OSCAL Profile 1.0.5 (SchemaStore) JSON Schema

oscal-profile-oscal-profile:profile object

Each OSCAL profile is defined by a Profile element

uuid string required

A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.

pattern=^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$

metadata assembly_oscal-metadata_metadata required

imports assembly_oscal-profile_import[] required

minItems=1

merge assembly_oscal-profile_merge

modify assembly_oscal-profile_modify

back-matter assembly_oscal-metadata_back-matter

oscal-profile-oscal-profile:import object

The import designates a catalog or profile to be included (referenced and potentially modified) by this profile. The import also identifies which controls to select using the include-all, include-controls, and exclude-controls directives.

href string required

format=uri-reference

include-all assembly_oscal-catalog-common_include-all

include-controls assembly_oscal-profile_select-control-by-id[]

minItems=1

exclude-controls assembly_oscal-profile_select-control-by-id[]

minItems=1

oscal-profile-oscal-profile:merge object

A Merge element provides structuring directives that drive how controls are organized after resolution.

combine object

A Combine element defines how to combine multiple (competing) versions of the same control.

1 nested properties

method

How clashing controls should be handled

All of: StringDatatype string, enum enum

flat object

Use the flat structuring method.

as-is boolean

custom object

A Custom element frames a structure for embedding represented controls in resolution.

2 nested properties

groups assembly_oscal-profile_group[]

minItems=1

insert-controls assembly_oscal-profile_insert-controls[]

minItems=1

oscal-profile-oscal-profile:group object

A group of (selected) controls or of groups of controls

title string required

A name given to the group, which may be used by a tool for display and navigation.

id string

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

class string

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

params assembly_oscal-catalog-common_parameter[]

minItems=1

props assembly_oscal-metadata_property[]

minItems=1

links assembly_oscal-metadata_link[]

minItems=1

parts assembly_oscal-catalog-common_part[]

minItems=1

groups assembly_oscal-profile_group[]

minItems=1

insert-controls assembly_oscal-profile_insert-controls[]

minItems=1

oscal-profile-oscal-profile:modify object

Set parameters or amend controls in resolution

set-parameters object[]

minItems=1

alters assembly_oscal-profile_alter[]

minItems=1

oscal-profile-oscal-profile:insert-controls object

Specifies which controls to use in the containing context.

order

A designation of how a selection of controls in a profile is to be ordered.

All of: TokenDatatype string, enum enum

include-all assembly_oscal-catalog-common_include-all

include-controls assembly_oscal-profile_select-control-by-id[]

minItems=1

exclude-controls assembly_oscal-profile_select-control-by-id[]

minItems=1

oscal-profile-oscal-profile:select-control-by-id object

Call a control by its ID

with-child-controls

When a control is included, whether its child (dependent) controls are also included.

All of: TokenDatatype string, enum enum

with-ids TokenDatatype[]

minItems=1

matching object[]

minItems=1

oscal-profile-oscal-profile:alter object

An Alter element specifies changes to be made to an included control when a profile is resolved.

control-id string required

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

removes assembly_oscal-profile_remove[]

minItems=1

adds assembly_oscal-profile_add[]

minItems=1

oscal-profile-oscal-profile:remove object

Specifies objects to be removed from a control based on specific aspects of the object that must all match.

by-name string

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

by-class string

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

by-id string

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

by-item-name string

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

by-ns string

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

oscal-profile-oscal-profile:add object

Specifies contents to be added into controls, in resolution

position

Where to add the new content with respect to the targeted element (beside it or inside it)

All of: TokenDatatype string, enum enum

by-id string

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

title string

A name given to the control, which may be used by a tool for display and navigation.

params assembly_oscal-catalog-common_parameter[]

minItems=1

props assembly_oscal-metadata_property[]

minItems=1

links assembly_oscal-metadata_link[]

minItems=1

parts assembly_oscal-catalog-common_part[]

minItems=1

oscal-profile-oscal-metadata:metadata object

Provides information about the publication and availability of the containing document.

title string required

A name given to the document, which may be used by a tool for display and navigation.

