Information Assurance Markup Language v1.0

7,770 views

Published on

Information Assurance Markup Language v1.0

Published in: Internet
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
7,770
On SlideShare
0
From Embeds
0
Number of Embeds
5,757
Actions
Shares
0
Downloads
5
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Information Assurance Markup Language v1.0

  1. 1. 1 Information Assurance Markup Language Authored by: Vicente Aceituno e-mail: vaceituno@inovement.es COPYRIGHT NOTICE: Version 1.0: 2007 This Language is copyrighted by Inovement Europe.
  2. 2. 2 Table of Contents 1 Introduction ................................................................................................. 3 1.1 Business Needs and Limitations ........................................................... 3 1.2 Compliance Needs and Limitations....................................................... 4 1.3 Technical Needs and Limitations........................................................... 5 2 Glossary...................................................................................................... 5 3 Notation....................................................................................................... 5 4 Examples .................................................................................................... 6 5.1 A DVD used for archival ........................................................................ 6 5.2 A shopping portal .................................................................................. 7 5.3 A military system ................................................................................... 8 5 Requirements............................................................................................ 12 5.3 Xml version.......................................................................................... 12 5.4 Namespace ......................................................................................... 12 5.5 Root..................................................................................................... 12 5.6 Event Set............................................................................................. 14 5.7 Policy Set ............................................................................................ 15 5.8 Security Handling ................................................................................ 16 5.9 Availability Window.............................................................................. 17 5.10 Retention Target .............................................................................. 19 5.11 Expiration Target.............................................................................. 20 5.12 Precision Target............................................................................... 21 5.13 Relevance Target............................................................................. 22 5.14 Completeness Target....................................................................... 23 5.15 Electricity Target .............................................................................. 24 5.16 Temperature Target ......................................................................... 25 5.17 Humidity Target................................................................................ 25 5.18 Light Target...................................................................................... 26 5.19 Radiation Target .............................................................................. 26 6 XML Schema (Download from www.inovement.esiamlv1.0.xsd) ............. 27
  3. 3. 3 1 Introduction There are compromises to make when protecting information systems, with considerations like usability, administration cost, convenience, threats faced by the organization; business goals, performance and compliance. The protection of information no less and no more than needed, makes necessary to classify information and information systems. While traditionally information is classified using Confidentiality, Integrity and Availability Categories, this can leave out many important issues of information classification, like licensing, compliance, privacy, expiration, quality and physical preservation. IAML is a markup language that facilitates the inclusion of complete metadata about security requirements in inventories and access control systems, among others. The information security management markup language can help organizations to user consistent criteria for the classification of information considering multiple criteria: 1.1 Business Needs and Limitations The most important security objectives and obligations are those set by the business, for example: a) Use of services and physical and logical access to repositories and systems is restricted to authorized users; i. Intellectual property (licensed, copyrighted, patented and trademarks) is accessible to authorized users only; ii. Personal information of clients and employees is accessible for a valid purpose to authorized users only, preserves their anonymity if necessary, and is held for no longer than required; iii. Secrets (industrial, trade) are accessible to authorized users only; iv. Third party services and repositories are appropriately licensed and accessible only to authorized users; b) Users are accountable for the repositories and messages they create or modify; c) Users are accountable for their acceptance of contracts and agreements. d) Users are accountable for their use of services. e) Accurate time and date is reflected in all records; f) Availability of repositories, services and channels exceeds Customer needs; g) Reliability and performance of services and channels exceeds Customer needs; h) Volatility of services and channels within Customer needs; i) Repositories are retained at least as long as Customer requirements; j) Expired or end of life-cycle repositories are permanently destroyed; k) Precision, relevance (up-to-date), completeness and consistency of repositories exceeds Customer needs; Security Objectives “a” to “e” are achieved using access control techniques. The Access Control paradigm represents users in information systems using user accounts or certificates and implements digital equivalents to guarded doors, records and signatures. For Access Control to be effective, some processes need to be implemented in a as robust and non tamperable manner as possible: l) The User Registration Process links user accounts and certificates to identifiable users, and manages the lifecycle of user accounts, certificates and access rights. When protecting the anonymity of users is more important than making them accountable, registration must guarantee that user accounts and certificates are not linked to identifiable users.
  4. 4. 4 m) The Authentication Process links the use of user accounts with their owner and manages the lifecycle of sessions. n) The Authorization Process grants the use of services and interfaces and access to repositories to authorized users and denies it to unauthorised users. o) The Signing Process records the will and intent about a repository of the owner of the user account or certificate concerning a repository, such as agreeing, witnessing or claiming authorship of repositories and messages like original works, votes, contracts and agreements. Digital signatures are a special kind of record. p) The Recording Process registers accurately the results of the registration, authentication, authorization, use of systems and signing processes, so these can be investigated and will and intent or responsibilities determined, within the limits set by Anonymity business objectives. The recording process will normally have to meet business objectives for accurate recording, including date and time. Depending on the security objectives of Anonymity, the recording process normally registers;  Interface ID and Location;  User account or certificate ID;  Signature;  Type of Access Attempt (login, logout, change password, change configuration, connect/disconnect systems or repositories, enabling/disabling admin access or logging, etc)  Connection of I/O interfaces;  Date and Time of Access attempt;  Access attempt result;  Repository, Interface, Service or Message accessed. 1.2 Compliance Needs and Limitations There are security objectives and obligations set by the business and other set by laws or regulations and certifications sought by the organization on contractual, ethical and fair use grounds, for example: q) Third party services and repositories need to be appropriately licensed. r) Personal information completeness must be proportional to its use. s) Personal information can't be kept for longer than needed. t) Tax records must be kept for a minimum number of years. u) Personal information must be protected using certain security measures depending on the type of personal information. v) The owner of Personal information must agree for it to be collected and he has the right to check it, fix it and approve how it will be used of ceded. w) Repositories with Personal information have to be registered with a Data Protection agency. x) Encryption must be used under legal limitations. y) Secrets must be kept according to the terms of agreed Non Disclosure Agreements. z) The owner of Personal information will be given notice when his data is being collected, including who is collecting the data. aa)Personal information must used for the purpose agreed with the information owner.. bb)Personal information must not be disclosed without the agreement of the information owner. cc) Personal information owners will have means to make data collectors accountable for their use of his personal information. Industrial and trade secrets, privacy, licensing and protection of intellectual property (copyrights, patents and trademarks have special compliance protection needs.
  5. 5. 5 1.3 Technical Needs and Limitations Technical needs are related to weaknesses and requirements of using information systems based on the Von-Neumann architecture hh) The electricity, temperature and humidity where systems operate exceed the system’s needs. 2 Glossary  All terms in the ISM3 glossary apply.  Dublin Core terms, terminology and style are used when possible. 3 Notation This specification contains schema conforming to W3C XML Schema and normative text to describe the syntax and semantics of XML-encoded requirement statements. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this specification are to be interpreted as described in IETF RFC 2119 [RFC2119] they MUST only be used where it is actually required for interoperation. These keywords are thus capitalized when used to unambiguously specify requirements that affect the interoperability and security of implementations. When these words are not capitalized, they are meant in their natural-language sense. Conventional XML namespace prefixes are used throughout the listings in this specification to stand for their respective namespaces as follows, whether or not a namespace declaration is present in the example.
