OSCAL Catalog 1.0.5 (SchemaStore) JSON Schema

oscal-catalog-oscal-catalog:catalog object

A collection of controls.

uuid string required

A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.

pattern=^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$

metadata assembly_oscal-metadata_metadata required

params assembly_oscal-catalog-common_parameter[]

minItems=1

controls assembly_oscal-catalog_control[]

minItems=1

groups assembly_oscal-catalog_group[]

minItems=1

back-matter assembly_oscal-metadata_back-matter

oscal-catalog-oscal-catalog:group object

A group of controls, or of groups of controls.

title string required

A name given to the group, which may be used by a tool for display and navigation.

id string

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

class string

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

params assembly_oscal-catalog-common_parameter[]

minItems=1

props assembly_oscal-metadata_property[]

minItems=1

links assembly_oscal-metadata_link[]

minItems=1

parts assembly_oscal-catalog-common_part[]

minItems=1

groups assembly_oscal-catalog_group[]

minItems=1

controls assembly_oscal-catalog_control[]

minItems=1

oscal-catalog-oscal-catalog:control object

A structured information object representing a security or privacy control. Each security or privacy control within the Catalog is defined by a distinct control instance.

id string required

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

title string required

A name given to the control, which may be used by a tool for display and navigation.

class string

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

params assembly_oscal-catalog-common_parameter[]

minItems=1

props assembly_oscal-metadata_property[]

minItems=1

links assembly_oscal-metadata_link[]

minItems=1

parts assembly_oscal-catalog-common_part[]

minItems=1

controls assembly_oscal-catalog_control[]

minItems=1

oscal-catalog-oscal-catalog-common:part object

A partition of a control's definition or a child of another part.

name string required

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

id string

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

ns string

format=uripattern=^[a-zA-Z][a-zA-Z0-9+\-.]+:.+$

class string

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

title string

A name given to the part, which may be used by a tool for display and navigation.

props assembly_oscal-metadata_property[]

minItems=1

prose string

Permits multiple paragraphs, lists, tables etc.

parts assembly_oscal-catalog-common_part[]

minItems=1

links assembly_oscal-metadata_link[]

minItems=1

oscal-catalog-oscal-catalog-common:parameter object

Parameters provide a mechanism for the dynamic assignment of value(s) in a control.

id string required

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

class string

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

depends-on string

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

props assembly_oscal-metadata_property[]

minItems=1

links assembly_oscal-metadata_link[]

minItems=1

label string

A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned.

usage string

Describes the purpose and use of a parameter

constraints assembly_oscal-catalog-common_parameter-constraint[]

minItems=1

guidelines assembly_oscal-catalog-common_parameter-guideline[]

minItems=1

values field_oscal-catalog-common_parameter-value[]

minItems=1

select assembly_oscal-catalog-common_parameter-selection

remarks field_oscal-metadata_remarks

oscal-catalog-oscal-catalog-common:parameter-constraint object

A formal or informal expression of a constraint or test

description string

A textual summary of the constraint to be applied.

tests object[]

minItems=1

oscal-catalog-oscal-catalog-common:parameter-guideline object

A prose statement that provides a recommendation for the use of a parameter.

prose string required

Prose permits multiple paragraphs, lists, tables etc.

oscal-catalog-oscal-catalog-common:parameter-value string

oscal-catalog-oscal-catalog-common:parameter-selection object

Presenting a choice among alternatives

how-many

Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.

All of: TokenDatatype string, enum enum

choice string[]

minItems=1

oscal-catalog-oscal-catalog-common:include-all object

Include all controls from the imported catalog or profile resources.

oscal-catalog-oscal-metadata:metadata object

Provides information about the publication and availability of the containing document.

title string required

A name given to the document, which may be used by a tool for display and navigation.

last-modified field_oscal-metadata_last-modified required

version field_oscal-metadata_version required

oscal-version field_oscal-metadata_oscal-version required

published field_oscal-metadata_published

revisions assembly_oscal-metadata_revision[]

minItems=1

document-ids field_oscal-metadata_document-id[]

minItems=1

props assembly_oscal-metadata_property[]

minItems=1

links assembly_oscal-metadata_link[]

minItems=1

roles assembly_oscal-metadata_role[]

minItems=1

locations assembly_oscal-metadata_location[]

minItems=1

parties assembly_oscal-metadata_party[]

minItems=1

responsible-parties assembly_oscal-metadata_responsible-party[]

minItems=1

remarks field_oscal-metadata_remarks

oscal-catalog-oscal-metadata:revision object

An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first).

version field_oscal-metadata_version required

title string

A name given to the document revision, which may be used by a tool for display and navigation.

published field_oscal-metadata_published

last-modified field_oscal-metadata_last-modified

oscal-version field_oscal-metadata_oscal-version

props assembly_oscal-metadata_property[]

minItems=1

links assembly_oscal-metadata_link[]

minItems=1

remarks field_oscal-metadata_remarks

oscal-catalog-oscal-metadata:location object

A location, with associated metadata that can be referenced.

uuid string required

A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.

pattern=^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$

address assembly_oscal-metadata_address required

title string

A name given to the location, which may be used by a tool for display and navigation.

email-addresses field_oscal-metadata_email-address[]

minItems=1

telephone-numbers field_oscal-metadata_telephone-number[]

minItems=1

urls URIDatatype[]

minItems=1

props assembly_oscal-metadata_property[]

minItems=1

links assembly_oscal-metadata_link[]

minItems=1

remarks field_oscal-metadata_remarks

oscal-catalog-oscal-metadata:location-uuid string

A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.

oscal-catalog-oscal-metadata:party object

A responsible entity which is either a person or an organization.

uuid string required

A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.

pattern=^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$

type required

A category describing the kind of party the object describes.

