├── .gitattributes
├── requirements.txt
├── .landscape.yaml
├── MANIFEST.in
├── sdv
├── test
│ ├── __init__.py
│ └── stix_profile_test.py
├── resources
│ ├── xsd
│ │ ├── stix_1.0
│ │ │ ├── extensions
│ │ │ │ ├── address
│ │ │ │ │ ├── readme.txt
│ │ │ │ │ └── ciq_address_3.0.xsd
│ │ │ │ ├── identity
│ │ │ │ │ └── readme.txt
│ │ │ │ ├── vulnerability
│ │ │ │ │ └── readme.txt
│ │ │ │ ├── malware
│ │ │ │ │ └── readme.txt
│ │ │ │ ├── marking
│ │ │ │ │ ├── simple_marking.xsd
│ │ │ │ │ └── tlp.xsd
│ │ │ │ └── attack_pattern
│ │ │ │ │ └── capec_2.5.xsd
│ │ │ ├── cybox
│ │ │ │ ├── extensions
│ │ │ │ │ └── platform
│ │ │ │ │ │ └── README.txt
│ │ │ │ └── objects
│ │ │ │ │ ├── Link_Object.xsd
│ │ │ │ │ ├── Unix_Pipe_Object.xsd
│ │ │ │ │ └── Pipe_Object.xsd
│ │ │ └── external
│ │ │ │ ├── open_ioc_2010
│ │ │ │ └── ioc-TR.xsd
│ │ │ │ └── oasis_ciq_3.0
│ │ │ │ ├── xNAL-types.xsd
│ │ │ │ └── xlink-2003-12-31.xsd
│ │ ├── stix_1.1
│ │ │ ├── extensions
│ │ │ │ ├── address
│ │ │ │ │ ├── readme.txt
│ │ │ │ │ └── ciq_3.0_address.xsd
│ │ │ │ ├── identity
│ │ │ │ │ └── readme.txt
│ │ │ │ ├── malware
│ │ │ │ │ ├── readme.txt
│ │ │ │ │ └── maec_4.1_malware.xsd
│ │ │ │ ├── vulnerability
│ │ │ │ │ └── readme.txt
│ │ │ │ ├── attack_pattern
│ │ │ │ │ ├── readme.txt
│ │ │ │ │ └── capec_2.7_attack_pattern.xsd
│ │ │ │ └── marking
│ │ │ │ │ ├── simple_marking.xsd
│ │ │ │ │ └── terms_of_use_marking.xsd
│ │ │ ├── cybox
│ │ │ │ ├── extensions
│ │ │ │ │ ├── platform
│ │ │ │ │ │ └── README.txt
│ │ │ │ │ └── location
│ │ │ │ │ │ └── ciq_address_3.0.xsd
│ │ │ │ ├── external
│ │ │ │ │ ├── oasis_ciq_3.0
│ │ │ │ │ │ └── xNAL-types.xsd
│ │ │ │ │ └── cpe_2.3
│ │ │ │ │ │ └── cpe-naming_2.3.xsd
│ │ │ │ └── objects
│ │ │ │ │ ├── Unix_Pipe_Object.xsd
│ │ │ │ │ └── Pipe_Object.xsd
│ │ │ └── external
│ │ │ │ ├── open_ioc_2010
│ │ │ │ └── ioc-TR.xsd
│ │ │ │ └── oasis_ciq_3.0
│ │ │ │ └── xNAL-types.xsd
│ │ ├── stix_1.2
│ │ │ ├── extensions
│ │ │ │ ├── address
│ │ │ │ │ ├── readme.txt
│ │ │ │ │ └── ciq_3.0_address.xsd
│ │ │ │ ├── identity
│ │ │ │ │ └── readme.txt
│ │ │ │ ├── malware
│ │ │ │ │ ├── readme.txt
│ │ │ │ │ └── maec_4.1_malware.xsd
│ │ │ │ ├── vulnerability
│ │ │ │ │ └── readme.txt
│ │ │ │ ├── attack_pattern
│ │ │ │ │ ├── readme.txt
│ │ │ │ │ └── capec_2.7_attack_pattern.xsd
│ │ │ │ └── marking
│ │ │ │ │ ├── simple_marking.xsd
│ │ │ │ │ └── terms_of_use_marking.xsd
│ │ │ ├── cybox
│ │ │ │ ├── extensions
│ │ │ │ │ ├── platform
│ │ │ │ │ │ └── README.txt
│ │ │ │ │ └── location
│ │ │ │ │ │ └── ciq_address_3.0.xsd
│ │ │ │ ├── external
│ │ │ │ │ ├── oasis_ciq_3.0
│ │ │ │ │ │ └── xNAL-types.xsd
│ │ │ │ │ └── cpe_2.3
│ │ │ │ │ │ └── cpe-naming_2.3.xsd
│ │ │ │ └── objects
│ │ │ │ │ ├── Unix_Pipe_Object.xsd
│ │ │ │ │ └── Pipe_Object.xsd
│ │ │ └── external
│ │ │ │ ├── open_ioc_2010
│ │ │ │ └── ioc-TR.xsd
│ │ │ │ └── oasis_ciq_3.0
│ │ │ │ ├── xNAL-types.xsd
│ │ │ │ └── xlink-2003-12-31.xsd
│ │ ├── stix_1.0.1
│ │ │ ├── extensions
│ │ │ │ ├── address
│ │ │ │ │ ├── readme.txt
│ │ │ │ │ └── ciq_address_3.0.xsd
│ │ │ │ ├── identity
│ │ │ │ │ └── readme.txt
│ │ │ │ ├── malware
│ │ │ │ │ ├── readme.txt
│ │ │ │ │ └── maec_4.0.1.xsd
│ │ │ │ ├── vulnerability
│ │ │ │ │ └── readme.txt
│ │ │ │ ├── attack_pattern
│ │ │ │ │ ├── readme.txt
│ │ │ │ │ └── capec_2.6.1.xsd
│ │ │ │ └── marking
│ │ │ │ │ ├── simple_marking.xsd
│ │ │ │ │ └── tlp.xsd
│ │ │ ├── cybox
│ │ │ │ ├── extensions
│ │ │ │ │ └── platform
│ │ │ │ │ │ ├── README.txt
│ │ │ │ │ │ └── cpe-naming_2.3.xsd
│ │ │ │ ├── README.md
│ │ │ │ └── objects
│ │ │ │ │ └── Unix_Pipe_Object.xsd
│ │ │ ├── external
│ │ │ │ ├── open_ioc_2010
│ │ │ │ │ └── ioc-TR.xsd
│ │ │ │ └── oasis_ciq_3.0
│ │ │ │ │ └── xNAL-types.xsd
│ │ │ └── README.md
│ │ ├── stix_1.1.1
│ │ │ ├── extensions
│ │ │ │ ├── address
│ │ │ │ │ ├── readme.txt
│ │ │ │ │ └── ciq_3.0_address.xsd
│ │ │ │ ├── identity
│ │ │ │ │ └── readme.txt
│ │ │ │ ├── malware
│ │ │ │ │ ├── readme.txt
│ │ │ │ │ └── maec_4.1_malware.xsd
│ │ │ │ ├── vulnerability
│ │ │ │ │ └── readme.txt
│ │ │ │ ├── attack_pattern
│ │ │ │ │ ├── readme.txt
│ │ │ │ │ └── capec_2.7_attack_pattern.xsd
│ │ │ │ └── marking
│ │ │ │ │ ├── simple_marking.xsd
│ │ │ │ │ └── terms_of_use_marking.xsd
│ │ │ ├── cybox
│ │ │ │ ├── extensions
│ │ │ │ │ ├── platform
│ │ │ │ │ │ └── README.txt
│ │ │ │ │ └── location
│ │ │ │ │ │ └── ciq_address_3.0.xsd
│ │ │ │ ├── external
│ │ │ │ │ ├── oasis_ciq_3.0
│ │ │ │ │ │ ├── xNAL-types.xsd
│ │ │ │ │ │ └── xlink-2003-12-31.xsd
│ │ │ │ │ └── cpe_2.3
│ │ │ │ │ │ └── cpe-naming_2.3.xsd
│ │ │ │ └── objects
│ │ │ │ │ ├── Unix_Pipe_Object.xsd
│ │ │ │ │ └── Pipe_Object.xsd
│ │ │ └── external
│ │ │ │ ├── open_ioc_2010
│ │ │ │ └── ioc-TR.xsd
│ │ │ │ └── oasis_ciq_3.0
│ │ │ │ └── xNAL-types.xsd
│ │ └── stix_1.2.1
│ │ │ ├── extensions
│ │ │ ├── address
│ │ │ │ └── readme.txt
│ │ │ ├── identity
│ │ │ │ └── readme.txt
│ │ │ ├── malware
│ │ │ │ └── readme.txt
│ │ │ ├── vulnerability
│ │ │ │ └── readme.txt
│ │ │ └── attack-pattern
│ │ │ │ ├── readme.txt
│ │ │ │ └── capec-2.7-attack-pattern.xsd
│ │ │ ├── cybox
│ │ │ ├── extensions
│ │ │ │ ├── platform
│ │ │ │ │ └── README.txt
│ │ │ │ └── location
│ │ │ │ │ └── ciq_address_3.0.xsd
│ │ │ └── external
│ │ │ │ ├── oasis_ciq_3.0
│ │ │ │ ├── xNAL-types.xsd
│ │ │ │ └── xlink-2003-12-31.xsd
│ │ │ │ └── cpe_2.3
│ │ │ │ └── cpe-naming_2.3.xsd
│ │ │ └── external
│ │ │ ├── open_ioc_2010
│ │ │ └── ioc-TR.xsd
│ │ │ └── oasis_ciq_3.0
│ │ │ ├── xNAL-types.xsd
│ │ │ └── xlink-2003-12-31.xsd
│ └── __init__.py
├── version.py
├── validators
│ ├── cybox
│ │ ├── __init__.py
│ │ └── common.py
│ ├── stix
│ │ └── __init__.py
│ └── __init__.py
├── xmlconst.py
├── codes.py
└── scripts
│ ├── profile_to_xslt.py
│ └── profile_to_sch.py
├── examples
├── stix
│ ├── Example_STIX_Profile.xlsx
│ ├── all_valid.xml
│ └── schema_invalid.xml
└── cybox
│ ├── schema_valid.xml
│ └── schema_invalid.xml
├── docs
├── api
│ ├── errors.rst
│ ├── utils
│ │ └── index.rst
│ ├── sdv.rst
│ ├── codes.rst
│ ├── validators
│ │ ├── stix_schema.rst
│ │ ├── cybox_schema.rst
│ │ ├── xml_schema.rst
│ │ ├── schematron.rst
│ │ ├── stix_profile.rst
│ │ └── stix_best_practices.rst
│ └── index.rst
├── examples
│ └── index.rst
├── conf.py
└── index.rst
├── setup.cfg
├── .gitignore
├── tox.ini
├── .github
└── workflows
│ └── python-ci-tests.yml
├── LICENSE.txt
└── setup.py
/.gitattributes:
--------------------------------------------------------------------------------
1 | * -crlf
--------------------------------------------------------------------------------
/requirements.txt:
--------------------------------------------------------------------------------
1 | -e .[docs,test]
2 |
--------------------------------------------------------------------------------
/.landscape.yaml:
--------------------------------------------------------------------------------
1 | ignore-paths:
2 | - docs
3 |
--------------------------------------------------------------------------------
/MANIFEST.in:
--------------------------------------------------------------------------------
1 | recursive-include sdv/resources/xsd *.xsd
--------------------------------------------------------------------------------
/sdv/test/__init__.py:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2015, The MITRE Corporation. All rights reserved.
2 | # See LICENSE.txt for complete terms.
--------------------------------------------------------------------------------
/examples/stix/Example_STIX_Profile.xlsx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/STIXProject/stix-validator/HEAD/examples/stix/Example_STIX_Profile.xlsx
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0/extensions/address/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing addresses is CIQAddress3.0InstanceType in ciq_address_3.0.xsd.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1/extensions/address/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing addresses is CIQAddress3.0InstanceType in ciq_3.0_address.xsd.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2/extensions/address/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing addresses is CIQAddress3.0InstanceType in ciq_3.0_address.xsd.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0.1/extensions/address/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing addresses is CIQAddress3.0InstanceType in ciq_address_3.0.xsd.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0.1/extensions/identity/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing identities is CIQIdentity3.0InstanceType in ciq_identity_3.0.xsd.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0.1/extensions/malware/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing identities is the MAEC4.0InstanceType defined in maec_4.0.1.xsd.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0/extensions/identity/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing identities is CIQIdentity3.0InstanceType in ciq_identity_3.0.xsd.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0/extensions/vulnerability/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing vulnerabilities in STIX is CVRF1.1InstanceType in cvrf1.1.xsd
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1.1/extensions/address/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing addresses is CIQAddress3.0InstanceType in ciq_3.0_address.xsd.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1.1/extensions/identity/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing identities is CIQIdentity3.0InstanceType in ciq_3.0_identity.xsd.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1/extensions/identity/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing identities is CIQIdentity3.0InstanceType in ciq_3.0_identity.xsd.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2.1/extensions/address/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing addresses is CIQAddress3.0InstanceType in ciq-3.0-address.xsd.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2.1/extensions/identity/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing identities is CIQIdentity3.0InstanceType in ciq-3.0-identity.xsd.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2/extensions/identity/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing identities is CIQIdentity3.0InstanceType in ciq_3.0_identity.xsd.
