mcp-server-for-oscal 0.1.5__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- mcp_server_for_oscal/__init__.py +0 -0
- mcp_server_for_oscal/__main__.py +7 -0
- mcp_server_for_oscal/config.py +72 -0
- mcp_server_for_oscal/main.py +131 -0
- mcp_server_for_oscal/oscal_agent.py +40 -0
- mcp_server_for_oscal/oscal_docs/awesome-oscal.md +181 -0
- mcp_server_for_oscal/oscal_schemas/README.md +116 -0
- mcp_server_for_oscal/oscal_schemas/oscal_assessment-plan_schema.json +1 -0
- mcp_server_for_oscal/oscal_schemas/oscal_assessment-plan_schema.xsd +5268 -0
- mcp_server_for_oscal/oscal_schemas/oscal_assessment-results_schema.json +1 -0
- mcp_server_for_oscal/oscal_schemas/oscal_assessment-results_schema.xsd +5555 -0
- mcp_server_for_oscal/oscal_schemas/oscal_catalog_schema.json +1 -0
- mcp_server_for_oscal/oscal_schemas/oscal_catalog_schema.xsd +2071 -0
- mcp_server_for_oscal/oscal_schemas/oscal_complete_schema.json +1 -0
- mcp_server_for_oscal/oscal_schemas/oscal_complete_schema.xsd +9326 -0
- mcp_server_for_oscal/oscal_schemas/oscal_component_schema.json +1 -0
- mcp_server_for_oscal/oscal_schemas/oscal_component_schema.xsd +3011 -0
- mcp_server_for_oscal/oscal_schemas/oscal_mapping_schema.json +1 -0
- mcp_server_for_oscal/oscal_schemas/oscal_mapping_schema.xsd +2226 -0
- mcp_server_for_oscal/oscal_schemas/oscal_poam_schema.json +1 -0
- mcp_server_for_oscal/oscal_schemas/oscal_poam_schema.xsd +5406 -0
- mcp_server_for_oscal/oscal_schemas/oscal_profile_schema.json +1 -0
- mcp_server_for_oscal/oscal_schemas/oscal_profile_schema.xsd +2493 -0
- mcp_server_for_oscal/oscal_schemas/oscal_ssp_schema.json +1 -0
- mcp_server_for_oscal/oscal_schemas/oscal_ssp_schema.xsd +3945 -0
- mcp_server_for_oscal/py.typed +0 -0
- mcp_server_for_oscal/tools/__init__.py +5 -0
- mcp_server_for_oscal/tools/get_schema.py +101 -0
- mcp_server_for_oscal/tools/list_models.py +79 -0
- mcp_server_for_oscal/tools/list_oscal_resources.py +123 -0
- mcp_server_for_oscal/tools/query_documentation.py +75 -0
- mcp_server_for_oscal/tools/utils.py +37 -0
- mcp_server_for_oscal-0.1.5.dist-info/METADATA +137 -0
- mcp_server_for_oscal-0.1.5.dist-info/RECORD +38 -0
- mcp_server_for_oscal-0.1.5.dist-info/WHEEL +4 -0
- mcp_server_for_oscal-0.1.5.dist-info/entry_points.txt +2 -0
- mcp_server_for_oscal-0.1.5.dist-info/licenses/LICENSE +175 -0
- mcp_server_for_oscal-0.1.5.dist-info/licenses/NOTICE +1 -0
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"$schema":"http://json-schema.org/draft-07/schema#","$id":"http://csrc.nist.gov/ns/oscal/1.2.0/oscal-mapping-schema.json","$comment":"OSCAL Control Mapping Model: JSON Schema","type":"object","definitions":{"json-schema-directive":{"title":"Schema Directive","description":"A JSON Schema directive to bind a specific schema to its document instance.","$id":"#/definitions/json-schema-directive","$ref":"#/definitions/URIReferenceDatatype"},"oscal-mapping-oscal-mapping:mapping-collection":{"title":"Mapping Collection","description":"A collection of relationship-based control and/or control statement mappings.","$id":"#/definitions/oscal-mapping-oscal-mapping:mapping-collection","type":"object","properties":{"uuid":{"title":"Mapping Collection Universally Unique Identifier","description":"A globally unique identifier with cross-instance scope for this catalog instance. This UUID should be changed when this document is revised.","$ref":"#/definitions/UUIDDatatype"},"metadata":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:metadata"},"provenance":{"$ref":"#/definitions/oscal-mapping-oscal-mapping-common:mapping-provenance"},"mappings":{"anyOf":[{"$ref":"#/definitions/oscal-mapping-oscal-mapping-common:mapping"},{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-mapping-common:mapping"}}]},"back-matter":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:back-matter"}},"required":["uuid","metadata","provenance","mappings"],"additionalProperties":false},"oscal-mapping-oscal-metadata:metadata":{"title":"Document Metadata","description":"Provides information about the containing document, and defines concepts that are shared across the document.","$id":"#/definitions/oscal-mapping-oscal-metadata:metadata","type":"object","properties":{"title":{"title":"Document Title","description":"A name given to the document, which may be used by a tool for display and navigation.","$ref":"#/definitions/MarkupLineDatatype"},"published":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:published"},"last-modified":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:last-modified"},"version":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:version"},"oscal-version":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:oscal-version"},"revisions":{"type":"array","minItems":1,"items":{"title":"Revision History Entry","description":"An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).","type":"object","properties":{"title":{"title":"Document Title","description":"A name given to the document revision, which may be used by a tool for display and