blob: 4048a57460dc717af6881e52b5cbb05d1489f64d [file] [log] [blame]
Constantin Ziesche857c7ab2020-02-25 11:24:51 +01001<?xml version="1.0" encoding="UTF-8"?>
2<schema xmlns="http://www.w3.org/2001/XMLSchema"
3 targetNamespace="http://www.admin-shell.io/aas/abac/2/0"
4 elementFormDefault="qualified"
5 xmlns:aas="http://www.admin-shell.io/aas/2/0"
6 xmlns:abac="http://www.admin-shell.io/aas/abac/2/0">
7
8 <import schemaLocation="AAS.xsd" namespace="http://www.admin-shell.io/aas/2/0"></import>
9
10 <complexType name="security_t">
11 <sequence>
12 <element name="accessControlPolicyPoints"
13 type="abac:accessControlPolicyPoints_t" minOccurs="1"
14 maxOccurs="1">
15 </element>
16 <element name="certificates" type="abac:certificates_t"
17 minOccurs="0" maxOccurs="1">
18 </element>
19 <element name="requiredCertificateExtensions" minOccurs="0" maxOccurs="1" type="aas:references_t"></element>
20 </sequence>
21 </complexType>
22
23
24 <complexType name="accessControlPolicyPoints_t">
25 <sequence>
26 <element name="policyAdministrationPoint" minOccurs="1" maxOccurs="1" type="abac:policyAdministrationPoint_t"></element>
27 <element name="policyDecisionPoint" type="abac:policyDecisionPoint_t" minOccurs="1" maxOccurs="1"></element>
28 <element name="policyEnforcementPoint" type="abac:policyEnforcementPoint_t" minOccurs="1" maxOccurs="1"></element>
29 <element name="policyInformationPoints" type="abac:policyInformationPoints_t" minOccurs="0" maxOccurs="1"></element>
30 </sequence>
31 </complexType>
32
33 <complexType name="policyAdministrationPoint_t">
34 <sequence>
35 <element name="localAccessControl"
36 type="abac:accessControl_t" minOccurs="0" maxOccurs="1">
37 </element>
38 <element name="externalAccessControl" type="boolean" minOccurs="0" maxOccurs="1"></element>
39 </sequence>
40 </complexType>
41
42 <complexType name="policyDecisionPoint_t">
43 <sequence>
44 <element name="externalPolicyDecisionPoint" type="boolean" minOccurs="1" maxOccurs="1"></element>
45 </sequence>
46 </complexType>
47
48 <complexType name="policyEnforcementPoint_t">
49 <sequence>
50 <element name="externalPolicyEnforcementPoint" type="boolean" minOccurs="1" maxOccurs="1"></element>
51 </sequence>
52 </complexType>
53
54 <complexType name="policyInformationPoints_t">
55 <sequence>
56 <element name="externalInformationPoints"
57 type="boolean" minOccurs="1" maxOccurs="1">
58 </element>
59 <element name="internalInformationPoints" type="abac:internalInformationPoints" minOccurs="0" maxOccurs="1"></element>
60 </sequence>
61 </complexType>
62
63 <complexType name="internalInformationPoints">
64 <sequence>
65 <element name="internalInformationPoint" type="aas:submodelRefs_t" minOccurs="0" maxOccurs="unbounded"></element>
66 </sequence>
67 </complexType>
68
69 <complexType name="accessControl_t">
70 <sequence>
71 <element name="selectableSubjectAttributes" type="aas:reference_t" minOccurs="0" maxOccurs="1"></element>
72 <element name="defaultSubjectAttributes" type="aas:reference_t" minOccurs="1" maxOccurs="1"></element>
73 <element name="selectablePermissions" type="aas:reference_t" minOccurs="0" maxOccurs="1"></element>
74 <element name="defaultPermissions" type="aas:reference_t" minOccurs="1" maxOccurs="1"> </element>
75 <element name="selectableEnvironmentAttributes" type="aas:reference_t" minOccurs="0" maxOccurs="1"></element>
