email-address-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-telephone-number-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-address-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-location-uuid-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1007,13 +1007,13 @@ + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-action-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1114,13 +1114,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-document-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1148,13 +1148,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1170,9 +1170,9 @@ + type="oscal-metadata-hash-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1423,17 +1423,17 @@ + type="oscal-metadata-party-uuid-FIELD" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1470,17 +1470,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1547,17 +1547,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-party-uuid-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1710,9 +1710,9 @@ + type="oscal-metadata-addr-line-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1823,13 +1823,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1857,13 +1857,13 @@ + type="oscal-mapping-common-mapping-item-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-mapping-common-mapping-item-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -1900,13 +1900,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1953,13 +1953,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2030,9 +2030,9 @@ + type="listItemType" + minOccurs="1" + maxOccurs="unbounded"/> diff --git a/xml/schema/oscal_complete_schema.xsd b/xml/schema/oscal_complete_schema.xsd index 8ff3727eb8..a9818674ea 100644 --- a/xml/schema/oscal_complete_schema.xsd +++ b/xml/schema/oscal_complete_schema.xsd @@ -1,11 +1,11 @@ + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + elementFormDefault="qualified" + targetNamespace="http://csrc.nist.gov/ns/oscal/1.0" + version="1.0.4"> OSCAL Unified Model of Models @@ -36,25 +36,25 @@ + type="oscal-metadata-metadata-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-control-common-parameter-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-catalog-control-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-catalog-group-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-back-matter-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -93,30 +93,30 @@ + type="oscal-control-common-parameter-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-part-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-catalog-group-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-catalog-control-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -166,21 +166,21 @@ + type="oscal-control-common-parameter-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-part-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -193,13 +193,13 @@ + type="oscal-mapping-common-mapping-resource-reference-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-mapping-common-map-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -214,9 +214,9 @@ + type="oscal-catalog-control-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -265,18 +265,18 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-part-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -330,13 +330,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -368,22 +368,22 @@ + type="oscal-control-common-parameter-constraint-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-guideline-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-value-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-selection-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -595,21 +595,21 @@ + type="oscal-metadata-published-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-last-modified-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-version-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-oscal-version-FIELD" + minOccurs="1" + maxOccurs="1"/> @@ -648,29 +648,29 @@ + type="oscal-metadata-published-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-last-modified-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-version-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-oscal-version-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -691,17 +691,17 @@ + type="oscal-metadata-document-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -757,13 +757,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -817,17 +817,17 @@ + type="oscal-metadata-address-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-email-address-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-telephone-number-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -842,13 +842,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -939,30 +939,30 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-email-address-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-telephone-number-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-address-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-location-uuid-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1014,13 +1014,13 @@ + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-action-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1121,13 +1121,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-document-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1155,13 +1155,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1177,9 +1177,9 @@ + type="oscal-metadata-hash-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1430,17 +1430,17 @@ + type="oscal-metadata-party-uuid-FIELD" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1477,17 +1477,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1554,17 +1554,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-party-uuid-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1717,9 +1717,9 @@ + type="oscal-metadata-addr-line-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1830,13 +1830,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1864,13 +1864,13 @@ + type="oscal-mapping-common-mapping-item-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-mapping-common-mapping-item-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -1907,13 +1907,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1960,13 +1960,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2003,7 +2003,7 @@ + type="oscal-mapping-mapping-collection-ASSEMBLY"/> @@ -2015,17 +2015,17 @@ + type="oscal-metadata-metadata-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-mapping-mapping-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-metadata-back-matter-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -2049,17 +2049,17 @@ + type="oscal-mapping-common-mapping-resource-reference-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-mapping-common-mapping-resource-reference-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-mapping-common-map-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -2084,25 +2084,25 @@ + type="oscal-metadata-metadata-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-profile-import-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-profile-merge-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-profile-modify-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-back-matter-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -2127,18 +2127,18 @@ + type="oscal-control-common-include-all-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-profile-select-control-by-id-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-profile-select-control-by-id-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2221,13 +2221,13 @@ + type="oscal-profile-group-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-profile-insert-controls-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2260,30 +2260,30 @@ + type="oscal-control-common-parameter-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-part-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-profile-group-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-profile-insert-controls-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2329,13 +2329,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2367,22 +2367,22 @@ + type="oscal-control-common-parameter-constraint-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-guideline-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-value-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-selection-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -2517,21 +2517,21 @@ + type="oscal-control-common-parameter-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-part-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2582,18 +2582,18 @@ + type="oscal-control-common-include-all-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-profile-select-control-by-id-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-profile-select-control-by-id-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2664,7 +2664,7 @@ + type="oscal-component-definition-component-definition-ASSEMBLY"/> @@ -2676,25 +2676,25 @@ + type="oscal-metadata-metadata-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-component-definition-import-component-definition-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-component-definition-defined-component-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-component-definition-capability-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-back-matter-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -2783,25 +2783,25 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-protocol-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-component-definition-control-implementation-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2863,21 +2863,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-component-definition-incorporates-component-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-component-definition-control-implementation-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2976,21 +2976,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-set-parameter-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-component-definition-implemented-requirement-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -3039,25 +3039,25 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-set-parameter-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-component-definition-statement-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3119,17 +3119,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3221,13 +3221,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3266,13 +3266,13 @@ + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-protocol-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3334,9 +3334,9 @@ + type="oscal-implementation-common-port-range-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3488,21 +3488,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-role-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-authorized-privilege-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3569,9 +3569,9 @@ + type="oscal-implementation-common-function-performed-FIELD" + minOccurs="1" + maxOccurs="unbounded"/> @@ -3611,17 +3611,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3634,17 +3634,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3769,7 +3769,7 @@ + type="oscal-ssp-system-security-plan-ASSEMBLY"/> @@ -3781,29 +3781,29 @@ + type="oscal-metadata-metadata-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-ssp-import-profile-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-ssp-system-characteristics-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-ssp-system-implementation-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-ssp-control-implementation-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-back-matter-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -3862,9 +3862,9 @@ + type="oscal-implementation-common-system-id-FIELD" + minOccurs="1" + maxOccurs="unbounded"/> @@ -3907,17 +3907,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-ssp-date-authorized-FIELD" + minOccurs="0" + maxOccurs="1"/> @@ -3932,33 +3932,33 @@ + type="oscal-ssp-system-information-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-ssp-security-impact-level-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-ssp-status-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-ssp-authorization-boundary-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-ssp-network-architecture-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-ssp-data-flow-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3985,13 +3985,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4071,25 +4071,25 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-ssp-impact-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-ssp-impact-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-ssp-impact-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -4116,21 +4116,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-ssp-base-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-ssp-selected-FIELD" + minOccurs="0" + maxOccurs="1"/> @@ -4192,8 +4192,8 @@ + minOccurs="1" + maxOccurs="1"> @@ -4306,17 +4306,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-ssp-diagram-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4358,13 +4358,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4431,17 +4431,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-ssp-diagram-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4483,17 +4483,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-ssp-diagram-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4520,13 +4520,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4554,13 +4554,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4575,9 +4575,9 @@ + type="oscal-ssp-date-authorized-FIELD" + minOccurs="1" + maxOccurs="1"/> @@ -4605,17 +4605,17 @@ + type="oscal-implementation-common-system-user-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-implementation-common-system-component-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-implementation-common-inventory-item-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4657,13 +4657,13 @@ + type="oscal-implementation-common-set-parameter-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-ssp-implemented-requirement-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -4677,29 +4677,29 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-set-parameter-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-ssp-statement-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-ssp-by-component-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4746,21 +4746,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-ssp-by-component-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4822,21 +4822,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-set-parameter-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-implementation-status-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -4864,13 +4864,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4898,17 +4898,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4962,17 +4962,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -5052,17 +5052,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -5113,17 +5113,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -5161,9 +5161,9 @@ + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -5211,13 +5211,13 @@ + type="oscal-metadata-metadata-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-assessment-common-import-ssp-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> @@ -5230,25 +5230,25 @@ + type="oscal-implementation-common-system-component-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-inventory-item-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-system-user-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-local-objective-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-activity-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -5277,32 +5277,32 @@ + type="oscal-assessment-common-assessment-part-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-reviewed-controls-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-assessment-common-assessment-subject-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-assets-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-assessment-common-task-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-back-matter-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -5376,17 +5376,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-part-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -5438,17 +5438,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-part-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> @@ -5515,13 +5515,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -5564,21 +5564,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-reviewed-controls-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -5606,13 +5606,13 @@ + type="oscal-assessment-common-reviewed-controls-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -5679,13 +5679,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -5826,9 +5826,9 @@ + type="oscal-assessment-common-task-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -5841,21 +5841,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-subject-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -5883,13 +5883,13 @@ + type="oscal-assessment-common-assessment-subject-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -5951,13 +5951,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -5985,27 +5985,27 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-include-all-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-assessment-common-select-control-by-id-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-assessment-common-select-control-by-id-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -6023,8 +6023,8 @@ + minOccurs="0" + maxOccurs="unbounded"> @@ -6051,27 +6051,27 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-include-all-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-assessment-common-select-objective-by-id-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-assessment-common-select-objective-by-id-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -6206,13 +6206,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -6264,27 +6264,27 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-include-all-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-assessment-common-select-subject-by-id-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-assessment-common-select-subject-by-id-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -6321,13 +6321,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -6389,13 +6389,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -6442,9 +6442,9 @@ + type="oscal-implementation-common-system-component-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -6472,13 +6472,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -6491,17 +6491,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -6597,13 +6597,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -6652,9 +6652,9 @@ + type="oscal-implementation-common-implementation-status-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -6731,21 +6731,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-origin-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-finding-target-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> @@ -6869,13 +6869,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -6903,13 +6903,13 @@ + type="oscal-assessment-common-origin-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-subject-reference-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -6937,13 +6937,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -7032,13 +7032,13 @@ + type="oscal-assessment-common-origin-actor-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-assessment-common-related-task-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -7052,13 +7052,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -7102,21 +7102,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-subject-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -7129,9 +7129,9 @@ + type="oscal-assessment-common-assessment-subject-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -7260,29 +7260,29 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-risk-status-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-assessment-common-origin-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-threat-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-characterization-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -7310,17 +7310,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-subject-reference-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -7358,9 +7358,9 @@ + type="oscal-assessment-common-response-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -7440,21 +7440,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-logged-by-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-risk-status-FIELD" + minOccurs="0" + maxOccurs="1"/> @@ -7467,17 +7467,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-related-task-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -7619,17 +7619,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-origin-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> @@ -7642,13 +7642,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -7738,17 +7738,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-origin-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -7761,9 +7761,9 @@ + type="oscal-assessment-common-subject-reference-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -7795,13 +7795,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -7829,9 +7829,9 @@ + type="oscal-assessment-common-task-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -7893,18 +7893,18 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-part-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -7959,13 +7959,13 @@ + type="oscal-metadata-metadata-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-ar-import-ap-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> @@ -7978,13 +7978,13 @@ + type="oscal-assessment-common-local-objective-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-activity-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -8002,13 +8002,13 @@ + type="oscal-ar-result-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-metadata-back-matter-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -8088,13 +8088,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -8107,32 +8107,32 @@ + type="oscal-implementation-common-system-component-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-inventory-item-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-system-user-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-assets-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-assessment-common-task-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-reviewed-controls-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> @@ -8145,13 +8145,13 @@ + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-part-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -8234,21 +8234,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-logged-by-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-related-task-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -8279,17 +8279,17 @@ + type="oscal-assessment-common-observation-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-risk-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-finding-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -8351,7 +8351,7 @@ + type="oscal-poam-plan-of-action-and-milestones-ASSEMBLY"/> @@ -8363,41 +8363,41 @@ + type="oscal-metadata-metadata-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-assessment-common-import-ssp-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-implementation-common-system-id-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-poam-local-definitions-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-assessment-common-observation-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-risk-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-finding-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-poam-poam-item-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-metadata-back-matter-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -8421,17 +8421,17 @@ + type="oscal-implementation-common-system-component-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-inventory-item-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-assets-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -8488,13 +8488,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -8507,9 +8507,9 @@ + type="oscal-assessment-common-origin-actor-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -8639,9 +8639,9 @@ + type="listItemType" + minOccurs="1" + maxOccurs="unbounded"/> diff --git a/xml/schema/oscal_component_schema.xsd b/xml/schema/oscal_component_schema.xsd index 87b5a07b8a..8a87e8fa62 100644 --- a/xml/schema/oscal_component_schema.xsd +++ b/xml/schema/oscal_component_schema.xsd @@ -1,11 +1,11 @@ + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + elementFormDefault="qualified" + targetNamespace="http://csrc.nist.gov/ns/oscal/1.0" + version="1.0.4"> OSCAL Component Definition Model @@ -22,7 +22,7 @@ + type="oscal-component-definition-component-definition-ASSEMBLY"/> @@ -34,25 +34,25 @@ + type="oscal-metadata-metadata-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-component-definition-import-component-definition-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-component-definition-defined-component-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-component-definition-capability-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-back-matter-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -141,25 +141,25 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-protocol-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-component-definition-control-implementation-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -221,21 +221,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-component-definition-incorporates-component-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-component-definition-control-implementation-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -334,21 +334,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-set-parameter-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-component-definition-implemented-requirement-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -397,25 +397,25 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-set-parameter-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-component-definition-statement-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -477,17 +477,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -579,13 +579,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -624,13 +624,13 @@ + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-protocol-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -692,9 +692,9 @@ + type="oscal-implementation-common-port-range-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -846,21 +846,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-role-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-authorized-privilege-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -927,9 +927,9 @@ + type="oscal-implementation-common-function-performed-FIELD" + minOccurs="1" + maxOccurs="unbounded"/> @@ -969,17 +969,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -992,17 +992,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1152,21 +1152,21 @@ + type="oscal-metadata-published-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-last-modified-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-version-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-oscal-version-FIELD" + minOccurs="1" + maxOccurs="1"/> @@ -1205,29 +1205,29 @@ + type="oscal-metadata-published-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-last-modified-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-version-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-oscal-version-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1248,17 +1248,17 @@ + type="oscal-metadata-document-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1314,13 +1314,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1374,17 +1374,17 @@ + type="oscal-metadata-address-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-email-address-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-telephone-number-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1399,13 +1399,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1496,30 +1496,30 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-email-address-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-telephone-number-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-address-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-location-uuid-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1571,13 +1571,13 @@ + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-action-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1678,13 +1678,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-document-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1712,13 +1712,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1734,9 +1734,9 @@ + type="oscal-metadata-hash-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1987,17 +1987,17 @@ + type="oscal-metadata-party-uuid-FIELD" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2034,17 +2034,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2111,17 +2111,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-party-uuid-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2274,9 +2274,9 @@ + type="oscal-metadata-addr-line-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2402,18 +2402,18 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-part-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2467,13 +2467,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2505,22 +2505,22 @@ + type="oscal-control-common-parameter-constraint-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-guideline-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-value-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-selection-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -2741,9 +2741,9 @@ + type="listItemType" + minOccurs="1" + maxOccurs="unbounded"/> diff --git a/xml/schema/oscal_mapping_schema.xsd b/xml/schema/oscal_mapping_schema.xsd index 64d91d239e..e65e06bb07 100644 --- a/xml/schema/oscal_mapping_schema.xsd +++ b/xml/schema/oscal_mapping_schema.xsd @@ -1,11 +1,11 @@ + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + elementFormDefault="qualified" + targetNamespace="http://csrc.nist.gov/ns/oscal/1.0" + version="1.0.3"> OSCAL Control Mapping Model @@ -18,7 +18,7 @@ + type="oscal-mapping-mapping-collection-ASSEMBLY"/> @@ -30,17 +30,17 @@ + type="oscal-metadata-metadata-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-mapping-mapping-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-metadata-back-matter-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -64,17 +64,17 @@ + type="oscal-mapping-common-mapping-resource-reference-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-mapping-common-mapping-resource-reference-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-mapping-common-map-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -113,21 +113,21 @@ + type="oscal-metadata-published-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-last-modified-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-version-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-oscal-version-FIELD" + minOccurs="1" + maxOccurs="1"/> @@ -166,29 +166,29 @@ + type="oscal-metadata-published-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-last-modified-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-version-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-oscal-version-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -209,17 +209,17 @@ + type="oscal-metadata-document-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -275,13 +275,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -335,17 +335,17 @@ + type="oscal-metadata-address-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-email-address-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-telephone-number-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -360,13 +360,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -457,30 +457,30 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-email-address-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-telephone-number-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-address-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-location-uuid-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -532,13 +532,13 @@ + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-action-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -639,13 +639,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-document-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -673,13 +673,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -695,9 +695,9 @@ + type="oscal-metadata-hash-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -948,17 +948,17 @@ + type="oscal-metadata-party-uuid-FIELD" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -995,17 +995,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1072,17 +1072,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-party-uuid-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1235,9 +1235,9 @@ + type="oscal-metadata-addr-line-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1348,13 +1348,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1382,13 +1382,13 @@ + type="oscal-mapping-common-mapping-item-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-mapping-common-mapping-item-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -1425,13 +1425,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1478,13 +1478,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1555,9 +1555,9 @@ + type="listItemType" + minOccurs="1" + maxOccurs="unbounded"/> diff --git a/xml/schema/oscal_poam_schema.xsd b/xml/schema/oscal_poam_schema.xsd index 86c5c58707..c31deaf91c 100644 --- a/xml/schema/oscal_poam_schema.xsd +++ b/xml/schema/oscal_poam_schema.xsd @@ -1,11 +1,11 @@ + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + elementFormDefault="qualified" + targetNamespace="http://csrc.nist.gov/ns/oscal/1.0" + version="1.0.4"> OSCAL Plan of Action and Milestones (POA&M) Model @@ -19,7 +19,7 @@ + type="oscal-poam-plan-of-action-and-milestones-ASSEMBLY"/> @@ -31,41 +31,41 @@ + type="oscal-metadata-metadata-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-assessment-common-import-ssp-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-implementation-common-system-id-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-poam-local-definitions-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-assessment-common-observation-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-risk-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-finding-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-poam-poam-item-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-metadata-back-matter-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -89,17 +89,17 @@ + type="oscal-implementation-common-system-component-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-inventory-item-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-assets-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -156,13 +156,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -175,9 +175,9 @@ + type="oscal-assessment-common-origin-actor-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -298,21 +298,21 @@ + type="oscal-metadata-published-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-last-modified-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-version-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-oscal-version-FIELD" + minOccurs="1" + maxOccurs="1"/> @@ -351,29 +351,29 @@ + type="oscal-metadata-published-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-last-modified-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-version-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-oscal-version-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -394,17 +394,17 @@ + type="oscal-metadata-document-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -460,13 +460,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -520,17 +520,17 @@ + type="oscal-metadata-address-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-email-address-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-telephone-number-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -545,13 +545,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -642,30 +642,30 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-email-address-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-telephone-number-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-address-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-location-uuid-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -717,13 +717,13 @@ + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-action-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -824,13 +824,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-document-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -858,13 +858,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -880,9 +880,9 @@ + type="oscal-metadata-hash-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1133,17 +1133,17 @@ + type="oscal-metadata-party-uuid-FIELD" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1180,17 +1180,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1257,17 +1257,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-party-uuid-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1420,9 +1420,9 @@ + type="oscal-metadata-addr-line-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1578,13 +1578,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1623,13 +1623,13 @@ + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-protocol-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1691,9 +1691,9 @@ + type="oscal-implementation-common-port-range-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1845,21 +1845,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-role-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-authorized-privilege-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1926,9 +1926,9 @@ + type="oscal-implementation-common-function-performed-FIELD" + minOccurs="1" + maxOccurs="unbounded"/> @@ -1968,17 +1968,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1991,17 +1991,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2151,18 +2151,18 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-part-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2216,13 +2216,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2254,22 +2254,22 @@ + type="oscal-control-common-parameter-constraint-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-guideline-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-value-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-selection-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -2516,17 +2516,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-part-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -2578,17 +2578,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-part-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> @@ -2655,13 +2655,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2704,21 +2704,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-reviewed-controls-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2746,13 +2746,13 @@ + type="oscal-assessment-common-reviewed-controls-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2819,13 +2819,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2966,9 +2966,9 @@ + type="oscal-assessment-common-task-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2981,21 +2981,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-subject-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -3023,13 +3023,13 @@ + type="oscal-assessment-common-assessment-subject-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3091,13 +3091,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3125,27 +3125,27 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-include-all-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-assessment-common-select-control-by-id-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-assessment-common-select-control-by-id-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3163,8 +3163,8 @@ + minOccurs="0" + maxOccurs="unbounded"> @@ -3191,27 +3191,27 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-include-all-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-assessment-common-select-objective-by-id-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-assessment-common-select-objective-by-id-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3346,13 +3346,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3404,27 +3404,27 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-include-all-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-assessment-common-select-subject-by-id-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-assessment-common-select-subject-by-id-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3461,13 +3461,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3529,13 +3529,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3582,9 +3582,9 @@ + type="oscal-implementation-common-system-component-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3612,13 +3612,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3631,17 +3631,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3737,13 +3737,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3792,9 +3792,9 @@ + type="oscal-implementation-common-implementation-status-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -3871,21 +3871,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-origin-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-finding-target-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> @@ -4009,13 +4009,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4043,13 +4043,13 @@ + type="oscal-assessment-common-origin-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-subject-reference-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4077,13 +4077,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4172,13 +4172,13 @@ + type="oscal-assessment-common-origin-actor-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-assessment-common-related-task-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4192,13 +4192,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4242,21 +4242,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-subject-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4269,9 +4269,9 @@ + type="oscal-assessment-common-assessment-subject-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -4400,29 +4400,29 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-risk-status-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-assessment-common-origin-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-threat-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-characterization-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4450,17 +4450,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-subject-reference-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4498,9 +4498,9 @@ + type="oscal-assessment-common-response-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4580,21 +4580,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-logged-by-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-risk-status-FIELD" + minOccurs="0" + maxOccurs="1"/> @@ -4607,17 +4607,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-related-task-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4759,17 +4759,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-origin-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> @@ -4782,13 +4782,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4878,17 +4878,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-origin-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4901,9 +4901,9 @@ + type="oscal-assessment-common-subject-reference-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4935,13 +4935,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -4969,9 +4969,9 @@ + type="oscal-assessment-common-task-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -5033,18 +5033,18 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-assessment-common-assessment-part-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -5122,9 +5122,9 @@ + type="listItemType" + minOccurs="1" + maxOccurs="unbounded"/> diff --git a/xml/schema/oscal_profile_schema.xsd b/xml/schema/oscal_profile_schema.xsd index 5a41033b53..307c55146a 100644 --- a/xml/schema/oscal_profile_schema.xsd +++ b/xml/schema/oscal_profile_schema.xsd @@ -1,11 +1,11 @@ + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + elementFormDefault="qualified" + targetNamespace="http://csrc.nist.gov/ns/oscal/1.0" + version="1.0.4"> OSCAL Profile Model @@ -31,25 +31,25 @@ + type="oscal-metadata-metadata-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-profile-import-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-profile-merge-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-profile-modify-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-back-matter-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -74,18 +74,18 @@ + type="oscal-control-common-include-all-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-profile-select-control-by-id-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-profile-select-control-by-id-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -168,13 +168,13 @@ + type="oscal-profile-group-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-profile-insert-controls-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -207,30 +207,30 @@ + type="oscal-control-common-parameter-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-part-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-profile-group-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-profile-insert-controls-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -276,13 +276,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -314,22 +314,22 @@ + type="oscal-control-common-parameter-constraint-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-guideline-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-value-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-selection-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -464,21 +464,21 @@ + type="oscal-control-common-parameter-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-part-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -529,18 +529,18 @@ + type="oscal-control-common-include-all-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-profile-select-control-by-id-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-profile-select-control-by-id-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -636,21 +636,21 @@ + type="oscal-metadata-published-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-last-modified-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-version-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-oscal-version-FIELD" + minOccurs="1" + maxOccurs="1"/> @@ -689,29 +689,29 @@ + type="oscal-metadata-published-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-last-modified-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-version-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-oscal-version-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -732,17 +732,17 @@ + type="oscal-metadata-document-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -798,13 +798,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -858,17 +858,17 @@ + type="oscal-metadata-address-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-email-address-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-telephone-number-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -883,13 +883,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -980,30 +980,30 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-email-address-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-telephone-number-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-address-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-location-uuid-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1055,13 +1055,13 @@ + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-action-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1162,13 +1162,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-document-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1196,13 +1196,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1218,9 +1218,9 @@ + type="oscal-metadata-hash-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1471,17 +1471,17 @@ + type="oscal-metadata-party-uuid-FIELD" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1518,17 +1518,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1595,17 +1595,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-party-uuid-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1758,9 +1758,9 @@ + type="oscal-metadata-addr-line-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1886,18 +1886,18 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-part-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1951,13 +1951,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1989,22 +1989,22 @@ + type="oscal-control-common-parameter-constraint-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-guideline-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-value-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-selection-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -2225,9 +2225,9 @@ + type="listItemType" + minOccurs="1" + maxOccurs="unbounded"/> diff --git a/xml/schema/oscal_ssp_schema.xsd b/xml/schema/oscal_ssp_schema.xsd index 83cfde0916..65d762410e 100644 --- a/xml/schema/oscal_ssp_schema.xsd +++ b/xml/schema/oscal_ssp_schema.xsd @@ -1,11 +1,11 @@ + xmlns:m="http://csrc.nist.gov/ns/oscal/metaschema/1.0" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + elementFormDefault="qualified" + targetNamespace="http://csrc.nist.gov/ns/oscal/1.0" + version="1.0.4"> OSCAL System Security Plan (SSP) Model @@ -19,7 +19,7 @@ + type="oscal-ssp-system-security-plan-ASSEMBLY"/> @@ -31,29 +31,29 @@ + type="oscal-metadata-metadata-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-ssp-import-profile-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-ssp-system-characteristics-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-ssp-system-implementation-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-ssp-control-implementation-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-back-matter-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -112,9 +112,9 @@ + type="oscal-implementation-common-system-id-FIELD" + minOccurs="1" + maxOccurs="unbounded"/> @@ -157,17 +157,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-ssp-date-authorized-FIELD" + minOccurs="0" + maxOccurs="1"/> @@ -182,33 +182,33 @@ + type="oscal-ssp-system-information-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-ssp-security-impact-level-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-ssp-status-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-ssp-authorization-boundary-ASSEMBLY" + minOccurs="1" + maxOccurs="1"/> + type="oscal-ssp-network-architecture-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-ssp-data-flow-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -235,13 +235,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -321,25 +321,25 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-ssp-impact-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-ssp-impact-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-ssp-impact-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -366,21 +366,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-ssp-base-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-ssp-selected-FIELD" + minOccurs="0" + maxOccurs="1"/> @@ -442,8 +442,8 @@ + minOccurs="1" + maxOccurs="1"> @@ -556,17 +556,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-ssp-diagram-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -608,13 +608,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -681,17 +681,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-ssp-diagram-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -733,17 +733,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-ssp-diagram-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -770,13 +770,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -804,13 +804,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -825,9 +825,9 @@ + type="oscal-ssp-date-authorized-FIELD" + minOccurs="1" + maxOccurs="1"/> @@ -855,17 +855,17 @@ + type="oscal-implementation-common-system-user-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-implementation-common-system-component-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-implementation-common-inventory-item-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -907,13 +907,13 @@ + type="oscal-implementation-common-set-parameter-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-ssp-implemented-requirement-ASSEMBLY" + minOccurs="1" + maxOccurs="unbounded"/> @@ -927,29 +927,29 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-set-parameter-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-ssp-statement-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-ssp-by-component-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -996,21 +996,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-ssp-by-component-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1072,21 +1072,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-set-parameter-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-implementation-status-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -1114,13 +1114,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1148,17 +1148,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1212,17 +1212,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1302,17 +1302,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1363,17 +1363,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1411,9 +1411,9 @@ + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1475,21 +1475,21 @@ + type="oscal-metadata-published-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-last-modified-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-version-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-oscal-version-FIELD" + minOccurs="1" + maxOccurs="1"/> @@ -1528,29 +1528,29 @@ + type="oscal-metadata-published-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-last-modified-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-version-FIELD" + minOccurs="1" + maxOccurs="1"/> + type="oscal-metadata-oscal-version-FIELD" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1571,17 +1571,17 @@ + type="oscal-metadata-document-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1637,13 +1637,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1697,17 +1697,17 @@ + type="oscal-metadata-address-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> + type="oscal-metadata-email-address-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-telephone-number-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1722,13 +1722,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1819,30 +1819,30 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-email-address-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-telephone-number-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-address-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-location-uuid-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -1894,13 +1894,13 @@ + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-action-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2001,13 +2001,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-document-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2035,13 +2035,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2057,9 +2057,9 @@ + type="oscal-metadata-hash-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2310,17 +2310,17 @@ + type="oscal-metadata-party-uuid-FIELD" + minOccurs="1" + maxOccurs="unbounded"/> + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2357,17 +2357,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2434,17 +2434,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-party-uuid-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2597,9 +2597,9 @@ + type="oscal-metadata-addr-line-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2755,13 +2755,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2800,13 +2800,13 @@ + type="oscal-metadata-responsible-role-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-protocol-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -2868,9 +2868,9 @@ + type="oscal-implementation-common-port-range-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3022,21 +3022,21 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-role-id-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-implementation-common-authorized-privilege-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3103,9 +3103,9 @@ + type="oscal-implementation-common-function-performed-FIELD" + minOccurs="1" + maxOccurs="unbounded"/> @@ -3145,17 +3145,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3168,17 +3168,17 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-responsible-party-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3328,18 +3328,18 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-part-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3393,13 +3393,13 @@ + type="oscal-metadata-property-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-metadata-link-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> @@ -3431,22 +3431,22 @@ + type="oscal-control-common-parameter-constraint-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-guideline-ASSEMBLY" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-value-FIELD" + minOccurs="0" + maxOccurs="unbounded"/> + type="oscal-control-common-parameter-selection-ASSEMBLY" + minOccurs="0" + maxOccurs="1"/> @@ -3667,9 +3667,9 @@ + type="listItemType" + minOccurs="1" + maxOccurs="unbounded"/> From 2fbaae03582744e0bb8671c46f135fb9d18f18c8 Mon Sep 17 00:00:00 2001 From: "A.J. Stein" Date: Mon, 9 Jan 2023 14:30:05 -0500 Subject: [PATCH 119/138] Fix rel path from XSLT transform source issue, fix usnistgov/OSCAL#1603. (#1604) --- build/ci-cd/validate-content.