navigation.","$ref":"#/definitions/MarkupLineDatatype"},"published":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:published"},"last-modified":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:last-modified"},"version":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:version"},"oscal-version":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:oscal-version"},"props":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:property"}},"links":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:link"}},"remarks":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:remarks"}},"required":["version"],"additionalProperties":false}},"document-ids":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:document-id"}},"props":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:property"}},"links":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:link"}},"roles":{"type":"array","minItems":1,"items":{"title":"Role","description":"Defines a function, which might be assigned to a party in a specific situation.","type":"object","properties":{"id":{"title":"Role Identifier","description":"A unique identifier for the role.","$ref":"#/definitions/TokenDatatype"},"title":{"title":"Role Title","description":"A name given to the role, which may be used by a tool for display and navigation.","$ref":"#/definitions/MarkupLineDatatype"},"short-name":{"title":"Role Short Name","description":"A short common name, abbreviation, or acronym for the role.","$ref":"#/definitions/StringDatatype"},"description":{"title":"Role Description","description":"A summary of the role's purpose and associated responsibilities.","$ref":"#/definitions/MarkupMultilineDatatype"},"props":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:property"}},"links":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:link"}},"remarks":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:remarks"}},"required":["id","title"],"additionalProperties":false}},"locations":{"type":"array","minItems":1,"items":{"title":"Location","description":"A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.","type":"object","properties":{"uuid":{"title":"Location Universally Unique Identifier","description":"A unique ID for the location, for reference.","$ref":"#/definitions/UUIDDatatype"},"title":{"title":"Location Title","description":"A name given to the location, which may be used by a tool for display and navigation.","$ref":"#/definitions/MarkupLineDatatype"},"address":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:address"},"email-addresses":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:email-address"}},"telephone-numbers":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:telephone-number"}},"urls":{"type":"array","minItems":1,"items":{"title":"Location URL","description":"The uniform resource locator (URL) for a web site or other resource associated with the location.","$ref":"#/definitions/URIDatatype"}},"props":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:property"}},"links":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:link"}},"remarks":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:remarks"}},"required":["uuid"],"additionalProperties":false}},"parties":{"type":"array","minItems":1,"items":{"title":"Party","description":"An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.","type":"object","anyOf":[{"properties":{"uuid":{"title":"Party Universally Unique Identifier","description":"A unique identifier for the party.","$ref":"#/definitions/UUIDDatatype"},"type":{"title":"Party Type","description":"A category describing the kind of party the object describes.","allOf":[{"$ref":"#/definitions/StringDatatype"},{"enum":["person","organization"]}]},"name":{"title":"Party Name","description":"The full name of the party. This is typically the legal name associated with the party.","$ref":"#/definitions/StringDatatype"},"short-name":{"title":"Party Short Name","description":"A short common name, abbreviation, or acronym for the party.","$ref":"#/definitions/StringDatatype"},"external-ids":{"type":"array","minItems":1,"items":{"title":"Party External Identifier","description":"An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).","type":"object","properties":{"scheme":{"title":"External Identifier Schema","description":"Indicates the type of external identifier.","anyOf":[{"$ref":"#/definitions/URIDatatype"},{"enum":["http://orcid.org/"]}]},"id":{"$ref":"#/definitions/StringDatatype"}},"required":["id","scheme"],"additionalProperties":false}},"props":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:property"}},"links":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:link"}},"email-addresses":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:email-address"}},"telephone-numbers":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:telephone-number"}},"addresses":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:address"}},"member-of-organizations":{"type":"array","minItems":1,"items":{"title":"Organizational Affiliation","description":"A reference to another party by UUID, typically an organization, that this subject is associated with.","$ref":"#/definitions/UUIDDatatype"}},"remarks":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:remarks"}},"additionalProperties":false},{"properties":{"uuid":{"title":"Party Universally Unique Identifier","description":"A unique identifier for the party.","$ref":"#/definitions/UUIDDatatype"},"type":{"title":"Party Type","description":"A category