Skip to content

Commit

Permalink
[skip ci] Update FedRAMP values for touch-ups.
Browse files Browse the repository at this point in the history
  • Loading branch information
@aj-stein-gsa
aj-stein-gsa committed Aug 12, 2021
1 parent ac2c8ae commit b62f3c6
Show file tree
Hide file tree
Showing 14 changed files with 1,917 additions and 2,448 deletions.
4,069 changes: 1,766 additions & 2,303 deletions dist/content/resources/json/FedRAMP_extensions.json
View file

Large diffs are not rendered by default.

14 changes: 12 additions & 2 deletions dist/content/resources/json/fedramp_threats.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@
"uuid": "7539047F-158B-4AA0-8FC5-F0530F1CC5CF",
"metadata": {
"title": "FedRAMP Defined Threat Table [DRAFT]",
"last-modified": "2019-12-15T00:00:00Z",
"version": "DRAFT-02",
"last-modified": "2021-08-11T23:18:00Z",
"version": "fedramp1.0.2-oscal1.0.0",
"revisions": {
"revision": [
{
Expand All @@ -27,6 +27,16 @@
"#text": "6b286b5d-8f07-4fa7-8847-1dd0d88f73fb"
},
"remarks": {"p": "Revised draft to align metadata with OSCAL syntax, and to provide a machine-readble definition for threat origination types."}
},
{
"published": "2021-08-11T23:18:00.00-00:00",
"version": "fedramp1.0.2-oscal1.0.0",
"prop": {
"name": "party-uuid",
"ns": "https://fedramp.gov/ns/oscal",
"#text": "6b286b5d-8f07-4fa7-8847-1dd0d88f73fb"
},
"remarks": {"p": "Updated version reviewed for fedramp1.0.2-oscal1.0.0 releases."}
}
]
},
Expand Down
32 changes: 11 additions & 21 deletions dist/content/resources/json/fedramp_values.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,17 +2,17 @@
"fedramp-values": {
"xmlns": "https://fedramp.gov/ns/oscal",
"metadata": {
"title": "[EXPERIMENTAL] FedRAMP Defined Identifiers and Accepted Values [DRAFT]",
"title-short": "FedRAMP Data Values (DRAFT)",
"last-modified": "2021-07-06T12:28:35Z",
"version": "fedramp1.0.0-oscal1.0.0",
"title": "[EXPERIMENTAL] FedRAMP Defined Identifiers and Accepted Values",
"title-short": "FedRAMP Data Values (Experimental)",
"last-modified": "2021-08-11T23:20:58Z",
"version": "fedramp1.0.2-oscal1.0.0",
"author": "FedRAMP PMO",
"description": "This EXPERIMENTAL and DRAFT file provides the FedRAMP defined identifiers and acceptable values in a machine-readable format.",
"description": "This EXPERIMENTAL file provides the FedRAMP defined identifiers and acceptable values in a machine-readable format.",
"remarks": ""
},
"namespace": {
"ns": {
"name": "FedRAMP",
"name": "fedramp",
"ns": "https://fedramp.gov/ns/oscal"
}
},
Expand Down Expand Up @@ -866,12 +866,12 @@
"allow-other": "no",
"enum": [
{
"value": "TCP",
"value": "tcp",
"short-label": "TCP",
"#text": "TCP"
},
{
"value": "UDP",
"value": "udp",
"short-label": "UDP",
"#text": "UDP"
}
Expand Down Expand Up @@ -1076,11 +1076,6 @@
"short-label": "Guidance",
"#text": "Guidance"
},
{
"value": "pii",
"short-label": "P.I.I.",
"#text": "Privacy Impact Information"
},
{
"value": "policy",
"short-label": "Policy",
