~

wandmagic · Dec 3, 2024 · 3dac868 · 3dac868
1 parent 42ef645
commit 3dac868
Show file tree

Hide file tree

Showing 18 changed files with 976 additions and 2 deletions.
diff --git a/features/fedramp_extensions.feature b/features/fedramp_extensions.feature
@@ -45,6 +45,7 @@ Examples:
   | data-center-us |
   | deployment-model |
   | external-system-nature-of-agreement |
+  | fedramp-citations-has-correct-link |
   | fedramp-version |
   | fully-operational-date-is-valid |
   | fully-operational-date-type |
@@ -71,7 +72,10 @@ Examples:
   | has-data-flow-diagram-link-rel |
   | has-data-flow-diagram-link-rel-allowed-value |
   | has-data-flow-diagram-uuid |
+  | has-digital-identity-worksheet |
+  | has-e-authentication-workflow |
   | has-federation-assurance-level |
+  | has-fedramp-citations |
   | has-fully-operational-date |
   | has-identity-assurance-level |
   | has-incident-response-plan |
@@ -85,6 +89,7 @@ Examples:
   | has-network-architecture-diagram-link-href-target |
   | has-network-architecture-diagram-link-rel |
   | has-network-architecture-diagram-link-rel-allowed-value |
+  | has-privacy-impact-assessment |
   | has-published-date |
   | has-rules-of-behavior |
   | has-security-impact-level |
@@ -195,6 +200,8 @@ Examples:
   | deployment-model-PASS.yaml |
   | external-system-nature-of-agreement-FAIL.yaml |
   | external-system-nature-of-agreement-PASS.yaml |
+  | fedramp-citations-has-correct-link-FAIL.yaml |
+  | fedramp-citations-has-correct-link-PASS.yaml |
   | fedramp-version-FAIL.yaml |
   | fedramp-version-PASS.yaml |
   | fully-operational-date-is-valid-FAIL.yaml |
@@ -247,8 +254,14 @@ Examples:
   | has-data-flow-diagram-link-rel-allowed-value-PASS.yaml |
   | has-data-flow-diagram-uuid-FAIL.yaml |
   | has-data-flow-diagram-uuid-PASS.yaml |
+  | has-digital-identity-worksheet-FAIL.yaml |
+  | has-digital-identity-worksheet-PASS.yaml |
+  | has-e-authentication-workflow-FAIL.yaml |
+  | has-e-authentication-workflow-PASS.yaml |
   | has-federation-assurance-level-FAIL.yaml |
   | has-federation-assurance-level-PASS.yaml |
+  | has-fedramp-citations-FAIL.yaml |
+  | has-fedramp-citations-PASS.yaml |
   | has-fully-operational-date-FAIL.yaml |
   | has-fully-operational-date-PASS.yaml |
   | has-identity-assurance-level-FAIL.yaml |
@@ -275,6 +288,8 @@ Examples:
   | has-network-architecture-diagram-link-rel-PASS.yaml |
   | has-network-architecture-diagram-link-rel-allowed-value-FAIL.yaml |
   | has-network-architecture-diagram-link-rel-allowed-value-PASS.yaml |
+  | has-privacy-impact-assessment-FAIL.yaml |
+  | has-privacy-impact-assessment-PASS.yaml |
   | has-published-date-FAIL.yaml |
   | has-published-date-PASS.yaml |
   | has-rules-of-behavior-FAIL.yaml |

diff --git a/src/validations/constraints/content/ssp-all-VALID.xml b/src/validations/constraints/content/ssp-all-VALID.xml
@@ -561,7 +561,7 @@
   <description>
      <p>Data flow Diagram</p>
   </description>
-  <prop ns="https://fedramp.gov/ns/oscal" name="type" value="plan"/>
+  <prop ns="https://fedramp.gov/ns/oscal" name="type" value="artifact"/>
   <prop name="published" value="2023-01-01T00:00:00Z"/>
   <prop name="version" value="Document Version"/>
   <rlink href="./documents/Dataflo.docx" media-type="application/msword"/>
@@ -570,5 +570,53 @@
      <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
   </remarks>
 </resource>
+
+  <resource uuid="9b657253-c129-4e88-8930-92d5267294c3">
+  <title>Privacy Impact Assessment</title>
+  <description>
+     <p>Privacy Impact Assessment (PIA)</p>
+  </description>
+  <prop name="type" value="report" class="privacy-impact-assessment"/>
+  <prop name="published" value="2023-01-01T00:00:00Z"/>
