From 8ba9a06276d292eb7d9dd4010afec8652eec3618 Mon Sep 17 00:00:00 2001 From: Rene Tshiteya Date: Fri, 26 Aug 2022 10:12:55 -0400 Subject: [PATCH] Add identifier props to control layer metaschemas --- .../oscal_control-common_metaschema.xml | 12 +++- src/metaschema/oscal_metadata_metaschema.xml | 59 ++++++++++++++----- src/metaschema/oscal_profile_metaschema.xml | 22 +++++-- 3 files changed, 70 insertions(+), 23 deletions(-) diff --git a/src/metaschema/oscal_control-common_metaschema.xml b/src/metaschema/oscal_control-common_metaschema.xml index 9867fa9fb6..abf8ef8a39 100644 --- a/src/metaschema/oscal_control-common_metaschema.xml +++ b/src/metaschema/oscal_control-common_metaschema.xml @@ -24,7 +24,12 @@ Part Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined part elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Provides locally unique means to identify a given control part. + + + + +

While a part is not required to have an id, it is often desirable for an identifier to be provided, which allows the part to be referenced elsewhere in OSCAL document instances. For this reason, it is RECOMMENDED to provide a part identifier.

@@ -257,7 +262,10 @@ Control Identifier Reference - A human-oriented identifier reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). + + + Include All diff --git a/src/metaschema/oscal_metadata_metaschema.xml b/src/metaschema/oscal_metadata_metaschema.xml index 7d930c5896..e1bf090e07 100644 --- a/src/metaschema/oscal_metadata_metaschema.xml +++ b/src/metaschema/oscal_metadata_metaschema.xml @@ -77,9 +77,14 @@ - + Role Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined role elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, the locally defined ID of the Role from the imported OSCAL instance must be referenced in the context of the containing resource (e.g., import, import-component-definition, import-profile, import-ssp or import-ap). This ID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Provides locally unique means to identify a given role. + + + + + @@ -225,8 +230,14 @@ Party Universally Unique Identifier - + A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this defined party elsewhere in this or other OSCAL instances. The locally defined UUID of the party can be used to reference the data item locally or globally (e.g., from an importing OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Provides locally unique means to identify a given party. + + + + + Party Type @@ -294,9 +305,12 @@ Organizational Affiliation - - A machine-oriented identifier reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + + A reference to another party (person or organization) that this subject is associated with. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + + + @@ -414,9 +428,12 @@ Location Universally Unique Identifier Reference - - A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + + A reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + + + @@ -428,9 +445,12 @@ Location Universally Unique Identifier Reference - - A machine-oriented identifier reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + + A reference to a location defined in the metadata section of this or another OSCAL instance. The UUID of the location in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + + + @@ -444,9 +464,12 @@ Party Universally Unique Identifier Reference - - A machine-oriented identifier reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + + A reference to another party defined in metadata. The UUID of the party in the source OSCAL instance is sufficient to reference the data item locally or globally (e.g., in an imported OSCAL instance). + + + @@ -460,8 +483,11 @@ Role Identifier Reference - - A human-oriented identifier reference to roles served by the user. + + A reference to roles served by the user. + + + @@ -802,8 +828,11 @@ A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object. Responsible Role - - A human-oriented identifier reference to a role performed. + + A reference to a role performed by a party. + + + diff --git a/src/metaschema/oscal_profile_metaschema.xml b/src/metaschema/oscal_profile_metaschema.xml index 9fa59e6aa6..ca380e51bc 100644 --- a/src/metaschema/oscal_profile_metaschema.xml +++ b/src/metaschema/oscal_profile_metaschema.xml @@ -30,10 +30,10 @@ Provides a globally unique means to identify a given profile instance. - - - - + + + + @@ -151,7 +151,12 @@ Group Identifier - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined group elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same group across revisions of the document. + Provides locally unique means to identify a given control group. + + + + + Group Class @@ -203,7 +208,12 @@ Parameter ID - A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document. + Provides locally unique means to identify a given paramater. + + + + + Parameter Class