SystemCharacteristics.java
package gov.nist.secauto.oscal.lib.model;
import gov.nist.secauto.metaschema.binding.model.annotations.AllowedValue;
import gov.nist.secauto.metaschema.binding.model.annotations.AllowedValues;
import gov.nist.secauto.metaschema.binding.model.annotations.AssemblyConstraints;
import gov.nist.secauto.metaschema.binding.model.annotations.BoundAssembly;
import gov.nist.secauto.metaschema.binding.model.annotations.BoundField;
import gov.nist.secauto.metaschema.binding.model.annotations.BoundFieldValue;
import gov.nist.secauto.metaschema.binding.model.annotations.GroupAs;
import gov.nist.secauto.metaschema.binding.model.annotations.IsUnique;
import gov.nist.secauto.metaschema.binding.model.annotations.KeyField;
import gov.nist.secauto.metaschema.binding.model.annotations.MetaschemaAssembly;
import gov.nist.secauto.metaschema.binding.model.annotations.ValueConstraints;
import gov.nist.secauto.metaschema.model.common.JsonGroupAsBehavior;
import gov.nist.secauto.metaschema.model.common.constraint.IConstraint;
import gov.nist.secauto.metaschema.model.common.datatype.adapter.DateAdapter;
import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupMultiline;
import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupMultilineAdapter;
import gov.nist.secauto.metaschema.model.common.datatype.object.Date;
import gov.nist.secauto.metaschema.model.common.util.ObjectUtils;
import java.lang.Override;
import java.lang.String;
import java.util.LinkedList;
import java.util.List;
import org.apache.commons.lang3.builder.MultilineRecursiveToStringStyle;
import org.apache.commons.lang3.builder.ReflectionToStringBuilder;
/**
* Contains the characteristics of the system, such as its name, purpose, and security impact level.
*/
@MetaschemaAssembly(
formalName = "System Characteristics",
description = "Contains the characteristics of the system, such as its name, purpose, and security impact level.",
name = "system-characteristics",
metaschema = OscalSspMetaschema.class
)
@ValueConstraints(
allowedValues = {
@AllowedValues(level = IConstraint.Level.ERROR, target = "prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal')]/@name", values = {@AllowedValue(value = "identity-assurance-level", description = "A value of 1, 2, or 3 as defined by [SP 800-63-3](https://doi.org/10.6028/NIST.SP.800-63-3)."), @AllowedValue(value = "authenticator-assurance-level", description = "A value of 1, 2, or 3 as defined by [SP 800-63-3](https://doi.org/10.6028/NIST.SP.800-63-3)."), @AllowedValue(value = "federation-assurance-level", description = "A value of 1, 2, or 3 as defined by [SP 800-63-3](https://doi.org/10.6028/NIST.SP.800-63-3).")}),
@AllowedValues(level = IConstraint.Level.ERROR, target = "prop[@name=('identity-assurance-level','authenticator-assurance-level','federation-assurance-level')]/@value", values = {@AllowedValue(value = "1", description = "As defined by [SP 800-63-3](https://doi.org/10.6028/NIST.SP.800-63-3)."), @AllowedValue(value = "2", description = "As defined by [SP 800-63-3](https://doi.org/10.6028/NIST.SP.800-63-3)."), @AllowedValue(value = "3", description = "As defined by [SP 800-63-3](https://doi.org/10.6028/NIST.SP.800-63-3).")}),
@AllowedValues(level = IConstraint.Level.ERROR, target = "prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal')]/@name", values = {@AllowedValue(value = "cloud-deployment-model", description = "The associated value is one of: public-cloud, private-cloud, community-cloud, government-only-cloud, hybrid-cloud, or other."), @AllowedValue(value = "cloud-service-model", description = "The associated value is one of: saas, paas, iaas, or other.")}),
@AllowedValues(level = IConstraint.Level.ERROR, target = "prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal') and @name='cloud-deployment-model']/@value", values = {@AllowedValue(value = "public-cloud", description = "The public cloud deployment model as defined by [The NIST Definition of Cloud Computing](https://doi.org/10.6028/NIST.SP.800-145)."), @AllowedValue(value = "private-cloud", description = "The private cloud deployment model as defined by [The NIST Definition of Cloud Computing](https://doi.org/10.6028/NIST.SP.800-145)."), @AllowedValue(value = "community-cloud", description = "The community cloud deployment model as defined by [The NIST Definition of Cloud Computing](https://doi.org/10.6028/NIST.SP.800-145)."), @AllowedValue(value = "hybrid-cloud", description = "The hybrid cloud deployment model as defined by [The NIST Definition of Cloud Computing](https://doi.org/10.6028/NIST.SP.800-145)."), @AllowedValue(value = "government-only-cloud", description = "A specific type of community-cloud for use only by government services."), @AllowedValue(value = "other", description = "Any other type of cloud deployment model that is exclusive to the other choices.")}, remarks = "The hybrid cloud deployment model, as defined by [The NIST Definition of Cloud Computing](https://doi.org/10.6028/NIST.SP.800-145), can be supported by selecting two or more of the existing deployment models."),