+  <prop name="version" value="1.0"/>
+  <rlink href="./documents/PIA.pdf" media-type="application/pdf"/>
+  <base64 filename="PIA.pdf" media-type="application/pdf">00000000</base64>
+  <remarks>
+     <p>Table 12-1 Attachments: Privacy Impact Assessment</p>
+     <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
+  </remarks>
+</resource>
+
+<resource uuid="31f0bc7d-8c8f-45fa-9c0d-93a52a7f7c54">
+  <title>E-Authentication Workflow</title>
+  <description>
+     <p>E-Authentication Workflow Diagram</p>
+  </description>
+  <prop name="type" value="artifact" class="e-authentication-workflow"/>
+  <prop name="published" value="2023-01-01T00:00:00Z"/>
+  <prop name="version" value="1.0"/>
+  <rlink href="./documents/eauth-workflow.pdf" media-type="application/pdf"/>
+  <base64 filename="eauth-workflow.pdf" media-type="application/pdf">00000000</base64>
+  <remarks>
+     <p>Table 12-1 Attachments: E-Authentication Workflow Diagram</p>
+     <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
+  </remarks>
+</resource>
+
+<resource uuid="b246c9e4-057f-4e4d-89be-a9c9234ef387">
+  <title>Digital Identity Worksheet</title>
+  <description>
+     <p>Digital Identity Determination Worksheet</p>
+  </description>
+  <prop name="type" value="questionnaire" class="digital-identity-worksheet"/>
+  <prop name="published" value="2023-01-01T00:00:00Z"/>
+  <prop name="version" value="1.0"/>
+  <rlink href="./documents/digital-identity.xlsx" media-type="application/vnd.openxmlformats-officedocument.spreadsheetml.sheet"/>
+  <base64 filename="digital-identity.xlsx" media-type="application/vnd.openxmlformats-officedocument.spreadsheetml.sheet">00000000</base64>
+  <remarks>
+     <p>Table 12-1 Attachments: Digital Identity Worksheet</p>
+     <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
+  </remarks>
+</resource>
   </back-matter>
 </system-security-plan>
diff --git a/src/validations/constraints/content/ssp-fedramp-citations-has-correct-link-INVALID.xml b/src/validations/constraints/content/ssp-fedramp-citations-has-correct-link-INVALID.xml
@@ -0,0 +1,186 @@
+<system-security-plan xmlns="http://csrc.nist.gov/ns/oscal/1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" uuid="12345678-1234-4321-8765-123456789012">
+  <back-matter>
+    <resource uuid="eeeeeeee-0000-4000-9000-00000000000e">
+      <title>Access Control Policy</title>
+      <description>
+        <p>Detailed access control policy document</p>
+      </description>
+      <prop name="type" value="policy" ns="https://fedramp.gov/ns/oscal"/>
+      <rlink href="https://example.com/policies/access-control.pdf"/>
+    </resource>
+    <resource uuid="90a128ac-c850-48f6-8fff-a55692f80b41">
+      <title>User's Guide</title>
+      <description>
+        <p>User's Guide</p>
+      </description>
+      <prop name="type" value="users-guide"/>
+      <prop name="published" value="2023-01-01T00:00:00Z"/>
+      <rlink href="./documents/guides/sample_guide.pdf"/>
+      <remarks>
+        <p>Table 12-1 Attachments: User's Guide Attachment</p>
+        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
+      </remarks>
+    </resource>
+    <resource uuid="489112e1-57f2-4c29-8dd0-95b1442fbf3b">
+      <title>Document Title</title>
+      <description>
+        <p>Rules of Behavior</p>
+      </description>
+      <prop name="type" value="rules-of-behavior"/>
+      <prop name="published" value="2023-01-01T00:00:00Z"/>
+      <prop name="version" value="Document Version"/>
+      <rlink href="./documents/rob.docx" media-type="application/msword"/>
+      <base64 filename="rob.docx" media-type="application/msword">00000000</base64>
+      <remarks>
+        <p>Table 12-1 Attachments: Rules of Behavior (ROB)</p>