describing the kind of party the object describes.","allOf":[{"$ref":"#/definitions/StringDatatype"},{"enum":["person","organization"]}]},"name":{"title":"Party Name","description":"The full name of the party. This is typically the legal name associated with the party.","$ref":"#/definitions/StringDatatype"},"short-name":{"title":"Party Short Name","description":"A short common name, abbreviation, or acronym for the party.","$ref":"#/definitions/StringDatatype"},"external-ids":{"type":"array","minItems":1,"items":{"title":"Party External Identifier","description":"An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID).","type":"object","properties":{"scheme":{"title":"External Identifier Schema","description":"Indicates the type of external identifier.","anyOf":[{"$ref":"#/definitions/URIDatatype"},{"enum":["http://orcid.org/"]}]},"id":{"$ref":"#/definitions/StringDatatype"}},"required":["id","scheme"],"additionalProperties":false}},"props":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:property"}},"links":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:link"}},"email-addresses":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:email-address"}},"telephone-numbers":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:telephone-number"}},"location-uuids":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:location-uuid"}},"member-of-organizations":{"type":"array","minItems":1,"items":{"title":"Organizational Affiliation","description":"A reference to another party by UUID, typically an organization, that this subject is associated with.","$ref":"#/definitions/UUIDDatatype"}},"remarks":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:remarks"}},"additionalProperties":false}]}},"responsible-parties":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:responsible-party"}},"actions":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:action"}},"remarks":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:remarks"}},"required":["title","last-modified","version","oscal-version"],"additionalProperties":false},"oscal-mapping-oscal-metadata:location-uuid":{"title":"Location Universally Unique Identifier Reference","description":"Reference to a location by UUID.","$id":"#/definitions/oscal-mapping-oscal-metadata:location-uuid","$ref":"#/definitions/UUIDDatatype"},"oscal-mapping-oscal-metadata:party-uuid":{"title":"Party Universally Unique Identifier Reference","description":"Reference to a party by UUID.","$id":"#/definitions/oscal-mapping-oscal-metadata:party-uuid","$ref":"#/definitions/UUIDDatatype"},"oscal-mapping-oscal-metadata:role-id":{"title":"Role Identifier Reference","description":"Reference to a role by UUID.","$id":"#/definitions/oscal-mapping-oscal-metadata:role-id","$ref":"#/definitions/TokenDatatype"},"oscal-mapping-oscal-metadata:back-matter":{"title":"Back matter","description":"A collection of resources that may be referenced from within the OSCAL document instance.","$id":"#/definitions/oscal-mapping-oscal-metadata:back-matter","type":"object","properties":{"resources":{"type":"array","minItems":1,"items":{"title":"Resource","description":"A resource associated with content in the containing document instance. A resource may be directly included in the document using base64 encoding or may point to one or more equivalent internet resources.","type":"object","properties":{"uuid":{"title":"Resource Universally Unique Identifier","description":"A unique identifier for a resource.","$ref":"#/definitions/UUIDDatatype"},"title":{"title":"Resource Title","description":"An optional name given to the resource, which may be used by a tool for display and navigation.","$ref":"#/definitions/MarkupLineDatatype"},"description":{"title":"Resource Description","description":"An optional short summary of the resource used to indicate the purpose of the resource.","$ref":"#/definitions/MarkupMultilineDatatype"},"props":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:property"}},"document-ids":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:document-id"}},"citation":{"title":"Citation","description":"An optional citation consisting of end note text using structured markup.","type":"object","properties":{"text":{"title":"Citation Text","description":"A line of citation text.","$ref":"#/definitions/MarkupLineDatatype"},"props":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:property"}},"links":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:link"}}},"required":["text"],"additionalProperties":false},"rlinks":{"type":"array","minItems":1,"items":{"title":"Resource link","description":"A URL-based pointer to an external resource with an optional hash for verification and change detection.","type":"object","properties":{"href":{"title":"Hypertext Reference","description":"A resolvable URL pointing to the referenced resource.","$ref":"#/definitions/URIReferenceDatatype"},"media-type":{"title":"Media Type","description":"A label that indicates the nature of a resource, as a data serialization or format.","$ref":"#/definitions/StringDatatype"},"hashes":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:hash"}}},"required":["href"],"additionalProperties":false}},"base64":{"title":"Base64","description":"A resource encoded using the