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/build/ci-cd/validate-content.sh b/build/ci-cd/validate-content.sh index d94e6a6aca..73b934b66d 100755 --- a/build/ci-cd/validate-content.sh +++ b/build/ci-cd/validate-content.sh @@ -108,7 +108,7 @@ if [ -z "${SCRATCH_DIR+x}" ]; then fi fi -profile_schematron="oscal/src/utils/schematron/oscal-profile.sch" +profile_schematron="${OSCAL_DIR}/src/utils/schematron/oscal-profile.sch" compiled_profile_schematron="${SCRATCH_DIR}/oscal-profile.xsl" build_schematron "${profile_schematron}" "${compiled_profile_schematron}" @@ -154,7 +154,7 @@ while IFS="|" read path format model converttoformats || [ -n "$path" ]; do echo -e "${P_INFO}Validating profile with Schematron for project's requirements and recommendations.${P_INFO}${P_END}" target_file=$(basename -- "${file_relative}") svrl_result="/tmp/${target_file}.svrl" - result=$(validate_with_schematron "${SCRATCH_DIR}/oscal-profile.xsl" "${file_relative}" "$svrl_result" 2>&1) + result=$(validate_with_schematron "${SCRATCH_DIR}/oscal-profile.xsl" "${file}" "$svrl_result" 2>&1) cmd_exitcode=$? if [ $cmd_exitcode -ne 0 ]; then echo -e "${P_ERROR}Profile validation execution for '${P_END}${file_relative}${P_ERROR}' with Schematron '${P_END}${profile_schematron}${P_ERROR}' did not complete.${P_END}" From dd6486a49c644f9d09aadddb9dace7aafcd4629f Mon Sep 17 00:00:00 2001 From: "A.J. Stein" Date: Mon, 9 Jan 2023 14:32:09 -0500 Subject: [PATCH 120/138] Fix Docker container build for local dev and debugging (#1598) * Fix Dockerfile multi-stage builds, closes #1597. * Add maven.restlet.org workaround. If the TLS cert is bad, it will break local build just like maven building Java deps in GHA. * Fix directory safety for doctor, closes usnistgov/OSCAL#1600. * Somehow, docs/run-server.sh set to non-executable again. --- build/Dockerfile | 17 ++++++++--------- docs/run-server.sh | 0 2 files changed, 8 insertions(+), 9 deletions(-) mode change 100644 => 100755 docs/run-server.sh diff --git a/build/Dockerfile b/build/Dockerfile index f9df26fa63..e1819f300f 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -1,14 +1,11 @@ -FROM ubuntu:22.04 as base-environment +FROM ubuntu:22.04 as oscal-os-dependencies ENV TZ=US/Eastern -RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone - -RUN apt-get update && apt-get dist-upgrade -y - -FROM base-environment as oscal-os-dependencies - -RUN apt-get install -y \ - apt-utils build-essential git jq libxml2-utils maven nodejs npm python3-pip unzip wget && \ +RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone && \ + apt-get update && \ + apt-get dist-upgrade -y && \ + DEBIAN_FRONTEND=noninteractive apt-get install -y \ + apt-utils build-essential git jq libxml2-utils maven nodejs npm python3-pip unzip wget && \ apt-get clean FROM golang:1.19.4-bullseye as oscal-hugo-build @@ -50,4 +47,6 @@ ENV SAXON_HOME=/opt/oscal ENV CALABASH_HOME=${SAXON_HOME} ENV PATH=/opt/oscal/node_modules/.bin:${PATH} +RUN git config --global --add safe.directory /oscal + ENTRYPOINT ["/bin/bash"] diff --git a/docs/run-server.sh b/docs/run-server.sh old mode 100644 new mode 100755 From c36fd37ae1ae601359093c9bdc43fa7e1e1daca7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Jan 2023 09:16:50 -0500 Subject: [PATCH 121/138] Bump actions/setup-go from 3.4.0 to 3.5.0 (#1586) Dependabot couldn't find the original pull request head commit, 6a131ed2d145b11a76a8fb4e32eae5d1fa7f521c. Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-website-reference.yml | 2 +- .github/workflows/workflow-generate-website.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index b800368481..9cdf1b38b1 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -105,7 +105,7 @@ jobs: echo "/home/runner/go/bin" >> $GITHUB_PATH - name: Setup Golang if: steps.cache-hugo.outputs.cache-hit != 'true' - uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613 + uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 with: go-version-file: '${{ env.BRANCH_PATH }}/build/go.mod' cache: true diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index c7b029e97d..20cd9aea2e 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -115,7 +115,7 @@ jobs: echo "/home/runner/go/bin" >> $GITHUB_PATH - name: Setup Golang if: steps.cache-hugo.outputs.cache-hit != 'true' - uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613 + uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 with: go-version-file: '${{ env.BUILD_PATH }}/go.mod' cache: true From f977feab304eb9a935d84239191a46dca22da512 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Jan 2023 09:18:10 -0500 Subject: [PATCH 122/138] Bump actions/cache from 3.0.11 to 3.2.3 (#1607) Dependabot couldn't find the original pull request head commit, bac53979a935df659c535fe2244d790a80d7495e. Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-website-reference.yml | 2 +- .github/workflows/workflow-generate-website.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index 9cdf1b38b1..04dfb80f8c 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -94,7 +94,7 @@ jobs: mvn dependency:copy-dependencies -DoutputDirectory="${JAVA_CLASSPATH}" # Install Hugo - name: Store Hugo Executable in Cache - uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 + uses: actions/cache@58c146cc91c5b9e778e71775dfe9bf1442ad9a12 with: path: /home/runner/go/bin/hugo key: ${{ runner.os }}-hugo-${{ hashFiles(format('{0}/build/go.sum', env.BRANCH_PATH)) }} diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index 20cd9aea2e..e7ba606908 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -104,7 +104,7 @@ jobs: retention-days: 5 # Install Hugo - name: Store Hugo Executable in Cache - uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 + uses: actions/cache@58c146cc91c5b9e778e71775dfe9bf1442ad9a12 with: path: /home/runner/go/bin/hugo key: ${{ runner.os }}-hugo-${{ hashFiles(format('{0}/go.sum', env.BUILD_PATH)) }} From 59834543ac95c564be10db6154ad187eaf601c33 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Jan 2023 09:18:55 -0500 Subject: [PATCH 123/138] Bump docs/themes/uswds from `631e114` to `ac7915f` (#1606) Dependabot couldn't find the original pull request head commit, 794aaad2d05b2547c7cedf8f6e975472060dcdc9. Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- docs/themes/uswds | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/themes/uswds b/docs/themes/uswds index bc74e156de..ac7915f3fa 160000 --- a/docs/themes/uswds +++ b/docs/themes/uswds @@ -1 +1 @@ -Subproject commit bc74e156ded0936f91aeadcf94447518c567e5a2 +Subproject commit ac7915f3fa4d14fde6115b4a88634f46955a8c20 From 265a5410d58afd8ddb5a6752914ffa8f083ca667 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Jan 2023 09:20:17 -0500 Subject: [PATCH 124/138] Bump actions/checkout from 3.1.0 to 3.3.0 (#1601) Dependabot couldn't find the original pull request head commit, 0fc50f7a116787dec18ce4b687a86bf3a9cb072c. Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/package-release.yml | 2 +- .../workflows/workflow-generate-metaschema-resources.yml | 6 +++--- .github/workflows/workflow-generate-website-reference.yml | 8 ++++---- .github/workflows/workflow-generate-website.yml | 6 +++--- .github/workflows/workflow-validate-repo-markdown.yml | 2 +- .github/workflows/workflow-validate-website-content.yml | 4 ++-- 6 files changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/workflows/package-release.yml b/.github/workflows/package-release.yml index 5ba1544b16..461aa059ba 100644 --- a/.github/workflows/package-release.yml +++ b/.github/workflows/package-release.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-20.04 steps: # use this for main repo master builds - - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 + - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c with: path: ${{ env.OSCAL_HOME }} submodules: recursive diff --git a/.github/workflows/workflow-generate-metaschema-resources.yml b/.github/workflows/workflow-generate-metaschema-resources.yml index 6e940f0b15..b45ebb0378 100644 --- a/.github/workflows/workflow-generate-metaschema-resources.yml +++ b/.github/workflows/workflow-generate-metaschema-resources.yml @@ -36,7 +36,7 @@ jobs: # use this for builds triggered from the UI on protected branches - name: Checkout Latest (using COMMIT_TOKEN) if: github.event_name == 'workflow_dispatch' && github.event.inputs.commit_resources == 'true' - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c with: path: ${{ env.CHECKOUT_PATH }} token: ${{ secrets.COMMIT_TOKEN }} @@ -45,7 +45,7 @@ jobs: # use this for builds triggered from other workflows on protected branches - name: Checkout Latest (using access_token) if: github.event_name == 'push' && inputs.commit_resources == true - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c with: path: ${{ env.CHECKOUT_PATH }} token: ${{ secrets.access_token }} @@ -54,7 +54,7 @@ jobs: # use this for overything else (i.e., pull requests) where publication is not needed - name: Checkout Latest if: steps.checkout_latest_workflow.conclusion == 'skipped' && steps.checkout_latest_push.conclusion == 'skipped' - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c with: path: ${{ env.CHECKOUT_PATH }} submodules: recursive diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index 04dfb80f8c..c5bcd18f6c 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -41,7 +41,7 @@ jobs: # 2) The target branch where the metaschemas exist that are the basis of reference information. # Checkout the current branch for reading - name: Checkout Latest - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c with: path: ${{ env.BRANCH_PATH }} submodules: recursive @@ -49,7 +49,7 @@ jobs: # use this for builds triggered from the UI on protected branches - name: Checkout Main (using COMMIT_TOKEN) if: github.event_name == 'workflow_dispatch' && github.event.inputs.commit_resources == 'true' - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c with: path: ${{ env.MAIN_PATH }} ref: ${{ env.MAIN_BRANCH_REF }} @@ -59,7 +59,7 @@ jobs: # use this for builds triggered from other workflows on protected branches - name: Checkout Main (using access_token) if: github.event_name == 'push' && inputs.commit_resources == true - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c with: path: ${{ env.MAIN_PATH }} ref: ${{ env.MAIN_BRANCH_REF }} @@ -69,7 +69,7 @@ jobs: # use this for overything else (i.e., pull requests) where publication is not needed - name: Checkout Main if: steps.checkout_main_workflow.conclusion == 'skipped' && steps.checkout_main_push.conclusion == 'skipped' - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c with: path: ${{ env.MAIN_PATH }} ref: ${{ env.MAIN_BRANCH_REF }} diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index e7ba606908..cbe47b9748 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -49,7 +49,7 @@ jobs: # use this for builds triggered from the UI on protected branches - name: Checkout Latest (using COMMIT_TOKEN) if: github.event_name == 'workflow_dispatch' && github.event.inputs.commit_resources == 'true' - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c with: token: ${{ secrets.COMMIT_TOKEN }} submodules: recursive @@ -57,7 +57,7 @@ jobs: # use this for builds triggered from other workflows on protected branches - name: Checkout Latest (using access_token) if: github.event_name == 'push' && inputs.commit_resources == true - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c with: token: ${{ secrets.access_token }} submodules: recursive @@ -65,7 +65,7 @@ jobs: # use this for overything else (i.e., pull requests) where publication is not needed - name: Checkout Latest if: steps.checkout_latest_workflow.conclusion == 'skipped' && steps.checkout_latest_push.conclusion == 'skipped' - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c with: submodules: recursive - name: Set env diff --git a/.github/workflows/workflow-validate-repo-markdown.yml b/.github/workflows/workflow-validate-repo-markdown.yml index d1b2505421..b24730011a 100644 --- a/.github/workflows/workflow-validate-repo-markdown.yml +++ b/.github/workflows/workflow-validate-repo-markdown.yml @@ -23,7 +23,7 @@ jobs: runs-on: ubuntu-20.04 steps: # use this for pulls where checkout is anonymous - - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 + - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c with: submodules: recursive # Setup runtime environment diff --git a/.github/workflows/workflow-validate-website-content.yml b/.github/workflows/workflow-validate-website-content.yml index 5e10bbe247..1822eb22f3 100644 --- a/.github/workflows/workflow-validate-website-content.yml +++ b/.github/workflows/workflow-validate-website-content.yml @@ -23,11 +23,11 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout Latest - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c with: fetch-depth: 0 # this ensures that the tag and commit history are available - name: Checkout git ref of published website content - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c with: ref: ${{ inputs.site_git_ref }} path: ${{ inputs.site_git_ref_path }} From 726ee9643f4402c443cb5f08c3af855650cb17c3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Jan 2023 09:25:24 -0500 Subject: [PATCH 125/138] Bump actions/setup-java from 3.8.0 to 3.9.0 (#1587) Dependabot couldn't find the original pull request head commit, 4abee5e00492b4a66d9936deddb10a1207bf1da1. Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-metaschema-resources.yml | 2 +- .github/workflows/workflow-generate-website-reference.yml | 2 +- .github/workflows/workflow-generate-website.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/workflow-generate-metaschema-resources.yml b/.github/workflows/workflow-generate-metaschema-resources.yml index b45ebb0378..8cb7705222 100644 --- a/.github/workflows/workflow-generate-metaschema-resources.yml +++ b/.github/workflows/workflow-generate-metaschema-resources.yml @@ -66,7 +66,7 @@ jobs: # ------------------------- # Java JDK 11 - name: Set up JDK - uses: actions/setup-java@c3ac5dd0ed8db40fedb61c32fbe677e6b355e94c + uses: actions/setup-java@1df8dbefe2a8cbc99770194893dd902763bee34b with: java-version: 11 distribution: 'temurin' diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index c5bcd18f6c..a7dfa7b2ca 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -82,7 +82,7 @@ jobs: # ------------------------- # Java JDK 11 - name: Set up JDK - uses: actions/setup-java@c3ac5dd0ed8db40fedb61c32fbe677e6b355e94c + uses: actions/setup-java@1df8dbefe2a8cbc99770194893dd902763bee34b with: java-version: 11 distribution: 'temurin' diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index cbe47b9748..a869743fec 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -76,7 +76,7 @@ jobs: # ------------------------- # Java JDK 11 - name: Set up JDK - uses: actions/setup-java@c3ac5dd0ed8db40fedb61c32fbe677e6b355e94c + uses: actions/setup-java@1df8dbefe2a8cbc99770194893dd902763bee34b with: java-version: 11 distribution: 'temurin' From b959aecdc860a30dc4c3b944e21d74f62486cacc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Jan 2023 09:26:36 -0500 Subject: [PATCH 126/138] Bump ncipollo/release-action from 1.11.2 to 1.12.0 (#1583) Dependabot couldn't find the original pull request head commit, 1ea8e7a9b954338a44e02daf43e4240da9c4808f. Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/package-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/package-release.yml b/.github/workflows/package-release.yml index 461aa059ba..4d8fd98164 100644 --- a/.github/workflows/package-release.yml +++ b/.github/workflows/package-release.yml @@ -45,7 +45,7 @@ jobs: ${{ env.OSCAL_WORKING_PATH }}/${{ env.RELEASE_NAME }}.tar.bz2 ${{ env.OSCAL_WORKING_PATH }}/${{ env.RELEASE_NAME }}.zip retention-days: 5 - - uses: ncipollo/release-action@18eadf9c9b0f226f47f164f5373c6a44f0aae169 + - uses: ncipollo/release-action@a2e71bdd4e7dab70ca26a852f29600c98b33153e with: name: OSCAL ${{ env.RELEASE_VERSION }} Release allowUpdates: false From 7bb0342b49cfc31d8edc1a451519febe540dde6a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Jan 2023 17:18:47 -0500 Subject: [PATCH 127/138] Bump golang from 1.19.4-bullseye to 1.19.5-bullseye in /build (#1609) Bumps golang from 1.19.4-bullseye to 1.19.5-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- build/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/Dockerfile b/build/Dockerfile index e1819f300f..d4e44207f9 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -8,7 +8,7 @@ RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone & apt-utils build-essential git jq libxml2-utils maven nodejs npm python3-pip unzip wget && \ apt-get clean -FROM golang:1.19.4-bullseye as oscal-hugo-build +FROM golang:1.19.5-bullseye as oscal-hugo-build RUN mkdir -p /go/src/github.com/usnistgov/OSCAL/build From 6ba5bcf23ea65f6ed3d75753f482ba602d8f79b7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Jan 2023 17:19:18 -0500 Subject: [PATCH 128/138] Bump github.com/gohugoio/hugo from 0.108.0 to 0.109.0 in /build (#1593) Dependabot couldn't find the original pull request head commit, 6e86f78b8482b07071dd6643e59ff81c569ba291. Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- build/go.mod | 8 ++++---- build/go.sum | 16 ++++++++-------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/build/go.mod b/build/go.mod index bb67fb6f07..1a4320c0d2 100644 --- a/build/go.mod +++ b/build/go.mod @@ -2,7 +2,7 @@ module github.com/usnistgov/OSCAL/build go 1.18 -require github.com/gohugoio/hugo v0.108.0 +require github.com/gohugoio/hugo v0.109.0 require ( cloud.google.com/go v0.101.0 // indirect @@ -107,12 +107,12 @@ require ( gocloud.dev v0.24.0 // indirect golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa // indirect golang.org/x/image v0.0.0-20211028202545-6944b10bf410 // indirect - golang.org/x/net v0.2.0 // indirect + golang.org/x/net v0.3.0 // indirect golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5 // indirect golang.org/x/sync v0.1.0 // indirect - golang.org/x/sys v0.2.0 // indirect + golang.org/x/sys v0.3.0 // indirect golang.org/x/text v0.5.0 // indirect - golang.org/x/tools v0.3.0 // indirect + golang.org/x/tools v0.4.0 // indirect golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f // indirect google.golang.org/api v0.76.0 // indirect google.golang.org/appengine v1.6.7 // indirect diff --git a/build/go.sum b/build/go.sum index 7f74ed0768..6da3292a6a 100644 --- a/build/go.sum +++ b/build/go.sum @@ -282,8 +282,8 @@ github.com/gobwas/ws v1.0.2/go.mod h1:szmBTxLgaFppYjEmNtny/v3w89xOydFnnZMcgRRu/E github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/gohugoio/go-i18n/v2 v2.1.3-0.20210430103248-4c28c89f8013 h1:Nj29Qbkt0bZ/bJl8eccfxQp3NlU/0IW1v9eyYtQ53XQ= github.com/gohugoio/go-i18n/v2 v2.1.3-0.20210430103248-4c28c89f8013/go.mod h1:3Ltoo9Banwq0gOtcOwxuHG6omk+AwsQPADyw2vQYOJQ= -github.com/gohugoio/hugo v0.108.0 h1:IEacmNscp3iC+pzz2ELSS5z29sg1vRJqh87hG5lQurk= -github.com/gohugoio/hugo v0.108.0/go.mod h1:O3TpqLfYf5Vfmrzwwg0Iry+DttGVMeodTn3lTWWsRfo= +github.com/gohugoio/hugo v0.109.0 h1:5QR77gymQad+ecpy0CQ0De7Plpo/ZhOQqftoKheXlK4= +github.com/gohugoio/hugo v0.109.0/go.mod h1:Cn2FhzBMopBYE9yCl87nHiVqFTf2tmIRoluazbIc7/I= github.com/gohugoio/locales v0.14.0 h1:Q0gpsZwfv7ATHMbcTNepFd59H7GoykzWJIxi113XGDc= github.com/gohugoio/locales v0.14.0/go.mod h1:ip8cCAv/cnmVLzzXtiTpPwgJ4xhKZranqNqtoIu0b/4= github.com/gohugoio/localescompressed v1.0.1 h1:KTYMi8fCWYLswFyJAeOtuk/EkXR/KPTHHNN9OS+RTxo= @@ -657,8 +657,8 @@ golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220325170049-de3da57026de/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220412020605-290c469a71a5/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.2.0 h1:sZfSu1wtKLGlWI4ZZayP0ck9Y73K1ynO6gqzTdBVdPU= -golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= +golang.org/x/net v0.3.0 h1:VWL6FNY2bEEmsGVKabSlHu5Irp34xmMRoqb/9lF9lxk= +golang.org/x/net v0.3.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -760,8 +760,8 @@ golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.2.0 h1:ljd4t30dBnAvMZaQCevtY0xLLD0A+bRZXbgLMLU1F/A= -golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.3.0 h1:w8ZOecv6NaNa/zC8944JTU3vz4u6Lagfk4RPQxv92NQ= +golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -833,8 +833,8 @@ golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.3.0 h1:SrNbZl6ECOS1qFzgTdQfWXZM9XBkiA6tkFrH9YSTPHM= -golang.org/x/tools v0.3.0/go.mod h1:/rWhSS2+zyEVwoJf8YAX6L2f0ntZ7Kn/mGgAWcipA5k= +golang.org/x/tools v0.4.0 h1:7mTAgkunk3fr4GAloyyCasadO6h9zSsQZbwvcaIciV4= +golang.org/x/tools v0.4.0/go.mod h1:UE5sM2OK9E/d67R0ANs2xJizIymRP5gJU295PvKXxjQ= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= From 50f9b828d03a4c55dab3a01eecc13b0697696454 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 12 Jan 2023 09:05:08 -0500 Subject: [PATCH 129/138] Bump peaceiris/actions-gh-pages from 3.9.0 to 3.9.1 (#1610) Bumps [peaceiris/actions-gh-pages](https://github.com/peaceiris/actions-gh-pages) from 3.9.0 to 3.9.1. - [Release notes](https://github.com/peaceiris/actions-gh-pages/releases) - [Changelog](https://github.com/peaceiris/actions-gh-pages/blob/main/CHANGELOG.md) - [Commits](https://github.com/peaceiris/actions-gh-pages/compare/de7ea6f8efb354206b205ef54722213d99067935...64b46b4226a4a12da2239ba3ea5aa73e3163c75b) --- updated-dependencies: - dependency-name: peaceiris/actions-gh-pages dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-website.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index a869743fec..6d26396bd4 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -164,7 +164,7 @@ jobs: script: | core.setFailed('Link checker detected broken or invalid links, read attached report.') - name: Deploy Website (using access_token) - uses: peaceiris/actions-gh-pages@de7ea6f8efb354206b205ef54722213d99067935 + uses: peaceiris/actions-gh-pages@64b46b4226a4a12da2239ba3ea5aa73e3163c75b if: github.event_name == 'push' && inputs.commit_resources == true && github.ref_name == 'main' with: github_token: ${{ secrets.access_token }} @@ -173,7 +173,7 @@ jobs: publish_branch: nist-pages commit_message: Deploying website [ci deploy skip] - name: Deploy Website (using COMMIT_TOKEN) - uses: peaceiris/actions-gh-pages@de7ea6f8efb354206b205ef54722213d99067935 + uses: peaceiris/actions-gh-pages@64b46b4226a4a12da2239ba3ea5aa73e3163c75b if: github.event_name == 'workflow_dispatch' && github.event.inputs.commit_resources == 'true' && github.ref_name == 'main' with: github_token: ${{ secrets.COMMIT_TOKEN }} From 1caa849fb9a1d151e710c8a25aa620580604ce71 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 12 Jan 2023 09:05:53 -0500 Subject: [PATCH 130/138] Bump maven-dependency-plugin from 3.4.0 to 3.5.0 in /build (#1613) Bumps [maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin) from 3.4.0 to 3.5.0. - [Release notes](https://github.com/apache/maven-dependency-plugin/releases) - [Commits](https://github.com/apache/maven-dependency-plugin/compare/maven-dependency-plugin-3.4.0...maven-dependency-plugin-3.5.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-dependency-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- build/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/pom.xml b/build/pom.xml index 552725a4fe..76486e1a6e 100644 --- a/build/pom.xml +++ b/build/pom.xml @@ -48,7 +48,7 @@ org.apache.maven.plugins maven-dependency-plugin - 3.4.0 + 3.5.0 copy-dependencies From e2db9e4082903a4a6bdfe08cc0e7e6a2bb65bec4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 12 Jan 2023 09:26:34 -0500 Subject: [PATCH 131/138] Bump actions/upload-artifact from 3.1.1 to 3.1.2 (#1612) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.1 to 3.1.2. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v3.1.1...0b7f8abb1508181956e8e162db84b466c27e18ce) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/package-release.yml | 2 +- .../workflows/workflow-generate-metaschema-resources.yml | 4 ++-- .github/workflows/workflow-generate-website-reference.yml | 2 +- .github/workflows/workflow-generate-website.yml | 6 +++--- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/package-release.yml b/.github/workflows/package-release.yml index 4d8fd98164..7201566854 100644 --- a/.github/workflows/package-release.yml +++ b/.github/workflows/package-release.yml @@ -38,7 +38,7 @@ jobs: bash "${OSCAL_CICD_PATH}/package-release.sh" "${OSCAL_WORKING_PATH}" tar -jcvf "${OSCAL_WORKING_PATH}/${RELEASE_NAME}.tar.bz2" -C "${OSCAL_WORKING_PATH}/archive" . (cd "${OSCAL_WORKING_PATH}/archive" && zip -r "../${RELEASE_NAME}.zip" .) - - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb + - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce with: name: release-artifacts path: | diff --git a/.github/workflows/workflow-generate-metaschema-resources.yml b/.github/workflows/workflow-generate-metaschema-resources.yml index 8cb7705222..91552954c6 100644 --- a/.github/workflows/workflow-generate-metaschema-resources.yml +++ b/.github/workflows/workflow-generate-metaschema-resources.yml @@ -124,13 +124,13 @@ jobs: run: | zip ${{ runner.temp }}/schematron-validations.zip -r ${{ runner.temp }} build/metaschema/toolchains/xslt-M4/validate/metaschema-composition-check-compiled.xsl working-directory: ${{ env.CHECKOUT_PATH }} - - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb + - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce with: name: schemas-and-converters path: | ${{ runner.temp }}/metaschema-artifacts.zip retention-days: 5 - - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 + - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce if: always() with: name: schematron-validation-reports diff --git a/.github/workflows/workflow-generate-website-reference.yml b/.github/workflows/workflow-generate-website-reference.yml index a7dfa7b2ca..44449393f9 100644 --- a/.github/workflows/workflow-generate-website-reference.yml +++ b/.github/workflows/workflow-generate-website-reference.yml @@ -149,7 +149,7 @@ jobs: run: | zip ${{ runner.temp }}/metaschema-website.zip -r public/ working-directory: ${{ env.MAIN_PATH }}/docs - - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb + - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce with: name: website path: | diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index 6d26396bd4..8a1ffeaca7 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -96,7 +96,7 @@ jobs: - name: Generate specification documentation run: | bash "${CICD_PATH}/generate-specification-documentation.sh" - - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb + - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce with: name: specification-docs path: | @@ -133,7 +133,7 @@ jobs: run: | zip ${{ runner.temp }}/metaschema-website.zip -r public/ working-directory: ${{ github.workspace }}/docs - - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb + - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce with: name: website path: | @@ -148,7 +148,7 @@ jobs: output: html-link-report.md env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb + - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce with: name: html-link-report path: html-link-report.md From fee6dd14ca534213c8aa6da540ef5c0c1958f428 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 12 Jan 2023 09:31:16 -0500 Subject: [PATCH 132/138] Bump actions/setup-node from 3.5.1 to 3.6.0 (#1611) Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3.5.1 to 3.6.0. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/8c91899e586c5b171469028077307d293428b516...64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-metaschema-resources.yml | 2 +- .github/workflows/workflow-validate-repo-markdown.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-metaschema-resources.yml b/.github/workflows/workflow-generate-metaschema-resources.yml index 91552954c6..321ec96f68 100644 --- a/.github/workflows/workflow-generate-metaschema-resources.yml +++ b/.github/workflows/workflow-generate-metaschema-resources.yml @@ -77,7 +77,7 @@ jobs: mkdir -p "${JAVA_CLASSPATH}" mvn dependency:copy-dependencies -DoutputDirectory="${JAVA_CLASSPATH}" - name: Set up NodeJS - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version-file: '${{ env.CHECKOUT_PATH }}/build/.nvmrc' cache: 'npm' diff --git a/.github/workflows/workflow-validate-repo-markdown.yml b/.github/workflows/workflow-validate-repo-markdown.yml index b24730011a..9fee3ff4c4 100644 --- a/.github/workflows/workflow-validate-repo-markdown.yml +++ b/.github/workflows/workflow-validate-repo-markdown.yml @@ -29,7 +29,7 @@ jobs: # Setup runtime environment # ------------------------- - name: Set up NodeJS - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version-file: 'build/.nvmrc' cache: 'npm' From 4d9c4600c995919e6ba69faf1f19a06613eed2c9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 19 Jan 2023 15:36:05 -0500 Subject: [PATCH 133/138] Bump peaceiris/actions-gh-pages from 3.9.1 to 3.9.2 (#1616) Bumps [peaceiris/actions-gh-pages](https://github.com/peaceiris/actions-gh-pages) from 3.9.1 to 3.9.2. - [Release notes](https://github.com/peaceiris/actions-gh-pages/releases) - [Changelog](https://github.com/peaceiris/actions-gh-pages/blob/main/CHANGELOG.md) - [Commits](https://github.com/peaceiris/actions-gh-pages/compare/64b46b4226a4a12da2239ba3ea5aa73e3163c75b...bd8c6b06eba6b3d25d72b7a1767993c0aeee42e7) --- updated-dependencies: - dependency-name: peaceiris/actions-gh-pages dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-website.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index 8a1ffeaca7..c25f4a3d53 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -164,7 +164,7 @@ jobs: script: | core.setFailed('Link checker detected broken or invalid links, read attached report.') - name: Deploy Website (using access_token) - uses: peaceiris/actions-gh-pages@64b46b4226a4a12da2239ba3ea5aa73e3163c75b + uses: peaceiris/actions-gh-pages@bd8c6b06eba6b3d25d72b7a1767993c0aeee42e7 if: github.event_name == 'push' && inputs.commit_resources == true && github.ref_name == 'main' with: github_token: ${{ secrets.access_token }} @@ -173,7 +173,7 @@ jobs: publish_branch: nist-pages commit_message: Deploying website [ci deploy skip] - name: Deploy Website (using COMMIT_TOKEN) - uses: peaceiris/actions-gh-pages@64b46b4226a4a12da2239ba3ea5aa73e3163c75b + uses: peaceiris/actions-gh-pages@bd8c6b06eba6b3d25d72b7a1767993c0aeee42e7 if: github.event_name == 'workflow_dispatch' && github.event.inputs.commit_resources == 'true' && github.ref_name == 'main' with: github_token: ${{ secrets.COMMIT_TOKEN }} From 45e1c2c33ce9c00b0f3f382961cf862507785d73 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Jan 2023 16:54:43 -0500 Subject: [PATCH 134/138] Bump github.com/gohugoio/hugo from 0.109.0 to 0.110.0 in /build (#1617) Bumps [github.com/gohugoio/hugo](https://github.com/gohugoio/hugo) from 0.109.0 to 0.110.0. - [Release notes](https://github.com/gohugoio/hugo/releases) - [Changelog](https://github.com/gohugoio/hugo/blob/master/hugoreleaser.toml) - [Commits](https://github.com/gohugoio/hugo/compare/v0.109.0...v0.110.0) --- updated-dependencies: - dependency-name: github.com/gohugoio/hugo dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- build/go.mod | 4 ++-- build/go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/build/go.mod b/build/go.mod index 1a4320c0d2..d87f680405 100644 --- a/build/go.mod +++ b/build/go.mod @@ -2,7 +2,7 @@ module github.com/usnistgov/OSCAL/build go 1.18 -require github.com/gohugoio/hugo v0.109.0 +require github.com/gohugoio/hugo v0.110.0 require ( cloud.google.com/go v0.101.0 // indirect @@ -47,7 +47,7 @@ require ( github.com/disintegration/gift v1.2.1 // indirect github.com/dlclark/regexp2 v1.7.0 // indirect github.com/dustin/go-humanize v1.0.0 // indirect - github.com/evanw/esbuild v0.15.18 // indirect + github.com/evanw/esbuild v0.17.0 // indirect github.com/frankban/quicktest v1.14.4 // indirect github.com/fsnotify/fsnotify v1.6.0 // indirect github.com/getkin/kin-openapi v0.110.0 // indirect diff --git a/build/go.sum b/build/go.sum index 6da3292a6a..d09e776e6c 100644 --- a/build/go.sum +++ b/build/go.sum @@ -238,8 +238,8 @@ github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.m github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/evanw/esbuild v0.15.18 h1:CM7eAoUjjNkZs1LH0p6fkwtADrbFr4JV2SlT1bUMjEo= -github.com/evanw/esbuild v0.15.18/go.mod h1:iINY06rn799hi48UqEnaQvVfZWe6W9bET78LbvN8VWk= +github.com/evanw/esbuild v0.17.0 h1:gGx9TCZDO9k9x1PJdizx6syIpUq29RwrtHWlgDIdQH8= +github.com/evanw/esbuild v0.17.0/go.mod h1:iINY06rn799hi48UqEnaQvVfZWe6W9bET78LbvN8VWk= github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/fortytw2/leaktest v1.3.0 h1:u8491cBMTQ8ft8aeV+adlcytMZylmA5nnwwkRZjI8vw= github.com/fortytw2/leaktest v1.3.0/go.mod h1:jDsjWgpAGjm2CA7WthBh/CdZYEPF31XHquHwclZch5g= @@ -282,8 +282,8 @@ github.com/gobwas/ws v1.0.2/go.mod h1:szmBTxLgaFppYjEmNtny/v3w89xOydFnnZMcgRRu/E github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/gohugoio/go-i18n/v2 v2.1.3-0.20210430103248-4c28c89f8013 h1:Nj29Qbkt0bZ/bJl8eccfxQp3NlU/0IW1v9eyYtQ53XQ= github.com/gohugoio/go-i18n/v2 v2.1.3-0.20210430103248-4c28c89f8013/go.mod h1:3Ltoo9Banwq0gOtcOwxuHG6omk+AwsQPADyw2vQYOJQ= -github.com/gohugoio/hugo v0.109.0 h1:5QR77gymQad+ecpy0CQ0De7Plpo/ZhOQqftoKheXlK4= -github.com/gohugoio/hugo v0.109.0/go.mod h1:Cn2FhzBMopBYE9yCl87nHiVqFTf2tmIRoluazbIc7/I= +github.com/gohugoio/hugo v0.110.0 h1:FBBypy+UXD9BWaMReIZ+y2FSxFwlJCqoutVi7jKa90o= +github.com/gohugoio/hugo v0.110.0/go.mod h1:Fn7vtWrDBSojvaHSft+KMHhl6aH2934CR2njI32i38k= github.com/gohugoio/locales v0.14.0 h1:Q0gpsZwfv7ATHMbcTNepFd59H7GoykzWJIxi113XGDc= github.com/gohugoio/locales v0.14.0/go.mod h1:ip8cCAv/cnmVLzzXtiTpPwgJ4xhKZranqNqtoIu0b/4= github.com/gohugoio/localescompressed v1.0.1 h1:KTYMi8fCWYLswFyJAeOtuk/EkXR/KPTHHNN9OS+RTxo= From 5afde6cd143494b4cecef95ff60b6dd1a98a501d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 27 Jan 2023 16:34:01 -0500 Subject: [PATCH 135/138] Bump actions/github-script from 6.3.3 to 6.4.0 (#1628) Bumps [actions/github-script](https://github.com/actions/github-script) from 6.3.3 to 6.4.0. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/d556feaca394842dc55e4734bf3bb9f685482fa0...98814c53be79b1d30f795b907e553d8679345975) --- updated-dependencies: - dependency-name: actions/github-script dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/workflow-generate-website.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/workflow-generate-website.yml b/.github/workflows/workflow-generate-website.yml index c25f4a3d53..73a6712863 100644 --- a/.github/workflows/workflow-generate-website.yml +++ b/.github/workflows/workflow-generate-website.yml @@ -153,12 +153,12 @@ jobs: name: html-link-report path: html-link-report.md retention-days: 5 - - uses: actions/github-script@d556feaca394842dc55e4734bf3bb9f685482fa0 + - uses: actions/github-script@98814c53be79b1d30f795b907e553d8679345975 if: steps.linkchecker.outputs.exit_code != 0 with: script: | core.setFailed('Link checker detected broken or invalid links, read attached report.') - - uses: actions/github-script@d556feaca394842dc55e4734bf3bb9f685482fa0 + - uses: actions/github-script@98814c53be79b1d30f795b907e553d8679345975 if: steps.linkchecker.outputs.exit_code != 0 && (github.event.inputs.bad_links_fail_build == 'true' || inputs.bad_links_fail_build == true) with: script: | From 20fb9b6e4e6e9d45beb8d2d962a55b543e05e01d Mon Sep 17 00:00:00 2001 From: "A.J. Stein" Date: Tue, 31 Jan 2023 12:28:41 -0500 Subject: [PATCH 136/138] [WIP] Test out usnistgov/metaschema#253 fix for usnistgov/metaschema#240 issue. Determine if this submodule update fixes CI/CD breakage with JSON schema or if other bugs and development issues leave it broken. --- build/metaschema | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/metaschema b/build/metaschema index d3d53940dc..5f51539633 160000 --- a/build/metaschema +++ b/build/metaschema @@ -1 +1 @@ -Subproject commit d3d53940dc748ab2f07749d6867d0012e5d427a5 +Subproject commit 5f515396332fd34c8c1ff5d02013ae9ee0052e8d From aed20d48fc88b1809b0c5983d73d7f4dc233643d Mon Sep 17 00:00:00 2001 From: OSCAL GitHub Actions Bot Date: Wed, 1 Feb 2023 14:06:16 +0000 Subject: [PATCH 137/138] Publishing generated metaschema resources [ci skip] --- json/schema/oscal_assessment-plan_schema.json | 232 +++++++++++++-- .../oscal_assessment-results_schema.json | 232 +++++++++++++-- json/schema/oscal_catalog_schema.json | 72 +++-- json/schema/oscal_complete_schema.json | 266 +++++++++++++++--- json/schema/oscal_component_schema.json | 122 ++++++-- json/schema/oscal_mapping_schema.json | 72 +++-- json/schema/oscal_poam_schema.json | 232 +++++++++++++-- json/schema/oscal_profile_schema.json | 62 +++- json/schema/oscal_ssp_schema.json | 112 ++++++-- 9 files changed, 1199 insertions(+), 203 deletions(-) diff --git a/json/schema/oscal_assessment-plan_schema.json b/json/schema/oscal_assessment-plan_schema.json index 95218836b2..d121cc8ec8 100644 --- a/json/schema/oscal_assessment-plan_schema.json +++ b/json/schema/oscal_assessment-plan_schema.json @@ -283,9 +283,14 @@ { "scheme" : { "title" : "External Identifier Schema", "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://orcid.org/" ] } ] }, "id" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "id", "scheme" ], @@ -462,7 +467,7 @@ "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "value" : - { "type" : "string" } }, + { "$ref" : "#/definitions/Base64Datatype" } }, "required" : [ "value" ], "additionalProperties" : false }, @@ -521,7 +526,12 @@ "rel" : { "title" : "Link Relation Type", "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "reference" ] } ] }, "media-type" : { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", @@ -651,9 +661,21 @@ { "algorithm" : { "title" : "Hash algorithm", "description" : "The digest method by which a hash is derived.