--------------------------------------------------------------------------------
/sdv/version.py:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2015, The MITRE Corporation. All rights reserved.
2 | # See LICENSE.txt for complete terms.
3 |
4 | __version__ = "3.0.0"
5 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0.1/extensions/vulnerability/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing vulnerabilities in STIX is CVRF1.1InstanceType in cvrf1.1.xsd
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1.1/extensions/malware/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing identities is the MAEC4.1InstanceType defined in maec_4.1_malware.xsd.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1/extensions/malware/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing identities is the MAEC4.1InstanceType defined in maec_4.1_malware.xsd.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2.1/extensions/malware/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing identities is the MAEC4.1InstanceType defined in maec-4.1-malware.xsd.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2/extensions/malware/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing identities is the MAEC4.1InstanceType defined in maec_4.1_malware.xsd.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0.1/extensions/attack_pattern/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing attack patterns is the CAPEC2.6InstanceType defined in capec_2.6.1.xsd.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1.1/extensions/vulnerability/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing vulnerabilities in STIX is CVRF1.1InstanceType in cvrf1.1_vulnerability.xsd
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1/extensions/vulnerability/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing vulnerabilities in STIX is CVRF1.1InstanceType in cvrf1.1_vulnerability.xsd
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2.1/extensions/vulnerability/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing vulnerabilities in STIX is CVRF1.1InstanceType in cvrf1.1_vulnerability.xsd
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2/extensions/vulnerability/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing vulnerabilities in STIX is CVRF1.1InstanceType in cvrf1.1_vulnerability.xsd
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1.1/extensions/attack_pattern/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing attack patterns is the CAPEC2.7InstanceType defined in capec_2.7_attack_pattern.xsd.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1/extensions/attack_pattern/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing attack patterns is the CAPEC2.7InstanceType defined in capec_2.7_attack_pattern.xsd.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2.1/extensions/attack-pattern/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing attack patterns is the CAPEC2.7InstanceType defined in capec-2.7-attack-pattern.xsd.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2/extensions/attack_pattern/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing attack patterns is the CAPEC2.7InstanceType defined in capec_2.7_attack_pattern.xsd.
--------------------------------------------------------------------------------
/sdv/validators/cybox/__init__.py:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2015, The MITRE Corporation. All rights reserved.
2 | # See LICENSE.txt for complete terms.
3 |
4 | from .schema import * # noqa
5 |
--------------------------------------------------------------------------------
/docs/api/errors.rst:
--------------------------------------------------------------------------------
1 | :mod:`sdv.errors` Module
2 | ========================
3 |
4 | .. automodule:: sdv.errors
5 | :members:
6 | :undoc-members:
7 | :show-inheritance:
8 |
9 |
--------------------------------------------------------------------------------
/docs/api/utils/index.rst:
--------------------------------------------------------------------------------
1 | :mod:`sdv.utils` Module
2 | =======================
3 |
4 | .. automodule:: sdv.utils
5 | :members:
6 | :undoc-members:
7 | :show-inheritance:
8 |
9 |
--------------------------------------------------------------------------------
/docs/api/sdv.rst:
--------------------------------------------------------------------------------
1 | :mod:`sdv` Module
2 | =================
3 |
4 | .. automodule:: sdv
5 | :members: validate_xml, validate_best_practices, validate_profile,
6 | profile_to_schematron, profile_to_xslt
--------------------------------------------------------------------------------
/sdv/validators/stix/__init__.py:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2015, The MITRE Corporation. All rights reserved.
2 | # See LICENSE.txt for complete terms.
3 |
4 | from .schema import * # noqa
5 | from .profile import * # noqa
6 | from .best_practice import * # noqa
7 |
--------------------------------------------------------------------------------
/docs/api/codes.rst:
--------------------------------------------------------------------------------
1 | :mod:`sdv.codes` Module
2 | =======================
3 |
4 | .. automodule:: sdv.codes
5 | :members: EXIT_SUCCESS, EXIT_FAILURE, EXIT_SCHEMA_INVALID,
6 | EXIT_PROFILE_INVALID, EXIT_BEST_PRACTICE_INVALID, EXIT_VALIDATION_ERROR
7 |
--------------------------------------------------------------------------------
/sdv/resources/__init__.py:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2015, The MITRE Corporation. All rights reserved.
2 | # See LICENSE.txt for complete terms.
3 | import os
4 |
5 | # constants
6 | RESOURCES_ROOT = os.path.dirname(__file__)
7 | XSD_ROOT = os.path.abspath(os.path.join(RESOURCES_ROOT, 'xsd'))
--------------------------------------------------------------------------------
/setup.cfg:
--------------------------------------------------------------------------------
1 | [bumpversion]
2 | current_version = 3.0.0
3 | commit = True
4 | tag = True
5 |
6 | [bdist_wheel]
7 | universal = 1
8 |
9 | [bumpversion:file:sdv/version.py]
10 |
11 | [bumpversion:file:docs/getting_started.rst]
12 |
13 | [metadata]
14 | license_file = LICENSE.txt
15 |
--------------------------------------------------------------------------------
/docs/api/validators/stix_schema.rst:
--------------------------------------------------------------------------------
1 | :mod:`sdv.validators.stix.schema` Module
2 | ========================================
3 |
4 | .. module:: sdv.validators.stix.schema
5 |
6 | .. autoclass:: STIXSchemaValidator
7 | :show-inheritance:
8 |
9 | .. automethod:: validate(doc, version=None, schemaloc=False)
--------------------------------------------------------------------------------
/docs/api/validators/cybox_schema.rst:
--------------------------------------------------------------------------------
1 | :mod:`sdv.validators.cybox.schema` Module
2 | =========================================
3 |
4 | .. module:: sdv.validators.cybox.schema
5 |
6 | .. autoclass:: CyboxSchemaValidator
7 | :show-inheritance:
8 |
9 | .. automethod:: validate(doc, version=None, schemaloc=False)
10 |
--------------------------------------------------------------------------------
/docs/examples/index.rst:
--------------------------------------------------------------------------------
1 | Code Examples
2 | =============
3 |
4 | The following sections provide examples of how to perform
5 | XML Schema, STIX Profile, and STIX "Best Practices" validation with
6 | **stix-validator**.
7 |
8 | .. toctree::
9 | :maxdepth: 2
10 |
11 | schema
12 | best_practices
13 | profile
--------------------------------------------------------------------------------
/docs/api/validators/xml_schema.rst:
--------------------------------------------------------------------------------
1 | :mod:`sdv.validators.xml_schema` Module
2 | =======================================
3 |
4 | .. module:: sdv.validators.xml_schema
5 |
6 | .. autoclass:: XmlSchemaValidator
7 | :members: validate
8 |
9 | .. autoclass:: XmlValidationResults
10 | :members: is_valid, errors, as_json, as_dict
11 |
12 | .. autoclass:: XmlSchemaError
13 | :members: line, as_dict, as_json
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0/extensions/malware/readme.txt:
--------------------------------------------------------------------------------
1 | The default type for representing identities is the MAEC4.0InstanceType defined in maec_4.0.xsd.
2 |
3 | Please note that this extension is targeted against MAEC 4.0. At the time of the STIX 1.0 release MAEC 4.0 has not been released and the extension will not validate. Once MAEC 4.0 is released the STIX team will notify the community and the extension will start to work.
--------------------------------------------------------------------------------
/docs/api/validators/schematron.rst:
--------------------------------------------------------------------------------
1 | :mod:`sdv.validators.schematron` Module
2 | =======================================
3 |
4 |
5 | .. module:: sdv.validators.schematron
6 |
7 | .. autoclass:: SchematronValidator
8 | :members: validate
9 |
10 | .. autoclass:: SchematronValidationResults
11 | :members: is_valid, as_json, as_dict
12 | :show-inheritance:
13 |
14 | .. autoclass:: SchematronError
15 | :members: line, as_dict, as_json
16 | :show-inheritance:
17 |
--------------------------------------------------------------------------------
/docs/api/validators/stix_profile.rst:
--------------------------------------------------------------------------------
1 | :mod:`sdv.validators.stix.profile` Module
2 | =========================================
3 |
4 |
5 | .. module:: sdv.validators.stix.profile
6 |
7 | .. autoclass:: STIXProfileValidator
8 | :show-inheritance:
9 |
10 | .. automethod:: validate(doc)
11 |
12 | .. autoclass:: ProfileValidationResults
13 | :members: is_valid, as_json, as_dict
14 | :show-inheritance:
15 |
16 | .. autoclass:: ProfileError
17 | :members: line, as_dict, as_json
18 | :show-inheritance:
19 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0.1/cybox/extensions/platform/README.txt:
--------------------------------------------------------------------------------
1 | The PlatformSpecificationType, defined in the CybOX common schema, provides a way to provide a prose description of a platform as well as any number of platform identification values. If one wishes to provide a more structured description of a platform, they can define types that extend PlatformSpecificationType. These types would be indicated using an xsi:Type attribute in the relevant element in CybOX content. This directory provides CybOX default extensions to PlatformSpecificationType to support structured description of platforms.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0/cybox/extensions/platform/README.txt:
--------------------------------------------------------------------------------
1 | The PlatformSpecificationType, defined in the CybOX common schema, provides a way to provide a prose description of a platform as well as any number of platform identification values. If one wishes to provide a more structured description of a platform, they can define types that extend PlatformSpecificationType. These types would be indicated using an xsi:Type attribute in the relevant element in CybOX content. This directory provides CybOX default extensions to PlatformSpecificationType to support structured description of platforms.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1.1/cybox/extensions/platform/README.txt:
--------------------------------------------------------------------------------
1 | The PlatformSpecificationType, defined in the CybOX common schema, provides a way to provide a prose description of a platform as well as any number of platform identification values. If one wishes to provide a more structured description of a platform, they can define types that extend PlatformSpecificationType. These types would be indicated using an xsi:Type attribute in the relevant element in CybOX content. This directory provides CybOX default extensions to PlatformSpecificationType to support structured description of platforms.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1/cybox/extensions/platform/README.txt:
--------------------------------------------------------------------------------
1 | The PlatformSpecificationType, defined in the CybOX common schema, provides a way to provide a prose description of a platform as well as any number of platform identification values. If one wishes to provide a more structured description of a platform, they can define types that extend PlatformSpecificationType. These types would be indicated using an xsi:Type attribute in the relevant element in CybOX content. This directory provides CybOX default extensions to PlatformSpecificationType to support structured description of platforms.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2.1/cybox/extensions/platform/README.txt:
--------------------------------------------------------------------------------
1 | The PlatformSpecificationType, defined in the CybOX common schema, provides a way to provide a prose description of a platform as well as any number of platform identification values. If one wishes to provide a more structured description of a platform, they can define types that extend PlatformSpecificationType. These types would be indicated using an xsi:Type attribute in the relevant element in CybOX content. This directory provides CybOX default extensions to PlatformSpecificationType to support structured description of platforms.
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2/cybox/extensions/platform/README.txt:
--------------------------------------------------------------------------------
1 | The PlatformSpecificationType, defined in the CybOX common schema, provides a way to provide a prose description of a platform as well as any number of platform identification values. If one wishes to provide a more structured description of a platform, they can define types that extend PlatformSpecificationType. These types would be indicated using an xsi:Type attribute in the relevant element in CybOX content. This directory provides CybOX default extensions to PlatformSpecificationType to support structured description of platforms.
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | *.py[cod]
2 |
3 | # C extensions
4 | *.so
5 |
6 | # Packages
7 | *.egg
8 | *.egg-info
9 | dist
10 | build
11 | eggs
12 | parts
13 | bin
14 | var
15 | sdist
16 | develop-eggs
17 | .installed.cfg
18 | lib
19 | lib64
20 | __pycache__
21 |
22 | # Installer logs
23 | pip-log.txt
24 |
25 | # Unit test / coverage reports
26 | .coverage
27 | .tox
28 | nosetests.xml
29 |
30 | # Translations
31 | *.mo
32 |
33 | # Mr Developer
34 | .mr.developer.cfg
35 | .project
36 | .pydevproject
37 |
38 | # OSX
39 | .DS_Store
40 |
41 | # pycharm
42 | .idea/
43 | .idea
44 |
45 | # sphinx
46 | docs/_build
47 |
--------------------------------------------------------------------------------
/docs/api/validators/stix_best_practices.rst:
--------------------------------------------------------------------------------
1 | :mod:`sdv.validators.stix.best_practice` Module
2 | ===============================================
3 |
4 | .. module:: sdv.validators.stix.best_practice
5 |
6 | .. autoclass:: STIXBestPracticeValidator
7 | :show-inheritance:
8 |
9 | .. automethod:: validate(doc, version=None)
10 |
11 | .. autoclass:: BestPracticeWarning
12 | :members: line, as_dict, as_json, core_keys, other_keys
13 |
14 | .. autoclass:: BestPracticeWarningCollection
15 | :members:
16 | :undoc-members:
17 | :show-inheritance:
18 |
19 | .. autoclass:: BestPracticeValidationResults
20 | :members: is_valid, errors, as_json, as_dict
21 | :undoc-members:
22 | :show-inheritance:
23 |
24 |
--------------------------------------------------------------------------------
/docs/api/index.rst:
--------------------------------------------------------------------------------
1 | API Reference
2 | =============
3 |
4 | The **stix-validator** APIs provide methods for validating STIX and CybOX
5 | content. Listed below are the modules and packages provided by the
6 | **stix-validator** library.