  6. 6. 6 4 Examples 5.1 A DVD used for archival <?xml version="1.0" encoding="UTF-8"?> <ITObject xmlns="http://www.ism3.com" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.ism3.com/iamlv1.0.xsd"> <objectID xmlns="" protectiveMarking="Secret" privacyMarking="High" classificationReviewDueDate="2018-01-01T00:00:00" authorityList="https://adminlist.acme.com/" accessRigthsList="https://xacml.acme.com/" rightsHolder="https://ownerslist.acme.com/" objectType="PhysicalObject Collection" objectState="archived" ID021DVD</objectID> <policySet xmlns="" URI="https://archivalpolicy.acme.com/" policyType="internal policy" startDate="2000-06-01T00:00:00" expiryDate="3000-06-01T00:00:00" constituency="ACME Inc"> Archival Policy</policySet> <retentionTarget xmlns="" mandatedByPolicySet="Archival Policy" itemType="collection" integrityMarking="High" retentionEvent="Archival" minRetentionSinceRetentionEvent="P0Y9M0DT0H00M0S" maxPercentageOfItemsLost="0.00010000"> Archival Retention Goal</retentionTarget> <expirationTarget xmlns="" mandatedByPolicySet="Archival Policy" itemType="collection" expirationEvent="Copy to Another Media" maxRetentionSinceExpirationEvent="P0Y0M1DT0H00M0S"> Archival Expiration Goal</expirationTarget>
  7. 7. 7 5.2 A shopping portal <?xml version="1.0" encoding="UTF-8"?> <ITObject xmlns="http://www.ism3.com" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.ism3.com/iamlv1.0.xsd"> <objectID xmlns="" protectiveMarking="Private" classificationReviewDueDate="2009-05-19T09:19:07" authorityList="http://ListOfAccessControlAdministrators/" accessRigthsList="http://ListOfProfilesAndRights/" rightsHolder="http://NameOfTheOwnerOfThisSystem/" objectType="LogicalObject service" objectState="production" objectLocation="Madrid" additionalMetadata="http://MoreMetaDataOnThisSystem/"> UniqueID</objectID> <eventSet xmlns="" URI="http://AccessLogURI/" eventType="access record" userIDType="digital certificate" timeZone="Spain/Madrid"> Log</eventSet> <policySet xmlns="" URI="http://ACMESecurityPolicyURI/" policyType="internal policy" policySubType="not applicable" startDate="2007-06-01T00:00:00" expiryDate="2009-06-01T00:00:00" constituency="ACME Inc"> ACME Internal Regulation</policySet> <securityHandling xmlns="" mandatedByPolicySet="ACME Internal Regulation" handlingControl="Monthly Backup Restore Test" handlingApplicability="required"> Backup Goals</securityHandling> <availabilityWindow xmlns="" mandatedByPolicySet="none" availabilityMarking="High" startFirstWindow="2007-12-01T09:00:00" endFirstWindow="2007-12-05T21:00:00" recurringPeriod="weekly" recurringCardinality="1" minPercentageUptime="0.99000000" maxNumberOfInterruptions="20" maxNumberOfTransactionsLostPerInterruption="100" minLoad="300" loadUnits="transactions per second" businesscontinuityMarking="Medium" recoveryTimeObjective="P0Y0M0DT1H00M0S" recoveryPointObjective="P0Y0M0DT1H00M0S"> Working Hours</availabilityWindow>
  8. 8. 8 <retentionTarget xmlns="" mandatedByPolicySet="ACME Internal Regulation" itemType="row" retentionEvent="Customer Service Request" minRetentionSinceRetentionEvent="P0Y0M1DT0H00M0S" maxPercentageOfItemsLost="0.01000000"> Retention Goal</retentionTarget> <expirationTarget xmlns="" mandatedByPolicySet="Applicable Privacy Regulation" itemType="row" expirationEvent="Customer Service Completion" maxRetentionSinceExpirationEvent="P0Y1M0DT0H00M0S"> Deletion Goal</expirationTarget> <precisionTarget xmlns="" mandatedByPolicySet="ACME Internal Regulation" itemType="field" maxPercentageOfIncorrectItems="0.05000000"> Precision Goal</precisionTarget> <completenessTarget xmlns="" mandatedByPolicySet="ACME Internal Regulation" itemType="table" maxNumberOfUnnecessaryItems="100" maxPercentageOfEmptyItems="0.10000000" maxPercentageOfMissingItems="0.10000000" maxPercentageOfIncoherentItems="0.200000000"> Completeness Goal</completenessTarget> 5.3 A military system <?xml version="1.0" encoding="UTF-8"?> <ITObject xmlns="http://www.ism3.com" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.ism3.com/iamlv1.0.xsd"> <objectID xmlns="" protectiveMarking="Classified" privacyMarking="not applicable" classificationReviewDueDate="2008-05-19T09:19:07" authorityList="http://ListOfAccessControlAdministrators/" accessRigthsList="http://ListOfProfilesAndRights/" rightsHolder="http://NameOfTheOwnerOfThisSystem/" objectType="LogicalObject service" objectState="production" objectLocation="Madrid" additionalMetadata="http://NoMoreMetaDataOnThisSystem/"> ID0002</objectID> <eventSet xmlns="" URI="http://AccessLogURI/" eventType="access record" userIDType="digital certificate" timeZone="Spain/Madrid"> Log</eventSet> <policySet xmlns="" URI="https://MILsecuritypolicyURI/" policyType="internal policy" policySubType="not applicable" startDate="2007-01-01T00:00:00"
  9. 9. 9 expiryDate="3007-01-01T00:00:00" constituency="National MIL"> MIL Internal Regulation</policySet> <securityHandling xmlns="" mandatedByPolicySet="MIL Internal Regulation" handlingControl="File System Encryption" handlingApplicability="required"> FSE</securityHandling> <availabilityWindow xmlns="" mandatedByPolicySet="none" availabilityMarking="High" startFirstWindow="2007-01-01T00:00:00" endFirstWindow="2007-12-31T23:59:59" recurringPeriod="yearly" recurringCardinality="1" minPercentageUptime="0.99999999" maxNumberOfInterruptions="0" maxNumberOfTransactionsLostPerInterruption="1" minLoad="1000" loadUnits="queries answered per second" businesscontinuityMarking="MIL" recoveryTimeObjective="P0Y0M0DT0H00M2S" recoveryPointObjective="P0Y0M0DT0H00M2S"> Availability Target</availabilityWindow> <retentionTarget xmlns="" mandatedByPolicySet="MIL Internal Regulation" itemType="row" integrityMarking="High" retentionEvent="Mission Approval" minRetentionSinceRetentionEvent="P0Y1M0DT0H00M0S" maxPercentageOfItemsLost="0.00000000"> Retention Target</retentionTarget> <expirationTarget xmlns="" mandatedByPolicySet="MIL Internal Regulation" itemType="row" expirationEvent="Mission Completion" maxRetentionSinceExpirationEvent="P0Y1M0DT0H00M0S"> Deletion Target</expirationTarget> <precisionTarget xmlns="" mandatedByPolicySet="MIL Internal Regulation" itemType="field" maxPercentageOfIncorrectItems="0.00100000"> Precision Target</precisionTarget> <relevanceTarget xmlns="" mandatedByPolicySet="MIL Internal Regulation" itemType="row" maxPercentageOfOutDatedItems="0.01000000" averageRelevanceOfItems="P0Y0M0DT0H01M0S"> Relevance Target </relevanceTarget> <completenessTarget xmlns="" mandatedByPolicySet="MIL Internal Regulation" itemType="table" maxPercentageOfEmptyItems="0.00100000" maxPercentageOfMissingItems="0.00100000"
  10. 10. 10 maxPercentageOfIncoherentItems="0.001000000"> Completeness Target</completenessTarget>
