SPIF XML Schema

Introduction

A schema was developed to encompass all the elements of SDN.801 and X.841 SPIFs, and provide a schema that would allow editing with even the most basic of XML editorrs. The details of the developed schema are:

Namespace:	http://www.smhs.co.uk/securitypolicy
Location:	http://www.smhs.co.uk/docs/spif/smhssp.xsd

With this schema, a very simple policy may look like:

<?xml version="1.0" encoding="UTF-8"?>
<sp:SPIF xmlns:sp="http://www.smhs.co.uk/securitypolicy"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.smhs.co.uk/securitypolicy http://www.smhs.co.uk/docs/spif/smhssp.xsd"
    creationDate="2005021910000Z" rbacId="2.16.840.1.101.2.1.8.1"
    originatorDN="o=smhs ltd,c=gb" privilegeId="2.16.840.1.101.2.1.8.2"
    keyIdentifier="12345678">
    <securityPolicyId id="1.2.3.4" name="Simple"/>
    <securityClassification name="Unclassified" lacv="1" hierarchy="1"/>
    <securityClassification name="Restricted" lacv="2" hierarchy="2"/>
    <securityClassification name="Confidential" lacv="3" hierarchy="3"/>
    <securityClassification name="Secret" lacv="4" hierarchy="4"/>
    <securityClassification name="Top Secret" lacv="5" hierarchy="5"/>
</sp:SPIF>


This is the current stable version of the schema, though new versions are under development.

Some of the design decisions made when developing the schema are outlined below.

Data Formats

Some of the fields are not fully expanded into the XML Schema and a string encoding is adopted instead. Specifically these are:

• distinguished names - which are represented in LDAP format
• object identifiers - which are represented in dotted string notation
• times - which are represented in Generalised Time string format

References

A SPIF maintains a lot of internal references, and in the ASN.1 defintions these are maintain through OIDs and integers. Wherever possible within the schema, readable strings have been adopted. For example, excludedClassification identifies a classification name rather than its integer (LACV) value. This allows simple XML editors to be used which can provide a option menu of values with human-readable values rather than integers. This is however at the expense of requiring all classification names to be unique, although this may be seen as beneficial.

The XML schema will also verify that internal references are correct. For example, that an unknown classification cannot be referenced as an exclusion, or that a tag equivalency cannot be made to unknown policy.

Further the schema verifies that values are unique, for example, classifications must have unique LACV values.

Within the ASN.1 definition of a SPIF, there is no way to describe these checks for applications to verify the integrity of the SPIF. However, the schema does not cover all possible referential integrity checks - for example, that a classification allows a category which in turn prohibits the classification.

Feature Requests

The schema is still evolving and there are further things that may be incorporated into the schema, including

• XML-oriented, date representation
• Tag references to use names as opposed to integers (e.g. in requiredCategory)
• Further referential integrity checks (e.g. LACV within tag sets)
• Security tag encoding e.g. missiStandardSecurityLabel, STANAG 4406 Ed.1