Expand All @@ -1096,14 +1091,9 @@
"short-label": "Guidance",
"#text": "Guidance Document"
},
{
"value": "pia",
"short-label": "P.I.A.",
"#text": "Privacy Impact Assessment"
},
{
"value": "rules-of-behavior",
"short-label": "R.O.B.",
"short-label": "ROB",
"#text": "Rules of Behavior"
},
{
Expand Down Expand Up @@ -1187,7 +1177,7 @@
"#text": "Logo"
},
{
"value": "Personal-Identifiable-Information",
"value": "personally-identifiable-information",
"short-label": "PII",
"#text": "Personal Identifiable Information (PII)"
},
Expand All @@ -1213,7 +1203,7 @@
},
{
"value": "privacy-impact-assessment",
"short-label": "PII",
"short-label": "PIA",
"#text": "Privacy Impact Assessment"
},
{
Expand Down
14 changes: 12 additions & 2 deletions dist/content/resources/json/information-types.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,10 @@
"xmlns": "https://fedramp.gov/ns/oscal",
"uuid": "157BB1F7-8BE7-4642-9D5B-60B5995684F0",
"metadata": {
"title": "FedRAMP Acceptable Information Types [DRAFT]",
"title": "FedRAMP Acceptable Information Types (Experimental)",
"published": "2021-01-15T00:00:00Z",
"last-modified": "2021-01-15T00:00:00Z",
"version": "DRAFT-02",
"version": "fedramp1.0.2-oscal1.0.0",
"revisions": {
"revision": [
{
Expand All @@ -28,6 +28,16 @@
"#text": "6b286b5d-8f07-4fa7-8847-1dd0d88f73fb"
},
"remarks": {"p": "Revised draft to better align with OSCAL SSP syntax."}
},
{
"published": "2021-08-11T23:18:00.00-00:00",
"version": "fedramp1.0.2-oscal1.0.0",
"prop": {
"name": "party-uuid",
"ns": "https://fedramp.gov/ns/oscal",
"#text": "6b286b5d-8f07-4fa7-8847-1dd0d88f73fb"
},
"remarks": {"p": "Updated version reviewed for fedramp1.0.2-oscal1.0.0 releases."}
}
]
},
Expand Down
52 changes: 24 additions & 28 deletions dist/content/resources/xml/FedRAMP_extensions.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,10 @@
<extensions xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://csrc.nist.gov/ns/oscal/1.0" uuid="BA710064-79AC-47D5-8F70-6749B359E7E2" >
<metadata>
<title>[EXPERIMENTAL] FedRAMP Extensions [DRAFT]</title>
<published>2021-07-06T23:07:21Z</published>
<last-modified>2021-07-06T23:07:21Z</last-modified>
<version>fedramp1.0.0-oscal1.0.0</version>
<title>[EXPERIMENTAL] FedRAMP Extensions</title>
<published>2021-08-11T23:27:44Z</published>
<last-modified>2021-08-11T23:27:44Z</last-modified>
<version>fedramp1.0.2-oscal1.0.0</version>
<oscal-version>oscal-1.0.0</oscal-version>
<revisions>
<revision>
Expand All @@ -32,6 +32,14 @@
<p>Revised draft to better align with OSCAL RC-1 SSP syntax.</p>
</remarks>
</revision>
<revision>
<published>2021-08-11T23:27:44.00-00:00</published>
<version>fedramp1.0.2-oscal1.0.0</version>
<prop name="party-uuid" ns="https://fedramp.gov/ns/oscal">6b286b5d-8f07-4fa7-8847-1dd0d88f73fb</prop>
<remarks>
<p>Release reviewed for updated release.</p>
</remarks>
</revision>
</revisions>

<role id="prepared-by">
Expand Down Expand Up @@ -67,7 +75,7 @@
</responsible-party>