last-modified field_oscal-metadata_last-modified required

version field_oscal-metadata_version required

oscal-version field_oscal-metadata_oscal-version required

published field_oscal-metadata_published

revisions assembly_oscal-metadata_revision[]

minItems=1

document-ids field_oscal-metadata_document-id[]

minItems=1

props assembly_oscal-metadata_property[]

minItems=1

links assembly_oscal-metadata_link[]

minItems=1

roles assembly_oscal-metadata_role[]

minItems=1

locations assembly_oscal-metadata_location[]

minItems=1

parties assembly_oscal-metadata_party[]

minItems=1

responsible-parties assembly_oscal-metadata_responsible-party[]

minItems=1

remarks field_oscal-metadata_remarks

oscal-profile-oscal-metadata:revision object

An entry in a sequential list of revisions to the containing document in reverse chronological order (i.e., most recent previous revision first).

version field_oscal-metadata_version required

title string

A name given to the document revision, which may be used by a tool for display and navigation.

published field_oscal-metadata_published

last-modified field_oscal-metadata_last-modified

oscal-version field_oscal-metadata_oscal-version

props assembly_oscal-metadata_property[]

minItems=1

links assembly_oscal-metadata_link[]

minItems=1

remarks field_oscal-metadata_remarks

oscal-profile-oscal-metadata:location object

A location, with associated metadata that can be referenced.

uuid string required

A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.

pattern=^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$

address assembly_oscal-metadata_address required

title string

A name given to the location, which may be used by a tool for display and navigation.

email-addresses field_oscal-metadata_email-address[]

minItems=1

telephone-numbers field_oscal-metadata_telephone-number[]

minItems=1

urls URIDatatype[]

minItems=1

props assembly_oscal-metadata_property[]

minItems=1

links assembly_oscal-metadata_link[]

minItems=1

remarks field_oscal-metadata_remarks

oscal-profile-oscal-metadata:location-uuid string

A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.

oscal-profile-oscal-metadata:party object

A responsible entity which is either a person or an organization.

uuid string required

A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.

pattern=^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$

type required

A category describing the kind of party the object describes.

All of: StringDatatype string, enum enum

name string

pattern=^\S(.*\S)?$

short-name string

pattern=^\S(.*\S)?$

external-ids object[]

minItems=1

props assembly_oscal-metadata_property[]

minItems=1

links assembly_oscal-metadata_link[]

minItems=1

email-addresses field_oscal-metadata_email-address[]

minItems=1

telephone-numbers field_oscal-metadata_telephone-number[]

minItems=1

addresses assembly_oscal-metadata_address[]

minItems=1

location-uuids field_oscal-metadata_location-uuid[]

minItems=1

member-of-organizations UUIDDatatype[]

minItems=1

remarks field_oscal-metadata_remarks

oscal-profile-oscal-metadata:party-uuid string

A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.

oscal-profile-oscal-metadata:role object

Defines a function assumed or expected to be assumed by a party in a specific situation.

id string required

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

title string required

A name given to the role, which may be used by a tool for display and navigation.

short-name string

pattern=^\S(.*\S)?$

description string

A summary of the role's purpose and associated responsibilities.

props assembly_oscal-metadata_property[]

minItems=1

links assembly_oscal-metadata_link[]

minItems=1

remarks field_oscal-metadata_remarks

oscal-profile-oscal-metadata:role-id string

oscal-profile-oscal-metadata:back-matter object

A collection of resources, which may be included directly or by reference.

resources object[]

minItems=1

oscal-profile-oscal-metadata:property object

An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair. The value of a property is a simple scalar value, which may be expressed as a list of values.

name required

A textual label that uniquely identifies a specific attribute, characteristic, or quality of the property's containing object.

All of: TokenDatatype string, enum enum

value string required

pattern=^\S(.*\S)?$

uuid string

A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.

pattern=^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$

ns string

format=uripattern=^[a-zA-Z][a-zA-Z0-9+\-.]+:.+$

class string

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

remarks field_oscal-metadata_remarks

oscal-profile-oscal-metadata:link object

A reference to a local or remote resource

href string required

format=uri-reference

rel

Describes the type of relationship provided by the link. This can be an indicator of the link's purpose.