  11. 11. 11 <electricityTarget xmlns="" cType="Alternating Current" upperCurrentLimit="1.1" lowerCurrentLimit="0.95" currentUnits="Ampere" upperVoltage="250" lowerVoltage="230" voltageUnits="Volt"> AC/DC Target</electricityTarget> <temperatureTarget xmlns="" upperLimit="70" lowerLimit="-5" temperatureUnits="celsius"> Temperature Target</temperatureTarget> <humidityTarget xmlns="" upperLimit="80" lowerLimit="50" humidityUnits="absolute"> Humidity Target</humidityTarget> <lightTarget xmlns="" upperLimit="2" lightUnits="lumen" lowerLimit="0"> Ligth Target</lightTarget> <radiationTarget xmlns="" upperLimit="0.02000000" radiationUnits="sievert/year"> Radiation Target</radiationTarget> </ITObject>
  12. 12. 12 5 Requirements 5.3 Xml version <?xml version="1.0" encoding="utf-16"?> 5.4 Namespace <xsd:schema xmlns:auto1="http://www.ism3.com" blockDefault="" finalDefault="" targetNamespace="http://www.ism3.com" version="1.0" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> 5.5 Root Every information system or information medium has one and only one ITObject that classifies all the details related to information security requirements for the object. <xsd:complexType name="ITObjectType"> Every information system or information medium has one and only one objectID that identifies it uniquely. <xsd:sequence> <xsd:element name="objectID"> <xsd:extension base=" xsd:ID "> protectiveMarking is the confidentiality class tag, for example “Top Secret”, “Confidential”. <xsd:attribute name="protectiveMarking" type=" xsd:string " use="optional"/> privacyMarking is the privacy class tag, for example “Highly private”. <xsd:attribute name="privacyMarking" type=" xsd:string " use="optional"/> classificationReviewDueDate indicates when the whole classification of the information system or information media is due to be revised. <xsd:attribute name="classificationReviewDueDate" type=" xsd:dateTime " use="optional"/> authorityList indicates where a list if valid IDs of access control administrators of the information system or information media can be found. <xsd:attribute name="authorityList" type=" xsd:anyURI " use="optional"/> accessRigthsList indicates where a list if valid IDs of authorized users with their access rights or authorized groups of the information system or information media can be found. <xsd:attribute name="accessRigthsList" type=" xsd:anyURI " use="optional"/> rightsHolder is the ID of the owner of the information system o information media. The rightsHolder is the root the access rights, so all users have their rights granted from the rightsHolder or a delegate of the rightsHolder. (Note ISM3 Owner=rightsHolder) <xsd:attribute name="rightsHolder" type=" xsd:anyURI " use="optional"/>
  13. 13. 13 objectType is the kind of information object. It can be a PhysicalObject or a LogicalObject. (Note: The equivalence between ISM3 definitions and types is Repository=Collection, Record=Event, Interface=InteractiveResource, Service=Service, Message has no equivalent) <xsd:attribute name="objectType" use="optional"> <xsd:simpleType> <xsd:restriction base=" xsd:string "> <xsd:enumeration value="LogicalObject service"/> <xsd:enumeration value="LogicalObject interactiveResource"/> <xsd:enumeration value="LogicalObject message"/> <xsd:enumeration value="LogicalObject transaction"/> <xsd:enumeration value="LogicalObject policy"/> <xsd:enumeration value="LogicalObject channel"/> <xsd:enumeration value="LogicalObject node"/> <xsd:enumeration value="LogicalObject key"/> <xsd:enumeration value="LogicalObject network"/> <xsd:enumeration value="LogicalObject credential"/> <xsd:enumeration value="LogicalObject eventSet"/> <xsd:enumeration value="LogicalObject environment"/> <xsd:enumeration value="LogicalObject signature"/> <xsd:enumeration value="LogicalObject Collection"/> <xsd:enumeration value="PhysicalObject system"/> <xsd:enumeration value="PhysicalObject credential"/> <xsd:enumeration value="PhysicalObject repository"/> <xsd:enumeration value="PhysicalObject channel"/> <xsd:enumeration value="PhysicalObject interactiveResource"/> <xsd:enumeration value="PhysicalObject network"/> <xsd:enumeration value="PhysicalObject eventSet"/> <xsd:enumeration value="PhysicalObject Collection"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> objectState indicates what the current functional state of the object is. <xsd:attribute name="objectState" use="optional"> <xsd:simpleType> <xsd:restriction base=" xsd:string "> <xsd:enumeration value="storage"/> <xsd:enumeration value="test"/> <xsd:enumeration value="production"/> <xsd:enumeration value="pre-production"/> <xsd:enumeration value="development"/> <xsd:enumeration value="maintenance"/> <xsd:enumeration value="suspended"/> <xsd:enumeration value="retired"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> objectLocation indicates where the information system or repository is.The use of the values used by the Google API are recommended: http://www.google.com/apis/adwords/developer/adwords_api_regions.html <xsd:attribute name="objectLocation" type=" xsd:string " use="optional"/> additionalMetadata indicates where additional metadata information can be found. <xsd:attribute name="additionalMetadata" type=" xsd:anyURI " use="optional"/>º
  14. 14. 14 5.6 Event Set eventSet indicates where records of use and access to the object can be found and what kind of record it is. <xsd:element name="eventSet" minOccurs="0" maxOccurs="unbounded"> <xsd:extension base=" xsd:string "> URI indicates where the recorded set of events can be found. <xsd:attribute name="URI" type=" xsd:anyURI " use="optional"/> eventType indicates what kinds of events are recorded in the Event Set. <xsd:attribute name="eventType" use="optional"> <xsd:simpleType> <xsd:restriction base=" xsd:string "> <xsd:enumeration value="access record"/> <xsd:enumeration value="authorship claim"/> <xsd:enumeration value="agreement"/> <xsd:enumeration value="witnessing claim"/> <xsd:enumeration value="hash record"/> <xsd:enumeration value="version record"/> <xsd:enumeration value="change record"/> <xsd:enumeration value="administration record"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> userIDType indicates what kind of User ID is used in the Event Set. <xsd:attribute name="userIDType" use="optional"> <xsd:simpleType> <xsd:restriction base=" xsd:string "> <xsd:enumeration value="user account"/> <xsd:enumeration value="openID"/> <xsd:enumeration value="mail account"/> <xsd:enumeration value="digital certificate"/> <xsd:enumeration value="anonymous"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> timeZone indicates in what Time Zone happen all the events recorded in the Event Set. The codes used bu Google API are recommended: http://www.google.com/apis/adwords/developer/adwords_api_timezones.html <xsd:attribute name="timeZone" type=" xsd:string " use="optional"/> </xsd:extension> </xsd:simpleContent> </xsd:complexType> </xsd:element>