<remarks>
<p>This EXPERIMENTAL and DRAFT file exteneds OSCAL to meet FedRAMP requirements.</p>
<p>This EXPERIMENTAL file exteneds OSCAL to meet FedRAMP requirements.</p>
<p>It provides the extensions, defined identifiers, and acceptable values in a machine-readable format necssary to meet FedRAMP Authorization Package requirements.</p>
</remarks>
</metadata>
Expand Down Expand Up @@ -453,8 +461,8 @@
<constraint>
<matches data-type="token" />
<allowed-values allow-other="no">
<enum value="TCP" short-label="TCP">TCP</enum>
<enum value="UDP" short-label="UDP">UDP</enum>
<enum value="tcp" short-label="TCP">TCP</enum>
<enum value="udp" short-label="UDP">UDP</enum>
</allowed-values>
</constraint>
</extension>
Expand Down Expand Up @@ -681,17 +689,6 @@
</constraint>
</extension>

<extension id="POAM-ID">
<extension-name>POAM-ID</extension-name>
<formal-name>POA&amp;M ID</formal-name>
<description>A CSP-assigned POA&amp;M identifier.</description>
<binding pattern="/o:plan-of-action-and-milestones/o:poam-item/o:prop"/>
<constraint>
<matches data-type="string" />
<has-cardinality min-occurs="0" max-occurs="1" />
</constraint>
</extension>

<extension id="control-objective-implementation-status">
<extension-name>control-objective-implementation-status</extension-name>
<formal-name>Objective Implementation Status</formal-name>
Expand Down Expand Up @@ -864,12 +861,13 @@
</extension>

<extension id="poam-id">
<extension-name>POAM-ID</extension-name>
<formal-name>CSP POA&amp;M Identifier</formal-name>
<description>A CSP-assigned identifier for this POA&amp;M item.</description>
<binding pattern="/o:plan-of-action-and-milestones/o:poam-item/o:prop" />
<extension-name>poam-id</extension-name>
<formal-name>POA&amp;M ID</formal-name>
<description>A CSP-assigned POA&amp;M identifier.</description>
<binding pattern="/o:plan-of-action-and-milestones/o:poam-item/o:prop"/>
<constraint>
<matches data-type="NCName" />
<matches data-type="string" />
<has-cardinality min-occurs="0" max-occurs="1" />
</constraint>
</extension>

Expand Down Expand Up @@ -1221,12 +1219,10 @@
<enum value="regulation" short-label="Regulation">Regulation or Directive</enum>
<enum value="standard" short-label="Standard">Industry Standard</enum>
<enum value="guidance" short-label="Guidance">Guidance</enum>
<enum value="pii" short-label="P.I.I.">Privacy Impact Information</enum>
<enum value="policy" short-label="Policy">Polciy</enum>
<enum value="procedure" short-label="Procedure">Procedure</enum>
<enum value="guide" short-label="Guidance">Guidance Document</enum>
<enum value="pia" short-label="P.I.A.">Privacy Impact Assessment</enum>
<enum value="rules-of-behavior" short-label="R.O.B.">Rules of Behavior</enum>
<enum value="rules-of-behavior" short-label="ROB">Rules of Behavior</enum>
<enum value="plan" short-label="Plan">Plan</enum>
<enum value="system-security-plan" short-label="SSP">System Security Plan</enum>
<enum value="artifact" short-label="artifact">Artifact</enum>
Expand All @@ -1245,12 +1241,12 @@
<enum value="logo" short-label="Logo">Logo</enum>
<!-- See, e.g., https://www.dol.gov/general/ppii#:~:text=Personal%20Identifiable%20Information%20(PII)%20is,either%20direct%20or%20indirect%20means. -->
<!-- All the privacy "types" need rationalization -->
<enum value="Personal-Identifiable-Information" short-label="PII">Personal Identifiable Information (PII)</enum>
<enum value="personal-identifiable-information" short-label="PII">Personal Identifiable Information (PII)</enum>
<enum value="agreement" short-label="Agreement">Agreement</enum>
<enum value="incident-response-plan" short-label="IRP">Incident Response Plan</enum>
<enum value="information-security-policies-and-procedures" short-label="ISPP">Incident Security Policies and Procedures</enum>
<enum value="user-guide" short-label="User Guide">User Guide</enum>
<enum value="privacy-impact-assessment" short-label="PII">Privacy Impact Assessment</enum>
<enum value="privacy-impact-analysis" short-label="PIA">Privacy Impact Assessment</enum>
<enum value="information-system-contingency-plan" short-label="ISCP">Information System Contingency Plan</enum>
<enum value="configuration-management-plan" short-label="CMP">configuration-management-plan</enum>
</allowed-values>
Expand Down
14 changes: 11 additions & 3 deletions dist/content/resources/xml/fedramp_threats.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@