All of: StringDatatype string, enum enum

name string

pattern=^\S(.*\S)?$

short-name string

pattern=^\S(.*\S)?$

external-ids object[]

minItems=1

props assembly_oscal-metadata_property[]

minItems=1

links assembly_oscal-metadata_link[]

minItems=1

email-addresses field_oscal-metadata_email-address[]

minItems=1

telephone-numbers field_oscal-metadata_telephone-number[]

minItems=1

addresses assembly_oscal-metadata_address[]

minItems=1

location-uuids field_oscal-metadata_location-uuid[]

minItems=1

member-of-organizations UUIDDatatype[]

minItems=1

remarks field_oscal-metadata_remarks

oscal-catalog-oscal-metadata:party-uuid string

A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.

oscal-catalog-oscal-metadata:role object

Defines a function assumed or expected to be assumed by a party in a specific situation.

id string required

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

title string required

A name given to the role, which may be used by a tool for display and navigation.

short-name string

pattern=^\S(.*\S)?$

description string

A summary of the role's purpose and associated responsibilities.

props assembly_oscal-metadata_property[]

minItems=1

links assembly_oscal-metadata_link[]

minItems=1

remarks field_oscal-metadata_remarks

oscal-catalog-oscal-metadata:role-id string

oscal-catalog-oscal-metadata:back-matter object

A collection of resources, which may be included directly or by reference.

resources object[]

minItems=1

oscal-catalog-oscal-metadata:property object

An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values.

name required

A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.

All of: TokenDatatype string, enum enum

value string required

pattern=^\S(.*\S)?$

uuid string

A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.

pattern=^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$

ns string

format=uripattern=^[a-zA-Z][a-zA-Z0-9+\-.]+:.+$

class string

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

remarks field_oscal-metadata_remarks

oscal-catalog-oscal-metadata:link object

A reference to a local or remote resource

href string required

format=uri-reference

rel

Describes the type of relationship provided by the link. This can be an indicator of the link's purpose.

All of: TokenDatatype string, enum enum

media-type string

pattern=^\S(.*\S)?$

text string

A textual label to associate with the link, which may be used for presentation in a tool.

oscal-catalog-oscal-metadata:responsible-party object

A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object.

role-id string required

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

party-uuids field_oscal-metadata_party-uuid[] required

minItems=1

props assembly_oscal-metadata_property[]

minItems=1

links assembly_oscal-metadata_link[]

minItems=1

remarks field_oscal-metadata_remarks

oscal-catalog-oscal-metadata:responsible-role object

A reference to one or more roles with responsibility for performing a function relative to the containing object.

role-id string required

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

props assembly_oscal-metadata_property[]

minItems=1

links assembly_oscal-metadata_link[]

minItems=1

party-uuids field_oscal-metadata_party-uuid[]

minItems=1

remarks field_oscal-metadata_remarks

oscal-catalog-oscal-metadata:hash object

A representation of a cryptographic digest generated over a resource using a specified hash algorithm.

algorithm required

Method by which a hash is derived

All of: StringDatatype string, enum enum

value string required

pattern=^\S(.*\S)?$

oscal-catalog-oscal-metadata:remarks string

Additional commentary on the containing object.

oscal-catalog-oscal-metadata:published string

oscal-catalog-oscal-metadata:last-modified string

oscal-catalog-oscal-metadata:version string

oscal-catalog-oscal-metadata:oscal-version string

oscal-catalog-oscal-metadata:email-address

oscal-catalog-oscal-metadata:telephone-number object

Contact number by telephone.

number string required

pattern=^\S(.*\S)?$

type

Indicates the type of phone number.

All of: StringDatatype string, enum enum

oscal-catalog-oscal-metadata:address object

A postal address for the location.

type

Indicates the type of address.

All of: TokenDatatype string, enum enum

addr-lines field_oscal-metadata_addr-line[]

minItems=1

city string

pattern=^\S(.*\S)?$

state string

pattern=^\S(.*\S)?$

postal-code string

pattern=^\S(.*\S)?$

country string

pattern=^\S(.*\S)?$

oscal-catalog-oscal-metadata:addr-line string

oscal-catalog-oscal-metadata:document-id object

A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element.

identifier string required

pattern=^\S(.*\S)?$

scheme

Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.

All of: URIDatatype string, enum enum

Base64Datatype string

DateTimeWithTimezoneDatatype string

EmailAddressDatatype

StringDatatype string

TokenDatatype string

URIDatatype string

URIReferenceDatatype string

UUIDDatatype string

A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.

OSCAL Catalog

Schema URL

Properties

Definitions