Base64 alphabet defined by RFC 2045.","type":"object","properties":{"filename":{"title":"File Name","description":"Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.","$ref":"#/definitions/TokenDatatype"},"media-type":{"title":"Media Type","description":"A label that indicates the nature of a resource, as a data serialization or format.","$ref":"#/definitions/StringDatatype"},"value":{"$ref":"#/definitions/Base64Datatype"}},"required":["value"],"additionalProperties":false},"remarks":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:remarks"}},"required":["uuid"],"additionalProperties":false}}},"additionalProperties":false},"oscal-mapping-oscal-metadata:property":{"title":"Property","description":"An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.","$id":"#/definitions/oscal-mapping-oscal-metadata:property","type":"object","properties":{"name":{"title":"Property Name","description":"A textual label, within a namespace, that identifies a specific attribute, characteristic, or quality of the property's containing object.","$ref":"#/definitions/TokenDatatype"},"uuid":{"title":"Property Universally Unique Identifier","description":"A unique identifier for a property.","$ref":"#/definitions/UUIDDatatype"},"ns":{"title":"Property Namespace","description":"A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.","$ref":"#/definitions/URIDatatype"},"value":{"title":"Property Value","description":"Indicates the value of the attribute, characteristic, or quality.","$ref":"#/definitions/StringDatatype"},"class":{"title":"Property Class","description":"A textual label that provides a sub-type or characterization of the property's name.","$ref":"#/definitions/TokenDatatype"},"group":{"title":"Property Group","description":"An identifier for relating distinct sets of properties.","$ref":"#/definitions/TokenDatatype"},"remarks":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:remarks"}},"required":["name","value"],"additionalProperties":false},"oscal-mapping-oscal-metadata:link":{"title":"Link","description":"A reference to a local or remote resource, that has a specific relation to the containing object.","$id":"#/definitions/oscal-mapping-oscal-metadata:link","type":"object","properties":{"href":{"title":"Hypertext Reference","description":"A resolvable URL reference to a resource.","$ref":"#/definitions/URIReferenceDatatype"},"rel":{"title":"Link Relation Type","description":"Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.","anyOf":[{"$ref":"#/definitions/TokenDatatype"},{"enum":["reference"]}]},"media-type":{"title":"Media Type","description":"A label that indicates the nature of a resource, as a data serialization or format.","$ref":"#/definitions/StringDatatype"},"resource-fragment":{"title":"Resource Fragment","description":"In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.","$ref":"#/definitions/StringDatatype"},"text":{"title":"Link Text","description":"A textual label to associate with the link, which may be used for presentation in a tool.","$ref":"#/definitions/MarkupLineDatatype"}},"required":["href"],"additionalProperties":false},"oscal-mapping-oscal-metadata:responsible-party":{"title":"Responsible Party","description":"A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.","$id":"#/definitions/oscal-mapping-oscal-metadata:responsible-party","type":"object","properties":{"role-id":{"title":"Responsible Role","description":"A reference to a role performed by a party.","$ref":"#/definitions/TokenDatatype"},"party-uuids":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:party-uuid"}},"props":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:property"}},"links":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:link"}},"remarks":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:remarks"}},"required":["role-id","party-uuids"],"additionalProperties":false},"oscal-mapping-oscal-metadata:action":{"title":"Action","description":"An action applied by a role within a given party to the content.","$id":"#/definitions/oscal-mapping-oscal-metadata:action","type":"object","properties":{"uuid":{"title":"Action Universally Unique Identifier","description":"A unique identifier that can be used to reference this defined action elsewhere in an OSCAL document. A UUID should be consistently used for a given location across revisions of the document.","$ref":"#/definitions/UUIDDatatype"},"date":{"title":"Action Occurrence Date","description":"The date and time when the action occurred.","$ref":"#/definitions/DateTimeWithTimezoneDatatype"},"type":{"title":"Action Type","description":"The type of action documented by the assembly, such as an approval.","$ref":"#/definitions/TokenDatatype"},"system":{"title":"Action Type System","description":"Specifies the action type system used.","$ref":"#/definitions/URIDatatype"},"props":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:property"}},"links":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:link"}},"responsible-parties":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:responsible-party"}},"remarks":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:remarks"}},"required":["uuid","type","system"],"additionalProperties":false},"oscal-mapping-oscal-metadata:responsible-role":{"title":"Responsible