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "SHA-224", + "SHA-256", + "SHA-384", + "SHA-512", + "SHA3-224", + "SHA3-256", + "SHA3-384", + "SHA3-512" ] } ] }, "value" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "value", "algorithm" ], @@ -697,9 +719,16 @@ { "type" : { "title" : "type flag", "description" : "Indicates the type of phone number.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "home", + "office", + "mobile" ] } ] }, "number" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "number" ], "additionalProperties" : false }, @@ -712,7 +741,13 @@ { "type" : { "title" : "Address Type", "description" : "Indicates the type of address.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "home", + "work" ] } ] }, "addr-lines" : { "type" : "array", "minItems" : 1, @@ -749,9 +784,14 @@ { "scheme" : { "title" : "Document Identification Scheme", "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://www.doi.org/" ] } ] }, "identifier" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "identifier" ], "additionalProperties" : false }, @@ -934,7 +974,13 @@ "type" : { "title" : "Task Type", "description" : "The type of task.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "milestone", + "action" ] } ] }, "title" : { "title" : "Task Title", "description" : "The title for this task.", @@ -1278,7 +1324,16 @@ { "type" : { "title" : "Subject Type", "description" : "Indicates the type of assessment subject, such as a component, inventory, item, location, or party represented by this selection statement.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "component", + "inventory-item", + "location", + "party", + "user" ] } ] }, "description" : { "title" : "Include Subjects Description", "description" : "A human-readable description of the collection of subjects being included in this assessment.", @@ -1323,7 +1378,17 @@ "type" : { "title" : "Subject Universally Unique Identifier Reference Type", "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "component", + "inventory-item", + "location", + "party", + "user", + "resource" ] } ] }, "props" : { "type" : "array", "minItems" : 1, @@ -1353,7 +1418,17 @@ "type" : { "title" : "Subject Universally Unique Identifier Reference Type", "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "component", + "inventory-item", + "location", + "party", + "user", + "resource" ] } ] }, "title" : { "title" : "Subject Reference Title", "description" : "The title or name for the referenced subject.", @@ -1507,7 +1582,14 @@ "reason" : { "title" : "Objective Status Reason", "description" : "The reason the objective was given it's status.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "pass", + "fail", + "other" ] } ] }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1633,14 +1715,31 @@ "items" : { "title" : "Observation Method", "description" : "Identifies how the observation was made.", - "$ref" : "#/definitions/StringDatatype" } }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "EXAMINE", + "INTERVIEW", + "TEST", + "UNKNOWN" ] } ] } }, "types" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Observation Type", "description" : "Identifies the nature of the observation. More than one may be used to further qualify and enable filtering.", - "$ref" : "#/definitions/TokenDatatype" } }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "ssp-statement-issue", + "control-objective", + "mitigation", + "finding", + "historic" ] } ] } }, "origins" : { "type" : "array", "minItems" : 1, @@ -1818,13 +1917,19 @@ { "system" : { "title" : "Threat Type Identification System", "description" : "Specifies the source of the threat information.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://fedramp.gov", + "http://fedramp.gov/ns/oscal" ] } ] }, "href" : { "title" : "Threat Information Resource Reference", "description" : "An optional location for the threat data, from which this ID originates.", "$ref" : "#/definitions/URIReferenceDatatype" }, "id" : - { "type" : "string" } }, + { "$ref" : "#/definitions/URIDatatype" } }, "required" : [ "id", "system" ], @@ -2060,7 +2165,17 @@ { "title" : "Risk Status", "description" : "Describes the status of the associated risk.", "$id" : "#field_oscal-assessment-common_risk-status", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "open", + "investigating", + "remediating", + "deviation-requested", + "deviation-approved", + "closed" ] } ] }, "oscal-ap-oscal-assessment-common:characterization" : { "title" : "Characterization", "description" : "A collection of descriptive data about the containing object from a specific origin.", @@ -2094,7 +2209,19 @@ "system" : { "title" : "Naming System", "description" : "Specifies the naming system under which this risk metric is organized, which allows for the same names to be used in different systems controlled by different parties. This avoids the potential of a name clash.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://fedramp.gov", + "http://fedramp.gov/ns/oscal", + "http://csrc.nist.gov/ns/oscal", + "http://csrc.nist.gov/ns/oscal/unknown", + "http://cve.mitre.org", + "http://www.first.org/cvss/v2.0", + "http://www.first.org/cvss/v3.0", + "http://www.first.org/cvss/v3.1" ] } ] }, "value" : { "title" : "Facet Value", "description" : "Indicates the value of the facet.", @@ -2133,7 +2260,14 @@ "lifecycle" : { "title" : "Remediation Intent", "description" : "Identifies whether this is a recommendation, such as from an assessor or tool, or an actual plan accepted by the system owner.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "recommendation", + "planned", + "completed" ] } ] }, "title" : { "title" : "Response Title", "description" : "The title for this response activity.", @@ -2224,7 +2358,14 @@ "name" : { "title" : "Part Name", "description" : "A textual label that uniquely identifies the part's semantic type.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "asset", + "method", + "objective" ] } ] }, "ns" : { "title" : "Part Namespace", "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", @@ -2454,7 +2595,25 @@ "type" : { "title" : "Component Type", "description" : "A category describing the purpose of the component.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "this-system", + "system", + "interconnection", + "software", + "hardware", + "service", + "policy", + "physical", + "process-procedure", + "plan", + "guidance", + "standard", + "validation", + "network" ] } ] }, "title" : { "title" : "Component Title", "description" : "A human readable name for the system component.", @@ -2578,7 +2737,16 @@ { "state" : { "title" : "Implementation State", "description" : "Identifies the implementation status of the control or control objective.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "implemented", + "partial", + "planned", + "alternative", + "not-applicable" ] } ] }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -2758,9 +2926,17 @@ { "identifier-type" : { "title" : "Identification System Type", "description" : "Identifies the identification system from which the provided identifier was assigned.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "https://fedramp.gov", + "http://fedramp.gov/ns/oscal", + "https://ietf.org/rfc/rfc4122", + "http://ietf.org/rfc/rfc4122" ] } ] }, "id" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "id" ], "additionalProperties" : false }, diff --git a/json/schema/oscal_assessment-results_schema.json b/json/schema/oscal_assessment-results_schema.json index 4e42d5e9cb..25c3409831 100644 --- a/json/schema/oscal_assessment-results_schema.json +++ b/json/schema/oscal_assessment-results_schema.json @@ -436,9 +436,14 @@ { "scheme" : { "title" : "External Identifier Schema", "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://orcid.org/" ] } ] }, "id" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "id", "scheme" ], @@ -615,7 +620,7 @@ "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "value" : - { "type" : "string" } }, + { "$ref" : "#/definitions/Base64Datatype" } }, "required" : [ "value" ], "additionalProperties" : false }, @@ -674,7 +679,12 @@ "rel" : { "title" : "Link Relation Type", "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "reference" ] } ] }, "media-type" : { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", @@ -804,9 +814,21 @@ { "algorithm" : { "title" : "Hash algorithm", "description" : "The digest method by which a hash is derived.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "SHA-224", + "SHA-256", + "SHA-384", + "SHA-512", + "SHA3-224", + "SHA3-256", + "SHA3-384", + "SHA3-512" ] } ] }, "value" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "value", "algorithm" ], @@ -850,9 +872,16 @@ { "type" : { "title" : "type flag", "description" : "Indicates the type of phone number.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "home", + "office", + "mobile" ] } ] }, "number" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "number" ], "additionalProperties" : false }, @@ -865,7 +894,13 @@ { "type" : { "title" : "Address Type", "description" : "Indicates the type of address.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "home", + "work" ] } ] }, "addr-lines" : { "type" : "array", "minItems" : 1, @@ -902,9 +937,14 @@ { "scheme" : { "title" : "Document Identification Scheme", "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://www.doi.org/" ] } ] }, "identifier" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "identifier" ], "additionalProperties" : false }, @@ -1087,7 +1127,13 @@ "type" : { "title" : "Task Type", "description" : "The type of task.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "milestone", + "action" ] } ] }, "title" : { "title" : "Task Title", "description" : "The title for this task.", @@ -1431,7 +1477,16 @@ { "type" : { "title" : "Subject Type", "description" : "Indicates the type of assessment subject, such as a component, inventory, item, location, or party represented by this selection statement.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "component", + "inventory-item", + "location", + "party", + "user" ] } ] }, "description" : { "title" : "Include Subjects Description", "description" : "A human-readable description of the collection of subjects being included in this assessment.", @@ -1476,7 +1531,17 @@ "type" : { "title" : "Subject Universally Unique Identifier Reference Type", "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "component", + "inventory-item", + "location", + "party", + "user", + "resource" ] } ] }, "props" : { "type" : "array", "minItems" : 1, @@ -1506,7 +1571,17 @@ "type" : { "title" : "Subject Universally Unique Identifier Reference Type", "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "component", + "inventory-item", + "location", + "party", + "user", + "resource" ] } ] }, "title" : { "title" : "Subject Reference Title", "description" : "The title or name for the referenced subject.", @@ -1660,7 +1735,14 @@ "reason" : { "title" : "Objective Status Reason", "description" : "The reason the objective was given it's status.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "pass", + "fail", + "other" ] } ] }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1786,14 +1868,31 @@ "items" : { "title" : "Observation Method", "description" : "Identifies how the observation was made.", - "$ref" : "#/definitions/StringDatatype" } }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "EXAMINE", + "INTERVIEW", + "TEST", + "UNKNOWN" ] } ] } }, "types" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Observation Type", "description" : "Identifies the nature of the observation. More than one may be used to further qualify and enable filtering.", - "$ref" : "#/definitions/TokenDatatype" } }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "ssp-statement-issue", + "control-objective", + "mitigation", + "finding", + "historic" ] } ] } }, "origins" : { "type" : "array", "minItems" : 1, @@ -1971,13 +2070,19 @@ { "system" : { "title" : "Threat Type Identification System", "description" : "Specifies the source of the threat information.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://fedramp.gov", + "http://fedramp.gov/ns/oscal" ] } ] }, "href" : { "title" : "Threat Information Resource Reference", "description" : "An optional location for the threat data, from which this ID originates.", "$ref" : "#/definitions/URIReferenceDatatype" }, "id" : - { "type" : "string" } }, + { "$ref" : "#/definitions/URIDatatype" } }, "required" : [ "id", "system" ], @@ -2213,7 +2318,17 @@ { "title" : "Risk Status", "description" : "Describes the status of the associated risk.", "$id" : "#field_oscal-assessment-common_risk-status", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "open", + "investigating", + "remediating", + "deviation-requested", + "deviation-approved", + "closed" ] } ] }, "oscal-ar-oscal-assessment-common:characterization" : { "title" : "Characterization", "description" : "A collection of descriptive data about the containing object from a specific origin.", @@ -2247,7 +2362,19 @@ "system" : { "title" : "Naming System", "description" : "Specifies the naming system under which this risk metric is organized, which allows for the same names to be used in different systems controlled by different parties. This avoids the potential of a name clash.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://fedramp.gov", + "http://fedramp.gov/ns/oscal", + "http://csrc.nist.gov/ns/oscal", + "http://csrc.nist.gov/ns/oscal/unknown", + "http://cve.mitre.org", + "http://www.first.org/cvss/v2.0", + "http://www.first.org/cvss/v3.0", + "http://www.first.org/cvss/v3.1" ] } ] }, "value" : { "title" : "Facet Value", "description" : "Indicates the value of the facet.", @@ -2286,7 +2413,14 @@ "lifecycle" : { "title" : "Remediation Intent", "description" : "Identifies whether this is a recommendation, such as from an assessor or tool, or an actual plan accepted by the system owner.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "recommendation", + "planned", + "completed" ] } ] }, "title" : { "title" : "Response Title", "description" : "The title for this response activity.", @@ -2377,7 +2511,14 @@ "name" : { "title" : "Part Name", "description" : "A textual label that uniquely identifies the part's semantic type.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "asset", + "method", + "objective" ] } ] }, "ns" : { "title" : "Part Namespace", "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", @@ -2607,7 +2748,25 @@ "type" : { "title" : "Component Type", "description" : "A category describing the purpose of the component.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "this-system", + "system", + "interconnection", + "software", + "hardware", + "service", + "policy", + "physical", + "process-procedure", + "plan", + "guidance", + "standard", + "validation", + "network" ] } ] }, "title" : { "title" : "Component Title", "description" : "A human readable name for the system component.", @@ -2731,7 +2890,16 @@ { "state" : { "title" : "Implementation State", "description" : "Identifies the implementation status of the control or control objective.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "implemented", + "partial", + "planned", + "alternative", + "not-applicable" ] } ] }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -2911,9 +3079,17 @@ { "identifier-type" : { "title" : "Identification System Type", "description" : "Identifies the identification system from which the provided identifier was assigned.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "https://fedramp.gov", + "http://fedramp.gov/ns/oscal", + "https://ietf.org/rfc/rfc4122", + "http://ietf.org/rfc/rfc4122" ] } ] }, "id" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "id" ], "additionalProperties" : false }, diff --git a/json/schema/oscal_catalog_schema.json b/json/schema/oscal_catalog_schema.json index b3c4b6d914..8b20a9aa59 100644 --- a/json/schema/oscal_catalog_schema.json +++ b/json/schema/oscal_catalog_schema.json @@ -537,9 +537,14 @@ { "scheme" : { "title" : "External Identifier Schema", "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://orcid.org/" ] } ] }, "id" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "id", "scheme" ], @@ -716,7 +721,7 @@ "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "value" : - { "type" : "string" } }, + { "$ref" : "#/definitions/Base64Datatype" } }, "required" : [ "value" ], "additionalProperties" : false }, @@ -775,7 +780,12 @@ "rel" : { "title" : "Link Relation Type", "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "reference" ] } ] }, "media-type" : { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", @@ -905,9 +915,21 @@ { "algorithm" : { "title" : "Hash algorithm", "description" : "The digest method by which a hash is derived.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "SHA-224", + "SHA-256", + "SHA-384", + "SHA-512", + "SHA3-224", + "SHA3-256", + "SHA3-384", + "SHA3-512" ] } ] }, "value" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "value", "algorithm" ], @@ -951,9 +973,16 @@ { "type" : { "title" : "type flag", "description" : "Indicates the type of phone number.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "home", + "office", + "mobile" ] } ] }, "number" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "number" ], "additionalProperties" : false }, @@ -966,7 +995,13 @@ { "type" : { "title" : "Address Type", "description" : "Indicates the type of address.