+        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
+      </remarks>
+    </resource>
+    <resource uuid="c7860916-f2f4-43aa-b578-d48cf8e6d381">
+      <title>Document Title</title>
+      <description>
+        <p>Contingency Plan (CP)</p>
+      </description>
+      <prop name="type" value="plan" class="information-system-contingency-plan"/>
+      <prop name="published" value="2023-01-01T00:00:00Z"/>
+      <prop name="version" value="Document Version"/>
+      <rlink href="./documents/cp.docx" media-type="application/msword"/>
+      <base64 filename="cp.docx" media-type="application/msword">00000000</base64>
+      <remarks>
+        <p>Table 12-1 Attachments: Contingency Plan (CP) Attachment</p>
+        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
+      </remarks>
+    </resource>
+    <resource uuid="ab56cf27-0dae-40d6-89b7-d750137309af">
+      <title>Document Title</title>
+      <description>
+        <p>Configuration Management (CM) Plan</p>
+      </description>
+      <prop name="type" value="plan" class="configuration-management-plan"/>
+      <prop name="published" value="2023-01-01T00:00:00Z"/>
+      <prop name="version" value="Document Version"/>
+      <rlink href="./documents/CM_Plan.docx" media-type="application/msword"/>
+      <base64 filename="CM_Plan.docx" media-type="application/msword">00000000</base64>
+      <remarks>
+        <p>Table 12-1 Attachments: Configuration Management (CM) Plan Attachment</p>
+        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
+      </remarks>
+    </resource>
+    <resource uuid="3f771ab5-8016-4571-98d1-f0fb962e15e2">
+      <title>Document Title</title>
+      <description>
+        <p>Incident Response (IR) Plan</p>
+      </description>
+      <prop name="type" value="plan" class="incident-response-plan"/>
+      <prop name="published" value="2023-01-01T00:00:00Z"/>
+      <prop name="version" value="Document Version"/>
+      <rlink href="./documents/IR_Plan.docx" media-type="application/msword"/>
+      <base64 filename="IR_Plan.docx" media-type="application/msword">00000000</base64>
+      <remarks>
+        <p>Table 12-1 Attachments: Incident Response (IR) Plan Attachment</p>
+        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
+      </remarks>
+    </resource>
+    <resource uuid="49fb4631-1da2-41ca-b0b3-e1b1006d4025">
+      <title>Separation of Duties Matrix</title>
+      <description>
+        <p>Separation of Duties Matrix</p>
+      </description>
+      <prop ns="https://fedramp.gov/ns/oscal" name="type" value="separation-of-duties-matrix"/>
+      <prop name="published" value="2023-01-01T00:00:00Z"/>
+      <prop name="version" value="Document Version"/>
+      <rlink href="./documents/Sep_Matrix.docx" media-type="application/msword"/>
+      <base64 filename="Sep_Matrix.docx" media-type="application/msword">00000000</base64>
+      <remarks>
+        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
+      </remarks>
+    </resource>
+    <resource uuid="d2eb3c18-6754-4e3a-a933-03d289e3fad5">
+      <title>Authorization Boundary</title>
+      <description>
+        <p>Authorization Boundary Diagram</p>
+      </description>
+      <prop ns="https://fedramp.gov/ns/oscal" name="type" value="plan"/>
+      <prop name="published" value="2023-01-01T00:00:00Z"/>
+      <prop name="version" value="Document Version"/>
+      <rlink href="./documents/AuthBoundary.docx" media-type="application/msword"/>
+      <base64 filename="AuthBoundary.docx" media-type="application/msword">00000000</base64>
+      <remarks>
+        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
+      </remarks>