7 |
8 | For examples of how make use of all of this, check out the
9 | :doc:`/examples/index` page.
10 |
11 | .. note::
12 |
13 | The **stix-validator** APIs are currently under heavy development. Feel free
14 | to check out our `issue tracker`_ to see what we're working on!
15 |
16 | .. _issue tracker: https://github.com/STIXProject/stix-validator/issues
17 |
18 | .. toctree::
19 | :titlesonly:
20 | :glob:
21 |
22 | sdv
23 | codes
24 | errors
25 | validators/*
26 | utils/index
27 |
--------------------------------------------------------------------------------
/tox.ini:
--------------------------------------------------------------------------------
1 | [tox]
2 | envlist = py38, py39, py310, py311, py312
3 |
4 | [testenv]
5 | commands =
6 | pytest sdv/test
7 | stix-validator examples/stix/all_valid.xml
8 | stix-validator examples/stix/all_valid.xml --json
9 | #stix-validator --profile examples/stix/Example_STIX_Profile.xlsx examples/stix/all_valid.xml
10 | #stix-validator --profile examples/stix/Example_STIX_Profile.xlsx examples/stix/all_valid.xml --json
11 | stix-validator --best-practices examples/stix/all_valid.xml
12 | stix-validator --best-practices examples/stix/all_valid.xml --json
13 | cybox-validator examples/cybox/schema_valid.xml
14 | cybox-validator examples/cybox/schema_valid.xml --json
15 | deps =
16 | -rrequirements.txt
17 |
18 | [travis]
19 | python =
20 | 3.8: py38
21 | 3.9: py39
22 | 3.10: py310
23 | 3.11: py311
24 | 3.12: py312
25 |
--------------------------------------------------------------------------------
/examples/cybox/schema_valid.xml:
--------------------------------------------------------------------------------
1 |
2 |
9 |
10 |
11 |
12 | mega
13 |
14 |
15 |
16 |
17 |
--------------------------------------------------------------------------------
/.github/workflows/python-ci-tests.yml:
--------------------------------------------------------------------------------
1 | # For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
2 |
3 | name: stix-validator test harness
4 | on: [push, pull_request]
5 |
6 | jobs:
7 | build:
8 |
9 | runs-on: ubuntu-latest
10 | strategy:
11 | matrix:
12 | python-version: [3.8, 3.9, '3.10', '3.11', '3.12']
13 |
14 | name: Python ${{ matrix.python-version }} Build
15 | steps:
16 | - uses: actions/checkout@v4
17 | with:
18 | submodules: true
19 | - name: Set up Python ${{ matrix.python-version }}
20 | uses: actions/setup-python@v5
21 | with:
22 | python-version: ${{ matrix.python-version }}
23 | - name: Install and update essential dependencies
24 | run: |
25 | pip install -U pip setuptools
26 | pip install tox-gh-actions
27 | - name: Test with Tox
28 | run: |
29 | tox
30 |
--------------------------------------------------------------------------------
/examples/cybox/schema_invalid.xml:
--------------------------------------------------------------------------------
1 |
2 |
9 |
10 |
11 |
12 | mega
13 | THIS SHOULD RAISE AN ERROR
14 |
15 |
16 |
17 |
18 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0.1/cybox/README.md:
--------------------------------------------------------------------------------
1 | # CybOX
2 |
3 | International in scope and free for public use, the Cyber Observable eXpression (CybOX) is a standardized
4 | schema for the specification, capture, characterization and communication of events or stateful properties
5 | that are observable in the operational domain. A wide variety of high-level cyber security use cases rely
6 | on such information including: event management/logging, malware characterization, intrusion detection,
7 | incident response/management, attack pattern characterization, etc. CybOX provides a common mechanism
8 | (structure and content) for addressing cyber observables across and among this full range of use cases
9 | improving consistency, efficiency, interoperability and overall situational awareness.
10 |
11 | Please visit the [CybOX Web Site](http://cybox.mitre.org) for more information about the CybOX Language.
12 |
13 | The CybOX Language operates under the [CybOX Terms of Use](http://cybox.mitre.org/about/termsofuse.html).
14 |
--------------------------------------------------------------------------------
/sdv/xmlconst.py:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2015, The MITRE Corporation. All rights reserved.
2 | # See LICENSE.txt for complete terms.
3 | """This file defines constants to be used in XML processing code."""
4 |
5 | # Namespaces
6 | NS_SAXON = "http://icl.com/saxon" # libxml2 requires this namespace
7 | NS_SAXON_SF_NET = "http://saxon.sf.net/"
8 | NS_SCHEMATRON = "http://purl.oclc.org/dsdl/schematron"
9 | NS_SVRL = "http://purl.oclc.org/dsdl/svrl"
10 | NS_XSI = "http://www.w3.org/2001/XMLSchema-instance"
11 | NS_XML_SCHEMA = "http://www.w3.org/2001/XMLSchema"
12 |
13 | # LXML QNAMES TAGS
14 | TAG_XS_INCLUDE = "{%s}include" % (NS_XML_SCHEMA)
15 | TAG_XS_IMPORT = "{%s}import" % (NS_XML_SCHEMA)
16 | TAG_XSI_TYPE = "{%s}type" % (NS_XSI)
17 | TAG_SCHEMALOCATION = "{%s}schemaLocation" % NS_XSI
18 | TAG_SVRL_FIRED_RULE = "{%s}fired-rule" % NS_SVRL
19 | TAG_SVRL_FAILED_ASSERT = "{%s}failed-assert" % NS_SVRL
20 | TAG_SVRL_SUCCESSFUL_REPORT = "{%s}successful-report" % NS_SVRL
21 |
22 |
23 | # Common XPaths
24 | XPATH_RELATIVE_CHILDREN = "./*"
25 | XPATH_RELATIVE_DESCENDANTS = ".//*"
26 |
--------------------------------------------------------------------------------
/docs/conf.py:
--------------------------------------------------------------------------------
1 | import os
2 |
3 | import sdv
4 |
5 | project = u'stix-validator'
6 | copyright = u'2015, The MITRE Corporation'
7 | version = sdv.__version__
8 | release = version
9 |
10 | extensions = [
11 | 'sphinx.ext.autodoc',
12 | 'sphinx.ext.doctest',
13 | 'sphinx.ext.ifconfig',
14 | 'sphinx.ext.intersphinx',
15 | 'sphinx.ext.viewcode',
16 | 'sphinx.ext.napoleon',
17 | ]
18 |
19 | intersphinx_mapping = {
20 | 'python': ('http://docs.python.org/', None),
21 | }
22 |
23 | templates_path = ['_templates']
24 | source_suffix = '.rst'
25 | master_doc = 'index'
26 |
27 | rst_prolog = """
28 | **Version**: {0}
29 | """.format(release)
30 |
31 | exclude_patterns = [
32 | '_build',
33 | ]
34 |
35 | on_rtd = os.environ.get('READTHEDOCS', None) == 'True'
36 | if not on_rtd:
37 | import sphinx_rtd_theme
38 | html_theme = 'sphinx_rtd_theme'
39 | html_theme_path = [sphinx_rtd_theme.get_html_theme_path()]
40 | else:
41 | html_theme = 'default'
42 |
43 | latex_elements = {}
44 | latex_documents = [
45 | ('index', 'stix-validator.tex', u'stix-validator Documentation',
46 | u'The MITRE Corporation', 'manual'),
47 | ]
48 |
--------------------------------------------------------------------------------
/sdv/codes.py:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2015, The MITRE Corporation. All rights reserved.
2 | # See LICENSE.txt for complete terms.
3 | '''
4 | This module defines exit status codes used by bundled scripts.
5 | '''
6 |
7 | #: Execution finished successfully. All STIX documents were valid for all user-
8 | #: specified validation scenarios.
9 | EXIT_SUCCESS = 0x0
10 |
11 | #: Execution finished with fatal system error. Some unhandled system exception
12 | #: was raised during execution.
13 | EXIT_FAILURE = 0x1
14 |
15 | #: Execution finished with at least one input document found to be schema-
16 | #: invalid.
17 | EXIT_SCHEMA_INVALID = 0x2
18 |
19 | #: Execution finished with at least one input document found to be profile
20 | #: invalid.
21 | EXIT_PROFILE_INVALID = 0x4
22 |
23 | #: Execution finished with at least one input document found to be best practice
24 | #: invalid.
25 | EXIT_BEST_PRACTICE_INVALID = 0x8
26 |
27 | #: An error occurred while validating an instance document. This can be caused
28 | #: by malformed input documents or file names that do not resolve to actual
29 | #: files.
30 | EXIT_VALIDATION_ERROR = 0x10
--------------------------------------------------------------------------------
/sdv/validators/__init__.py:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2015, The MITRE Corporation. All rights reserved.
2 | # See LICENSE.txt for complete terms.
3 |
4 | # internal
5 | from sdv import errors, utils
6 |
7 | # relative
8 | from .xml_schema import * # noqa
9 | from .schematron import * # noqa
10 | from .stix import * # noqa
11 | from .cybox import * # noqa
12 |
13 |
14 | def get_xml_validator_class(doc):
15 | """Returns the XML validator class required to validate the input
16 | `doc`.
17 |
18 | Args:
19 | doc: An XML document. This can be a filename, file-like object,
20 | ``etree._Element``, or ``etree._ElementTree`` instance.
21 |
22 | Returns:
23 | An XML Schema validator class (not object instance) which provides
24 | validation functionality required to validate `doc`.
25 |
26 | """
27 | root = utils.get_etree_root(doc)
28 |
29 | if utils.is_stix(root):
30 | return STIXSchemaValidator
31 |
32 | if utils.is_cybox(root):
33 | return CyboxSchemaValidator
34 |
35 | ns = utils.get_namespace(root)
36 | error = (
37 | "Unable determine validator class for input type. Root element "
38 | "namespace: {0}"
39 | ).format(ns)
40 |
41 | raise errors.ValidationError(error)
42 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0.1/external/open_ioc_2010/ioc-TR.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0/external/open_ioc_2010/ioc-TR.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1.1/external/open_ioc_2010/ioc-TR.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1/external/open_ioc_2010/ioc-TR.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2.1/external/open_ioc_2010/ioc-TR.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2/external/open_ioc_2010/ioc-TR.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
--------------------------------------------------------------------------------
/LICENSE.txt:
--------------------------------------------------------------------------------
1 | Copyright (c) 2015, The MITRE Corporation
2 | All rights reserved.
3 |
4 | Redistribution and use in source and binary forms, with or without
5 | modification, are permitted provided that the following conditions are met:
6 | * Redistributions of source code must retain the above copyright
7 | notice, this list of conditions and the following disclaimer.
8 | * Redistributions in binary form must reproduce the above copyright
9 | notice, this list of conditions and the following disclaimer in the
10 | documentation and/or other materials provided with the distribution.
11 | * Neither the name of The MITRE Corporation nor the
12 | names of its contributors may be used to endorse or promote products
13 | derived from this software without specific prior written permission.
14 |
15 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
16 | ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
17 | WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
18 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
19 | ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
20 | (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
21 | LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
22 | ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
24 | SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0.1/README.md:
--------------------------------------------------------------------------------
1 | # STIX
2 |
3 | Structured Threat Information eXpression (STIX) is a collaborative community-driven effort to define and develop a standardized language to represent structured cyber threat information. The STIX Language intends to convey the full range of potential cyber threat information and strives to be fully expressive, flexible, extensible, automatable, and as human-readable as possible. All interested parties are welcome to participate in evolving STIX as part of its open, collaborative community.
4 |
5 | Please visit the [STIX Web Site](http://stix.mitre.org) for more information about the STIX Language.
6 |
7 | The STIX Language operates under the [STIX Terms of Use](http://stix.mitre.org/about/termsofuse.html).
8 |
9 | ## Cloning the repository
10 |
11 | This STIX schemas repository uses [git submodules](http://git-scm.com/book/en/Git-Tools-Submodules) in order to include the CybOX schemas (which are a dependency of the STIX schemas).
12 |
13 | A straight `git clone` command will not retrieve these automatically, you'll end up with an empty cybox directory rather than the schemas. To fix this you need to initialize and then update the submodules by running:
14 |
15 | git submodule init
16 | git submodule update
17 |
18 | Alternatively, using the `--recursive` flag when cloning the repository will automatically initialize and update the submodules.
19 |
20 | Finally, any time you see that the cybox directory has been modified (when merging or pulling updates) you will need to run `git submodule update` again to actually update the schemas themselves.
--------------------------------------------------------------------------------
/sdv/test/stix_profile_test.py:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2015, The MITRE Corporation. All rights reserved.
2 | # See LICENSE.txt for complete terms.