<metadata>
<title>FedRAMP Defined Threat Table [DRAFT]</title>
<last-modified>2019-12-15T00:00:00Z</last-modified>
<version>DRAFT-02</version>
<last-modified>2021-08-11T23:18:00Z</last-modified>
<version>fedramp1.0.2-oscal1.0.0</version>
<revisions>
<revision>
<published>2019-06-01T00:00:00.00-04:00</published>
Expand All @@ -22,6 +22,14 @@
<p>Revised draft to align metadata with OSCAL syntax, and to provide a machine-readble definition for threat origination types.</p>
</remarks>
</revision>
<revision>
<published>2021-08-11T23:18:00.00-00:00</published>
<version>fedramp1.0.2-oscal1.0.0</version>
<prop name="party-uuid" ns="https://fedramp.gov/ns/oscal">6b286b5d-8f07-4fa7-8847-1dd0d88f73fb</prop>
<remarks>
<p>Updated version reviewed for fedramp1.0.2-oscal1.0.0 releases.</p>
</remarks>
</revision>
</revisions>

<role id="prepared-by">
Expand Down Expand Up @@ -377,4 +385,4 @@
<availability-impact>Denial of Service</availability-impact>
</threat>
</threats>
</fedramp-threats>
</fedramp-threats>
24 changes: 11 additions & 13 deletions dist/content/resources/xml/fedramp_values.xml
View file
Original file line number Diff line number Diff line change
@@ -1,17 +1,17 @@
<?xml version="1.0" encoding="UTF-8"?>
<fedramp-values xmlns="https://fedramp.gov/ns/oscal">
<metadata>
<title>[EXPERIMENTAL] FedRAMP Defined Identifiers and Accepted Values [DRAFT]</title>
<title-short>FedRAMP Data Values (DRAFT)</title-short>
<last-modified>2021-07-06T12:28:35Z</last-modified>
<version>fedramp1.0.0-oscal1.0.0</version>
<title>[EXPERIMENTAL] FedRAMP Defined Identifiers and Accepted Values</title>
<title-short>FedRAMP Data Values (Experimental)</title-short>
<last-modified>2021-08-11T23:20:58Z</last-modified>
<version>fedramp1.0.2-oscal1.0.0</version>
<author>FedRAMP PMO</author>
<description>This EXPERIMENTAL and DRAFT file provides the FedRAMP defined identifiers and acceptable values in a machine-readable format.</description>
<description>This EXPERIMENTAL file provides the FedRAMP defined identifiers and acceptable values in a machine-readable format.</description>
<remarks />
</metadata>

<namespace>
<ns name="FedRAMP" ns="https://fedramp.gov/ns/oscal" />
<ns name="fedramp" ns="https://fedramp.gov/ns/oscal" />
</namespace>

<value-set name="system-identifier-type">
Expand Down Expand Up @@ -357,8 +357,8 @@
<description>The internet protocol transport type.</description>
<binding pattern="component[@component-type='service']/protocol/port-range/@transport" />
<allowed-values allow-other="no">
<enum value="TCP" short-label="TCP">TCP</enum>
<enum value="UDP" short-label="UDP">UDP</enum>
<enum value="tcp" short-label="TCP">TCP</enum>
<enum value="udp" short-label="UDP">UDP</enum>
</allowed-values>
</value-set>