+    </resource>
+    <resource uuid="61081e81-850b-43c1-bf43-1ecbddcb9e7f">
+      <title>Network Architecture</title>
+      <description>
+        <p>Network Architecture Diagram</p>
+      </description>
+      <prop ns="https://fedramp.gov/ns/oscal" name="type" value="plan"/>
+      <prop name="published" value="2023-01-01T00:00:00Z"/>
+      <prop name="version" value="Document Version"/>
+      <rlink href="./documents/NetworkArchitecture.docx" media-type="application/msword"/>
+      <base64 filename="NetworkArchitecture.docx" media-type="application/msword">00000000</base64>
+      <remarks>
+        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
+      </remarks>
+    </resource>
+    <resource uuid="ac5d7535-f3b8-45d3-bf3b-735c82c64547">
+      <title>Data Flow</title>
+      <description>
+        <p>Data flow Diagram</p>
+      </description>
+      <prop ns="https://fedramp.gov/ns/oscal" name="type" value="artifact"/>
+      <prop name="published" value="2023-01-01T00:00:00Z"/>
+      <prop name="version" value="Document Version"/>
+      <rlink href="./documents/Dataflo.docx" media-type="application/msword"/>
+      <base64 filename="Dataflow.docx" media-type="application/msword">00000000</base64>
+      <remarks>
+        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
+      </remarks>
+    </resource>
+    <resource uuid="9b657253-c129-4e88-8930-92d5267294c3">
+      <title>Privacy Impact Assessment</title>
+      <description>
+        <p>Privacy Impact Assessment (PIA)</p>
+      </description>
+      <prop name="type" value="report" class="privacy-impact-assessment"/>
+      <prop name="published" value="2023-01-01T00:00:00Z"/>
+      <prop name="version" value="1.0"/>
+      <rlink href="./documents/PIA.pdf" media-type="application/pdf"/>
+      <base64 filename="PIA.pdf" media-type="application/pdf">00000000</base64>
+      <remarks>
+        <p>Table 12-1 Attachments: Privacy Impact Assessment</p>
+        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
+      </remarks>
+    </resource>
+    <resource uuid="31f0bc7d-8c8f-45fa-9c0d-93a52a7f7c54">
+      <title>E-Authentication Workflow</title>
+      <description>
+        <p>E-Authentication Workflow Diagram</p>
+      </description>
+      <prop name="type" value="artifact" class="e-authentication-workflow"/>
+      <prop name="published" value="2023-01-01T00:00:00Z"/>
+      <prop name="version" value="1.0"/>
+      <rlink href="./documents/eauth-workflow.pdf" media-type="application/pdf"/>
+      <base64 filename="eauth-workflow.pdf" media-type="application/pdf">00000000</base64>
+      <remarks>
+        <p>Table 12-1 Attachments: E-Authentication Workflow Diagram</p>
+        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
+      </remarks>
+    </resource>
+    <resource uuid="b246c9e4-057f-4e4d-89be-a9c9234ef387">
+      <title>Digital Identity Worksheet</title>
+      <description>
+        <p>Digital Identity Determination Worksheet</p>
+      </description>
+      <prop name="type" value="questionnaire" class="digital-identity-worksheet"/>
+      <prop name="published" value="2023-01-01T00:00:00Z"/>
+      <prop name="version" value="1.0"/>
+      <rlink href="./documents/digital-identity.xlsx" media-type="application/vnd.openxmlformats-officedocument.spreadsheetml.sheet"/>
+      <base64 filename="digital-identity.xlsx" media-type="application/vnd.openxmlformats-officedocument.spreadsheetml.sheet">00000000</base64>
+      <remarks>
+        <p>Table 12-1 Attachments: Digital Identity Worksheet</p>
+        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
+      </remarks>
+    </resource>
+  </back-matter>
+</system-security-plan>