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "home", + "work" ] } ] }, "addr-lines" : { "type" : "array", "minItems" : 1, @@ -1003,9 +1038,14 @@ { "scheme" : { "title" : "Document Identification Scheme", "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://www.doi.org/" ] } ] }, "identifier" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "identifier" ], "additionalProperties" : false }, @@ -1039,16 +1079,10 @@ "description" : "A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name.", "$ref" : "#/definitions/URIDatatype" }, "type" : - { "type" : "string" } }, + { "$ref" : "#/definitions/TokenDatatype" } }, "required" : [ "type" ], - "additionalProperties" : false, - "enum" : - [ "equivalent-to", - "equal-to", - "subset-of", - "superset-of", - "intersects-with" ] }, + "additionalProperties" : false }, "sources" : { "type" : "array", "minItems" : 1, diff --git a/json/schema/oscal_complete_schema.json b/json/schema/oscal_complete_schema.json index 41f81c8704..a05f8dd0de 100644 --- a/json/schema/oscal_complete_schema.json +++ b/json/schema/oscal_complete_schema.json @@ -537,9 +537,14 @@ { "scheme" : { "title" : "External Identifier Schema", "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://orcid.org/" ] } ] }, "id" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "id", "scheme" ], @@ -716,7 +721,7 @@ "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "value" : - { "type" : "string" } }, + { "$ref" : "#/definitions/Base64Datatype" } }, "required" : [ "value" ], "additionalProperties" : false }, @@ -775,7 +780,12 @@ "rel" : { "title" : "Link Relation Type", "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "reference" ] } ] }, "media-type" : { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", @@ -905,9 +915,21 @@ { "algorithm" : { "title" : "Hash algorithm", "description" : "The digest method by which a hash is derived.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "SHA-224", + "SHA-256", + "SHA-384", + "SHA-512", + "SHA3-224", + "SHA3-256", + "SHA3-384", + "SHA3-512" ] } ] }, "value" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "value", "algorithm" ], @@ -951,9 +973,16 @@ { "type" : { "title" : "type flag", "description" : "Indicates the type of phone number.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "home", + "office", + "mobile" ] } ] }, "number" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "number" ], "additionalProperties" : false }, @@ -966,7 +995,13 @@ { "type" : { "title" : "Address Type", "description" : "Indicates the type of address.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "home", + "work" ] } ] }, "addr-lines" : { "type" : "array", "minItems" : 1, @@ -1003,9 +1038,14 @@ { "scheme" : { "title" : "Document Identification Scheme", "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://www.doi.org/" ] } ] }, "identifier" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "identifier" ], "additionalProperties" : false }, @@ -1039,16 +1079,10 @@ "description" : "A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name.", "$ref" : "#/definitions/URIDatatype" }, "type" : - { "type" : "string" } }, + { "$ref" : "#/definitions/TokenDatatype" } }, "required" : [ "type" ], - "additionalProperties" : false, - "enum" : - [ "equivalent-to", - "equal-to", - "subset-of", - "superset-of", - "intersects-with" ] }, + "additionalProperties" : false }, "sources" : { "type" : "array", "minItems" : 1, @@ -1638,7 +1672,22 @@ "type" : { "title" : "Component Type", "description" : "A category describing the purpose of the component.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "interconnection", + "software", + "hardware", + "service", + "policy", + "physical", + "process-procedure", + "plan", + "guidance", + "standard", + "validation" ] } ] }, "title" : { "title" : "Component Title", "description" : "A human readable name for the component.", @@ -1894,7 +1943,25 @@ "type" : { "title" : "Component Type", "description" : "A category describing the purpose of the component.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "this-system", + "system", + "interconnection", + "software", + "hardware", + "service", + "policy", + "physical", + "process-procedure", + "plan", + "guidance", + "standard", + "validation", + "network" ] } ] }, "title" : { "title" : "Component Title", "description" : "A human readable name for the system component.", @@ -2018,7 +2085,16 @@ { "state" : { "title" : "Implementation State", "description" : "Identifies the implementation status of the control or control objective.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "implemented", + "partial", + "planned", + "alternative", + "not-applicable" ] } ] }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -2198,9 +2274,17 @@ { "identifier-type" : { "title" : "Identification System Type", "description" : "Identifies the identification system from which the provided identifier was assigned.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "https://fedramp.gov", + "http://fedramp.gov/ns/oscal", + "https://ietf.org/rfc/rfc4122", + "http://ietf.org/rfc/rfc4122" ] } ] }, "id" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "id" ], "additionalProperties" : false }, @@ -2364,7 +2448,12 @@ { "system" : { "title" : "Information Type Identification System", "description" : "Specifies the information type identification system used.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://doi.org/10.6028/NIST.SP.800-60v2r1" ] } ] }, "information-type-ids" : { "type" : "array", "minItems" : 1, @@ -3290,7 +3379,13 @@ "type" : { "title" : "Task Type", "description" : "The type of task.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "milestone", + "action" ] } ] }, "title" : { "title" : "Task Title", "description" : "The title for this task.", @@ -3634,7 +3729,16 @@ { "type" : { "title" : "Subject Type", "description" : "Indicates the type of assessment subject, such as a component, inventory, item, location, or party represented by this selection statement.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "component", + "inventory-item", + "location", + "party", + "user" ] } ] }, "description" : { "title" : "Include Subjects Description", "description" : "A human-readable description of the collection of subjects being included in this assessment.", @@ -3679,7 +3783,17 @@ "type" : { "title" : "Subject Universally Unique Identifier Reference Type", "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "component", + "inventory-item", + "location", + "party", + "user", + "resource" ] } ] }, "props" : { "type" : "array", "minItems" : 1, @@ -3709,7 +3823,17 @@ "type" : { "title" : "Subject Universally Unique Identifier Reference Type", "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "component", + "inventory-item", + "location", + "party", + "user", + "resource" ] } ] }, "title" : { "title" : "Subject Reference Title", "description" : "The title or name for the referenced subject.", @@ -3863,7 +3987,14 @@ "reason" : { "title" : "Objective Status Reason", "description" : "The reason the objective was given it's status.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "pass", + "fail", + "other" ] } ] }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -3989,14 +4120,31 @@ "items" : { "title" : "Observation Method", "description" : "Identifies how the observation was made.", - "$ref" : "#/definitions/StringDatatype" } }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "EXAMINE", + "INTERVIEW", + "TEST", + "UNKNOWN" ] } ] } }, "types" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Observation Type", "description" : "Identifies the nature of the observation. More than one may be used to further qualify and enable filtering.", - "$ref" : "#/definitions/TokenDatatype" } }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "ssp-statement-issue", + "control-objective", + "mitigation", + "finding", + "historic" ] } ] } }, "origins" : { "type" : "array", "minItems" : 1, @@ -4174,13 +4322,19 @@ { "system" : { "title" : "Threat Type Identification System", "description" : "Specifies the source of the threat information.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://fedramp.gov", + "http://fedramp.gov/ns/oscal" ] } ] }, "href" : { "title" : "Threat Information Resource Reference", "description" : "An optional location for the threat data, from which this ID originates.", "$ref" : "#/definitions/URIReferenceDatatype" }, "id" : - { "type" : "string" } }, + { "$ref" : "#/definitions/URIDatatype" } }, "required" : [ "id", "system" ], @@ -4416,7 +4570,17 @@ { "title" : "Risk Status", "description" : "Describes the status of the associated risk.", "$id" : "#field_oscal-assessment-common_risk-status", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "open", + "investigating", + "remediating", + "deviation-requested", + "deviation-approved", + "closed" ] } ] }, "oscal-complete-oscal-assessment-common:characterization" : { "title" : "Characterization", "description" : "A collection of descriptive data about the containing object from a specific origin.", @@ -4450,7 +4614,19 @@ "system" : { "title" : "Naming System", "description" : "Specifies the naming system under which this risk metric is organized, which allows for the same names to be used in different systems controlled by different parties. This avoids the potential of a name clash.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://fedramp.gov", + "http://fedramp.gov/ns/oscal", + "http://csrc.nist.gov/ns/oscal", + "http://csrc.nist.gov/ns/oscal/unknown", + "http://cve.mitre.org", + "http://www.first.org/cvss/v2.0", + "http://www.first.org/cvss/v3.0", + "http://www.first.org/cvss/v3.1" ] } ] }, "value" : { "title" : "Facet Value", "description" : "Indicates the value of the facet.", @@ -4489,7 +4665,14 @@ "lifecycle" : { "title" : "Remediation Intent", "description" : "Identifies whether this is a recommendation, such as from an assessor or tool, or an actual plan accepted by the system owner.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "recommendation", + "planned", + "completed" ] } ] }, "title" : { "title" : "Response Title", "description" : "The title for this response activity.", @@ -4580,7 +4763,14 @@ "name" : { "title" : "Part Name", "description" : "A textual label that uniquely identifies the part's semantic type.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "asset", + "method", + "objective" ] } ] }, "ns" : { "title" : "Part Namespace", "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", diff --git a/json/schema/oscal_component_schema.json b/json/schema/oscal_component_schema.json index 750ba9a7c9..6569b4ae0d 100644 --- a/json/schema/oscal_component_schema.json +++ b/json/schema/oscal_component_schema.json @@ -63,7 +63,22 @@ "type" : { "title" : "Component Type", "description" : "A category describing the purpose of the component.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "interconnection", + "software", + "hardware", + "service", + "policy", + "physical", + "process-procedure", + "plan", + "guidance", + "standard", + "validation" ] } ] }, "title" : { "title" : "Component Title", "description" : "A human readable name for the component.", @@ -319,7 +334,25 @@ "type" : { "title" : "Component Type", "description" : "A category describing the purpose of the component.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "this-system", + "system", + "interconnection", + "software", + "hardware", + "service", + "policy", + "physical", + "process-procedure", + "plan", + "guidance", + "standard", + "validation", + "network" ] } ] }, "title" : { "title" : "Component Title", "description" : "A human readable name for the system component.", @@ -443,7 +476,16 @@ { "state" : { "title" : "Implementation State", "description" : "Identifies the implementation status of the control or control objective.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "implemented", + "partial", + "planned", + "alternative", + "not-applicable" ] } ] }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -623,9 +665,17 @@ { "identifier-type" : { "title" : "Identification System Type", "description" : "Identifies the identification system from which the provided identifier was assigned.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "https://fedramp.gov", + "http://fedramp.gov/ns/oscal", + "https://ietf.org/rfc/rfc4122", + "http://ietf.org/rfc/rfc4122" ] } ] }, "id" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "id" ], "additionalProperties" : false }, @@ -828,9 +878,14 @@ { "scheme" : { "title" : "External Identifier Schema", "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://orcid.org/" ] } ] }, "id" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "id", "scheme" ], @@ -1007,7 +1062,7 @@ "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "value" : - { "type" : "string" } }, + { "$ref" : "#/definitions/Base64Datatype" } }, "required" : [ "value" ], "additionalProperties" : false }, @@ -1066,7 +1121,12 @@ "rel" : { "title" : "Link Relation Type", "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "reference" ] } ] }, "media-type" : { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", @@ -1196,9 +1256,21 @@ { "algorithm" : { "title" : "Hash algorithm", "description" : "The digest method by which a hash is derived.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "SHA-224", + "SHA-256", + "SHA-384", + "SHA-512", + "SHA3-224", + "SHA3-256", + "SHA3-384", + "SHA3-512" ] } ] }, "value" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "value", "algorithm" ], @@ -1242,9 +1314,16 @@ { "type" : { "title" : "type flag", "description" : "Indicates the type of phone number.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "home", + "office", + "mobile" ] } ] }, "number" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "number" ], "additionalProperties" : false }, @@ -1257,7 +1336,13 @@ { "type" : { "title" : "Address Type", "description" : "Indicates the type of address.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "home", + "work" ] } ] }, "addr-lines" : { "type" : "array", "minItems" : 1, @@ -1294,9 +1379,14 @@ { "scheme" : { "title" : "Document Identification Scheme", "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://www.doi.org/" ] } ] }, "identifier" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "identifier" ], "additionalProperties" : false }, diff --git a/json/schema/oscal_mapping_schema.json b/json/schema/oscal_mapping_schema.json index 4590384c80..e1e60941e1 100644 --- a/json/schema/oscal_mapping_schema.json +++ b/json/schema/oscal_mapping_schema.json @@ -256,9 +256,14 @@ { "scheme" : { "title" : "External Identifier Schema", "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://orcid.org/" ] } ] }, "id" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "id", "scheme" ], @@ -435,7 +440,7 @@ "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "value" : - { "type" : "string" } }, + { "$ref" : "#/definitions/Base64Datatype" } }, "required" : [ "value" ], "additionalProperties" : false }, @@ -494,7 +499,12 @@ "rel" : { "title" : "Link Relation Type", "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "reference" ] } ] }, "media-type" : { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", @@ -624,9 +634,21 @@ { "algorithm" : { "title" : "Hash algorithm", "description" : "The digest method by which a hash is derived.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "SHA-224", + "SHA-256", + "SHA-384", + "SHA-512", + "SHA3-224", + "SHA3-256", + "SHA3-384", + "SHA3-512" ] } ] }, "value" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "value", "algorithm" ], @@ -670,9 +692,16 @@ { "type" : { "title" : "type flag", "description" : "Indicates the type of phone number.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "home", + "office", + "mobile" ] } ] }, "number" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "number" ], "additionalProperties" : false }, @@ -685,7 +714,13 @@ { "type" : { "title" : "Address Type", "description" : "Indicates the type of address.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "home", + "work" ] } ] }, "addr-lines" : { "type" : "array", "minItems" : 1, @@ -722,9 +757,14 @@ { "scheme" : { "title" : "Document Identification Scheme", "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://www.doi.org/" ] } ] }, "identifier" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "identifier" ], "additionalProperties" : false }, @@ -758,16 +798,10 @@ "description" : "A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name.", "$ref" : "#/definitions/URIDatatype" }, "type" : - { "type" : "string" } }, + { "$ref" : "#/definitions/TokenDatatype" } }, "required" : [ "type" ], - "additionalProperties" : false, - "enum" : - [ "equivalent-to", - "equal-to", - "subset-of", - "superset-of", - "intersects-with" ] }, + "additionalProperties" : false }, "sources" : { "type" : "array", "minItems" : 1, diff --git a/json/schema/oscal_poam_schema.json b/json/schema/oscal_poam_schema.json index 1f3c9d6060..9006180589 100644 --- a/json/schema/oscal_poam_schema.json +++ b/json/schema/oscal_poam_schema.json @@ -364,9 +364,14 @@ { "scheme" : { "title" : "External Identifier Schema", "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://orcid.org/" ] } ] }, "id" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "id", "scheme" ], @@ -543,7 +548,7 @@ "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "value" : - { "type" : "string" } }, + { "$ref" : "#/definitions/Base64Datatype" } }, "required" : [ "value" ], "additionalProperties" : false }, @@ -602,7 +607,12 @@ "rel" : { "title" : "Link Relation Type", "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "reference" ] } ] }, "media-type" : { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", @@ -732,9 +742,21 @@ { "algorithm" : { "title" : "Hash algorithm", "description" : "The digest method by which a hash is derived.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "SHA-224", + "SHA-256", + "SHA-384", + "SHA-512", + "SHA3-224", + "SHA3-256", + "SHA3-384", + "SHA3-512" ] } ] }, "value" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "value", "algorithm" ], @@ -778,9 +800,16 @@ { "type" : { "title" : "type flag", "description" : "Indicates the type of phone number.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "home", + "office", + "mobile" ] } ] }, "number" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "number" ], "additionalProperties" : false }, @@ -793,7 +822,13 @@ { "type" : { "title" : "Address Type", "description" : "Indicates the type of address.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "home", + "work" ] } ] }, "addr-lines" : { "type" : "array", "minItems" : 1, @@ -830,9 +865,14 @@ { "scheme" : { "title" : "Document Identification Scheme", "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://www.doi.org/" ] } ] }, "identifier" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "identifier" ], "additionalProperties" : false }, @@ -849,7 +889,25 @@ "type" : { "title" : "Component Type", "description" : "A category describing the purpose of the component.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "this-system", + "system", + "interconnection", + "software", + "hardware", + "service", + "policy", + "physical", + "process-procedure", + "plan", + "guidance", + "standard", + "validation", + "network" ] } ] }, "title" : { "title" : "Component Title", "description" : "A human readable name for the system component.", @@ -973,7 +1031,16 @@ { "state" : { "title" : "Implementation State", "description" : "Identifies the implementation status of the control or control objective.