Expand Down Expand Up @@ -443,12 +443,10 @@
<enum value="regulation" short-label="Regulation">Regulation or Directive</enum>
<enum value="standard" short-label="Standard">Industry Standard</enum>
<enum value="guidance" short-label="Guidance">Guidance</enum>
<enum value="pii" short-label="P.I.I.">Privacy Impact Information</enum>
<enum value="policy" short-label="Policy">Polciy</enum>
<enum value="procedure" short-label="Procedure">Procedure</enum>
<enum value="guide" short-label="Guidance">Guidance Document</enum>
<enum value="pia" short-label="P.I.A.">Privacy Impact Assessment</enum>
<enum value="rules-of-behavior" short-label="R.O.B.">Rules of Behavior</enum>
<enum value="rules-of-behavior" short-label="ROB">Rules of Behavior</enum>
<enum value="plan" short-label="Plan">Plan</enum>
<enum value="system-security-plan" short-label="SSP">System Security Plan</enum>
<enum value="artifact" short-label="artifact">Artifact</enum>
Expand All @@ -467,12 +465,12 @@
<enum value="logo" short-label="Logo">Logo</enum>
<!-- See, e.g., https://www.dol.gov/general/ppii#:~:text=Personal%20Identifiable%20Information%20(PII)%20is,either%20direct%20or%20indirect%20means. -->
<!-- All the privacy "types" need rationalization -->
<enum value="Personal-Identifiable-Information" short-label="PII">Personal Identifiable Information (PII)</enum>
<enum value="personally-identifiable-information" short-label="PII">Personal Identifiable Information (PII)</enum>
<enum value="agreement" short-label="Agreement">Agreement</enum>
<enum value="incident-response-plan" short-label="IRP">Incident Response Plan</enum>
<enum value="information-security-policies-and-procedures" short-label="ISPP">Incident Security Policies and Procedures</enum>
<enum value="user-guide" short-label="User Guide">User Guide</enum>
<enum value="privacy-impact-assessment" short-label="PII">Privacy Impact Assessment</enum>
<enum value="privacy-impact-assessment" short-label="PIA">Privacy Impact Assessment</enum>
<enum value="information-system-contingency-plan" short-label="ISCP">Information System Contingency Plan</enum>
<enum value="configuration-management-plan" short-label="CMP">configuration-management-plan</enum>
</allowed-values>
Expand Down
12 changes: 10 additions & 2 deletions dist/content/resources/xml/information-types.xml
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
<?xml version="1.0" encoding="UTF-8"?>
<information-types xmlns="https://fedramp.gov/ns/oscal" uuid="157BB1F7-8BE7-4642-9D5B-60B5995684F0">
<metadata>
<title>FedRAMP Acceptable Information Types [DRAFT]</title>
<title>FedRAMP Acceptable Information Types (Experimental)</title>
<published>2021-01-15T00:00:00Z</published>
<last-modified>2021-01-15T00:00:00Z</last-modified>
<version>DRAFT-02</version>
<version>fedramp1.0.2-oscal1.0.0</version>
<revisions>
<revision>
<published>2019-06-01T00:00:00.00-04:00</published>
Expand All @@ -22,6 +22,14 @@
<p>Revised draft to better align with OSCAL SSP syntax.</p>
</remarks>
</revision>
<revision>
<published>2021-08-11T23:18:00.00-00:00</published>
<version>fedramp1.0.2-oscal1.0.0</version>
<prop name="party-uuid" ns="https://fedramp.gov/ns/oscal">6b286b5d-8f07-4fa7-8847-1dd0d88f73fb</prop>
<remarks>
<p>Updated version reviewed for fedramp1.0.2-oscal1.0.0 releases.</p>
</remarks>
</revision>
</revisions>

<link rel="canonical"
Expand Down
Binary file modified documents/FedRAMP_Extensions.pdf
View file
Binary file not shown.
Loading

0 comments on commit b62f3c6

Please sign in to comment.