  15. 15. 15 5.7 Policy Set policySet indicates where relevant compliance policies can be found. <xsd:element name="policySet" minOccurs="0" maxOccurs="unbounded"> <xsd:extension base=" xsd:string "> URI indicates where relevant compliance policies can be found. <xsd:attribute name="URI" type=" xsd:anyURI " use="required"/> policyType indicates what type of Policy Set it is. <xsd:attribute name="policyType" use="optional"> <xsd:simpleType> <xsd:restriction base=" xsd:string "> <xsd:enumeration value="law"/> <xsd:enumeration value="contract"/> <xsd:enumeration value="non disclosure agreement"/> <xsd:enumeration value="license"/> <xsd:enumeration value="agreement"/> <xsd:enumeration value="internal policy"/> <xsd:enumeration value="code of conduct"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> policySubType indicates what subtype of Policy Set it is. <xsd:attribute name="policySubType" use="optional"> <xsd:simpleType> <xsd:restriction base=" xsd:string "> <xsd:enumeration value="not applicable"/> <xsd:enumeration value="privacy"/> <xsd:enumeration value="copyright intellectual property"/> <xsd:enumeration value="patent intellectual property"/> <xsd:enumeration value="state secret"/> <xsd:enumeration value="professional secret"/> <xsd:enumeration value="trade secret"/> <xsd:enumeration value="personal secret"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> startDate indicates when the Policy Set enters into force. <xsd:attribute name="startDate" type=" xsd:dateTime " use="required"/> expiryDate indicates when the Policy Set expires. <xsd:attribute name="expiryDate" type=" xsd:dateTime " use="optional"/> constituency indicates the set of Locations where the Policy Set is applicable. The use of the values used by the Google API are recommended: http://www.google.com/apis/adwords/developer/adwords_api_regions.html <xsd:attribute name="constituency" type=" xsd:string " use="required"/>
  16. 16. 16 5.8 Security Handling securityHandling indicates what security measures and duties are mandated by a Policy Set. <xsd:element name="securityHandling" minOccurs="0" maxOccurs="unbounded"> <xsd:extension base=" xsd:string "> mandatedByPolicySet indicates what Policy Set mandates this Security Handling. <xsd:attribute name="mandatedByPolicySet" type=" xsd:string " use="required"/> handlingControl indicates what kind control is mandated (encryption, registry with a data protection agency, protection with access control, etc). <xsd:attribute name="handlingControl" type=" xsd:string " use="required"/> handlingApplicability indicates how applicable the control is. <xsd:attribute name="handlingApplicability" use="required"> <xsd:simpleType> <xsd:restriction base=" xsd:string "> <xsd:enumeration value="required"/> <xsd:enumeration value="recommended"/> <xsd:enumeration value="optional"/> <xsd:enumeration value="not recommended"/> <xsd:enumeration value="forbidden"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute>
  17. 17. 17 5.9 Availability Window The availabilityWindow indicates the windows of time when the system must be available. <xsd:element name="availabilityWindow" minOccurs="0" maxOccurs="unbounded"> <xsd:extension base=" xsd:string "> mandatedByPolicySet indicates what Policy Set mandates this Availability Windows if any. <xsd:attribute name="mandatedByPolicySet" type=" xsd:string " use="optional"/> availabilityMarking indicates the availability class tag assigned to the system. <xsd:attribute name="availabilityMarking" type=" xsd:string " use="optional"/> startFirstWindow indicates the beginning of the first occurrence of the Availability Window. <xsd:attribute name="startFirstWindow" type=" xsd:dateTime " use="required"/> endFirstWindow indicates the end of the first occurrence of the Availability Window. <xsd:attribute name="endFirstWindow" type=" xsd:dateTime " use="required"/> recurringPeriod indicates the unit of the period of recurrence of the Availability Window. Recurring periods indicate de duration between successive start of availability window. Recurring periods must be longer that the duration of the Availability Window. Two recurring periods have a non literal meaning. gWeekly indicated that the period is same weekday in following weeks. gMonthly indicates that the period is monthly, but instead of repeating the day of the month, the day of the week and week of the month are repeated. For example: The 2nd tuesday of every month. gYearly indicates that the period is yearly, but the day of the week and week of the month is repeated, for example the 1st Monday of the year. <xsd:attribute name="recurringPeriod" use="required"> <xsd:simpleType> <xsd:restriction base=" xsd:string "> <xsd:enumeration value="never"/> <xsd:enumeration value="hourly"/> <xsd:enumeration value="daily"/> <xsd:enumeration value="weekly"/> <xsd:enumeration value="gWeekly"/> <xsd:enumeration value="monthly"/> <xsd:enumeration value="gMonthly"/> <xsd:enumeration value="yearly"/> <xsd:enumeration value="gYearly"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> recurringCardinality indicates how many Windows Recurring Periods pass between Availability Windows. <xsd:attribute name="recurringCardinality" type=" xsd:integer " default="1" use="optional"/>
  18. 18. 18 minPercentageUptime indicates the minimum acceptable percentage of the time the systems must respond within the Maximum Response Time. <xsd:attribute name="minPercentageUptime" use="required"> <xsd:simpleType> <xsd:restriction base=" xsd:float "> <xsd:maxInclusive value="100"/> <xsd:minInclusive value="0"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> </xsd:complexType> </xsd:element> maxNumberOfInterruptions indicates the maximum number of interruptions that is acceptable during the Availability Window. <xsd:attribute name="maxNumberOfInterruptions" type=" xsd:integer " use="optional"/> maxNumberOfTransactionsLostPerInterruption indicates the maximum acceptable number of transactions lost per individual interruption. <xsd:attribute name="maxNumberOfTransactionsLostPerInterruption" type=" xsd:integer " use="optional"/> minLoad indicates the minimum acceptable load supported by the system. <xsd:attribute name="minLoad" type=" xsd:float " use="optional"/> loadUnits indicates the Units of the Minimum Load. <xsd:attribute name="loadUnits" type=" xsd:string " use="optional"/> businesscontinuityMarking indicates the business continuity class tag assigned to the system. <xsd:attribute name="businesscontinuityMarking" type=" xsd:string " use="optional"/> recoveryTimeObjective indicates longest acceptable interruption. <xsd:attribute name="recoveryTimeObjective" type=" xsd:duration " use="optional"/> recoveryPointObjective indicates the youngest state of the system that is recoverable after an interruption. <xsd:attribute name="recoveryPointObjective" type=" xsd:duration " use="required"/>