76 <element name="defaultEnvironmentAttributes" type="aas:reference_t" minOccurs="0" maxOccurs="1"></element>
77 <element name="accessPermissionRules" type="abac:accessPermissionRules_t" minOccurs="0" maxOccurs="1"></element>
78 </sequence>
79 </complexType>
80
81 <complexType name="permissionPerObject_t">
82 <sequence>
83 <element name="object" type="aas:reference_t"></element>
84 <element name="targetObjectAttributes" type="abac:objectAttributes_t" minOccurs="0" maxOccurs="1"></element>
85 <element name="permissions" type="abac:permissions_t" minOccurs="0" maxOccurs="1"></element>
86 </sequence>
87 </complexType>
88
89 <complexType name="objectAttributes_t">
90 <sequence>
91 <element name="objectAttribute" type="aas:property_t" minOccurs="1" maxOccurs="unbounded"></element>
92 </sequence>
93 </complexType>
94
95 <complexType name="permissions_t">
96 <sequence>
97 <element name="permission" type="aas:property_t" minOccurs="1" maxOccurs="1"></element>
98 <element name="kindOfPermission" type="abac:permissionKind"></element>
99 </sequence>
100 </complexType>
101
102 <simpleType name="permissionKind">
103 <restriction base="string">
104 <enumeration value="Allow"></enumeration>
105 <enumeration value="Deny"></enumeration>
106 <enumeration value="NotApplicable"></enumeration>
107 <enumeration value="Undefined"></enumeration>
108 </restriction>
109 </simpleType>
110
111 <complexType name="accessPermissionRule_t">
112 <sequence>
113 <group ref="aas:qualifiable"></group>
114 <group ref="aas:referable"></group>
115 <element name="targetSubjectAttributes" type="abac:subjectAttributes_t" minOccurs="1" maxOccurs="unbounded"></element>
116 <element name="permissionsPerObject" type="abac:permissionPerObject_t" minOccurs="0" maxOccurs="unbounded"></element>
117 </sequence>
118 </complexType>
119
120 <complexType name="subjectAttributes_t">
121 <sequence>
122 <element name="subjectAttribute" type="aas:property_t" minOccurs="1" maxOccurs="unbounded"></element>
123 </sequence>
124 </complexType>
125
126 <complexType name="certificates_t">
127 <sequence>
128 <element name="certificate" type="abac:certificate_t" minOccurs="1" maxOccurs="unbounded"></element>
129 </sequence>
130 </complexType>
131
132 <complexType name="certificate_t">
133 <choice>
134 <element name="blobCertificate" type="abac:blobCertificate_t"></element>
135 </choice>
136 </complexType>
137
138
139 <element name="internalInformationPoints" type="aas:submodelRefs_t" />
140
141
142 <complexType name="accessPermissionRules_t">
143 <sequence>
144 <element name="accessPermissionRule" type="abac:accessPermissionRule_t" minOccurs="0" maxOccurs="unbounded"></element>
145 </sequence>
146 </complexType>
147
148
149 <complexType name="certificateAbstract_t">
150 </complexType>
151
152 <complexType name="blobCertificate_t">
153 <complexContent>
154 <extension base="abac:certificateAbstract_t">
155 <sequence>
156 <element name="blobCertificate" type="aas:blob_t"></element>
157 <element name="containedExtensions"
158 type="abac:containedExtensions_t" minOccurs="0" maxOccurs="1">
159 </element>
160 <element name="lastCertificate" type="boolean"></element>
161 </sequence>
162 </extension>
163 </complexContent>
164 </complexType>
165
166 <complexType name="containedExtensions_t">
167 <sequence>
168 <element name="containedExtension" type="aas:reference_t" minOccurs="0" maxOccurs="unbounded"></element>
169 </sequence>
170 </complexType>
171</schema>