3 |
4 | from io import StringIO
5 | import unittest
6 |
7 | import sdv
8 | import sdv.errors as errors
9 | from sdv.validators.stix.profile import InstanceMapping
10 |
11 | STIX_NO_VERSION_XML = \
12 | """
13 |
17 |
18 | Unknown version of STIX
19 |
20 |
21 | """
22 |
23 | class STIXProfileTests(unittest.TestCase):
24 | def test_invalid_profile(self):
25 | xml = StringIO(STIX_NO_VERSION_XML)
26 | func = sdv.validate_profile
27 | self.assertRaises(errors.ProfileParseError, func, xml, "INVALID Profile DOC")
28 |
29 |
30 | class InstanceMappingTests(unittest.TestCase):
31 | _NSMAP = {
32 | 'http://stix.mitre.org/stix-1': 'stix'
33 | }
34 | _NAMESPACE = "http://stix.mitre.org/stix-1"
35 | _SELECTORS = "stix:STIX_Package, //stix:Package"
36 | _LABEL = "STIXType"
37 |
38 | def test_missing_label(self):
39 | mapping = InstanceMapping(self._NSMAP)
40 | mapping.selectors = "stix:STIX_Package, //stix:Package"
41 | mapping.namespace = self._NAMESPACE
42 | self.assertRaises(errors.ProfileParseError, mapping.validate)
43 |
44 | def test_missing_namespace(self):
45 | mapping = InstanceMapping(self._NSMAP)
46 | mapping.selectors = "stix:STIX_Package, //stix:Package"
47 | mapping.label = "STIXType"
48 | self.assertRaises(errors.ProfileParseError, mapping.validate)
49 |
50 | def test_invalid_namespace(self):
51 | mapping = InstanceMapping(self._NSMAP)
52 | mapping.selectors = "stix:STIX_Package, //stix:Package"
53 | mapping.label = "STIXType"
54 |
55 | def set_namespace():
56 | mapping.namespace = "this will fail"
57 |
58 | self.assertRaises(errors.ProfileParseError, set_namespace)
59 |
60 | if __name__ == '__main__':
61 | unittest.main()
62 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1.1/cybox/external/oasis_ciq_3.0/xNAL-types.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Specification Name: OASIS CIQ TC - extensible Name and Address Language Types (xNAL-types)
6 | Description: Defines the W3C schema that provides enumeration lists to support xNAL v3.0
7 | (Using XML Schema based standard code list/enumeration mechanism - OPTION 1 AND DEFAULT)
8 | Produced by: OASIS Customer Information Quality Technical Committee
9 | URL: http://www.oasis-open.org/committees/ciq
10 | Version: 3.0
11 | Status: Committee Specification CS02
12 | Copyright: 2007-09, OASIS, http://www.oasis-open.org
13 | Last Modified: 20 September 2008
14 | Last Modified by: Ram Kumar, Chair, OASIS CIQ TC
15 |
16 | NOTE: This is the schema that users can customise the enumeration lists to meet their
17 | exchange requirements. The enumeration values provided are ONLY SAMPLES and
18 | is not complete. It is upto the application to decide what the values should be. To achieve
19 | interoperability between applications using this specification, it is recommended that an
20 | SLA/agreement is in place as to what the enumeration values will be used in this file
21 |
22 | Please note: These schemas have been modified by the STIX team to support remote validation. The only change made is to the schemaLocation attribute(s).
23 |
24 |
25 |
26 | A list of possible values for dependency name type
27 |
28 |
29 |
30 |
31 |
32 | A list of all types of Record IDs
33 |
34 |
35 |
36 |
37 |
--------------------------------------------------------------------------------
/sdv/scripts/profile_to_xslt.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | # Copyright (c) 2015, The MITRE Corporation. All rights reserved.
4 | # See LICENSE.txt for complete terms.
5 |
6 | """
7 | STIX profile to XSLT
8 | This script takes a STIX profile, converts it to xslt, then prints to stdout
9 | """
10 |
11 | import sys
12 | import logging
13 | import argparse
14 |
15 | import sdv
16 | import sdv.codes as codes
17 | import sdv.scripts as scripts
18 |
19 |
20 | def _convert_profile(options):
21 | # Converts a STIX Profile XSLT format and prints to stdout.
22 |
23 | profile = options.in_profile
24 |
25 | xslt = sdv.profile_to_xslt(profile)
26 | xslt.write(
27 | sys.stdout,
28 | pretty_print=True,
29 | xml_declaration=True,
30 | encoding="UTF-8"
31 | )
32 |
33 |
34 | def _get_arg_parser():
35 | """Initializes and returns an argparse.ArgumentParser instance for this
36 | application.
37 |
38 | Returns:
39 | Instance of ``argparse.ArgumentParser``
40 |
41 | """
42 | parser = argparse.ArgumentParser(
43 | description="STIX Profile to XSLT v%s" % sdv.__version__
44 | )
45 |
46 | parser.add_argument(
47 | "profile",
48 | help="STIX profile filename to be converted to XSLT"
49 | )
50 |
51 | return parser
52 |
53 |
54 | def main():
55 | # Main for profile-to-xslt.py
56 | parser = _get_arg_parser()
57 | args = parser.parse_args()
58 |
59 | try:
60 | # Assume valid XML, prep profile for conversion
61 | options = scripts.ValidationOptions()
62 | options.in_profile = args.profile
63 |
64 | # Convert the profile
65 | _convert_profile(options)
66 |
67 | # If no exception was thrown, then conversion was successful.
68 | sys.exit(codes.EXIT_SUCCESS)
69 |
70 | except scripts.ArgumentError as ex:
71 | if ex.show_help:
72 | parser.print_help()
73 | scripts.error(ex)
74 | except Exception:
75 | logging.exception("Fatal error occurred")
76 | sys.exit(codes.EXIT_FAILURE)
77 |
78 |
79 | if __name__ == '__main__':
80 | main()
81 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0.1/external/oasis_ciq_3.0/xNAL-types.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Specification Name: OASIS CIQ TC - extensible Name and Address Language Types (xNAL-types)
6 | Description: Defines the W3C schema that provides enumeration lists to support xNAL v3.0
7 | (Using XML Schema based standard code list/enumeration mechanism - OPTION 1 AND DEFAULT)
8 | Produced by: OASIS Customer Information Quality Technical Committee
9 | URL: http://www.oasis-open.org/committees/ciq
10 | Version: 3.0
11 | Status: Committee Specification CS02
12 | Copyright: 2007-09, OASIS, http://www.oasis-open.org
13 | Last Modified: 20 September 2008
14 | Last Modified by: Ram Kumar, Chair, OASIS CIQ TC
15 |
16 | NOTE: This is the schema that users can customise the enumeration lists to meet their
17 | exchange requirements. The enumeration values provided are ONLY SAMPLES and
18 | is not complete. It is upto the application to decide what the values should be. To achieve
19 | interoperability between applications using this specification, it is recommended that an
20 | SLA/agreement is in place as to what the enumeration values will be used in this file
21 |
22 | Please note: These schemas have been modified by the STIX team to support remote validation. The only change made is to the schemaLocation attribute(s).
23 |
24 |
25 |
26 | A list of possible values for dependency name type
27 |
28 |
29 |
30 |
31 |
32 | A list of all types of Record IDs
33 |
34 |
35 |
36 |
37 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0/external/oasis_ciq_3.0/xNAL-types.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Specification Name: OASIS CIQ TC - extensible Name and Address Language Types (xNAL-types)
6 | Description: Defines the W3C schema that provides enumeration lists to support xNAL v3.0
7 | (Using XML Schema based standard code list/enumeration mechanism - OPTION 1 AND DEFAULT)
8 | Produced by: OASIS Customer Information Quality Technical Committee
9 | URL: http://www.oasis-open.org/committees/ciq
10 | Version: 3.0
11 | Status: Committee Specification CS02
12 | Copyright: 2007-09, OASIS, http://www.oasis-open.org
13 | Last Modified: 20 September 2008
14 | Last Modified by: Ram Kumar, Chair, OASIS CIQ TC
15 |
16 | NOTE: This is the schema that users can customise the enumeration lists to meet their
17 | exchange requirements. The enumeration values provided are ONLY SAMPLES and
18 | is not complete. It is upto the application to decide what the values should be. To achieve
19 | interoperability between applications using this specification, it is recommended that an
20 | SLA/agreement is in place as to what the enumeration values will be used in this file
21 |
22 | Please note: These schemas have been modified by the STIX team to support remote validation. The only change made is to the schemaLocation attribute(s).
23 |
24 |
25 |
26 | A list of possible values for dependency name type
27 |
28 |
29 |
30 |
31 |
32 | A list of all types of Record IDs
33 |
34 |
35 |
36 |
37 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1.1/external/oasis_ciq_3.0/xNAL-types.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Specification Name: OASIS CIQ TC - extensible Name and Address Language Types (xNAL-types)
6 | Description: Defines the W3C schema that provides enumeration lists to support xNAL v3.0
7 | (Using XML Schema based standard code list/enumeration mechanism - OPTION 1 AND DEFAULT)
8 | Produced by: OASIS Customer Information Quality Technical Committee
9 | URL: http://www.oasis-open.org/committees/ciq
10 | Version: 3.0
11 | Status: Committee Specification CS02
12 | Copyright: 2007-09, OASIS, http://www.oasis-open.org
13 | Last Modified: 20 September 2008
14 | Last Modified by: Ram Kumar, Chair, OASIS CIQ TC
15 |
16 | NOTE: This is the schema that users can customise the enumeration lists to meet their
17 | exchange requirements. The enumeration values provided are ONLY SAMPLES and
18 | is not complete. It is upto the application to decide what the values should be. To achieve
19 | interoperability between applications using this specification, it is recommended that an
20 | SLA/agreement is in place as to what the enumeration values will be used in this file
21 |
22 | Please note: These schemas have been modified by the STIX team to support remote validation. The only change made is to the schemaLocation attribute(s).
23 |
24 |
25 |
26 | A list of possible values for dependency name type
27 |
28 |
29 |
30 |
31 |
32 | A list of all types of Record IDs
33 |
34 |
35 |
36 |
37 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1/external/oasis_ciq_3.0/xNAL-types.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Specification Name: OASIS CIQ TC - extensible Name and Address Language Types (xNAL-types)
6 | Description: Defines the W3C schema that provides enumeration lists to support xNAL v3.0
7 | (Using XML Schema based standard code list/enumeration mechanism - OPTION 1 AND DEFAULT)
8 | Produced by: OASIS Customer Information Quality Technical Committee
9 | URL: http://www.oasis-open.org/committees/ciq
10 | Version: 3.0
11 | Status: Committee Specification CS02
12 | Copyright: 2007-09, OASIS, http://www.oasis-open.org
13 | Last Modified: 20 September 2008
14 | Last Modified by: Ram Kumar, Chair, OASIS CIQ TC
15 |
16 | NOTE: This is the schema that users can customise the enumeration lists to meet their
17 | exchange requirements. The enumeration values provided are ONLY SAMPLES and
18 | is not complete. It is upto the application to decide what the values should be. To achieve
19 | interoperability between applications using this specification, it is recommended that an
20 | SLA/agreement is in place as to what the enumeration values will be used in this file
21 |
22 | Please note: These schemas have been modified by the STIX team to support remote validation. The only change made is to the schemaLocation attribute(s).
23 |
24 |
25 |
26 | A list of possible values for dependency name type
27 |
28 |
29 |
30 |
31 |
32 | A list of all types of Record IDs
33 |
34 |
35 |
36 |
37 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2.1/external/oasis_ciq_3.0/xNAL-types.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Specification Name: OASIS CIQ TC - extensible Name and Address Language Types (xNAL-types)
6 | Description: Defines the W3C schema that provides enumeration lists to support xNAL v3.0
7 | (Using XML Schema based standard code list/enumeration mechanism - OPTION 1 AND DEFAULT)
8 | Produced by: OASIS Customer Information Quality Technical Committee
9 | URL: http://www.oasis-open.org/committees/ciq
10 | Version: 3.0
11 | Status: Committee Specification CS02
12 | Copyright: 2007-09, OASIS, http://www.oasis-open.org
13 | Last Modified: 20 September 2008
14 | Last Modified by: Ram Kumar, Chair, OASIS CIQ TC
15 |
16 | NOTE: This is the schema that users can customise the enumeration lists to meet their
17 | exchange requirements. The enumeration values provided are ONLY SAMPLES and
18 | is not complete. It is upto the application to decide what the values should be. To achieve
19 | interoperability between applications using this specification, it is recommended that an
20 | SLA/agreement is in place as to what the enumeration values will be used in this file
21 |
22 | Please note: These schemas have been modified by the STIX team to support remote validation. The only change made is to the schemaLocation attribute(s).