Role","description":"A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.","$id":"#/definitions/oscal-mapping-oscal-metadata:responsible-role","type":"object","properties":{"role-id":{"title":"Responsible Role ID","description":"A human-oriented identifier reference to a role performed.","$ref":"#/definitions/TokenDatatype"},"props":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:property"}},"links":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:link"}},"party-uuids":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:party-uuid"}},"remarks":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:remarks"}},"required":["role-id"],"additionalProperties":false},"oscal-mapping-oscal-metadata:hash":{"title":"Hash","description":"A representation of a cryptographic digest generated over a resource using a specified hash algorithm.","$id":"#/definitions/oscal-mapping-oscal-metadata:hash","type":"object","properties":{"algorithm":{"title":"Hash algorithm","description":"The digest method by which a hash is derived.","anyOf":[{"$ref":"#/definitions/StringDatatype"},{"enum":["SHA-224","SHA-256","SHA-384","SHA-512","SHA3-224","SHA3-256","SHA3-384","SHA3-512"]}]},"value":{"$ref":"#/definitions/StringDatatype"}},"required":["value","algorithm"],"additionalProperties":false},"oscal-mapping-oscal-metadata:remarks":{"title":"Remarks","description":"Additional commentary about the containing object.","$id":"#/definitions/oscal-mapping-oscal-metadata:remarks","$ref":"#/definitions/MarkupMultilineDatatype"},"oscal-mapping-oscal-metadata:published":{"title":"Publication Timestamp","description":"The date and time the document was last made available.","$id":"#/definitions/oscal-mapping-oscal-metadata:published","$ref":"#/definitions/DateTimeWithTimezoneDatatype"},"oscal-mapping-oscal-metadata:last-modified":{"title":"Last Modified Timestamp","description":"The date and time the document was last stored for later retrieval.","$id":"#/definitions/oscal-mapping-oscal-metadata:last-modified","$ref":"#/definitions/DateTimeWithTimezoneDatatype"},"oscal-mapping-oscal-metadata:version":{"title":"Document Version","description":"Used to distinguish a specific revision of an OSCAL document from other previous and future versions.","$id":"#/definitions/oscal-mapping-oscal-metadata:version","$ref":"#/definitions/StringDatatype"},"oscal-mapping-oscal-metadata:oscal-version":{"title":"OSCAL Version","description":"The OSCAL model version the document was authored against and will conform to as valid.","$id":"#/definitions/oscal-mapping-oscal-metadata:oscal-version","$ref":"#/definitions/StringDatatype"},"oscal-mapping-oscal-metadata:email-address":{"title":"Email Address","description":"An email address as defined by RFC 5322 Section 3.4.1.","$id":"#/definitions/oscal-mapping-oscal-metadata:email-address","$ref":"#/definitions/EmailAddressDatatype"},"oscal-mapping-oscal-metadata:telephone-number":{"title":"Telephone Number","description":"A telephone service number as defined by ITU-T E.164.","$id":"#/definitions/oscal-mapping-oscal-metadata:telephone-number","type":"object","properties":{"type":{"title":"type flag","description":"Indicates the type of phone number.","anyOf":[{"$ref":"#/definitions/StringDatatype"},{"enum":["home","office","mobile"]}]},"number":{"$ref":"#/definitions/StringDatatype"}},"required":["number"],"additionalProperties":false},"oscal-mapping-oscal-metadata:address":{"title":"Address","description":"A postal address for the location.","$id":"#/definitions/oscal-mapping-oscal-metadata:address","type":"object","properties":{"type":{"title":"Address Type","description":"Indicates the type of address.","anyOf":[{"$ref":"#/definitions/TokenDatatype"},{"enum":["home","work"]}]},"addr-lines":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:addr-line"}},"city":{"title":"City","description":"City, town or geographical region for the mailing address.","$ref":"#/definitions/StringDatatype"},"state":{"title":"State","description":"State, province or analogous geographical region for a mailing address.","$ref":"#/definitions/StringDatatype"},"postal-code":{"title":"Postal Code","description":"Postal or ZIP code for mailing address.","$ref":"#/definitions/StringDatatype"},"country":{"title":"Country Code","description":"The ISO 3166-1 alpha-2 country code for the mailing address.","$ref":"#/definitions/StringDatatype"}},"additionalProperties":false},"oscal-mapping-oscal-metadata:addr-line":{"title":"Address line","description":"A single line of an address.","$id":"#/definitions/oscal-mapping-oscal-metadata:addr-line","$ref":"#/definitions/StringDatatype"},"oscal-mapping-oscal-metadata:document-id":{"title":"Document Identifier","description":"A document identifier qualified by an identifier scheme.","$id":"#/definitions/oscal-mapping-oscal-metadata:document-id","type":"object","properties":{"scheme":{"title":"Document Identification Scheme","description":"Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.","anyOf":[{"$ref":"#/definitions/URIDatatype"},{"enum":["http://www.doi.org/"]}]},"identifier":{"$ref":"#/definitions/StringDatatype"}},"required":["identifier"],"additionalProperties":false},"oscal-mapping-oscal-mapping-common:mapping":{"title":"Control