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "implemented", + "partial", + "planned", + "alternative", + "not-applicable" ] } ] }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1153,9 +1220,17 @@ { "identifier-type" : { "title" : "Identification System Type", "description" : "Identifies the identification system from which the provided identifier was assigned.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "https://fedramp.gov", + "http://fedramp.gov/ns/oscal", + "https://ietf.org/rfc/rfc4122", + "http://ietf.org/rfc/rfc4122" ] } ] }, "id" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "id" ], "additionalProperties" : false }, @@ -1520,7 +1595,13 @@ "type" : { "title" : "Task Type", "description" : "The type of task.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "milestone", + "action" ] } ] }, "title" : { "title" : "Task Title", "description" : "The title for this task.", @@ -1864,7 +1945,16 @@ { "type" : { "title" : "Subject Type", "description" : "Indicates the type of assessment subject, such as a component, inventory, item, location, or party represented by this selection statement.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "component", + "inventory-item", + "location", + "party", + "user" ] } ] }, "description" : { "title" : "Include Subjects Description", "description" : "A human-readable description of the collection of subjects being included in this assessment.", @@ -1909,7 +1999,17 @@ "type" : { "title" : "Subject Universally Unique Identifier Reference Type", "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "component", + "inventory-item", + "location", + "party", + "user", + "resource" ] } ] }, "props" : { "type" : "array", "minItems" : 1, @@ -1939,7 +2039,17 @@ "type" : { "title" : "Subject Universally Unique Identifier Reference Type", "description" : "Used to indicate the type of object pointed to by the uuid-ref within a subject.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "component", + "inventory-item", + "location", + "party", + "user", + "resource" ] } ] }, "title" : { "title" : "Subject Reference Title", "description" : "The title or name for the referenced subject.", @@ -2093,7 +2203,14 @@ "reason" : { "title" : "Objective Status Reason", "description" : "The reason the objective was given it's status.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "pass", + "fail", + "other" ] } ] }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -2219,14 +2336,31 @@ "items" : { "title" : "Observation Method", "description" : "Identifies how the observation was made.", - "$ref" : "#/definitions/StringDatatype" } }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "EXAMINE", + "INTERVIEW", + "TEST", + "UNKNOWN" ] } ] } }, "types" : { "type" : "array", "minItems" : 1, "items" : { "title" : "Observation Type", "description" : "Identifies the nature of the observation. More than one may be used to further qualify and enable filtering.", - "$ref" : "#/definitions/TokenDatatype" } }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "ssp-statement-issue", + "control-objective", + "mitigation", + "finding", + "historic" ] } ] } }, "origins" : { "type" : "array", "minItems" : 1, @@ -2404,13 +2538,19 @@ { "system" : { "title" : "Threat Type Identification System", "description" : "Specifies the source of the threat information.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://fedramp.gov", + "http://fedramp.gov/ns/oscal" ] } ] }, "href" : { "title" : "Threat Information Resource Reference", "description" : "An optional location for the threat data, from which this ID originates.", "$ref" : "#/definitions/URIReferenceDatatype" }, "id" : - { "type" : "string" } }, + { "$ref" : "#/definitions/URIDatatype" } }, "required" : [ "id", "system" ], @@ -2646,7 +2786,17 @@ { "title" : "Risk Status", "description" : "Describes the status of the associated risk.", "$id" : "#field_oscal-assessment-common_risk-status", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "open", + "investigating", + "remediating", + "deviation-requested", + "deviation-approved", + "closed" ] } ] }, "oscal-poam-oscal-assessment-common:characterization" : { "title" : "Characterization", "description" : "A collection of descriptive data about the containing object from a specific origin.", @@ -2680,7 +2830,19 @@ "system" : { "title" : "Naming System", "description" : "Specifies the naming system under which this risk metric is organized, which allows for the same names to be used in different systems controlled by different parties. This avoids the potential of a name clash.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://fedramp.gov", + "http://fedramp.gov/ns/oscal", + "http://csrc.nist.gov/ns/oscal", + "http://csrc.nist.gov/ns/oscal/unknown", + "http://cve.mitre.org", + "http://www.first.org/cvss/v2.0", + "http://www.first.org/cvss/v3.0", + "http://www.first.org/cvss/v3.1" ] } ] }, "value" : { "title" : "Facet Value", "description" : "Indicates the value of the facet.", @@ -2719,7 +2881,14 @@ "lifecycle" : { "title" : "Remediation Intent", "description" : "Identifies whether this is a recommendation, such as from an assessor or tool, or an actual plan accepted by the system owner.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "recommendation", + "planned", + "completed" ] } ] }, "title" : { "title" : "Response Title", "description" : "The title for this response activity.", @@ -2810,7 +2979,14 @@ "name" : { "title" : "Part Name", "description" : "A textual label that uniquely identifies the part's semantic type.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "asset", + "method", + "objective" ] } ] }, "ns" : { "title" : "Part Namespace", "description" : "A namespace qualifying the part's name. This allows different organizations to associate distinct semantics with the same name.", diff --git a/json/schema/oscal_profile_schema.json b/json/schema/oscal_profile_schema.json index f41ef0b3fa..c736cdc4a5 100644 --- a/json/schema/oscal_profile_schema.json +++ b/json/schema/oscal_profile_schema.json @@ -591,9 +591,14 @@ { "scheme" : { "title" : "External Identifier Schema", "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://orcid.org/" ] } ] }, "id" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "id", "scheme" ], @@ -770,7 +775,7 @@ "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "value" : - { "type" : "string" } }, + { "$ref" : "#/definitions/Base64Datatype" } }, "required" : [ "value" ], "additionalProperties" : false }, @@ -829,7 +834,12 @@ "rel" : { "title" : "Link Relation Type", "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "reference" ] } ] }, "media-type" : { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", @@ -959,9 +969,21 @@ { "algorithm" : { "title" : "Hash algorithm", "description" : "The digest method by which a hash is derived.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "SHA-224", + "SHA-256", + "SHA-384", + "SHA-512", + "SHA3-224", + "SHA3-256", + "SHA3-384", + "SHA3-512" ] } ] }, "value" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "value", "algorithm" ], @@ -1005,9 +1027,16 @@ { "type" : { "title" : "type flag", "description" : "Indicates the type of phone number.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "home", + "office", + "mobile" ] } ] }, "number" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "number" ], "additionalProperties" : false }, @@ -1020,7 +1049,13 @@ { "type" : { "title" : "Address Type", "description" : "Indicates the type of address.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "home", + "work" ] } ] }, "addr-lines" : { "type" : "array", "minItems" : 1, @@ -1057,9 +1092,14 @@ { "scheme" : { "title" : "Document Identification Scheme", "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://www.doi.org/" ] } ] }, "identifier" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "identifier" ], "additionalProperties" : false }, diff --git a/json/schema/oscal_ssp_schema.json b/json/schema/oscal_ssp_schema.json index af59b9a632..184099c784 100644 --- a/json/schema/oscal_ssp_schema.json +++ b/json/schema/oscal_ssp_schema.json @@ -164,7 +164,12 @@ { "system" : { "title" : "Information Type Identification System", "description" : "Specifies the information type identification system used.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://doi.org/10.6028/NIST.SP.800-60v2r1" ] } ] }, "information-type-ids" : { "type" : "array", "minItems" : 1, @@ -1030,9 +1035,14 @@ { "scheme" : { "title" : "External Identifier Schema", "description" : "Indicates the type of external identifier.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://orcid.org/" ] } ] }, "id" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "id", "scheme" ], @@ -1209,7 +1219,7 @@ "description" : "A label that indicates the nature of a resource, as a data serialization or format.", "$ref" : "#/definitions/StringDatatype" }, "value" : - { "type" : "string" } }, + { "$ref" : "#/definitions/Base64Datatype" } }, "required" : [ "value" ], "additionalProperties" : false }, @@ -1268,7 +1278,12 @@ "rel" : { "title" : "Link Relation Type", "description" : "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "reference" ] } ] }, "media-type" : { "title" : "Media Type", "description" : "A label that indicates the nature of a resource, as a data serialization or format.", @@ -1398,9 +1413,21 @@ { "algorithm" : { "title" : "Hash algorithm", "description" : "The digest method by which a hash is derived.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "SHA-224", + "SHA-256", + "SHA-384", + "SHA-512", + "SHA3-224", + "SHA3-256", + "SHA3-384", + "SHA3-512" ] } ] }, "value" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "value", "algorithm" ], @@ -1444,9 +1471,16 @@ { "type" : { "title" : "type flag", "description" : "Indicates the type of phone number.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "home", + "office", + "mobile" ] } ] }, "number" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "number" ], "additionalProperties" : false }, @@ -1459,7 +1493,13 @@ { "type" : { "title" : "Address Type", "description" : "Indicates the type of address.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "home", + "work" ] } ] }, "addr-lines" : { "type" : "array", "minItems" : 1, @@ -1496,9 +1536,14 @@ { "scheme" : { "title" : "Document Identification Scheme", "description" : "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "http://www.doi.org/" ] } ] }, "identifier" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "identifier" ], "additionalProperties" : false }, @@ -1515,7 +1560,25 @@ "type" : { "title" : "Component Type", "description" : "A category describing the purpose of the component.", - "$ref" : "#/definitions/StringDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/StringDatatype" }, + + { "enum" : + [ "this-system", + "system", + "interconnection", + "software", + "hardware", + "service", + "policy", + "physical", + "process-procedure", + "plan", + "guidance", + "standard", + "validation", + "network" ] } ] }, "title" : { "title" : "Component Title", "description" : "A human readable name for the system component.", @@ -1639,7 +1702,16 @@ { "state" : { "title" : "Implementation State", "description" : "Identifies the implementation status of the control or control objective.", - "$ref" : "#/definitions/TokenDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/TokenDatatype" }, + + { "enum" : + [ "implemented", + "partial", + "planned", + "alternative", + "not-applicable" ] } ] }, "remarks" : { "$ref" : "#field_oscal-metadata_remarks" } }, "required" : @@ -1819,9 +1891,17 @@ { "identifier-type" : { "title" : "Identification System Type", "description" : "Identifies the identification system from which the provided identifier was assigned.", - "$ref" : "#/definitions/URIDatatype" }, + "allOf" : + [ + { "$ref" : "#/definitions/URIDatatype" }, + + { "enum" : + [ "https://fedramp.gov", + "http://fedramp.gov/ns/oscal", + "https://ietf.org/rfc/rfc4122", + "http://ietf.org/rfc/rfc4122" ] } ] }, "id" : - { "type" : "string" } }, + { "$ref" : "#/definitions/StringDatatype" } }, "required" : [ "id" ], "additionalProperties" : false }, From a94f14e921f6f496c2d651cf0661354fa45d43ca Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 May 2023 02:09:07 +0000 Subject: [PATCH 138/138] Bump markdown-link-check from 3.10.3 to 3.11.2 in /build Bumps [markdown-link-check](https://github.com/tcort/markdown-link-check) from 3.10.3 to 3.11.2. - [Release notes](https://github.com/tcort/markdown-link-check/releases) - [Changelog](https://github.com/tcort/markdown-link-check/blob/master/CHANGELOG.md) - [Commits](https://github.com/tcort/markdown-link-check/compare/v3.10.3...v3.11.2) --- updated-dependencies: - dependency-name: markdown-link-check dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- build/package-lock.json | 106 +++++++++++++--------------------------- build/package.json | 2 +- 2 files changed, 34 insertions(+), 74 deletions(-) diff --git a/build/package-lock.json b/build/package-lock.json index eef671fd86..0e46e25b20 100644 --- a/build/package-lock.json +++ b/build/package-lock.json @@ -10,7 +10,7 @@ "dependencies": { "ajv-cli": "^5.0.x", "ajv-formats": "^2.1.x", - "markdown-link-check": "^3.10.3", + "markdown-link-check": "^3.11.2", "yaml-convert": "^1.0.x" } }, @@ -131,15 +131,11 @@ } }, "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - }, + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-5.2.0.tgz", + "integrity": "sha512-ree3Gqw/nazQAPuJJEy+avdl7QfZMcUvmHIKgEZkGL+xOBzRvup5Hxo6LHuMceSxOabuJLJm5Yp/92R9eMmMvA==", "engines": { - "node": ">=10" + "node": "^12.17.0 || ^14.13 || >=16.0.0" }, "funding": { "url": "https://github.com/chalk/chalk?sponsor=1" @@ -208,11 +204,11 @@ "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" }, "node_modules/commander": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/commander/-/commander-6.2.1.tgz", - "integrity": "sha512-U7VdrJFnJgo4xjrHpTzu0yrHPGImdsmD95ZlgYSEajAn2JKzDhDTPG9kBTefmObL2w/ngeZnilk+OV9CG3d7UA==", + "version": "10.0.1", + "resolved": "https://registry.npmjs.org/commander/-/commander-10.0.1.tgz", + "integrity": "sha512-y4Mg2tXshplEbSGzx7amzPwKKOCGuoSRP/CjEdwwk0FOGlUbq6lKuoyDZTNZkmxHdJtp54hdfY/JUrdL7Xfdug==", "engines": { - "node": ">= 6" + "node": ">=14" } }, "node_modules/concat-map": { @@ -394,14 +390,6 @@ "url": "https://github.com/sponsors/isaacs" } }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "engines": { - "node": ">=8" - } - }, "node_modules/html-link-extractor": { "version": "1.0.5", "resolved": "https://registry.npmjs.org/html-link-extractor/-/html-link-extractor-1.0.5.tgz", @@ -553,17 +541,17 @@ "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" }, "node_modules/markdown-link-check": { - "version": "3.10.3", - "resolved": "https://registry.npmjs.org/markdown-link-check/-/markdown-link-check-3.10.3.tgz", - "integrity": "sha512-uGdJiZOy1CVWlRe7CyBSJ0Gz80Xm4vt++xjX9sNFjB7qcAxLinaMmzFQ5xOwERaXC9mK770BhnqnsyJT1gTr9w==", + "version": "3.11.2", + "resolved": "https://registry.npmjs.org/markdown-link-check/-/markdown-link-check-3.11.2.tgz", + "integrity": "sha512-zave+vI4AMeLp0FlUllAwGbNytSKsS3R2Zgtf3ufVT892Z/L6Ro9osZwE9PNA7s0IkJ4onnuHqatpsaCiAShJw==", "dependencies": { "async": "^3.2.4", - "chalk": "^4.1.2", - "commander": "^6.2.0", + "chalk": "^5.2.0", + "commander": "^10.0.1", "link-check": "^5.2.0", "lodash": "^4.17.21", "markdown-link-extractor": "^3.1.0", - "needle": "^3.1.0", + "needle": "^3.2.0", "progress": "^2.0.3" }, "bin": { @@ -612,9 +600,9 @@ "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==" }, "node_modules/needle": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/needle/-/needle-3.1.0.tgz", - "integrity": "sha512-gCE9weDhjVGCRqS8dwDR/D3GTAeyXLXuqp7I8EzH6DllZGXSUyxuqqLh+YX9rMAWaaTFyVAg6rHGL25dqvczKw==", + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/needle/-/needle-3.2.0.tgz", + "integrity": "sha512-oUvzXnyLiVyVGoianLijF9O/RecZUf7TkBfimjGrLM4eQhXyeJwM6GeAWccwfQ9aa4gMCZKqhAOuLaMIcQxajQ==", "dependencies": { "debug": "^3.2.6", "iconv-lite": "^0.6.3", @@ -748,17 +736,6 @@ "node": ">=8" } }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, "node_modules/uri-js": { "version": "4.4.1", "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", @@ -929,13 +906,9 @@ } }, "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-5.2.0.tgz", + "integrity": "sha512-ree3Gqw/nazQAPuJJEy+avdl7QfZMcUvmHIKgEZkGL+xOBzRvup5Hxo6LHuMceSxOabuJLJm5Yp/92R9eMmMvA==" }, "cheerio": { "version": "1.0.0-rc.12", @@ -988,9 +961,9 @@ "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" }, "commander": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/commander/-/commander-6.2.1.tgz", - "integrity": "sha512-U7VdrJFnJgo4xjrHpTzu0yrHPGImdsmD95ZlgYSEajAn2JKzDhDTPG9kBTefmObL2w/ngeZnilk+OV9CG3d7UA==" + "version": "10.0.1", + "resolved": "https://registry.npmjs.org/commander/-/commander-10.0.1.tgz", + "integrity": "sha512-y4Mg2tXshplEbSGzx7amzPwKKOCGuoSRP/CjEdwwk0FOGlUbq6lKuoyDZTNZkmxHdJtp54hdfY/JUrdL7Xfdug==" }, "concat-map": { "version": "0.0.1", @@ -1118,11 +1091,6 @@ "path-is-absolute": "^1.0.0" } }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==" - }, "html-link-extractor": { "version": "1.0.5", "resolved": "https://registry.npmjs.org/html-link-extractor/-/html-link-extractor-1.0.5.tgz", @@ -1237,17 +1205,17 @@ "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" }, "markdown-link-check": { - "version": "3.10.3", - "resolved": "https://registry.npmjs.org/markdown-link-check/-/markdown-link-check-3.10.3.tgz", - "integrity": "sha512-uGdJiZOy1CVWlRe7CyBSJ0Gz80Xm4vt++xjX9sNFjB7qcAxLinaMmzFQ5xOwERaXC9mK770BhnqnsyJT1gTr9w==", + "version": "3.11.2", + "resolved": "https://registry.npmjs.org/markdown-link-check/-/markdown-link-check-3.11.2.tgz", + "integrity": "sha512-zave+vI4AMeLp0FlUllAwGbNytSKsS3R2Zgtf3ufVT892Z/L6Ro9osZwE9PNA7s0IkJ4onnuHqatpsaCiAShJw==", "requires": { "async": "^3.2.4", - "chalk": "^4.1.2", - "commander": "^6.2.0", + "chalk": "^5.2.0", + "commander": "^10.0.1", "link-check": "^5.2.0", "lodash": "^4.17.21", "markdown-link-extractor": "^3.1.0", - "needle": "^3.1.0", + "needle": "^3.2.0", "progress": "^2.0.3" } }, @@ -1284,9 +1252,9 @@ "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==" }, "needle": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/needle/-/needle-3.1.0.tgz", - "integrity": "sha512-gCE9weDhjVGCRqS8dwDR/D3GTAeyXLXuqp7I8EzH6DllZGXSUyxuqqLh+YX9rMAWaaTFyVAg6rHGL25dqvczKw==", + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/needle/-/needle-3.2.0.tgz", + "integrity": "sha512-oUvzXnyLiVyVGoianLijF9O/RecZUf7TkBfimjGrLM4eQhXyeJwM6GeAWccwfQ9aa4gMCZKqhAOuLaMIcQxajQ==", "requires": { "debug": "^3.2.6", "iconv-lite": "^0.6.3", @@ -1384,14 +1352,6 @@ "ansi-regex": "^5.0.1" } }, - "supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "requires": { - "has-flag": "^4.0.0" - } - }, "uri-js": { "version": "4.4.1", "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", diff --git a/build/package.json b/build/package.json index b96ad4b3a6..081040eb19 100644 --- a/build/package.json +++ b/build/package.json @@ -4,7 +4,7 @@ "dependencies": { "ajv-cli": "^5.0.x", "ajv-formats": "^2.1.x", - "markdown-link-check": "^3.10.3", + "markdown-link-check": "^3.11.2", "yaml-convert": "^1.0.x" } }