23 |
24 |
25 |
26 | A list of possible values for dependency name type
27 |
28 |
29 |
30 |
31 |
32 | A list of all types of Record IDs
33 |
34 |
35 |
36 |
37 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2/external/oasis_ciq_3.0/xNAL-types.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Specification Name: OASIS CIQ TC - extensible Name and Address Language Types (xNAL-types)
6 | Description: Defines the W3C schema that provides enumeration lists to support xNAL v3.0
7 | (Using XML Schema based standard code list/enumeration mechanism - OPTION 1 AND DEFAULT)
8 | Produced by: OASIS Customer Information Quality Technical Committee
9 | URL: http://www.oasis-open.org/committees/ciq
10 | Version: 3.0
11 | Status: Committee Specification CS02
12 | Copyright: 2007-09, OASIS, http://www.oasis-open.org
13 | Last Modified: 20 September 2008
14 | Last Modified by: Ram Kumar, Chair, OASIS CIQ TC
15 |
16 | NOTE: This is the schema that users can customise the enumeration lists to meet their
17 | exchange requirements. The enumeration values provided are ONLY SAMPLES and
18 | is not complete. It is upto the application to decide what the values should be. To achieve
19 | interoperability between applications using this specification, it is recommended that an
20 | SLA/agreement is in place as to what the enumeration values will be used in this file
21 |
22 | Please note: These schemas have been modified by the STIX team to support remote validation. The only change made is to the schemaLocation attribute(s).
23 |
24 |
25 |
26 | A list of possible values for dependency name type
27 |
28 |
29 |
30 |
31 |
32 | A list of all types of Record IDs
33 |
34 |
35 |
36 |
37 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1/cybox/external/oasis_ciq_3.0/xNAL-types.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Specification Name: OASIS CIQ TC - extensible Name and Address Language Types (xNAL-types)
6 | Description: Defines the W3C schema that provides enumeration lists to support xNAL v3.0
7 | (Using XML Schema based standard code list/enumeration mechanism - OPTION 1 AND DEFAULT)
8 | Produced by: OASIS Customer Information Quality Technical Committee
9 | URL: http://www.oasis-open.org/committees/ciq
10 | Version: 3.0
11 | Status: Committee Specification CS02
12 | Copyright: 2007-09, OASIS, http://www.oasis-open.org
13 | Last Modified: 20 September 2008
14 | Last Modified by: Ram Kumar, Chair, OASIS CIQ TC
15 |
16 | NOTE: This is the schema that users can customise the enumeration lists to meet their
17 | exchange requirements. The enumeration values provided are ONLY SAMPLES and
18 | is not complete. It is upto the application to decide what the values should be. To achieve
19 | interoperability between applications using this specification, it is recommended that an
20 | SLA/agreement is in place as to what the enumeration values will be used in this file
21 |
22 | Please note: These schemas have been modified by the STIX team to support remote validation. The only change made is to the schemaLocation attribute(s).
23 |
24 |
25 |
26 | A list of possible values for dependency name type
27 |
28 |
29 |
30 |
31 |
32 | A list of all types of Record IDs
33 |
34 |
35 |
36 |
37 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2/cybox/external/oasis_ciq_3.0/xNAL-types.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Specification Name: OASIS CIQ TC - extensible Name and Address Language Types (xNAL-types)
6 | Description: Defines the W3C schema that provides enumeration lists to support xNAL v3.0
7 | (Using XML Schema based standard code list/enumeration mechanism - OPTION 1 AND DEFAULT)
8 | Produced by: OASIS Customer Information Quality Technical Committee
9 | URL: http://www.oasis-open.org/committees/ciq
10 | Version: 3.0
11 | Status: Committee Specification CS02
12 | Copyright: 2007-09, OASIS, http://www.oasis-open.org
13 | Last Modified: 20 September 2008
14 | Last Modified by: Ram Kumar, Chair, OASIS CIQ TC
15 |
16 | NOTE: This is the schema that users can customise the enumeration lists to meet their
17 | exchange requirements. The enumeration values provided are ONLY SAMPLES and
18 | is not complete. It is upto the application to decide what the values should be. To achieve
19 | interoperability between applications using this specification, it is recommended that an
20 | SLA/agreement is in place as to what the enumeration values will be used in this file
21 |
22 | Please note: These schemas have been modified by the STIX team to support remote validation. The only change made is to the schemaLocation attribute(s).
23 |
24 |
25 |
26 | A list of possible values for dependency name type
27 |
28 |
29 |
30 |
31 |
32 | A list of all types of Record IDs
33 |
34 |
35 |
36 |
37 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2.1/cybox/external/oasis_ciq_3.0/xNAL-types.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Specification Name: OASIS CIQ TC - extensible Name and Address Language Types (xNAL-types)
6 | Description: Defines the W3C schema that provides enumeration lists to support xNAL v3.0
7 | (Using XML Schema based standard code list/enumeration mechanism - OPTION 1 AND DEFAULT)
8 | Produced by: OASIS Customer Information Quality Technical Committee
9 | URL: http://www.oasis-open.org/committees/ciq
10 | Version: 3.0
11 | Status: Committee Specification CS02
12 | Copyright: 2007-09, OASIS, http://www.oasis-open.org
13 | Last Modified: 20 September 2008
14 | Last Modified by: Ram Kumar, Chair, OASIS CIQ TC
15 |
16 | NOTE: This is the schema that users can customise the enumeration lists to meet their
17 | exchange requirements. The enumeration values provided are ONLY SAMPLES and
18 | is not complete. It is upto the application to decide what the values should be. To achieve
19 | interoperability between applications using this specification, it is recommended that an
20 | SLA/agreement is in place as to what the enumeration values will be used in this file
21 |
22 | Please note: These schemas have been modified by the STIX team to support remote validation. The only change made is to the schemaLocation attribute(s).
23 |
24 |
25 |
26 | A list of possible values for dependency name type
27 |
28 |
29 |
30 |
31 |
32 | A list of all types of Record IDs
33 |
34 |
35 |
36 |
37 |
--------------------------------------------------------------------------------
/sdv/scripts/profile_to_sch.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | # Copyright (c) 2015, The MITRE Corporation. All rights reserved.
4 | # See LICENSE.txt for complete terms.
5 |
6 | """
7 | STIX profile to Schematron
8 | This script takes a STIX profile, converts it to Schematron, then prints to stdout
9 | """
10 |
11 | import sys
12 | import logging
13 | import argparse
14 |
15 | import sdv
16 | import sdv.codes as codes
17 | import sdv.scripts as scripts
18 |
19 |
20 | def _convert_profile(options):
21 | # Converts a STIX Profile Schematron format and prints to stdout.
22 |
23 | profile = options.in_profile
24 |
25 | schematron = sdv.profile_to_schematron(profile)
26 | schematron.write(
27 | sys.stdout,
28 | pretty_print=True,
29 | xml_declaration=True,
30 | encoding="UTF-8"
31 | )
32 |
33 |
34 | def _get_arg_parser():
35 | """Initializes and returns an argparse.ArgumentParser instance for this
36 | application.
37 |
38 | Returns:
39 | Instance of ``argparse.ArgumentParser``
40 |
41 | """
42 | parser = argparse.ArgumentParser(
43 | description="STIX Profile to Schematron v%s" % sdv.__version__
44 | )
45 |
46 | parser.add_argument(
47 | "profile",
48 | help="STIX Profile filename to be converted to Schematron."
49 | )
50 |
51 | return parser
52 |
53 |
54 | def main():
55 | # Main for profile-to-sch.py
56 | parser = _get_arg_parser()
57 | args = parser.parse_args()
58 |
59 | try:
60 | # Assume valid XML, prep profile for conversion
61 | options = scripts.ValidationOptions()
62 | options.in_profile = args.profile
63 |
64 | # Convert the profile
65 | _convert_profile(options)
66 |
67 | # If no exception was thrown, then conversion was successful.
68 | sys.exit(codes.EXIT_SUCCESS)
69 |
70 | except scripts.ArgumentError as ex:
71 | if ex.show_help:
72 | parser.print_help()
73 | scripts.error(ex)
74 | except Exception:
75 | logging.exception("Fatal error occurred")
76 | sys.exit(codes.EXIT_FAILURE)
77 |
78 |
79 | if __name__ == '__main__':
80 | main()
81 |
--------------------------------------------------------------------------------
/examples/stix/all_valid.xml:
--------------------------------------------------------------------------------
1 |
2 |
13 |
14 |
15 | Sample Domain Watchlist Indicator
16 | Domain Watchlist
17 | Sample domain Indicator for this watchlist
18 |
19 | 2014-02-20T09:00:00.000000Z
20 |
21 |
22 |
23 |
24 | www.example.com
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 | High
33 |
34 |
35 |
36 |
37 |
38 | Malware Infrastructure
39 |
40 |
41 |
42 |
--------------------------------------------------------------------------------
/docs/index.rst:
--------------------------------------------------------------------------------
1 | stix-validator |release| Documentation
2 | ======================================
3 |
4 | The Structued Threat Information eXpression (STIX) and Cyber Observable
5 | eXpression (CybOX) are collaborative, community-driven efforts to define and
6 | develop standardized languages to represent structured cyber threat information
7 | and are currently implemented in XML Schema.
8 |
9 | The **stix-validator** library and scripts helps validate `STIX XML`_ content
10 | using XML Schema, `STIX Suggested Practices`_, and `STIX Profile`_
11 | validation. The **stix-validator** library also provides `CybOX XML`_
12 | validation capabilities!
13 |
14 | .. _CybOX XML: http://cybox.mitre.org/language/
15 | .. _STIX XML: http://stix.mitre.org/language/
16 | .. _STIX Profile: http://stixproject.github.io/documentation/profiles/
17 | .. _STIX Suggested Practices: http://stixproject.github.io/documentation/suggested-practices/
18 |
19 | For more information about STIX, please visit the `STIX homepage`_
20 | and `STIX Documentation website`_. For more information about CybOX, please
21 | visit the `CybOX homepage`_ and the `CybOX Documentation website`_.
22 |
23 | .. _STIX homepage: http://stix.mitre.org/
24 | .. _STIX Documentation website: http://stixproject.github.io
25 | .. _CybOX homepage: http://cybox.mitre.org/
26 | .. _CybOX Documentation website: http://cyboxproject.github.io
27 |
28 | Contents
29 | ========
30 |
31 | .. toctree::
32 | :maxdepth: 2
33 |
34 | installation
35 | getting_started
36 |
37 | API Documentation
38 | =================
39 |
40 | .. toctree::
41 | :maxdepth: 2
42 |
43 | api/index
44 |
45 | Code Examples
46 | =============
47 |
48 | .. toctree::
49 | :maxdepth: 2
50 |
51 | examples/index
52 |
53 |
54 | Contributing
55 | ============
56 |
57 | If a bug is found, a feature is missing, or something just isn't behaving the
58 | way you'd expect it to, please submit an issue to our `tracker`_. If you'd like
59 | to contribute code to our repository, you can do so by issuing a `pull request`_
60 | and we will work with you to try and integrate that code into our repository.
61 |
62 | .. _tracker: https://github.com/STIXProject/stix-validator/issues
63 | .. _pull request: https://help.github.com/articles/using-pull-requests
64 |
65 |
66 | Indices and tables
67 | ==================
68 |
69 | * :ref:`genindex`
70 | * :ref:`modindex`
71 | * :ref:`search`
72 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0/cybox/objects/Link_Object.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org.
5 |
6 | Link_Object
7 | 1.0
8 | 03/27/2013 9:00:00 AM
9 | The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML.
10 | Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1.1/cybox/external/cpe_2.3/cpe-naming_2.3.xsd:
--------------------------------------------------------------------------------
1 |
2 |
5 |
6 |
7 |
8 | CPE 2.3 Naming
9 | Adam Halbardier
10 | 2.3
11 | 2011-07-29
12 |
13 |
14 |
15 |
16 |
17 | Define the format for acceptable CPE Names. A URN format is used with the
18 | id starting with the word cpe followed by :/ and then some number of individual components separated by
19 | colons.
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 | Define the format for acceptable CPE Names. A string format is used with
28 | the id starting with the word cpe:2.3 followed by : and then some number of individual components
29 | separated by colons.
30 |
31 |
32 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
44 |
45 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1/cybox/external/cpe_2.3/cpe-naming_2.3.xsd:
--------------------------------------------------------------------------------
1 |
2 |
5 |
6 |
7 |
8 | CPE 2.3 Naming
9 | Adam Halbardier
10 | 2.3
11 | 2011-07-29
12 |
13 |
14 |
15 |
16 |
17 | Define the format for acceptable CPE Names. A URN format is used with the
18 | id starting with the word cpe followed by :/ and then some number of individual components separated by
19 | colons.
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 | Define the format for acceptable CPE Names. A string format is used with
28 | the id starting with the word cpe:2.3 followed by : and then some number of individual components
29 | separated by colons.
30 |
31 |
32 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
44 |
45 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2/cybox/external/cpe_2.3/cpe-naming_2.3.xsd:
--------------------------------------------------------------------------------
1 |
2 |
5 |
6 |
7 |
8 | CPE 2.3 Naming
9 | Adam Halbardier
10 | 2.3
11 | 2011-07-29
12 |
13 |
14 |
15 |
16 |
17 | Define the format for acceptable CPE Names. A URN format is used with the
18 | id starting with the word cpe followed by :/ and then some number of individual components separated by
19 | colons.
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 | Define the format for acceptable CPE Names. A string format is used with
28 | the id starting with the word cpe:2.3 followed by : and then some number of individual components
29 | separated by colons.
30 |
31 |
32 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
44 |
45 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0.1/cybox/extensions/platform/cpe-naming_2.3.xsd:
--------------------------------------------------------------------------------
1 |
2 |
5 |
6 |
7 |
8 | CPE 2.3 Naming
9 | Adam Halbardier
10 | 2.3
11 | 2011-07-29
12 |
13 |
14 |
15 |
16 |
17 | Define the format for acceptable CPE Names. A URN format is used with the
18 | id starting with the word cpe followed by :/ and then some number of individual components separated by
19 | colons.
