gov.nist.secauto.oscal.lib.model.Characterization.Facet

All Implemented Interfaces:: gov.nist.secauto.metaschema.core.model.IBoundObject

Enclosing class:: Characterization

@MetaschemaAssembly(formalName="Facet", description="An individual characteristic that is part of a larger set produced by the same actor.", name="facet", moduleClass=OscalAssessmentCommonModule.class, valueConstraints=@AllowedValues(level=ERROR,target="prop[has-oscal-namespace(\'http://csrc.nist.gov/ns/oscal\')]/@name",values=@AllowedValue(value="state",description="Indicates if the facet is \'initial\' as first identified, or \'adjusted\' indicating that the value has be changed after some adjustments have been made (e.g., to identify residual risk).")) @AllowedValues(level=ERROR,target="prop[has-oscal-namespace(\'http://csrc.nist.gov/ns/oscal\') and @name=\'state\']/@value",values={@AllowedValue(value="initial",description="As first identified."),@AllowedValue(value="adjusted",description="Indicates that residual risk remains after some adjustments have been made.")}) @AllowedValues(level=ERROR,target="(.)[@system=\'http://csrc.nist.gov/ns/oscal\']/@name",values={@AllowedValue(value="likelihood",description="General likelihood rating."),@AllowedValue(value="impact",description="General impact rating."),@AllowedValue(value="risk",description="General risk rating."),@AllowedValue(value="severity",description="General severity rating.")}) @AllowedValues(level=ERROR,target="(.)[@system=(\'http://fedramp.gov\',\'http://fedramp.gov/ns/oscal\')]/@name",values={@AllowedValue(value="likelihood",description="Likelihood as defined by FedRAMP. The `class` can be used to specify \'initial\' and \'adjusted\' risk states."),@AllowedValue(value="impact",description="Impact as defined by FedRAMP. The `class` can be used to specify \'initial\' and \'adjusted\' risk states."),@AllowedValue(value="risk",description="Risk as calculated according to FedRAMP. The `class` can be used to specify \'initial\' and \'adjusted\' risk states.")}) @AllowedValues(level=ERROR,target="(.)[@system=\'http://cve.mitre.org\']/@name",values=@AllowedValue(value="cve-id",description="An identifier managed by the CVE program (see https://cve.mitre.org/).")) @AllowedValues(level=ERROR,target="(.)[@system=\'http://www.first.org/cvss/v2.0\']/@name",values={@AllowedValue(value="access-vector",description="Base: Access Vector"),@AllowedValue(value="access-complexity",description="Base: Access Complexity"),@AllowedValue(value="authentication",description="Base: Authentication"),@AllowedValue(value="confidentiality-impact",description="Base: Confidentiality Impact"),@AllowedValue(value="integrity-impact",description="Base: Integrity Impact"),@AllowedValue(value="availability-impact",description="Base: Availability Impact"),@AllowedValue(value="exploitability",description="Temporal: Exploitability"),@AllowedValue(value="remediation-level",description="Temporal: Remediation Level"),@AllowedValue(value="report-confidence",description="Temporal: Report Confidence"),@AllowedValue(value="collateral-damage-potential",description="Environmental: Collateral Damage Potential"),@AllowedValue(value="target-distribution",description="Environmental: Target Distribution"),@AllowedValue(value="confidentiality-requirement",description="Environmental: Confidentiality Requirement"),@AllowedValue(value="integrity-requirement",description="Environmental: Integrity Requirement"),@AllowedValue(value="availability-requirement",description="Environmental: Availability Requirement")}) @AllowedValues(level=ERROR,target="(.)[@system=\'http://www.first.org/cvss/v2.0\' and @name=\'access-vector\']/@value",values={@AllowedValue(value="local",description="Local"),@AllowedValue(value="adjacent-network",description="Network Adjacent"),@AllowedValue(value="network",description="Network")}) @AllowedValues(level=ERROR,target="(.)[@system=\'http://www.first.org/cvss/v2.0\' and @name=\'access-complexity\']/@value",values={@AllowedValue(value="high",description="High"),@AllowedValue(value="medium",description="Medium"),@AllowedValue(value="low",description="Low")}) @AllowedValues(level=ERROR,target="(.)[@system=\'http://www.first.org/cvss/v2.0\' and @name=\'authentication\']/@value",values={@AllowedValue(value="multiple",description="Multiple"),@AllowedValue(value="single",description="Single"),@AllowedValue(value="none",description="None")}) @AllowedValues(level=ERROR,target="(.)[@system=\'http://www.first.org/cvss/v2.0\' and @name=(\'confidentiality-impact\', \'integrity-impact\', \'availability-impact\')]/@value",values={@AllowedValue(value="none",description="None"),@AllowedValue(value="partial",description="Partial"),@AllowedValue(value="complete",description="Complete")}) @AllowedValues(level=ERROR,target="(.)[@system=\'http://www.first.org/cvss/v2.0\' and @name=\'exploitability\']/@value",values={@AllowedValue(value="unproven",description="Unproven"),@AllowedValue(value="proof-of-concept",description="Proof-of-Concept"),@AllowedValue(value="functional",description="Functional"),@AllowedValue(value="high",description="High"),@AllowedValue(value="not-defined",description="Not Defined")}) @AllowedValues(level=ERROR,target="(.)[@system=\'http://www.first.org/cvss/v2.0\' and @name=\'remediation-level\']/@value",values={@AllowedValue(value="official-fix",description="Official Fix"),@AllowedValue(value="temporary-fix",description="Temporary Fix"),@AllowedValue(value="workaround",description="Workaround"),@AllowedValue(value="unavailable",description="Unavailable"),@AllowedValue(value="not-defined",description="Not Defined")}) @AllowedValues(level=ERROR,target="(.)[@system=\'http://www.first.org/cvss/v2.0\' and @name=\'report-confidence\']/@value",values={@AllowedValue(value="unconfirmed",description="Unconfirmed"),@AllowedValue(value="uncorroborated",description="Uncorroborated"),@AllowedValue(value="confirmed",description="Confirmed"),@AllowedValue(value="not-defined",description="Not Defined")}) @AllowedValues(level=ERROR,target="(.)[@system=\'http://www.first.org/cvss/v2.0\' and @name=\'collateral-damage-potential\']/@value",values={@AllowedValue(value="none",description="None"),@AllowedValue(value="low",description="Low (light loss)"),@AllowedValue(value="low-medium",description="Low Medium"),@AllowedValue(value="medium-high",description="Medium High"),@AllowedValue(value="high",description="High (catastrophic loss)"),@AllowedValue(value="not-defined",description="Not Defined")}) @AllowedValues(level=ERROR,target="(.)[@system=\'http://www.first.org/cvss/v2.0\' and @name=(\'target-distribution\', \'confidentiality-requirement\', \'integrity-requirement\', \'availability-requirement\')]/@value",values={@AllowedValue(value="none",description=""),@AllowedValue(value="low",description=""),@AllowedValue(value="medium",description=""),@AllowedValue(value="high",description=""),@AllowedValue(value="not-defined",description="")}) @AllowedValues(level=ERROR,target="(.)[@system=(\'http://www.first.org/cvss/v3.0\', \'http://www.first.org/cvss/v3.1\')]/@name",values={@AllowedValue(value="attack-vector",description="Base: Attack Vector"),@AllowedValue(value="access-complexity",description="Base: Attack Complexity"),@AllowedValue(value="privileges-required",description="Base: Privileges Required"),@AllowedValue(value="user-interaction",description="Base: User Interaction"),@AllowedValue(value="scope",description="Base: Scope"),@AllowedValue(value="confidentiality-impact",description="Base: Confidentiality Impact"),@AllowedValue(value="integrity-impact",description="Base: Integrity Impact"),@AllowedValue(value="availability-impact",description="Base: Availability Impact"),@AllowedValue(value="exploit-code-maturity",description="Temporal: Exploit Code Maturity"),@AllowedValue(value="remediation-level",description="Temporal: Remediation Level"),@AllowedValue(value="report-confidence",description="Temporal: Report Confidence"),@AllowedValue(value="modified-attack-vector",description="Environmental: Modified Attack Vector"),@AllowedValue(value="modified-attack-complexity",description="Environmental: Modified Attack Complexity"),@AllowedValue(value="modified-privileges-required",description="Environmental: Modified Privileges Required"),@AllowedValue(value="modified-user-interaction",description="Environmental: Modified User Interaction"),@AllowedValue(value="modified-scope",description="Environmental: Modified Scope"),@AllowedValue(value="modified-confidentiality",description="Environmental: Modified Confidentiality"),@AllowedValue(value="modified-integrity",description="Environmental: Modified Integrity"),@AllowedValue(value="modified-availability",description="Environmental: Modified Availability"),@AllowedValue(value="confidentiality-requirement",description="Environmental: Confidentiality Requirement Modifier"),@AllowedValue(value="integrity-requirement",description="Environmental: Integrity Requirement Modifier"),@AllowedValue(value="availability-requirement",description="Environmental: Availability Requirement Modifier")}) @AllowedValues(level=ERROR,target="(.)[@system=(\'http://www.first.org/cvss/v3.0\', \'http://www.first.org/cvss/v3.1\') and @name=\'access-vector\']/@value",values={@AllowedValue(value="network",description="Network"),@AllowedValue(value="adjacent",description="Adjacent"),@AllowedValue(value="local",description="Local"),@AllowedValue(value="physical",description="Physical")}) @AllowedValues(level=ERROR,target="(.)[@system=(\'http://www.first.org/cvss/v3.0\', \'http://www.first.org/cvss/v3.1\') and @name=\'access-complexity\']/@value",values={@AllowedValue(value="high",description="High"),@AllowedValue(value="low",description="Low")}) @AllowedValues(level=ERROR,target="(.)