@AllowedValues(level = IConstraint.Level.ERROR, target = "prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal') and @name='cloud-service-model']/@value", values = {@AllowedValue(value = "saas", description = "Software as a service (SaaS) cloud service model as defined by [The NIST Definition of Cloud Computing](https://doi.org/10.6028/NIST.SP.800-145)."), @AllowedValue(value = "paas", description = "Platform as a service (PaaS) cloud service model as defined by [The NIST Definition of Cloud Computing](https://doi.org/10.6028/NIST.SP.800-145)."), @AllowedValue(value = "iaas", description = "Infrastructure as a service (IaaS) cloud service model as defined by [The NIST Definition of Cloud Computing](https://doi.org/10.6028/NIST.SP.800-145)."), @AllowedValue(value = "other", description = "Any other type of cloud service model that is exclusive to the other choices.")}),
@AllowedValues(level = IConstraint.Level.ERROR, target = "responsible-party/@role-id", allowOthers = true, values = {@AllowedValue(value = "authorizing-official", description = "The authorizing official for this system."), @AllowedValue(value = "authorizing-official-poc", description = "The authorizing official's designated point of contact (POC) for this system."), @AllowedValue(value = "system-owner", description = "The executive ultimately accountable for the system."), @AllowedValue(value = "system-poc-management", description = "The primary management-level point of contact (POC) for the system."), @AllowedValue(value = "system-poc-technical", description = "The primary technical point of contact (POC) for the system."), @AllowedValue(value = "system-poc-other", description = "Other point of contact (POC) for the system that is not the management or technical POC."), @AllowedValue(value = "information-system-security-officer", description = "The primary role responsible for ensuring the organization operates the system securely."), @AllowedValue(value = "privacy-poc", description = "The point of contact (POC) responsible for identifying privacy information within the system, and ensuring its protection if present.")})
}
)
@AssemblyConstraints(
isUnique = @IsUnique(id = "unique-ssp-system-characteristics-responsible-party", level = IConstraint.Level.ERROR, target = "responsible-party", keyFields = @KeyField(target = "@role-id"), remarks = "Since `responsible-party` associates multiple `party-uuid` entries with a single `role-id`, each role-id must be referenced only once.")
)
public class SystemCharacteristics {
@BoundField(
formalName = "System Identification",
description = "A [human-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#human-oriented), [globally unique](https://pages.nist.gov/OSCAL/concepts/identifier-use/#globally-unique) identifier with [cross-instance](https://pages.nist.gov/OSCAL/concepts/identifier-use/#cross-instance) scope that can be used to reference this system identification property elsewhere in [this or other OSCAL instances](https://pages.nist.gov/OSCAL/concepts/identifier-use/#scope). When referencing an externally defined `system identification`, the `system identification` must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned [per-subject](https://pages.nist.gov/OSCAL/concepts/identifier-use/#consistency), which means it should be consistently used to identify the same system across revisions of the document.",
useName = "system-id",
minOccurs = 1,
maxOccurs = -1
)
@GroupAs(
name = "system-ids",
inJson = JsonGroupAsBehavior.LIST
)
private List<SystemId> _systemIds;
/**
* "The full name of the system."
*/
@BoundField(
formalName = "System Name - Full",
description = "The full name of the system.",
useName = "system-name",
minOccurs = 1
)
private String _systemName;
/**
* "A short name for the system, such as an acronym, that is suitable for display in a data table or summary list."
*/
@BoundField(
formalName = "System Name - Short",
description = "A short name for the system, such as an acronym, that is suitable for display in a data table or summary list.",
useName = "system-name-short",
remarks = "Since `system-name-short` is optional, if the `system-name-short` is not provided, the `system-name` can be used as a substitute."
)
private String _systemNameShort;
/**
* "A summary of the system."
