<xsd:schema targetNamespace="http://oval.mitre.org/XMLSchema/oval#independent" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval" xmlns:independent="http://oval.mitre.org/XMLSchema/oval#independent" elementFormDefault="qualified" version="4.2">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval" schemaLocation="oval-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose the tests found in Open Vulnerability and Assessment Language (OVAL) that are independent of a specific family or platform. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation>
<xsd:documentation>The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>Independent Definition</schema>
<version>4.2</version>
<date>2 December 2005</date>
</xsd:appinfo>
</xsd:annotation>
<!-- =============================================================================== -->
<!-- ============================ COMPOUND TEST (cmp) ============================ -->
<!-- =============================================================================== -->
<xsd:element name="compound_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>A compound test allows multiple tests (including other compound tests) to be joined together by a logical operator. This provides flexibility in test creation and enables complex tests to be reused, serving as building blocks for future tests. The required operation attribute specifies how to logically combine the numerous subtests of a compound test. Possible values are: AND, OR, XOR. A value of AND means that each subtest must be true for the compound_test to return true. A value of OR means that only one subtest must be true for the compound_test to return true. A value of XOR means that one, and only one, subtest must be true for the compound_test to return true. A compound test extends the testType. Please refer to the "Complex Types" section of this document for a description of the testType.</xsd:documentation>
<xsd:appinfo>
<test_name>Compound Test</test_name>
<extends>testType</extends>
<valid_sections>[notes], subtest</valid_sections>
<example>
<compound_test id="cmp-0" operation="AND" comment="an example compound test" xmlns="http://oval.mitre.org/XMLSchema/oval#independent">
<oval:notes>
<oval:note>This is an example compound test. It ANDs together the results of three separate tests, one of which is negated.</oval:note>
</oval:notes>
<subtest test_ref="wrt-0"/>
<subtest test_ref="wat-0" negate="true"/>
<subtest test_ref="cmp-1"/>
</compound_test>
</example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:testType">
<xsd:sequence>
<xsd:element name="subtest" minOccurs="1" maxOccurs="unbounded">
<xsd:annotation>
<xsd:documentation>The subtest element specifies a particular test to be referenced. The required test_ref attribute accomplishes this by linking to a valid test id. The optional 'negate' attribute signifies that the result of an individual test should be negated during analysis. For example, consider a test that returns TRUE if a specific patch is installed. By negating this test, it now analyzes to TRUE if the patch is NOT installed.</xsd:documentation>
<xsd:appinfo>
<parent_test>Compound Test</parent_test>
<cardinality>1-n</cardinality>
<content>none</content>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:attribute name="test_ref" type="oval:testid" use="required"/>
<xsd:attribute name="negate" type="xsd:boolean" use="optional" default="false"/>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
<xsd:attribute name="operation" type="oval:operations" use="required"/>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ======================= TEXT FILE CONTENT TEST (tft) ======================== -->
<!-- =============================================================================== -->
<xsd:element name="textfilecontent_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>The textfilecontent test looks at the contents of a text file (aka a configuration file) by looking at individual lines.</xsd:documentation>
<xsd:appinfo>
<test_name>Text File Content Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, object, data</valid_sections>
<example>
<textfilecontent_test id="tft-0" check="all" comment="the enable parameter in helpctr.txt is set to true" xmlns="http://oval.mitre.org/XMLSchema/oval#independent">
<oval:notes>
<oval:note>This is an example test. It is meant to give a short overview of the test and might not contain every possible child element.</oval:note>
</oval:notes>
<object>
<path>
<component type="registry_value">HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot</component>
<component type="literal">\system32\helpctr.txt</component>
</path>
<line operator="pattern match">enable = (true|false)</line>
</object>
<data operation="AND">
<subexpression operator="equals">true</subexpression>
</data>
</textfilecontent_test>
</example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:objectType">