Mapping","description":"A mapping between two target resources.","$id":"#/definitions/oscal-mapping-oscal-mapping-common:mapping","type":"object","properties":{"uuid":{"title":"Mapping Universally Unique Identifier","description":"A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping definition elsewhere in this or other OSCAL instances. The locally defined UUID of the mapping can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same mapping across revisions of the document.","$ref":"#/definitions/UUIDDatatype"},"method":{"title":"Method","description":"The method used to complete the overall mapping.","allOf":[{"$ref":"#/definitions/StringDatatype"},{"enum":["human","automation","hybrid"]}]},"matching-rationale":{"title":"Matching","description":"The method used for relating controls within the mapping. The supported methods are aligned with the NIST Interagency Report (IR) 8477, Section 4.3 Set Theory Relationship Mapping.","allOf":[{"$ref":"#/definitions/StringDatatype"},{"enum":["syntactic","semantic","functional"]}]},"status":{"title":"Status","description":"The current status of this mapping document.","allOf":[{"$ref":"#/definitions/StringDatatype"},{"enum":["complete","not-complete","draft","deprecated","superseded"]}]},"source-resource":{"$ref":"#/definitions/oscal-mapping-oscal-mapping-common:mapping-resource-reference"},"target-resource":{"$ref":"#/definitions/oscal-mapping-oscal-mapping-common:mapping-resource-reference"},"maps":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-mapping-common:map"}},"props":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:property"}},"links":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:link"}},"remarks":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:remarks"},"mapping-description":{"$ref":"#/definitions/oscal-mapping-oscal-mapping-common:mapping-description"},"source-gap-summary":{"$ref":"#/definitions/oscal-mapping-oscal-mapping-common:gap-summary"},"target-gap-summary":{"$ref":"#/definitions/oscal-mapping-oscal-mapping-common:gap-summary"},"confidence-score":{"$ref":"#/definitions/oscal-mapping-oscal-mapping-common:confidence-score"},"coverage":{"$ref":"#/definitions/oscal-mapping-oscal-mapping-common:coverage"}},"required":["uuid","source-resource","target-resource","maps"],"additionalProperties":false},"oscal-mapping-oscal-mapping-common:map":{"title":"Mapping Entry","description":"A relationship-based mapping between a source and target set consisting of members (i.e., controls, control statements) from the respective source and target.","$id":"#/definitions/oscal-mapping-oscal-mapping-common:map","type":"object","properties":{"uuid":{"title":"Mapping Entry Identifier","description":"The unique identifier for the mapping entry.","$ref":"#/definitions/UUIDDatatype"},"ns":{"title":"Relationship Value Namespace","description":"A namespace qualifying the relationship's value. This allows different organizations to associate distinct semantics for relationships with the same name.","$ref":"#/definitions/URIDatatype"},"matching-rationale":{"title":"Matching","description":"The method used for relating controls within the mapping. The supported methods are aligned with the NIST Interagency Report (IR) 8477, Section 4.3 Set Theory Relationship Mapping.","allOf":[{"$ref":"#/definitions/StringDatatype"},{"enum":["syntactic","semantic","functional"]}]},"relationship":{"title":"Mapping Entry Relationship","description":"The relationship type for the mapping entry, which describes the relationship between the effective requirements of the specified source and target sets in the context of the matching-rationale method globaly defined in the provenance unless overwritten locally in the map. The relationship type and the matching-rationale must be used together. However, more than one matching-rationale method may apply to a source and target pair.","$ref":"#/definitions/TokenDatatype"},"sources":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-mapping-common:mapping-item"}},"targets":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-mapping-common:mapping-item"}},"qualifiers":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-mapping-common:qualifier-item"}},"confidence-score":{"$ref":"#/definitions/oscal-mapping-oscal-mapping-common:confidence-score"},"coverage":{"$ref":"#/definitions/oscal-mapping-oscal-mapping-common:coverage"},"props":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:property"}},"links":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:link"}},"remarks":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:remarks"}},"required":["uuid","relationship","sources","targets"],"additionalProperties":false},"oscal-mapping-oscal-mapping-common:mapping-item":{"title":"Mapping Entry Item (source or target)","description":"A specific edge within a source or target that is the subject of a mapping.","$id":"#/definitions/oscal-mapping-oscal-mapping-common:mapping-item","type":"object","properties":{"type":{"title":"Subject Type","description":"The semantic type of the subject.","allOf":[{"$ref":"#/definitions/TokenDatatype"},{"enum":["control","statement"]}]},"id-ref":{"title":"Subject Identifier Reference","description":"A reference to an identified subject that is of the specified