All of: TokenDatatype string, enum enum

media-type string

pattern=^\S(.*\S)?$

text string

A textual label to associate with the link, which may be used for presentation in a tool.

oscal-profile-oscal-metadata:responsible-party object

A reference to a set of organizations or persons that have responsibility for performing a referenced role in the context of the containing object.

role-id string required

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

party-uuids field_oscal-metadata_party-uuid[] required

minItems=1

props assembly_oscal-metadata_property[]

minItems=1

links assembly_oscal-metadata_link[]

minItems=1

remarks field_oscal-metadata_remarks

oscal-profile-oscal-metadata:responsible-role object

A reference to one or more roles with responsibility for performing a function relative to the containing object.

role-id string required

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

props assembly_oscal-metadata_property[]

minItems=1

links assembly_oscal-metadata_link[]

minItems=1

party-uuids field_oscal-metadata_party-uuid[]

minItems=1

remarks field_oscal-metadata_remarks

oscal-profile-oscal-metadata:hash object

A representation of a cryptographic digest generated over a resource using a specified hash algorithm.

algorithm required

Method by which a hash is derived

All of: StringDatatype string, enum enum

value string required

pattern=^\S(.*\S)?$

oscal-profile-oscal-metadata:remarks string

Additional commentary on the containing object.

oscal-profile-oscal-metadata:published string

oscal-profile-oscal-metadata:last-modified string

oscal-profile-oscal-metadata:version string

oscal-profile-oscal-metadata:oscal-version string

oscal-profile-oscal-metadata:email-address

oscal-profile-oscal-metadata:telephone-number object

Contact number by telephone.

number string required

pattern=^\S(.*\S)?$

type

Indicates the type of phone number.

All of: StringDatatype string, enum enum

oscal-profile-oscal-metadata:address object

A postal address for the location.

type

Indicates the type of address.

All of: TokenDatatype string, enum enum

addr-lines field_oscal-metadata_addr-line[]

minItems=1

city string

pattern=^\S(.*\S)?$

state string

pattern=^\S(.*\S)?$

postal-code string

pattern=^\S(.*\S)?$

country string

pattern=^\S(.*\S)?$

oscal-profile-oscal-metadata:addr-line string

oscal-profile-oscal-metadata:document-id object

A document identifier qualified by an identifier scheme. A document identifier provides a globally unique identifier with a cross-instance scope that is used for a group of documents that are to be treated as different versions of the same document. If this element does not appear, or if the value of this element is empty, the value of "document-id" is equal to the value of the "uuid" flag of the top-level root element.

identifier string required

pattern=^\S(.*\S)?$

scheme

Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.

All of: URIDatatype string, enum enum

oscal-profile-oscal-catalog-common:part object

A partition of a control's definition or a child of another part.

name string required

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

id string

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

ns string

format=uripattern=^[a-zA-Z][a-zA-Z0-9+\-.]+:.+$

class string

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

title string

A name given to the part, which may be used by a tool for display and navigation.

props assembly_oscal-metadata_property[]

minItems=1

prose string

Permits multiple paragraphs, lists, tables etc.

parts assembly_oscal-catalog-common_part[]

minItems=1

links assembly_oscal-metadata_link[]

minItems=1

oscal-profile-oscal-catalog-common:parameter object

Parameters provide a mechanism for the dynamic assignment of value(s) in a control.

id string required

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

class string

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

depends-on string

pattern=^(\p{L}|_)(\p{L}|\p{N}|[.\-_])*$

props assembly_oscal-metadata_property[]

minItems=1

links assembly_oscal-metadata_link[]

minItems=1

label string

A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned.

usage string

Describes the purpose and use of a parameter

constraints assembly_oscal-catalog-common_parameter-constraint[]

minItems=1

guidelines assembly_oscal-catalog-common_parameter-guideline[]

minItems=1

values field_oscal-catalog-common_parameter-value[]

minItems=1

select assembly_oscal-catalog-common_parameter-selection

remarks field_oscal-metadata_remarks

oscal-profile-oscal-catalog-common:parameter-constraint object

A formal or informal expression of a constraint or test

description string

A textual summary of the constraint to be applied.

tests object[]

minItems=1

oscal-profile-oscal-catalog-common:parameter-guideline object

A prose statement that provides a recommendation for the use of a parameter.

prose string required

Prose permits multiple paragraphs, lists, tables etc.

oscal-profile-oscal-catalog-common:parameter-value string

oscal-profile-oscal-catalog-common:parameter-selection object

Presenting a choice among alternatives

how-many

Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.

All of: TokenDatatype string, enum enum

choice string[]

minItems=1

oscal-profile-oscal-catalog-common:include-all object

Include all controls from the imported catalog or profile resources.

Base64Datatype string

BooleanDatatype boolean

DateTimeWithTimezoneDatatype string

EmailAddressDatatype

StringDatatype string

TokenDatatype string

URIDatatype string

URIReferenceDatatype string

UUIDDatatype string

A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.

OSCAL Profile

Schema URL

Properties

Definitions