<xsd:sequence>
<xsd:element name="path" type="independent:componentType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Specifies the absolute path to a file on the machine. This path can be created from multiple components that are added together. When a pattern match operator is used, the corresponding regular expression is matched against the set of absolute path strings. These string would not include the '.' and '..' notations. This means that a '.*' component of a regular expression will not only match all files in the specified directories, but all subdirectories, their subdirectories, etc.</xsd:documentation>
<xsd:appinfo>
<parent_test>Text File Content Test</parent_test>
<cardinality>1</cardinality>
<content>none</content>
<valid_datatypes>component</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="line" type="oval:subtestStringType" minOccurs="1" maxOccurs="1" nillable="true">
<xsd:annotation>
<xsd:documentation>The line element represents a line in the file and is represented using a regular expression.</xsd:documentation>
<xsd:appinfo>
<parent_test>Text File Content Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="subexpression" type="oval:subtestStringType" minOccurs="0" maxOccurs="unbounded">
<xsd:annotation>
<xsd:documentation>Each subexpression in the regular expression of the line element is then tested against the value specified in the subexpression element.</xsd:documentation>
<xsd:appinfo>
<parent_test>Text File Content Test</parent_test>
<cardinality>0-n</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ============================ UNKNOWN TEST (ukn) ============================= -->
<!-- =============================================================================== -->
<xsd:element name="unknown_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>An unknown test acts as a placeholder for tests whose implementation is unknown. Any information that is known about the test should be held in the notes child element that is available through the extension of the abstract test element. An unknown test extends the testType. Please refer to the "Complex Types" section of this document for a description of the testType.</xsd:documentation>
<xsd:appinfo>
<test_name>Unknown Test</test_name>
<extends>TestType</extends>
<valid_sections>[notes]</valid_sections>
<example>
<unknown_test id="ukn-0" comment="an example unknown test" xmlns="http://oval.mitre.org/XMLSchema/oval#independent">
<oval:notes>
<oval:note>This is an example test. A description about the desired test would go here including what is unknown about it.</oval:note>
</oval:notes>
</unknown_test>
</example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:testType"/>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ============================ VARIABLE TEST (vct) ============================ -->
<!-- =============================================================================== -->
<xsd:element name="variable_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>A variable test allows the value of a variable to be compared to a defined value. An example use would be to validate that a variable being passed in from an external source falls within a specified range.</xsd:documentation>
<xsd:appinfo>
<test_name>Variable Test</test_name>
<extends>TestType</extends>
<valid_sections>[notes], item</valid_sections>
<example>
<variable_test id="vct-0" operation="AND" comment="an example variable test" xmlns="http://oval.mitre.org/XMLSchema/oval#independent">
<item variable="var-3" datatype="int" operator="greater than">6</item>
<item variable="var-3" datatype="int" operator="less than" var_ref="var-6"/>
</variable_test>
</example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:testType">
<xsd:sequence>
<xsd:element name="item" minOccurs="1" maxOccurs="unbounded">
<xsd:annotation>
<xsd:documentation>An 'item' element defines a specific comparison to perform on a variable. The required 'variable' attribute provides a link to a variable to use. The optional datatype determines the type of data expected as the value of the 'item' element. (the default datatype is 'string') The required 'operator' attribute defines the operator to use for the comparision. The optional var_ref attribute refers the value of the item to a variable element. Note that the comparision should read: '*variable* is *operator* the value of the item'. Also note that it is implied that the datatypes of the two value being compared are the same.</xsd:documentation>
<xsd:appinfo>
<parent_test>Variable Test</parent_test>
<cardinality>1</cardinality>
<content>none</content>
<valid_datatypes>binary, boolean, component, float, int, string, version</valid_datatypes>
<valid_operators>equals, not equal, greater than, less than, greater than or equal, less than or equal, bitwise and, bitwise or, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="xsd:anyType">