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 | Define the format for acceptable CPE Names. A string format is used with
28 | the id starting with the word cpe:2.3 followed by : and then some number of individual components
29 | separated by colons.
30 |
31 |
32 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
44 |
45 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2.1/cybox/external/cpe_2.3/cpe-naming_2.3.xsd:
--------------------------------------------------------------------------------
1 |
2 |
5 |
6 |
7 |
8 | CPE 2.3 Naming
9 | Adam Halbardier
10 | 2.3
11 | 2011-07-29
12 |
13 |
14 |
15 |
16 |
17 | Define the format for acceptable CPE Names. A URN format is used with the
18 | id starting with the word cpe followed by :/ and then some number of individual components separated by
19 | colons.
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 | Define the format for acceptable CPE Names. A string format is used with
28 | the id starting with the word cpe:2.3 followed by : and then some number of individual components
29 | separated by colons.
30 |
31 |
32 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
44 |
45 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1.1/cybox/extensions/location/ciq_address_3.0.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org.
5 |
6 | CybOX Extension - CIQ Address 3.0 Instance
7 | 1.0
8 | 01/22/2014
9 | Cyber Observable eXpression (CybOX) Extension - CIQ Address 3.0 Instance - Schematic implementation for the using version 3.0 of CIQ to describe an Location within the CybOX cyber observable expression language.
10 | Copyright (c) 2012-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 |
17 | The CIQAddress3.0InstanceType provides an extension to the AddressAbstractType which imports and leverages version 3.0 of the OASIS CIQ-PIL schema for structured characterization of Addresses.
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1/cybox/extensions/location/ciq_address_3.0.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org.
5 |
6 | CybOX Extension - CIQ Address 3.0 Instance
7 | 1.0
8 | 01/22/2014
9 | Cyber Observable eXpression (CybOX) Extension - CIQ Address 3.0 Instance - Schematic implementation for the using version 3.0 of CIQ to describe an Location within the CybOX cyber observable expression language.
10 | Copyright (c) 2012-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 |
17 | The CIQAddress3.0InstanceType provides an extension to the AddressAbstractType which imports and leverages version 3.0 of the OASIS CIQ-PIL schema for structured characterization of Addresses.
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2/cybox/extensions/location/ciq_address_3.0.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org.
5 |
6 | CybOX Extension - CIQ Address 3.0 Instance
7 | 1.0
8 | 01/22/2014
9 | Cyber Observable eXpression (CybOX) Extension - CIQ Address 3.0 Instance - Schematic implementation for the using version 3.0 of CIQ to describe an Location within the CybOX cyber observable expression language.
10 | Copyright (c) 2012-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 |
17 | The CIQAddress3.0InstanceType provides an extension to the AddressAbstractType which imports and leverages version 3.0 of the OASIS CIQ-PIL schema for structured characterization of Addresses.
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/setup.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | # Copyright (c) 2015 - The MITRE Corporation
4 | # For license information, see the LICENSE.txt file
5 |
6 | from os.path import abspath, dirname, join
7 | import sys
8 |
9 | from setuptools import setup, find_packages
10 |
11 | BASE_DIR = dirname(abspath(__file__))
12 | VERSION_FILE = join(BASE_DIR, 'sdv', 'version.py')
13 |
14 |
15 | def get_version():
16 | with open(VERSION_FILE) as f:
17 | for line in f.readlines():
18 | if line.startswith("__version__"):
19 | version = line.split()[-1].strip('"')
20 | return version
21 | raise AttributeError("Package does not have a __version__")
22 |
23 |
24 | fn_readme = join(BASE_DIR, "README.rst")
25 | with open(fn_readme) as f:
26 | readme = f.read()
27 |
28 | install_requires = [
29 | 'xlrd>=0.9.2',
30 | 'ordereddict',
31 | 'python-dateutil',
32 | 'packaging',
33 | 'lxml>=3.3.5',
34 | 'setuptools',
35 | ]
36 |
37 |
38 | extras_require = {
39 | 'docs': [
40 | 'Sphinx==1.3.1',
41 | 'sphinx_rtd_theme==0.1.8',
42 | ],
43 | 'test': [
44 | "bumpversion",
45 | "pytest",
46 | "tox"
47 | ],
48 | }
49 |
50 | setup(
51 | name='stix-validator',
52 | description='APIs and scripts for validating STIX and CybOX documents.',
53 | author='The MITRE Corporation',
54 | author_email='stix@mitre.org',
55 | url='http://stix.mitre.org/',
56 | version=get_version(),
57 | packages=find_packages(),
58 | entry_points={
59 | 'console_scripts': [
60 | 'stix-validator = sdv.scripts.stix_validator:main',
61 | 'cybox-validator = sdv.scripts.cybox_validator:main',
62 | 'profile-to-sch = sdv.scripts.profile_to_sch:main',
63 | 'profile-to-xslt = sdv.scripts.profile_to_xslt:main',
64 | ],
65 | },
66 | include_package_data=True,
67 | install_requires=install_requires,
68 | extras_require=extras_require,
69 | long_description=readme,
70 | keywords='stix cybox xml validation validator stix-validator',
71 | classifiers=[
72 | 'Development Status :: 5 - Production/Stable',
73 | 'Intended Audience :: Developers',
74 | 'License :: OSI Approved :: BSD License',
75 | 'Operating System :: OS Independent',
76 | 'Programming Language :: Python :: 3.8',
77 | 'Programming Language :: Python :: 3.9',
78 | 'Programming Language :: Python :: 3.10',
79 | 'Programming Language :: Python :: 3.11',
80 | 'Programming Language :: Python :: 3.12',
81 | ]
82 | )
83 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0/extensions/marking/simple_marking.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The Data Marking Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | Data Marking Extension - Simple Marking Instance
7 | 1.0
8 | 04/08/2013 9:00:00 AM
9 | Data Marking Extension - Simple Marking Instance - Schematic implementation for attaching a simple statement to an idendified XML structure.
10 | Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 | The SimpleMarkingStructureType is a basic implementation of the data marking schema that allows for a string statement to be associated with the data being marked. One example might be the application of a copyright statement to some data set.
17 |
18 |
19 |
20 |
21 |
22 |
23 | The statement to apply to the structure for which the Marking is to be applied.
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2.1/cybox/extensions/location/ciq_address_3.0.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | CybOX[TM] Version 2.1.1. Committee Specification Draft 01 / Public Review Draft 01
5 |
6 | CybOX Extension - CIQ Address 3.0 Instance
7 | 2.1.1
8 | 01/22/2014
9 | Cyber Observable eXpression (CybOX) Extension - CIQ Address 3.0 Instance - Schematic implementation for the using version 3.0 of CIQ to describe an Location within the CybOX cyber observable expression language.
10 | Copyright (c) OASIS Open 2016. All Rights Reserved.
11 | Distributed under the terms of the OASIS IPR Policy, [http://www.oasis-open.org/policies-guidelines/ipr], AS-IS, WITHOUT ANY IMPLIED OR EXPRESS WARRANTY; there is no warranty of MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE or NONINFRINGEMENT of the rights of others.
12 | Portions copyright (c) United States Government 2012-2016. All Rights Reserved.
13 | Source: http://docs.oasis-open.org/cti/cybox/v2.1.1/csprd01/schemas/
14 | Latest version of the specification: REPLACE_WITH_SPECIFICATION_URL
15 | TC IPR Statement: https://www.oasis-open.org/committees/cti/ipr.php
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 | The CIQAddress3.0InstanceType provides an extension to the AddressAbstractType which imports and leverages version 3.0 of the OASIS CIQ-PIL schema for structured characterization of Addresses.
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0.1/extensions/marking/simple_marking.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The Data Marking Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | Data Marking Extension - Simple Marking Instance
7 | 1.0.1
8 | 10/04/2013 9:00:00 AM
9 | Data Marking Extension - Simple Marking Instance - Schematic implementation for attaching a simple statement to an idendified XML structure.
10 | Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 | The SimpleMarkingStructureType is a basic implementation of the data marking schema that allows for a string statement to be associated with the data being marked. One example might be the application of a copyright statement to some data set.
17 |
18 |
19 |
20 |
21 |
22 |
23 | The statement to apply to the structure for which the Marking is to be applied.
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0.1/extensions/address/ciq_address_3.0.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | STIX Extension - CIQ Address 3.0 Instance
7 | 1.0.1
8 | 10/04/2013 9:00:00 AM
9 | Structured Threat Information eXpression (STIX) Extension - CIQ Address 3.0 Instance - Schematic implementation for the using version 3.0 of CIQ to describe an Address within the STIX structured cyber threat expression language architecture.
10 | Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 |
17 | The CIQAddress3.0InstanceType provides an extension to the AddressAbstractType which imports and leverages version 3.0 of the OASIS CIQ-PIL schema for structured characterization of Addresses.
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0/extensions/address/ciq_address_3.0.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | STIX Extension - CIQ Address 3.0 Instance
7 | 1.0
8 | 04/08/2013 9:00:00 AM
9 | Structured Threat Information eXpression (STIX) Extension - CIQ Address 3.0 Instance - Schematic implementation for the using version 3.0 of CIQ to describe an Address within the STIX structured cyber threat expression language architecture.
10 | Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 |
17 | The CIQAddress3.0InstanceType provides an extension to the AddressAbstractType which imports and leverages version 3.0 of the OASIS CIQ-PIL schema for structured characterization of Addresses.
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0.1/extensions/attack_pattern/capec_2.6.1.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | STIX Extension - CAPEC 2.6.1 Attack Pattern Instance
7 | 1.0.1
8 | 10/04/2013 9:00:00 AM
9 | Structured Threat Information eXpression (STIX) Extension - CAPEC Attack Pattern Instance - Schematic implementation for the using CAPEC 2.6.1 to describe an Attack Pattern within the STIX structured cyber threat expression language architecture.
10 | Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 |
17 | The CAPECInstanceType provides an extension to the APStructureAbstractType which imports and leverages the CAPEC 2.6.1 schema for structured characterization of Attack Patterns.
18 |
19 |
20 |
21 |
22 |
23 |
24 | The CAPEC field contains the structured specification of an Attack Pattern utilizing the CAPEC schema.
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0/extensions/attack_pattern/capec_2.5.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | STIX Extension - CAPEC 2.5 Attack Pattern Instance
7 | 1.0
8 | 04/08/2013 9:00:00 AM
9 | Structured Threat Information eXpression (STIX) Extension - CAPEC Attack Pattern Instance - Schematic implementation for the using CAPEC 2.5 to describe an Attack Pattern within the STIX structured cyber threat expression language architecture.
10 | Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 |
17 | The CAPECInstanceType provides an extension to the APStructureAbstractType which imports and leverages the CAPEC schema for structured characterization of Attack Patterns.
18 |
19 |
20 |
21 |
22 |
23 |
24 | The CAPEC field contains the structured specification of an Attack Pattern utilizing the CAPEC schema.
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
--------------------------------------------------------------------------------
/examples/stix/schema_invalid.xml:
--------------------------------------------------------------------------------
1 |
2 |
13 |
14 | STIX Validator Example
15 | INVALID
16 | This example document is STIX schema invalid.
17 |
18 |
19 |
20 | Sample Domain Watchlist Indicator
21 | Domain Watchlist
22 | Sample domain Indicator for this watchlist
23 |
24 | 2014-02-20T09:00:00.000000Z
25 |
26 |
27 |
28 |
29 | malicious1.example.com##comma##malicious2.example.com##comma##malicious3.example.com
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 | High
38 |
39 |
40 |
41 |
42 |
43 | Malware Infrastructure
44 |
45 |
46 |
47 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2/extensions/address/ciq_3.0_address.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | STIX Extension - CIQ Address 3.0 Instance
7 | 1.2
8 | 05/15/2015 9:00:00 AM
9 | Structured Threat Information eXpression (STIX) Extension - CIQ Address 3.0 Instance - Schematic implementation for the using version 3.0 of CIQ to describe an Address within the STIX structured cyber threat expression language architecture.
10 | Copyright (c) 2012-2015, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 |
17 | The CIQAddress3.0InstanceType provides an extension to the AddressAbstractType which imports and leverages version 3.0 of the OASIS CIQ-PIL schema for structured characterization of Addresses.
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1.1/extensions/address/ciq_3.0_address.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | STIX Extension - CIQ Address 3.0 Instance
7 | 1.1.1
8 | 05/08/2014 9:00:00 AM
9 | Structured Threat Information eXpression (STIX) Extension - CIQ Address 3.0 Instance - Schematic implementation for the using version 3.0 of CIQ to describe an Address within the STIX structured cyber threat expression language architecture.
10 | Copyright (c) 2012-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 |
17 | The CIQAddress3.0InstanceType provides an extension to the AddressAbstractType which imports and leverages version 3.0 of the OASIS CIQ-PIL schema for structured characterization of Addresses.
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2/extensions/attack_pattern/capec_2.7_attack_pattern.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | STIX Extension - CAPEC 2.7 Attack Pattern Instance
7 | 1.1
8 | 05/15/2015 9:00:00 AM
9 | Structured Threat Information eXpression (STIX) Extension - CAPEC Attack Pattern Instance - Schematic implementation for the using CAPEC 2.7 to describe an Attack Pattern within the STIX structured cyber threat expression language architecture.
