|
236 | 236 | <assembly ref="link" max-occurs="unbounded"> |
237 | 237 | <group-as name="links" in-json="ARRAY"/> |
238 | 238 | </assembly> |
239 | | - <define-assembly name="confidentiality-impact" min-occurs="1"> |
| 239 | + <assembly ref="impact"> |
240 | 240 | <formal-name>Confidentiality Impact Level</formal-name> |
241 | 241 | <description>The expected level of impact resulting from the unauthorized disclosure of the described information.</description> |
242 | | - <model> |
243 | | - <assembly ref="property" max-occurs="unbounded"> |
244 | | - <group-as name="props" in-json="ARRAY"/> |
245 | | - </assembly> |
246 | | - <assembly ref="link" max-occurs="unbounded"> |
247 | | - <group-as name="links" in-json="ARRAY"/> |
248 | | - </assembly> |
249 | | - <field ref="base" min-occurs="1"/> |
250 | | - <field ref="selected"/> |
251 | | - <field ref="adjustment-justification" in-xml="WITH_WRAPPER"/> |
252 | | - </model> |
253 | | - </define-assembly> |
254 | | - <define-assembly name="integrity-impact" min-occurs="1"> |
| 242 | + <use-name>confidentiality-impact</use-name> |
| 243 | + </assembly> |
| 244 | + <assembly ref="impact"> |
255 | 245 | <formal-name>Integrity Impact Level</formal-name> |
256 | 246 | <description>The expected level of impact resulting from the unauthorized modification of the described information.</description> |
257 | | - <model> |
258 | | - <assembly ref="property" max-occurs="unbounded"> |
259 | | - <group-as name="props" in-json="ARRAY"/> |
260 | | - </assembly> |
261 | | - <assembly ref="link" max-occurs="unbounded"> |
262 | | - <group-as name="links" in-json="ARRAY"/> |
263 | | - </assembly> |
264 | | - <field ref="base" min-occurs="1"/> |
265 | | - <field ref="selected"/> |
266 | | - <field ref="adjustment-justification" in-xml="WITH_WRAPPER"/> |
267 | | - </model> |
268 | | - </define-assembly> |
269 | | - <define-assembly name="availability-impact" min-occurs="1"> |
| 247 | + <use-name>integrity-impact</use-name> |
| 248 | + </assembly> |
| 249 | + <assembly ref="impact"> |
270 | 250 | <formal-name>Availability Impact Level</formal-name> |
271 | 251 | <description>The expected level of impact resulting from the disruption of access to or use of the described information or the information system.</description> |
272 | | - <model> |
273 | | - <assembly ref="property" max-occurs="unbounded"> |
274 | | - <group-as name="props" in-json="ARRAY"/> |
275 | | - </assembly> |
276 | | - <assembly ref="link" max-occurs="unbounded"> |
277 | | - <group-as name="links" in-json="ARRAY"/> |
278 | | - </assembly> |
279 | | - <field ref="base" min-occurs="1"/> |
280 | | - <field ref="selected"/> |
281 | | - <field ref="adjustment-justification" in-xml="WITH_WRAPPER"/> |
282 | | - </model> |
283 | | - </define-assembly> |
| 252 | + <use-name>availability-impact</use-name> |
| 253 | + </assembly> |
284 | 254 | </model> |
285 | 255 | <constraint> |
286 | 256 | <expect level="WARNING" target="." test="@uuid"> |
|
318 | 288 | </allowed-values> |
319 | 289 | </constraint> |
320 | 290 | </define-assembly> |
| 291 | + <define-assembly name="impact"> |
| 292 | + <formal-name>Impact Level</formal-name> |
| 293 | + <description>The expected level of impact resulting from the described information.</description> |
| 294 | + <model> |
| 295 | + <assembly ref="property" max-occurs="unbounded"> |
| 296 | + <group-as name="props" in-json="ARRAY"/> |
| 297 | + </assembly> |
| 298 | + <assembly ref="link" max-occurs="unbounded"> |
| 299 | + <group-as name="links" in-json="ARRAY"/> |
| 300 | + </assembly> |
| 301 | + <field ref="base" min-occurs="1"/> |
| 302 | + <field ref="selected"/> |
| 303 | + <field ref="adjustment-justification" in-xml="WITH_WRAPPER"/> |
| 304 | + </model> |
| 305 | + </define-assembly> |
321 | 306 | <define-field name="base" as-type="string" scope="local"> |
322 | 307 | <formal-name>Base Level (Confidentiality, Integrity, or Availability)</formal-name> |
323 | 308 | <description>The prescribed base (Confidentiality, Integrity, or Availability) security impact level.</description> |
|
0 commit comments