[@system=(\'http://www.first.org/cvss/v3.0\', \'http://www.first.org/cvss/v3.1\') and @name=(\'privileges-required\', \'confidentiality-impact\', \'integrity-impact\', \'availability-impact\')]/@value",values={@AllowedValue(value="none",description="None"),@AllowedValue(value="low",description="Low"),@AllowedValue(value="high",description="High")}) @AllowedValues(level=ERROR,target="(.)[@system=(\'http://www.first.org/cvss/v3.0\', \'http://www.first.org/cvss/v3.1\') and @name=\'user-interaction\']/@value",values={@AllowedValue(value="none",description="None"),@AllowedValue(value="required",description="Required")}) @AllowedValues(level=ERROR,target="(.)[@system=(\'http://www.first.org/cvss/v3.0\', \'http://www.first.org/cvss/v3.1\') and @name=\'scope\']/@value",values={@AllowedValue(value="unchanged",description="Unchanged"),@AllowedValue(value="changed",description="Changed")}) @AllowedValues(level=ERROR,target="(.)[@system=(\'http://www.first.org/cvss/v3.0\', \'http://www.first.org/cvss/v3.1\') and @name=\'exploit-code-maturity\']/@value",values={@AllowedValue(value="not-defined",description="Not Defined"),@AllowedValue(value="unproven",description="Unproven"),@AllowedValue(value="proof-of-concept",description="Proof-of-Concept"),@AllowedValue(value="functional",description="Functional"),@AllowedValue(value="high",description="High")}) @AllowedValues(level=ERROR,target="(.)[@system=(\'http://www.first.org/cvss/v3.0\', \'http://www.first.org/cvss/v3.1\') and @name=\'remediation-level\']/@value",values={@AllowedValue(value="not-defined",description="Not Defined"),@AllowedValue(value="official-fix",description="Official Fix"),@AllowedValue(value="temporary-fix",description="Temporary Fix"),@AllowedValue(value="workaround",description="Workaround"),@AllowedValue(value="unavailable",description="Unavailable")}) @AllowedValues(level=ERROR,target="(.)[@system=(\'http://www.first.org/cvss/v3.0\', \'http://www.first.org/cvss/v3.1\') and @name=\'report-confidence\']/@value",values={@AllowedValue(value="not-defined",description="Not Defined"),@AllowedValue(value="unknown",description="Unknown"),@AllowedValue(value="reasonable",description="Reasonable"),@AllowedValue(value="confirmed",description="Confirmed")}) @AllowedValues(level=ERROR,target="(.)[@system=(\'http://www.first.org/cvss/v3.0\', \'http://www.first.org/cvss/v3.1\') and @name=(\'confidentiality-requirement\', \'integrity-requirement\', \'availability-requirement\')]/@value",values={@AllowedValue(value="not-defined",description="Not Defined"),@AllowedValue(value="low",description="Low"),@AllowedValue(value="medium",description="Medium"),@AllowedValue(value="high",description="High")}) @AllowedValues(level=ERROR,target="(.)[@system=(\'http://www.first.org/cvss/v3.0\', \'http://www.first.org/cvss/v3.1\') and @name=\'modified-attack-vector\']/@value",values={@AllowedValue(value="not-defined",description="Not Defined"),@AllowedValue(value="network",description="Network"),@AllowedValue(value="adjacent",description="Adjacent"),@AllowedValue(value="local",description="Local"),@AllowedValue(value="physical",description="Physical")}) @AllowedValues(level=ERROR,target="(.)[@system=(\'http://www.first.org/cvss/v3.0\', \'http://www.first.org/cvss/v3.1\') and @name=\'modified-attack-complexity\']/@value",values={@AllowedValue(value="not-defined",description="Not Defined"),@AllowedValue(value="high",description="High"),@AllowedValue(value="low",description="Low")}) @AllowedValues(level=ERROR,target="(.)[@system=(\'http://www.first.org/cvss/v3.0\', \'http://www.first.org/cvss/v3.1\') and @name=(\'modified-privileges-required\', \'modified-confidentiality\', \'modified-integrity\', \'modified-availability\')]/@value",values={@AllowedValue(value="not-defined",description="Not Defined"),@AllowedValue(value="none",description="None"),@AllowedValue(value="low",description="Low"),@AllowedValue(value="high",description="High")}) @AllowedValues(level=ERROR,target="(.)[@system=(\'http://www.first.org/cvss/v3.0\', \'http://www.first.org/cvss/v3.1\') and @name=\'modified-user-interaction\']/@value",values={@AllowedValue(value="not-defined",description="Not Defined"),@AllowedValue(value="none",description="None"),@AllowedValue(value="required",description="Required")}) @AllowedValues(level=ERROR,target="(.)[@system=(\'http://www.first.org/cvss/v3.0\', \'http://www.first.org/cvss/v3.1\') and @name=\'modified-scope\']/@value",values={@AllowedValue(value="not-defined",description="Not Defined"),@AllowedValue(value="unchanged",description="Unchanged"),@AllowedValue(value="changed",description="Changed")})) public static class Characterization.Facet extends Object implements gov.nist.secauto.metaschema.core.model.IBoundObject

