-
Notifications
You must be signed in to change notification settings - Fork 98
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
add inventory item constraints (#1063)
* add inventory item constraints * update example file Co-Authored-By: A.J. Stein <[email protected]> * improve scan type constraint * massage constraints * improve constraint content * Update src/validations/constraints/fedramp-external-constraints.xml Co-authored-by: Gabeblis <[email protected]> * Update src/validations/constraints/fedramp-external-constraints.xml Co-authored-by: Gabeblis <[email protected]> * Update fedramp-external-constraints.xml * Update fedramp-external-constraints.xml * Squashed commit of the following: commit d7b0623 Author: wandmagic <[email protected]> Date: Tue Jan 7 14:47:44 2025 -0500 fix constraints (#1070) commit fc50a42 Author: wandmagic <[email protected]> Date: Fri Jan 3 14:21:47 2025 -0500 hotfix develop (#1064) * Squashed commit of the following: commit 18a02c9 Author: wandmagic <[email protected]> Date: Wed Jan 8 09:37:15 2025 -0500 Hotfix styles (#1076) * style guide hotfix * Update fedramp-external-constraints.xml commit 60b3c50 Author: DimitriZhurkin <[email protected]> Date: Wed Jan 8 07:14:14 2025 -0700 Add the inter-boundary-component-has-information-type constraint (#1066) * Add the inter-boundary-component-has-information-type constraint * clean up ssp-inter-boundary-component-has-information-type-INVALID.xml commit d7b0623 Author: wandmagic <[email protected]> Date: Tue Jan 7 14:47:44 2025 -0500 fix constraints (#1070) commit fc50a42 Author: wandmagic <[email protected]> Date: Fri Jan 3 14:21:47 2025 -0500 hotfix develop (#1064) * Squashed commit of the following: commit 8c1a343 Author: Gabeblis <[email protected]> Date: Thu Jan 9 11:45:37 2025 -0500 Add new metapath target to 'security-level' constraint (#1079) commit 608080d Author: wandmagic <[email protected]> Date: Thu Jan 9 09:29:17 2025 -0500 add additional sample content (#1081) commit 1f55a73 Author: Gabeblis <[email protected]> Date: Thu Jan 9 09:22:28 2025 -0500 Correct constraint message. (#1085) commit 18a02c9 Author: wandmagic <[email protected]> Date: Wed Jan 8 09:37:15 2025 -0500 Hotfix styles (#1076) * style guide hotfix * Update fedramp-external-constraints.xml commit 60b3c50 Author: DimitriZhurkin <[email protected]> Date: Wed Jan 8 07:14:14 2025 -0700 Add the inter-boundary-component-has-information-type constraint (#1066) * Add the inter-boundary-component-has-information-type constraint * clean up ssp-inter-boundary-component-has-information-type-INVALID.xml commit d7b0623 Author: wandmagic <[email protected]> Date: Tue Jan 7 14:47:44 2025 -0500 fix constraints (#1070) commit fc50a42 Author: wandmagic <[email protected]> Date: Fri Jan 3 14:21:47 2025 -0500 hotfix develop (#1064) --------- Co-authored-by: A.J. Stein <[email protected]> Co-authored-by: Gabeblis <[email protected]>
- Loading branch information
3 people
authored
Jan 10, 2025
1 parent
5e3f386
commit 60ba7f7
Showing
21 changed files
with
322 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
27 changes: 27 additions & 0 deletions
27
src/validations/constraints/content/ssp-authenticated-scan-no-has-remarks-INVALID.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| <?xml version="1.0" encoding="UTF-8"?> | ||
| <system-security-plan xmlns="http://csrc.nist.gov/ns/oscal/1.0" | ||
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
| xsi:schemaLocation="http://csrc.nist.gov/ns/oscal/1.0 https://github.com/usnistgov/OSCAL/releases/download/v1.1.2/oscal_ssp_schema.xsd" | ||
| uuid="12345678-1234-4321-8765-123456789012"> | ||
|
|
||
| <system-characteristics> | ||
| <security-sensitivity-level>fips-199-moderate</security-sensitivity-level> | ||
| </system-characteristics> | ||
| <system-implementation> | ||
| <inventory-item uuid="77777777-0000-4000-9000-000000000007"> | ||
| <description> | ||
| <p>Primary database server</p> | ||
| </description> | ||
| <prop name="asset-id" value="DB-001" ns="http://csrc.nist.gov/ns/oscal"/> | ||
| <prop name="asset-type" value="database"/> | ||
| <prop name="allows-authenticated-scan" value="no"/> | ||
| <prop name="public" value="no"/> | ||
| <prop name="virtual" value="yes"/> | ||
| <prop name="scan-type" value="database" ns="http://fedramp.gov/ns/oscal"/> | ||
| <responsible-party role-id="asset-owner"> | ||
| <party-uuid>11111111-0000-4000-9000-000000000001</party-uuid> | ||
| </responsible-party> | ||
| </inventory-item> | ||
| </system-implementation> | ||
|
|
||
| </system-security-plan> |
22 changes: 22 additions & 0 deletions
22
src/validations/constraints/content/ssp-end-of-life-date-type-INVALID.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| <?xml version="1.0" encoding="UTF-8"?> | ||
| <system-security-plan xmlns="http://csrc.nist.gov/ns/oscal/1.0" | ||
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