  19. 19. 19 5.10 Retention Target retentionTarget indicates for how long the information must be kept unchanged and accessible. <xsd:element name="retentionTarget" minOccurs="0" maxOccurs="unbounded"> <xsd:complexType> <xsd:simpleContent> <xsd:extension base=" xsd:string "> mandatedByPolicySet indicates what Policy Set mandates this Retention Target if any. <xsd:attribute name="mandatedByPolicySet" type=" xsd:string " use="optional"/> itemType indicates the type of items referred by this target. <xsd:attribute name="itemType" use="required"> <xsd:simpleType> <xsd:restriction base=" xsd:string "> <xsd:enumeration value="field"/> <xsd:enumeration value="row"/> <xsd:enumeration value="column"/> <xsd:enumeration value="table"/> <xsd:enumeration value="database"/> <xsd:enumeration value="document"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> integrityMarking indicates the Integrity Class Tag assigned to the information. <xsd:attribute name="integrityMarking" type=" xsd:string " use="optional"/> retentionEvent indicates the event that makes the retention period to start. <xsd:attribute name="retentionEvent" type=" xsd:string " use="optional"/> retentionEventDate when happens the Retention Event. <xsd:attribute name="retentionEventDate" type=" xsd:dateTime " use="optional"/> minRetentionSinceRetentionEvent indicates for long the information must be kept unchanged and accessible. <xsd:attribute name="minRetentionSinceRetentionEvent" type=" xsd:duration " use="required"/> maxPercentageOfItemsLost" indicates what percentage of items can change or be lost. <xsd:attribute name="maxPercentageOfItemsLost" use="required"> <xsd:simpleType> <xsd:restriction base=" xsd:float "> <xsd:maxInclusive value="100"/> <xsd:minInclusive value="0"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute>
  20. 20. 20 5.11 Expiration Target expirationTarget indicates when the information or information system must be destroyed. <xsd:element name="expirationTarget" minOccurs="0" maxOccurs="unbounded"> <xsd:extension base=" xsd:string "> mandatedByPolicySet indicates what Policy Set mandates this Expiration Target if any. <xsd:attribute name="mandatedByPolicySet" type=" xsd:string " use="optional"/> expirationEvent indicates the event that makes the expiration period to start. <xsd:attribute name="expirationEvent" type=" xsd:string " use="optional"/> expirationEventDate indicates when the Expiration Event happens. <xsd:attribute name="expirationEventDate" type=" xsd:dateTime " use="optional"/> maxRetentionSinceExpirationEvent indicates for how long the information can be kept accessible after the Expiration Event Date. <xsd:attribute name="maxRetentionSinceExpirationEvent" type=" xsd:duration " use="required"/>
  21. 21. 21 5.12 Precision Target A precisionTarget indicates how accurate must be the Items. <xsd:element name="precisionTarget" minOccurs="0" maxOccurs="unbounded"> <xsd:complexType> <xsd:simpleContent> <xsd:extension base=" xsd:string "> mandatedByPolicySet indicates what Policy Set mandates this Precision Target if any. <xsd:attribute name="mandatedByPolicySet" type=" xsd:string " use="optional"/> maxPercentageOfIncorrectItems indicates what is the maximum acceptable number of items with incorrect data. <xsd:attribute name="maxPercentageOfIncorrectItems" use="required"> <xsd:simpleType> <xsd:restriction base=" xsd:float "> <xsd:maxInclusive value="100"/> <xsd:minInclusive value="0"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> itemType indicates the type of items referred by this target. <xsd:attribute name="itemType" use="required"> <xsd:simpleType> <xsd:restriction base=" xsd:string "> <xsd:enumeration value="field"/> <xsd:enumeration value="row"/> <xsd:enumeration value="column"/> <xsd:enumeration value="table"/> <xsd:enumeration value="database"/> <xsd:enumeration value="document"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute>
  22. 22. 22 5.13 Relevance Target relevanceTarget indicates how updated must be the information. <xsd:element name="relevanceTarget" minOccurs="0" maxOccurs="unbounded"> <xsd:extension base=" xsd:string "> mandatedByPolicySet indicates what Policy Set mandates this Relevance Target if any. <xsd:attribute name="mandatedByPolicySet" type=" xsd:string " use="optional"/> itemType indicates the type of items referred by this target. <xsd:attribute name="itemType" use="required"> <xsd:simpleType> <xsd:restriction base=" xsd:string "> <xsd:enumeration value="field"/> <xsd:enumeration value="row"/> <xsd:enumeration value="column"/> <xsd:enumeration value="table"/> <xsd:enumeration value="database"/> <xsd:enumeration value="document"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> maxPercentageOfOutDatedItems indicates what is the maximum acceptable percentage of items that can hold outdated data. <xsd:attribute name="maxPercentageOfOutDatedItems" use="required"> <xsd:simpleType> <xsd:restriction base=" xsd:float "> <xsd:maxInclusive value="100"/> <xsd:minInclusive value="0"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> averageRelevanceOfItems indicates what the average update of all the items is. <xsd:attribute name="averageRelevanceOfItems" type=" xsd:duration " use="optional"/> </xsd:extension> </xsd:simpleContent> </xsd:complexType> </xsd:element>
  23. 23. 23 5.14 Completeness Target The completenessTarget indicates how complete must be the information. <xsd:element name="completenessTarget" minOccurs="0" maxOccurs="unbounded"> <xsd:complexType> <xsd:simpleContent> <xsd:extension base=" xsd:string "> itemType indicates the type of items referred by this target. <xsd:attribute name="itemType" use="required"> <xsd:simpleType> <xsd:restriction base=" xsd:string "> <xsd:enumeration value="field"/> <xsd:enumeration value="row"/> <xsd:enumeration value="column"/> <xsd:enumeration value="table"/> <xsd:enumeration value="database"/> <xsd:enumeration value="document"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> mandatedByPolicySet indicates what Policy Set mandates this Completeness Target if any. <xsd:attribute name="mandatedByPolicySet" type=" xsd:string " use="optional"/> maxNumberOfUnnecessaryItems indicates what is the maximum acceptable number of items that are unnecessary. This can be linked, for example, to the principle of not keeping more private information than necessary. <xsd:attribute name="maxNumberOfUnnecessaryItems" type=" xsd:integer " use="optional"/> maxPercentageOfEmptyItems indicates what is the maximum acceptable percentage of items that can be empty. <xsd:attribute name="maxPercentageOfEmptyItems" use="optional"> <xsd:simpleType> <xsd:restriction base=" xsd:float "> <xsd:maxInclusive value="100"/> <xsd:minInclusive value="0"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> maxPercentageOfMissingItems indicates what is the maximum acceptable percentage of items that can be missing. <xsd:attribute name="maxPercentageOfMissingItems" use="optional"> <xsd:simpleType> <xsd:restriction base=" xsd:float "> <xsd:maxInclusive value="100"/> <xsd:minInclusive value="0"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute>