An individual characteristic that is part of a larger set produced by the same actor.

Constructor Summary

Constructors

Constructor

Description

Facet()

Facet(gov.nist.secauto.metaschema.core.model.IMetaschemaData data)
Method Summary

Modifier and Type

Method

Description

boolean

addLink(Link item)

Add a new Link item to the underlying collection.

boolean

addProp(Property item)

Add a new Property item to the underlying collection.

List<Link>

getLinks()

gov.nist.secauto.metaschema.core.model.IMetaschemaData

getMetaschemaData()

String

getName()

List<Property>

getProps()

gov.nist.secauto.metaschema.core.datatype.markup.MarkupMultiline

getRemarks()

URI

getSystem()

String

getValue()

boolean

removeLink(Link item)

Remove the first matching Link item from the underlying collection.

boolean

removeProp(Property item)

Remove the first matching Property item from the underlying collection.

void

setLinks(List<Link> value)

void

setName(String value)

void

setProps(List<Property> value)

void

setRemarks(gov.nist.secauto.metaschema.core.datatype.markup.MarkupMultiline value)

void

setSystem(URI value)

void

setValue(String value)

String

toString()

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Details
- Facet
  
  public Facet()
- Facet
  
  public Facet(gov.nist.secauto.metaschema.core.model.IMetaschemaData data)
Method Details
- getMetaschemaData
  
  public gov.nist.secauto.metaschema.core.model.IMetaschemaData getMetaschemaData()
  
  Specified by:
  
  getMetaschemaData in interface gov.nist.secauto.metaschema.core.model.IBoundObject
- getName
  
  public String getName()
- setName
  
  public void setName(String value)
- getSystem
  
  public URI getSystem()
- setSystem
  
  public void setSystem(URI value)
- getValue
  
  public String getValue()
- setValue
  
  public void setValue(String value)
- getProps
  
  public List<Property> getProps()
- setProps
  
  public void setProps(List<Property> value)
- addProp
  
  public boolean addProp(Property item)
  
  Add a new Property item to the underlying collection.
  
  Parameters:
  
  item - the item to add
  
  Returns:
  
  true
- removeProp
  
  public boolean removeProp(Property item)
  
  Remove the first matching Property item from the underlying collection.
  
  Parameters:
  
  item - the item to remove
  
  Returns:
  
  true if the item was removed or false otherwise
- getLinks
  
  public List<Link> getLinks()
- setLinks
  
  public void setLinks(List<Link> value)
- addLink
  
  public boolean addLink(Link item)
  
  Add a new Link item to the underlying collection.
  
  Parameters:
  
  item - the item to add
  
  Returns:
  
  true
- removeLink
  
  public boolean removeLink(Link item)
  
  Remove the first matching Link item from the underlying collection.
  
  Parameters:
  
  item - the item to remove
  
  Returns:
  
  true if the item was removed or false otherwise
- getRemarks
  
  public gov.nist.secauto.metaschema.core.datatype.markup.MarkupMultiline getRemarks()
- setRemarks
  
  public void setRemarks(gov.nist.secauto.metaschema.core.datatype.markup.MarkupMultiline value)
- toString
  
  public String toString()
  
  Overrides:
  
  toString in class Object

Class Characterization.Facet

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Details

Facet

Facet

Method Details

getMetaschemaData

getName

setName

getSystem

setSystem

getValue

setValue

getProps

setProps

addProp

removeProp

getLinks

setLinks

addLink

removeLink

getRemarks

setRemarks

toString