*/
@BoundField(
formalName = "System Description",
description = "A summary of the system.",
useName = "description",
minOccurs = 1
)
@BoundFieldValue(
typeAdapter = MarkupMultilineAdapter.class
)
private MarkupMultiline _description;
@BoundAssembly(
formalName = "Property",
description = "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.",
useName = "prop",
maxOccurs = -1
)
@GroupAs(
name = "props",
inJson = JsonGroupAsBehavior.LIST
)
private List<Property> _props;
@BoundAssembly(
formalName = "Link",
description = "A reference to a local or remote resource, that has a specific relation to the containing object.",
useName = "link",
maxOccurs = -1
)
@GroupAs(
name = "links",
inJson = JsonGroupAsBehavior.LIST
)
private List<Link> _links;
@BoundField(
formalName = "System Authorization Date",
description = "The date the system received its authorization.",
useName = "date-authorized"
)
@BoundFieldValue(
typeAdapter = DateAdapter.class
)
private Date _dateAuthorized;
/**
* "The overall information system sensitivity categorization, such as defined by <a href=\"https://doi.org/10.6028/NIST.FIPS.199\">FIPS-199</a>."
*/
@BoundField(
formalName = "Security Sensitivity Level",
description = "The overall information system sensitivity categorization, such as defined by [FIPS-199](https://doi.org/10.6028/NIST.FIPS.199).",
useName = "security-sensitivity-level",
remarks = "Often, organizations require the security sensitivity level to correspond with the highest confidentiality, integrity, or availability level identified by `security-impact-level`."
)
private String _securitySensitivityLevel;
@BoundAssembly(
formalName = "System Information",
description = "Contains details about all information types that are stored, processed, or transmitted by the system, such as privacy information, and those defined in [NIST SP 800-60](https://doi.org/10.6028/NIST.SP.800-60v2r1).",
useName = "system-information",
minOccurs = 1
)
private SystemInformation _systemInformation;
@BoundAssembly(
formalName = "Security Impact Level",
description = "The overall level of expected impact resulting from unauthorized disclosure, modification, or loss of access to information.",
useName = "security-impact-level"
)
private SecurityImpactLevel _securityImpactLevel;
@BoundAssembly(
formalName = "Status",
description = "Describes the operational status of the system.",
useName = "status",
minOccurs = 1
)
private Status _status;
@BoundAssembly(
formalName = "Authorization Boundary",
description = "A description of this system's authorization boundary, optionally supplemented by diagrams that illustrate the authorization boundary.",
useName = "authorization-boundary",
minOccurs = 1
)
private AuthorizationBoundary _authorizationBoundary;
@BoundAssembly(
formalName = "Network Architecture",
description = "A description of the system's network architecture, optionally supplemented by diagrams that illustrate the network architecture.",
useName = "network-architecture"
)
private NetworkArchitecture _networkArchitecture;
@BoundAssembly(
formalName = "Data Flow",
description = "A description of the logical flow of information within the system and across its boundaries, optionally supplemented by diagrams that illustrate these flows.",
useName = "data-flow"
)
private DataFlow _dataFlow;
@BoundAssembly(
formalName = "Responsible Party",
description = "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.",
useName = "responsible-party",
maxOccurs = -1
)
@GroupAs(
name = "responsible-parties",
inJson = JsonGroupAsBehavior.LIST
)
private List<ResponsibleParty> _responsibleParties;
@BoundField(
formalName = "Remarks",
description = "Additional commentary about the containing object.",
useName = "remarks"
)
@BoundFieldValue(
typeAdapter = MarkupMultilineAdapter.class
)
private MarkupMultiline _remarks;
public SystemCharacteristics() {
}
public List<SystemId> getSystemIds() {
return _systemIds;
}
public void setSystemIds(List<SystemId> value) {
_systemIds = value;
}
/**
* Add a new {@link SystemId} item to the underlying collection.
* @param item the item to add
* @return {@code true}
*/
public boolean addSystemId(SystemId item) {
SystemId value = ObjectUtils.requireNonNull(item,"item cannot be null");
if (_systemIds == null) {
_systemIds = new LinkedList<>();
}
return _systemIds.add(value);
}
/**
* Remove the first matching {@link SystemId} item from the underlying collection.
* @param item the item to remove
* @return {@code true} if the item was removed or {@code false} otherwise
*/
public boolean removeSystemId(SystemId item) {
SystemId value = ObjectUtils.requireNonNull(item,"item cannot be null");
return _systemIds == null ? false : _systemIds.remove(value);
}
public String getSystemName() {
return _systemName;
}
public void setSystemName(String value) {
_systemName = value;
}
public String getSystemNameShort() {
return _systemNameShort;
}
public void setSystemNameShort(String value) {
_systemNameShort = value;
}
public MarkupMultiline getDescription() {
return _description;
}
public void setDescription(MarkupMultiline value) {
_description = value;
}
public List<Property> getProps() {
return _props;
}
public void setProps(List<Property> value) {
_props = value;
}
/**
* Add a new {@link Property} item to the underlying collection.
* @param item the item to add
* @return {@code true}
*/
public boolean addProp(Property item) {
Property value = ObjectUtils.requireNonNull(item,"item cannot be null");
if (_props == null) {
_props = new LinkedList<>();
}
return _props.add(value);
}
/**
* Remove the first matching {@link Property} item from the underlying collection.
* @param item the item to remove
* @return {@code true} if the item was removed or {@code false} otherwise
*/
public boolean removeProp(Property item) {
Property value = ObjectUtils.requireNonNull(item,"item cannot be null");
return _props == null ? false : _props.remove(value);
}
public List<Link> getLinks() {
return _links;
}
public void setLinks(List<Link> value) {
_links = value;
}
/**
* Add a new {@link Link} item to the underlying collection.
* @param item the item to add
* @return {@code true}
*/
public boolean addLink(Link item) {
Link value = ObjectUtils.requireNonNull(item,"item cannot be null");
if (_links == null) {
_links = new LinkedList<>();
}
return _links.add(value);
}
/**
* Remove the first matching {@link Link} item from the underlying collection.
* @param item the item to remove
* @return {@code true} if the item was removed or {@code false} otherwise
*/
public boolean removeLink(Link item) {
Link value = ObjectUtils.requireNonNull(item,"item cannot be null");
return _links == null ? false : _links.remove(value);
}
public Date getDateAuthorized() {
return _dateAuthorized;
}
public void setDateAuthorized(Date value) {
_dateAuthorized = value;
}
public String getSecuritySensitivityLevel() {
return _securitySensitivityLevel;
}
public void setSecuritySensitivityLevel(String value) {
_securitySensitivityLevel = value;
}
public SystemInformation getSystemInformation() {
return _systemInformation;
}
public void setSystemInformation(SystemInformation value) {
_systemInformation = value;
}
public SecurityImpactLevel getSecurityImpactLevel() {
return _securityImpactLevel;
}
public void setSecurityImpactLevel(SecurityImpactLevel value) {
_securityImpactLevel = value;
}
public Status getStatus() {
return _status;
}
public void setStatus(Status value) {
_status = value;
}
public AuthorizationBoundary getAuthorizationBoundary() {
return _authorizationBoundary;
}
public void setAuthorizationBoundary(AuthorizationBoundary value) {
_authorizationBoundary = value;
}
public NetworkArchitecture getNetworkArchitecture() {
return _networkArchitecture;
}
public void setNetworkArchitecture(NetworkArchitecture value) {
_networkArchitecture = value;
}
public DataFlow getDataFlow() {
return _dataFlow;
}
public void setDataFlow(DataFlow value) {
_dataFlow = value;
}
public List<ResponsibleParty> getResponsibleParties() {
return _responsibleParties;
}
public void setResponsibleParties(List<ResponsibleParty> value) {
_responsibleParties = value;
}
/**
* Add a new {@link ResponsibleParty} item to the underlying collection.
* @param item the item to add
* @return {@code true}
*/
public boolean addResponsibleParty(ResponsibleParty item) {
ResponsibleParty value = ObjectUtils.requireNonNull(item,"item cannot be null");
if (_responsibleParties == null) {
_responsibleParties = new LinkedList<>();
}
return _responsibleParties.add(value);
}
/**
* Remove the first matching {@link ResponsibleParty} item from the underlying collection.
* @param item the item to remove
* @return {@code true} if the item was removed or {@code false} otherwise
*/
public boolean removeResponsibleParty(ResponsibleParty item) {
ResponsibleParty value = ObjectUtils.requireNonNull(item,"item cannot be null");
return _responsibleParties == null ? false : _responsibleParties.remove(value);
}
public MarkupMultiline getRemarks() {
return _remarks;
}
public void setRemarks(MarkupMultiline value) {
_remarks = value;
}
@Override
public String toString() {
return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString();
}
}