  24. 24. 24 maxPercentageOfIncoherentItems indicates what is the maximum acceptable percentage of items that can be incoherent with other items. <xsd:attribute name="maxPercentageOfIncoherentItems" use="optional"> <xsd:simpleType> <xsd:restriction base=" xsd:float "> <xsd:maxInclusive value="100"/> <xsd:minInclusive value="0"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> 5.15 Electricity Target electricityTarget indicates what the normal range of operation of the system is. <xsd:element name="electricityTarget" minOccurs="0"> <xsd:extension base=" xsd:string "> cType indicates if the Current Units are Direct or Alternating Current. <xsd:attribute name="cType" use="required"> <xsd:simpleType> <xsd:restriction base=" xsd:string "> <xsd:enumeration value="Direct Current"/> <xsd:enumeration value="Alternating Current"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> upperCurrentLimit indicates the maximum current that the system can use continuously without degradation. <xsd:attribute name="upperCurrentLimit" type=" xsd:float " use="required"/> lowerCurrentLimit indicates the minimum current that the system can use continuously without degradation. <xsd:attribute name="lowerCurrentLimit" type=" xsd:float " use="optional"/> currentUnits indicates the root mean square units used for the Current limits. <xsd:attribute name="currentUnits" type=" xsd:string " default="Ampere" use="optional"/> upperVoltage indicates the maximum volts that the system can use continuously without degradation. <xsd:attribute name="upperVoltage" type=" xsd:float " use="required"/> lowerVoltage indicates the minimum volts that the system can use continuously without degradation. <xsd:attribute name="lowerVoltage" type=" xsd:float " use="optional"/> voltageUnits indicates the root mean square units used for the voltage limits. <xsd:attribute name="voltageUnits" type=" xsd:string " default="Volt" use="optional"/>
  25. 25. 25 5.16 Temperature Target temperatureTarget indicates the temperature conditions where the system can operate continuously. <xsd:element name="temperatureTarget" minOccurs="0"> <xsd:extension base=" xsd:string "> upperLimit indicates the maximum temperature that the system or repository can withstand continuously without degradation. <xs:attribute name="upperLimit" type="xs:float" use="required" /> lowerLimit indicates the minimum temperature that the system or repository can withstand continuously without degradation. <xs:attribute name="lowerLimit" type="xs:float" use="optional" /> temperatureUnits indicates the units used for the limits. <xsd:attribute name="temperatureUnits" use="required"> <xsd:simpleType> <xsd:restriction base=" xsd:string "> <xsd:enumeration value="celsius"/> <xsd:enumeration value="farenheit"/> <xsd:enumeration value="kelvin"/> 5.17 Humidity Target humidityTarget indicates the humidity conditions where the system can operate continuously. <xsd:element name="humidityTarget" minOccurs="0"> <xsd:extension base=" xsd:string "> upperLimit indicates the maximum humidity that the system or repository can withstand continuously without degradation. <xsd:attribute name="upperLimit" type=" xsd:float " use="required"/> lowerLimit indicates the minimum humidity that the system or repository can withstand continuously without degradation. <xsd:attribute name="lowerLimit" type=" xsd:float " use="optional"/> humidityUnits indicates the units used for the limits. <xsd:attribute name="humidityUnits" type=" xsd:string " default="absolute" use="optional"/>
  26. 26. 26 5.18 Light Target lightTarget indicates the light conditions where the system can operate continuously. <xsd:element name="lightTarget" minOccurs="0"> <xsd:extension base=" xsd:string "> upperLimit indicates the maximum light (radiance) that the repository can withstand continuously without degradation. <xsd:attribute name="upperLimit" type=" xsd:float " use="required"/> lowerLimit indicates the minimum light (radiance) that the light powered system can use without degradation. <xsd:attribute name="lowerLimit" type=" xsd:float " use="optional"/> lightUnits indicates the units used for the limits. <xsd:attribute name="lightUnits" use="required"> <xsd:simpleType> <xsd:restriction base=" xsd:string "> <xsd:enumeration value="lux"/> <xsd:enumeration value="lumen"/> 5.19 Radiation Target radiationTarget indicates the radiation conditions where the system can operate continuously. <xsd:element name="radiationTarget" minOccurs="0"> <xsd:extension base=" xsd:string "> upperLimit indicates the maximum radiation that the system or repository can withstand continuously without degradation. <xsd:attribute name="upperLimit" type=" xsd:float " use="required"/> radiationUnits indicates the units used for the limit. <xsd:attribute name="radiationUnits" type=" xsd:string " use="required"/>
  27. 27. 27 6 XML Schema (Download from www.inovement.esiamlv1.0.xsd) <?xml version="1.0" encoding="utf-16"?> <xsd:schema xmlns:auto1="http://www.ism3.com" blockDefault="" finalDefault="" targetNamespace="http://www.ism3.com" version="1.0" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <xsd:complexType name="ITObjectType"> <xsd:sequence> <xsd:element name="objectID"> <xsd:complexType> <xsd:simpleContent> <xsd:extension base="xsd:ID"> <xsd:attribute name="protectiveMarking" type="xsd:string" use="optional"/> <xsd:attribute name="privacyMarking" type="xsd:string" use="optional"/> <xsd:attribute name="classificationReviewDueDate" type="xsd:dateTime" use="optional"/> <xsd:attribute name="authorityList" type="xsd:anyURI" use="optional"/> <xsd:attribute name="accessRigthsList" type="xsd:anyURI" use="optional"/> <xsd:attribute name="rightsHolder" type="xsd:anyURI" use="optional"/> <xsd:attribute name="objectType" use="optional"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="LogicalObject service"/> <xsd:enumeration value="LogicalObject interactiveResource"/> <xsd:enumeration value="LogicalObject message"/> <xsd:enumeration value="LogicalObject transaction"/> <xsd:enumeration value="LogicalObject policy"/> <xsd:enumeration value="LogicalObject channel"/> <xsd:enumeration value="LogicalObject node"/> <xsd:enumeration value="LogicalObject key"/> <xsd:enumeration value="LogicalObject network"/> <xsd:enumeration value="LogicalObject credential"/> <xsd:enumeration value="LogicalObject eventSet"/> <xsd:enumeration value="LogicalObject environment"/> <xsd:enumeration value="LogicalObject signature"/> <xsd:enumeration value="LogicalObject Collection"/> <xsd:enumeration value="PhysicalObject system"/> <xsd:enumeration value="PhysicalObject credential"/> <xsd:enumeration value="PhysicalObject repository"/> <xsd:enumeration value="PhysicalObject channel"/> <xsd:enumeration value="PhysicalObject interactiveResource"/> <xsd:enumeration value="PhysicalObject network"/> <xsd:enumeration value="PhysicalObject eventSet"/> <xsd:enumeration value="PhysicalObject Collection"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name="objectState" use="optional"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="storage"/> <xsd:enumeration value="test"/> <xsd:enumeration value="production"/> <xsd:enumeration value="pre-production"/> <xsd:enumeration value="development"/> <xsd:enumeration value="maintenance"/> <xsd:enumeration value="suspended"/> <xsd:enumeration value="retired"/>
