The following code is an XSDL representation of the default ruleset provided in the Novell Opensuse 10.0 OSS SuSEfirewall2 system. Only the metadata portion of the original document is shown for brevity purposes. To review the following markup position with respect to the document as an entity, navigate to the following location - Netfilter Example.

<?xml version="1.0" encoding="US-ASCII"?>
<SecureDocument xmlns="http://www.maitreyasecurity.com/namespaces/xsdl/0.0.1" xml:id="Sf2Opensuse10.0" xml:lang="en_US">
    <DocumentInfo classification="confidential">
        <ClientId>00001</ClientId>
        <SecurityManagement>
            <ChangeControl>
                <RevisionId>$Id$</RevisionId>
                <Author>thomasrjones</Author>
                <Reviewer>thomasrjones</Reviewer>
            </ChangeControl>
            <AccessControl>
                    <User uid="0">rw-</User>
                    <Group gid="0">r--</Group>
                    <Other>---</Other>
                    <NamedUser uid="1000">rw-</NamedUser>
            </AccessControl>
        </SecurityManagement>
    </DocumentInfo>

The above code is implemented as such:

Line 1

The document prolog - conforms to standardized XML declaration syntax. Declares the version that the XML processor should utilize; as well as the character encoding utilized throughout this document. The XML declaration entity is optional, however it is highly recommended.

May include a version attribute. The available values for this attribute are:

The "1.1" version number value may not be supported by your preferred XML processor. Review your processor application's documentation to determine if an compatability problem is present.

May include a encoding attribute. The available values for this attribute are specified by the International Standards Organization.

Line 3

The SecureDocument element is the root element. It must contain all the document's content. The only exception to this rule is the document prolog previously discussed. This element is required for all document instances derived from the XSDL document model.

Line 4

The DocumentInfo element provides a container for all content related to the document. This metadata does not refer to the data itself, but rather the document in it's entirety. This element is optional, however it is highly recommended.

May include a classification attribute. The example document is specified as belonging to a "confidential" classification within the usage environments security scheme. This attribute value must be one of the following tokens:

top secret
secret
confidential
sensitive but unclassified
unclassified
proprietary
private
sensitive
public

May include a sensitivity attribute. This attribute value must be one of the following tokens:

top secret
secret
confidential
sensitive but unclassified
unclassified
proprietary
private
sensitive
public

Line 5

The ClientId element is an internal reference to the client of the author and/or authoring entity. This element is optional.

Cryptography keys

We utilize a number of keys to digitally sign our documents. Please do not send communications encrypted with these keys. These keys are for integrity validation evaluations only.

You may access these keys from the menu located on the left.

XSDL Research

› introduction

› concepts

› changelog

› requirements

› versioning

› examples

› alert

› bugtraq

› netfilter

› osstmm

› implementations

› language

› strategic plan

› download

Copyright © 2008 Maitreya Security Ltd. Co. All Rights Reserved. Maitreya Security, the Maitreya Security logo, and the Extensible Security Document Language are trademarks of Maitreya Security Ltd. Co. in the United States and other countries.