This is an XML Schema for defining information
structure about IT platforms, mainly for use with
the eXtensible Common Checklist Description Format
(XCCDF). This version of the XCCDF Platform
Specifcation (XCCDF-P) is designed to be used
with XCCDF 1.0 or 1.1, and may also be used
with other XML data formats that need to describe
aspects of IT product and system platforms.
This specification was written by Neal Ziring, based
on ideas from the DISA FSO VMS/Gold Disk team, from
David Waltermire and David Proulx, and from Drew
Buttner.
1.1.0.0
Import the XML namespace schema so that we can use
the xml: attribute groups (particularly xml:lang).
This element can act as a top-level container for the
Fact definitions and Platform definitions that make up
a full XCCDF-P specification. It should be used only
when a XCCDF-P spec is being distributed as a
standalone document. In XCCDF, for example, the
XCCDF platform-definitions element would act as the
container for the XCCDF-P Facts and Platforms.
This element schema used to include a keyref for
Fact names, but it has been removed to allow for
pre-defined Fact dictionaries.
This element denotes a single named Fact. Every fact
has the following:
- name, a URI, which must be a unique key
- title, arbitrary text with xml:lang, optional
- remark, arbitrary text with xml:lang, optional
- check, XML content, optional
This element denotes a single Platform definition.
A Platform definition represents the qualifications
an IT asset or target must have to be considered an
instance of a particular Platform. A Platform has
the following:
- id, a locally unique id
- name, a URI, which must be a unique key
- title, arbitrary text with xml:lang, optional
- remark, arbitrary text with xml:lang, optional
- definition ref, either a fact ref, a fact test,
or a logical test
Type for a reference to Fact; the reference
is always by name. This is the type for the
element fact-ref, which can appear in a Platform
definition or in a logical-test in a Platform
definition.
Type for a test against several Facts; the content
is one or more fact-refs, fact-tests, and nested
logical-tests. Allowed operators are AND and OR.
The negate attribute, if set, makes the test
its logical inverse (so you get NAND and NOR).
Note that the output of a logical-test is always
TRUE or FALSE, Unknowns map to FALSE.
Data type for the check element, a checking system
specification URI, and XML content. The check
element may appear inside a Fact, giving a means
to ascertain the value of that Fact using a
particular checking engine. (This checkType is
based on the one in XCCDF, but is somewhat simpler.
It does not include the notion of exporting values
from the scope of an XCCDF document to the checking
engine.)
Data type for the check-content-ref element, which
points to the code for a detached check in another file.
This element has no body, just a couple of attributes:
href and name. The name is optional, if it does not appear
then this reference is to the entire other document.
Data type for the check-content element, which holds
the actual code of an enveloped check in some other
(non-XCCDF) language. This element can hold almost
anything; XCCDF-P tools do not process the contents.
Allowed operators for logic tests: we only
have two, AND and OR. They're capitalized
for consistency with usage in OVAL v4.
Type for a string with an xml:lang attribute.