  28. 28. 28 </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name="objectLocation" type="xsd:string" use="optional"/> <xsd:attribute name="additionalMetadata" type="xsd:anyURI" use="optional"/> </xsd:extension> </xsd:simpleContent> </xsd:complexType> </xsd:element> <xsd:element minOccurs="0" maxOccurs="unbounded" name="eventSet"> <xsd:complexType> <xsd:simpleContent> <xsd:extension base="xsd:string"> <xsd:attribute name="URI" type="xsd:anyURI" use="optional" /> <xsd:attribute name="eventType" use="optional"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="access record" /> <xsd:enumeration value="authorship claim" /> <xsd:enumeration value="agreement" /> <xsd:enumeration value="witnessing claim" /> <xsd:enumeration value="hash record" /> <xsd:enumeration value="version record" /> <xsd:enumeration value="change record" /> <xsd:enumeration value="administration record" /> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name="userIDType" use="optional"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="user account" /> <xsd:enumeration value="openID" /> <xsd:enumeration value="mail account" /> <xsd:enumeration value="digital certificate" /> <xsd:enumeration value="anonymous" /> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name="timeZone" type="xsd:string" use="optional" /> </xsd:extension> </xsd:simpleContent> </xsd:complexType> </xsd:element> <xsd:element minOccurs="0" maxOccurs="unbounded" name="policySet"> <xsd:complexType> <xsd:simpleContent> <xsd:extension base="xsd:string"> <xsd:attribute name="URI" type="xsd:anyURI" use="required" /> <xsd:attribute name="policyType" use="optional"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="law" /> <xsd:enumeration value="contract" /> <xsd:enumeration value="non disclosure agreement" /> <xsd:enumeration value="license" /> <xsd:enumeration value="agreement" /> <xsd:enumeration value="internal policy" /> <xsd:enumeration value="code of conduct" /> </xsd:restriction>
  29. 29. 29 </xsd:simpleType> </xsd:attribute> <xsd:attribute name="policySubType" use="optional"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="not applicable" /> <xsd:enumeration value="privacy" /> <xsd:enumeration value="copyright intellectual property" /> <xsd:enumeration value="patent intellectual property" /> <xsd:enumeration value="state secret" /> <xsd:enumeration value="professional secret" /> <xsd:enumeration value="trade secret" /> <xsd:enumeration value="personal secret" /> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name="startDate" type="xsd:dateTime" use="required" /> <xsd:attribute name="expiryDate" type="xsd:dateTime" use="optional" /> <xsd:attribute name="constituency" type="xsd:string" use="required"/> </xsd:extension> </xsd:simpleContent> </xsd:complexType> </xsd:element> <xsd:element minOccurs="0" maxOccurs="unbounded" name="securityHandling"> <xsd:complexType> <xsd:simpleContent> <xsd:extension base="xsd:string"> <xsd:attribute name="mandatedByPolicySet" type="xsd:string" use="required"/> <xsd:attribute name="handlingControl" type="xsd:string" use="required" /> <xsd:attribute name="handlingApplicability" use="required"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="required" /> <xsd:enumeration value="recommended" /> <xsd:enumeration value="optional" /> <xsd:enumeration value="not recommended" /> <xsd:enumeration value="forbidden" /> </xsd:restriction> </xsd:simpleType> </xsd:attribute> </xsd:extension> </xsd:simpleContent> </xsd:complexType> </xsd:element> <xsd:element minOccurs="0" maxOccurs="unbounded" name="availabilityWindow"> <xsd:complexType> <xsd:simpleContent> <xsd:extension base="xsd:string"> <xsd:attribute name="mandatedByPolicySet" type="xsd:string" use="optional"/> <xsd:attribute name="availabilityMarking" type="xsd:string" use="optional"/> <xsd:attribute name="startFirstWindow" type="xsd:dateTime" use="required"/> <xsd:attribute name="endFirstWindow" type="xsd:dateTime" use="required"/> <xsd:attribute name="recurringPeriod" use="required"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="never"/> <xsd:enumeration value="hourly"/> <xsd:enumeration value="daily"/> <xsd:enumeration value="weekly"/> <xsd:enumeration value="gWeekly"/>
  30. 30. 30 <xsd:enumeration value="monthly"/> <xsd:enumeration value="gMonthly"/> <xsd:enumeration value="yearly"/> <xsd:enumeration value="gYearly"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute default="1" name="recurringCardinality" type="xsd:integer" use="optional"/> <xsd:attribute name="minPercentageUptime" use="required"> <xsd:simpleType> <xsd:restriction base="xsd:float"> <xsd:maxInclusive value="100"/> <xsd:minInclusive value="0"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name="maxNumberOfInterruptions" type="xsd:integer" use="optional"/> <xsd:attribute name="maxNumberOfTransactionsLostPerInterruption" type="xsd:integer" use="optional"/> <xsd:attribute name="minLoad" type="xsd:float" use="optional"/> <xsd:attribute name="loadUnits" type="xsd:string" use="optional"/> <xsd:attribute name="businesscontinuityMarking" type="xsd:string" use="optional"/> <xsd:attribute name="recoveryTimeObjective" type="xsd:duration" use="optional"/> <xsd:attribute name="recoveryPointObjective" type="xsd:duration" use="required"/> </xsd:extension> </xsd:simpleContent> </xsd:complexType> </xsd:element> <xsd:element minOccurs="0" maxOccurs="unbounded" name="retentionTarget"> <xsd:complexType> <xsd:simpleContent> <xsd:extension base="xsd:string"> <xsd:attribute name="mandatedByPolicySet" type="xsd:string" use="optional"/> <xsd:attribute name="itemType" use="required"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="field"/> <xsd:enumeration value="row"/> <xsd:enumeration value="column"/> <xsd:enumeration value="table"/> <xsd:enumeration value="collection"/> <xsd:enumeration value="database"/> <xsd:enumeration value="document"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name="integrityMarking" type="xsd:string" use="optional"/> <xsd:attribute name="retentionEvent" type="xsd:string" use="optional"/> <xsd:attribute name="retentionEventDate" type="xsd:dateTime" use="optional"/> <xsd:attribute name="minRetentionSinceRetentionEvent" type="xsd:duration" use="required"/> <xsd:attribute name="maxPercentageOfItemsLost" use="required"> <xsd:simpleType> <xsd:restriction base="xsd:float"> <xsd:maxInclusive value="100"/> <xsd:minInclusive value="0"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute>