<xsd:attribute name="variable" type="oval:varid" use="required"/>
<xsd:attribute name="datatype" type="oval:datatypes" use="optional" default="string"/>
<xsd:attribute name="operator" type="oval:operators" use="optional" default="equals"/>
<xsd:attribute name="var_ref" type="oval:varid" use="optional"/>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
<xsd:attribute name="operation" type="oval:operations" use="required"/>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ======================= XML FILE CONTENT TEST (xft) ========================= -->
<!-- =============================================================================== -->
<xsd:element name="xmlfilecontent_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>The xmlfilecontent test uses Xpath to explore the contents of an xml file. The value element checks the value of the nodes found.</xsd:documentation>
<xsd:appinfo>
<test_name>XML File Content Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, object, data</valid_sections>
<example>
<xmlfilecontent_test id="xft-0" check="none exist" comment="there does not exists an Andrew object in fred.xml" xmlns="http://oval.mitre.org/XMLSchema/oval#independent">
<oval:notes>
<oval:note>This is an example test. It is meant to give a short overview of the test and might not contain every possible child element.</oval:note>
</oval:notes>
<object>
<path>
<component type="literal">c:\fred.xml</component>
</path>
<xpath>/people/name</xpath>
</object>
<data operation="AND">
<value_of operator="equals">Andrew</value_of>
</data>
</xmlfilecontent_test>
</example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:objectType">
<xsd:sequence>
<xsd:element name="path" type="independent:componentType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Specifies the absolute path to a file on the machine. This path can be created from multiple components that are added together. When a pattern match operator is used, the corresponding regular expression is matched against the set of absolute path strings. These string would not include the '.' and '..' notations. This means that a '.*' component of a regular expression will not only match all files in the specified directories, but all subdirectories, their subdirectories, etc.</xsd:documentation>
<xsd:appinfo>
<parent_test>XML File Content Test</parent_test>
<cardinality>1</cardinality>
<content>none</content>
<valid_datatypes>component</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="xpath" type="oval:subtestStringType" minOccurs="1" maxOccurs="1" nillable="true">
<xsd:annotation>
<xsd:documentation>Specifies an Xpath expression describing the nodes to look at.</xsd:documentation>
<xsd:appinfo>
<parent_test>XML File Content Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="value_of" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The value element checks the value of the nodes found.</xsd:documentation>
<xsd:appinfo>
<parent_test>XML File Content Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- =============================================================================== -->
<!-- =============================================================================== -->
<xsd:complexType name="componentType">
<xsd:annotation>
<xsd:documentation>The componentType allows a value to be obtained by combining pieces from different sources. Each string defined by the different component elements is concatenated together to form the final string used. Each child component element has an attribute called type. The value of this attribute determines where to get the string used to build the file path. A type of literal means to use the value of the child component element as is, and to just concatenated it to the other strings. If a pattern match operator has been specified with a componentType, then the final string should be thought of as the pattern to test. As of Version 4 of the OVAL schema, pattern match can not be specified for the idividual components.</xsd:documentation>
<xsd:appinfo>
<extends>oval:subtestBaseType</extends>
<attributes>(includes oval:subtestAttributes)</attributes>
<content>none</content>
<child_elements>component</child_elements>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexContent>
<xsd:extension base="oval:subtestBaseType">
<xsd:sequence>
<xsd:element name="component" minOccurs="1" maxOccurs="unbounded">
<xsd:complexType>
<xsd:simpleContent>
<xsd:extension base="xsd:string">
<xsd:attribute name="type" use="required">
<xsd:simpleType>
<xsd:restriction base="xsd:string">
<xsd:enumeration value="environment_variable"/>
<xsd:enumeration value="group_homedirs"/>
<xsd:enumeration value="literal"/>
<xsd:enumeration value="registry_value"/>
<xsd:enumeration value="user_homedirs"/>
</xsd:restriction>
</xsd:simpleType>
</xsd:attribute>
</xsd:extension>
</xsd:simpleContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:schema>
|
XSD Schema Code: