Schema was-core0.2.xsd


schema location:  C:\Documents and Settings\markc\Desktop\OASIS\WAS\was-core0.2.xsd
 
Groups 
Meta-Data 
Test 


group Meta-Data
diagram
children ID Date Author Provider Restrictions Reference Remedy Risk Ranking
annotation
documentation 
This group defines the high-level grouping of information that is used for searching, storage and retrival of signatures. There are two main groups, Meta-Data and Test
source 
<xs:group name="Meta-Data">
  <xs:annotation>
    <xs:documentation>This group defines the high-level grouping of information that is used for searching, storage and retrival of signatures. There are two main groups, Meta-Data and Test</xs:documentation>
  </xs:annotation>
  <xs:all>
    <xs:element name="ID">
      <xs:annotation>
        <xs:appinfo/>
        <xs:documentation>ID element provides a mechansim to declare uniquely identifiable attributes for cataloging and referencing. The provider, author and vendor IDs would allow cross referencing. This needs some more thinking</xs:documentation>
      </xs:annotation>
      <xs:complexType>
        <xs:attribute name="authorID" type="xs:string" use="required"/>
        <xs:attribute name="vendorID" type="xs:string" use="optional"/>
        <xs:attribute name="providerID" type="xs:string" use="optional"/>
      </xs:complexType>
    </xs:element>
    <xs:element name="Date">
      <xs:annotation>
        <xs:appinfo/>
        <xs:documentation>The Date element provides a mechanism to declare time and historical related data. An example use case maybe "show me all of the issues within the last 3 months "</xs:documentation>
      </xs:annotation>
      <xs:complexType>
        <xs:attribute name="originalReleaseDate" type="xs:dateTime" use="required"/>
        <xs:attribute name="lastRevisionDate" type="xs:dateTime" use="required"/>
        <xs:attribute name="versionRevisionDate" type="xs:dateTime"/>
      </xs:complexType>
    </xs:element>
    <xs:element name="Author">
      <xs:annotation>
        <xs:appinfo/>
        <xs:documentation>The Data element provides a mechanism to reference the original author </xs:documentation>
      </xs:annotation>
      <xs:complexType>
        <xs:attribute name="name" type="xs:string" use="required"/>
        <xs:attribute name="company" type="xs:string"/>
        <xs:attribute name="email" type="xs:string"/>
      </xs:complexType>
    </xs:element>
    <xs:element name="Provider">
      <xs:annotation>
        <xs:appinfo/>
        <xs:documentation>The Data element provides a mechanism to reference the provider of the signature. This maybe a trusted source of signatures or a commercial provider such as an iDefense. This allows fast indexing of entries based on the provider without having to check signatures</xs:documentation>
      </xs:annotation>
      <xs:complexType>
        <xs:attribute name="name" type="xs:string" use="required"/>
        <xs:attribute name="company" type="xs:string"/>
        <xs:attribute name="email" type="xs:string"/>
      </xs:complexType>
    </xs:element>
    <xs:element name="Restrictions">
      <xs:annotation>
        <xs:appinfo/>
        <xs:documentation>The Data element provides a mechanism to reference any useage restrictions on the signature. These may include copyright, licensing or potentially things like export restrictions</xs:documentation>
      </xs:annotation>
      <xs:complexType>
        <xs:attribute name="License" type="xs:string" use="required"/>
        <xs:attribute name="Copyright" type="xs:string"/>
        <xs:attribute name="email" type="xs:string"/>
      </xs:complexType>
    </xs:element>
    <xs:element name="Reference">
      <xs:annotation>
        <xs:appinfo/>
        <xs:documentation>The Data element provides a mechanism to reference othe sources of data about the issue. The WAS Thesaurus for instance maybe one, Vuln DB's like CVE and Bugtraq maybe others</xs:documentation>
      </xs:annotation>
      <xs:complexType>
        <xs:attribute name="Thesaurus" type="xs:string" use="required"/>
        <xs:attribute name="VulnDB's" type="xs:string"/>
        <xs:attribute name="shortDescription" type="xs:string"/>
        <xs:attribute name="longDescription" type="xs:string"/>
      </xs:complexType>
    </xs:element>
    <xs:element name="Remedy">
      <xs:annotation>
        <xs:appinfo/>
        <xs:documentation>The Data element provides a mechanism to reference constructive information about how to fix the issue if found. This data would be extracted into automatically generated reports and alerts. This would inlcude patch downloads, how to fix etc</xs:documentation>
      </xs:annotation>
      <xs:complexType>
        <xs:attribute name="Patch" type="xs:string" use="required"/>
      </xs:complexType>
    </xs:element>
    <xs:element name="Risk Ranking">
      <xs:annotation>
        <xs:appinfo/>
        <xs:documentation>The Data element provides the risk ranking . I am not sure if this would be much simpler but I allocated an element for now</xs:documentation>
      </xs:annotation>
      <xs:complexType>
        <xs:attribute name="riskLevel" type="xs:int" use="required" default="0"/>
        <xs:attribute name="Impact" type="xs:boolean" use="required" default="0"/>
      </xs:complexType>
    </xs:element>
  </xs:all>
</xs:group>

element Meta-Data/ID
diagram
attributes
Name  Type  Use  Default  Fixed  Annotation
authorID  xs:string  required      
vendorID  xs:string  optional      
providerID  xs:string  optional      
annotation
documentation 
ID element provides a mechansim to declare uniquely identifiable attributes for cataloging and referencing. The provider, author and vendor IDs would allow cross referencing. This needs some more thinking
source 
<xs:element name="ID">
  <xs:annotation>
    <xs:appinfo/>
    <xs:documentation>ID element provides a mechansim to declare uniquely identifiable attributes for cataloging and referencing. The provider, author and vendor IDs would allow cross referencing. This needs some more thinking</xs:documentation>
  </xs:annotation>
  <xs:complexType>
    <xs:attribute name="authorID" type="xs:string" use="required"/>
    <xs:attribute name="vendorID" type="xs:string" use="optional"/>
    <xs:attribute name="providerID" type="xs:string" use="optional"/>
  </xs:complexType>
</xs:element>

element Meta-Data/Date
diagram
attributes
Name  Type  Use  Default  Fixed  Annotation
originalReleaseDate  xs:dateTime  required      
lastRevisionDate  xs:dateTime  required      
versionRevisionDate  xs:dateTime        
annotation
documentation 
The Date element provides a mechanism to declare time and historical related data. An example use case maybe "show me all of the issues within the last 3 months "
source 
<xs:element name="Date">
  <xs:annotation>
    <xs:appinfo/>
    <xs:documentation>The Date element provides a mechanism to declare time and historical related data. An example use case maybe "show me all of the issues within the last 3 months "</xs:documentation>
  </xs:annotation>
  <xs:complexType>
    <xs:attribute name="originalReleaseDate" type="xs:dateTime" use="required"/>
    <xs:attribute name="lastRevisionDate" type="xs:dateTime" use="required"/>
    <xs:attribute name="versionRevisionDate" type="xs:dateTime"/>
  </xs:complexType>
</xs:element>

element Meta-Data/Author
diagram
attributes
Name  Type  Use  Default  Fixed  Annotation
name  xs:string  required      
company  xs:string        
email  xs:string        
annotation
documentation 
The Data element provides a mechanism to reference the original author
source 
<xs:element name="Author">
  <xs:annotation>
    <xs:appinfo/>
    <xs:documentation>The Data element provides a mechanism to reference the original author </xs:documentation>
  </xs:annotation>
  <xs:complexType>
    <xs:attribute name="name" type="xs:string" use="required"/>
    <xs:attribute name="company" type="xs:string"/>
    <xs:attribute name="email" type="xs:string"/>
  </xs:complexType>
</xs:element>

element Meta-Data/Provider
diagram
attributes
Name  Type  Use  Default  Fixed  Annotation
name  xs:string  required      
company  xs:string        
email  xs:string        
annotation
documentation 
The Data element provides a mechanism to reference the provider of the signature. This maybe a trusted source of signatures or a commercial provider such as an iDefense. This allows fast indexing of entries based on the provider without having to check signatures
source 
<xs:element name="Provider">
  <xs:annotation>
    <xs:appinfo/>
    <xs:documentation>The Data element provides a mechanism to reference the provider of the signature. This maybe a trusted source of signatures or a commercial provider such as an iDefense. This allows fast indexing of entries based on the provider without having to check signatures</xs:documentation>
  </xs:annotation>
  <xs:complexType>
    <xs:attribute name="name" type="xs:string" use="required"/>
    <xs:attribute name="company" type="xs:string"/>
    <xs:attribute name="email" type="xs:string"/>
  </xs:complexType>
</xs:element>

element Meta-Data/Restrictions
diagram
attributes
Name  Type  Use  Default  Fixed  Annotation
License  xs:string  required      
Copyright  xs:string        
email  xs:string        
annotation
documentation 
The Data element provides a mechanism to reference any useage restrictions on the signature. These may include copyright, licensing or potentially things like export restrictions
source 
<xs:element name="Restrictions">
  <xs:annotation>
    <xs:appinfo/>
    <xs:documentation>The Data element provides a mechanism to reference any useage restrictions on the signature. These may include copyright, licensing or potentially things like export restrictions</xs:documentation>
  </xs:annotation>
  <xs:complexType>
    <xs:attribute name="License" type="xs:string" use="required"/>
    <xs:attribute name="Copyright" type="xs:string"/>
    <xs:attribute name="email" type="xs:string"/>
  </xs:complexType>
</xs:element>

element Meta-Data/Reference
diagram
attributes
Name  Type  Use  Default  Fixed  Annotation
Thesaurus  xs:string  required      
VulnDB's  xs:string        
shortDescription  xs:string        
longDescription  xs:string        
annotation
documentation 
The Data element provides a mechanism to reference othe sources of data about the issue. The WAS Thesaurus for instance maybe one, Vuln DB's like CVE and Bugtraq maybe others
source 
<xs:element name="Reference">
  <xs:annotation>
    <xs:appinfo/>
    <xs:documentation>The Data element provides a mechanism to reference othe sources of data about the issue. The WAS Thesaurus for instance maybe one, Vuln DB's like CVE and Bugtraq maybe others</xs:documentation>
  </xs:annotation>
  <xs:complexType>
    <xs:attribute name="Thesaurus" type="xs:string" use="required"/>
    <xs:attribute name="VulnDB's" type="xs:string"/>
    <xs:attribute name="shortDescription" type="xs:string"/>
    <xs:attribute name="longDescription" type="xs:string"/>
  </xs:complexType>
</xs:element>

element Meta-Data/Remedy
diagram
attributes
Name  Type  Use  Default  Fixed  Annotation
Patch  xs:string  required      
annotation
documentation 
The Data element provides a mechanism to reference constructive information about how to fix the issue if found. This data would be extracted into automatically generated reports and alerts. This would inlcude patch downloads, how to fix etc
source 
<xs:element name="Remedy">
  <xs:annotation>
    <xs:appinfo/>
    <xs:documentation>The Data element provides a mechanism to reference constructive information about how to fix the issue if found. This data would be extracted into automatically generated reports and alerts. This would inlcude patch downloads, how to fix etc</xs:documentation>
  </xs:annotation>
  <xs:complexType>
    <xs:attribute name="Patch" type="xs:string" use="required"/>
  </xs:complexType>
</xs:element>

element Meta-Data/Risk Ranking
diagram
attributes
Name  Type  Use  Default  Fixed  Annotation
riskLevel  xs:int  required  0    
Impact  xs:boolean  required  0    
annotation
documentation 
The Data element provides the risk ranking . I am not sure if this would be much simpler but I allocated an element for now
source 
<xs:element name="Risk Ranking">
  <xs:annotation>
    <xs:appinfo/>
    <xs:documentation>The Data element provides the risk ranking . I am not sure if this would be much simpler but I allocated an element for now</xs:documentation>
  </xs:annotation>
  <xs:complexType>
    <xs:attribute name="riskLevel" type="xs:int" use="required" default="0"/>
    <xs:attribute name="Impact" type="xs:boolean" use="required" default="0"/>
  </xs:complexType>
</xs:element>

group Test
diagram
annotation
documentation 
This group defines the executeable test case. It will be developed after the Meta-Group is near completion
source 
<xs:group name="Test">
  <xs:annotation>
    <xs:documentation>This group defines the executeable test case. It will be developed after the Meta-Group is near completion</xs:documentation>
  </xs:annotation>
  <xs:all/>
</xs:group>


XML Schema documentation generated with XMLSPY Schema Editor http://www.altova.com/xmlspy