10 | Copyright (c) 2012-2015, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 |
17 | The CAPECInstanceType provides an extension to the APStructureAbstractType which imports and leverages the CAPEC 2.7 schema for structured characterization of Attack Patterns.
18 |
19 |
20 |
21 |
22 |
23 |
24 | The CAPEC field contains the structured specification of an Attack Pattern utilizing the CAPEC schema.
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1.1/extensions/attack_pattern/capec_2.7_attack_pattern.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | STIX Extension - CAPEC 2.7 Attack Pattern Instance
7 | 1.0.1
8 | 05/08/2014 9:00:00 AM
9 | Structured Threat Information eXpression (STIX) Extension - CAPEC Attack Pattern Instance - Schematic implementation for the using CAPEC 2.7 to describe an Attack Pattern within the STIX structured cyber threat expression language architecture.
10 | Copyright (c) 2012-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 |
17 | The CAPECInstanceType provides an extension to the APStructureAbstractType which imports and leverages the CAPEC 2.7 schema for structured characterization of Attack Patterns.
18 |
19 |
20 |
21 |
22 |
23 |
24 | The CAPEC field contains the structured specification of an Attack Pattern utilizing the CAPEC schema.
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1/extensions/address/ciq_3.0_address.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | STIX Extension - CIQ Address 3.0 Instance
7 | 1.1
8 | 02/20/2014 9:00:00 AM
9 | Structured Threat Information eXpression (STIX) Extension - CIQ Address 3.0 Instance - Schematic implementation for the using version 3.0 of CIQ to describe an Address within the STIX structured cyber threat expression language architecture.
10 | Copyright (c) 2012-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 |
17 | The CIQAddress3.0InstanceType provides an extension to the AddressAbstractType which imports and leverages version 3.0 of the OASIS CIQ-PIL schema for structured characterization of Addresses.
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1/extensions/attack_pattern/capec_2.7_attack_pattern.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | STIX Extension - CAPEC 2.7 Attack Pattern Instance
7 | 1.0
8 | 02/20/2014 9:00:00 AM
9 | Structured Threat Information eXpression (STIX) Extension - CAPEC Attack Pattern Instance - Schematic implementation for the using CAPEC 2.7 to describe an Attack Pattern within the STIX structured cyber threat expression language architecture.
10 | Copyright (c) 2012-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 |
17 | The CAPECInstanceType provides an extension to the APStructureAbstractType which imports and leverages the CAPEC 2.7 schema for structured characterization of Attack Patterns.
18 |
19 |
20 |
21 |
22 |
23 |
24 | The CAPEC field contains the structured specification of an Attack Pattern utilizing the CAPEC schema.
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2/extensions/marking/simple_marking.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The Data Marking Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | Data Marking Extension - Simple Marking Instance
7 | 1.2
8 | 05/15/2015 9:00:00 AM
9 | Data Marking Extension - Simple Marking Instance - Schematic implementation for attaching a simple statement to an idendified XML structure.
10 | Copyright (c) 2012-2015, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 | The SimpleMarkingStructureType is a basic implementation of the data marking schema that allows for a string statement to be associated with the data being marked. One example might be the application of a copyright statement to some data set.
17 | Nodes may be marked by multiple SimpleMarking statements. When this occurs, all SimpleMarking statements applied to that node are considered valid. There is no resolution for SimpleMarking Statements that appear to conflict: the behavior is undefined at the STIX level.
18 |
19 |
20 |
21 |
22 |
23 |
24 | The statement to apply to the structure for which the Marking is to be applied.
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0/extensions/marking/tlp.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The Data Marking Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | Data Marking Extension - TLP
7 | 1.0
8 | 04/08/2013 9:00:00 AM
9 | Data Marking Extension - TLP Marking Instance - Schematic implementation for attaching a Traffic Light Protocol (TLP)designation to an idendified XML structure.
10 | Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 | The TLPMarkingStructureType is an implementation of the data marking schema that allows for a TLP Designation to be attached to an identified XML structure. Information about TLP is available here: http://www.us-cert.gov/tlp.
17 |
18 |
19 |
20 |
21 |
22 | The TLP color designation of the marked structure.
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 | The TLP color designation of the marked structure.
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0.1/extensions/malware/maec_4.0.1.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | STIX Extension - MAEC Malware Instance
7 | 1.0.1
8 | 10/04/2013 9:00:00 AM
9 | Structured Threat Information eXpression (STIX) Extension - MAEC 4.0.1 Malware Instance - Schematic implementation for the using MAEC 4.0.1 to describe Malware within the STIX structured cyber threat expression language architecture.
10 | Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 |
17 | The MAEC4.0InstanceType provides an extension to MalwareInstanceType which imports and leverages the MAEC 4.0.1 schema for structured characterization of Malware.
18 |
19 |
20 |
21 |
22 |
23 |
24 | The MAEC field contains the structured characterization of instances of Malware utilizing the MAEC Package schema.
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2.1/extensions/attack-pattern/capec-2.7-attack-pattern.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | STIX[TM] Version 1.2.1. Committee Specification Draft 01 / Public Review Draft 01
5 |
6 | STIX Extension - CAPEC 2.7 Attack Pattern Instance
7 | 1.2.1
8 | 05/15/2015 9:00:00 AM
9 | Structured Threat Information eXpression (STIX) Extension - CAPEC Attack Pattern Instance - Schematic implementation for the using CAPEC 2.7 to describe an Attack Pattern within the STIX structured cyber threat expression language architecture.
10 | Copyright (c) OASIS Open 2016. All Rights Reserved.
11 | Distributed under the terms of the OASIS IPR Policy, [http://www.oasis-open.org/policies-guidelines/ipr], AS-IS, WITHOUT ANY IMPLIED OR EXPRESS WARRANTY; there is no warranty of MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE or NONINFRINGEMENT of the rights of others.
12 | Portions copyright (c) United States Government 2012-2016. All Rights Reserved.
13 | Source: http://docs.oasis-open.org/cti/stix/v1.2.1/csprd01/schemas/
14 | Latest version of the specification: REPLACE_WITH_SPECIFICATION_URL
15 | TC IPR Statement: https://www.oasis-open.org/committees/cti/ipr.php
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 | The CAPEC2.7InstanceType provides an extension to the STIX TTP AttackPatternType class and belongs to the stix-capec namespace. It imports and leverages the CAPEC 2.7 schema for a structured characterization of attack patterns.
24 |
25 |
26 |
27 |
28 |
29 |
30 | The CAPEC property specifies the structured specification of an attack pattern utilizing the CAPEC schema.
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1/extensions/marking/simple_marking.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The Data Marking Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | Data Marking Extension - Simple Marking Instance
7 | 1.1
8 | 02/20/2014 9:00:00 AM
9 | Data Marking Extension - Simple Marking Instance - Schematic implementation for attaching a simple statement to an idendified XML structure.
10 | Copyright (c) 2012-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 | The SimpleMarkingStructureType is a basic implementation of the data marking schema that allows for a string statement to be associated with the data being marked. One example might be the application of a copyright statement to some data set.
17 | Nodes may be marked by multiple SimpleMarking statements. When this occurs, all SimpleMarking statements applied to that node are considered valid. There is no resolution for SimpleMarking Statements that appear to conflict: the behavior is undefined at the STIX level.
18 |
19 |
20 |
21 |
22 |
23 |
24 | The statement to apply to the structure for which the Marking is to be applied.
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1.1/extensions/marking/simple_marking.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The Data Marking Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | Data Marking Extension - Simple Marking Instance
7 | 1.1.1
8 | 05/08/2014 9:00:00 AM
9 | Data Marking Extension - Simple Marking Instance - Schematic implementation for attaching a simple statement to an idendified XML structure.
10 | Copyright (c) 2012-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 | The SimpleMarkingStructureType is a basic implementation of the data marking schema that allows for a string statement to be associated with the data being marked. One example might be the application of a copyright statement to some data set.
17 | Nodes may be marked by multiple SimpleMarking statements. When this occurs, all SimpleMarking statements applied to that node are considered valid. There is no resolution for SimpleMarking Statements that appear to conflict: the behavior is undefined at the STIX level.
18 |
19 |
20 |
21 |
22 |
23 |
24 | The statement to apply to the structure for which the Marking is to be applied.
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2/extensions/malware/maec_4.1_malware.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | STIX Extension - MAEC 4.1 Malware Instance
7 | 1.1
8 | 05/15/2015 9:00:00 AM
9 | Structured Threat Information eXpression (STIX) Extension - MAEC 4.1 Malware Instance - Schematic implementation for the using MAEC 4.1 to describe Malware within the STIX structured cyber threat expression language architecture.
10 | Copyright (c) 2012-2015, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 |
17 | The MAEC4.1InstanceType provides an extension to MalwareInstanceType which imports and leverages the MAEC 4.1 schema for structured characterization of Malware.
18 |
19 |
20 |
21 |
22 |
23 |
24 | The MAEC field contains the structured characterization of instances of Malware utilizing the MAEC Package schema.
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0.1/extensions/marking/tlp.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The Data Marking Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | Data Marking Extension - TLP
7 | 1.0.1
8 | 10/04/2013 9:00:00 AM
9 | Data Marking Extension - TLP Marking Instance - Schematic implementation for attaching a Traffic Light Protocol (TLP)designation to an idendified XML structure.
10 | Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 | The TLPMarkingStructureType is an implementation of the data marking schema that allows for a TLP Designation to be attached to an identified XML structure. Information about TLP is available here: http://www.us-cert.gov/tlp.
17 |
18 |
19 |
20 |
21 |
22 | The TLP color designation of the marked structure.
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 | The TLP color designation of the marked structure.
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1.1/extensions/malware/maec_4.1_malware.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | STIX Extension - MAEC 4.1 Malware Instance
7 | 1.0.1
8 | 05/08/2014 9:00:00 AM
9 | Structured Threat Information eXpression (STIX) Extension - MAEC 4.1 Malware Instance - Schematic implementation for the using MAEC 4.1 to describe Malware within the STIX structured cyber threat expression language architecture.
10 | Copyright (c) 2012-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 |
17 | The MAEC4.1InstanceType provides an extension to MalwareInstanceType which imports and leverages the MAEC 4.1 schema for structured characterization of Malware.
18 |
19 |
20 |
21 |
22 |
23 |
24 | The MAEC field contains the structured characterization of instances of Malware utilizing the MAEC Package schema.
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1/extensions/malware/maec_4.1_malware.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | STIX Extension - MAEC 4.1 Malware Instance
7 | 1.0
8 | 02/20/2014 9:00:00 AM
9 | Structured Threat Information eXpression (STIX) Extension - MAEC 4.1 Malware Instance - Schematic implementation for the using MAEC 4.1 to describe Malware within the STIX structured cyber threat expression language architecture.
10 | Copyright (c) 2012-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 |
17 | The MAEC4.1InstanceType provides an extension to MalwareInstanceType which imports and leverages the MAEC 4.1 schema for structured characterization of Malware.
18 |
19 |
20 |
21 |
22 |
23 |
24 | The MAEC field contains the structured characterization of instances of Malware utilizing the MAEC Package schema.
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
--------------------------------------------------------------------------------
/sdv/validators/cybox/common.py:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2015, The MITRE Corporation. All rights reserved.
2 | # See LICENSE.txt for complete terms.
3 |
4 | # builtin
5 | import functools
6 |
7 | # internal
8 | from sdv import errors, utils
9 |
10 |
11 | TAG_CYBOX_MAJOR = "cybox_major_version"
12 | TAG_CYBOX_MINOR = "cybox_minor_version"
13 | TAG_CYBOX_UPDATE = "cybox_update_version"
14 |
15 | CYBOX_VERSIONS = ('2.0', '2.0.1', '2.1')
16 |
17 |
18 | def get_version(doc):
19 | """Returns the version of the `observables` ``Observables`` node.
20 |
21 | Returns:
22 | A dotted-decimal a version string from the ``cybox_major``,
23 | ``cybox_minor`` and ``cybox_update`` attribute values.
24 |
25 | Raises:
26 | UnknownVersionError: If `observables` does not contain any of the
27 | following attributes:
28 |
29 | * ``cybox_major_version``
30 | * ``cybox_minor_version``
31 | * ``cybox_update_version``
32 |
33 | """
34 | observables = utils.get_etree_root(doc)
35 | cybox_major = observables.attrib.get(TAG_CYBOX_MAJOR)
36 | cybox_minor = observables.attrib.get(TAG_CYBOX_MINOR)
37 | cybox_update = observables.attrib.get(TAG_CYBOX_UPDATE)
38 |
39 | if not any((cybox_major, cybox_minor, cybox_update)):
40 | error = "The input CybOX document has no version information."
41 | raise errors.UnknownCyboxVersionError(error)
42 |
43 | if cybox_update not in (None, '0'):
44 | version = "%s.%s.%s" % (cybox_major, cybox_minor, cybox_update)
45 | else:
46 | version = "%s.%s" % (cybox_major, cybox_minor)
47 |
48 | return version
49 |
50 |
51 | def check_version(version):
52 | """Raises an exception if `version` is not a valid CybOX version.