type .","$ref":"#/definitions/StringDatatype"},"props":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:property"}},"links":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:link"}},"remarks":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:remarks"}},"required":["type","id-ref"],"additionalProperties":false},"oscal-mapping-oscal-mapping-common:mapping-resource-reference":{"title":"Mapped Resource Reference","description":"A reference to a resource that is either the source or the target of a mapping.","$id":"#/definitions/oscal-mapping-oscal-mapping-common:mapping-resource-reference","type":"object","properties":{"ns":{"title":"Resource Type Namespace","description":"An optional namespace qualifying the resource's type.","$ref":"#/definitions/URIDatatype"},"type":{"title":"Resource Type","description":"The semantic type of the resource.","anyOf":[{"$ref":"#/definitions/TokenDatatype"},{"enum":["catalog","profile"]}]},"href":{"title":"Catalog or Profile Reference","description":"A resolvable URL reference to the base catalog or profile that this profile is tailoring.","$ref":"#/definitions/URIReferenceDatatype"},"props":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:property"}},"links":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:link"}},"remarks":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:remarks"}},"required":["type","href"],"additionalProperties":false},"oscal-mapping-oscal-mapping-common:qualifier-item":{"title":"Relationship Qualifier","description":"Describes requirements, incompatibilities and gaps that are identified between a target and source in a mapping item.","$id":"#/definitions/oscal-mapping-oscal-mapping-common:qualifier-item","type":"object","properties":{"subject":{"title":"Subject","description":"The focus of the qualifier.","allOf":[{"$ref":"#/definitions/StringDatatype"},{"enum":["source","target","both"]}]},"predicate":{"title":"Predicate","description":"The predicate describes how the qualifer applies to the subject.","allOf":[{"$ref":"#/definitions/StringDatatype"},{"enum":["has-requirement","has-incompatibility"]}]},"category":{"title":"Category","description":"The category expresses the resolvable nature of the predicate.","allOf":[{"$ref":"#/definitions/StringDatatype"},{"enum":["restricted","addressable","blocked"]}]},"description":{"title":"Description of the qualifier","description":"Details that outline what requirements must be met, or cannot be met. If the qualifier identifies a gap, this should idenfity the gap, and any incompatibilities.","$ref":"#/definitions/MarkupMultilineDatatype"},"remarks":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:remarks"}},"required":["subject","predicate","category","description"],"additionalProperties":false},"oscal-mapping-oscal-mapping-common:mapping-provenance":{"title":"Mapping Provenance","description":"Describes requirements, incompatibilities and gaps that are identified between a target and source in a mapping item.","$id":"#/definitions/oscal-mapping-oscal-mapping-common:mapping-provenance","type":"object","properties":{"method":{"title":"Method","description":"The method used to complete the overall mapping.","allOf":[{"$ref":"#/definitions/StringDatatype"},{"enum":["human","automation","hybrid"]}]},"matching-rationale":{"title":"Matching","description":"The method used for relating controls within the mapping. The supported methods are aligned with the NIST Interagency Report (IR) 8477, Section 4.3 Set Theory Relationship Mapping.","allOf":[{"$ref":"#/definitions/StringDatatype"},{"enum":["syntactic","semantic","functional"]}]},"status":{"title":"Status","description":"The current status of this mapping document.","allOf":[{"$ref":"#/definitions/StringDatatype"},{"enum":["complete","not-complete","draft","deprecated","superseded"]}]},"confidence-score":{"$ref":"#/definitions/oscal-mapping-oscal-mapping-common:confidence-score"},"coverage":{"$ref":"#/definitions/oscal-mapping-oscal-mapping-common:coverage"},"mapping-description":{"$ref":"#/definitions/oscal-mapping-oscal-mapping-common:mapping-description"},"responsible-parties":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:responsible-party"}},"props":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:property"}},"links":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:link"}},"remarks":{"$ref":"#/definitions/oscal-mapping-oscal-metadata:remarks"}},"required":["method","matching-rationale","status","mapping-description"],"additionalProperties":false},"oscal-mapping-oscal-mapping-common:gap-summary":{"title":"Gap Summary","description":"A by-id collection of all controls that were not mapped at all in this mapping-collection. If a control is partially mapped, the parts of the control are not mappable, the gap and discrepancies should be documented in the relationship-gal.","$id":"#/definitions/oscal-mapping-oscal-mapping-common:gap-summary","type":"object","properties":{"uuid":{"title":"Gap Summary Universally Unique Identifier","description":"A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this mapping gap summary elsewhere in this or other OSCAL instances. The locally defined UUID of the SSP