  31. 31. 31 </xsd:extension> </xsd:simpleContent> </xsd:complexType> </xsd:element> <xsd:element minOccurs="0" maxOccurs="unbounded" name="expirationTarget"> <xsd:complexType> <xsd:simpleContent> <xsd:extension base="xsd:string"> <xsd:attribute name="mandatedByPolicySet" type="xsd:string" use="optional"/> <xsd:attribute name="itemType" use="required"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="field"/> <xsd:enumeration value="row"/> <xsd:enumeration value="column"/> <xsd:enumeration value="table"/> <xsd:enumeration value="collection"/> <xsd:enumeration value="database"/> <xsd:enumeration value="document"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name="expirationEvent" type="xsd:string" use="optional"/> <xsd:attribute name="expirationEventDate" type="xsd:dateTime" use="optional"/> <xsd:attribute name="maxRetentionSinceExpirationEvent" type="xsd:duration" use="required"/> </xsd:extension> </xsd:simpleContent> </xsd:complexType> </xsd:element> <xsd:element minOccurs="0" maxOccurs="unbounded" name="precisionTarget"> <xsd:complexType> <xsd:simpleContent> <xsd:extension base="xsd:string"> <xsd:attribute name="mandatedByPolicySet" type="xsd:string" use="optional"/> <xsd:attribute name="itemType" use="required"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="field"/> <xsd:enumeration value="row"/> <xsd:enumeration value="column"/> <xsd:enumeration value="table"/> <xsd:enumeration value="collection"/> <xsd:enumeration value="database"/> <xsd:enumeration value="document"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name="maxPercentageOfIncorrectItems" use="required"> <xsd:simpleType> <xsd:restriction base="xsd:float"> <xsd:maxInclusive value="100"/> <xsd:minInclusive value="0"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> </xsd:extension> </xsd:simpleContent> </xsd:complexType> </xsd:element>
  32. 32. 32 <xsd:element minOccurs="0" maxOccurs="unbounded" name="relevanceTarget"> <xsd:complexType> <xsd:simpleContent> <xsd:extension base="xsd:string"> <xsd:attribute name="mandatedByPolicySet" type="xsd:string" use="optional"/> <xsd:attribute name="itemType" use="required"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="field"/> <xsd:enumeration value="row"/> <xsd:enumeration value="column"/> <xsd:enumeration value="table"/> <xsd:enumeration value="collection"/> <xsd:enumeration value="database"/> <xsd:enumeration value="document"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name="maxPercentageOfOutDatedItems" use="required"> <xsd:simpleType> <xsd:restriction base="xsd:float"> <xsd:maxInclusive value="100"/> <xsd:minInclusive value="0"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name="averageRelevanceOfItems" type="xsd:duration" use="optional"/> </xsd:extension> </xsd:simpleContent> </xsd:complexType> </xsd:element> <xsd:element minOccurs="0" maxOccurs="unbounded" name="completenessTarget"> <xsd:complexType> <xsd:simpleContent> <xsd:extension base="xsd:string"> <xsd:attribute name="mandatedByPolicySet" type="xsd:string" use="optional"/> <xsd:attribute name="itemType" use="required"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="field"/> <xsd:enumeration value="row"/> <xsd:enumeration value="column"/> <xsd:enumeration value="table"/> <xsd:enumeration value="database"/> <xsd:enumeration value="document"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name="maxNumberOfUnnecessaryItems" type="xsd:integer" use="optional"/> <xsd:attribute name="maxPercentageOfEmptyItems" use="optional"> <xsd:simpleType> <xsd:restriction base="xsd:float"> <xsd:maxInclusive value="100"/> <xsd:minInclusive value="0"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name="maxPercentageOfMissingItems" use="optional"> <xsd:simpleType>
  33. 33. 33 <xsd:restriction base="xsd:float"> <xsd:maxInclusive value="100"/> <xsd:minInclusive value="0"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name="maxPercentageOfIncoherentItems" use="optional"> <xsd:simpleType> <xsd:restriction base="xsd:float"> <xsd:maxInclusive value="100"/> <xsd:minInclusive value="0"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> </xsd:extension> </xsd:simpleContent> </xsd:complexType> </xsd:element> <xsd:element minOccurs="0" name="electricityTarget"> <xsd:complexType> <xsd:simpleContent> <xsd:extension base="xsd:string"> <xsd:attribute name="cType" use="required"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="Direct Current"/> <xsd:enumeration value="Alternating Current"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name="upperCurrentLimit" type="xsd:float" use="required"/> <xsd:attribute name="lowerCurrentLimit" type="xsd:float" use="optional"/> <xsd:attribute default="Ampere" name="currentUnits" type="xsd:string" use="optional"/> <xsd:attribute name="upperVoltage" type="xsd:float" use="required"/> <xsd:attribute name="lowerVoltage" type="xsd:float" use="optional"/> <xsd:attribute default="Volt" name="voltageUnits" type="xsd:string" use="optional"/> </xsd:extension> </xsd:simpleContent> </xsd:complexType> </xsd:element> <xsd:element minOccurs="0" name="temperatureTarget"> <xsd:complexType> <xsd:simpleContent> <xsd:extension base="xsd:string"> <xsd:attribute name="upperLimit" type="xsd:float" use="required" /> <xsd:attribute name="lowerLimit" type="xsd:float" use="optional" /> <xsd:attribute name="temperatureUnits" use="required"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="celsius" /> <xsd:enumeration value="farenheit" /> <xsd:enumeration value="kelvin" /> </xsd:restriction> </xsd:simpleType> </xsd:attribute> </xsd:extension> </xsd:simpleContent> </xsd:complexType> </xsd:element>
  34. 34. 34 <xsd:element minOccurs="0" name="humidityTarget"> <xsd:complexType> <xsd:simpleContent> <xsd:extension base="xsd:string"> <xsd:attribute name="upperLimit" type="xsd:float" use="required" /> <xsd:attribute name="lowerLimit" type="xsd:float" use="optional" /> <xsd:attribute default="absolute" name="humidityUnits" type="xsd:string" use="optional" /> </xsd:extension> </xsd:simpleContent> </xsd:complexType> </xsd:element> <xsd:element minOccurs="0" name="lightTarget"> <xsd:complexType> <xsd:simpleContent> <xsd:extension base="xsd:string"> <xsd:attribute name="upperLimit" type="xsd:float" use="required"/> <xsd:attribute name="lowerLimit" type="xsd:float" use="optional"/> <xsd:attribute name="lightUnits" use="required"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="lux"/> <xsd:enumeration value="lumen"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> </xsd:extension> </xsd:simpleContent> </xsd:complexType> </xsd:element> <xsd:element minOccurs="0" name="radiationTarget"> <xsd:complexType> <xsd:simpleContent> <xsd:extension base="xsd:string"> <xsd:attribute name="upperLimit" type="xsd:float" use="required" /> <xsd:attribute name="radiationUnits" type="xsd:string" use="required" /> </xsd:extension> </xsd:simpleContent> </xsd:complexType> </xsd:element> </xsd:sequence> </xsd:complexType> <xsd:element name="ITObject" type="auto1:ITObjectType" /> </xsd:schema>

×