Documentation for Open Vulnerability and Assessment Language (OVAL®)
Definition Type: Element
Name: accesstoken_object
Namespace: http://oval.mitre.org/XMLSchema/oval-definitions-5#windows
Type: oval-def:ObjectType
Containing Schema: windows-definitions-schema.xsd
Abstract
Documentation:
The accesstoken_object element is used by an access token test to define the object to be evaluated. Each object extends the standard ObjectType as definied in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema. An access token object consists of a single security principle that identifies user, group, or compter account that is associated with the token.
Collapse XSD Schema Diagram:
Drilldown into security_principle in schema windows-definitions-schema_xsd Drilldown into behaviors in schema windows-definitions-schema_xsd Drilldown into set in schema oval-definitions-schema_xsd Drilldown into notes in schema oval-definitions-schema_xsd Drilldown into Signature in schema xmldsig-core-schema_xsd Drilldown into deprecated in schema oval-definitions-schema_xsd Drilldown into comment in schema oval-definitions-schema_xsd Drilldown into version in schema oval-definitions-schema_xsd Drilldown into id in schema oval-definitions-schema_xsd Drilldown into ObjectType in schema oval-definitions-schema_xsdXSD Diagram of accesstoken_object in schema windows-definitions-schema_xsd (Open Vulnerability and Assessment Language (OVAL®))
Collapse XSD Schema Code: 
<xsd:element name="accesstoken_object" substitutionGroup="oval-def:object">
    <xsd:annotation>
        <xsd:documentation>The accesstoken_object element is used by an access token test to define the object to be evaluated. Each object extends the standard ObjectType as definied in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema.</xsd:documentation>
        <xsd:documentation>An access token object consists of a single security principle that identifies user, group, or compter account that is associated with the token.</xsd:documentation>
    </xsd:annotation>
    <xsd:complexType>
        <xsd:complexContent>
            <xsd:extension base="oval-def:ObjectType">
                <xsd:sequence>
                    <xsd:choice>
                        <xsd:element ref="oval-def:set" />
                        <xsd:sequence>
                            <xsd:element name="behaviors" type="win-def:AccesstokenBehaviors" minOccurs="0" />
                            <xsd:element name="security_principle" type="oval-def:EntityObjectStringType">
                                <xsd:annotation>
                                    <xsd:documentation>The security_principle element defines the access token being specified. Security principals include users or groups with either local or domain accounts, and computer accounts created when a computer running Windows NT, Windows 2000, Windows XP, or a member of the Windows Server 2003 family joins a domain. User rights and permissions to access objects such as Active Directory objects, files, and registry settings are assigned to security principals. In a domain environment, security principals should be identified in the form: "domain\trustee name" For local security principals use: "computer name\trustee name" For built-in accounts on the system, use the trustee name without a domain. For example: ADMINISTRATOR, SYSTEM, NETWORK_SERVICES, ADMINISTRATORS (group), etc. Note that the built-in security principals should be all caps as that is how the windows apis return them.</xsd:documentation>
                                    <xsd:appinfo>
                                        <sch:pattern id="atobjsecurity_principle" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
                                            <sch:rule context="win-def:accesstoken_object/win-def:security_principle">
                                                <sch:assert test="not(@datatype) or @datatype='string'">
                                                    <sch:value-of select="../@id" /> - datatype attribute for the security_principle entity of an accesstoken_object should be 'string'</sch:assert>
                                            </sch:rule>
                                        </sch:pattern>
                                    </xsd:appinfo>
                                </xsd:annotation>
                            </xsd:element>
                        </xsd:sequence>
                    </xsd:choice>
                </xsd:sequence>
            </xsd:extension>
        </xsd:complexContent>
    </xsd:complexType>
</xsd:element>
Collapse Child Elements:
Name Type Min Occurs Max Occurs
Signature ds:Signature 0 1
notes oval-def:notes 0 1
set oval-def:set (1) (1)
behaviors win-def:behaviors 0 (1)
security_principle win-def:security_principle (1) (1)
Collapse Child Attributes:
Name Type Default Value Use
id oval-def:id Required
version oval-def:version Required
comment oval-def:comment Optional
deprecated oval-def:deprecated false Optional
Collapse Derivation Tree:
Collapse References:
oval-def:object
Documentation for Open Vulnerability and Assessment Language (OVAL®)

Generated using Liquid Studio - Developer Bundle 21.0.0.0