53 |
54 | Args:
55 | version: A string CybOX version. Example: '2.1'
56 |
57 | Raises:
58 | .InvalidCyboxVersionError: If `version` is not a valid version of
59 | CybOX.
60 |
61 | """
62 | if version in CYBOX_VERSIONS:
63 | return
64 |
65 | raise errors.InvalidCyboxVersionError(
66 | message="Invalid CybOX version: '%s'" % version,
67 | expected=CYBOX_VERSIONS,
68 | found=version
69 | )
70 |
71 |
72 | def check_root(doc):
73 | if utils.is_cybox(doc):
74 | return
75 |
76 | error = "Input document does not contain a valid CybOX root element."
77 | raise errors.ValidationError(error)
78 |
79 |
80 | def check_cybox(func):
81 | """Decorator which checks that the input document is a CybOX document."""
82 | @functools.wraps(func)
83 | def inner(*args, **kwargs):
84 | try:
85 | doc = args[1]
86 | except IndexError:
87 | doc = kwargs['doc']
88 |
89 | # Get the root element for the input doc
90 | root = utils.get_etree_root(doc)
91 |
92 | # Check that the root is a valid CybOX root-level element
93 | check_root(root)
94 |
95 | return func(*args, **kwargs)
96 |
97 | return inner
98 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0/cybox/objects/Unix_Pipe_Object.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org.
5 |
6 | Unix_Pipe_Object
7 | 2.0
8 | 02/11/2013 9:00:00 AM
9 | The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML.
10 | Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 |
17 | The Unix_Pipe object is intended to characterize Unix pipes.
18 |
19 |
20 |
21 |
22 | The UnixPipeObjectType type is intended to characterize Unix pipes.
23 |
24 |
25 |
26 |
27 |
28 |
29 | The Permission_Mode field specifies the Unix permission mode for the pipe.
30 |
31 |
32 |
33 |
34 |
35 |
36 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0/external/oasis_ciq_3.0/xlink-2003-12-31.xsd:
--------------------------------------------------------------------------------
1 |
2 |
7 |
8 |
9 |
10 | XLink attribute specification
11 |
12 |
13 |
14 |
15 |
16 |
17 | Enumeration of values for the type attribute
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 | A URI with a minimum length of 1 character.
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 | A URI with a minimum length of 1 character.
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 |
57 |
58 |
59 | Enumeration of values for the show attribute
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 |
75 | Enumeration of values for the actuate attribute
76 |
77 |
78 |
79 |
80 |
81 |
82 |
83 |
84 |
85 |
86 |
87 |
88 |
89 |
90 |
91 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2.1/external/oasis_ciq_3.0/xlink-2003-12-31.xsd:
--------------------------------------------------------------------------------
1 |
2 |
7 |
8 |
9 |
10 | XLink attribute specification
11 |
12 |
13 |
14 |
15 |
16 |
17 | Enumeration of values for the type attribute
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 | A URI with a minimum length of 1 character.
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 | A URI with a minimum length of 1 character.
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 |
57 |
58 |
59 | Enumeration of values for the show attribute
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 |
75 | Enumeration of values for the actuate attribute
76 |
77 |
78 |
79 |
80 |
81 |
82 |
83 |
84 |
85 |
86 |
87 |
88 |
89 |
90 |
91 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2/external/oasis_ciq_3.0/xlink-2003-12-31.xsd:
--------------------------------------------------------------------------------
1 |
2 |
7 |
8 |
9 |
10 | XLink attribute specification
11 |
12 |
13 |
14 |
15 |
16 |
17 | Enumeration of values for the type attribute
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 | A URI with a minimum length of 1 character.
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 | A URI with a minimum length of 1 character.
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 |
57 |
58 |
59 | Enumeration of values for the show attribute
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 |
75 | Enumeration of values for the actuate attribute
76 |
77 |
78 |
79 |
80 |
81 |
82 |
83 |
84 |
85 |
86 |
87 |
88 |
89 |
90 |
91 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1.1/cybox/external/oasis_ciq_3.0/xlink-2003-12-31.xsd:
--------------------------------------------------------------------------------
1 |
2 |
7 |
8 |
9 |
10 | XLink attribute specification
11 |
12 |
13 |
14 |
15 |
16 |
17 | Enumeration of values for the type attribute
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 | A URI with a minimum length of 1 character.
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 | A URI with a minimum length of 1 character.
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 |
57 |
58 |
59 | Enumeration of values for the show attribute
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 |
75 | Enumeration of values for the actuate attribute
76 |
77 |
78 |
79 |
80 |
81 |
82 |
83 |
84 |
85 |
86 |
87 |
88 |
89 |
90 |
91 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2.1/cybox/external/oasis_ciq_3.0/xlink-2003-12-31.xsd:
--------------------------------------------------------------------------------
1 |
2 |
7 |
8 |
9 |
10 | XLink attribute specification
11 |
12 |
13 |
14 |
15 |
16 |
17 | Enumeration of values for the type attribute
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 | A URI with a minimum length of 1 character.
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 | A URI with a minimum length of 1 character.
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 |
57 |
58 |
59 | Enumeration of values for the show attribute
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 |
75 | Enumeration of values for the actuate attribute
76 |
77 |
78 |
79 |
80 |
81 |
82 |
83 |
84 |
85 |
86 |
87 |
88 |
89 |
90 |
91 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1.1/cybox/objects/Unix_Pipe_Object.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org.
5 |
6 | Unix_Pipe_Object
7 | 2.1
8 | 01/22/2014
9 | The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML.
10 | Copyright (c) 2012-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 |
17 | The Unix_Pipe object is intended to characterize Unix pipes.
18 |
19 |
20 |
21 |
22 | The UnixPipeObjectType type is intended to characterize Unix pipes.
23 |
24 |
25 |
26 |
27 |
28 |
29 | The Permission_Mode field specifies the Unix permission mode for the pipe.
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1/cybox/objects/Unix_Pipe_Object.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org.
5 |
6 | Unix_Pipe_Object
7 | 2.1
8 | 01/22/2014
9 | The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML.
10 | Copyright (c) 2012-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 |
17 | The Unix_Pipe object is intended to characterize Unix pipes.
18 |
19 |
20 |
21 |
22 | The UnixPipeObjectType type is intended to characterize Unix pipes.
23 |
24 |
25 |
26 |
27 |
28 |
29 | The Permission_Mode field specifies the Unix permission mode for the pipe.
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2/cybox/objects/Unix_Pipe_Object.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org.
5 |
6 | Unix_Pipe_Object
7 | 2.1
8 | 01/22/2014
9 | The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML.
10 | Copyright (c) 2012-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 |
17 | The Unix_Pipe object is intended to characterize Unix pipes.
18 |
19 |
20 |
21 |
22 | The UnixPipeObjectType type is intended to characterize Unix pipes.
23 |
24 |
25 |
26 |
27 |
28 |
29 | The Permission_Mode field specifies the Unix permission mode for the pipe.
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0/cybox/objects/Pipe_Object.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org.
5 |
6 | Pipe_Object
7 | 2.0
8 | 02/11/2013 9:00:00 AM
9 | The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML.
10 | Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 | The Pipe object is intended to characterize generic system pipes.
17 |
18 |
19 |
20 |
21 | The PipeObjectType type is intended to characterize generic system pipes.
22 |
23 |
24 |
25 |
26 |
27 |
28 | The Name field specifies the name of the pipe, if applicable.
29 |
30 |
31 |
32 |
33 |
34 | The named field specifies whether the pipe is named.
35 |
36 |
37 |
38 |
39 |
40 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1.1/extensions/marking/terms_of_use_marking.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation in coordination with Terry MacDonald. The Data Marking Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | Data Marking Extension - Terms Of Use Marking Instance
7 | 1.0.1
8 | 05/08/2014 9:00:00 AM
9 | Data Marking Extension - Terms Of Use Marking Instance - Schematic implementation for attaching a Terms Of Use statement to an idendified XML structure.
10 | Copyright (c) 2012-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 | The TermsOfUseMarkingStructureType is a basic implementation of the data marking schema that allows for a string statement describing the Terms Of Use to be associated with the data being marked.
17 | Nodes may be marked by multiple Terms Of Use Marking statements. When this occurs, all of the multiple Terms of Use Marking statements apply. Its up to the organization adding an additional Term Of User Marking statement to ensure that it's Terms Of Use does not conflict with any previously applied Terms Of Use Marking Statement.
18 |
19 |
20 |
21 |
22 |
23 |
24 | The Terms Of Use statement to apply to the structure for which the Marking is to be applied.
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.0.1/cybox/objects/Unix_Pipe_Object.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org.
5 |
6 | Unix_Pipe_Object
7 | 2.0.1
8 | 09/30/2013 9:00:00 AM
9 | The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML.
10 | Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 |
17 | The Unix_Pipe object is intended to characterize Unix pipes.
18 |
19 |
20 |
21 |
22 | The UnixPipeObjectType type is intended to characterize Unix pipes.
23 |
24 |
25 |
26 |
27 |
28 |
29 | The Permission_Mode field specifies the Unix permission mode for the pipe.
30 |
31 |
32 |
33 |
34 |
35 |
36 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1/cybox/objects/Pipe_Object.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org.
5 |
6 | Pipe_Object
7 | 2.1
8 | 01/22/2014
9 | The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML.
10 | Copyright (c) 2012-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 | The Pipe object is intended to characterize generic system pipes.
17 |
18 |
19 |
20 |
21 | The PipeObjectType type is intended to characterize generic system pipes.
22 |
23 |
24 |
25 |
26 |
27 |
28 | The Name field specifies the name of the pipe, if applicable.
29 |
30 |
31 |
32 |
33 |
34 | The named field specifies whether the pipe is named.
35 |
36 |
37 |
38 |
39 |
40 |
41 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2/cybox/objects/Pipe_Object.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org.
5 |
6 | Pipe_Object
7 | 2.1
8 | 01/22/2014
9 | The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML.
10 | Copyright (c) 2012-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 | The Pipe object is intended to characterize generic system pipes.
17 |
18 |
19 |
20 |
21 | The PipeObjectType type is intended to characterize generic system pipes.
22 |
23 |
24 |
25 |
26 |
27 |
28 | The Name field specifies the name of the pipe, if applicable.
29 |
30 |
31 |
32 |
33 |
34 | The named field specifies whether the pipe is named.
35 |
36 |
37 |
38 |
39 |
40 |
41 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.2/extensions/marking/terms_of_use_marking.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation in coordination with Terry MacDonald. The Data Marking Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | Data Marking Extension - Terms Of Use Marking Instance
7 | 1.1
8 | 05/15/2015 9:00:00 AM
9 | Data Marking Extension - Terms Of Use Marking Instance - Schematic implementation for attaching a Terms Of Use statement to an idendified XML structure.
10 | Copyright (c) 2012-2015, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 | The TermsOfUseMarkingStructureType is a basic implementation of the data marking schema that allows for a string statement describing the Terms Of Use to be associated with the data being marked.
17 | Nodes may be marked by multiple Terms Of Use Marking statements. When this occurs, all of the multiple Terms of Use Marking statements apply. Its up to the organization adding an additional Term Of User Marking statement to ensure that it's Terms Of Use does not conflict with any previously applied Terms Of Use Marking Statement.
18 |
19 |
20 |
21 |
22 |
23 |
24 | The Terms Of Use statement to apply to the structure for which the Marking is to be applied.
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1.1/cybox/objects/Pipe_Object.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org.
5 |
6 | Pipe_Object
7 | 2.1
8 | 01/22/2014
9 | The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML.
10 | Copyright (c) 2012-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 | The Pipe object is intended to characterize generic system pipes.
17 |
18 |
19 |
20 |
21 | The PipeObjectType type is intended to characterize generic system pipes.
22 |
23 |
24 |
25 |
26 |
27 |
28 | The Name field specifies the name of the pipe, if applicable.
29 |
30 |
31 |
32 |
33 |
34 | The named field specifies whether the pipe is named.
35 |
36 |
37 |
38 |
39 |
40 |
41 |
--------------------------------------------------------------------------------
/sdv/resources/xsd/stix_1.1/extensions/marking/terms_of_use_marking.xsd:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | This schema was originally developed by The MITRE Corporation in coordination with Terry MacDonald. The Data Marking Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
5 |
6 | Data Marking Extension - Terms Of Use Marking Instance
7 | 1.0
8 | 02/20/2014 9:00:00 AM
9 | Data Marking Extension - Terms Of Use Marking Instance - Schematic implementation for attaching a Terms Of Use statement to an idendified XML structure.
10 | Copyright (c) 2012-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included.
11 |
12 |
13 |
14 |
15 |
16 | The TermsOfUseMarkingStructureType is a basic implementation of the data marking schema that allows for a string statement describing the Terms Of Use to be associated with the data being marked.
17 | Nodes may be marked by multiple Terms Of Use Marking statements. When this occurs, all of the multiple Terms of Use Marking statements apply. Its up to the organization adding an additional Term Of User Marking statement to ensure that it's Terms Of Use does not conflict with any previously applied Terms Of Use Marking Statement.
18 |
19 |
20 |
21 |
22 |
23 |
24 | The Terms Of Use statement to apply to the structure for which the Marking is to be applied.
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
--------------------------------------------------------------------------------