| xsi:schemaLocation="http://csrc.nist.gov/ns/oscal/1.0 https://github.com/usnistgov/OSCAL/releases/download/v1.1.2/oscal_ssp_schema.xsd" | ||
| uuid="12345678-1234-4321-8765-123456789012"> | ||
| <metadata> | ||
| <title>Test SSP for End of Life Date Type Validation</title> | ||
| <last-modified>2023-12-08T12:00:00Z</last-modified> | ||
| <version>1.0</version> | ||
| <oscal-version>1.0.0</oscal-version> | ||
| </metadata> | ||
| <system-implementation> | ||
| <component uuid="11111111-0000-4000-9000-000000000001" type="software"> | ||
| <title>Example Component</title> | ||
| <description> | ||
| <p>A component with an invalid end-of-life-date format</p> | ||
| </description> | ||
| <prop ns="http://fedramp.gov/ns/oscal" name="end-of-life-date" value="not-a-valid-date"/> | ||
| <status state="operational"/> | ||
| </component> | ||
| </system-implementation> | ||
| </system-security-plan> |
24 changes: 24 additions & 0 deletions
24
...alidations/constraints/content/ssp-high-impact-inventory-item-has-asset-owner-INVALID.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| <?xml version="1.0" encoding="UTF-8"?> | ||
| <system-security-plan xmlns="http://csrc.nist.gov/ns/oscal/1.0" | ||
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
| xsi:schemaLocation="http://csrc.nist.gov/ns/oscal/1.0 https://github.com/usnistgov/OSCAL/releases/download/v1.1.2/oscal_ssp_schema.xsd" | ||
| uuid="12345678-1234-4321-8765-123456789012"> | ||
|
|
||
| <system-characteristics> | ||
| <security-sensitivity-level>fips-199-high</security-sensitivity-level> | ||
| </system-characteristics> | ||
| <system-implementation> | ||
| <inventory-item uuid="77777777-0000-4000-9000-000000000007"> | ||
| <description> | ||
| <p>Primary database server</p> | ||
| </description> | ||
| <prop name="asset-id" value="DB-001" ns="http://csrc.nist.gov/ns/oscal"/> | ||
| <prop name="asset-type" value="database"/> | ||
| <prop name="allows-authenticated-scan" value="no"/> | ||
| <prop name="public" value="no"/> | ||
| <prop name="virtual" value="yes"/> | ||
| <prop name="scan-type" value="database" ns="http://fedramp.gov/ns/oscal"/> | ||
| </inventory-item> | ||
| </system-implementation> | ||
|
|
||
| </system-security-plan> |
13 changes: 13 additions & 0 deletions
13
src/validations/constraints/content/ssp-inventory-item-has-function-INVALID.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| <?xml version="1.0" encoding="UTF-8"?> | ||
| <system-security-plan xmlns="http://csrc.nist.gov/ns/oscal/1.0" | ||
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
| xsi:schemaLocation="http://csrc.nist.gov/ns/oscal/1.0 https://github.com/usnistgov/OSCAL/releases/download/v1.1.2/oscal_ssp_schema.xsd" | ||
| uuid="12345678-1234-4321-8765-123456789012"> | ||
|
|
||
| <system-implementation> | ||
| <inventory-item uuid="77777777-0000-4000-9000-000000000007"> | ||
| <prop name="public" value="unsupported-public"/> | ||
| </inventory-item> | ||
| </system-implementation> | ||
|
|
||
| </system-security-plan> |
13 changes: 13 additions & 0 deletions
13
src/validations/constraints/content/ssp-inventory-item-has-scan-type-INVALID.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| <?xml version="1.0" encoding="UTF-8"?> | ||
| <system-security-plan xmlns="http://csrc.nist.gov/ns/oscal/1.0" | ||
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
| xsi:schemaLocation="http://csrc.nist.gov/ns/oscal/1.0 https://github.com/usnistgov/OSCAL/releases/download/v1.1.2/oscal_ssp_schema.xsd" | ||
| uuid="12345678-1234-4321-8765-123456789012"> | ||
|
|
||
| <system-implementation> | ||
| <inventory-item uuid="77777777-0000-4000-9000-000000000007"> | ||
| <prop name="virtual" value="unsupported-virtual"/> | ||
| </inventory-item> | ||
| </system-implementation> | ||
|
|
||
| </system-security-plan> |
20 changes: 20 additions & 0 deletions
20
src/validations/constraints/content/ssp-scan-type-has-remarks-INVALID.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| <?xml version="1.0" encoding="UTF-8"?> | ||
| <system-security-plan xmlns="http://csrc.nist.gov/ns/oscal/1.0"> | ||
| <metadata/> | ||
| <system-implementation> | ||
| <component uuid="11111111-0000-4000-9000-000000000001" type="software"> | ||
| <title>Example Component 1</title> | ||
| <prop ns="http://fedramp.gov/ns/oscal" name="scan-type" value="other"/> | ||
| </component> | ||
| <component uuid="22222222-0000-4000-9000-000000000002" type="software"> | ||
| <title>Example Component 2</title> | ||
| <prop ns="http://fedramp.gov/ns/oscal" name="scan-type" value="not-applicable"/> | ||
| </component> | ||
| <inventory-item> | ||
| <implemented-component component-uuid="11111111-0000-4000-9000-000000000001"> | ||
| <prop name="asset-id" value="unique-asset-ID-3"/> | ||
| </implemented-component> | ||
| <prop ns="http://fedramp.gov/ns/oscal" name="scan-type" value="not-applicable"/> | ||
| </inventory-item> | ||
| </system-implementation> | ||
| </system-security-plan> |
Oops, something went wrong.