can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance).This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.","$ref":"#/definitions/UUIDDatatype"},"unmapped-controls":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-mapping-common:select-control-by-id"}}},"required":["uuid","unmapped-controls"],"additionalProperties":false},"oscal-mapping-oscal-mapping-common:select-control-by-id":{"title":"Select Control","description":"Select a control or controls from an imported control set.","$id":"#/definitions/oscal-mapping-oscal-mapping-common:select-control-by-id","type":"object","properties":{"with-child-controls":{"title":"Include Contained Controls with Control","description":"When a control is included, whether its child (dependent) controls are also included.","allOf":[{"$ref":"#/definitions/TokenDatatype"},{"enum":["yes","no"]}]},"with-ids":{"type":"array","minItems":1,"items":{"title":"Match Controls by Identifier","description":"Selecting a control by its ID given as a literal.","$ref":"#/definitions/TokenDatatype"}},"matching":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/oscal-mapping-oscal-mapping-common:matching"}}},"additionalProperties":false},"oscal-mapping-oscal-mapping-common:matching":{"title":"Match Controls by Pattern","description":"Selecting a set of controls by matching their IDs with a wildcard pattern.","$id":"#/definitions/oscal-mapping-oscal-mapping-common:matching","type":"object","additionalProperties":false},"oscal-mapping-oscal-mapping-common:confidence-score":{"title":"Confidence Score","description":"This records either a string category or a decimal value from 0-1 representing a percentage. Both of these values describe an estimation of the author's confidence that this mapping is correct and accurate.","$id":"#/definitions/oscal-mapping-oscal-mapping-common:confidence-score","type":"object","properties":{"category":{"anyOf":[{"$ref":"#/definitions/StringDatatype"},{"enum":["unspecified","high","medium","low"]}]},"percentage":{"$ref":"#/definitions/DecimalDatatype"},"STRVALUE":{"$ref":"#/definitions/StringDatatype"}},"required":["STRVALUE"],"additionalProperties":false},"oscal-mapping-oscal-mapping-common:coverage":{"title":"Coverage","description":"A decimal value from 0-1, representing the percentage coverage of the targets by the sources.","$id":"#/definitions/oscal-mapping-oscal-mapping-common:coverage","type":"object","properties":{"generation-method":{"anyOf":[{"$ref":"#/definitions/StringDatatype"},{"enum":["arbitrary"]}]},"STRVALUE":{"$ref":"#/definitions/DecimalDatatype"}},"required":["STRVALUE"],"additionalProperties":false},"oscal-mapping-oscal-mapping-common:mapping-description":{"title":"Mapping Description","description":"Description of the context and intended use of the mapping set.","$id":"#/definitions/oscal-mapping-oscal-mapping-common:mapping-description","$ref":"#/definitions/MarkupMultilineDatatype"},"Base64Datatype":{"description":"Binary data encoded using the Base 64 encoding algorithm as defined by RFC4648.","type":"string","pattern":"^[0-9A-Za-z+/]+={0,2}$","contentEncoding":"base64"},"DateTimeWithTimezoneDatatype":{"description":"A string representing a point in time with a required timezone.","type":"string","format":"date-time","pattern":"^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|(-((0[0-9]|1[0-2]):00|0[39]:30)|\\+((0[0-9]|1[0-4]):00|(0[34569]|10):30|(0[58]|12):45)))$"},"DecimalDatatype":{"description":"A real number expressed using a whole and optional fractional part separated by a period.","type":"number","pattern":"^(\\+|-)?([0-9]+(\\.[0-9]*)?|\\.[0-9]+)$"},"EmailAddressDatatype":{"description":"An email address string formatted according to RFC 6531.","allOf":[{"$ref":"#/definitions/StringDatatype"},{"type":"string","format":"email","pattern":"^.+@.+$"}]},"MarkupLineDatatype":{"description":"A single line of Markdown content conformant to the Commonmark specification.","type":"string","pattern":"^[^\n]+$"},"MarkupMultilineDatatype":{"description":"A multiple lines of Markdown content conformant to the Commonmark specification.","type":"string"},"StringDatatype":{"description":"A non-empty string with leading and trailing whitespace disallowed. Whitespace is: U+9, U+10, U+32 or [ \n\t]+","type":"string","pattern":"^\\S(.*\\S)?$"},"TokenDatatype":{"description":"A non-colonized name as defined by XML Schema Part 2: Datatypes Second Edition. https://www.w3.org/TR/xmlschema11-2/#NCName.","type":"string","pattern":"^(\\p{L}|_)(\\p{L}|\\p{N}|[.\\-_])*$"},"URIDatatype":{"description":"A universal resource identifier (URI) formatted according to RFC3986.","type":"string","format":"uri","pattern":"^[a-zA-Z][a-zA-Z0-9+\\-.]+:.+$"},"URIReferenceDatatype":{"description":"A URI Reference, either a URI or a relative-reference, formatted according to section 4.1 of RFC3986.","type":"string","format":"uri-reference"},"UUIDDatatype":{"description":"A type 4 ('random' or 'pseudorandom') or type 5 UUID per RFC 4122.","type":"string","pattern":"^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[45][0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"}},"properties":{"$schema":{"$ref":"#/definitions/json-schema-directive"},"mapping-collection":{"$ref":"#/definitions/oscal-mapping-oscal-mapping:mapping-collection"}},"required":["mapping-collection"],"additionalProperties":false}
|