ISM: Review success of swappable CVE approach


(Imported from Google Code)
DDMSence allows an end user to switch to another set of CVEs to validate against different versions of ISM (or higher classification editions within the same version). This is fine with DDMS 2.0 / 3.0 and ISM V2.

However, with DDMS 3.1 and ISM V5, the ISM schema also contains included schemas for each of the CVEs. If the end user were to swap CVEs here, the schema would continue to use the original V5 values that come bundled with DDMSence. Example:

  • A supersecret edition of ISM V5 CVEs has "SS" as a valid classificatiom.

  • This edition puts "SS" in both the schemas and the CVEs.

  • An end user of DDMSence wants to use "SS". The base DDMSence installation is bundled with the V5 Public Release schemas and CVEs. The user's data would fail here.

  • The end user sets the configurable property to use a different CVE, pointing to his local copy of the super secret ones.

  • The resource would still fail to validate (without even getting to the CVE validation) because the schemas bundled with DDMSence don't allow "SS".

  • Even setting CVE validation to warnings instead of errors would not work, because it is the schema that is preventing the "SS" value from being used.

Instead of a single "customEnumLocation" property which swaps out vocabularies, maybe the entire ISM hierarchy (starting from DDMS-Includes.xsd) needs to be swappable. This approach will be confusing if done side-by-side with the basic approach needed for DDMS 2.0 and 3.1, but future versions of DDMS are not going to get any easier.


Brian Uri


Brian Uri



Fix versions